OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/safe_browsing/ping_manager.h" | 5 #include "chrome/browser/safe_browsing/ping_manager.h" |
6 | 6 |
7 #include "base/logging.h" | 7 #include "base/logging.h" |
8 #include "base/stl_util.h" | 8 #include "base/stl_util.h" |
9 #include "base/strings/string_util.h" | 9 #include "base/strings/string_util.h" |
10 #include "base/strings/stringprintf.h" | 10 #include "base/strings/stringprintf.h" |
| 11 #include "chrome/browser/net/certificate_error_reporter.h" |
11 #include "chrome/common/env_vars.h" | 12 #include "chrome/common/env_vars.h" |
12 #include "content/public/browser/browser_thread.h" | 13 #include "content/public/browser/browser_thread.h" |
13 #include "google_apis/google_api_keys.h" | 14 #include "google_apis/google_api_keys.h" |
14 #include "net/base/escape.h" | 15 #include "net/base/escape.h" |
15 #include "net/base/load_flags.h" | 16 #include "net/base/load_flags.h" |
| 17 #include "net/ssl/ssl_info.h" |
16 #include "net/url_request/url_fetcher.h" | 18 #include "net/url_request/url_fetcher.h" |
17 #include "net/url_request/url_request_context_getter.h" | 19 #include "net/url_request/url_request_context_getter.h" |
18 #include "net/url_request/url_request_status.h" | 20 #include "net/url_request/url_request_status.h" |
| 21 #include "url/gurl.h" |
19 | 22 |
| 23 using chrome_browser_net::CertificateErrorReporter; |
20 using content::BrowserThread; | 24 using content::BrowserThread; |
21 | 25 |
| 26 namespace { |
| 27 // URL to upload invalid certificate chain reports |
| 28 // TODO(estark): Fill this in with the real URL when live. |
| 29 const char kExtendedReportingUploadUrl[] = ""; |
| 30 } // namespace |
| 31 |
22 // SafeBrowsingPingManager implementation ---------------------------------- | 32 // SafeBrowsingPingManager implementation ---------------------------------- |
23 | 33 |
24 // static | 34 // static |
25 SafeBrowsingPingManager* SafeBrowsingPingManager::Create( | 35 SafeBrowsingPingManager* SafeBrowsingPingManager::Create( |
26 net::URLRequestContextGetter* request_context_getter, | 36 net::URLRequestContextGetter* request_context_getter, |
27 const SafeBrowsingProtocolConfig& config) { | 37 const SafeBrowsingProtocolConfig& config) { |
28 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 38 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); |
29 return new SafeBrowsingPingManager(request_context_getter, config); | 39 return new SafeBrowsingPingManager(request_context_getter, config); |
30 } | 40 } |
31 | 41 |
32 SafeBrowsingPingManager::SafeBrowsingPingManager( | 42 SafeBrowsingPingManager::SafeBrowsingPingManager( |
33 net::URLRequestContextGetter* request_context_getter, | 43 net::URLRequestContextGetter* request_context_getter, |
34 const SafeBrowsingProtocolConfig& config) | 44 const SafeBrowsingProtocolConfig& config) |
35 : client_name_(config.client_name), | 45 : client_name_(config.client_name), |
36 request_context_getter_(request_context_getter), | 46 request_context_getter_(request_context_getter), |
37 url_prefix_(config.url_prefix) { | 47 url_prefix_(config.url_prefix), |
| 48 certificate_error_reporter_( |
| 49 request_context_getter |
| 50 ? new CertificateErrorReporter( |
| 51 request_context_getter->GetURLRequestContext(), |
| 52 GURL(kExtendedReportingUploadUrl), |
| 53 CertificateErrorReporter::SEND_COOKIES) |
| 54 : nullptr) { |
38 DCHECK(!url_prefix_.empty()); | 55 DCHECK(!url_prefix_.empty()); |
39 | 56 |
40 version_ = SafeBrowsingProtocolManagerHelper::Version(); | 57 version_ = SafeBrowsingProtocolManagerHelper::Version(); |
41 } | 58 } |
42 | 59 |
43 SafeBrowsingPingManager::~SafeBrowsingPingManager() { | 60 SafeBrowsingPingManager::~SafeBrowsingPingManager() { |
44 // Delete in-progress safebrowsing reports (hits and details). | 61 // Delete in-progress safebrowsing reports (hits and details). |
45 STLDeleteContainerPointers(safebrowsing_reports_.begin(), | 62 STLDeleteContainerPointers(safebrowsing_reports_.begin(), |
46 safebrowsing_reports_.end()); | 63 safebrowsing_reports_.end()); |
47 } | 64 } |
(...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
88 report_url, net::URLFetcher::POST, this); | 105 report_url, net::URLFetcher::POST, this); |
89 fetcher->SetLoadFlags(net::LOAD_DISABLE_CACHE); | 106 fetcher->SetLoadFlags(net::LOAD_DISABLE_CACHE); |
90 fetcher->SetRequestContext(request_context_getter_.get()); | 107 fetcher->SetRequestContext(request_context_getter_.get()); |
91 fetcher->SetUploadData("application/octet-stream", report); | 108 fetcher->SetUploadData("application/octet-stream", report); |
92 // Don't try too hard to send reports on failures. | 109 // Don't try too hard to send reports on failures. |
93 fetcher->SetAutomaticallyRetryOn5xx(false); | 110 fetcher->SetAutomaticallyRetryOn5xx(false); |
94 fetcher->Start(); | 111 fetcher->Start(); |
95 safebrowsing_reports_.insert(fetcher); | 112 safebrowsing_reports_.insert(fetcher); |
96 } | 113 } |
97 | 114 |
| 115 void SafeBrowsingPingManager::ReportInvalidCertificateChain( |
| 116 const std::string& hostname, |
| 117 const net::SSLInfo& ssl_info) { |
| 118 DCHECK(certificate_error_reporter_); |
| 119 certificate_error_reporter_->SendReport( |
| 120 CertificateErrorReporter::REPORT_TYPE_EXTENDED_REPORTING, hostname, |
| 121 ssl_info); |
| 122 } |
| 123 |
| 124 void SafeBrowsingPingManager::SetCertificateErrorReporterForTesting( |
| 125 scoped_ptr<CertificateErrorReporter> certificate_error_reporter) { |
| 126 certificate_error_reporter_ = certificate_error_reporter.Pass(); |
| 127 } |
| 128 |
98 GURL SafeBrowsingPingManager::SafeBrowsingHitUrl( | 129 GURL SafeBrowsingPingManager::SafeBrowsingHitUrl( |
99 const GURL& malicious_url, const GURL& page_url, | 130 const GURL& malicious_url, const GURL& page_url, |
100 const GURL& referrer_url, bool is_subresource, | 131 const GURL& referrer_url, bool is_subresource, |
101 SBThreatType threat_type) const { | 132 SBThreatType threat_type) const { |
102 DCHECK(threat_type == SB_THREAT_TYPE_URL_MALWARE || | 133 DCHECK(threat_type == SB_THREAT_TYPE_URL_MALWARE || |
103 threat_type == SB_THREAT_TYPE_URL_PHISHING || | 134 threat_type == SB_THREAT_TYPE_URL_PHISHING || |
104 threat_type == SB_THREAT_TYPE_URL_UNWANTED || | 135 threat_type == SB_THREAT_TYPE_URL_UNWANTED || |
105 threat_type == SB_THREAT_TYPE_BINARY_MALWARE_URL || | 136 threat_type == SB_THREAT_TYPE_BINARY_MALWARE_URL || |
106 threat_type == SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL || | 137 threat_type == SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL || |
107 threat_type == SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL); | 138 threat_type == SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL); |
(...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
144 url_prefix_.c_str(), | 175 url_prefix_.c_str(), |
145 client_name_.c_str(), | 176 client_name_.c_str(), |
146 version_.c_str()); | 177 version_.c_str()); |
147 std::string api_key = google_apis::GetAPIKey(); | 178 std::string api_key = google_apis::GetAPIKey(); |
148 if (!api_key.empty()) { | 179 if (!api_key.empty()) { |
149 base::StringAppendF(&url, "&key=%s", | 180 base::StringAppendF(&url, "&key=%s", |
150 net::EscapeQueryParamValue(api_key, true).c_str()); | 181 net::EscapeQueryParamValue(api_key, true).c_str()); |
151 } | 182 } |
152 return GURL(url); | 183 return GURL(url); |
153 } | 184 } |
OLD | NEW |