Chromium Code Reviews Chromium Code Reviews
Issue 935663004:
Add checkbox for reporting invalid TLS/SSL cert chains (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/safe_browsing/ping_manager.h" | 5 #include "chrome/browser/safe_browsing/ping_manager.h" |
| 6 | 6 |
| 7 #include "base/logging.h" | 7 #include "base/logging.h" |
| 8 #include "base/stl_util.h" | 8 #include "base/stl_util.h" |
| 9 #include "base/strings/string_util.h" | 9 #include "base/strings/string_util.h" |
| 10 #include "base/strings/stringprintf.h" | 10 #include "base/strings/stringprintf.h" |
| 11 #include "chrome/browser/net/certificate_error_reporter.h" | |
| 11 #include "chrome/common/env_vars.h" | 12 #include "chrome/common/env_vars.h" |
| 12 #include "content/public/browser/browser_thread.h" | 13 #include "content/public/browser/browser_thread.h" |
| 13 #include "google_apis/google_api_keys.h" | 14 #include "google_apis/google_api_keys.h" |
| 14 #include "net/base/escape.h" | 15 #include "net/base/escape.h" |
| 15 #include "net/base/load_flags.h" | 16 #include "net/base/load_flags.h" |
| 17 #include "net/ssl/ssl_info.h" | |
| 16 #include "net/url_request/url_fetcher.h" | 18 #include "net/url_request/url_fetcher.h" |
| 17 #include "net/url_request/url_request_context_getter.h" | 19 #include "net/url_request/url_request_context_getter.h" |
| 18 #include "net/url_request/url_request_status.h" | 20 #include "net/url_request/url_request_status.h" |
| 21 #include "url/gurl.h" | |
| 19 | 22 |
| 23 using chrome_browser_net::CertificateErrorReporter; | |
| 20 using content::BrowserThread; | 24 using content::BrowserThread; |
| 21 | 25 |
| 22 // SafeBrowsingPingManager implementation ---------------------------------- | 26 // SafeBrowsingPingManager implementation ---------------------------------- |
| 23 | 27 |
| 24 // static | 28 // static |
| 25 SafeBrowsingPingManager* SafeBrowsingPingManager::Create( | 29 SafeBrowsingPingManager* SafeBrowsingPingManager::Create( |
| 26 net::URLRequestContextGetter* request_context_getter, | 30 net::URLRequestContextGetter* request_context_getter, |
| 27 const SafeBrowsingProtocolConfig& config) { | 31 const SafeBrowsingProtocolConfig& config) { |
| 28 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 32 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); |
| 29 return new SafeBrowsingPingManager(request_context_getter, config); | 33 return new SafeBrowsingPingManager(request_context_getter, config); |
| 30 } | 34 } |
| 31 | 35 |
| 32 SafeBrowsingPingManager::SafeBrowsingPingManager( | 36 SafeBrowsingPingManager::SafeBrowsingPingManager( |
| 33 net::URLRequestContextGetter* request_context_getter, | 37 net::URLRequestContextGetter* request_context_getter, |
| 34 const SafeBrowsingProtocolConfig& config) | 38 const SafeBrowsingProtocolConfig& config) |
| 35 : client_name_(config.client_name), | 39 : client_name_(config.client_name), |
| 36 request_context_getter_(request_context_getter), | 40 request_context_getter_(request_context_getter), |
| 37 url_prefix_(config.url_prefix) { | 41 url_prefix_(config.url_prefix), |
| 42 certificate_error_reporter_(new CertificateErrorReporter( | |
| 43 request_context_getter->GetURLRequestContext(), | |
| 44 GURL(chrome_browser_net::kExtendedReportingUploadUrl))) { | |
| 38 DCHECK(!url_prefix_.empty()); | 45 DCHECK(!url_prefix_.empty()); |
| 39 | 46 |
| 40 version_ = SafeBrowsingProtocolManagerHelper::Version(); | 47 version_ = SafeBrowsingProtocolManagerHelper::Version(); |
| 41 } | 48 } |
| 42 | 49 |
| 43 SafeBrowsingPingManager::~SafeBrowsingPingManager() { | 50 SafeBrowsingPingManager::~SafeBrowsingPingManager() { |
| 44 // Delete in-progress safebrowsing reports (hits and details). | 51 // Delete in-progress safebrowsing reports (hits and details). |
| 45 STLDeleteContainerPointers(safebrowsing_reports_.begin(), | 52 STLDeleteContainerPointers(safebrowsing_reports_.begin(), |
| 46 safebrowsing_reports_.end()); | 53 safebrowsing_reports_.end()); |
| 47 } | 54 } |
| (...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 88 report_url, net::URLFetcher::POST, this); | 95 report_url, net::URLFetcher::POST, this); |
| 89 fetcher->SetLoadFlags(net::LOAD_DISABLE_CACHE); | 96 fetcher->SetLoadFlags(net::LOAD_DISABLE_CACHE); |
| 90 fetcher->SetRequestContext(request_context_getter_.get()); | 97 fetcher->SetRequestContext(request_context_getter_.get()); |
| 91 fetcher->SetUploadData("application/octet-stream", report); | 98 fetcher->SetUploadData("application/octet-stream", report); |
| 92 // Don't try too hard to send reports on failures. | 99 // Don't try too hard to send reports on failures. |
| 93 fetcher->SetAutomaticallyRetryOn5xx(false); | 100 fetcher->SetAutomaticallyRetryOn5xx(false); |
| 94 fetcher->Start(); | 101 fetcher->Start(); |
| 95 safebrowsing_reports_.insert(fetcher); | 102 safebrowsing_reports_.insert(fetcher); |
| 96 } | 103 } |
| 97 | 104 |
| 105 void SafeBrowsingPingManager::ReportInvalidCertificateChain( | |
| 106 const std::string& hostname, | |
| 107 const net::SSLInfo& ssl_info) { | |
| 108 certificate_error_reporter_->SendReport( | |
| 109 CertificateErrorReporter::REPORT_TYPE_EXTENDED_REPORTING, hostname, | |
| 110 ssl_info); | |
| 111 } | |
| 112 | |
| 113 void SafeBrowsingPingManager::SetCertificateErrorReporterForTesting( | |
| 114 scoped_ptr<CertificateErrorReporter> certificate_error_reporter) { | |
| 115 certificate_error_reporter_.reset(certificate_error_reporter.release()); | |
|
mattm
2015/03/23 19:22:06
.Pass()
estark
2015/03/23 20:55:28
Done, sort of. I get a compiler error if I just re
mattm
2015/03/24 21:56:39
Yeah, that's right.
| |
| 116 } | |
| 117 | |
| 98 GURL SafeBrowsingPingManager::SafeBrowsingHitUrl( | 118 GURL SafeBrowsingPingManager::SafeBrowsingHitUrl( |
| 99 const GURL& malicious_url, const GURL& page_url, | 119 const GURL& malicious_url, const GURL& page_url, |
| 100 const GURL& referrer_url, bool is_subresource, | 120 const GURL& referrer_url, bool is_subresource, |
| 101 SBThreatType threat_type) const { | 121 SBThreatType threat_type) const { |
| 102 DCHECK(threat_type == SB_THREAT_TYPE_URL_MALWARE || | 122 DCHECK(threat_type == SB_THREAT_TYPE_URL_MALWARE || |
| 103 threat_type == SB_THREAT_TYPE_URL_PHISHING || | 123 threat_type == SB_THREAT_TYPE_URL_PHISHING || |
| 104 threat_type == SB_THREAT_TYPE_URL_UNWANTED || | 124 threat_type == SB_THREAT_TYPE_URL_UNWANTED || |
| 105 threat_type == SB_THREAT_TYPE_BINARY_MALWARE_URL || | 125 threat_type == SB_THREAT_TYPE_BINARY_MALWARE_URL || |
| 106 threat_type == SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL || | 126 threat_type == SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL || |
| 107 threat_type == SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL); | 127 threat_type == SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL); |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 144 url_prefix_.c_str(), | 164 url_prefix_.c_str(), |
| 145 client_name_.c_str(), | 165 client_name_.c_str(), |
| 146 version_.c_str()); | 166 version_.c_str()); |
| 147 std::string api_key = google_apis::GetAPIKey(); | 167 std::string api_key = google_apis::GetAPIKey(); |
| 148 if (!api_key.empty()) { | 168 if (!api_key.empty()) { |
| 149 base::StringAppendF(&url, "&key=%s", | 169 base::StringAppendF(&url, "&key=%s", |
| 150 net::EscapeQueryParamValue(api_key, true).c_str()); | 170 net::EscapeQueryParamValue(api_key, true).c_str()); |
| 151 } | 171 } |
| 152 return GURL(url); | 172 return GURL(url); |
| 153 } | 173 } |
| OLD | NEW |
