1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "net/proxy/proxy_script_fetcher_impl.h"
7 #include "base/compiler_specific.h"
8 #include "base/location.h"
9 #include "base/logging.h"
10 #include "base/metrics/histogram.h"
11 #include "base/single_thread_task_runner.h"
12 #include "base/strings/string_util.h"
13 #include "base/thread_task_runner_handle.h"
14 #include "net/base/data_url.h"
15 #include "net/base/io_buffer.h"
16 #include "net/base/load_flags.h"
17 #include "net/base/net_errors.h"
18 #include "net/base/net_string_util.h"
19 #include "net/base/request_priority.h"
20 #include "net/cert/cert_status_flags.h"
21 #include "net/http/http_response_headers.h"
22 #include "net/url_request/url_request_context.h"
25 // - Support auth-prompts (http://crbug.com/77366)
31 // The maximum size (in bytes) allowed for a PAC script. Responses exceeding
32 // this will fail with ERR_FILE_TOO_BIG.
33 const int kDefaultMaxResponseBytes
= 1048576; // 1 megabyte
35 // The maximum duration (in milliseconds) allowed for fetching the PAC script.
36 // Responses exceeding this will fail with ERR_TIMED_OUT.
37 const int kDefaultMaxDurationMs
= 300000; // 5 minutes
39 // Returns true if |mime_type| is one of the known PAC mime type.
40 bool IsPacMimeType(const std::string
& mime_type
) {
41 static const char * const kSupportedPacMimeTypes
[] = {
42 "application/x-ns-proxy-autoconfig",
43 "application/x-javascript-config",
45 for (size_t i
= 0; i
< arraysize(kSupportedPacMimeTypes
); ++i
) {
46 if (base::LowerCaseEqualsASCII(mime_type
, kSupportedPacMimeTypes
[i
]))
52 // Converts |bytes| (which is encoded by |charset|) to UTF16, saving the resul
54 // If |charset| is empty, then we don't know what it was and guess.
55 void ConvertResponseToUTF16(const std::string
& charset
,
56 const std::string
& bytes
,
57 base::string16
* utf16
) {
60 if (charset
.empty()) {
61 // Assume ISO-8859-1 if no charset was specified.
62 codepage
= kCharsetLatin1
;
64 // Otherwise trust the charset that was provided.
65 codepage
= charset
.c_str();
68 // Be generous in the conversion -- if any characters lie outside of |charset|
69 // (i.e. invalid), then substitute them with U+FFFD rather than failing.
70 ConvertToUTF16WithSubstitutions(bytes
, codepage
, utf16
);
75 ProxyScriptFetcherImpl::ProxyScriptFetcherImpl(
76 URLRequestContext
* url_request_context
)
77 : url_request_context_(url_request_context
),
78 buf_(new IOBuffer(kBufSize
)),
83 max_response_bytes_(kDefaultMaxResponseBytes
),
84 max_duration_(base::TimeDelta::FromMilliseconds(kDefaultMaxDurationMs
)),
86 DCHECK(url_request_context
);
89 ProxyScriptFetcherImpl::~ProxyScriptFetcherImpl() {
90 // The URLRequest's destructor will cancel the outstanding request, and
91 // ensure that the delegate (this) is not called again.
94 base::TimeDelta
ProxyScriptFetcherImpl::SetTimeoutConstraint(
95 base::TimeDelta timeout
) {
96 base::TimeDelta prev
= max_duration_
;
97 max_duration_
= timeout
;
101 size_t ProxyScriptFetcherImpl::SetSizeConstraint(size_t size_bytes
) {
102 size_t prev
= max_response_bytes_
;
103 max_response_bytes_
= size_bytes
;
107 void ProxyScriptFetcherImpl::OnResponseCompleted(URLRequest
* request
) {
108 DCHECK_EQ(request
, cur_request_
.get());
110 // Use |result_code_| as the request's error if we have already set it to
111 // something specific.
112 if (result_code_
== OK
&& !request
->status().is_success())
113 result_code_
= request
->status().error();
118 int ProxyScriptFetcherImpl::Fetch(
119 const GURL
& url
, base::string16
* text
, const CompletionCallback
& callback
) {
120 // It is invalid to call Fetch() while a request is already in progress.
121 DCHECK(!cur_request_
.get());
122 DCHECK(!callback
.is_null());
125 // Handle base-64 encoded data-urls that contain custom PAC scripts.
126 if (url
.SchemeIs("data")) {
127 std::string mime_type
;
130 if (!DataURL::Parse(url
, &mime_type
, &charset
, &data
))
133 ConvertResponseToUTF16(charset
, data
, text
);
137 DCHECK(fetch_start_time_
.is_null());
138 fetch_start_time_
= base::Time::Now();
141 url_request_context_
->CreateRequest(url
, DEFAULT_PRIORITY
, this);
142 cur_request_
->set_method("GET");
144 // Make sure that the PAC script is downloaded using a direct connection,
145 // to avoid circular dependencies (fetching is a part of proxy resolution).
146 // Also disable the use of the disk cache. The cache is disabled so that if
147 // the user switches networks we don't potentially use the cached response
148 // from old network when we should in fact be re-fetching on the new network.
149 // If the PAC script is hosted on an HTTPS server we bypass revocation
150 // checking in order to avoid a circular dependency when attempting to fetch
151 // the OCSP response or CRL. We could make the revocation check go direct but
152 // the proxy might be the only way to the outside world.
153 cur_request_
->SetLoadFlags(LOAD_BYPASS_PROXY
| LOAD_DISABLE_CACHE
|
154 LOAD_DISABLE_CERT_REVOCATION_CHECKING
);
156 // Save the caller's info for notification on completion.
157 callback_
= callback
;
160 bytes_read_so_far_
.clear();
162 // Post a task to timeout this request if it takes too long.
163 cur_request_id_
= ++next_id_
;
165 base::ThreadTaskRunnerHandle::Get()->PostDelayedTask(
166 FROM_HERE
, base::Bind(&ProxyScriptFetcherImpl::OnTimeout
,
167 weak_factory_
.GetWeakPtr(), cur_request_id_
),
170 // Start the request.
171 cur_request_
->Start();
172 return ERR_IO_PENDING
;
175 void ProxyScriptFetcherImpl::Cancel() {
176 // ResetCurRequestState will free the URLRequest, which will cause
178 ResetCurRequestState();
181 URLRequestContext
* ProxyScriptFetcherImpl::GetRequestContext() const {
182 return url_request_context_
;
185 void ProxyScriptFetcherImpl::OnAuthRequired(URLRequest
* request
,
186 AuthChallengeInfo
* auth_info
) {
187 DCHECK_EQ(request
, cur_request_
.get());
188 // TODO(eroman): http://crbug.com/77366
189 LOG(WARNING
) << "Auth required to fetch PAC script, aborting.";
190 result_code_
= ERR_NOT_IMPLEMENTED
;
191 request
->CancelAuth();
194 void ProxyScriptFetcherImpl::OnSSLCertificateError(URLRequest
* request
,
195 const SSLInfo
& ssl_info
,
197 DCHECK_EQ(request
, cur_request_
.get());
198 // Revocation check failures are not fatal.
199 if (IsCertStatusMinorError(ssl_info
.cert_status
)) {
200 request
->ContinueDespiteLastError();
203 LOG(WARNING
) << "SSL certificate error when fetching PAC script, aborting.";
204 // Certificate errors are in same space as net errors.
205 result_code_
= MapCertStatusToNetError(ssl_info
.cert_status
);
209 void ProxyScriptFetcherImpl::OnResponseStarted(URLRequest
* request
) {
210 DCHECK_EQ(request
, cur_request_
.get());
212 if (!request
->status().is_success()) {
213 OnResponseCompleted(request
);
217 // Require HTTP responses to have a success status code.
218 if (request
->url().SchemeIsHTTPOrHTTPS()) {
219 // NOTE about status codes: We are like Firefox 3 in this respect.
220 // {IE 7, Safari 3, Opera 9.5} do not care about the status code.
221 if (request
->GetResponseCode() != 200) {
222 VLOG(1) << "Fetched PAC script had (bad) status line: "
223 << request
->response_headers()->GetStatusLine();
224 result_code_
= ERR_PAC_STATUS_NOT_OK
;
229 // NOTE about mime types: We do not enforce mime types on PAC files.
230 // This is for compatibility with {IE 7, Firefox 3, Opera 9.5}. We will
231 // however log mismatches to help with debugging.
232 std::string mime_type
;
233 cur_request_
->GetMimeType(&mime_type
);
234 if (!IsPacMimeType(mime_type
)) {
235 VLOG(1) << "Fetched PAC script does not have a proper mime type: "
243 void ProxyScriptFetcherImpl::OnReadCompleted(URLRequest
* request
,
245 DCHECK_EQ(request
, cur_request_
.get());
246 if (ConsumeBytesRead(request
, num_bytes
)) {
252 void ProxyScriptFetcherImpl::ReadBody(URLRequest
* request
) {
253 // Read as many bytes as are available synchronously.
256 if (!request
->Read(buf_
.get(), kBufSize
, &num_bytes
)) {
257 // Check whether the read failed synchronously.
258 if (!request
->status().is_io_pending())
259 OnResponseCompleted(request
);
262 if (!ConsumeBytesRead(request
, num_bytes
))
267 bool ProxyScriptFetcherImpl::ConsumeBytesRead(URLRequest
* request
,
269 if (num_bytes
<= 0) {
270 // Error while reading, or EOF.
271 OnResponseCompleted(request
);
275 // Enforce maximum size bound.
276 if (num_bytes
+ bytes_read_so_far_
.size() >
277 static_cast<size_t>(max_response_bytes_
)) {
278 result_code_
= ERR_FILE_TOO_BIG
;
283 bytes_read_so_far_
.append(buf_
->data(), num_bytes
);
287 void ProxyScriptFetcherImpl::FetchCompleted() {
288 if (result_code_
== OK
) {
289 // Calculate duration of time for proxy script fetch to complete.
290 DCHECK(!fetch_start_time_
.is_null());
291 UMA_HISTOGRAM_TIMES("Net.ProxyScriptFetcher.SuccessDuration",
292 base::Time::Now() - fetch_start_time_
);
294 // The caller expects the response to be encoded as UTF16.
296 cur_request_
->GetCharset(&charset
);
297 ConvertResponseToUTF16(charset
, bytes_read_so_far_
, result_text_
);
299 // On error, the caller expects empty string for bytes.
300 result_text_
->clear();
303 int result_code
= result_code_
;
304 CompletionCallback callback
= callback_
;
306 ResetCurRequestState();
308 callback
.Run(result_code
);
311 void ProxyScriptFetcherImpl::ResetCurRequestState() {
312 cur_request_
.reset();
317 fetch_start_time_
= base::Time();
320 void ProxyScriptFetcherImpl::OnTimeout(int id
) {
321 // Timeout tasks may outlive the URLRequest they reference. Make sure it
322 // is still applicable.
323 if (cur_request_id_
!= id
)
326 DCHECK(cur_request_
.get());
327 result_code_
= ERR_TIMED_OUT
;
328 cur_request_
->Cancel();