chrome/browser/android/spdy_proxy_resource_throttle.h

   1 // Copyright 2015 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef CHROME_BROWSER_ANDROID_SPDY_PROXY_RESOURCE_THROTTLE_H_
   6 #define CHROME_BROWSER_ANDROID_SPDY_PROXY_RESOURCE_THROTTLE_H_
   7
   8 #include <string>
   9 #include <vector>
  10
  11 #include "base/memory/ref_counted.h"
  12 #include "chrome/browser/renderer_host/safe_browsing_resource_throttle_factory.h"
  13 #include "chrome/browser/safe_browsing/safe_browsing_service.h"
  14 #include "chrome/browser/safe_browsing/ui_manager.h"
  15 #include "content/public/browser/resource_throttle.h"
  16 #include "content/public/common/resource_type.h"
  17
  18 namespace net {
  19 struct RedirectInfo;
  20 class URLRequest;
  21 }
  22
  23 // SpdyProxyResourceThrottle checks that URLs are "safe" before navigating
  24 // to them. To be considered "safe", a URL must not be tagged as a phishing or
  25 // malware URL by the SPDY proxy.
  26 //
  27 // If the URL is tagged as unsafe, a warning page is shown and the request
  28 // remains suspended. If the user decides to cancel, the request is cancelled.
  29 // If on the other hand the user decides the URL is safe, the request is
  30 // resumed.
  31 //
  32 // The SPDY proxy and the browser make use of extra headers to communicate.
  33 // When a proxy detects a malware or a phishing page, it injects a special
  34 // header and returns a 307 redirect to the same location. If the user decides
  35 // to proceed, the client injects a special header.
  36 //
  37 // Header              Sent From     Description
  38 // X-Phishing-Url        Proxy      Identified as phishing url.
  39 // X-Malware-Url         Proxy      Identified as malware url
  40 // X-Unsafe-Url-Proceed  Browser    User requests proceed.
  41 //
  42 class SpdyProxyResourceThrottle
  43     : public content::ResourceThrottle,
  44       public base::SupportsWeakPtr<SpdyProxyResourceThrottle> {
  45  public:
  46   SpdyProxyResourceThrottle(net::URLRequest* request,
  47                             content::ResourceType resource_type,
  48                             SafeBrowsingService* safe_browsing);
  49
  50   // content::ResourceThrottle implementation (called on IO thread).
  51   void WillRedirectRequest(const net::RedirectInfo& redirect_info,
  52                            bool* defer) override;
  53   const char* GetNameForLogging() const override;
  54
  55  private:
  56   // Describes what phase of the check a throttle is in.
  57   enum State {
  58     STATE_NONE,
  59     STATE_DISPLAYING_BLOCKING_PAGE,
  60   };
  61
  62   static const char* kUnsafeUrlProceedHeader;
  63
  64   ~SpdyProxyResourceThrottle() override;
  65
  66   // SafeBrowsingService::UrlCheckCallback implementation.
  67   void OnBlockingPageComplete(bool proceed);
  68
  69   // Returns the threat type.
  70   SBThreatType CheckUrl();
  71
  72   // Starts displaying the safe browsing interstitial page if it is not
  73   // prerendering. Called on the UI thread.
  74   static void StartDisplayingBlockingPage(
  75       const base::WeakPtr<SpdyProxyResourceThrottle>& throttle,
  76       scoped_refptr<SafeBrowsingUIManager> ui_manager,
  77       const SafeBrowsingUIManager::UnsafeResource& resource);
  78
  79   // Resumes the request, by continuing the deferred action (either starting the
  80   // request, or following a redirect).
  81   void ResumeRequest();
  82
  83   State state_;
  84
  85   // The redirect chain for this resource.
  86   std::vector<GURL> redirect_urls_;
  87
  88   scoped_refptr<SafeBrowsingService> safe_browsing_;
  89   net::URLRequest* request_;
  90   const bool is_subresource_;
  91   const bool is_subframe_;
  92
  93   DISALLOW_COPY_AND_ASSIGN(SpdyProxyResourceThrottle);
  94 };
  95
  96 class SpdyProxyResourceThrottleFactory
  97     : public SafeBrowsingResourceThrottleFactory {
  98
  99  public:
 100   SpdyProxyResourceThrottleFactory() { }
 101   ~SpdyProxyResourceThrottleFactory() override {}
 102
 103  protected:
 104   content::ResourceThrottle* CreateResourceThrottle(
 105       net::URLRequest* request,
 106       content::ResourceContext* resource_context,
 107       content::ResourceType resource_type,
 108       SafeBrowsingService* service) override;
 109
 110  private:
 111   DISALLOW_COPY_AND_ASSIGN(SpdyProxyResourceThrottleFactory);
 112 };
 113
 114 #endif  // CHROME_BROWSER_ANDROID_SPDY_PROXY_RESOURCE_THROTTLE_H_