net/proxy/proxy_script_fetcher_impl.cc

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "net/proxy/proxy_script_fetcher_impl.h"
   6
   7 #include "base/compiler_specific.h"
   8 #include "base/logging.h"
   9 #include "base/message_loop/message_loop.h"
  10 #include "base/strings/string_util.h"
  11 #include "net/base/data_url.h"
  12 #include "net/base/io_buffer.h"
  13 #include "net/base/load_flags.h"
  14 #include "net/base/net_errors.h"
  15 #include "net/base/net_string_util.h"
  16 #include "net/base/request_priority.h"
  17 #include "net/cert/cert_status_flags.h"
  18 #include "net/http/http_response_headers.h"
  19 #include "net/url_request/url_request_context.h"
  20
  21 // TODO(eroman):
  22 //   - Support auth-prompts (http://crbug.com/77366)
  23
  24 namespace net {
  25
  26 namespace {
  27
  28 // The maximum size (in bytes) allowed for a PAC script. Responses exceeding
  29 // this will fail with ERR_FILE_TOO_BIG.
  30 const int kDefaultMaxResponseBytes = 1048576;  // 1 megabyte
  31
  32 // The maximum duration (in milliseconds) allowed for fetching the PAC script.
  33 // Responses exceeding this will fail with ERR_TIMED_OUT.
  34 const int kDefaultMaxDurationMs = 300000;  // 5 minutes
  35
  36 // Returns true if |mime_type| is one of the known PAC mime type.
  37 bool IsPacMimeType(const std::string& mime_type) {
  38   static const char * const kSupportedPacMimeTypes[] = {
  39     "application/x-ns-proxy-autoconfig",
  40     "application/x-javascript-config",
  41   };
  42   for (size_t i = 0; i < arraysize(kSupportedPacMimeTypes); ++i) {
  43     if (LowerCaseEqualsASCII(mime_type, kSupportedPacMimeTypes[i]))
  44       return true;
  45   }
  46   return false;
  47 }
  48
  49 // Converts |bytes| (which is encoded by |charset|) to UTF16, saving the resul
  50 // to |*utf16|.
  51 // If |charset| is empty, then we don't know what it was and guess.
  52 void ConvertResponseToUTF16(const std::string& charset,
  53                             const std::string& bytes,
  54                             base::string16* utf16) {
  55   const char* codepage;
  56
  57   if (charset.empty()) {
  58     // Assume ISO-8859-1 if no charset was specified.
  59     codepage = kCharsetLatin1;
  60   } else {
  61     // Otherwise trust the charset that was provided.
  62     codepage = charset.c_str();
  63   }
  64
  65   // Be generous in the conversion -- if any characters lie outside of |charset|
  66   // (i.e. invalid), then substitute them with U+FFFD rather than failing.
  67   ConvertToUTF16WithSubstitutions(bytes, codepage, utf16);
  68 }
  69
  70 }  // namespace
  71
  72 ProxyScriptFetcherImpl::ProxyScriptFetcherImpl(
  73     URLRequestContext* url_request_context)
  74     : url_request_context_(url_request_context),
  75       buf_(new IOBuffer(kBufSize)),
  76       next_id_(0),
  77       cur_request_id_(0),
  78       result_code_(OK),
  79       result_text_(NULL),
  80       max_response_bytes_(kDefaultMaxResponseBytes),
  81       max_duration_(base::TimeDelta::FromMilliseconds(kDefaultMaxDurationMs)),
  82       weak_factory_(this) {
  83   DCHECK(url_request_context);
  84 }
  85
  86 ProxyScriptFetcherImpl::~ProxyScriptFetcherImpl() {
  87   // The URLRequest's destructor will cancel the outstanding request, and
  88   // ensure that the delegate (this) is not called again.
  89 }
  90
  91 base::TimeDelta ProxyScriptFetcherImpl::SetTimeoutConstraint(
  92     base::TimeDelta timeout) {
  93   base::TimeDelta prev = max_duration_;
  94   max_duration_ = timeout;
  95   return prev;
  96 }
  97
  98 size_t ProxyScriptFetcherImpl::SetSizeConstraint(size_t size_bytes) {
  99   size_t prev = max_response_bytes_;
 100   max_response_bytes_ = size_bytes;
 101   return prev;
 102 }
 103
 104 void ProxyScriptFetcherImpl::OnResponseCompleted(URLRequest* request) {
 105   DCHECK_EQ(request, cur_request_.get());
 106
 107   // Use |result_code_| as the request's error if we have already set it to
 108   // something specific.
 109   if (result_code_ == OK && !request->status().is_success())
 110     result_code_ = request->status().error();
 111
 112   FetchCompleted();
 113 }
 114
 115 int ProxyScriptFetcherImpl::Fetch(
 116     const GURL& url, base::string16* text, const CompletionCallback& callback) {
 117   // It is invalid to call Fetch() while a request is already in progress.
 118   DCHECK(!cur_request_.get());
 119   DCHECK(!callback.is_null());
 120   DCHECK(text);
 121
 122   // Handle base-64 encoded data-urls that contain custom PAC scripts.
 123   if (url.SchemeIs("data")) {
 124     std::string mime_type;
 125     std::string charset;
 126     std::string data;
 127     if (!DataURL::Parse(url, &mime_type, &charset, &data))
 128       return ERR_FAILED;
 129
 130     ConvertResponseToUTF16(charset, data, text);
 131     return OK;
 132   }
 133
 134   cur_request_ =
 135       url_request_context_->CreateRequest(url, DEFAULT_PRIORITY, this);
 136   cur_request_->set_method("GET");
 137
 138   // Make sure that the PAC script is downloaded using a direct connection,
 139   // to avoid circular dependencies (fetching is a part of proxy resolution).
 140   // Also disable the use of the disk cache. The cache is disabled so that if
 141   // the user switches networks we don't potentially use the cached response
 142   // from old network when we should in fact be re-fetching on the new network.
 143   // If the PAC script is hosted on an HTTPS server we bypass revocation
 144   // checking in order to avoid a circular dependency when attempting to fetch
 145   // the OCSP response or CRL. We could make the revocation check go direct but
 146   // the proxy might be the only way to the outside world.
 147   cur_request_->SetLoadFlags(LOAD_BYPASS_PROXY | LOAD_DISABLE_CACHE |
 148                              LOAD_DISABLE_CERT_REVOCATION_CHECKING);
 149
 150   // Save the caller's info for notification on completion.
 151   callback_ = callback;
 152   result_text_ = text;
 153
 154   bytes_read_so_far_.clear();
 155
 156   // Post a task to timeout this request if it takes too long.
 157   cur_request_id_ = ++next_id_;
 158
 159   base::MessageLoop::current()->PostDelayedTask(
 160       FROM_HERE,
 161       base::Bind(&ProxyScriptFetcherImpl::OnTimeout,
 162                  weak_factory_.GetWeakPtr(),
 163                  cur_request_id_),
 164       max_duration_);
 165
 166   // Start the request.
 167   cur_request_->Start();
 168   return ERR_IO_PENDING;
 169 }
 170
 171 void ProxyScriptFetcherImpl::Cancel() {
 172   // ResetCurRequestState will free the URLRequest, which will cause
 173   // cancellation.
 174   ResetCurRequestState();
 175 }
 176
 177 URLRequestContext* ProxyScriptFetcherImpl::GetRequestContext() const {
 178   return url_request_context_;
 179 }
 180
 181 void ProxyScriptFetcherImpl::OnAuthRequired(URLRequest* request,
 182                                             AuthChallengeInfo* auth_info) {
 183   DCHECK_EQ(request, cur_request_.get());
 184   // TODO(eroman): http://crbug.com/77366
 185   LOG(WARNING) << "Auth required to fetch PAC script, aborting.";
 186   result_code_ = ERR_NOT_IMPLEMENTED;
 187   request->CancelAuth();
 188 }
 189
 190 void ProxyScriptFetcherImpl::OnSSLCertificateError(URLRequest* request,
 191                                                    const SSLInfo& ssl_info,
 192                                                    bool fatal) {
 193   DCHECK_EQ(request, cur_request_.get());
 194   // Revocation check failures are not fatal.
 195   if (IsCertStatusMinorError(ssl_info.cert_status)) {
 196     request->ContinueDespiteLastError();
 197     return;
 198   }
 199   LOG(WARNING) << "SSL certificate error when fetching PAC script, aborting.";
 200   // Certificate errors are in same space as net errors.
 201   result_code_ = MapCertStatusToNetError(ssl_info.cert_status);
 202   request->Cancel();
 203 }
 204
 205 void ProxyScriptFetcherImpl::OnResponseStarted(URLRequest* request) {
 206   DCHECK_EQ(request, cur_request_.get());
 207
 208   if (!request->status().is_success()) {
 209     OnResponseCompleted(request);
 210     return;
 211   }
 212
 213   // Require HTTP responses to have a success status code.
 214   if (request->url().SchemeIsHTTPOrHTTPS()) {
 215     // NOTE about status codes: We are like Firefox 3 in this respect.
 216     // {IE 7, Safari 3, Opera 9.5} do not care about the status code.
 217     if (request->GetResponseCode() != 200) {
 218       VLOG(1) << "Fetched PAC script had (bad) status line: "
 219               << request->response_headers()->GetStatusLine();
 220       result_code_ = ERR_PAC_STATUS_NOT_OK;
 221       request->Cancel();
 222       return;
 223     }
 224
 225     // NOTE about mime types: We do not enforce mime types on PAC files.
 226     // This is for compatibility with {IE 7, Firefox 3, Opera 9.5}. We will
 227     // however log mismatches to help with debugging.
 228     std::string mime_type;
 229     cur_request_->GetMimeType(&mime_type);
 230     if (!IsPacMimeType(mime_type)) {
 231       VLOG(1) << "Fetched PAC script does not have a proper mime type: "
 232               << mime_type;
 233     }
 234   }
 235
 236   ReadBody(request);
 237 }
 238
 239 void ProxyScriptFetcherImpl::OnReadCompleted(URLRequest* request,
 240                                              int num_bytes) {
 241   DCHECK_EQ(request, cur_request_.get());
 242   if (ConsumeBytesRead(request, num_bytes)) {
 243     // Keep reading.
 244     ReadBody(request);
 245   }
 246 }
 247
 248 void ProxyScriptFetcherImpl::ReadBody(URLRequest* request) {
 249   // Read as many bytes as are available synchronously.
 250   while (true) {
 251     int num_bytes;
 252     if (!request->Read(buf_.get(), kBufSize, &num_bytes)) {
 253       // Check whether the read failed synchronously.
 254       if (!request->status().is_io_pending())
 255         OnResponseCompleted(request);
 256       return;
 257     }
 258     if (!ConsumeBytesRead(request, num_bytes))
 259       return;
 260   }
 261 }
 262
 263 bool ProxyScriptFetcherImpl::ConsumeBytesRead(URLRequest* request,
 264                                               int num_bytes) {
 265   if (num_bytes <= 0) {
 266     // Error while reading, or EOF.
 267     OnResponseCompleted(request);
 268     return false;
 269   }
 270
 271   // Enforce maximum size bound.
 272   if (num_bytes + bytes_read_so_far_.size() >
 273       static_cast<size_t>(max_response_bytes_)) {
 274     result_code_ = ERR_FILE_TOO_BIG;
 275     request->Cancel();
 276     return false;
 277   }
 278
 279   bytes_read_so_far_.append(buf_->data(), num_bytes);
 280   return true;
 281 }
 282
 283 void ProxyScriptFetcherImpl::FetchCompleted() {
 284   if (result_code_ == OK) {
 285     // The caller expects the response to be encoded as UTF16.
 286     std::string charset;
 287     cur_request_->GetCharset(&charset);
 288     ConvertResponseToUTF16(charset, bytes_read_so_far_, result_text_);
 289   } else {
 290     // On error, the caller expects empty string for bytes.
 291     result_text_->clear();
 292   }
 293
 294   int result_code = result_code_;
 295   CompletionCallback callback = callback_;
 296
 297   ResetCurRequestState();
 298
 299   callback.Run(result_code);
 300 }
 301
 302 void ProxyScriptFetcherImpl::ResetCurRequestState() {
 303   cur_request_.reset();
 304   cur_request_id_ = 0;
 305   callback_.Reset();
 306   result_code_ = OK;
 307   result_text_ = NULL;
 308 }
 309
 310 void ProxyScriptFetcherImpl::OnTimeout(int id) {
 311   // Timeout tasks may outlive the URLRequest they reference. Make sure it
 312   // is still applicable.
 313   if (cur_request_id_ != id)
 314     return;
 315
 316   DCHECK(cur_request_.get());
 317   result_code_ = ERR_TIMED_OUT;
 318   cur_request_->Cancel();
 319 }
 320
 321 }  // namespace net