search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
NaCl: Update revision in DEPS, r12770 -> r12773
[chromium-blink-merge.git] / chrome / browser / renderer_host / safe_browsing_resource_throttle.cc
blobe9dc7b13599e0422abbc8c06c315958c3be1ed45
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/browser/renderer_host/safe_browsing_resource_throttle.h"
6
7 #include "base/logging.h"
8 #include "chrome/browser/browser_process.h"
9 #include "chrome/browser/prerender/prerender_contents.h"
10 #include "chrome/browser/safe_browsing/safe_browsing_service.h"
11 #include "content/public/browser/browser_thread.h"
12 #include "content/public/browser/render_view_host.h"
13 #include "content/public/browser/resource_controller.h"
14 #include "content/public/browser/resource_request_info.h"
15 #include "content/public/browser/web_contents.h"
16 #include "net/base/load_flags.h"
17 #include "net/url_request/url_request.h"
18
19 // Maximum time in milliseconds to wait for the safe browsing service to
20 // verify a URL. After this amount of time the outstanding check will be
21 // aborted, and the URL will be treated as if it were safe.
22 static const int kCheckUrlTimeoutMs = 5000;
23
24 // TODO(eroman): Downgrade these CHECK()s to DCHECKs once there is more
25 // unit test coverage.
26
27 SafeBrowsingResourceThrottle::SafeBrowsingResourceThrottle(
28 const net::URLRequest* request,
29 bool is_subresource,
30 SafeBrowsingService* safe_browsing)
31 : state_(STATE_NONE),
32 defer_state_(DEFERRED_NONE),
33 threat_type_(SB_THREAT_TYPE_SAFE),
34 database_manager_(safe_browsing->database_manager()),
35 ui_manager_(safe_browsing->ui_manager()),
36 request_(request),
37 is_subresource_(is_subresource) {
38 }
39
40 SafeBrowsingResourceThrottle::~SafeBrowsingResourceThrottle() {
41 if (state_ == STATE_CHECKING_URL)
42 database_manager_->CancelCheck(this);
43 }
44
45 void SafeBrowsingResourceThrottle::WillStartRequest(bool* defer) {
46 // We need to check the new URL before starting the request.
47 if (CheckUrl(request_->url()))
48 return;
49
50 // If the URL couldn't be verified synchronously, defer starting the
51 // request until the check has completed.
52 defer_state_ = DEFERRED_START;
53 *defer = true;
54 }
55
56 void SafeBrowsingResourceThrottle::WillRedirectRequest(const GURL& new_url,
57 bool* defer) {
58 CHECK(state_ == STATE_NONE);
59 CHECK(defer_state_ == DEFERRED_NONE);
60
61 // Save the redirect urls for possible malware detail reporting later.
62 redirect_urls_.push_back(new_url);
63
64 // We need to check the new URL before following the redirect.
65 if (CheckUrl(new_url))
66 return;
67
68 // If the URL couldn't be verified synchronously, defer following the
69 // redirect until the SafeBrowsing check is complete. Store the redirect
70 // context so we can pass it on to other handlers once we have completed
71 // our check.
72 defer_state_ = DEFERRED_REDIRECT;
73 *defer = true;
74 }
75
76 const char* SafeBrowsingResourceThrottle::GetNameForLogging() const {
77 return "SafeBrowsingResourceThrottle";
78 }
79
80 // SafeBrowsingService::Client implementation, called on the IO thread once
81 // the URL has been classified.
82 void SafeBrowsingResourceThrottle::OnCheckBrowseUrlResult(
83 const GURL& url, SBThreatType threat_type) {
84 CHECK(state_ == STATE_CHECKING_URL);
85 CHECK(defer_state_ != DEFERRED_NONE);
86 CHECK(url == url_being_checked_) << "Was expecting: " << url_being_checked_
87 << " but got: " << url;
88
89 timer_.Stop(); // Cancel the timeout timer.
90 threat_type_ = threat_type;
91 state_ = STATE_NONE;
92
93 if (threat_type == SB_THREAT_TYPE_SAFE) {
94 // Log how much time the safe browsing check cost us.
95 ui_manager_->LogPauseDelay(base::TimeTicks::Now() - url_check_start_time_);
96
97 // Continue the request.
98 ResumeRequest();
99 return;
100 }
101
102 if (request_->load_flags() & net::LOAD_PREFETCH) {
103 // Don't prefetch resources that fail safe browsing, disallow
104 // them.
105 controller()->Cancel();
106 return;
107 }
108
109 const content::ResourceRequestInfo* info =
110 content::ResourceRequestInfo::ForRequest(request_);
111
112 SafeBrowsingUIManager::UnsafeResource resource;
113 resource.url = url;
114 resource.original_url = request_->original_url();
115 resource.redirect_urls = redirect_urls_;
116 resource.is_subresource = is_subresource_;
117 resource.threat_type = threat_type;
118 resource.callback = base::Bind(
119 &SafeBrowsingResourceThrottle::OnBlockingPageComplete, AsWeakPtr());
120 resource.render_process_host_id = info->GetChildID();
121 resource.render_view_id = info->GetRouteID();
122
123 state_ = STATE_DISPLAYING_BLOCKING_PAGE;
124
125 content::BrowserThread::PostTask(
126 content::BrowserThread::UI,
127 FROM_HERE,
128 base::Bind(&SafeBrowsingResourceThrottle::StartDisplayingBlockingPage,
129 AsWeakPtr(), ui_manager_, resource));
130 }
131
132 void SafeBrowsingResourceThrottle::StartDisplayingBlockingPage(
133 const base::WeakPtr<SafeBrowsingResourceThrottle>& throttle,
134 scoped_refptr<SafeBrowsingUIManager> ui_manager,
135 const SafeBrowsingUIManager::UnsafeResource& resource) {
136 bool should_show_blocking_page = true;
137
138 content::RenderViewHost* rvh = content::RenderViewHost::FromID(
139 resource.render_process_host_id, resource.render_view_id);
140 if (rvh) {
141 content::WebContents* web_contents =
142 content::WebContents::FromRenderViewHost(rvh);
143 prerender::PrerenderContents* prerender_contents =
144 prerender::PrerenderContents::FromWebContents(web_contents);
145 if (prerender_contents) {
146 prerender_contents->Destroy(prerender::FINAL_STATUS_SAFE_BROWSING);
147 should_show_blocking_page = false;
148 }
149
150 if (should_show_blocking_page) {
151 ui_manager->DisplayBlockingPage(resource);
152 return;
153 }
154 }
155
156 // Tab is gone or it's being prerendered.
157 content::BrowserThread::PostTask(
158 content::BrowserThread::IO,
159 FROM_HERE,
160 base::Bind(&SafeBrowsingResourceThrottle::Cancel, throttle));
161 }
162
163 void SafeBrowsingResourceThrottle::Cancel() {
164 controller()->Cancel();
165 }
166
167 // SafeBrowsingService::UrlCheckCallback implementation, called on the IO
168 // thread when the user has decided to proceed with the current request, or
169 // go back.
170 void SafeBrowsingResourceThrottle::OnBlockingPageComplete(bool proceed) {
171 CHECK(state_ == STATE_DISPLAYING_BLOCKING_PAGE);
172 state_ = STATE_NONE;
173
174 if (proceed) {
175 threat_type_ = SB_THREAT_TYPE_SAFE;
176 ResumeRequest();
177 } else {
178 controller()->Cancel();
179 }
180 }
181
182 bool SafeBrowsingResourceThrottle::CheckUrl(const GURL& url) {
183 CHECK(state_ == STATE_NONE);
184 bool succeeded_synchronously = database_manager_->CheckBrowseUrl(url, this);
185 if (succeeded_synchronously) {
186 threat_type_ = SB_THREAT_TYPE_SAFE;
187 ui_manager_->LogPauseDelay(base::TimeDelta()); // No delay.
188 return true;
189 }
190
191 state_ = STATE_CHECKING_URL;
192 url_being_checked_ = url;
193
194 // Record the start time of the check.
195 url_check_start_time_ = base::TimeTicks::Now();
196
197 // Start a timer to abort the check if it takes too long.
198 timer_.Start(FROM_HERE,
199 base::TimeDelta::FromMilliseconds(kCheckUrlTimeoutMs),
200 this, &SafeBrowsingResourceThrottle::OnCheckUrlTimeout);
201
202 return false;
203 }
204
205 void SafeBrowsingResourceThrottle::OnCheckUrlTimeout() {
206 CHECK(state_ == STATE_CHECKING_URL);
207 CHECK(defer_state_ != DEFERRED_NONE);
208
209 database_manager_->CancelCheck(this);
210 OnCheckBrowseUrlResult(url_being_checked_, SB_THREAT_TYPE_SAFE);
211 }
212
213 void SafeBrowsingResourceThrottle::ResumeRequest() {
214 CHECK(state_ == STATE_NONE);
215 CHECK(defer_state_ != DEFERRED_NONE);
216
217 defer_state_ = DEFERRED_NONE;
218 controller()->Resume();
219 }