chrome/browser/safe_browsing/client_side_detection_host.h

   1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef CHROME_BROWSER_SAFE_BROWSING_CLIENT_SIDE_DETECTION_HOST_H_
   6 #define CHROME_BROWSER_SAFE_BROWSING_CLIENT_SIDE_DETECTION_HOST_H_
   7
   8 #include <string>
   9 #include <vector>
  10
  11 #include "base/basictypes.h"
  12 #include "base/memory/ref_counted.h"
  13 #include "base/memory/scoped_ptr.h"
  14 #include "chrome/browser/safe_browsing/browser_feature_extractor.h"
  15 #include "chrome/browser/safe_browsing/database_manager.h"
  16 #include "chrome/browser/safe_browsing/ui_manager.h"
  17 #include "content/public/browser/notification_registrar.h"
  18 #include "content/public/browser/resource_request_details.h"
  19 #include "content/public/browser/web_contents_observer.h"
  20 #include "url/gurl.h"
  21
  22 namespace safe_browsing {
  23 class ClientPhishingRequest;
  24 class ClientSideDetectionService;
  25
  26 // This class is used to receive the IPC from the renderer which
  27 // notifies the browser that a URL was classified as phishing.  This
  28 // class relays this information to the client-side detection service
  29 // class which sends a ping to a server to validate the verdict.
  30 // TODO(noelutz): move all client-side detection IPCs to this class.
  31 class ClientSideDetectionHost : public content::WebContentsObserver,
  32                                 public content::NotificationObserver,
  33                                 public SafeBrowsingUIManager::Observer {
  34  public:
  35   // The caller keeps ownership of the tab object and is responsible for
  36   // ensuring that it stays valid until WebContentsDestroyed is called.
  37   static ClientSideDetectionHost* Create(content::WebContents* tab);
  38   virtual ~ClientSideDetectionHost();
  39
  40   // From content::WebContentsObserver.
  41   virtual bool OnMessageReceived(const IPC::Message& message) OVERRIDE;
  42
  43   // From content::WebContentsObserver.  If we navigate away we cancel all
  44   // pending callbacks that could show an interstitial, and check to see whether
  45   // we should classify the new URL.
  46   virtual void DidNavigateMainFrame(
  47       const content::LoadCommittedDetails& details,
  48       const content::FrameNavigateParams& params) OVERRIDE;
  49
  50   // Called when the SafeBrowsingService found a hit with one of the
  51   // SafeBrowsing lists.  This method is called on the UI thread.
  52   virtual void OnSafeBrowsingHit(
  53       const SafeBrowsingUIManager::UnsafeResource& resource) OVERRIDE;
  54
  55   // Called when the SafeBrowsingService finds a match on the SB lists.
  56   // Called on the UI thread. Called even if the resource is whitelisted.
  57   virtual void OnSafeBrowsingMatch(
  58       const SafeBrowsingUIManager::UnsafeResource& resource) OVERRIDE;
  59
  60   virtual scoped_refptr<SafeBrowsingDatabaseManager> database_manager();
  61
  62   // Returns whether the current page contains a malware or phishing safe
  63   // browsing match.
  64   bool DidPageReceiveSafeBrowsingMatch() const;
  65
  66  protected:
  67   explicit ClientSideDetectionHost(content::WebContents* tab);
  68
  69   // From content::WebContentsObserver.
  70   virtual void WebContentsDestroyed(content::WebContents* tab) OVERRIDE;
  71
  72   // Used for testing.
  73   void set_safe_browsing_managers(
  74       SafeBrowsingUIManager* ui_manager,
  75       SafeBrowsingDatabaseManager* database_manager);
  76
  77  private:
  78   friend class ClientSideDetectionHostTest;
  79   class ShouldClassifyUrlRequest;
  80   friend class ShouldClassifyUrlRequest;
  81
  82   // These methods are called when pre-classification checks are done for
  83   // the phishing and malware clasifiers.
  84   void OnPhishingPreClassificationDone(bool should_classify);
  85   void OnMalwarePreClassificationDone(bool should_classify);
  86
  87   // Verdict is an encoded ClientPhishingRequest protocol message.
  88   void OnPhishingDetectionDone(const std::string& verdict);
  89
  90   // Callback that is called when the server ping back is
  91   // done. Display an interstitial if |is_phishing| is true.
  92   // Otherwise, we do nothing.  Called in UI thread.
  93   void MaybeShowPhishingWarning(GURL phishing_url, bool is_phishing);
  94
  95   // Callback that is called when the malware IP server ping back is
  96   // done. Display an interstitial if |is_malware| is true.
  97   // Otherwise, we do nothing.  Called in UI thread.
  98   void MaybeShowMalwareWarning(GURL original_url, GURL malware_url,
  99                                bool is_malware);
 100
 101   // Callback that is called when the browser feature extractor is done.
 102   // This method is responsible for deleting the request object.  Called on
 103   // the UI thread.
 104   void FeatureExtractionDone(bool success, ClientPhishingRequest* request);
 105
 106   // Start malware classification once the onload handler was called and
 107   // malware pre-classification checks are done and passed.
 108   void MaybeStartMalwareFeatureExtraction();
 109
 110   // Function to be called when the browser malware feature extractor is done.
 111   // Called on the UI thread.
 112   void MalwareFeatureExtractionDone(
 113       bool success, scoped_ptr<ClientMalwareRequest> request);
 114
 115   // Update the entries in browse_info_->ips map.
 116   void UpdateIPUrlMap(const std::string& ip,
 117                       const std::string& url,
 118                       const std::string& method,
 119                       const std::string& referrer,
 120                       const ResourceType::Type resource_type);
 121
 122   // From NotificationObserver.  Called when a notification comes in.  This
 123   // method is called in the UI thread.
 124   virtual void Observe(int type,
 125                        const content::NotificationSource& source,
 126                        const content::NotificationDetails& details) OVERRIDE;
 127
 128   // Inherited from WebContentsObserver.  This is called once the page is
 129   // done loading.
 130   virtual void DidStopLoading(content::RenderViewHost* rvh) OVERRIDE;
 131
 132   // Returns true if the user has seen a regular SafeBrowsing
 133   // interstitial for the current page.  This is only true if the user has
 134   // actually clicked through the warning.  This method is called on the UI
 135   // thread.
 136   bool DidShowSBInterstitial() const;
 137
 138   // Used for testing.  This function does not take ownership of the service
 139   // class.
 140   void set_client_side_detection_service(ClientSideDetectionService* service);
 141
 142   // This pointer may be NULL if client-side phishing detection is disabled.
 143   ClientSideDetectionService* csd_service_;
 144   // These pointers may be NULL if SafeBrowsing is disabled.
 145   scoped_refptr<SafeBrowsingDatabaseManager> database_manager_;
 146   scoped_refptr<SafeBrowsingUIManager> ui_manager_;
 147   // Keep a handle to the latest classification request so that we can cancel
 148   // it if necessary.
 149   scoped_refptr<ShouldClassifyUrlRequest> classification_request_;
 150   // Browser-side feature extractor.
 151   scoped_ptr<BrowserFeatureExtractor> feature_extractor_;
 152   // Keeps some info about the current page visit while the renderer
 153   // classification is going on.  Since we cancel classification on
 154   // every page load we can simply keep this data around as a member
 155   // variable.  This information will be passed on to the feature extractor.
 156   scoped_ptr<BrowseInfo> browse_info_;
 157   // Redirect chain that leads to the first page of the current host. We keep
 158   // track of this for browse_info_.
 159   std::vector<GURL> cur_host_redirects_;
 160   // Current host, used to help determine cur_host_redirects_.
 161   std::string cur_host_;
 162   // Handles registering notifications with the NotificationService.
 163   content::NotificationRegistrar registrar_;
 164
 165   // Max number of ips we save for each browse
 166   static const int kMaxIPsPerBrowse;
 167   // Max number of urls we report for each malware IP.
 168   static const int kMaxUrlsPerIP;
 169
 170   bool should_extract_malware_features_;
 171   bool should_classify_for_malware_;
 172   bool pageload_complete_;
 173
 174   base::WeakPtrFactory<ClientSideDetectionHost> weak_factory_;
 175
 176   // Unique page ID of the most recent unsafe site that was loaded in this tab
 177   // as well as the UnsafeResource.
 178   int unsafe_unique_page_id_;
 179   scoped_ptr<SafeBrowsingUIManager::UnsafeResource> unsafe_resource_;
 180
 181   DISALLOW_COPY_AND_ASSIGN(ClientSideDetectionHost);
 182 };
 183
 184 }  // namespace safe_browsing
 185
 186 #endif  // CHROME_BROWSER_SAFE_BROWSING_CLIENT_SIDE_DETECTION_HOST_H_