search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Pin Chrome's shortcut to the Win10 Start menu on install and OS upgrade.
[chromium-blink-merge.git] / chrome / browser / safe_browsing / ping_manager.cc
blobac20c636c608690aa2df9e93b2dfdbf5eee609fa
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/browser/safe_browsing/ping_manager.h"
6
7 #include "base/logging.h"
8 #include "base/stl_util.h"
9 #include "base/strings/string_util.h"
10 #include "base/strings/stringprintf.h"
11 #include "chrome/browser/net/certificate_error_reporter.h"
12 #include "chrome/common/env_vars.h"
13 #include "content/public/browser/browser_thread.h"
14 #include "google_apis/google_api_keys.h"
15 #include "net/base/escape.h"
16 #include "net/base/load_flags.h"
17 #include "net/ssl/ssl_info.h"
18 #include "net/url_request/url_fetcher.h"
19 #include "net/url_request/url_request_context_getter.h"
20 #include "net/url_request/url_request_status.h"
21 #include "url/gurl.h"
22
23 using chrome_browser_net::CertificateErrorReporter;
24 using content::BrowserThread;
25
26 namespace {
27 // URLs to upload invalid certificate chain reports. The HTTP URL is
28 // preferred since a client seeing an invalid cert might not be able to
29 // make an HTTPS connection to report it.
30 const char kExtendedReportingUploadUrlInsecure[] =
31 "http://safebrowsing.googleusercontent.com/safebrowsing/clientreport/"
32 "chrome-certs";
33 const char kExtendedReportingUploadUrlSecure[] =
34 "https://sb-ssl.google.com/safebrowsing/clientreport/chrome-certs";
35 } // namespace
36
37 // SafeBrowsingPingManager implementation ----------------------------------
38
39 // static
40 SafeBrowsingPingManager* SafeBrowsingPingManager::Create(
41 net::URLRequestContextGetter* request_context_getter,
42 const SafeBrowsingProtocolConfig& config) {
43 DCHECK_CURRENTLY_ON(BrowserThread::IO);
44 return new SafeBrowsingPingManager(request_context_getter, config);
45 }
46
47 SafeBrowsingPingManager::SafeBrowsingPingManager(
48 net::URLRequestContextGetter* request_context_getter,
49 const SafeBrowsingProtocolConfig& config)
50 : client_name_(config.client_name),
51 request_context_getter_(request_context_getter),
52 url_prefix_(config.url_prefix) {
53 DCHECK(!url_prefix_.empty());
54
55 if (request_context_getter) {
56 // Set the upload URL and whether or not to send cookies with
57 // certificate reports sent to Safe Browsing servers.
58 bool use_insecure_certificate_upload_url =
59 CertificateErrorReporter::IsHttpUploadUrlSupported();
60
61 CertificateErrorReporter::CookiesPreference cookies_preference;
62 GURL certificate_upload_url;
63 if (use_insecure_certificate_upload_url) {
64 cookies_preference = CertificateErrorReporter::DO_NOT_SEND_COOKIES;
65 certificate_upload_url = GURL(kExtendedReportingUploadUrlInsecure);
66 } else {
67 cookies_preference = CertificateErrorReporter::SEND_COOKIES;
68 certificate_upload_url = GURL(kExtendedReportingUploadUrlSecure);
69 }
70
71 certificate_error_reporter_.reset(new CertificateErrorReporter(
72 request_context_getter->GetURLRequestContext(), certificate_upload_url,
73 cookies_preference));
74 }
75
76 version_ = SafeBrowsingProtocolManagerHelper::Version();
77 }
78
79 SafeBrowsingPingManager::~SafeBrowsingPingManager() {
80 // Delete in-progress safebrowsing reports (hits and details).
81 STLDeleteContainerPointers(safebrowsing_reports_.begin(),
82 safebrowsing_reports_.end());
83 }
84
85 // net::URLFetcherDelegate implementation ----------------------------------
86
87 // All SafeBrowsing request responses are handled here.
88 void SafeBrowsingPingManager::OnURLFetchComplete(
89 const net::URLFetcher* source) {
90 Reports::iterator sit = safebrowsing_reports_.find(source);
91 DCHECK(sit != safebrowsing_reports_.end());
92 delete *sit;
93 safebrowsing_reports_.erase(sit);
94 }
95
96 // Sends a SafeBrowsing "hit" for UMA users.
97 void SafeBrowsingPingManager::ReportSafeBrowsingHit(
98 const GURL& malicious_url,
99 const GURL& page_url,
100 const GURL& referrer_url,
101 bool is_subresource,
102 SBThreatType threat_type,
103 const std::string& post_data) {
104 GURL report_url = SafeBrowsingHitUrl(malicious_url, page_url,
105 referrer_url, is_subresource,
106 threat_type);
107 net::URLFetcher* report =
108 net::URLFetcher::Create(
109 report_url,
110 post_data.empty() ? net::URLFetcher::GET : net::URLFetcher::POST,
111 this).release();
112 report->SetLoadFlags(net::LOAD_DISABLE_CACHE);
113 report->SetRequestContext(request_context_getter_.get());
114 if (!post_data.empty())
115 report->SetUploadData("text/plain", post_data);
116 safebrowsing_reports_.insert(report);
117 report->Start();
118 }
119
120 // Sends malware details for users who opt-in.
121 void SafeBrowsingPingManager::ReportMalwareDetails(
122 const std::string& report) {
123 GURL report_url = MalwareDetailsUrl();
124 net::URLFetcher* fetcher =
125 net::URLFetcher::Create(report_url, net::URLFetcher::POST, this)
126 .release();
127 fetcher->SetLoadFlags(net::LOAD_DISABLE_CACHE);
128 fetcher->SetRequestContext(request_context_getter_.get());
129 fetcher->SetUploadData("application/octet-stream", report);
130 // Don't try too hard to send reports on failures.
131 fetcher->SetAutomaticallyRetryOn5xx(false);
132 fetcher->Start();
133 safebrowsing_reports_.insert(fetcher);
134 }
135
136 void SafeBrowsingPingManager::ReportInvalidCertificateChain(
137 const std::string& serialized_report) {
138 DCHECK(certificate_error_reporter_);
139 certificate_error_reporter_->SendReport(
140 CertificateErrorReporter::REPORT_TYPE_EXTENDED_REPORTING,
141 serialized_report);
142 }
143
144 void SafeBrowsingPingManager::SetCertificateErrorReporterForTesting(
145 scoped_ptr<CertificateErrorReporter> certificate_error_reporter) {
146 certificate_error_reporter_ = certificate_error_reporter.Pass();
147 }
148
149 GURL SafeBrowsingPingManager::SafeBrowsingHitUrl(
150 const GURL& malicious_url, const GURL& page_url,
151 const GURL& referrer_url, bool is_subresource,
152 SBThreatType threat_type) const {
153 DCHECK(threat_type == SB_THREAT_TYPE_URL_MALWARE ||
154 threat_type == SB_THREAT_TYPE_URL_PHISHING ||
155 threat_type == SB_THREAT_TYPE_URL_UNWANTED ||
156 threat_type == SB_THREAT_TYPE_BINARY_MALWARE_URL ||
157 threat_type == SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL ||
158 threat_type == SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL);
159 std::string url = SafeBrowsingProtocolManagerHelper::ComposeUrl(
160 url_prefix_, "report", client_name_, version_, std::string());
161 std::string threat_list = "none";
162 switch (threat_type) {
163 case SB_THREAT_TYPE_URL_MALWARE:
164 threat_list = "malblhit";
165 break;
166 case SB_THREAT_TYPE_URL_PHISHING:
167 threat_list = "phishblhit";
168 break;
169 case SB_THREAT_TYPE_URL_UNWANTED:
170 threat_list = "uwsblhit";
171 break;
172 case SB_THREAT_TYPE_BINARY_MALWARE_URL:
173 threat_list = "binurlhit";
174 break;
175 case SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL:
176 threat_list = "phishcsdhit";
177 break;
178 case SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL:
179 threat_list = "malcsdhit";
180 break;
181 default:
182 NOTREACHED();
183 }
184 return GURL(base::StringPrintf("%s&evts=%s&evtd=%s&evtr=%s&evhr=%s&evtb=%d",
185 url.c_str(), threat_list.c_str(),
186 net::EscapeQueryParamValue(malicious_url.spec(), true).c_str(),
187 net::EscapeQueryParamValue(page_url.spec(), true).c_str(),
188 net::EscapeQueryParamValue(referrer_url.spec(), true).c_str(),
189 is_subresource));
190 }
191
192 GURL SafeBrowsingPingManager::MalwareDetailsUrl() const {
193 std::string url = base::StringPrintf(
194 "%s/clientreport/malware?client=%s&appver=%s&pver=1.0",
195 url_prefix_.c_str(),
196 client_name_.c_str(),
197 version_.c_str());
198 std::string api_key = google_apis::GetAPIKey();
199 if (!api_key.empty()) {
200 base::StringAppendF(&url, "&key=%s",
201 net::EscapeQueryParamValue(api_key, true).c_str());
202 }
203 return GURL(url);
204 }