Disable view source for Developer Tools.
[chromium-blink-merge.git] / chrome / browser / safe_browsing / client_side_detection_host.h
blobc5cf95acbbd3a0a6a589fce8372ee09086564f9f
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CHROME_BROWSER_SAFE_BROWSING_CLIENT_SIDE_DETECTION_HOST_H_
6 #define CHROME_BROWSER_SAFE_BROWSING_CLIENT_SIDE_DETECTION_HOST_H_
8 #include <string>
9 #include <vector>
11 #include "base/basictypes.h"
12 #include "base/memory/ref_counted.h"
13 #include "base/memory/scoped_ptr.h"
14 #include "chrome/browser/safe_browsing/browser_feature_extractor.h"
15 #include "chrome/browser/safe_browsing/database_manager.h"
16 #include "chrome/browser/safe_browsing/ui_manager.h"
17 #include "content/public/browser/notification_registrar.h"
18 #include "content/public/browser/resource_request_details.h"
19 #include "content/public/browser/web_contents_observer.h"
20 #include "url/gurl.h"
22 namespace safe_browsing {
23 class ClientPhishingRequest;
24 class ClientSideDetectionService;
26 // This class is used to receive the IPC from the renderer which
27 // notifies the browser that a URL was classified as phishing. This
28 // class relays this information to the client-side detection service
29 // class which sends a ping to a server to validate the verdict.
30 // TODO(noelutz): move all client-side detection IPCs to this class.
31 class ClientSideDetectionHost : public content::WebContentsObserver,
32 public content::NotificationObserver,
33 public SafeBrowsingUIManager::Observer {
34 public:
35 // The caller keeps ownership of the tab object and is responsible for
36 // ensuring that it stays valid until WebContentsDestroyed is called.
37 static ClientSideDetectionHost* Create(content::WebContents* tab);
38 virtual ~ClientSideDetectionHost();
40 // From content::WebContentsObserver.
41 virtual bool OnMessageReceived(const IPC::Message& message) OVERRIDE;
43 // From content::WebContentsObserver. If we navigate away we cancel all
44 // pending callbacks that could show an interstitial, and check to see whether
45 // we should classify the new URL.
46 virtual void DidNavigateMainFrame(
47 const content::LoadCommittedDetails& details,
48 const content::FrameNavigateParams& params) OVERRIDE;
50 // Called when the SafeBrowsingService found a hit with one of the
51 // SafeBrowsing lists. This method is called on the UI thread.
52 virtual void OnSafeBrowsingHit(
53 const SafeBrowsingUIManager::UnsafeResource& resource) OVERRIDE;
55 // Called when the SafeBrowsingService finds a match on the SB lists.
56 // Called on the UI thread. Called even if the resource is whitelisted.
57 virtual void OnSafeBrowsingMatch(
58 const SafeBrowsingUIManager::UnsafeResource& resource) OVERRIDE;
60 virtual scoped_refptr<SafeBrowsingDatabaseManager> database_manager();
62 // Returns whether the current page contains a malware or phishing safe
63 // browsing match.
64 bool DidPageReceiveSafeBrowsingMatch() const;
66 protected:
67 explicit ClientSideDetectionHost(content::WebContents* tab);
69 // From content::WebContentsObserver.
70 virtual void WebContentsDestroyed(content::WebContents* tab) OVERRIDE;
72 // Used for testing.
73 void set_safe_browsing_managers(
74 SafeBrowsingUIManager* ui_manager,
75 SafeBrowsingDatabaseManager* database_manager);
77 private:
78 friend class ClientSideDetectionHostTest;
79 class ShouldClassifyUrlRequest;
80 friend class ShouldClassifyUrlRequest;
82 // Verdict is an encoded ClientPhishingRequest protocol message.
83 void OnPhishingDetectionDone(const std::string& verdict);
85 // Callback that is called when the server ping back is
86 // done. Display an interstitial if |is_phishing| is true.
87 // Otherwise, we do nothing. Called in UI thread.
88 void MaybeShowPhishingWarning(GURL phishing_url, bool is_phishing);
90 // Callback that is called when the malware IP server ping back is
91 // done. Display an interstitial if |is_malware| is true.
92 // Otherwise, we do nothing. Called in UI thread.
93 void MaybeShowMalwareWarning(GURL original_url, GURL malware_url,
94 bool is_malware);
96 // Callback that is called when the browser feature extractor is done.
97 // This method is responsible for deleting the request object. Called on
98 // the UI thread.
99 void FeatureExtractionDone(bool success, ClientPhishingRequest* request);
101 // Function to be called when the browser malware feature extractor is done.
102 // Called on the UI thread.
103 void MalwareFeatureExtractionDone(bool success,
104 scoped_ptr<ClientMalwareRequest> request);
106 // Update the entries in browse_info_->ips map.
107 void UpdateIPUrlMap(const std::string& ip,
108 const std::string& url,
109 const std::string& method,
110 const std::string& referrer,
111 const ResourceType::Type resource_type);
113 // From NotificationObserver. Called when a notification comes in. This
114 // method is called in the UI thread.
115 virtual void Observe(int type,
116 const content::NotificationSource& source,
117 const content::NotificationDetails& details) OVERRIDE;
119 // Returns true if the user has seen a regular SafeBrowsing
120 // interstitial for the current page. This is only true if the user has
121 // actually clicked through the warning. This method is called on the UI
122 // thread.
123 bool DidShowSBInterstitial() const;
125 // Used for testing. This function does not take ownership of the service
126 // class.
127 void set_client_side_detection_service(ClientSideDetectionService* service);
129 // Get/Set malware_killswitch_on_ value. These methods called on UI thread.
130 bool MalwareKillSwitchIsOn();
131 void SetMalwareKillSwitch(bool killswitch_on);
133 // This pointer may be NULL if client-side phishing detection is disabled.
134 ClientSideDetectionService* csd_service_;
135 // These pointers may be NULL if SafeBrowsing is disabled.
136 scoped_refptr<SafeBrowsingDatabaseManager> database_manager_;
137 scoped_refptr<SafeBrowsingUIManager> ui_manager_;
138 // Keep a handle to the latest classification request so that we can cancel
139 // it if necessary.
140 scoped_refptr<ShouldClassifyUrlRequest> classification_request_;
141 // Browser-side feature extractor.
142 scoped_ptr<BrowserFeatureExtractor> feature_extractor_;
143 // Keeps some info about the current page visit while the renderer
144 // classification is going on. Since we cancel classification on
145 // every page load we can simply keep this data around as a member
146 // variable. This information will be passed on to the feature extractor.
147 scoped_ptr<BrowseInfo> browse_info_;
148 // Redirect chain that leads to the first page of the current host. We keep
149 // track of this for browse_info_.
150 std::vector<GURL> cur_host_redirects_;
151 // Current host, used to help determine cur_host_redirects_.
152 std::string cur_host_;
153 // Handles registering notifications with the NotificationService.
154 content::NotificationRegistrar registrar_;
156 // Max number of ips we save for each browse
157 static const int kMaxIPsPerBrowse;
158 // Max number of urls we report for each malware IP.
159 static const int kMaxUrlsPerIP;
161 base::WeakPtrFactory<ClientSideDetectionHost> weak_factory_;
163 // Unique page ID of the most recent unsafe site that was loaded in this tab
164 // as well as the UnsafeResource.
165 int unsafe_unique_page_id_;
166 scoped_ptr<SafeBrowsingUIManager::UnsafeResource> unsafe_resource_;
168 // Whether the malware IP matching feature killswitch is on.
169 // This should be accessed from UI thread.
170 bool malware_killswitch_on_;
172 // Whether the malware bad ip matching and report feature is enabled.
173 // This should be accessed from UI thread.
174 bool malware_report_enabled_;
176 DISALLOW_COPY_AND_ASSIGN(ClientSideDetectionHost);
179 } // namespace safe_browsing
181 #endif // CHROME_BROWSER_SAFE_BROWSING_CLIENT_SIDE_DETECTION_HOST_H_