1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CHROME_BROWSER_SAFE_BROWSING_CLIENT_SIDE_DETECTION_HOST_H_
6 #define CHROME_BROWSER_SAFE_BROWSING_CLIENT_SIDE_DETECTION_HOST_H_
11 #include "base/basictypes.h"
12 #include "base/memory/ref_counted.h"
13 #include "base/memory/scoped_ptr.h"
14 #include "chrome/browser/safe_browsing/browser_feature_extractor.h"
15 #include "chrome/browser/safe_browsing/database_manager.h"
16 #include "chrome/browser/safe_browsing/ui_manager.h"
17 #include "content/public/browser/notification_registrar.h"
18 #include "content/public/browser/resource_request_details.h"
19 #include "content/public/browser/web_contents_observer.h"
22 namespace safe_browsing
{
23 class ClientPhishingRequest
;
24 class ClientSideDetectionService
;
26 // This class is used to receive the IPC from the renderer which
27 // notifies the browser that a URL was classified as phishing. This
28 // class relays this information to the client-side detection service
29 // class which sends a ping to a server to validate the verdict.
30 // TODO(noelutz): move all client-side detection IPCs to this class.
31 class ClientSideDetectionHost
: public content::WebContentsObserver
,
32 public content::NotificationObserver
,
33 public SafeBrowsingUIManager::Observer
{
35 // The caller keeps ownership of the tab object and is responsible for
36 // ensuring that it stays valid until WebContentsDestroyed is called.
37 static ClientSideDetectionHost
* Create(content::WebContents
* tab
);
38 virtual ~ClientSideDetectionHost();
40 // From content::WebContentsObserver.
41 virtual bool OnMessageReceived(const IPC::Message
& message
) OVERRIDE
;
43 // From content::WebContentsObserver. If we navigate away we cancel all
44 // pending callbacks that could show an interstitial, and check to see whether
45 // we should classify the new URL.
46 virtual void DidNavigateMainFrame(
47 const content::LoadCommittedDetails
& details
,
48 const content::FrameNavigateParams
& params
) OVERRIDE
;
50 // Called when the SafeBrowsingService found a hit with one of the
51 // SafeBrowsing lists. This method is called on the UI thread.
52 virtual void OnSafeBrowsingHit(
53 const SafeBrowsingUIManager::UnsafeResource
& resource
) OVERRIDE
;
55 // Called when the SafeBrowsingService finds a match on the SB lists.
56 // Called on the UI thread. Called even if the resource is whitelisted.
57 virtual void OnSafeBrowsingMatch(
58 const SafeBrowsingUIManager::UnsafeResource
& resource
) OVERRIDE
;
60 virtual scoped_refptr
<SafeBrowsingDatabaseManager
> database_manager();
62 // Returns whether the current page contains a malware or phishing safe
64 bool DidPageReceiveSafeBrowsingMatch() const;
67 explicit ClientSideDetectionHost(content::WebContents
* tab
);
69 // From content::WebContentsObserver.
70 virtual void WebContentsDestroyed(content::WebContents
* tab
) OVERRIDE
;
73 void set_safe_browsing_managers(
74 SafeBrowsingUIManager
* ui_manager
,
75 SafeBrowsingDatabaseManager
* database_manager
);
78 friend class ClientSideDetectionHostTest
;
79 class ShouldClassifyUrlRequest
;
80 friend class ShouldClassifyUrlRequest
;
82 // Verdict is an encoded ClientPhishingRequest protocol message.
83 void OnPhishingDetectionDone(const std::string
& verdict
);
85 // Callback that is called when the server ping back is
86 // done. Display an interstitial if |is_phishing| is true.
87 // Otherwise, we do nothing. Called in UI thread.
88 void MaybeShowPhishingWarning(GURL phishing_url
, bool is_phishing
);
90 // Callback that is called when the malware IP server ping back is
91 // done. Display an interstitial if |is_malware| is true.
92 // Otherwise, we do nothing. Called in UI thread.
93 void MaybeShowMalwareWarning(GURL original_url
, GURL malware_url
,
96 // Callback that is called when the browser feature extractor is done.
97 // This method is responsible for deleting the request object. Called on
99 void FeatureExtractionDone(bool success
, ClientPhishingRequest
* request
);
101 // Function to be called when the browser malware feature extractor is done.
102 // Called on the UI thread.
103 void MalwareFeatureExtractionDone(bool success
,
104 scoped_ptr
<ClientMalwareRequest
> request
);
106 // Update the entries in browse_info_->ips map.
107 void UpdateIPUrlMap(const std::string
& ip
,
108 const std::string
& url
,
109 const std::string
& method
,
110 const std::string
& referrer
,
111 const ResourceType::Type resource_type
);
113 // From NotificationObserver. Called when a notification comes in. This
114 // method is called in the UI thread.
115 virtual void Observe(int type
,
116 const content::NotificationSource
& source
,
117 const content::NotificationDetails
& details
) OVERRIDE
;
119 // Returns true if the user has seen a regular SafeBrowsing
120 // interstitial for the current page. This is only true if the user has
121 // actually clicked through the warning. This method is called on the UI
123 bool DidShowSBInterstitial() const;
125 // Used for testing. This function does not take ownership of the service
127 void set_client_side_detection_service(ClientSideDetectionService
* service
);
129 // Get/Set malware_killswitch_on_ value. These methods called on UI thread.
130 bool MalwareKillSwitchIsOn();
131 void SetMalwareKillSwitch(bool killswitch_on
);
133 // This pointer may be NULL if client-side phishing detection is disabled.
134 ClientSideDetectionService
* csd_service_
;
135 // These pointers may be NULL if SafeBrowsing is disabled.
136 scoped_refptr
<SafeBrowsingDatabaseManager
> database_manager_
;
137 scoped_refptr
<SafeBrowsingUIManager
> ui_manager_
;
138 // Keep a handle to the latest classification request so that we can cancel
140 scoped_refptr
<ShouldClassifyUrlRequest
> classification_request_
;
141 // Browser-side feature extractor.
142 scoped_ptr
<BrowserFeatureExtractor
> feature_extractor_
;
143 // Keeps some info about the current page visit while the renderer
144 // classification is going on. Since we cancel classification on
145 // every page load we can simply keep this data around as a member
146 // variable. This information will be passed on to the feature extractor.
147 scoped_ptr
<BrowseInfo
> browse_info_
;
148 // Redirect chain that leads to the first page of the current host. We keep
149 // track of this for browse_info_.
150 std::vector
<GURL
> cur_host_redirects_
;
151 // Current host, used to help determine cur_host_redirects_.
152 std::string cur_host_
;
153 // Handles registering notifications with the NotificationService.
154 content::NotificationRegistrar registrar_
;
156 // Max number of ips we save for each browse
157 static const int kMaxIPsPerBrowse
;
158 // Max number of urls we report for each malware IP.
159 static const int kMaxUrlsPerIP
;
161 base::WeakPtrFactory
<ClientSideDetectionHost
> weak_factory_
;
163 // Unique page ID of the most recent unsafe site that was loaded in this tab
164 // as well as the UnsafeResource.
165 int unsafe_unique_page_id_
;
166 scoped_ptr
<SafeBrowsingUIManager::UnsafeResource
> unsafe_resource_
;
168 // Whether the malware IP matching feature killswitch is on.
169 // This should be accessed from UI thread.
170 bool malware_killswitch_on_
;
172 // Whether the malware bad ip matching and report feature is enabled.
173 // This should be accessed from UI thread.
174 bool malware_report_enabled_
;
176 DISALLOW_COPY_AND_ASSIGN(ClientSideDetectionHost
);
179 } // namespace safe_browsing
181 #endif // CHROME_BROWSER_SAFE_BROWSING_CLIENT_SIDE_DETECTION_HOST_H_