1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 // The Safe Browsing service is responsible for downloading anti-phishing and
6 // anti-malware tables and checking urls against them.
8 #ifndef CHROME_BROWSER_SAFE_BROWSING_UI_MANAGER_H_
9 #define CHROME_BROWSER_SAFE_BROWSING_UI_MANAGER_H_
14 #include "base/callback.h"
15 #include "base/memory/ref_counted.h"
16 #include "base/memory/scoped_ptr.h"
17 #include "base/observer_list.h"
18 #include "base/time/time.h"
19 #include "chrome/browser/safe_browsing/safe_browsing_util.h"
20 #include "content/public/browser/notification_observer.h"
23 class SafeBrowsingService
;
33 // Construction needs to happen on the main thread.
34 class SafeBrowsingUIManager
35 : public base::RefCountedThreadSafe
<SafeBrowsingUIManager
> {
37 // Passed a boolean indicating whether or not it is OK to proceed with
39 typedef base::Callback
<void(bool /*proceed*/)> UrlCheckCallback
;
41 // Structure used to pass parameters between the IO and UI thread when
42 // interacting with the blocking page.
43 struct UnsafeResource
{
49 std::vector
<GURL
> redirect_urls
;
52 SBThreatType threat_type
;
53 std::string threat_metadata
;
54 UrlCheckCallback callback
; // This is called back on the IO thread.
55 int render_process_host_id
;
59 // Observer class can be used to get notified when a SafeBrowsing hit
63 // The |resource| was classified as unsafe by SafeBrowsing.
64 // This method will be called every time an unsafe resource is
65 // loaded, even if it has already been whitelisted by the user.
66 // The |resource| must not be accessed after OnSafeBrowsingHit returns.
67 // This method will be called on the UI thread.
68 virtual void OnSafeBrowsingMatch(const UnsafeResource
& resource
) = 0;
70 // The |resource| was classified as unsafe by SafeBrowsing, and is
72 // The |resource| must not be accessed after OnSafeBrowsingHit returns.
73 // This method will be called on the UI thread.
74 virtual void OnSafeBrowsingHit(const UnsafeResource
& resource
) = 0;
78 virtual ~Observer() {}
81 DISALLOW_COPY_AND_ASSIGN(Observer
);
84 explicit SafeBrowsingUIManager(
85 const scoped_refptr
<SafeBrowsingService
>& service
);
87 // Called to stop or shutdown operations on the io_thread. This may be called
88 // multiple times during the life of the UIManager. Should be called
89 // on IO thread. If shutdown is true, the manager is disabled permanently.
90 void StopOnIOThread(bool shutdown
);
92 // Called on UI thread to decide if safe browsing related stats
94 virtual bool CanReportStats() const;
96 // Called on the UI thread to display an interstitial page.
97 // |url| is the url of the resource that matches a safe browsing list.
98 // If the request contained a chain of redirects, |url| is the last url
99 // in the chain, and |original_url| is the first one (the root of the
100 // chain). Otherwise, |original_url| = |url|.
101 virtual void DisplayBlockingPage(const UnsafeResource
& resource
);
103 // Returns true if we already displayed an interstitial for that resource,
104 // or if we should hide a UwS interstitial. Called on the UI thread.
105 bool IsWhitelisted(const UnsafeResource
& resource
);
107 // The blocking page on the UI thread has completed.
108 void OnBlockingPageDone(const std::vector
<UnsafeResource
>& resources
,
111 // Log the user perceived delay caused by SafeBrowsing. This delay is the time
112 // delta starting from when we would have started reading data from the
113 // network, and ending when the SafeBrowsing check completes indicating that
114 // the current page is 'safe'.
115 void LogPauseDelay(base::TimeDelta time
);
117 // Called on the IO thread by the MalwareDetails with the serialized
118 // protocol buffer, so the service can send it over.
119 virtual void SendSerializedMalwareDetails(const std::string
& serialized
);
121 // Report hits to the unsafe contents (malware, phishing, unsafe download URL)
122 // to the server. Can only be called on UI thread. If |post_data| is
123 // non-empty, the request will be sent as a POST instead of a GET.
124 virtual void ReportSafeBrowsingHit(const GURL
& malicious_url
,
125 const GURL
& page_url
,
126 const GURL
& referrer_url
,
128 SBThreatType threat_type
,
129 const std::string
& post_data
);
131 // Report an invalid TLS/SSL certificate chain to the server. Can only
132 // be called on UI thread.
133 void ReportInvalidCertificateChain(const std::string
& hostname
,
134 const net::SSLInfo
& ssl_info
,
135 const base::Closure
& callback
);
137 // Add and remove observers. These methods must be invoked on the UI thread.
138 void AddObserver(Observer
* observer
);
139 void RemoveObserver(Observer
* remove
);
142 virtual ~SafeBrowsingUIManager();
145 friend class base::RefCountedThreadSafe
<SafeBrowsingUIManager
>;
147 // Used for whitelisting a render view when the user ignores our warning.
148 struct WhiteListedEntry
;
150 // Call protocol manager on IO thread to report hits of unsafe contents.
151 void ReportSafeBrowsingHitOnIOThread(const GURL
& malicious_url
,
152 const GURL
& page_url
,
153 const GURL
& referrer_url
,
155 SBThreatType threat_type
,
156 const std::string
& post_data
);
158 // Sends an invalid certificate chain report over the network.
159 void ReportInvalidCertificateChainOnIOThread(const std::string
& hostname
,
160 const net::SSLInfo
& ssl_info
);
162 // Adds the given entry to the whitelist. Called on the UI thread.
163 void UpdateWhitelist(const UnsafeResource
& resource
);
165 // Safebrowsing service.
166 scoped_refptr
<SafeBrowsingService
> sb_service_
;
168 // Only access this whitelist from the UI thread.
169 std::vector
<WhiteListedEntry
> white_listed_entries_
;
171 ObserverList
<Observer
> observer_list_
;
173 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingUIManager
);
176 #endif // CHROME_BROWSER_SAFE_BROWSING_UI_MANAGER_H_