search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
QUIC - cleanup changes to sync chromium tree with internal source.
[chromium-blink-merge.git] / chrome / browser / safe_browsing / client_side_detection_host.h
blobd5673a236e05abcede9a2c2dcb091116b453f293
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #ifndef CHROME_BROWSER_SAFE_BROWSING_CLIENT_SIDE_DETECTION_HOST_H_
6 #define CHROME_BROWSER_SAFE_BROWSING_CLIENT_SIDE_DETECTION_HOST_H_
7
8 #include <string>
9 #include <vector>
10
11 #include "base/basictypes.h"
12 #include "base/memory/ref_counted.h"
13 #include "base/memory/scoped_ptr.h"
14 #include "chrome/browser/safe_browsing/browser_feature_extractor.h"
15 #include "chrome/browser/safe_browsing/database_manager.h"
16 #include "chrome/browser/safe_browsing/ui_manager.h"
17 #include "content/public/browser/resource_request_details.h"
18 #include "content/public/browser/web_contents_observer.h"
19 #include "url/gurl.h"
20
21 namespace safe_browsing {
22 class ClientPhishingRequest;
23 class ClientSideDetectionService;
24
25 // This class is used to receive the IPC from the renderer which
26 // notifies the browser that a URL was classified as phishing. This
27 // class relays this information to the client-side detection service
28 // class which sends a ping to a server to validate the verdict.
29 // TODO(noelutz): move all client-side detection IPCs to this class.
30 class ClientSideDetectionHost : public content::WebContentsObserver,
31 public SafeBrowsingUIManager::Observer {
32 public:
33 // The caller keeps ownership of the tab object and is responsible for
34 // ensuring that it stays valid until WebContentsDestroyed is called.
35 static ClientSideDetectionHost* Create(content::WebContents* tab);
36 ~ClientSideDetectionHost() override;
37
38 // From content::WebContentsObserver.
39 bool OnMessageReceived(const IPC::Message& message) override;
40 void DidGetResourceResponseStart(
41 const content::ResourceRequestDetails& details) override;
42
43 // From content::WebContentsObserver. If we navigate away we cancel all
44 // pending callbacks that could show an interstitial, and check to see whether
45 // we should classify the new URL.
46 void DidNavigateMainFrame(
47 const content::LoadCommittedDetails& details,
48 const content::FrameNavigateParams& params) override;
49
50 // Called when the SafeBrowsingService found a hit with one of the
51 // SafeBrowsing lists. This method is called on the UI thread.
52 void OnSafeBrowsingHit(
53 const SafeBrowsingUIManager::UnsafeResource& resource) override;
54
55 // Called when the SafeBrowsingService finds a match on the SB lists.
56 // Called on the UI thread. Called even if the resource is whitelisted.
57 void OnSafeBrowsingMatch(
58 const SafeBrowsingUIManager::UnsafeResource& resource) override;
59
60 virtual scoped_refptr<SafeBrowsingDatabaseManager> database_manager();
61
62 // Returns whether the current page contains a malware or phishing safe
63 // browsing match.
64 bool DidPageReceiveSafeBrowsingMatch() const;
65
66 protected:
67 explicit ClientSideDetectionHost(content::WebContents* tab);
68
69 // From content::WebContentsObserver.
70 void WebContentsDestroyed() override;
71
72 // Used for testing.
73 void set_safe_browsing_managers(
74 SafeBrowsingUIManager* ui_manager,
75 SafeBrowsingDatabaseManager* database_manager);
76
77 private:
78 friend class ClientSideDetectionHostTest;
79 class ShouldClassifyUrlRequest;
80 friend class ShouldClassifyUrlRequest;
81
82 // These methods are called when pre-classification checks are done for
83 // the phishing and malware clasifiers.
84 void OnPhishingPreClassificationDone(bool should_classify);
85 void OnMalwarePreClassificationDone(bool should_classify);
86
87 // Verdict is an encoded ClientPhishingRequest protocol message.
88 void OnPhishingDetectionDone(const std::string& verdict);
89
90 // Callback that is called when the server ping back is
91 // done. Display an interstitial if |is_phishing| is true.
92 // Otherwise, we do nothing. Called in UI thread.
93 void MaybeShowPhishingWarning(GURL phishing_url, bool is_phishing);
94
95 // Callback that is called when the malware IP server ping back is
96 // done. Display an interstitial if |is_malware| is true.
97 // Otherwise, we do nothing. Called in UI thread.
98 void MaybeShowMalwareWarning(GURL original_url, GURL malware_url,
99 bool is_malware);
100
101 // Callback that is called when the browser feature extractor is done.
102 // This method is responsible for deleting the request object. Called on
103 // the UI thread.
104 void FeatureExtractionDone(bool success,
105 scoped_ptr<ClientPhishingRequest> request);
106
107 // Start malware classification once the onload handler was called and
108 // malware pre-classification checks are done and passed.
109 void MaybeStartMalwareFeatureExtraction();
110
111 // Function to be called when the browser malware feature extractor is done.
112 // Called on the UI thread.
113 void MalwareFeatureExtractionDone(
114 bool success, scoped_ptr<ClientMalwareRequest> request);
115
116 // Update the entries in browse_info_->ips map.
117 void UpdateIPUrlMap(const std::string& ip,
118 const std::string& url,
119 const std::string& method,
120 const std::string& referrer,
121 const content::ResourceType resource_type);
122
123 // Inherited from WebContentsObserver. This is called once the page is
124 // done loading.
125 void DidStopLoading() override;
126
127 // Returns true if the user has seen a regular SafeBrowsing
128 // interstitial for the current page. This is only true if the user has
129 // actually clicked through the warning. This method is called on the UI
130 // thread.
131 bool DidShowSBInterstitial() const;
132
133 // Used for testing. This function does not take ownership of the service
134 // class.
135 void set_client_side_detection_service(ClientSideDetectionService* service);
136
137 // This pointer may be NULL if client-side phishing detection is disabled.
138 ClientSideDetectionService* csd_service_;
139 // These pointers may be NULL if SafeBrowsing is disabled.
140 scoped_refptr<SafeBrowsingDatabaseManager> database_manager_;
141 scoped_refptr<SafeBrowsingUIManager> ui_manager_;
142 // Keep a handle to the latest classification request so that we can cancel
143 // it if necessary.
144 scoped_refptr<ShouldClassifyUrlRequest> classification_request_;
145 // Browser-side feature extractor.
146 scoped_ptr<BrowserFeatureExtractor> feature_extractor_;
147 // Keeps some info about the current page visit while the renderer
148 // classification is going on. Since we cancel classification on
149 // every page load we can simply keep this data around as a member
150 // variable. This information will be passed on to the feature extractor.
151 scoped_ptr<BrowseInfo> browse_info_;
152 // Redirect chain that leads to the first page of the current host. We keep
153 // track of this for browse_info_.
154 std::vector<GURL> cur_host_redirects_;
155 // Current host, used to help determine cur_host_redirects_.
156 std::string cur_host_;
157
158 // Max number of ips we save for each browse
159 static const size_t kMaxIPsPerBrowse;
160 // Max number of urls we report for each malware IP.
161 static const size_t kMaxUrlsPerIP;
162
163 bool should_extract_malware_features_;
164 bool should_classify_for_malware_;
165 bool pageload_complete_;
166
167 // Unique page ID of the most recent unsafe site that was loaded in this tab
168 // as well as the UnsafeResource.
169 int unsafe_unique_page_id_;
170 scoped_ptr<SafeBrowsingUIManager::UnsafeResource> unsafe_resource_;
171
172 base::WeakPtrFactory<ClientSideDetectionHost> weak_factory_;
173
174 DISALLOW_COPY_AND_ASSIGN(ClientSideDetectionHost);
175 };
176
177 } // namespace safe_browsing
178
179 #endif // CHROME_BROWSER_SAFE_BROWSING_CLIENT_SIDE_DETECTION_HOST_H_