Popular sites on the NTP: check that experiment group StartsWith (rather than IS...
[chromium-blink-merge.git] / chrome / browser / safe_browsing / ping_manager.cc
blobc7f031f5c16ffd4c7678ac7467e6f79dc7d66267
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/safe_browsing/ping_manager.h"
7 #include "base/logging.h"
8 #include "base/stl_util.h"
9 #include "base/strings/string_util.h"
10 #include "base/strings/stringprintf.h"
11 #include "chrome/common/env_vars.h"
12 #include "components/certificate_reporting/error_reporter.h"
13 #include "content/public/browser/browser_thread.h"
14 #include "google_apis/google_api_keys.h"
15 #include "net/base/escape.h"
16 #include "net/base/load_flags.h"
17 #include "net/ssl/ssl_info.h"
18 #include "net/url_request/certificate_report_sender.h"
19 #include "net/url_request/url_fetcher.h"
20 #include "net/url_request/url_request_context_getter.h"
21 #include "net/url_request/url_request_status.h"
22 #include "url/gurl.h"
24 using content::BrowserThread;
26 namespace {
27 // URLs to upload invalid certificate chain reports. The HTTP URL is
28 // preferred since a client seeing an invalid cert might not be able to
29 // make an HTTPS connection to report it.
30 const char kExtendedReportingUploadUrlInsecure[] =
31 "http://safebrowsing.googleusercontent.com/safebrowsing/clientreport/"
32 "chrome-certs";
33 const char kExtendedReportingUploadUrlSecure[] =
34 "https://sb-ssl.google.com/safebrowsing/clientreport/chrome-certs";
35 } // namespace
37 // SafeBrowsingPingManager implementation ----------------------------------
39 // static
40 SafeBrowsingPingManager* SafeBrowsingPingManager::Create(
41 net::URLRequestContextGetter* request_context_getter,
42 const SafeBrowsingProtocolConfig& config) {
43 DCHECK_CURRENTLY_ON(BrowserThread::IO);
44 return new SafeBrowsingPingManager(request_context_getter, config);
47 SafeBrowsingPingManager::SafeBrowsingPingManager(
48 net::URLRequestContextGetter* request_context_getter,
49 const SafeBrowsingProtocolConfig& config)
50 : client_name_(config.client_name),
51 request_context_getter_(request_context_getter),
52 url_prefix_(config.url_prefix) {
53 DCHECK(!url_prefix_.empty());
55 if (request_context_getter) {
56 // Set the upload URL and whether or not to send cookies with
57 // certificate reports sent to Safe Browsing servers.
58 bool use_insecure_certificate_upload_url =
59 certificate_reporting::ErrorReporter::IsHttpUploadUrlSupported();
61 net::CertificateReportSender::CookiesPreference cookies_preference;
62 GURL certificate_upload_url;
63 if (use_insecure_certificate_upload_url) {
64 cookies_preference = net::CertificateReportSender::DO_NOT_SEND_COOKIES;
65 certificate_upload_url = GURL(kExtendedReportingUploadUrlInsecure);
66 } else {
67 cookies_preference = net::CertificateReportSender::SEND_COOKIES;
68 certificate_upload_url = GURL(kExtendedReportingUploadUrlSecure);
71 certificate_error_reporter_.reset(new certificate_reporting::ErrorReporter(
72 request_context_getter->GetURLRequestContext(), certificate_upload_url,
73 cookies_preference));
76 version_ = SafeBrowsingProtocolManagerHelper::Version();
79 SafeBrowsingPingManager::~SafeBrowsingPingManager() {
80 // Delete in-progress safebrowsing reports (hits and details).
81 STLDeleteContainerPointers(safebrowsing_reports_.begin(),
82 safebrowsing_reports_.end());
85 // net::URLFetcherDelegate implementation ----------------------------------
87 // All SafeBrowsing request responses are handled here.
88 void SafeBrowsingPingManager::OnURLFetchComplete(
89 const net::URLFetcher* source) {
90 Reports::iterator sit = safebrowsing_reports_.find(source);
91 DCHECK(sit != safebrowsing_reports_.end());
92 delete *sit;
93 safebrowsing_reports_.erase(sit);
96 // Sends a SafeBrowsing "hit" for UMA users.
97 void SafeBrowsingPingManager::ReportSafeBrowsingHit(
98 const GURL& malicious_url,
99 const GURL& page_url,
100 const GURL& referrer_url,
101 bool is_subresource,
102 SBThreatType threat_type,
103 const std::string& post_data,
104 bool is_extended_reporting) {
105 GURL report_url =
106 SafeBrowsingHitUrl(malicious_url, page_url, referrer_url, is_subresource,
107 threat_type, is_extended_reporting);
108 net::URLFetcher* report =
109 net::URLFetcher::Create(
110 report_url,
111 post_data.empty() ? net::URLFetcher::GET : net::URLFetcher::POST,
112 this).release();
113 report->SetLoadFlags(net::LOAD_DISABLE_CACHE);
114 report->SetRequestContext(request_context_getter_.get());
115 if (!post_data.empty())
116 report->SetUploadData("text/plain", post_data);
117 safebrowsing_reports_.insert(report);
118 report->Start();
121 // Sends malware details for users who opt-in.
122 void SafeBrowsingPingManager::ReportMalwareDetails(
123 const std::string& report) {
124 GURL report_url = MalwareDetailsUrl();
125 net::URLFetcher* fetcher =
126 net::URLFetcher::Create(report_url, net::URLFetcher::POST, this)
127 .release();
128 fetcher->SetLoadFlags(net::LOAD_DISABLE_CACHE);
129 fetcher->SetRequestContext(request_context_getter_.get());
130 fetcher->SetUploadData("application/octet-stream", report);
131 // Don't try too hard to send reports on failures.
132 fetcher->SetAutomaticallyRetryOn5xx(false);
133 fetcher->Start();
134 safebrowsing_reports_.insert(fetcher);
137 void SafeBrowsingPingManager::ReportInvalidCertificateChain(
138 const std::string& serialized_report) {
139 DCHECK(certificate_error_reporter_);
140 certificate_error_reporter_->SendExtendedReportingReport(serialized_report);
143 void SafeBrowsingPingManager::SetCertificateErrorReporterForTesting(
144 scoped_ptr<certificate_reporting::ErrorReporter>
145 certificate_error_reporter) {
146 certificate_error_reporter_ = certificate_error_reporter.Pass();
149 GURL SafeBrowsingPingManager::SafeBrowsingHitUrl(
150 const GURL& malicious_url,
151 const GURL& page_url,
152 const GURL& referrer_url,
153 bool is_subresource,
154 SBThreatType threat_type,
155 bool is_extended_reporting) const {
156 DCHECK(threat_type == SB_THREAT_TYPE_URL_MALWARE ||
157 threat_type == SB_THREAT_TYPE_URL_PHISHING ||
158 threat_type == SB_THREAT_TYPE_URL_UNWANTED ||
159 threat_type == SB_THREAT_TYPE_BINARY_MALWARE_URL ||
160 threat_type == SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL ||
161 threat_type == SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL);
162 std::string url = SafeBrowsingProtocolManagerHelper::ComposeUrl(
163 url_prefix_, "report", client_name_, version_, std::string(),
164 is_extended_reporting);
165 std::string threat_list = "none";
166 switch (threat_type) {
167 case SB_THREAT_TYPE_URL_MALWARE:
168 threat_list = "malblhit";
169 break;
170 case SB_THREAT_TYPE_URL_PHISHING:
171 threat_list = "phishblhit";
172 break;
173 case SB_THREAT_TYPE_URL_UNWANTED:
174 threat_list = "uwsblhit";
175 break;
176 case SB_THREAT_TYPE_BINARY_MALWARE_URL:
177 threat_list = "binurlhit";
178 break;
179 case SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL:
180 threat_list = "phishcsdhit";
181 break;
182 case SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL:
183 threat_list = "malcsdhit";
184 break;
185 default:
186 NOTREACHED();
188 return GURL(base::StringPrintf("%s&evts=%s&evtd=%s&evtr=%s&evhr=%s&evtb=%d",
189 url.c_str(), threat_list.c_str(),
190 net::EscapeQueryParamValue(malicious_url.spec(), true).c_str(),
191 net::EscapeQueryParamValue(page_url.spec(), true).c_str(),
192 net::EscapeQueryParamValue(referrer_url.spec(), true).c_str(),
193 is_subresource));
196 GURL SafeBrowsingPingManager::MalwareDetailsUrl() const {
197 std::string url = base::StringPrintf(
198 "%s/clientreport/malware?client=%s&appver=%s&pver=1.0",
199 url_prefix_.c_str(),
200 client_name_.c_str(),
201 version_.c_str());
202 std::string api_key = google_apis::GetAPIKey();
203 if (!api_key.empty()) {
204 base::StringAppendF(&url, "&key=%s",
205 net::EscapeQueryParamValue(api_key, true).c_str());
207 return GURL(url);