1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CHROME_BROWSER_RENDERER_HOST_SAFE_BROWSING_RESOURCE_HANDLER_H_ 6 #define CHROME_BROWSER_RENDERER_HOST_SAFE_BROWSING_RESOURCE_HANDLER_H_ 7 #pragma once 8 9 #include <string> 10 #include <vector> 11 12 #include "base/memory/ref_counted.h" 13 #include "base/time.h" 14 #include "base/timer.h" 15 #include "chrome/browser/safe_browsing/safe_browsing_service.h" 16 #include "content/browser/renderer_host/resource_handler.h" 17 18 class ResourceDispatcherHost; 19 20 // SafeBrowsingResourceHandler checks that URLs are "safe" before navigating 21 // to them. To be considered "safe", a URL must not appear in the 22 // malware/phishing blacklists (see SafeBrowsingService for details). 23 // 24 // This check is done before requesting the original URL, and additionally 25 // before following any subsequent redirect. 26 // 27 // In the common case, the check completes synchronously (no match in the bloom 28 // filter), so the request's flow is un-interrupted. 29 // 30 // However if the URL fails this quick check, it has the possibility of being 31 // on the blacklist. Now the request is suspended (prevented from starting), 32 // and a more expensive safe browsing check is begun (fetches the full hashes). 33 // 34 // Note that the safe browsing check takes at most kCheckUrlTimeoutMs 35 // milliseconds. If it takes longer than this, then the system defaults to 36 // treating the URL as safe. 37 // 38 // Once the safe browsing check has completed, if the URL was decided to be 39 // dangerous, a warning page is thrown up and the request remains suspended. 40 // If on the other hand the URL was decided to be safe, the request is 41 // resumed. 42 class SafeBrowsingResourceHandler : public ResourceHandler, 43 public SafeBrowsingService::Client { 44 public: 45 SafeBrowsingResourceHandler(ResourceHandler* handler, 46 int render_process_host_id, 47 int render_view_id, 48 ResourceType::Type resource_type, 49 SafeBrowsingService* safe_browsing, 50 ResourceDispatcherHost* resource_dispatcher_host); 51 52 // ResourceHandler implementation: 53 virtual bool OnUploadProgress(int request_id, uint64 position, uint64 size); 54 virtual bool OnRequestRedirected(int request_id, const GURL& new_url, 55 ResourceResponse* response, bool* defer); 56 virtual bool OnResponseStarted(int request_id, ResourceResponse* response); 57 virtual bool OnWillStart(int request_id, const GURL& url, bool* defer); 58 virtual bool OnWillRead(int request_id, net::IOBuffer** buf, int* buf_size, 59 int min_size); 60 virtual bool OnReadCompleted(int request_id, int* bytes_read); 61 virtual bool OnResponseCompleted(int request_id, 62 const net::URLRequestStatus& status, 63 const std::string& security_info); 64 virtual void OnRequestClosed(); 65 66 // SafeBrowsingService::Client implementation, called on the IO thread once 67 // the URL has been classified. 68 virtual void OnBrowseUrlCheckResult( 69 const GURL& url, SafeBrowsingService::UrlCheckResult result); 70 71 // SafeBrowsingService::Client implementation, called on the IO thread when 72 // the user has decided to proceed with the current request, or go back. 73 virtual void OnBlockingPageComplete(bool proceed); 74 75 private: 76 // Describes what phase of the check a handler is in. 77 enum State { 78 STATE_NONE, 79 STATE_CHECKING_URL, 80 STATE_DISPLAYING_BLOCKING_PAGE, 81 }; 82 83 // Describes what stage of the request got paused by the check. 84 enum DeferState { 85 DEFERRED_NONE, 86 DEFERRED_START, 87 DEFERRED_REDIRECT, 88 }; 89 90 ~SafeBrowsingResourceHandler(); 91 92 // Cancels any in progress safe browsing actions. 93 void Shutdown(); 94 95 // Starts running |url| through the safe browsing check. Returns true if the 96 // URL is safe to visit. Otherwise returns false and will call 97 // OnUrlCheckResult() when the check has completed. 98 bool CheckUrl(const GURL& url); 99 100 // Callback for when the safe browsing check (which was initiated by 101 // StartCheckingUrl()) has taken longer than kCheckUrlTimeoutMs. 102 void OnCheckUrlTimeout(); 103 104 // Starts displaying the safe browsing interstitial page. 105 void StartDisplayingBlockingPage(const GURL& url, 106 SafeBrowsingService::UrlCheckResult result); 107 108 // Resumes the request, by continuing the deferred action (either starting the 109 // request, or following a redirect). 110 void ResumeRequest(); 111 112 // Resumes the deferred "start". 113 void ResumeStart(); 114 115 // Resumes the deferred redirect. 116 void ResumeRedirect(); 117 118 // Erases the state associated with a deferred "start" or redirect 119 // (i.e. the deferred URL and request ID). 120 void ClearDeferredRequestInfo(); 121 122 State state_; 123 DeferState defer_state_; 124 125 // The result of the most recent safe browsing check. Only valid to read this 126 // when state_ != STATE_CHECKING_URL. 127 SafeBrowsingService::UrlCheckResult safe_browsing_result_; 128 129 // The time when the outstanding safe browsing check was started. 130 base::TimeTicks url_check_start_time_; 131 132 // Timer to abort the safe browsing check if it takes too long. 133 base::OneShotTimer<SafeBrowsingResourceHandler> timer_; 134 135 // The redirect chain for this resource 136 std::vector<GURL> redirect_urls_; 137 138 // Details on the deferred request (either a start or redirect). It is only 139 // valid to access these members when defer_state_ != DEFERRED_NONE. 140 GURL deferred_url_; 141 int deferred_request_id_; 142 scoped_refptr<ResourceResponse> deferred_redirect_response_; 143 144 scoped_refptr<ResourceHandler> next_handler_; 145 int render_process_host_id_; 146 int render_view_id_; 147 scoped_refptr<SafeBrowsingService> safe_browsing_; 148 ResourceDispatcherHost* rdh_; 149 ResourceType::Type resource_type_; 150 151 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingResourceHandler); 152 }; 153 154 155 #endif // CHROME_BROWSER_RENDERER_HOST_SAFE_BROWSING_RESOURCE_HANDLER_H_ 156
