1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CHROME_BROWSER_RENDERER_HOST_SAFE_BROWSING_RESOURCE_THROTTLE_H_ 6 #define CHROME_BROWSER_RENDERER_HOST_SAFE_BROWSING_RESOURCE_THROTTLE_H_ 7 8 #include <string> 9 #include <vector> 10 11 #include "base/memory/ref_counted.h" 12 #include "base/time/time.h" 13 #include "base/timer/timer.h" 14 #include "chrome/browser/safe_browsing/database_manager.h" 15 #include "chrome/browser/safe_browsing/ui_manager.h" 16 #include "content/public/browser/resource_throttle.h" 17 18 class ResourceDispatcherHost; 19 20 namespace net { 21 class URLRequest; 22 } 23 24 // SafeBrowsingResourceThrottle checks that URLs are "safe" before navigating 25 // to them. To be considered "safe", a URL must not appear in the 26 // malware/phishing blacklists (see SafeBrowsingService for details). 27 // 28 // This check is done before requesting the original URL, and additionally 29 // before following any subsequent redirect. 30 // 31 // In the common case, the check completes synchronously (no match in the bloom 32 // filter), so the request's flow is un-interrupted. 33 // 34 // However if the URL fails this quick check, it has the possibility of being 35 // on the blacklist. Now the request is suspended (prevented from starting), 36 // and a more expensive safe browsing check is begun (fetches the full hashes). 37 // 38 // Note that the safe browsing check takes at most kCheckUrlTimeoutMs 39 // milliseconds. If it takes longer than this, then the system defaults to 40 // treating the URL as safe. 41 // 42 // Once the safe browsing check has completed, if the URL was decided to be 43 // dangerous, a warning page is thrown up and the request remains suspended. 44 // If on the other hand the URL was decided to be safe, the request is 45 // resumed. 46 class SafeBrowsingResourceThrottle 47 : public content::ResourceThrottle, 48 public SafeBrowsingDatabaseManager::Client, 49 public base::SupportsWeakPtr<SafeBrowsingResourceThrottle> { 50 public: 51 SafeBrowsingResourceThrottle(const net::URLRequest* request, 52 int render_process_host_id, 53 int render_view_id, 54 bool is_subresource, 55 SafeBrowsingService* safe_browsing); 56 57 // content::ResourceThrottle implementation (called on IO thread): 58 virtual void WillStartRequest(bool* defer) OVERRIDE; 59 virtual void WillRedirectRequest(const GURL& new_url, bool* defer) OVERRIDE; 60 61 // SafeBrowsingDabaseManager::Client implementation (called on IO thread): 62 virtual void OnCheckBrowseUrlResult( 63 const GURL& url, SBThreatType result) OVERRIDE; 64 65 private: 66 // Describes what phase of the check a throttle is in. 67 enum State { 68 STATE_NONE, 69 STATE_CHECKING_URL, 70 STATE_DISPLAYING_BLOCKING_PAGE, 71 }; 72 73 // Describes what stage of the request got paused by the check. 74 enum DeferState { 75 DEFERRED_NONE, 76 DEFERRED_START, 77 DEFERRED_REDIRECT, 78 }; 79 80 virtual ~SafeBrowsingResourceThrottle(); 81 82 // SafeBrowsingService::UrlCheckCallback implementation. 83 void OnBlockingPageComplete(bool proceed); 84 85 // Starts running |url| through the safe browsing check. Returns true if the 86 // URL is safe to visit. Otherwise returns false and will call 87 // OnBrowseUrlResult() when the check has completed. 88 bool CheckUrl(const GURL& url); 89 90 // Callback for when the safe browsing check (which was initiated by 91 // StartCheckingUrl()) has taken longer than kCheckUrlTimeoutMs. 92 void OnCheckUrlTimeout(); 93 94 // Starts displaying the safe browsing interstitial page. 95 void StartDisplayingBlockingPage(const GURL& url, SBThreatType threat_type); 96 97 // Resumes the request, by continuing the deferred action (either starting the 98 // request, or following a redirect). 99 void ResumeRequest(); 100 101 State state_; 102 DeferState defer_state_; 103 104 // The result of the most recent safe browsing check. Only valid to read this 105 // when state_ != STATE_CHECKING_URL. 106 SBThreatType threat_type_; 107 108 // The time when the outstanding safe browsing check was started. 109 base::TimeTicks url_check_start_time_; 110 111 // Timer to abort the safe browsing check if it takes too long. 112 base::OneShotTimer<SafeBrowsingResourceThrottle> timer_; 113 114 // The redirect chain for this resource 115 std::vector<GURL> redirect_urls_; 116 117 GURL url_being_checked_; 118 119 int render_process_host_id_; 120 int render_view_id_; 121 scoped_refptr<SafeBrowsingDatabaseManager> database_manager_; 122 scoped_refptr<SafeBrowsingUIManager> ui_manager_; 123 const net::URLRequest* request_; 124 bool is_subresource_; 125 126 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingResourceThrottle); 127 }; 128 129 130 #endif // CHROME_BROWSER_RENDERER_HOST_SAFE_BROWSING_RESOURCE_THROTTLE_H_ 131