1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "chrome/browser/net/chrome_network_delegate.h" 6 7 #include <stdlib.h> 8 9 #include <vector> 10 11 #include "base/base_paths.h" 12 #include "base/debug/trace_event.h" 13 #include "base/logging.h" 14 #include "base/metrics/histogram.h" 15 #include "base/path_service.h" 16 #include "base/prefs/pref_member.h" 17 #include "base/prefs/pref_service.h" 18 #include "base/strings/string_number_conversions.h" 19 #include "base/strings/string_split.h" 20 #include "base/time/time.h" 21 #include "chrome/browser/browser_process.h" 22 #include "chrome/browser/content_settings/cookie_settings.h" 23 #include "chrome/browser/content_settings/tab_specific_content_settings.h" 24 #include "chrome/browser/custom_handlers/protocol_handler_registry.h" 25 #include "chrome/browser/extensions/api/proxy/proxy_api.h" 26 #include "chrome/browser/extensions/api/web_request/web_request_api.h" 27 #include "chrome/browser/extensions/event_router_forwarder.h" 28 #include "chrome/browser/extensions/extension_system.h" 29 #include "chrome/browser/google/google_util.h" 30 #include "chrome/browser/net/chrome_network_data_saving_metrics.h" 31 #include "chrome/browser/net/client_hints.h" 32 #include "chrome/browser/net/connect_interceptor.h" 33 #include "chrome/browser/net/load_time_stats.h" 34 #include "chrome/browser/performance_monitor/performance_monitor.h" 35 #include "chrome/browser/profiles/profile_manager.h" 36 #include "chrome/browser/task_manager/task_manager.h" 37 #include "chrome/common/pref_names.h" 38 #include "chrome/common/url_constants.h" 39 #include "content/public/browser/browser_thread.h" 40 #include "content/public/browser/render_view_host.h" 41 #include "content/public/browser/resource_request_info.h" 42 #include "extensions/browser/info_map.h" 43 #include "extensions/browser/process_manager.h" 44 #include "extensions/common/constants.h" 45 #include "net/base/host_port_pair.h" 46 #include "net/base/net_errors.h" 47 #include "net/base/net_log.h" 48 #include "net/cookies/canonical_cookie.h" 49 #include "net/cookies/cookie_options.h" 50 #include "net/http/http_request_headers.h" 51 #include "net/http/http_response_headers.h" 52 #include "net/socket_stream/socket_stream.h" 53 #include "net/url_request/url_request.h" 54 55 #if defined(OS_CHROMEOS) 56 #include "base/command_line.h" 57 #include "base/sys_info.h" 58 #include "chrome/common/chrome_switches.h" 59 #endif 60 61 #if defined(ENABLE_CONFIGURATION_POLICY) 62 #include "chrome/browser/policy/url_blacklist_manager.h" 63 #endif 64 65 using content::BrowserThread; 66 using content::RenderViewHost; 67 using content::ResourceRequestInfo; 68 69 // By default we don't allow access to all file:// urls on ChromeOS and 70 // Android. 71 #if defined(OS_CHROMEOS) || defined(OS_ANDROID) 72 bool ChromeNetworkDelegate::g_allow_file_access_ = false; 73 #else 74 bool ChromeNetworkDelegate::g_allow_file_access_ = true; 75 #endif 76 77 // This remains false unless the --disable-extensions-http-throttling 78 // flag is passed to the browser. 79 bool ChromeNetworkDelegate::g_never_throttle_requests_ = false; 80 81 namespace { 82 83 const char kDNTHeader[] = "DNT"; 84 85 // If the |request| failed due to problems with a proxy, forward the error to 86 // the proxy extension API. 87 void ForwardProxyErrors(net::URLRequest* request, 88 extensions::EventRouterForwarder* event_router, 89 void* profile) { 90 if (request->status().status() == net::URLRequestStatus::FAILED) { 91 switch (request->status().error()) { 92 case net::ERR_PROXY_AUTH_UNSUPPORTED: 93 case net::ERR_PROXY_CONNECTION_FAILED: 94 case net::ERR_TUNNEL_CONNECTION_FAILED: 95 extensions::ProxyEventRouter::GetInstance()->OnProxyError( 96 event_router, profile, request->status().error()); 97 } 98 } 99 } 100 101 // Returns whether a URL parameter, |first_parameter| (e.g. foo=bar), has the 102 // same key as the the |second_parameter| (e.g. foo=baz). Both parameters 103 // must be in key=value form. 104 bool HasSameParameterKey(const std::string& first_parameter, 105 const std::string& second_parameter) { 106 DCHECK(second_parameter.find("=") != std::string::npos); 107 // Prefix for "foo=bar" is "foo=". 108 std::string parameter_prefix = second_parameter.substr( 109 0, second_parameter.find("=") + 1); 110 return StartsWithASCII(first_parameter, parameter_prefix, false); 111 } 112 113 // Examines the query string containing parameters and adds the necessary ones 114 // so that SafeSearch is active. |query| is the string to examine and the 115 // return value is the |query| string modified such that SafeSearch is active. 116 std::string AddSafeSearchParameters(const std::string& query) { 117 std::vector<std::string> new_parameters; 118 std::string safe_parameter = chrome::kSafeSearchSafeParameter; 119 std::string ssui_parameter = chrome::kSafeSearchSsuiParameter; 120 121 std::vector<std::string> parameters; 122 base::SplitString(query, '&', ¶meters); 123 124 std::vector<std::string>::iterator it; 125 for (it = parameters.begin(); it < parameters.end(); ++it) { 126 if (!HasSameParameterKey(*it, safe_parameter) && 127 !HasSameParameterKey(*it, ssui_parameter)) { 128 new_parameters.push_back(*it); 129 } 130 } 131 132 new_parameters.push_back(safe_parameter); 133 new_parameters.push_back(ssui_parameter); 134 return JoinString(new_parameters, '&'); 135 } 136 137 // If |request| is a request to Google Web Search the function 138 // enforces that the SafeSearch query parameters are set to active. 139 // Sets the query part of |new_url| with the new value of the parameters. 140 void ForceGoogleSafeSearch(net::URLRequest* request, 141 GURL* new_url) { 142 if (!google_util::IsGoogleSearchUrl(request->url()) && 143 !google_util::IsGoogleHomePageUrl(request->url())) 144 return; 145 146 std::string query = request->url().query(); 147 std::string new_query = AddSafeSearchParameters(query); 148 if (query == new_query) 149 return; 150 151 GURL::Replacements replacements; 152 replacements.SetQueryStr(new_query); 153 *new_url = request->url().ReplaceComponents(replacements); 154 } 155 156 // Gets called when the extensions finish work on the URL. If the extensions 157 // did not do a redirect (so |new_url| is empty) then we enforce the 158 // SafeSearch parameters. Otherwise we will get called again after the 159 // redirect and we enforce SafeSearch then. 160 void ForceGoogleSafeSearchCallbackWrapper( 161 const net::CompletionCallback& callback, 162 net::URLRequest* request, 163 GURL* new_url, 164 int rv) { 165 if (rv == net::OK && new_url->is_empty()) 166 ForceGoogleSafeSearch(request, new_url); 167 callback.Run(rv); 168 } 169 170 enum RequestStatus { REQUEST_STARTED, REQUEST_DONE }; 171 172 // Notifies the extensions::ProcessManager that a request has started or stopped 173 // for a particular RenderView. 174 void NotifyEPMRequestStatus(RequestStatus status, 175 void* profile_id, 176 int process_id, 177 int render_view_id) { 178 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); 179 Profile* profile = reinterpret_cast<Profile*>(profile_id); 180 if (!g_browser_process->profile_manager()->IsValidProfile(profile)) 181 return; 182 183 extensions::ProcessManager* process_manager = 184 extensions::ExtensionSystem::Get(profile)->process_manager(); 185 // This may be NULL in unit tests. 186 if (!process_manager) 187 return; 188 189 // Will be NULL if the request was not issued on behalf of a renderer (e.g. a 190 // system-level request). 191 RenderViewHost* render_view_host = 192 RenderViewHost::FromID(process_id, render_view_id); 193 if (render_view_host) { 194 if (status == REQUEST_STARTED) { 195 process_manager->OnNetworkRequestStarted(render_view_host); 196 } else if (status == REQUEST_DONE) { 197 process_manager->OnNetworkRequestDone(render_view_host); 198 } else { 199 NOTREACHED(); 200 } 201 } 202 } 203 204 void ForwardRequestStatus( 205 RequestStatus status, net::URLRequest* request, void* profile_id) { 206 const ResourceRequestInfo* info = ResourceRequestInfo::ForRequest(request); 207 if (!info) 208 return; 209 210 int process_id, render_view_id; 211 if (info->GetAssociatedRenderView(&process_id, &render_view_id)) { 212 BrowserThread::PostTask(BrowserThread::UI, FROM_HERE, 213 base::Bind(&NotifyEPMRequestStatus, 214 status, profile_id, process_id, render_view_id)); 215 } 216 } 217 218 void UpdateContentLengthPrefs( 219 int received_content_length, 220 int original_content_length, 221 chrome_browser_net::DataReductionRequestType data_reduction_type, 222 Profile* profile) { 223 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); 224 DCHECK_GE(received_content_length, 0); 225 DCHECK_GE(original_content_length, 0); 226 227 // Can be NULL in a unit test. 228 if (!g_browser_process) 229 return; 230 231 PrefService* prefs = g_browser_process->local_state(); 232 if (!prefs) 233 return; 234 235 // Ignore off-the-record data. 236 if (!g_browser_process->profile_manager()->IsValidProfile(profile) || 237 profile->IsOffTheRecord()) { 238 return; 239 } 240 #if defined(OS_ANDROID) 241 bool with_data_reduction_proxy_enabled = 242 g_browser_process->profile_manager()->GetDefaultProfile()-> 243 GetPrefs()->GetBoolean(prefs::kSpdyProxyAuthEnabled); 244 #else 245 bool with_data_reduction_proxy_enabled = false; 246 #endif 247 248 chrome_browser_net::UpdateContentLengthPrefs( 249 received_content_length, 250 original_content_length, 251 with_data_reduction_proxy_enabled, 252 data_reduction_type, prefs); 253 } 254 255 void StoreAccumulatedContentLength( 256 int received_content_length, 257 int original_content_length, 258 chrome_browser_net::DataReductionRequestType data_reduction_type, 259 Profile* profile) { 260 BrowserThread::PostTask(BrowserThread::UI, FROM_HERE, 261 base::Bind(&UpdateContentLengthPrefs, 262 received_content_length, original_content_length, 263 data_reduction_type, profile)); 264 } 265 266 void RecordContentLengthHistograms( 267 int64 received_content_length, 268 int64 original_content_length, 269 const base::TimeDelta& freshness_lifetime) { 270 #if defined(OS_ANDROID) 271 // Add the current resource to these histograms only when a valid 272 // X-Original-Content-Length header is present. 273 if (original_content_length >= 0) { 274 UMA_HISTOGRAM_COUNTS("Net.HttpContentLengthWithValidOCL", 275 received_content_length); 276 UMA_HISTOGRAM_COUNTS("Net.HttpOriginalContentLengthWithValidOCL", 277 original_content_length); 278 UMA_HISTOGRAM_COUNTS("Net.HttpContentLengthDifferenceWithValidOCL", 279 original_content_length - received_content_length); 280 } else { 281 // Presume the original content length is the same as the received content 282 // length if the X-Original-Content-Header is not present. 283 original_content_length = received_content_length; 284 } 285 UMA_HISTOGRAM_COUNTS("Net.HttpContentLength", received_content_length); 286 UMA_HISTOGRAM_COUNTS("Net.HttpOriginalContentLength", 287 original_content_length); 288 UMA_HISTOGRAM_COUNTS("Net.HttpContentLengthDifference", 289 original_content_length - received_content_length); 290 UMA_HISTOGRAM_CUSTOM_COUNTS("Net.HttpContentFreshnessLifetime", 291 freshness_lifetime.InSeconds(), 292 base::TimeDelta::FromHours(1).InSeconds(), 293 base::TimeDelta::FromDays(30).InSeconds(), 294 100); 295 if (freshness_lifetime.InSeconds() <= 0) 296 return; 297 UMA_HISTOGRAM_COUNTS("Net.HttpContentLengthCacheable", 298 received_content_length); 299 if (freshness_lifetime.InHours() < 4) 300 return; 301 UMA_HISTOGRAM_COUNTS("Net.HttpContentLengthCacheable4Hours", 302 received_content_length); 303 304 if (freshness_lifetime.InHours() < 24) 305 return; 306 UMA_HISTOGRAM_COUNTS("Net.HttpContentLengthCacheable24Hours", 307 received_content_length); 308 #endif // defined(OS_ANDROID) 309 } 310 311 } // namespace 312 313 ChromeNetworkDelegate::ChromeNetworkDelegate( 314 extensions::EventRouterForwarder* event_router, 315 BooleanPrefMember* enable_referrers) 316 : event_router_(event_router), 317 profile_(NULL), 318 enable_referrers_(enable_referrers), 319 enable_do_not_track_(NULL), 320 force_google_safe_search_(NULL), 321 url_blacklist_manager_(NULL), 322 load_time_stats_(NULL), 323 received_content_length_(0), 324 original_content_length_(0) { 325 DCHECK(event_router); 326 DCHECK(enable_referrers); 327 } 328 329 ChromeNetworkDelegate::~ChromeNetworkDelegate() {} 330 331 void ChromeNetworkDelegate::set_extension_info_map( 332 extensions::InfoMap* extension_info_map) { 333 extension_info_map_ = extension_info_map; 334 } 335 336 void ChromeNetworkDelegate::set_cookie_settings( 337 CookieSettings* cookie_settings) { 338 cookie_settings_ = cookie_settings; 339 } 340 341 void ChromeNetworkDelegate::set_predictor( 342 chrome_browser_net::Predictor* predictor) { 343 connect_interceptor_.reset( 344 new chrome_browser_net::ConnectInterceptor(predictor)); 345 } 346 347 void ChromeNetworkDelegate::SetEnableClientHints() { 348 client_hints_.reset(new ClientHints()); 349 client_hints_->Init(); 350 } 351 352 // static 353 void ChromeNetworkDelegate::NeverThrottleRequests() { 354 g_never_throttle_requests_ = true; 355 } 356 357 // static 358 void ChromeNetworkDelegate::InitializePrefsOnUIThread( 359 BooleanPrefMember* enable_referrers, 360 BooleanPrefMember* enable_do_not_track, 361 BooleanPrefMember* force_google_safe_search, 362 PrefService* pref_service) { 363 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); 364 enable_referrers->Init(prefs::kEnableReferrers, pref_service); 365 enable_referrers->MoveToThread( 366 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::IO)); 367 if (enable_do_not_track) { 368 enable_do_not_track->Init(prefs::kEnableDoNotTrack, pref_service); 369 enable_do_not_track->MoveToThread( 370 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::IO)); 371 } 372 if (force_google_safe_search) { 373 force_google_safe_search->Init(prefs::kForceSafeSearch, pref_service); 374 force_google_safe_search->MoveToThread( 375 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::IO)); 376 } 377 } 378 379 // static 380 void ChromeNetworkDelegate::AllowAccessToAllFiles() { 381 g_allow_file_access_ = true; 382 } 383 384 // static 385 Value* ChromeNetworkDelegate::HistoricNetworkStatsInfoToValue() { 386 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); 387 PrefService* prefs = g_browser_process->local_state(); 388 int64 total_received = prefs->GetInt64(prefs::kHttpReceivedContentLength); 389 int64 total_original = prefs->GetInt64(prefs::kHttpOriginalContentLength); 390 391 DictionaryValue* dict = new DictionaryValue(); 392 // Use strings to avoid overflow. base::Value only supports 32-bit integers. 393 dict->SetString("historic_received_content_length", 394 base::Int64ToString(total_received)); 395 dict->SetString("historic_original_content_length", 396 base::Int64ToString(total_original)); 397 return dict; 398 } 399 400 Value* ChromeNetworkDelegate::SessionNetworkStatsInfoToValue() const { 401 DictionaryValue* dict = new DictionaryValue(); 402 // Use strings to avoid overflow. base::Value only supports 32-bit integers. 403 dict->SetString("session_received_content_length", 404 base::Int64ToString(received_content_length_)); 405 dict->SetString("session_original_content_length", 406 base::Int64ToString(original_content_length_)); 407 return dict; 408 } 409 410 int ChromeNetworkDelegate::OnBeforeURLRequest( 411 net::URLRequest* request, 412 const net::CompletionCallback& callback, 413 GURL* new_url) { 414 #if defined(ENABLE_CONFIGURATION_POLICY) 415 // TODO(joaodasilva): This prevents extensions from seeing URLs that are 416 // blocked. However, an extension might redirect the request to another URL, 417 // which is not blocked. 418 if (url_blacklist_manager_ && 419 url_blacklist_manager_->IsRequestBlocked(*request)) { 420 // URL access blocked by policy. 421 request->net_log().AddEvent( 422 net::NetLog::TYPE_CHROME_POLICY_ABORTED_REQUEST, 423 net::NetLog::StringCallback("url", 424 &request->url().possibly_invalid_spec())); 425 return net::ERR_BLOCKED_BY_ADMINISTRATOR; 426 } 427 #endif 428 429 ForwardRequestStatus(REQUEST_STARTED, request, profile_); 430 431 if (!enable_referrers_->GetValue()) 432 request->SetReferrer(std::string()); 433 if (enable_do_not_track_ && enable_do_not_track_->GetValue()) 434 request->SetExtraRequestHeaderByName(kDNTHeader, "1", true /* override */); 435 436 if (client_hints_) { 437 request->SetExtraRequestHeaderByName( 438 ClientHints::kDevicePixelRatioHeader, 439 client_hints_->GetDevicePixelRatioHeader(), true); 440 } 441 442 bool force_safe_search = force_google_safe_search_ && 443 force_google_safe_search_->GetValue(); 444 445 net::CompletionCallback wrapped_callback = callback; 446 if (force_safe_search) { 447 wrapped_callback = base::Bind(&ForceGoogleSafeSearchCallbackWrapper, 448 callback, 449 base::Unretained(request), 450 base::Unretained(new_url)); 451 } 452 453 int rv = ExtensionWebRequestEventRouter::GetInstance()->OnBeforeRequest( 454 profile_, extension_info_map_.get(), request, wrapped_callback, 455 new_url); 456 457 if (force_safe_search && rv == net::OK && new_url->is_empty()) 458 ForceGoogleSafeSearch(request, new_url); 459 460 if (connect_interceptor_) 461 connect_interceptor_->WitnessURLRequest(request); 462 463 return rv; 464 } 465 466 int ChromeNetworkDelegate::OnBeforeSendHeaders( 467 net::URLRequest* request, 468 const net::CompletionCallback& callback, 469 net::HttpRequestHeaders* headers) { 470 TRACE_EVENT_ASYNC_STEP_PAST0("net", "URLRequest", request, "SendRequest"); 471 return ExtensionWebRequestEventRouter::GetInstance()->OnBeforeSendHeaders( 472 profile_, extension_info_map_.get(), request, callback, headers); 473 } 474 475 void ChromeNetworkDelegate::OnSendHeaders( 476 net::URLRequest* request, 477 const net::HttpRequestHeaders& headers) { 478 ExtensionWebRequestEventRouter::GetInstance()->OnSendHeaders( 479 profile_, extension_info_map_.get(), request, headers); 480 } 481 482 int ChromeNetworkDelegate::OnHeadersReceived( 483 net::URLRequest* request, 484 const net::CompletionCallback& callback, 485 const net::HttpResponseHeaders* original_response_headers, 486 scoped_refptr<net::HttpResponseHeaders>* override_response_headers) { 487 return ExtensionWebRequestEventRouter::GetInstance()->OnHeadersReceived( 488 profile_, extension_info_map_.get(), request, callback, 489 original_response_headers, override_response_headers); 490 } 491 492 void ChromeNetworkDelegate::OnBeforeRedirect(net::URLRequest* request, 493 const GURL& new_location) { 494 ExtensionWebRequestEventRouter::GetInstance()->OnBeforeRedirect( 495 profile_, extension_info_map_.get(), request, new_location); 496 } 497 498 499 void ChromeNetworkDelegate::OnResponseStarted(net::URLRequest* request) { 500 TRACE_EVENT_ASYNC_STEP_PAST0("net", "URLRequest", request, "ResponseStarted"); 501 ExtensionWebRequestEventRouter::GetInstance()->OnResponseStarted( 502 profile_, extension_info_map_.get(), request); 503 ForwardProxyErrors(request, event_router_.get(), profile_); 504 } 505 506 void ChromeNetworkDelegate::OnRawBytesRead(const net::URLRequest& request, 507 int bytes_read) { 508 TRACE_EVENT_ASYNC_STEP_PAST1("net", "URLRequest", &request, "DidRead", 509 "bytes_read", bytes_read); 510 performance_monitor::PerformanceMonitor::GetInstance()->BytesReadOnIOThread( 511 request, bytes_read); 512 513 #if defined(ENABLE_TASK_MANAGER) 514 TaskManager::GetInstance()->model()->NotifyBytesRead(request, bytes_read); 515 #endif // defined(ENABLE_TASK_MANAGER) 516 } 517 518 void ChromeNetworkDelegate::OnCompleted(net::URLRequest* request, 519 bool started) { 520 TRACE_EVENT_ASYNC_END0("net", "URLRequest", request); 521 if (request->status().status() == net::URLRequestStatus::SUCCESS) { 522 // For better accuracy, we use the actual bytes read instead of the length 523 // specified with the Content-Length header, which may be inaccurate, 524 // or missing, as is the case with chunked encoding. 525 int64 received_content_length = request->received_response_content_length(); 526 527 // Only record for http or https urls. 528 bool is_http = request->url().SchemeIs("http"); 529 bool is_https = request->url().SchemeIs("https"); 530 531 if (!request->was_cached() && // Don't record cached content 532 received_content_length && // Zero-byte responses aren't useful. 533 (is_http || is_https)) { // Only record for HTTP or HTTPS urls. 534 int64 original_content_length = 535 request->response_info().headers->GetInt64HeaderValue( 536 "x-original-content-length"); 537 chrome_browser_net::DataReductionRequestType data_reduction_type = 538 chrome_browser_net::GetDataReductionRequestType(request); 539 540 base::TimeDelta freshness_lifetime = 541 request->response_info().headers->GetFreshnessLifetime( 542 request->response_info().response_time); 543 int64 adjusted_original_content_length = 544 chrome_browser_net::GetAdjustedOriginalContentLength( 545 data_reduction_type, original_content_length, 546 received_content_length); 547 AccumulateContentLength(received_content_length, 548 adjusted_original_content_length, 549 data_reduction_type, 550 profile_); 551 RecordContentLengthHistograms(received_content_length, 552 original_content_length, 553 freshness_lifetime); 554 DVLOG(2) << __FUNCTION__ 555 << " received content length: " << received_content_length 556 << " original content length: " << original_content_length 557 << " url: " << request->url(); 558 } 559 560 bool is_redirect = request->response_headers() && 561 net::HttpResponseHeaders::IsRedirectResponseCode( 562 request->response_headers()->response_code()); 563 if (!is_redirect) { 564 ExtensionWebRequestEventRouter::GetInstance()->OnCompleted( 565 profile_, extension_info_map_.get(), request); 566 } 567 } else if (request->status().status() == net::URLRequestStatus::FAILED || 568 request->status().status() == net::URLRequestStatus::CANCELED) { 569 ExtensionWebRequestEventRouter::GetInstance()->OnErrorOccurred( 570 profile_, extension_info_map_.get(), request, started); 571 } else { 572 NOTREACHED(); 573 } 574 ForwardProxyErrors(request, event_router_.get(), profile_); 575 576 ForwardRequestStatus(REQUEST_DONE, request, profile_); 577 } 578 579 void ChromeNetworkDelegate::OnURLRequestDestroyed(net::URLRequest* request) { 580 ExtensionWebRequestEventRouter::GetInstance()->OnURLRequestDestroyed( 581 profile_, request); 582 if (load_time_stats_) 583 load_time_stats_->OnURLRequestDestroyed(*request); 584 } 585 586 void ChromeNetworkDelegate::OnPACScriptError(int line_number, 587 const base::string16& error) { 588 extensions::ProxyEventRouter::GetInstance()->OnPACScriptError( 589 event_router_.get(), profile_, line_number, error); 590 } 591 592 net::NetworkDelegate::AuthRequiredResponse 593 ChromeNetworkDelegate::OnAuthRequired( 594 net::URLRequest* request, 595 const net::AuthChallengeInfo& auth_info, 596 const AuthCallback& callback, 597 net::AuthCredentials* credentials) { 598 return ExtensionWebRequestEventRouter::GetInstance()->OnAuthRequired( 599 profile_, extension_info_map_.get(), request, auth_info, 600 callback, credentials); 601 } 602 603 bool ChromeNetworkDelegate::OnCanGetCookies( 604 const net::URLRequest& request, 605 const net::CookieList& cookie_list) { 606 // NULL during tests, or when we're running in the system context. 607 if (!cookie_settings_.get()) 608 return true; 609 610 bool allow = cookie_settings_->IsReadingCookieAllowed( 611 request.url(), request.first_party_for_cookies()); 612 613 int render_process_id = -1; 614 int render_view_id = -1; 615 if (content::ResourceRequestInfo::GetRenderViewForRequest( 616 &request, &render_process_id, &render_view_id)) { 617 BrowserThread::PostTask( 618 BrowserThread::UI, FROM_HERE, 619 base::Bind(&TabSpecificContentSettings::CookiesRead, 620 render_process_id, render_view_id, 621 request.url(), request.first_party_for_cookies(), 622 cookie_list, !allow)); 623 } 624 625 return allow; 626 } 627 628 bool ChromeNetworkDelegate::OnCanSetCookie(const net::URLRequest& request, 629 const std::string& cookie_line, 630 net::CookieOptions* options) { 631 // NULL during tests, or when we're running in the system context. 632 if (!cookie_settings_.get()) 633 return true; 634 635 bool allow = cookie_settings_->IsSettingCookieAllowed( 636 request.url(), request.first_party_for_cookies()); 637 638 int render_process_id = -1; 639 int render_view_id = -1; 640 if (content::ResourceRequestInfo::GetRenderViewForRequest( 641 &request, &render_process_id, &render_view_id)) { 642 BrowserThread::PostTask( 643 BrowserThread::UI, FROM_HERE, 644 base::Bind(&TabSpecificContentSettings::CookieChanged, 645 render_process_id, render_view_id, 646 request.url(), request.first_party_for_cookies(), 647 cookie_line, *options, !allow)); 648 } 649 650 return allow; 651 } 652 653 bool ChromeNetworkDelegate::OnCanAccessFile(const net::URLRequest& request, 654 const base::FilePath& path) const { 655 if (g_allow_file_access_) 656 return true; 657 658 #if !defined(OS_CHROMEOS) && !defined(OS_ANDROID) 659 return true; 660 #else 661 #if defined(OS_CHROMEOS) 662 // If we're running Chrome for ChromeOS on Linux, we want to allow file 663 // access. 664 if (!base::SysInfo::IsRunningOnChromeOS() || 665 CommandLine::ForCurrentProcess()->HasSwitch(switches::kTestType)) { 666 return true; 667 } 668 669 // Use a whitelist to only allow access to files residing in the list of 670 // directories below. 671 static const char* const kLocalAccessWhiteList[] = { 672 "/home/chronos/user/Downloads", 673 "/home/chronos/user/log", 674 "/media", 675 "/opt/oem", 676 "/usr/share/chromeos-assets", 677 "/tmp", 678 "/var/log", 679 }; 680 681 // The actual location of "/home/chronos/user/Downloads" is the Downloads 682 // directory under the profile path ("/home/chronos/user' is a hard link to 683 // current primary logged in profile.) For the support of multi-profile 684 // sessions, we are switching to use explicit "$PROFILE_PATH/Downloads" path 685 // and here whitelist such access. 686 if (!profile_path_.empty()) { 687 const base::FilePath downloads = profile_path_.AppendASCII("Downloads"); 688 if (downloads == path.StripTrailingSeparators() || downloads.IsParent(path)) 689 return true; 690 } 691 #elif defined(OS_ANDROID) 692 // Access to files in external storage is allowed. 693 base::FilePath external_storage_path; 694 PathService::Get(base::DIR_ANDROID_EXTERNAL_STORAGE, &external_storage_path); 695 if (external_storage_path.IsParent(path)) 696 return true; 697 698 // Whitelist of other allowed directories. 699 static const char* const kLocalAccessWhiteList[] = { 700 "/sdcard", 701 "/mnt/sdcard", 702 }; 703 #endif 704 705 for (size_t i = 0; i < arraysize(kLocalAccessWhiteList); ++i) { 706 const base::FilePath white_listed_path(kLocalAccessWhiteList[i]); 707 // base::FilePath::operator== should probably handle trailing separators. 708 if (white_listed_path == path.StripTrailingSeparators() || 709 white_listed_path.IsParent(path)) { 710 return true; 711 } 712 } 713 714 DVLOG(1) << "File access denied - " << path.value().c_str(); 715 return false; 716 #endif // !defined(OS_CHROMEOS) && !defined(OS_ANDROID) 717 } 718 719 bool ChromeNetworkDelegate::OnCanThrottleRequest( 720 const net::URLRequest& request) const { 721 if (g_never_throttle_requests_) { 722 return false; 723 } 724 725 return request.first_party_for_cookies().scheme() == 726 extensions::kExtensionScheme; 727 } 728 729 bool ChromeNetworkDelegate::OnCanEnablePrivacyMode( 730 const GURL& url, 731 const GURL& first_party_for_cookies) const { 732 // NULL during tests, or when we're running in the system context. 733 if (!cookie_settings_.get()) 734 return false; 735 736 bool reading_cookie_allowed = cookie_settings_->IsReadingCookieAllowed( 737 url, first_party_for_cookies); 738 bool setting_cookie_allowed = cookie_settings_->IsSettingCookieAllowed( 739 url, first_party_for_cookies); 740 bool privacy_mode = !(reading_cookie_allowed && setting_cookie_allowed); 741 return privacy_mode; 742 } 743 744 int ChromeNetworkDelegate::OnBeforeSocketStreamConnect( 745 net::SocketStream* socket, 746 const net::CompletionCallback& callback) { 747 #if defined(ENABLE_CONFIGURATION_POLICY) 748 if (url_blacklist_manager_ && 749 url_blacklist_manager_->IsURLBlocked(socket->url())) { 750 // URL access blocked by policy. 751 socket->net_log()->AddEvent( 752 net::NetLog::TYPE_CHROME_POLICY_ABORTED_REQUEST, 753 net::NetLog::StringCallback("url", 754 &socket->url().possibly_invalid_spec())); 755 return net::ERR_BLOCKED_BY_ADMINISTRATOR; 756 } 757 #endif 758 return net::OK; 759 } 760 761 void ChromeNetworkDelegate::OnRequestWaitStateChange( 762 const net::URLRequest& request, 763 RequestWaitState state) { 764 if (load_time_stats_) 765 load_time_stats_->OnRequestWaitStateChange(request, state); 766 } 767 768 void ChromeNetworkDelegate::AccumulateContentLength( 769 int64 received_content_length, 770 int64 original_content_length, 771 chrome_browser_net::DataReductionRequestType data_reduction_type, 772 void* profile) { 773 DCHECK_GE(received_content_length, 0); 774 DCHECK_GE(original_content_length, 0); 775 StoreAccumulatedContentLength(received_content_length, 776 original_content_length, 777 data_reduction_type, 778 reinterpret_cast<Profile*>(profile_)); 779 received_content_length_ += received_content_length; 780 original_content_length_ += original_content_length; 781 } 782
