diff options
Diffstat (limited to 'chromium/components/safe_browsing/password_protection/password_protection_service.h')
-rw-r--r-- | chromium/components/safe_browsing/password_protection/password_protection_service.h | 163 |
1 files changed, 155 insertions, 8 deletions
diff --git a/chromium/components/safe_browsing/password_protection/password_protection_service.h b/chromium/components/safe_browsing/password_protection/password_protection_service.h index 32afe41496b..d025871b422 100644 --- a/chromium/components/safe_browsing/password_protection/password_protection_service.h +++ b/chromium/components/safe_browsing/password_protection/password_protection_service.h @@ -5,39 +5,186 @@ #ifndef COMPONENTS_SAFE_BROWSING_PASSWORD_PROTECTION_PASSWORD_PROTECTION_SERVICE_H_ #define COMPONENTS_SAFE_BROWSING_PASSWORD_PROTECTION_PASSWORD_PROTECTION_SERVICE_H_ +#include <unordered_set> + +#include "base/callback.h" +#include "base/gtest_prod_util.h" #include "base/macros.h" #include "base/memory/ref_counted.h" #include "base/memory/weak_ptr.h" +#include "base/scoped_observer.h" +#include "base/values.h" +#include "components/history/core/browser/history_service_observer.h" +#include "components/safe_browsing/csd.pb.h" +#include "net/url_request/url_request_context_getter.h" + +namespace history { +class HistoryService; +} class GURL; +class HostContentSettingsMap; namespace safe_browsing { class SafeBrowsingDatabaseManager; +class PasswordProtectionRequest; -class PasswordProtectionService { +// Manage password protection pings and verdicts. There is one instance of this +// class per profile. Therefore, every PasswordProtectionService instance is +// associated with a unique HistoryService instance and a unique +// HostContentSettingsMap instance. +class PasswordProtectionService : history::HistoryServiceObserver { public: - explicit PasswordProtectionService( - const scoped_refptr<SafeBrowsingDatabaseManager>& database_manager); + using CheckCsdWhitelistCallback = base::Callback<void(bool)>; - virtual ~PasswordProtectionService(); + PasswordProtectionService( + const scoped_refptr<SafeBrowsingDatabaseManager>& database_manager, + scoped_refptr<net::URLRequestContextGetter> request_context_getter, + history::HistoryService* history_service, + HostContentSettingsMap* host_content_settings_map); - // Check if |url| matches CSD whitelist and record UMA metric accordingly. - // Currently called by PasswordReuseDetectionManager on UI thread. - void RecordPasswordReuse(const GURL& url); + ~PasswordProtectionService() override; base::WeakPtr<PasswordProtectionService> GetWeakPtr() { return weak_factory_.GetWeakPtr(); } + // Checks if |url| matches CSD whitelist and record UMA metric accordingly. + // Currently called by PasswordReuseDetectionManager on UI thread. + void RecordPasswordReuse(const GURL& url); + + // Looks up |settings| to find the cached verdict response. If verdict is not + // available or is expired, return VERDICT_TYPE_UNSPECIFIED. Can be called on + // any thread. + LoginReputationClientResponse::VerdictType GetCachedVerdict( + const GURL& url, + LoginReputationClientResponse* out_response); + + // Stores |verdict| in |settings| based on |url|, |verdict| and + // |receive_time|. + void CacheVerdict(const GURL& url, + LoginReputationClientResponse* verdict, + const base::Time& receive_time); + + // Creates an instance of PasswordProtectionRequest and call Start() on that + // instance. This function also insert this request object in |requests_| for + // record keeping. + void StartRequest(const GURL& main_frame_url, + LoginReputationClientRequest::TriggerType type); + protected: - // Called on UI thread. + friend class PasswordProtectionRequest; + + // Called by a PasswordProtectionRequest instance when it finishes to remove + // itself from |requests_|. + virtual void RequestFinished( + PasswordProtectionRequest* request, + std::unique_ptr<LoginReputationClientResponse> response); + + // Cancels all requests in |requests_|, empties it, and releases references to + // the requests. + void CancelPendingRequests(); + + // Gets the total number of verdict (no matter expired or not) we cached for + // current active profile. + virtual int GetStoredVerdictCount(); + + scoped_refptr<net::URLRequestContextGetter> request_context_getter() { + return request_context_getter_; + } + + // Returns the URL where PasswordProtectionRequest instances send requests. + static GURL GetPasswordProtectionRequestUrl(); + + // Gets the request timeout in milliseconds. + static int GetRequestTimeoutInMS(); + + // Obtains referrer chain of |event_url| and |event_tab_id| and adds this + // info into |frame|. + virtual void FillReferrerChain( + const GURL& event_url, + int event_tab_id, // -1 if tab id is not available. + LoginReputationClientRequest::Frame* frame) = 0; + + virtual bool IsExtendedReporting() = 0; + virtual bool IsIncognito() = 0; + + // If we can send ping to Safe Browsing backend. + virtual bool IsPingingEnabled() = 0; + + void CheckCsdWhitelistOnIOThread(const GURL& url, + const CheckCsdWhitelistCallback& callback); + // Increases "PasswordManager.PasswordReuse.MainFrameMatchCsdWhitelist" UMA // metric based on input. void OnMatchCsdWhiteListResult(bool match_whitelist); private: + friend class PasswordProtectionServiceTest; + FRIEND_TEST_ALL_PREFIXES(PasswordProtectionServiceTest, + TestParseInvalidVerdictEntry); + FRIEND_TEST_ALL_PREFIXES(PasswordProtectionServiceTest, + TestParseValidVerdictEntry); + FRIEND_TEST_ALL_PREFIXES(PasswordProtectionServiceTest, + TestPathVariantsMatchCacheExpression); + FRIEND_TEST_ALL_PREFIXES(PasswordProtectionServiceTest, + TestCleanUpCachedVerdicts); + + // Overridden from history::HistoryServiceObserver. + void OnURLsDeleted(history::HistoryService* history_service, + bool all_history, + bool expired, + const history::URLRows& deleted_rows, + const std::set<GURL>& favicon_urls) override; + + void HistoryServiceBeingDeleted( + history::HistoryService* history_service) override; + + // Posted to UI thread by OnURLsDeleted(..). This function cleans up password + // protection content settings related to deleted URLs. + void RemoveContentSettingsOnURLsDeleted(bool all_history, + const history::URLRows& deleted_rows); + + static bool ParseVerdictEntry(base::DictionaryValue* verdict_entry, + int* out_verdict_received_time, + LoginReputationClientResponse* out_verdict); + + static bool PathVariantsMatchCacheExpression( + const std::vector<std::string>& generated_paths, + const std::string& cache_expression_path); + + static bool IsCacheExpired(int cache_creation_time, int cache_duration); + + static void GeneratePathVariantsWithoutQuery(const GURL& url, + std::vector<std::string>* paths); + + static std::string GetCacheExpressionPath( + const std::string& cache_expression); + + static std::unique_ptr<base::DictionaryValue> CreateDictionaryFromVerdict( + const LoginReputationClientResponse* verdict, + const base::Time& receive_time); + + // Number of verdict stored for this profile. + int stored_verdict_count_; + scoped_refptr<SafeBrowsingDatabaseManager> database_manager_; + + // The context we use to issue network requests. This request_context_getter + // is obtained from SafeBrowsingService so that we can use the Safe Browsing + // cookie store. + scoped_refptr<net::URLRequestContextGetter> request_context_getter_; + + // Set of pending PasswordProtectionRequests. + std::unordered_set<std::unique_ptr<PasswordProtectionRequest>> requests_; + + ScopedObserver<history::HistoryService, history::HistoryServiceObserver> + history_service_observer_; + + // Content settings map associated with this instance. + HostContentSettingsMap* content_settings_; + base::WeakPtrFactory<PasswordProtectionService> weak_factory_; DISALLOW_COPY_AND_ASSIGN(PasswordProtectionService); }; |