1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
|
// Copyright 2016 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "components/security_interstitials/content/unsafe_resource.h"
#include "base/bind.h"
#include "content/public/browser/navigation_entry.h"
#include "content/public/browser/render_frame_host.h"
#include "content/public/browser/web_contents.h"
namespace security_interstitials {
namespace {
content::WebContents* GetWebContentsByFrameID(int render_process_id,
int render_frame_id) {
content::RenderFrameHost* render_frame_host =
content::RenderFrameHost::FromID(render_process_id, render_frame_id);
if (!render_frame_host)
return nullptr;
return content::WebContents::FromRenderFrameHost(render_frame_host);
}
}; // namespace
UnsafeResource::UnsafeResource()
: is_subresource(false),
is_subframe(false),
threat_type(safe_browsing::SB_THREAT_TYPE_SAFE),
threat_source(safe_browsing::ThreatSource::UNKNOWN) {}
UnsafeResource::UnsafeResource(
const UnsafeResource& other) = default;
UnsafeResource::~UnsafeResource() {}
bool UnsafeResource::IsMainPageLoadBlocked() const {
// Subresource hits cannot happen until after main page load is committed.
if (is_subresource)
return false;
switch (threat_type) {
// Client-side phishing/malware detection interstitials never block the main
// frame load, since they happen after the page is finished loading.
case safe_browsing::SB_THREAT_TYPE_URL_CLIENT_SIDE_PHISHING:
case safe_browsing::SB_THREAT_TYPE_URL_CLIENT_SIDE_MALWARE:
// Ad sampling happens in the background.
case safe_browsing::SB_THREAT_TYPE_AD_SAMPLE:
// Sign-in password reuse warning happens after the page is finished
// loading.
case safe_browsing::SB_THREAT_TYPE_SIGN_IN_PASSWORD_REUSE:
// Enterprise password reuse warning happens after the page is finished
// loading.
case safe_browsing::SB_THREAT_TYPE_ENTERPRISE_PASSWORD_REUSE:
// Suspicious site collection happens in the background
case safe_browsing::SB_THREAT_TYPE_SUSPICIOUS_SITE:
return false;
default:
break;
}
return true;
}
content::NavigationEntry*
UnsafeResource::GetNavigationEntryForResource() const {
content::WebContents* web_contents = web_contents_getter.Run();
if (!web_contents)
return nullptr;
// If a safebrowsing hit occurs during main frame navigation, the navigation
// will not be committed, and the pending navigation entry refers to the hit.
if (IsMainPageLoadBlocked())
return web_contents->GetController().GetPendingEntry();
// If a safebrowsing hit occurs on a subresource load, or on a main frame
// after the navigation is committed, the last committed navigation entry
// refers to the page with the hit. Note that there may concurrently be an
// unrelated pending navigation to another site, so GetActiveEntry() would be
// wrong.
return web_contents->GetController().GetLastCommittedEntry();
}
// static
base::Callback<content::WebContents*(void)>
UnsafeResource::GetWebContentsGetter(
int render_process_host_id,
int render_frame_id) {
return base::Bind(&GetWebContentsByFrameID, render_process_host_id,
render_frame_id);
}
} // security_interstitials
|
