chrome_resource_dispatcher_host_delegate.cc revision 7d4cd473f85ac64c3747c96c277f9e506a0d2246
1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#include "chrome/browser/renderer_host/chrome_resource_dispatcher_host_delegate.h" 6 7#include <string> 8 9#include "base/base64.h" 10#include "base/logging.h" 11#include "base/metrics/histogram.h" 12#include "chrome/browser/browser_process.h" 13#include "chrome/browser/content_settings/host_content_settings_map.h" 14#include "chrome/browser/download/download_request_limiter.h" 15#include "chrome/browser/download/download_resource_throttle.h" 16#include "chrome/browser/download/download_util.h" 17#include "chrome/browser/extensions/api/streams_private/streams_private_api.h" 18#include "chrome/browser/extensions/extension_info_map.h" 19#include "chrome/browser/extensions/user_script_listener.h" 20#include "chrome/browser/external_protocol/external_protocol_handler.h" 21#include "chrome/browser/google/google_util.h" 22#include "chrome/browser/metrics/variations/variations_http_header_provider.h" 23#include "chrome/browser/net/resource_prefetch_predictor_observer.h" 24#include "chrome/browser/prerender/prerender_manager.h" 25#include "chrome/browser/prerender/prerender_tracker.h" 26#include "chrome/browser/prerender/prerender_util.h" 27#include "chrome/browser/profiles/profile.h" 28#include "chrome/browser/profiles/profile_io_data.h" 29#include "chrome/browser/renderer_host/chrome_url_request_user_data.h" 30#include "chrome/browser/renderer_host/safe_browsing_resource_throttle_factory.h" 31#include "chrome/browser/safe_browsing/safe_browsing_service.h" 32#include "chrome/browser/ui/auto_login_prompter.h" 33#include "chrome/browser/ui/login/login_prompt.h" 34#include "chrome/browser/ui/sync/one_click_signin_helper.h" 35#include "chrome/common/chrome_notification_types.h" 36#include "chrome/common/extensions/mime_types_handler.h" 37#include "chrome/common/extensions/user_script.h" 38#include "chrome/common/render_messages.h" 39#include "content/public/browser/browser_thread.h" 40#include "content/public/browser/notification_service.h" 41#include "content/public/browser/render_view_host.h" 42#include "content/public/browser/resource_context.h" 43#include "content/public/browser/resource_dispatcher_host.h" 44#include "content/public/browser/resource_request_info.h" 45#include "content/public/browser/stream_handle.h" 46#include "content/public/common/resource_response.h" 47#include "extensions/common/constants.h" 48#include "net/base/load_flags.h" 49#include "net/base/load_timing_info.h" 50#include "net/http/http_response_headers.h" 51#include "net/ssl/ssl_config_service.h" 52#include "net/url_request/url_request.h" 53 54#if defined(ENABLE_MANAGED_USERS) 55#include "chrome/browser/managed_mode/managed_mode_resource_throttle.h" 56#endif 57 58#if defined(USE_SYSTEM_PROTOBUF) 59#include <google/protobuf/repeated_field.h> 60#else 61#include "third_party/protobuf/src/google/protobuf/repeated_field.h" 62#endif 63 64#if defined(OS_ANDROID) 65#include "chrome/browser/android/intercept_download_resource_throttle.h" 66#include "components/navigation_interception/intercept_navigation_delegate.h" 67#endif 68 69#if defined(OS_CHROMEOS) 70#include "chrome/browser/chromeos/login/merge_session_throttle.h" 71// TODO(oshima): Enable this for other platforms. 72#include "chrome/browser/renderer_host/offline_resource_throttle.h" 73#endif 74 75using content::BrowserThread; 76using content::RenderViewHost; 77using content::ResourceDispatcherHostLoginDelegate; 78using content::ResourceRequestInfo; 79using extensions::Extension; 80using extensions::StreamsPrivateAPI; 81 82#if defined(OS_ANDROID) 83using navigation_interception::InterceptNavigationDelegate; 84#endif 85 86namespace { 87 88void NotifyDownloadInitiatedOnUI(int render_process_id, int render_view_id) { 89 RenderViewHost* rvh = RenderViewHost::FromID(render_process_id, 90 render_view_id); 91 if (!rvh) 92 return; 93 94 content::NotificationService::current()->Notify( 95 chrome::NOTIFICATION_DOWNLOAD_INITIATED, 96 content::Source<RenderViewHost>(rvh), 97 content::NotificationService::NoDetails()); 98} 99 100// Goes through the extension's file browser handlers and checks if there is one 101// that can handle the |mime_type|. 102// |extension| must not be NULL. 103bool ExtensionCanHandleMimeType(const Extension* extension, 104 const std::string& mime_type) { 105 MimeTypesHandler* handler = MimeTypesHandler::GetHandler(extension); 106 if (!handler) 107 return false; 108 109 return handler->CanHandleMIMEType(mime_type); 110} 111 112void SendExecuteMimeTypeHandlerEvent(scoped_ptr<content::StreamHandle> stream, 113 int64 expected_content_size, 114 int render_process_id, 115 int render_view_id, 116 const std::string& extension_id) { 117 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI)); 118 119 content::RenderViewHost* render_view_host = 120 content::RenderViewHost::FromID(render_process_id, render_view_id); 121 if (!render_view_host) 122 return; 123 124 content::WebContents* web_contents = 125 content::WebContents::FromRenderViewHost(render_view_host); 126 if (!web_contents) 127 return; 128 129 content::BrowserContext* browser_context = web_contents->GetBrowserContext(); 130 if (!browser_context) 131 return; 132 133 Profile* profile = Profile::FromBrowserContext(browser_context); 134 if (!profile) 135 return; 136 137 StreamsPrivateAPI* streams_private = StreamsPrivateAPI::Get(profile); 138 if (!streams_private) 139 return; 140 streams_private->ExecuteMimeTypeHandler( 141 extension_id, web_contents, stream.Pass(), expected_content_size); 142} 143 144enum PrerenderSchemeCancelReason { 145 PRERENDER_SCHEME_CANCEL_REASON_EXTERNAL_PROTOCOL, 146 PRERENDER_SCHEME_CANCEL_REASON_DATA, 147 PRERENDER_SCHEME_CANCEL_REASON_BLOB, 148 PRERENDER_SCHEME_CANCEL_REASON_FILE, 149 PRERENDER_SCHEME_CANCEL_REASON_FILESYSTEM, 150 PRERENDER_SCHEME_CANCEL_REASON_WEBSOCKET, 151 PRERENDER_SCHEME_CANCEL_REASON_FTP, 152 PRERENDER_SCHEME_CANCEL_REASON_CHROME, 153 PRERENDER_SCHEME_CANCEL_REASON_CHROME_EXTENSION, 154 PRERENDER_SCHEME_CANCEL_REASON_ABOUT, 155 PRERENDER_SCHEME_CANCEL_REASON_UNKNOWN, 156 PRERENDER_SCHEME_CANCEL_REASON_MAX, 157}; 158 159void ReportPrerenderSchemeCancelReason(PrerenderSchemeCancelReason reason) { 160 UMA_HISTOGRAM_ENUMERATION( 161 "Prerender.SchemeCancelReason", reason, 162 PRERENDER_SCHEME_CANCEL_REASON_MAX); 163} 164 165void ReportUnsupportedPrerenderScheme(const GURL& url) { 166 if (url.SchemeIs("data")) { 167 ReportPrerenderSchemeCancelReason(PRERENDER_SCHEME_CANCEL_REASON_DATA); 168 } else if (url.SchemeIs("blob")) { 169 ReportPrerenderSchemeCancelReason(PRERENDER_SCHEME_CANCEL_REASON_BLOB); 170 } else if (url.SchemeIsFile()) { 171 ReportPrerenderSchemeCancelReason(PRERENDER_SCHEME_CANCEL_REASON_FILE); 172 } else if (url.SchemeIsFileSystem()) { 173 ReportPrerenderSchemeCancelReason( 174 PRERENDER_SCHEME_CANCEL_REASON_FILESYSTEM); 175 } else if (url.SchemeIs("ws") || url.SchemeIs("wss")) { 176 ReportPrerenderSchemeCancelReason(PRERENDER_SCHEME_CANCEL_REASON_WEBSOCKET); 177 } else if (url.SchemeIs("ftp")) { 178 ReportPrerenderSchemeCancelReason(PRERENDER_SCHEME_CANCEL_REASON_FTP); 179 } else if (url.SchemeIs("chrome")) { 180 ReportPrerenderSchemeCancelReason(PRERENDER_SCHEME_CANCEL_REASON_CHROME); 181 } else if (url.SchemeIs("chrome-extension")) { 182 ReportPrerenderSchemeCancelReason( 183 PRERENDER_SCHEME_CANCEL_REASON_CHROME_EXTENSION); 184 } else if (url.SchemeIs("about")) { 185 ReportPrerenderSchemeCancelReason(PRERENDER_SCHEME_CANCEL_REASON_ABOUT); 186 } else { 187 ReportPrerenderSchemeCancelReason(PRERENDER_SCHEME_CANCEL_REASON_UNKNOWN); 188 } 189} 190 191} // end namespace 192 193ChromeResourceDispatcherHostDelegate::ChromeResourceDispatcherHostDelegate( 194 prerender::PrerenderTracker* prerender_tracker) 195 : download_request_limiter_(g_browser_process->download_request_limiter()), 196 safe_browsing_(g_browser_process->safe_browsing_service()), 197 user_script_listener_(new extensions::UserScriptListener()), 198 prerender_tracker_(prerender_tracker) { 199} 200 201ChromeResourceDispatcherHostDelegate::~ChromeResourceDispatcherHostDelegate() { 202} 203 204bool ChromeResourceDispatcherHostDelegate::ShouldBeginRequest( 205 int child_id, 206 int route_id, 207 const std::string& method, 208 const GURL& url, 209 ResourceType::Type resource_type, 210 content::ResourceContext* resource_context, 211 const content::Referrer& referrer) { 212 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); 213 214 // Handle a PREFETCH resource type. If prefetch is disabled, squelch the 215 // request. Otherwise, do a normal request to warm the cache. 216 if (resource_type == ResourceType::PREFETCH) { 217 // All PREFETCH requests should be GETs, but be defensive about it. 218 if (method != "GET") 219 return false; 220 221 // If prefetch is disabled, kill the request. 222 if (!prerender::PrerenderManager::IsPrefetchEnabled()) 223 return false; 224 } 225 226 // Abort any prerenders that spawn requests that use invalid HTTP methods 227 // or invalid schemes. 228 if (prerender_tracker_->IsPrerenderingOnIOThread(child_id, route_id)) { 229 if (!prerender::PrerenderManager::IsValidHttpMethod(method)) { 230 prerender_tracker_->TryCancelOnIOThread( 231 child_id, route_id, prerender::FINAL_STATUS_INVALID_HTTP_METHOD); 232 return false; 233 } 234 if (!prerender::PrerenderManager::DoesURLHaveValidScheme(url)) { 235 ReportUnsupportedPrerenderScheme(url); 236 prerender_tracker_->TryCancelOnIOThread( 237 child_id, route_id, prerender::FINAL_STATUS_UNSUPPORTED_SCHEME); 238 return false; 239 } 240 } 241 242 return true; 243} 244 245void ChromeResourceDispatcherHostDelegate::RequestBeginning( 246 net::URLRequest* request, 247 content::ResourceContext* resource_context, 248 appcache::AppCacheService* appcache_service, 249 ResourceType::Type resource_type, 250 int child_id, 251 int route_id, 252 bool is_continuation_of_transferred_request, 253 ScopedVector<content::ResourceThrottle>* throttles) { 254 if (is_continuation_of_transferred_request) 255 ChromeURLRequestUserData::Delete(request); 256 257 ChromeURLRequestUserData* user_data = 258 ChromeURLRequestUserData::Create(request); 259 bool is_prerendering = prerender_tracker_->IsPrerenderingOnIOThread( 260 child_id, route_id); 261 if (is_prerendering) { 262 user_data->set_is_prerender(true); 263 request->SetPriority(net::IDLE); 264 } 265 266#if defined(OS_ANDROID) 267 if (!is_prerendering && resource_type == ResourceType::MAIN_FRAME) { 268 throttles->push_back( 269 InterceptNavigationDelegate::CreateThrottleFor(request)); 270 } 271#endif 272#if defined(OS_CHROMEOS) 273 if (resource_type == ResourceType::MAIN_FRAME) { 274 // We check offline first, then check safe browsing so that we still can 275 // block unsafe site after we remove offline page. 276 throttles->push_back(new OfflineResourceThrottle( 277 child_id, route_id, request, appcache_service)); 278 // Add interstitial page while merge session process (cookie 279 // reconstruction from OAuth2 refresh token in ChromeOS login) is still in 280 // progress while we are attempting to load a google property. 281 throttles->push_back(new MergeSessionThrottle( 282 child_id, route_id, request)); 283 } 284#endif 285 286 // Don't attempt to append headers to requests that have already started. 287 // TODO(stevet): Remove this once the request ordering issues are resolved 288 // in crbug.com/128048. 289 if (!request->is_pending()) { 290 net::HttpRequestHeaders headers; 291 headers.CopyFrom(request->extra_request_headers()); 292 ProfileIOData* io_data = ProfileIOData::FromResourceContext( 293 resource_context); 294 bool incognito = io_data->is_incognito(); 295 chrome_variations::VariationsHttpHeaderProvider::GetInstance()-> 296 AppendHeaders(request->url(), 297 incognito, 298 !incognito && io_data->GetMetricsEnabledStateOnIOThread(), 299 &headers); 300 request->SetExtraRequestHeaders(headers); 301 } 302 303#if defined(ENABLE_ONE_CLICK_SIGNIN) 304 AppendChromeSyncGaiaHeader(request, resource_context); 305#endif 306 307 AppendStandardResourceThrottles(request, 308 resource_context, 309 child_id, 310 route_id, 311 resource_type, 312 throttles); 313 314 ProfileIOData* io_data = ProfileIOData::FromResourceContext(resource_context); 315 if (io_data->resource_prefetch_predictor_observer()) { 316 io_data->resource_prefetch_predictor_observer()->OnRequestStarted( 317 request, resource_type, child_id, route_id); 318 } 319} 320 321void ChromeResourceDispatcherHostDelegate::DownloadStarting( 322 net::URLRequest* request, 323 content::ResourceContext* resource_context, 324 int child_id, 325 int route_id, 326 int request_id, 327 bool is_content_initiated, 328 bool must_download, 329 ScopedVector<content::ResourceThrottle>* throttles) { 330 BrowserThread::PostTask( 331 BrowserThread::UI, FROM_HERE, 332 base::Bind(&NotifyDownloadInitiatedOnUI, child_id, route_id)); 333 334 // If it's from the web, we don't trust it, so we push the throttle on. 335 if (is_content_initiated) { 336 throttles->push_back( 337 new DownloadResourceThrottle(download_request_limiter_.get(), 338 child_id, 339 route_id, 340 request_id, 341 request->method())); 342#if defined(OS_ANDROID) 343 throttles->push_back( 344 new chrome::InterceptDownloadResourceThrottle( 345 request, child_id, route_id, request_id)); 346#endif 347 } 348 349 // If this isn't a new request, we've seen this before and added the standard 350 // resource throttles already so no need to add it again. 351 if (!request->is_pending()) { 352 AppendStandardResourceThrottles(request, 353 resource_context, 354 child_id, 355 route_id, 356 ResourceType::MAIN_FRAME, 357 throttles); 358 } 359} 360 361bool ChromeResourceDispatcherHostDelegate::AcceptSSLClientCertificateRequest( 362 net::URLRequest* request, net::SSLCertRequestInfo* cert_request_info) { 363 if (request->load_flags() & net::LOAD_PREFETCH) 364 return false; 365 366 ChromeURLRequestUserData* user_data = ChromeURLRequestUserData::Get(request); 367 if (user_data && user_data->is_prerender()) { 368 int child_id, route_id; 369 if (ResourceRequestInfo::ForRequest(request)->GetAssociatedRenderView( 370 &child_id, &route_id)) { 371 if (prerender_tracker_->TryCancel( 372 child_id, route_id, 373 prerender::FINAL_STATUS_SSL_CLIENT_CERTIFICATE_REQUESTED)) { 374 return false; 375 } 376 } 377 } 378 379 return true; 380} 381 382bool ChromeResourceDispatcherHostDelegate::AcceptAuthRequest( 383 net::URLRequest* request, 384 net::AuthChallengeInfo* auth_info) { 385 ChromeURLRequestUserData* user_data = ChromeURLRequestUserData::Get(request); 386 if (!user_data || !user_data->is_prerender()) 387 return true; 388 389 int child_id, route_id; 390 if (!ResourceRequestInfo::ForRequest(request)->GetAssociatedRenderView( 391 &child_id, &route_id)) { 392 NOTREACHED(); 393 return true; 394 } 395 396 if (!prerender_tracker_->TryCancelOnIOThread( 397 child_id, route_id, prerender::FINAL_STATUS_AUTH_NEEDED)) { 398 return true; 399 } 400 401 return false; 402} 403 404ResourceDispatcherHostLoginDelegate* 405 ChromeResourceDispatcherHostDelegate::CreateLoginDelegate( 406 net::AuthChallengeInfo* auth_info, net::URLRequest* request) { 407 return CreateLoginPrompt(auth_info, request); 408} 409 410bool ChromeResourceDispatcherHostDelegate::HandleExternalProtocol( 411 const GURL& url, int child_id, int route_id) { 412#if defined(OS_ANDROID) 413 // Android use a resource throttle to handle external as well as internal 414 // protocols. 415 return false; 416#else 417 418 if (prerender_tracker_->IsPrerenderingOnIOThread(child_id, route_id)) { 419 ReportPrerenderSchemeCancelReason( 420 PRERENDER_SCHEME_CANCEL_REASON_EXTERNAL_PROTOCOL); 421 prerender_tracker_->TryCancel( 422 child_id, route_id, prerender::FINAL_STATUS_UNSUPPORTED_SCHEME); 423 return false; 424 } 425 426 BrowserThread::PostTask( 427 BrowserThread::UI, FROM_HERE, 428 base::Bind(&ExternalProtocolHandler::LaunchUrl, url, child_id, route_id)); 429 return true; 430#endif 431} 432 433void ChromeResourceDispatcherHostDelegate::AppendStandardResourceThrottles( 434 net::URLRequest* request, 435 content::ResourceContext* resource_context, 436 int child_id, 437 int route_id, 438 ResourceType::Type resource_type, 439 ScopedVector<content::ResourceThrottle>* throttles) { 440 ProfileIOData* io_data = ProfileIOData::FromResourceContext(resource_context); 441#if defined(FULL_SAFE_BROWSING) || defined(MOBILE_SAFE_BROWSING) 442 // Insert safe browsing at the front of the list, so it gets to decide on 443 // policies first. 444 if (io_data->safe_browsing_enabled()->GetValue()) { 445 bool is_subresource_request = resource_type != ResourceType::MAIN_FRAME; 446 content::ResourceThrottle* throttle = 447 SafeBrowsingResourceThrottleFactory::Create(request, 448 child_id, 449 route_id, 450 is_subresource_request, 451 safe_browsing_.get()); 452 if (throttle) 453 throttles->push_back(throttle); 454 } 455#endif 456 457#if defined(ENABLE_MANAGED_USERS) 458 bool is_subresource_request = resource_type != ResourceType::MAIN_FRAME; 459 throttles->push_back(new ManagedModeResourceThrottle( 460 request, child_id, route_id, !is_subresource_request, 461 io_data->managed_mode_url_filter())); 462#endif 463 464 content::ResourceThrottle* throttle = 465 user_script_listener_->CreateResourceThrottle(request->url(), 466 resource_type); 467 if (throttle) 468 throttles->push_back(throttle); 469} 470 471#if defined(ENABLE_ONE_CLICK_SIGNIN) 472void ChromeResourceDispatcherHostDelegate::AppendChromeSyncGaiaHeader( 473 net::URLRequest* request, 474 content::ResourceContext* resource_context) { 475 static const char kAllowChromeSignIn[] = "Allow-Chrome-SignIn"; 476 477 ProfileIOData* io_data = ProfileIOData::FromResourceContext(resource_context); 478 OneClickSigninHelper::Offer offer = 479 OneClickSigninHelper::CanOfferOnIOThread(request, io_data); 480 switch (offer) { 481 case OneClickSigninHelper::CAN_OFFER: 482 request->SetExtraRequestHeaderByName(kAllowChromeSignIn, "1", false); 483 break; 484 case OneClickSigninHelper::DONT_OFFER: 485 request->RemoveRequestHeaderByName(kAllowChromeSignIn); 486 break; 487 case OneClickSigninHelper::IGNORE_REQUEST: 488 break; 489 } 490} 491#endif 492 493bool ChromeResourceDispatcherHostDelegate::ShouldForceDownloadResource( 494 const GURL& url, const std::string& mime_type) { 495 // Special-case user scripts to get downloaded instead of viewed. 496 return extensions::UserScript::IsURLUserScript(url, mime_type); 497} 498 499bool ChromeResourceDispatcherHostDelegate::ShouldInterceptResourceAsStream( 500 content::ResourceContext* resource_context, 501 const GURL& url, 502 const std::string& mime_type, 503 GURL* security_origin, 504 std::string* target_id) { 505#if !defined(OS_ANDROID) 506 ProfileIOData* io_data = 507 ProfileIOData::FromResourceContext(resource_context); 508 bool profile_is_incognito = io_data->is_incognito(); 509 const scoped_refptr<const ExtensionInfoMap> extension_info_map( 510 io_data->GetExtensionInfoMap()); 511 std::vector<std::string> whitelist = MimeTypesHandler::GetMIMETypeWhitelist(); 512 // Go through the white-listed extensions and try to use them to intercept 513 // the URL request. 514 for (size_t i = 0; i < whitelist.size(); ++i) { 515 const char* extension_id = whitelist[i].c_str(); 516 const Extension* extension = 517 extension_info_map->extensions().GetByID(extension_id); 518 // The white-listed extension may not be installed, so we have to NULL check 519 // |extension|. 520 if (!extension || 521 (profile_is_incognito && 522 !extension_info_map->IsIncognitoEnabled(extension_id))) { 523 continue; 524 } 525 526 if (ExtensionCanHandleMimeType(extension, mime_type)) { 527 *security_origin = Extension::GetBaseURLFromExtensionId(extension_id); 528 *target_id = extension_id; 529 return true; 530 } 531 } 532#endif 533 return false; 534} 535 536void ChromeResourceDispatcherHostDelegate::OnStreamCreated( 537 content::ResourceContext* resource_context, 538 int render_process_id, 539 int render_view_id, 540 const std::string& target_id, 541 scoped_ptr<content::StreamHandle> stream, 542 int64 expected_content_size) { 543#if !defined(OS_ANDROID) 544 content::BrowserThread::PostTask( 545 content::BrowserThread::UI, FROM_HERE, 546 base::Bind(&SendExecuteMimeTypeHandlerEvent, base::Passed(&stream), 547 expected_content_size, render_process_id, render_view_id, 548 target_id)); 549#endif 550} 551 552void ChromeResourceDispatcherHostDelegate::OnResponseStarted( 553 net::URLRequest* request, 554 content::ResourceContext* resource_context, 555 content::ResourceResponse* response, 556 IPC::Sender* sender) { 557 const ResourceRequestInfo* info = ResourceRequestInfo::ForRequest(request); 558 559 if (request->url().SchemeIsSecure()) { 560 const net::URLRequestContext* context = request->context(); 561 net::TransportSecurityState* state = context->transport_security_state(); 562 if (state) { 563 net::TransportSecurityState::DomainState domain_state; 564 bool has_sni = net::SSLConfigService::IsSNIAvailable( 565 context->ssl_config_service()); 566 if (state->GetDomainState(request->url().host(), has_sni, 567 &domain_state) && 568 domain_state.ShouldUpgradeToSSL()) { 569 sender->Send(new ChromeViewMsg_AddStrictSecurityHost( 570 info->GetRouteID(), request->url().host())); 571 } 572 } 573 } 574 575 // See if the response contains the X-Auto-Login header. If so, this was 576 // a request for a login page, and the server is allowing the browser to 577 // suggest auto-login, if available. 578 AutoLoginPrompter::ShowInfoBarIfPossible(request, info->GetChildID(), 579 info->GetRouteID()); 580 581 ProfileIOData* io_data = ProfileIOData::FromResourceContext(resource_context); 582 583#if defined(ENABLE_ONE_CLICK_SIGNIN) 584 // See if the response contains the Google-Accounts-SignIn header. If so, 585 // then the user has just finished signing in, and the server is allowing the 586 // browser to suggest connecting the user's profile to the account. 587 OneClickSigninHelper::ShowInfoBarIfPossible(request, io_data, 588 info->GetChildID(), 589 info->GetRouteID()); 590#endif 591 592 // Build in additional protection for the chrome web store origin. 593 GURL webstore_url(extension_urls::GetWebstoreLaunchURL()); 594 if (request->url().DomainIs(webstore_url.host().c_str())) { 595 net::HttpResponseHeaders* response_headers = request->response_headers(); 596 if (!response_headers->HasHeaderValue("x-frame-options", "deny") && 597 !response_headers->HasHeaderValue("x-frame-options", "sameorigin")) { 598 response_headers->RemoveHeader("x-frame-options"); 599 response_headers->AddHeader("x-frame-options: sameorigin"); 600 } 601 } 602 603 if (io_data->resource_prefetch_predictor_observer()) 604 io_data->resource_prefetch_predictor_observer()->OnResponseStarted(request); 605 606 prerender::URLRequestResponseStarted(request); 607} 608 609void ChromeResourceDispatcherHostDelegate::OnRequestRedirected( 610 const GURL& redirect_url, 611 net::URLRequest* request, 612 content::ResourceContext* resource_context, 613 content::ResourceResponse* response) { 614 ProfileIOData* io_data = ProfileIOData::FromResourceContext(resource_context); 615 616#if defined(ENABLE_ONE_CLICK_SIGNIN) 617 const ResourceRequestInfo* info = ResourceRequestInfo::ForRequest(request); 618 619 // See if the response contains the Google-Accounts-SignIn header. If so, 620 // then the user has just finished signing in, and the server is allowing the 621 // browser to suggest connecting the user's profile to the account. 622 OneClickSigninHelper::ShowInfoBarIfPossible(request, io_data, 623 info->GetChildID(), 624 info->GetRouteID()); 625 AppendChromeSyncGaiaHeader(request, resource_context); 626#endif 627 628 if (io_data->resource_prefetch_predictor_observer()) { 629 io_data->resource_prefetch_predictor_observer()->OnRequestRedirected( 630 redirect_url, request); 631 } 632 633 int child_id, route_id; 634 if (!prerender::PrerenderManager::DoesURLHaveValidScheme(redirect_url) && 635 ResourceRequestInfo::ForRequest(request)->GetAssociatedRenderView( 636 &child_id, &route_id) && 637 prerender_tracker_->IsPrerenderingOnIOThread(child_id, route_id)) { 638 ReportUnsupportedPrerenderScheme(redirect_url); 639 prerender_tracker_->TryCancel( 640 child_id, route_id, prerender::FINAL_STATUS_UNSUPPORTED_SCHEME); 641 request->Cancel(); 642 } 643} 644