safe_browsing_resource_throttle.h revision 5821806d5e7f356e8fa4b058a389a808ea183019
1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef CHROME_BROWSER_RENDERER_HOST_SAFE_BROWSING_RESOURCE_THROTTLE_H_ 6#define CHROME_BROWSER_RENDERER_HOST_SAFE_BROWSING_RESOURCE_THROTTLE_H_ 7 8#include <string> 9#include <vector> 10 11#include "base/memory/ref_counted.h" 12#include "base/time.h" 13#include "base/timer.h" 14#include "chrome/browser/safe_browsing/safe_browsing_service.h" 15#include "content/public/browser/resource_throttle.h" 16 17class ResourceDispatcherHost; 18 19namespace net { 20class URLRequest; 21} 22 23// SafeBrowsingResourceThrottle checks that URLs are "safe" before navigating 24// to them. To be considered "safe", a URL must not appear in the 25// malware/phishing blacklists (see SafeBrowsingService for details). 26// 27// This check is done before requesting the original URL, and additionally 28// before following any subsequent redirect. 29// 30// In the common case, the check completes synchronously (no match in the bloom 31// filter), so the request's flow is un-interrupted. 32// 33// However if the URL fails this quick check, it has the possibility of being 34// on the blacklist. Now the request is suspended (prevented from starting), 35// and a more expensive safe browsing check is begun (fetches the full hashes). 36// 37// Note that the safe browsing check takes at most kCheckUrlTimeoutMs 38// milliseconds. If it takes longer than this, then the system defaults to 39// treating the URL as safe. 40// 41// Once the safe browsing check has completed, if the URL was decided to be 42// dangerous, a warning page is thrown up and the request remains suspended. 43// If on the other hand the URL was decided to be safe, the request is 44// resumed. 45class SafeBrowsingResourceThrottle 46 : public content::ResourceThrottle, 47 public SafeBrowsingService::Client, 48 public base::SupportsWeakPtr<SafeBrowsingResourceThrottle> { 49 public: 50 static SafeBrowsingResourceThrottle* Create( 51 const net::URLRequest* request, 52 int render_process_host_id, 53 int render_view_id, 54 bool is_subresource, 55 SafeBrowsingService* safe_browsing); 56 57 // content::ResourceThrottle implementation (called on IO thread): 58 virtual void WillStartRequest(bool* defer) OVERRIDE; 59 virtual void WillRedirectRequest(const GURL& new_url, bool* defer) OVERRIDE; 60 61 // SafeBrowsingService::Client implementation (called on IO thread): 62 virtual void OnCheckBrowseUrlResult( 63 const GURL& url, SBThreatType result) OVERRIDE; 64 65 private: 66 // Describes what phase of the check a throttle is in. 67 enum State { 68 STATE_NONE, 69 STATE_CHECKING_URL, 70 STATE_DISPLAYING_BLOCKING_PAGE, 71 }; 72 73 // Describes what stage of the request got paused by the check. 74 enum DeferState { 75 DEFERRED_NONE, 76 DEFERRED_START, 77 DEFERRED_REDIRECT, 78 }; 79 80 SafeBrowsingResourceThrottle(const net::URLRequest* request, 81 int render_process_host_id, 82 int render_view_id, 83 bool is_subresource, 84 SafeBrowsingService* safe_browsing); 85 86 virtual ~SafeBrowsingResourceThrottle(); 87 88 // SafeBrowsingService::UrlCheckCallback implementation. 89 void OnBlockingPageComplete(bool proceed); 90 91 // Starts running |url| through the safe browsing check. Returns true if the 92 // URL is safe to visit. Otherwise returns false and will call 93 // OnBrowseUrlResult() when the check has completed. 94 bool CheckUrl(const GURL& url); 95 96 // Callback for when the safe browsing check (which was initiated by 97 // StartCheckingUrl()) has taken longer than kCheckUrlTimeoutMs. 98 void OnCheckUrlTimeout(); 99 100 // Starts displaying the safe browsing interstitial page. 101 void StartDisplayingBlockingPage(const GURL& url, SBThreatType threat_type); 102 103 // Resumes the request, by continuing the deferred action (either starting the 104 // request, or following a redirect). 105 void ResumeRequest(); 106 107 State state_; 108 DeferState defer_state_; 109 110 // The result of the most recent safe browsing check. Only valid to read this 111 // when state_ != STATE_CHECKING_URL. 112 SBThreatType threat_type_; 113 114 // The time when the outstanding safe browsing check was started. 115 base::TimeTicks url_check_start_time_; 116 117 // Timer to abort the safe browsing check if it takes too long. 118 base::OneShotTimer<SafeBrowsingResourceThrottle> timer_; 119 120 // The redirect chain for this resource 121 std::vector<GURL> redirect_urls_; 122 123 GURL url_being_checked_; 124 125 int render_process_host_id_; 126 int render_view_id_; 127 scoped_refptr<SafeBrowsingService> safe_browsing_; 128 const net::URLRequest* request_; 129 bool is_subresource_; 130 131 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingResourceThrottle); 132}; 133 134 135#endif // CHROME_BROWSER_RENDERER_HOST_SAFE_BROWSING_RESOURCE_THROTTLE_H_ 136