safe_browsing_resource_throttle.h revision 5821806d5e7f356e8fa4b058a389a808ea183019 
1// Copyright (c) 2012 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef CHROME_BROWSER_RENDERER_HOST_SAFE_BROWSING_RESOURCE_THROTTLE_H_
6#define CHROME_BROWSER_RENDERER_HOST_SAFE_BROWSING_RESOURCE_THROTTLE_H_
7
8#include <string>
9#include <vector>
10
11#include "base/memory/ref_counted.h"
12#include "base/time.h"
13#include "base/timer.h"
14#include "chrome/browser/safe_browsing/safe_browsing_service.h"
15#include "content/public/browser/resource_throttle.h"
16
17class ResourceDispatcherHost;
18
19namespace net {
20class URLRequest;
21}
22
23// SafeBrowsingResourceThrottle checks that URLs are "safe" before navigating
24// to them. To be considered "safe", a URL must not appear in the
25// malware/phishing blacklists (see SafeBrowsingService for details).
26//
27// This check is done before requesting the original URL, and additionally
28// before following any subsequent redirect.
29//
30// In the common case, the check completes synchronously (no match in the bloom
31// filter), so the request's flow is un-interrupted.
32//
33// However if the URL fails this quick check, it has the possibility of being
34// on the blacklist. Now the request is suspended (prevented from starting),
35// and a more expensive safe browsing check is begun (fetches the full hashes).
36//
37// Note that the safe browsing check takes at most kCheckUrlTimeoutMs
38// milliseconds. If it takes longer than this, then the system defaults to
39// treating the URL as safe.
40//
41// Once the safe browsing check has completed, if the URL was decided to be
42// dangerous, a warning page is thrown up and the request remains suspended.
43// If on the other hand the URL was decided to be safe, the request is
44// resumed.
45class SafeBrowsingResourceThrottle
46    : public content::ResourceThrottle,
47      public SafeBrowsingService::Client,
48      public base::SupportsWeakPtr<SafeBrowsingResourceThrottle> {
49 public:
50  static SafeBrowsingResourceThrottle* Create(
51      const net::URLRequest* request,
52      int render_process_host_id,
53      int render_view_id,
54      bool is_subresource,
55      SafeBrowsingService* safe_browsing);
56
57  // content::ResourceThrottle implementation (called on IO thread):
58  virtual void WillStartRequest(bool* defer) OVERRIDE;
59  virtual void WillRedirectRequest(const GURL& new_url, bool* defer) OVERRIDE;
60
61  // SafeBrowsingService::Client implementation (called on IO thread):
62  virtual void OnCheckBrowseUrlResult(
63      const GURL& url, SBThreatType result) OVERRIDE;
64
65 private:
66  // Describes what phase of the check a throttle is in.
67  enum State {
68    STATE_NONE,
69    STATE_CHECKING_URL,
70    STATE_DISPLAYING_BLOCKING_PAGE,
71  };
72
73  // Describes what stage of the request got paused by the check.
74  enum DeferState {
75    DEFERRED_NONE,
76    DEFERRED_START,
77    DEFERRED_REDIRECT,
78  };
79
80  SafeBrowsingResourceThrottle(const net::URLRequest* request,
81                               int render_process_host_id,
82                               int render_view_id,
83                               bool is_subresource,
84                               SafeBrowsingService* safe_browsing);
85
86  virtual ~SafeBrowsingResourceThrottle();
87
88  // SafeBrowsingService::UrlCheckCallback implementation.
89  void OnBlockingPageComplete(bool proceed);
90
91  // Starts running |url| through the safe browsing check. Returns true if the
92  // URL is safe to visit. Otherwise returns false and will call
93  // OnBrowseUrlResult() when the check has completed.
94  bool CheckUrl(const GURL& url);
95
96  // Callback for when the safe browsing check (which was initiated by
97  // StartCheckingUrl()) has taken longer than kCheckUrlTimeoutMs.
98  void OnCheckUrlTimeout();
99
100  // Starts displaying the safe browsing interstitial page.
101  void StartDisplayingBlockingPage(const GURL& url, SBThreatType threat_type);
102
103  // Resumes the request, by continuing the deferred action (either starting the
104  // request, or following a redirect).
105  void ResumeRequest();
106
107  State state_;
108  DeferState defer_state_;
109
110  // The result of the most recent safe browsing check. Only valid to read this
111  // when state_ != STATE_CHECKING_URL.
112  SBThreatType threat_type_;
113
114  // The time when the outstanding safe browsing check was started.
115  base::TimeTicks url_check_start_time_;
116
117  // Timer to abort the safe browsing check if it takes too long.
118  base::OneShotTimer<SafeBrowsingResourceThrottle> timer_;
119
120  // The redirect chain for this resource
121  std::vector<GURL> redirect_urls_;
122
123  GURL url_being_checked_;
124
125  int render_process_host_id_;
126  int render_view_id_;
127  scoped_refptr<SafeBrowsingService> safe_browsing_;
128  const net::URLRequest* request_;
129  bool is_subresource_;
130
131  DISALLOW_COPY_AND_ASSIGN(SafeBrowsingResourceThrottle);
132};
133
134
135#endif  // CHROME_BROWSER_RENDERER_HOST_SAFE_BROWSING_RESOURCE_THROTTLE_H_
136