url_blacklist_manager.h revision a02191e04bc25c4935f804f2c080ae28663d096d
1// Copyright 2014 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef COMPONENTS_POLICY_CORE_BROWSER_URL_BLACKLIST_MANAGER_H_
6#define COMPONENTS_POLICY_CORE_BROWSER_URL_BLACKLIST_MANAGER_H_
7
8#include <map>
9#include <string>
10
11#include "base/basictypes.h"
12#include "base/callback_forward.h"
13#include "base/compiler_specific.h"
14#include "base/containers/hash_tables.h"
15#include "base/memory/ref_counted.h"
16#include "base/memory/scoped_ptr.h"
17#include "base/memory/weak_ptr.h"
18#include "base/prefs/pref_change_registrar.h"
19#include "components/policy/policy_export.h"
20#include "components/url_matcher/url_matcher.h"
21#include "url/gurl.h"
22
23class PrefService;
24
25namespace base {
26class ListValue;
27class SequencedTaskRunner;
28}
29
30namespace net {
31class URLRequest;
32}
33
34namespace user_prefs {
35class PrefRegistrySyncable;
36}
37
38namespace policy {
39
40// Contains a set of filters to block and allow certain URLs, and matches GURLs
41// against this set. The filters are currently kept in memory.
42class POLICY_EXPORT URLBlacklist {
43 public:
44  // This is meant to be bound to URLFixerUpper::SegmentURL. See that function
45  // for documentation on the parameters and return value.
46  typedef std::string (*SegmentURLCallback)(const std::string&,
47                                            url_parse::Parsed*);
48
49  explicit URLBlacklist(SegmentURLCallback segment_url);
50  virtual ~URLBlacklist();
51
52  // Allows or blocks URLs matching one of the filters, depending on |allow|.
53  void AddFilters(bool allow, const base::ListValue* filters);
54
55  // URLs matching one of the |filters| will be blocked. The filter format is
56  // documented at
57  // http://www.chromium.org/administrators/url-blacklist-filter-format.
58  void Block(const base::ListValue* filters);
59
60  // URLs matching one of the |filters| will be allowed. If a URL is both
61  // Blocked and Allowed, Allow takes precedence.
62  void Allow(const base::ListValue* filters);
63
64  // Returns true if the URL is blocked.
65  bool IsURLBlocked(const GURL& url) const;
66
67  // Returns the number of items in the list.
68  size_t Size() const;
69
70  // Splits a URL filter into its components. A GURL isn't used because these
71  // can be invalid URLs e.g. "google.com".
72  // Returns false if the URL couldn't be parsed.
73  // The |host| is preprocessed so it can be passed to URLMatcher for the
74  // appropriate condition.
75  // The optional username and password are ignored.
76  // |match_subdomains| specifies whether the filter should include subdomains
77  // of the hostname (if it is one.)
78  // |port| is 0 if none is explicitly defined.
79  // |path| does not include query parameters.
80  // |query| contains the query parameters ('?' not included).
81  static bool FilterToComponents(SegmentURLCallback segment_url,
82                                 const std::string& filter,
83                                 std::string* scheme,
84                                 std::string* host,
85                                 bool* match_subdomains,
86                                 uint16* port,
87                                 std::string* path,
88                                 std::string* query);
89
90  // Creates a condition set that can be used with the |url_matcher|. |id| needs
91  // to be a unique number that will be returned by the |url_matcher| if the URL
92  // matches that condition set. |allow| indicates if it is a white-list (true)
93  // or black-list (false) filter.
94  static scoped_refptr<url_matcher::URLMatcherConditionSet> CreateConditionSet(
95      url_matcher::URLMatcher* url_matcher,
96      url_matcher::URLMatcherConditionSet::ID id,
97      const std::string& scheme,
98      const std::string& host,
99      bool match_subdomains,
100      uint16 port,
101      const std::string& path,
102      const std::string& query,
103      bool allow);
104
105 private:
106  struct FilterComponents;
107
108  // Returns true if |lhs| takes precedence over |rhs|.
109  static bool FilterTakesPrecedence(const FilterComponents& lhs,
110                                    const FilterComponents& rhs);
111
112  SegmentURLCallback segment_url_;
113  url_matcher::URLMatcherConditionSet::ID id_;
114  std::map<url_matcher::URLMatcherConditionSet::ID, FilterComponents> filters_;
115  scoped_ptr<url_matcher::URLMatcher> url_matcher_;
116
117  DISALLOW_COPY_AND_ASSIGN(URLBlacklist);
118};
119
120// Tracks the blacklist policies for a given profile, and updates it on changes.
121//
122// This class interacts with both the UI thread, where notifications of pref
123// changes are received from, and the IO thread, which owns it (in the
124// ProfileIOData) and checks for blacklisted URLs (from ChromeNetworkDelegate).
125//
126// It must be constructed on the UI thread, to set up |ui_weak_ptr_factory_| and
127// the prefs listeners.
128//
129// ShutdownOnUIThread must be called from UI before destruction, to release
130// the prefs listeners on the UI thread. This is done from ProfileIOData.
131//
132// Update tasks from the UI thread can post safely to the IO thread, since the
133// destruction order of Profile and ProfileIOData guarantees that if this
134// exists in UI, then a potential destruction on IO will come after any task
135// posted to IO from that method on UI. This is used to go through IO before
136// the actual update starts, and grab a WeakPtr.
137class POLICY_EXPORT URLBlacklistManager {
138 public:
139  // Returns true if the blacklist should be overridden for |url| and sets
140  // |block| to true if it should be blocked and false otherwise.
141  // |reason| is set to the exact reason for blocking |url| iff |block| is true.
142  typedef base::Callback<bool(const GURL& url, bool* block, int* reason)>
143      OverrideBlacklistCallback;
144
145  // Must be constructed on the UI thread.
146  // |background_task_runner| is used to build the blacklist in a background
147  // thread.
148  // |io_task_runner| must be backed by the IO thread.
149  // |segment_url| is used to break a URL spec into its components.
150  URLBlacklistManager(
151      PrefService* pref_service,
152      const scoped_refptr<base::SequencedTaskRunner>& background_task_runner,
153      const scoped_refptr<base::SequencedTaskRunner>& io_task_runner,
154      URLBlacklist::SegmentURLCallback segment_url,
155      OverrideBlacklistCallback override_blacklist);
156  virtual ~URLBlacklistManager();
157
158  // Must be called on the UI thread, before destruction.
159  void ShutdownOnUIThread();
160
161  // Returns true if |url| is blocked by the current blacklist. Must be called
162  // from the IO thread.
163  bool IsURLBlocked(const GURL& url) const;
164
165  // Returns true if |request| is blocked by the current blacklist.
166  // Only main frame and sub frame requests may be blocked; other sub resources
167  // or background downloads (e.g. extensions updates, sync, etc) are not
168  // filtered. The sync signin page is also not filtered.
169  // |reason| is populated with the exact reason for blocking the url if and
170  // only if the return value is true otherwise it is left untouched.
171  // Must be called from the IO thread.
172  bool IsRequestBlocked(const net::URLRequest& request, int* reason) const;
173
174  // Replaces the current blacklist. Must be called on the IO thread.
175  // Virtual for testing.
176  virtual void SetBlacklist(scoped_ptr<URLBlacklist> blacklist);
177
178  // Registers the preferences related to blacklisting in the given PrefService.
179  static void RegisterProfilePrefs(user_prefs::PrefRegistrySyncable* registry);
180
181 protected:
182  // Used to delay updating the blacklist while the preferences are
183  // changing, and execute only one update per simultaneous prefs changes.
184  void ScheduleUpdate();
185
186  // Updates the blacklist using the current preference values.
187  // Virtual for testing.
188  virtual void Update();
189
190  // Starts the blacklist update on the IO thread, using the filters in
191  // |block| and |allow|. Protected for testing.
192  void UpdateOnIO(scoped_ptr<base::ListValue> block,
193                  scoped_ptr<base::ListValue> allow);
194
195 private:
196  // ---------
197  // UI thread
198  // ---------
199
200  // Used to post update tasks to the UI thread.
201  base::WeakPtrFactory<URLBlacklistManager> ui_weak_ptr_factory_;
202
203  // Used to track the policies and update the blacklist on changes.
204  PrefChangeRegistrar pref_change_registrar_;
205  PrefService* pref_service_;  // Weak.
206
207  // Used to post tasks to a background thread.
208  scoped_refptr<base::SequencedTaskRunner> background_task_runner_;
209
210  // Used to post tasks to the IO thread.
211  scoped_refptr<base::SequencedTaskRunner> io_task_runner_;
212
213  // Used to break a URL into its components.
214  URLBlacklist::SegmentURLCallback segment_url_;
215
216  // Used to optionally skip blacklisting for some URLs.
217  OverrideBlacklistCallback override_blacklist_;
218
219  // ---------
220  // IO thread
221  // ---------
222
223  // Used to get |weak_ptr_| to self on the IO thread.
224  base::WeakPtrFactory<URLBlacklistManager> io_weak_ptr_factory_;
225
226  // Used to post tasks to the UI thread.
227  scoped_refptr<base::SequencedTaskRunner> ui_task_runner_;
228
229  // The current blacklist.
230  scoped_ptr<URLBlacklist> blacklist_;
231
232  DISALLOW_COPY_AND_ASSIGN(URLBlacklistManager);
233};
234
235}  // namespace policy
236
237#endif  // COMPONENTS_POLICY_CORE_BROWSER_URL_BLACKLIST_MANAGER_H_
238