safe_browsing_resource_handler.h revision c407dc5cd9bdc5668497f21b26b09d988ab439de 
1// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef CHROME_BROWSER_RENDERER_HOST_SAFE_BROWSING_RESOURCE_HANDLER_H_
6#define CHROME_BROWSER_RENDERER_HOST_SAFE_BROWSING_RESOURCE_HANDLER_H_
7
8#include <string>
9
10#include "base/ref_counted.h"
11#include "base/time.h"
12#include "base/timer.h"
13#include "chrome/browser/renderer_host/resource_dispatcher_host.h"
14#include "chrome/browser/renderer_host/resource_handler.h"
15#include "chrome/browser/safe_browsing/safe_browsing_service.h"
16#include "chrome/common/notification_registrar.h"
17
18// SafeBrowsingResourceHandler checks that URLs are "safe" before navigating
19// to them. To be considered "safe", a URL must not appear in the
20// malware/phishing blacklists (see SafeBrowsingService for details).
21//
22// This check is done before requesting the original URL, and additionally
23// before following any subsequent redirect.
24//
25// In the common case, the check completes synchronously (no match in the bloom
26// filter), so the request's flow is un-interrupted.
27//
28// However if the URL fails this quick check, it has the possibility of being
29// on the blacklist. Now the request is suspended (prevented from starting),
30// and a more expensive safe browsing check is begun (fetches the full hashes).
31//
32// Note that the safe browsing check takes at most kCheckUrlTimeoutMs
33// milliseconds. If it takes longer than this, then the system defaults to
34// treating the URL as safe.
35//
36// Once the safe browsing check has completed, if the URL was decided to be
37// dangerous, a warning page is thrown up and the request remains suspended.
38// If on the other hand the URL was decided to be safe, the request is
39// resumed.
40class SafeBrowsingResourceHandler : public ResourceHandler,
41                                    public SafeBrowsingService::Client,
42                                    public NotificationObserver {
43 public:
44  SafeBrowsingResourceHandler(ResourceHandler* handler,
45                              int render_process_host_id,
46                              int render_view_id,
47                              ResourceType::Type resource_type,
48                              SafeBrowsingService* safe_browsing,
49                              ResourceDispatcherHost* resource_dispatcher_host,
50                              ResourceDispatcherHost::Receiver* receiver);
51
52  // ResourceHandler implementation:
53  bool OnUploadProgress(int request_id, uint64 position, uint64 size);
54  bool OnRequestRedirected(int request_id, const GURL& new_url,
55                           ResourceResponse* response, bool* defer);
56  bool OnResponseStarted(int request_id, ResourceResponse* response);
57  bool OnWillStart(int request_id, const GURL& url, bool* defer);
58  bool OnWillRead(int request_id, net::IOBuffer** buf, int* buf_size,
59                  int min_size);
60  bool OnReadCompleted(int request_id, int* bytes_read);
61  bool OnResponseCompleted(int request_id,
62                           const URLRequestStatus& status,
63                           const std::string& security_info);
64  virtual void OnRequestClosed();
65
66  // SafeBrowsingService::Client implementation, called on the IO thread once
67  // the URL has been classified.
68  void OnUrlCheckResult(const GURL& url,
69                        SafeBrowsingService::UrlCheckResult result);
70
71  // SafeBrowsingService::Client implementation, called on the IO thread when
72  // the user has decided to proceed with the current request, or go back.
73  void OnBlockingPageComplete(bool proceed);
74
75  // NotificationObserver interface.
76  void Observe(NotificationType type,
77               const NotificationSource& source,
78               const NotificationDetails& details);
79
80 private:
81  // Describes what phase of the check a handler is in.
82  enum State {
83    STATE_NONE,
84    STATE_CHECKING_URL,
85    STATE_DISPLAYING_BLOCKING_PAGE,
86  };
87
88  // Describes what stage of the request got paused by the check.
89  enum DeferState {
90    DEFERRED_NONE,
91    DEFERRED_START,
92    DEFERRED_REDIRECT,
93  };
94
95  ~SafeBrowsingResourceHandler();
96
97  // Cancels any in progress safe browsing actions.
98  void Shutdown();
99
100  // Starts running |url| through the safe browsing check. Returns true if the
101  // URL is safe to visit. Otherwise returns false and will call
102  // OnUrlCheckResult() when the check has completed.
103  bool CheckUrl(const GURL& url);
104
105  // Callback for when the safe browsing check (which was initiated by
106  // StartCheckingUrl()) has taken longer than kCheckUrlTimeoutMs.
107  void OnCheckUrlTimeout();
108
109  // Starts displaying the safe browsing interstitial page.
110  void StartDisplayingBlockingPage(const GURL& url,
111                                   SafeBrowsingService::UrlCheckResult result);
112
113  // Resumes the request, by continuing the deferred action (either starting the
114  // request, or following a redirect).
115  void ResumeRequest();
116
117  // Resumes the deferred "start".
118  void ResumeStart();
119
120  // Resumes the deferred redirect.
121  void ResumeRedirect();
122
123  // Erases the state associated with a deferred "start" or redirect
124  // (i.e. the deferred URL and request ID).
125  void ClearDeferredRequestInfo();
126
127  State state_;
128  DeferState defer_state_;
129
130  // The result of the most recent safe browsing check. Only valid to read this
131  // when state_ != STATE_CHECKING_URL.
132  SafeBrowsingService::UrlCheckResult safe_browsing_result_;
133
134  // The time when the outstanding safe browsing check was started.
135  base::TimeTicks url_check_start_time_;
136
137  // Timer to abort the safe browsing check if it takes too long.
138  base::OneShotTimer<SafeBrowsingResourceHandler> timer_;
139
140  // Details on the deferred request (either a start or redirect). It is only
141  // valid to access these members when defer_state_ != DEFERRED_NONE.
142  GURL deferred_url_;
143  int deferred_request_id_;
144  scoped_refptr<ResourceResponse> deferred_redirect_response_;
145
146  NotificationRegistrar registrar_;
147  scoped_refptr<ResourceHandler> next_handler_;
148  int render_process_host_id_;
149  int render_view_id_;
150  scoped_refptr<SafeBrowsingService> safe_browsing_;
151  ResourceDispatcherHost* rdh_;
152  ResourceType::Type resource_type_;
153
154  DISALLOW_COPY_AND_ASSIGN(SafeBrowsingResourceHandler);
155};
156
157
158#endif  // CHROME_BROWSER_RENDERER_HOST_SAFE_BROWSING_RESOURCE_HANDLER_H_
159