safe_browsing_resource_handler.h revision c407dc5cd9bdc5668497f21b26b09d988ab439de
1// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef CHROME_BROWSER_RENDERER_HOST_SAFE_BROWSING_RESOURCE_HANDLER_H_ 6#define CHROME_BROWSER_RENDERER_HOST_SAFE_BROWSING_RESOURCE_HANDLER_H_ 7 8#include <string> 9 10#include "base/ref_counted.h" 11#include "base/time.h" 12#include "base/timer.h" 13#include "chrome/browser/renderer_host/resource_dispatcher_host.h" 14#include "chrome/browser/renderer_host/resource_handler.h" 15#include "chrome/browser/safe_browsing/safe_browsing_service.h" 16#include "chrome/common/notification_registrar.h" 17 18// SafeBrowsingResourceHandler checks that URLs are "safe" before navigating 19// to them. To be considered "safe", a URL must not appear in the 20// malware/phishing blacklists (see SafeBrowsingService for details). 21// 22// This check is done before requesting the original URL, and additionally 23// before following any subsequent redirect. 24// 25// In the common case, the check completes synchronously (no match in the bloom 26// filter), so the request's flow is un-interrupted. 27// 28// However if the URL fails this quick check, it has the possibility of being 29// on the blacklist. Now the request is suspended (prevented from starting), 30// and a more expensive safe browsing check is begun (fetches the full hashes). 31// 32// Note that the safe browsing check takes at most kCheckUrlTimeoutMs 33// milliseconds. If it takes longer than this, then the system defaults to 34// treating the URL as safe. 35// 36// Once the safe browsing check has completed, if the URL was decided to be 37// dangerous, a warning page is thrown up and the request remains suspended. 38// If on the other hand the URL was decided to be safe, the request is 39// resumed. 40class SafeBrowsingResourceHandler : public ResourceHandler, 41 public SafeBrowsingService::Client, 42 public NotificationObserver { 43 public: 44 SafeBrowsingResourceHandler(ResourceHandler* handler, 45 int render_process_host_id, 46 int render_view_id, 47 ResourceType::Type resource_type, 48 SafeBrowsingService* safe_browsing, 49 ResourceDispatcherHost* resource_dispatcher_host, 50 ResourceDispatcherHost::Receiver* receiver); 51 52 // ResourceHandler implementation: 53 bool OnUploadProgress(int request_id, uint64 position, uint64 size); 54 bool OnRequestRedirected(int request_id, const GURL& new_url, 55 ResourceResponse* response, bool* defer); 56 bool OnResponseStarted(int request_id, ResourceResponse* response); 57 bool OnWillStart(int request_id, const GURL& url, bool* defer); 58 bool OnWillRead(int request_id, net::IOBuffer** buf, int* buf_size, 59 int min_size); 60 bool OnReadCompleted(int request_id, int* bytes_read); 61 bool OnResponseCompleted(int request_id, 62 const URLRequestStatus& status, 63 const std::string& security_info); 64 virtual void OnRequestClosed(); 65 66 // SafeBrowsingService::Client implementation, called on the IO thread once 67 // the URL has been classified. 68 void OnUrlCheckResult(const GURL& url, 69 SafeBrowsingService::UrlCheckResult result); 70 71 // SafeBrowsingService::Client implementation, called on the IO thread when 72 // the user has decided to proceed with the current request, or go back. 73 void OnBlockingPageComplete(bool proceed); 74 75 // NotificationObserver interface. 76 void Observe(NotificationType type, 77 const NotificationSource& source, 78 const NotificationDetails& details); 79 80 private: 81 // Describes what phase of the check a handler is in. 82 enum State { 83 STATE_NONE, 84 STATE_CHECKING_URL, 85 STATE_DISPLAYING_BLOCKING_PAGE, 86 }; 87 88 // Describes what stage of the request got paused by the check. 89 enum DeferState { 90 DEFERRED_NONE, 91 DEFERRED_START, 92 DEFERRED_REDIRECT, 93 }; 94 95 ~SafeBrowsingResourceHandler(); 96 97 // Cancels any in progress safe browsing actions. 98 void Shutdown(); 99 100 // Starts running |url| through the safe browsing check. Returns true if the 101 // URL is safe to visit. Otherwise returns false and will call 102 // OnUrlCheckResult() when the check has completed. 103 bool CheckUrl(const GURL& url); 104 105 // Callback for when the safe browsing check (which was initiated by 106 // StartCheckingUrl()) has taken longer than kCheckUrlTimeoutMs. 107 void OnCheckUrlTimeout(); 108 109 // Starts displaying the safe browsing interstitial page. 110 void StartDisplayingBlockingPage(const GURL& url, 111 SafeBrowsingService::UrlCheckResult result); 112 113 // Resumes the request, by continuing the deferred action (either starting the 114 // request, or following a redirect). 115 void ResumeRequest(); 116 117 // Resumes the deferred "start". 118 void ResumeStart(); 119 120 // Resumes the deferred redirect. 121 void ResumeRedirect(); 122 123 // Erases the state associated with a deferred "start" or redirect 124 // (i.e. the deferred URL and request ID). 125 void ClearDeferredRequestInfo(); 126 127 State state_; 128 DeferState defer_state_; 129 130 // The result of the most recent safe browsing check. Only valid to read this 131 // when state_ != STATE_CHECKING_URL. 132 SafeBrowsingService::UrlCheckResult safe_browsing_result_; 133 134 // The time when the outstanding safe browsing check was started. 135 base::TimeTicks url_check_start_time_; 136 137 // Timer to abort the safe browsing check if it takes too long. 138 base::OneShotTimer<SafeBrowsingResourceHandler> timer_; 139 140 // Details on the deferred request (either a start or redirect). It is only 141 // valid to access these members when defer_state_ != DEFERRED_NONE. 142 GURL deferred_url_; 143 int deferred_request_id_; 144 scoped_refptr<ResourceResponse> deferred_redirect_response_; 145 146 NotificationRegistrar registrar_; 147 scoped_refptr<ResourceHandler> next_handler_; 148 int render_process_host_id_; 149 int render_view_id_; 150 scoped_refptr<SafeBrowsingService> safe_browsing_; 151 ResourceDispatcherHost* rdh_; 152 ResourceType::Type resource_type_; 153 154 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingResourceHandler); 155}; 156 157 158#endif // CHROME_BROWSER_RENDERER_HOST_SAFE_BROWSING_RESOURCE_HANDLER_H_ 159