Google Git
Sign in
chromium / chromium / src / 71263453249c02fb8d4779c579afc5392a2d3496 / . / services / network / network_context.h
blob: b3c053ab425b923f1ae99d8d51f94acc58cfaa14 [file] [log] [blame]
// Copyright 2017 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef SERVICES_NETWORK_NETWORK_CONTEXT_H_
#define SERVICES_NETWORK_NETWORK_CONTEXT_H_
#include <stdint.h>
#include <map>
#include <memory>
#include <set>
#include <string>
#include <utility>
#include <vector>
#include "base/callback.h"
#include "base/component_export.h"
#include "base/containers/flat_map.h"
#include "base/containers/flat_set.h"
#include "base/containers/unique_ptr_adapters.h"
#include "base/macros.h"
#include "base/optional.h"
#include "base/time/time.h"
#include "build/build_config.h"
#include "build/chromeos_buildflags.h"
#include "mojo/public/cpp/base/big_buffer.h"
#include "mojo/public/cpp/bindings/pending_receiver.h"
#include "mojo/public/cpp/bindings/pending_remote.h"
#include "mojo/public/cpp/bindings/receiver.h"
#include "mojo/public/cpp/bindings/remote.h"
#include "mojo/public/cpp/bindings/unique_receiver_set.h"
#include "net/base/network_isolation_key.h"
#include "net/cert/cert_verifier.h"
#include "net/cert/cert_verify_result.h"
#include "net/dns/host_resolver.h"
#include "net/dns/public/dns_config_overrides.h"
#include "net/http/http_auth_preferences.h"
#include "services/network/cors/preflight_controller.h"
#include "services/network/http_cache_data_counter.h"
#include "services/network/http_cache_data_remover.h"
#include "services/network/network_qualities_pref_delegate.h"
#include "services/network/origin_policy/origin_policy_manager.h"
#include "services/network/public/cpp/cors/origin_access_list.h"
#include "services/network/public/cpp/network_service_buildflags.h"
#include "services/network/public/mojom/cookie_access_observer.mojom.h"
#include "services/network/public/mojom/cookie_manager.mojom-shared.h"
#include "services/network/public/mojom/host_resolver.mojom.h"
#include "services/network/public/mojom/network_context.mojom-forward.h"
#include "services/network/public/mojom/network_context.mojom.h"
#include "services/network/public/mojom/origin_policy_manager.mojom.h"
#include "services/network/public/mojom/proxy_lookup_client.mojom.h"
#include "services/network/public/mojom/proxy_resolving_socket.mojom.h"
#include "services/network/public/mojom/restricted_cookie_manager.mojom.h"
#include "services/network/public/mojom/tcp_socket.mojom.h"
#include "services/network/public/mojom/udp_socket.mojom.h"
#include "services/network/public/mojom/url_loader_factory.mojom.h"
#include "services/network/public/mojom/websocket.mojom.h"
#include "services/network/socket_factory.h"
#include "services/network/url_request_context_owner.h"
#include "services/network/web_bundle_manager.h"
#if BUILDFLAG(IS_CHROMEOS_ASH)
#include "crypto/scoped_nss_types.h"
#endif
namespace base {
class UnguessableToken;
} // namespace base
namespace net {
class CertNetFetcher;
class CertNetFetcherURLRequest;
class CertVerifier;
class HostPortPair;
class IsolationInfo;
class NetworkIsolationKey;
class ReportSender;
class StaticHttpUserAgentSettings;
class URLRequestContext;
} // namespace net
namespace certificate_transparency {
class ChromeRequireCTDelegate;
} // namespace certificate_transparency
namespace domain_reliability {
class DomainReliabilityMonitor;
} // namespace domain_reliability
namespace network {
class CertVerifierWithTrustAnchors;
class CookieManager;
class ExpectCTReporter;
class HostResolver;
class MdnsResponderManager;
class NetworkService;
class NetworkServiceNetworkDelegate;
class NetworkServiceProxyDelegate;
class P2PSocketManager;
class PendingTrustTokenStore;
class ProxyLookupRequest;
class QuicTransport;
class ResourceScheduler;
class ResourceSchedulerClient;
class SessionCleanupCookieStore;
class SQLiteTrustTokenPersister;
class WebSocketFactory;
namespace cors {
class CorsURLLoaderFactory;
} // namespace cors
// A NetworkContext creates and manages access to a URLRequestContext.
//
// When the network service is enabled, NetworkContexts are created through
// NetworkService's mojo interface and are owned jointly by the NetworkService
// and the mojo::Remote<NetworkContext> used to talk to them, and the
// NetworkContext is destroyed when either one is torn down.
class COMPONENT_EXPORT(NETWORK_SERVICE) NetworkContext
: public mojom::NetworkContext {
public:
using OnConnectionCloseCallback =
base::OnceCallback<void(NetworkContext* network_context)>;
NetworkContext(NetworkService* network_service,
mojo::PendingReceiver<mojom::NetworkContext> receiver,
mojom::NetworkContextParamsPtr params,
OnConnectionCloseCallback on_connection_close_callback =
OnConnectionCloseCallback());
// DEPRECATED: Creates a NetworkContext that simply wraps a consumer-provided
// URLRequestContext that is not owned by the NetworkContext.
// TODO(mmenke): Remove this constructor when the network service ships.
NetworkContext(NetworkService* network_service,
mojo::PendingReceiver<mojom::NetworkContext> receiver,
net::URLRequestContext* url_request_context,
const std::vector<std::string>& cors_exempt_header_list);
~NetworkContext() override;
// Sets a global CertVerifier to use when initializing all profiles.
static void SetCertVerifierForTesting(net::CertVerifier* cert_verifier);
net::URLRequestContext* url_request_context() { return url_request_context_; }
NetworkService* network_service() { return network_service_; }
mojom::NetworkContextClient* client() {
return client_.is_bound() ? client_.get() : nullptr;
}
ResourceScheduler* resource_scheduler() { return resource_scheduler_.get(); }
CookieManager* cookie_manager() { return cookie_manager_.get(); }
const base::flat_set<std::string>* cors_exempt_header_list() const {
return &cors_exempt_header_list_;
}
bool allow_any_cors_exempt_header_for_browser() const {
return params_ && params_->allow_any_cors_exempt_header_for_browser;
}
#if defined(OS_ANDROID)
base::android::ApplicationStatusListener* app_status_listener() const {
return app_status_listener_.get();
}
#endif
// Creates a URLLoaderFactory with a ResourceSchedulerClient specified. This
// is used to reuse the existing ResourceSchedulerClient for cloned
// URLLoaderFactory.
void CreateURLLoaderFactory(
mojo::PendingReceiver<mojom::URLLoaderFactory> receiver,
mojom::URLLoaderFactoryParamsPtr params,
scoped_refptr<ResourceSchedulerClient> resource_scheduler_client);
// Creates a URLLoaderFactory with params specific to the
// CertVerifierService. A URLLoaderFactory created by this function will be
// used by a CertNetFetcherURLLoader to perform AIA and OCSP fetching.
// These URLLoaderFactories should only ever be used by the
// CertVerifierService, and should never be passed to a renderer.
void CreateURLLoaderFactoryForCertNetFetcher(
mojo::PendingReceiver<mojom::URLLoaderFactory> factory_receiver);
// Enables DoH probes to be sent using this context whenever the DNS
// configuration contains DoH servers.
void ActivateDohProbes();
// mojom::NetworkContext implementation:
void SetClient(
mojo::PendingRemote<mojom::NetworkContextClient> client) override;
void CreateURLLoaderFactory(
mojo::PendingReceiver<mojom::URLLoaderFactory> receiver,
mojom::URLLoaderFactoryParamsPtr params) override;
void ResetURLLoaderFactories() override;
void GetCookieManager(
mojo::PendingReceiver<mojom::CookieManager> receiver) override;
void GetRestrictedCookieManager(
mojo::PendingReceiver<mojom::RestrictedCookieManager> receiver,
mojom::RestrictedCookieManagerRole role,
const net::IsolationInfo& isolation_info,
mojo::PendingRemote<mojom::CookieAccessObserver> observer) override;
void GetHasTrustTokensAnswerer(
mojo::PendingReceiver<mojom::HasTrustTokensAnswerer> receiver,
const url::Origin& top_frame_origin) override;
void ClearTrustTokenData(mojom::ClearDataFilterPtr filter,
base::OnceClosure done) override;
void GetStoredTrustTokenCounts(
GetStoredTrustTokenCountsCallback callback) override;
void ClearNetworkingHistoryBetween(
base::Time start_time,
base::Time end_time,
base::OnceClosure completion_callback) override;
void ClearHttpCache(base::Time start_time,
base::Time end_time,
mojom::ClearDataFilterPtr filter,
ClearHttpCacheCallback callback) override;
void ComputeHttpCacheSize(base::Time start_time,
base::Time end_time,
ComputeHttpCacheSizeCallback callback) override;
void NotifyExternalCacheHit(const GURL& url,
const std::string& http_method,
const net::NetworkIsolationKey& key,
bool is_subframe_document_resource) override;
void ClearHostCache(mojom::ClearDataFilterPtr filter,
ClearHostCacheCallback callback) override;
void ClearHttpAuthCache(base::Time start_time,
base::Time end_time,
ClearHttpAuthCacheCallback callback) override;
void ClearReportingCacheReports(
mojom::ClearDataFilterPtr filter,
ClearReportingCacheReportsCallback callback) override;
void ClearReportingCacheClients(
mojom::ClearDataFilterPtr filter,
ClearReportingCacheClientsCallback callback) override;
void ClearNetworkErrorLogging(
mojom::ClearDataFilterPtr filter,
ClearNetworkErrorLoggingCallback callback) override;
void ClearDomainReliability(mojom::ClearDataFilterPtr filter,
DomainReliabilityClearMode mode,
ClearDomainReliabilityCallback callback) override;
void GetDomainReliabilityJSON(
GetDomainReliabilityJSONCallback callback) override;
void CloseAllConnections(CloseAllConnectionsCallback callback) override;
void CloseIdleConnections(CloseIdleConnectionsCallback callback) override;
void SetNetworkConditions(const base::UnguessableToken& throttling_profile_id,
mojom::NetworkConditionsPtr conditions) override;
void SetAcceptLanguage(const std::string& new_accept_language) override;
void SetEnableReferrers(bool enable_referrers) override;
#if BUILDFLAG(IS_CHROMEOS_ASH)
void UpdateAdditionalCertificates(
mojom::AdditionalCertificatesPtr additional_certificates) override;
#endif
#if BUILDFLAG(IS_CT_SUPPORTED)
void SetCTPolicy(mojom::CTPolicyPtr ct_policy) override;
void AddExpectCT(const std::string& domain,
base::Time expiry,
bool enforce,
const GURL& report_uri,
const net::NetworkIsolationKey& network_isolation_key,
AddExpectCTCallback callback) override;
void SetExpectCTTestReport(const GURL& report_uri,
SetExpectCTTestReportCallback callback) override;
void GetExpectCTState(const std::string& domain,
const net::NetworkIsolationKey& network_isolation_key,
GetExpectCTStateCallback callback) override;
void MaybeEnqueueSCTReport(
const net::HostPortPair& host_port_pair,
const net::X509Certificate* validated_certificate_chain,
const net::SignedCertificateTimestampAndStatusList&
signed_certificate_timestamps);
void SetSCTAuditingEnabled(bool enabled) override;
bool is_sct_auditing_enabled() { return is_sct_auditing_enabled_; }
#endif // BUILDFLAG(IS_CT_SUPPORTED)
void CreateUDPSocket(
mojo::PendingReceiver<mojom::UDPSocket> receiver,
mojo::PendingRemote<mojom::UDPSocketListener> listener) override;
void CreateTCPServerSocket(
const net::IPEndPoint& local_addr,
uint32_t backlog,
const net::MutableNetworkTrafficAnnotationTag& traffic_annotation,
mojo::PendingReceiver<mojom::TCPServerSocket> receiver,
CreateTCPServerSocketCallback callback) override;
void CreateTCPConnectedSocket(
const base::Optional<net::IPEndPoint>& local_addr,
const net::AddressList& remote_addr_list,
mojom::TCPConnectedSocketOptionsPtr tcp_connected_socket_options,
const net::MutableNetworkTrafficAnnotationTag& traffic_annotation,
mojo::PendingReceiver<mojom::TCPConnectedSocket> receiver,
mojo::PendingRemote<mojom::SocketObserver> observer,
CreateTCPConnectedSocketCallback callback) override;
void CreateTCPBoundSocket(
const net::IPEndPoint& local_addr,
const net::MutableNetworkTrafficAnnotationTag& traffic_annotation,
mojo::PendingReceiver<mojom::TCPBoundSocket> receiver,
CreateTCPBoundSocketCallback callback) override;
void CreateProxyResolvingSocketFactory(
mojo::PendingReceiver<mojom::ProxyResolvingSocketFactory> receiver)
override;
void LookUpProxyForURL(const GURL& url,
const net::NetworkIsolationKey& network_isolation_key,
mojo::PendingRemote<mojom::ProxyLookupClient>
proxy_lookup_client) override;
void ForceReloadProxyConfig(ForceReloadProxyConfigCallback callback) override;
void ClearBadProxiesCache(ClearBadProxiesCacheCallback callback) override;
void CreateWebSocket(
const GURL& url,
const std::vector<std::string>& requested_protocols,
const net::SiteForCookies& site_for_cookies,
const net::IsolationInfo& isolation_info,
std::vector<mojom::HttpHeaderPtr> additional_headers,
int32_t process_id,
int32_t render_frame_id,
const url::Origin& origin,
uint32_t options,
const net::MutableNetworkTrafficAnnotationTag& traffic_annotation,
mojo::PendingRemote<mojom::WebSocketHandshakeClient> handshake_client,
mojo::PendingRemote<mojom::AuthenticationHandler> auth_handler,
mojo::PendingRemote<mojom::TrustedHeaderClient> header_client) override;
void CreateQuicTransport(
const GURL& url,
const url::Origin& origin,
const net::NetworkIsolationKey& network_isolation_key,
std::vector<mojom::QuicTransportCertificateFingerprintPtr> fingerprints,
mojo::PendingRemote<mojom::QuicTransportHandshakeClient> handshake_client)
override;
void CreateNetLogExporter(
mojo::PendingReceiver<mojom::NetLogExporter> receiver) override;
void ResolveHost(
const net::HostPortPair& host,
const net::NetworkIsolationKey& network_isolation_key,
mojom::ResolveHostParametersPtr optional_parameters,
mojo::PendingRemote<mojom::ResolveHostClient> response_client) override;
void CreateHostResolver(
const base::Optional<net::DnsConfigOverrides>& config_overrides,
mojo::PendingReceiver<mojom::HostResolver> receiver) override;
void VerifyCertForSignedExchange(
const scoped_refptr<net::X509Certificate>& certificate,
const GURL& url,
const net::NetworkIsolationKey& network_isolation_key,
const std::string& ocsp_result,
const std::string& sct_list,
VerifyCertForSignedExchangeCallback callback) override;
void ParseHeaders(const GURL& url,
const scoped_refptr<net::HttpResponseHeaders>& headers,
ParseHeadersCallback callback) override;
void AddHSTS(const std::string& host,
base::Time expiry,
bool include_subdomains,
AddHSTSCallback callback) override;
void IsHSTSActiveForHost(const std::string& host,
IsHSTSActiveForHostCallback callback) override;
void GetHSTSState(const std::string& domain,
GetHSTSStateCallback callback) override;
void DeleteDynamicDataForHost(
const std::string& host,
DeleteDynamicDataForHostCallback callback) override;
void SetCorsOriginAccessListsForOrigin(
const url::Origin& source_origin,
std::vector<mojom::CorsOriginPatternPtr> allow_patterns,
std::vector<mojom::CorsOriginPatternPtr> block_patterns,
SetCorsOriginAccessListsForOriginCallback callback) override;
void EnableStaticKeyPinningForTesting(
EnableStaticKeyPinningForTestingCallback callback) override;
void VerifyCertificateForTesting(
const scoped_refptr<net::X509Certificate>& certificate,
const std::string& hostname,
const std::string& ocsp_response,
const std::string& sct_list,
VerifyCertificateForTestingCallback callback) override;
void PreconnectSockets(
uint32_t num_streams,
const GURL& url,
bool allow_credentials,
const net::NetworkIsolationKey& network_isolation_key) override;
void CreateP2PSocketManager(
const net::NetworkIsolationKey& network_isolation_key,
mojo::PendingRemote<mojom::P2PTrustedSocketManagerClient> client,
mojo::PendingReceiver<mojom::P2PTrustedSocketManager>
trusted_socket_manager,
mojo::PendingReceiver<mojom::P2PSocketManager> socket_manager_receiver)
override;
void CreateMdnsResponder(
mojo::PendingReceiver<mojom::MdnsResponder> responder_receiver) override;
void QueueReport(const std::string& type,
const std::string& group,
const GURL& url,
const net::NetworkIsolationKey& network_isolation_key,
const base::Optional<std::string>& user_agent,
base::Value body) override;
void QueueSignedExchangeReport(
mojom::SignedExchangeReportPtr report,
const net::NetworkIsolationKey& network_isolation_key) override;
void AddDomainReliabilityContextForTesting(
const GURL& origin,
const GURL& upload_url,
AddDomainReliabilityContextForTestingCallback callback) override;
void ForceDomainReliabilityUploadsForTesting(
ForceDomainReliabilityUploadsForTestingCallback callback) override;
void SetSplitAuthCacheByNetworkIsolationKey(
bool split_auth_cache_by_network_isolation_key) override;
void SaveHttpAuthCacheProxyEntries(
SaveHttpAuthCacheProxyEntriesCallback callback) override;
void LoadHttpAuthCacheProxyEntries(
const base::UnguessableToken& cache_key,
LoadHttpAuthCacheProxyEntriesCallback callback) override;
void AddAuthCacheEntry(const net::AuthChallengeInfo& challenge,
const net::NetworkIsolationKey& network_isolation_key,
const net::AuthCredentials& credentials,
AddAuthCacheEntryCallback callback) override;
// TODO(mmenke): Rename this method and update Mojo docs to make it clear this
// doesn't give proxy auth credentials.
void LookupServerBasicAuthCredentials(
const GURL& url,
const net::NetworkIsolationKey& network_isolation_key,
LookupServerBasicAuthCredentialsCallback callback) override;
#if BUILDFLAG(IS_CHROMEOS_ASH)
void LookupProxyAuthCredentials(
const net::ProxyServer& proxy_server,
const std::string& auth_scheme,
const std::string& realm,
LookupProxyAuthCredentialsCallback callback) override;
#endif
void GetOriginPolicyManager(
mojo::PendingReceiver<mojom::OriginPolicyManager> receiver) override;
// Destroys |request| when a proxy lookup completes.
void OnProxyLookupComplete(ProxyLookupRequest* proxy_lookup_request);
// Disables use of QUIC by the NetworkContext.
void DisableQuic();
// Destroys the specified factory. Called by the factory itself when it has
// no open pipes.
void DestroyURLLoaderFactory(cors::CorsURLLoaderFactory* url_loader_factory);
// Removes |transport| and destroys it.
void Remove(QuicTransport* transport);
// The following methods are used to track the number of requests per process
// and ensure it doesn't go over a reasonable limit.
void LoaderCreated(uint32_t process_id);
void LoaderDestroyed(uint32_t process_id);
bool CanCreateLoader(uint32_t process_id);
void set_max_loaders_per_process_for_testing(uint32_t count) {
max_loaders_per_process_ = count;
}
size_t GetNumOutstandingResolveHostRequestsForTesting() const;
size_t pending_proxy_lookup_requests_for_testing() const {
return proxy_lookup_requests_.size();
}
NetworkServiceProxyDelegate* proxy_delegate() const {
return proxy_delegate_;
}
void set_network_qualities_pref_delegate_for_testing(
std::unique_ptr<NetworkQualitiesPrefDelegate>
network_qualities_pref_delegate) {
network_qualities_pref_delegate_ =
std::move(network_qualities_pref_delegate);
}
cors::PreflightController* cors_preflight_controller() {
return &cors_preflight_controller_;
}
// Returns true if reports should unconditionally be sent without first
// consulting NetworkContextClient.OnCanSendReportingReports()
bool SkipReportingPermissionCheck() const;
// Creates a new url loader factory bound to this network context. For use
// inside the network service.
void CreateTrustedUrlLoaderFactoryForNetworkService(
mojo::PendingReceiver<mojom::URLLoaderFactory>
url_loader_factory_pending_receiver);
mojom::OriginPolicyManager* origin_policy_manager() const {
return origin_policy_manager_.get();
}
domain_reliability::DomainReliabilityMonitor* domain_reliability_monitor() {
return domain_reliability_monitor_.get();
}
// The http_auth_dynamic_params_ would be used to populate
// the |http_auth_merged_preferences| of the given NetworkContext.
void OnHttpAuthDynamicParamsChanged(
const mojom::HttpAuthDynamicParams*
http_auth_dynamic_network_service_params);
const net::HttpAuthPreferences* GetHttpAuthPreferences() const;
size_t NumOpenQuicTransports() const;
size_t num_url_loader_factories_for_testing() const {
return url_loader_factories_.size();
}
// Maintains Trust Tokens protocol state
// (https://github.com/WICG/trust-token-api). Used by URLLoader to check
// preconditions before annotating requests with protocol-related headers
// and to store information conveyed in the corresponding responses.
//
// May return null if Trust Tokens support is disabled.
PendingTrustTokenStore* trust_token_store() {
return trust_token_store_.get();
}
const PendingTrustTokenStore* trust_token_store() const {
return trust_token_store_.get();
}
WebBundleManager& GetWebBundleManager() { return web_bundle_manager_; }
#if BUILDFLAG(IS_CT_SUPPORTED)
void SetIsSCTAuditingEnabledForTesting(bool enabled) {
is_sct_auditing_enabled_ = enabled;
}
#endif // BUILDFLAG(IS_CT_SUPPORTED)
// Returns the current same-origin-policy exceptions. For more details see
// network::mojom::NetworkContextParams::cors_origin_access_list and
// network::mojom::NetworkContext::SetCorsOriginAccessListsForOrigin.
const cors::OriginAccessList* cors_origin_access_list() {
return &cors_origin_access_list_;
}
bool require_network_isolation_key() const {
return require_network_isolation_key_;
}
private:
URLRequestContextOwner MakeURLRequestContext(
mojo::PendingRemote<mojom::URLLoaderFactory>
url_loader_factory_for_cert_net_fetcher,
scoped_refptr<SessionCleanupCookieStore>);
scoped_refptr<SessionCleanupCookieStore> MakeSessionCleanupCookieStore()
const;
// Invoked when the HTTP cache was cleared. Invokes |callback|.
void OnHttpCacheCleared(ClearHttpCacheCallback callback,
HttpCacheDataRemover* remover);
void OnHostResolverShutdown(HostResolver* resolver);
// Invoked when the computation for ComputeHttpCacheSize() has been completed,
// to report result to user via |callback| and clean things up.
void OnHttpCacheSizeComputed(ComputeHttpCacheSizeCallback callback,
HttpCacheDataCounter* counter,
bool is_upper_limit,
int64_t result_or_error);
// On connection errors the NetworkContext destroys itself.
void OnConnectionError();
GURL GetHSTSRedirect(const GURL& original_url);
void DestroySocketManager(P2PSocketManager* socket_manager);
void CanUploadDomainReliability(const GURL& origin,
base::OnceCallback<void(bool)> callback);
void OnVerifyCertForSignedExchangeComplete(int cert_verify_id, int result);
#if BUILDFLAG(IS_CHROMEOS_ASH)
void TrustAnchorUsed();
#endif
#if BUILDFLAG(IS_CT_SUPPORTED)
void OnSetExpectCTTestReportSuccess();
void LazyCreateExpectCTReporter(net::URLRequestContext* url_request_context);
void OnSetExpectCTTestReportFailure();
#endif // BUILDFLAG(IS_CT_SUPPORTED)
void InitializeCorsParams();
// If |trust_token_store_| is backed by an asynchronously-constructed (e.g.,
// SQL-based) persistence layer, |FinishConstructingTrustTokenStore|
// constructs and populates |trust_token_store_| once the persister's
// asynchronous initialization has finished.
void FinishConstructingTrustTokenStore(
std::unique_ptr<SQLiteTrustTokenPersister> persister);
NetworkService* const network_service_;
mojo::Remote<mojom::NetworkContextClient> client_;
std::unique_ptr<ResourceScheduler> resource_scheduler_;
// Holds owning pointer to |url_request_context_|. Will contain a nullptr for
// |url_request_context| when the NetworkContextImpl doesn't own its own
// URLRequestContext.
URLRequestContextOwner url_request_context_owner_;
net::URLRequestContext* url_request_context_;
// Owned by URLRequestContext.
NetworkServiceNetworkDelegate* network_delegate_ = nullptr;
mojom::NetworkContextParamsPtr params_;
// If non-null, called when the mojo pipe for the NetworkContext is closed.
OnConnectionCloseCallback on_connection_close_callback_;
#if defined(OS_ANDROID)
std::unique_ptr<base::android::ApplicationStatusListener>
app_status_listener_;
#endif
mojo::Receiver<mojom::NetworkContext> receiver_;
std::unique_ptr<CookieManager> cookie_manager_;
std::unique_ptr<SocketFactory> socket_factory_;
mojo::UniqueReceiverSet<mojom::ProxyResolvingSocketFactory>
proxy_resolving_socket_factories_;
// See the comment for |trust_token_store()|.
std::unique_ptr<PendingTrustTokenStore> trust_token_store_;
// Ordering: this must be after |trust_token_store_| since the
// HasTrustTokensAnswerers are provided non-owning pointers to
// |trust_token_store_|.
mojo::UniqueReceiverSet<mojom::HasTrustTokensAnswerer>
has_trust_tokens_answerers_;
#if !defined(OS_IOS)
std::unique_ptr<WebSocketFactory> websocket_factory_;
#endif // !defined(OS_IOS)
// These must be below the URLRequestContext, so they're destroyed before it
// is.
std::vector<std::unique_ptr<HttpCacheDataRemover>> http_cache_data_removers_;
std::vector<std::unique_ptr<HttpCacheDataCounter>> http_cache_data_counters_;
std::set<std::unique_ptr<ProxyLookupRequest>, base::UniquePtrComparator>
proxy_lookup_requests_;
// This must be below |url_request_context_| so that the URLRequestContext
// outlives all the URLLoaderFactories and URLLoaders that depend on it;
// for the same reason, it must also be below |network_context_|.
std::set<std::unique_ptr<cors::CorsURLLoaderFactory>,
base::UniquePtrComparator>
url_loader_factories_;
std::set<std::unique_ptr<QuicTransport>, base::UniquePtrComparator>
quic_transports_;
// A count of outstanding requests per initiating process.
std::map<uint32_t, uint32_t> loader_count_per_process_;
static constexpr uint32_t kMaxOutstandingRequestsPerProcess = 2700;
uint32_t max_loaders_per_process_ = kMaxOutstandingRequestsPerProcess;
base::flat_map<P2PSocketManager*, std::unique_ptr<P2PSocketManager>>
socket_managers_;
#if BUILDFLAG(ENABLE_MDNS)
std::unique_ptr<MdnsResponderManager> mdns_responder_manager_;
#endif // BUILDFLAG(ENABLE_MDNS)
mojo::UniqueReceiverSet<mojom::NetLogExporter> net_log_exporter_receivers_;
// Ordering: this must be after |cookie_manager_| since it points to its
// CookieSettings object.
mojo::UniqueReceiverSet<mojom::RestrictedCookieManager>
restricted_cookie_manager_receivers_;
int current_resource_scheduler_client_id_ = 0;
// Owned by the URLRequestContext
net::StaticHttpUserAgentSettings* user_agent_settings_ = nullptr;
// Pointed to by the TransportSecurityState (owned by the
// URLRequestContext), and must be disconnected from it before it's destroyed.
std::unique_ptr<net::ReportSender> certificate_report_sender_;
#if BUILDFLAG(IS_CT_SUPPORTED)
std::unique_ptr<ExpectCTReporter> expect_ct_reporter_;
std::unique_ptr<certificate_transparency::ChromeRequireCTDelegate>
require_ct_delegate_;
std::queue<SetExpectCTTestReportCallback>
outstanding_set_expect_ct_callbacks_;
bool is_sct_auditing_enabled_ = false;
#endif // BUILDFLAG(IS_CT_SUPPORTED)
#if BUILDFLAG(IS_CHROMEOS_ASH)
CertVerifierWithTrustAnchors* cert_verifier_with_trust_anchors_ = nullptr;
#endif
// CertNetFetcher used by the context's CertVerifier. May be nullptr if
// CertNetFetcher is not used by the current platform, or if the actual
// net::CertVerifier is instantiated outside of the network service.
scoped_refptr<net::CertNetFetcherURLRequest> cert_net_fetcher_;
// Created on-demand. Null if unused.
std::unique_ptr<HostResolver> internal_host_resolver_;
// Map values set to non-null only if that HostResolver has its own private
// internal net::HostResolver.
std::map<std::unique_ptr<HostResolver>,
std::unique_ptr<net::HostResolver>,
base::UniquePtrComparator>
host_resolvers_;
std::unique_ptr<net::HostResolver::ProbeRequest> doh_probes_request_;
NetworkServiceProxyDelegate* proxy_delegate_ = nullptr;
// Used for Signed Exchange certificate verification.
int next_cert_verify_id_ = 0;
struct PendingCertVerify {
PendingCertVerify();
~PendingCertVerify();
// CertVerifyResult must be freed after the Request has been destructed.
// So |result| must be written before |request|.
std::unique_ptr<net::CertVerifyResult> result;
std::unique_ptr<net::CertVerifier::Request> request;
VerifyCertForSignedExchangeCallback callback;
scoped_refptr<net::X509Certificate> certificate;
GURL url;
net::NetworkIsolationKey network_isolation_key;
std::string ocsp_result;
std::string sct_list;
};
std::map<int, std::unique_ptr<PendingCertVerify>> cert_verifier_requests_;
// Manages allowed origin access lists.
cors::OriginAccessList cors_origin_access_list_;
// Manages header keys that are allowed to be used in
// ResourceRequest::cors_exempt_headers.
base::flat_set<std::string> cors_exempt_header_list_;
// Manages CORS preflight requests and its cache.
cors::PreflightController cors_preflight_controller_;
std::unique_ptr<NetworkQualitiesPrefDelegate>
network_qualities_pref_delegate_;
std::unique_ptr<domain_reliability::DomainReliabilityMonitor>
domain_reliability_monitor_;
std::unique_ptr<OriginPolicyManager> origin_policy_manager_;
// Each network context holds its own HttpAuthPreferences.
// The dynamic preferences of |NetworkService| and the static
// preferences from |NetworkContext| would be merged to
// `http_auth_merged_preferences_` which would then be used to create
// HttpAuthHandle via |NetworkContext::CreateHttpAuthHandlerFactory|.
net::HttpAuthPreferences http_auth_merged_preferences_;
// Each network context holds its own WebBundleManager, which
// manages the lifetiem of a WebBundleURLLoaderFactory object.
WebBundleManager web_bundle_manager_;
// Whether all external consumers are expected to provide a non-empty
// NetworkIsolationKey with all requests. When set, enabled a variety of
// DCHECKs on APIs used by external callers.
bool require_network_isolation_key_ = false;
base::WeakPtrFactory<NetworkContext> weak_factory_{this};
DISALLOW_COPY_AND_ASSIGN(NetworkContext);
};
} // namespace network
#endif // SERVICES_NETWORK_NETWORK_CONTEXT_H_