chrome/browser/safe_browsing/url_checker_delegate_impl.cc - chromium/src - Git at Google

 // Copyright 2017 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "chrome/browser/safe_browsing/url_checker_delegate_impl.h"

 #include "base/bind.h"
 #include "base/feature_list.h"
 #include "build/build_config.h"
 #include "chrome/browser/android/customtabs/client_data_header_web_contents_observer.h"
 #include "chrome/browser/browser_process.h"
 #include "chrome/browser/prefetch/no_state_prefetch/chrome_no_state_prefetch_contents_delegate.h"
 #include "chrome/browser/profiles/profile.h"
 #include "chrome/browser/profiles/profile_io_data.h"
 #include "chrome/browser/safe_browsing/ui_manager.h"
 #include "chrome/browser/safe_browsing/user_interaction_observer.h"
 #include "components/no_state_prefetch/browser/no_state_prefetch_contents.h"
 #include "components/no_state_prefetch/common/prerender_final_status.h"
 #include "components/safe_browsing/buildflags.h"
 #include "components/safe_browsing/content/browser/triggers/suspicious_site_trigger.h"
 #include "components/safe_browsing/core/browser/db/database_manager.h"
 #include "components/safe_browsing/core/browser/db/v4_protocol_manager_util.h"
 #include "components/safe_browsing/core/common/features.h"
 #include "components/safe_browsing/core/common/safe_browsing_prefs.h"
 #include "content/public/browser/browser_task_traits.h"
 #include "content/public/browser/browser_thread.h"
 #include "content/public/browser/navigation_entry.h"
 #include "content/public/browser/web_contents.h"
 #include "services/network/public/cpp/features.h"

 #if defined(OS_ANDROID)
 #include "chrome/browser/android/tab_android.h"
 #endif

 namespace safe_browsing {
 namespace {

 // Destroys the NoStatePrefetch contents associated with the web_contents, if
 // any.
 void DestroyNoStatePrefetchContents(
     content::WebContents::OnceGetter web_contents_getter) {
   content::WebContents* web_contents = std::move(web_contents_getter).Run();
   if (web_contents) {
     prerender::NoStatePrefetchContents* no_state_prefetch_contents =
         prerender::ChromeNoStatePrefetchContentsDelegate::FromWebContents(
             web_contents);
     if (no_state_prefetch_contents) {
       no_state_prefetch_contents->Destroy(
           prerender::FINAL_STATUS_SAFE_BROWSING);
     }
   }
 }

 void CreateSafeBrowsingUserInteractionObserver(
     const content::WebContents::Getter& web_contents_getter,
     const security_interstitials::UnsafeResource& resource,
     bool is_main_frame,
     scoped_refptr<SafeBrowsingUIManager> ui_manager) {
   content::WebContents* web_contents = web_contents_getter.Run();
   // Don't delay the interstitial for prerender pages and portals.
   if (!web_contents ||
       prerender::ChromeNoStatePrefetchContentsDelegate::FromWebContents(
           web_contents) ||
       web_contents->IsPortal()) {
     ui_manager->StartDisplayingBlockingPage(resource);
     return;
   }
 #if defined(OS_ANDROID)
   // Don't delay the interstitial for Chrome Custom Tabs.
   auto* tab_android = TabAndroid::FromWebContents(web_contents);
   if (tab_android && tab_android->IsCustomTab()) {
     ui_manager->StartDisplayingBlockingPage(resource);
     return;
   }
 #endif
   SafeBrowsingUserInteractionObserver::CreateForWebContents(
       web_contents, resource, is_main_frame, ui_manager);
 }

 }  // namespace

 UrlCheckerDelegateImpl::UrlCheckerDelegateImpl(
     scoped_refptr<SafeBrowsingDatabaseManager> database_manager,
     scoped_refptr<SafeBrowsingUIManager> ui_manager)
     : database_manager_(std::move(database_manager)),
       ui_manager_(std::move(ui_manager)),
       threat_types_(CreateSBThreatTypeSet({
 // TODO(crbug.com/835961): Enable on Android when list is available.
 #if BUILDFLAG(SAFE_BROWSING_DB_LOCAL)
         safe_browsing::SB_THREAT_TYPE_SUSPICIOUS_SITE,
 #endif
             safe_browsing::SB_THREAT_TYPE_URL_MALWARE,
             safe_browsing::SB_THREAT_TYPE_URL_PHISHING,
             safe_browsing::SB_THREAT_TYPE_URL_UNWANTED,
             safe_browsing::SB_THREAT_TYPE_BILLING
       })) {
 }

 UrlCheckerDelegateImpl::~UrlCheckerDelegateImpl() = default;

 void UrlCheckerDelegateImpl::MaybeDestroyNoStatePrefetchContents(
     content::WebContents::OnceGetter web_contents_getter) {
   // Destroy the prefetch with FINAL_STATUS_SAFE_BROWSING.
   content::GetUIThreadTaskRunner({})->PostTask(
       FROM_HERE, base::BindOnce(&DestroyNoStatePrefetchContents,
                                 std::move(web_contents_getter)));
 }

 void UrlCheckerDelegateImpl::StartDisplayingBlockingPageHelper(
     const security_interstitials::UnsafeResource& resource,
     const std::string& method,
     const net::HttpRequestHeaders& headers,
     bool is_main_frame,
     bool has_user_gesture) {
   content::GetUIThreadTaskRunner({})->PostTask(
       FROM_HERE,
       base::BindOnce(&SafeBrowsingUIManager::StartDisplayingBlockingPage,
                      ui_manager_, resource));
 }

 // Starts displaying the SafeBrowsing interstitial page.
 void UrlCheckerDelegateImpl::
     StartObservingInteractionsForDelayedBlockingPageHelper(
         const security_interstitials::UnsafeResource& resource,
         bool is_main_frame) {
   content::GetUIThreadTaskRunner({})->PostTask(
       FROM_HERE, base::BindOnce(&CreateSafeBrowsingUserInteractionObserver,
                                 resource.web_contents_getter, resource,
                                 is_main_frame, ui_manager_));
 }

 bool UrlCheckerDelegateImpl::IsUrlAllowlisted(const GURL& url) {
   return false;
 }

 void UrlCheckerDelegateImpl::SetPolicyAllowlistDomains(
     const std::vector<std::string>& allowlist_domains) {
   allowlist_domains_ = allowlist_domains;
 }

 bool UrlCheckerDelegateImpl::ShouldSkipRequestCheck(
     const GURL& original_url,
     int frame_tree_node_id,
     int render_process_id,
     int render_frame_id,
     bool originated_from_service_worker) {
   // Check for whether the URL matches the Safe Browsing allowlist domains
   // (a.k. a prefs::kSafeBrowsingAllowlistDomains).
   return std::find_if(allowlist_domains_.begin(), allowlist_domains_.end(),
                       [&original_url](const std::string& domain) {
                         return original_url.DomainIs(domain);
                       }) != allowlist_domains_.end();
 }

 void UrlCheckerDelegateImpl::NotifySuspiciousSiteDetected(
     const base::RepeatingCallback<content::WebContents*()>&
         web_contents_getter) {
   content::GetUIThreadTaskRunner({})->PostTask(
       FROM_HERE, base::BindOnce(&NotifySuspiciousSiteTriggerDetected,
                                 web_contents_getter));
 }

 const SBThreatTypeSet& UrlCheckerDelegateImpl::GetThreatTypes() {
   return threat_types_;
 }

 SafeBrowsingDatabaseManager* UrlCheckerDelegateImpl::GetDatabaseManager() {
   return database_manager_.get();
 }

 BaseUIManager* UrlCheckerDelegateImpl::GetUIManager() {
   return ui_manager_.get();
 }

 }  // namespace safe_browsing
	// Copyright 2017 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "chrome/browser/safe_browsing/url_checker_delegate_impl.h"

	#include "base/bind.h"
	#include "base/feature_list.h"
	#include "build/build_config.h"
	#include "chrome/browser/android/customtabs/client_data_header_web_contents_observer.h"
	#include "chrome/browser/browser_process.h"
	#include "chrome/browser/prefetch/no_state_prefetch/chrome_no_state_prefetch_contents_delegate.h"
	#include "chrome/browser/profiles/profile.h"
	#include "chrome/browser/profiles/profile_io_data.h"
	#include "chrome/browser/safe_browsing/ui_manager.h"
	#include "chrome/browser/safe_browsing/user_interaction_observer.h"
	#include "components/no_state_prefetch/browser/no_state_prefetch_contents.h"
	#include "components/no_state_prefetch/common/prerender_final_status.h"
	#include "components/safe_browsing/buildflags.h"
	#include "components/safe_browsing/content/browser/triggers/suspicious_site_trigger.h"
	#include "components/safe_browsing/core/browser/db/database_manager.h"
	#include "components/safe_browsing/core/browser/db/v4_protocol_manager_util.h"
	#include "components/safe_browsing/core/common/features.h"
	#include "components/safe_browsing/core/common/safe_browsing_prefs.h"
	#include "content/public/browser/browser_task_traits.h"
	#include "content/public/browser/browser_thread.h"
	#include "content/public/browser/navigation_entry.h"
	#include "content/public/browser/web_contents.h"
	#include "services/network/public/cpp/features.h"

	#if defined(OS_ANDROID)
	#include "chrome/browser/android/tab_android.h"
	#endif

	namespace safe_browsing {
	namespace {

	// Destroys the NoStatePrefetch contents associated with the web_contents, if
	// any.
	void DestroyNoStatePrefetchContents(
	content::WebContents::OnceGetter web_contents_getter) {
	content::WebContents* web_contents = std::move(web_contents_getter).Run();
	if (web_contents) {
	prerender::NoStatePrefetchContents* no_state_prefetch_contents =
	prerender::ChromeNoStatePrefetchContentsDelegate::FromWebContents(
	web_contents);
	if (no_state_prefetch_contents) {
	no_state_prefetch_contents->Destroy(
	prerender::FINAL_STATUS_SAFE_BROWSING);
	}
	}
	}

	void CreateSafeBrowsingUserInteractionObserver(
	const content::WebContents::Getter& web_contents_getter,
	const security_interstitials::UnsafeResource& resource,
	bool is_main_frame,
	scoped_refptr<SafeBrowsingUIManager> ui_manager) {
	content::WebContents* web_contents = web_contents_getter.Run();
	// Don't delay the interstitial for prerender pages and portals.
	if (!web_contents \|\|
	prerender::ChromeNoStatePrefetchContentsDelegate::FromWebContents(
	web_contents) \|\|
	web_contents->IsPortal()) {
	ui_manager->StartDisplayingBlockingPage(resource);
	return;
	}
	#if defined(OS_ANDROID)
	// Don't delay the interstitial for Chrome Custom Tabs.
	auto* tab_android = TabAndroid::FromWebContents(web_contents);
	if (tab_android && tab_android->IsCustomTab()) {
	ui_manager->StartDisplayingBlockingPage(resource);
	return;
	}
	#endif
	SafeBrowsingUserInteractionObserver::CreateForWebContents(
	web_contents, resource, is_main_frame, ui_manager);
	}

	} // namespace

	UrlCheckerDelegateImpl::UrlCheckerDelegateImpl(
	scoped_refptr<SafeBrowsingDatabaseManager> database_manager,
	scoped_refptr<SafeBrowsingUIManager> ui_manager)
	: database_manager_(std::move(database_manager)),
	ui_manager_(std::move(ui_manager)),
	threat_types_(CreateSBThreatTypeSet({
	// TODO(crbug.com/835961): Enable on Android when list is available.
	#if BUILDFLAG(SAFE_BROWSING_DB_LOCAL)
	safe_browsing::SB_THREAT_TYPE_SUSPICIOUS_SITE,
	#endif
	safe_browsing::SB_THREAT_TYPE_URL_MALWARE,
	safe_browsing::SB_THREAT_TYPE_URL_PHISHING,
	safe_browsing::SB_THREAT_TYPE_URL_UNWANTED,
	safe_browsing::SB_THREAT_TYPE_BILLING
	})) {
	}

	UrlCheckerDelegateImpl::~UrlCheckerDelegateImpl() = default;

	void UrlCheckerDelegateImpl::MaybeDestroyNoStatePrefetchContents(
	content::WebContents::OnceGetter web_contents_getter) {
	// Destroy the prefetch with FINAL_STATUS_SAFE_BROWSING.
	content::GetUIThreadTaskRunner({})->PostTask(
	FROM_HERE, base::BindOnce(&DestroyNoStatePrefetchContents,
	std::move(web_contents_getter)));
	}

	void UrlCheckerDelegateImpl::StartDisplayingBlockingPageHelper(
	const security_interstitials::UnsafeResource& resource,
	const std::string& method,
	const net::HttpRequestHeaders& headers,
	bool is_main_frame,
	bool has_user_gesture) {
	content::GetUIThreadTaskRunner({})->PostTask(
	FROM_HERE,
	base::BindOnce(&SafeBrowsingUIManager::StartDisplayingBlockingPage,
	ui_manager_, resource));
	}

	// Starts displaying the SafeBrowsing interstitial page.
	void UrlCheckerDelegateImpl::
	StartObservingInteractionsForDelayedBlockingPageHelper(
	const security_interstitials::UnsafeResource& resource,
	bool is_main_frame) {
	content::GetUIThreadTaskRunner({})->PostTask(
	FROM_HERE, base::BindOnce(&CreateSafeBrowsingUserInteractionObserver,
	resource.web_contents_getter, resource,
	is_main_frame, ui_manager_));
	}

	bool UrlCheckerDelegateImpl::IsUrlAllowlisted(const GURL& url) {
	return false;
	}

	void UrlCheckerDelegateImpl::SetPolicyAllowlistDomains(
	const std::vector<std::string>& allowlist_domains) {
	allowlist_domains_ = allowlist_domains;
	}

	bool UrlCheckerDelegateImpl::ShouldSkipRequestCheck(
	const GURL& original_url,
	int frame_tree_node_id,
	int render_process_id,
	int render_frame_id,
	bool originated_from_service_worker) {
	// Check for whether the URL matches the Safe Browsing allowlist domains
	// (a.k. a prefs::kSafeBrowsingAllowlistDomains).
	return std::find_if(allowlist_domains_.begin(), allowlist_domains_.end(),
	[&original_url](const std::string& domain) {
	return original_url.DomainIs(domain);
	}) != allowlist_domains_.end();
	}

	void UrlCheckerDelegateImpl::NotifySuspiciousSiteDetected(
	const base::RepeatingCallback<content::WebContents*()>&
	web_contents_getter) {
	content::GetUIThreadTaskRunner({})->PostTask(
	FROM_HERE, base::BindOnce(&NotifySuspiciousSiteTriggerDetected,
	web_contents_getter));
	}

	const SBThreatTypeSet& UrlCheckerDelegateImpl::GetThreatTypes() {
	return threat_types_;
	}

	SafeBrowsingDatabaseManager* UrlCheckerDelegateImpl::GetDatabaseManager() {
	return database_manager_.get();
	}

	BaseUIManager* UrlCheckerDelegateImpl::GetUIManager() {
	return ui_manager_.get();
	}

	} // namespace safe_browsing