1 // Copyright 2012 The Chromium Authors 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef NET_URL_REQUEST_URL_REQUEST_HTTP_JOB_H_ 6 #define NET_URL_REQUEST_URL_REQUEST_HTTP_JOB_H_ 7 8 #include <stddef.h> 9 #include <stdint.h> 10 11 #include <memory> 12 #include <string> 13 #include <vector> 14 15 #include "base/compiler_specific.h" 16 #include "base/gtest_prod_util.h" 17 #include "base/memory/raw_ptr.h" 18 #include "base/memory/weak_ptr.h" 19 #include "base/time/time.h" 20 #include "net/base/auth.h" 21 #include "net/base/ip_endpoint.h" 22 #include "net/base/net_error_details.h" 23 #include "net/base/net_export.h" 24 #include "net/base/privacy_mode.h" 25 #include "net/cookies/cookie_inclusion_status.h" 26 #include "net/first_party_sets/first_party_set_metadata.h" 27 #include "net/first_party_sets/first_party_sets_cache_filter.h" 28 #include "net/http/http_request_info.h" 29 #include "net/socket/connection_attempts.h" 30 #include "net/url_request/url_request_job.h" 31 #include "net/url_request/url_request_throttler_entry_interface.h" 32 #include "third_party/abseil-cpp/absl/types/optional.h" 33 34 namespace net { 35 36 class HttpRequestHeaders; 37 class HttpResponseHeaders; 38 class HttpResponseInfo; 39 class HttpTransaction; 40 class HttpUserAgentSettings; 41 class SSLPrivateKey; 42 struct TransportInfo; 43 class UploadDataStream; 44 45 // A URLRequestJob subclass that is built on top of HttpTransaction. It 46 // provides an implementation for both HTTP and HTTPS. 47 class NET_EXPORT_PRIVATE URLRequestHttpJob : public URLRequestJob { 48 public: 49 // Creates URLRequestJob for the specified HTTP, HTTPS, WS, or WSS URL. 50 // Returns a job that returns a redirect in the case of HSTS, and returns a 51 // job that fails for unencrypted requests if current settings dont allow 52 // them. Never returns nullptr. 53 static std::unique_ptr<URLRequestJob> Create(URLRequest* request); 54 55 URLRequestHttpJob(const URLRequestHttpJob&) = delete; 56 URLRequestHttpJob& operator=(const URLRequestHttpJob&) = delete; 57 58 void SetRequestHeadersCallback(RequestHeadersCallback callback) override; 59 void SetEarlyResponseHeadersCallback( 60 ResponseHeadersCallback callback) override; 61 void SetResponseHeadersCallback(ResponseHeadersCallback callback) override; 62 void SetIsSharedDictionaryReadAllowedCallback( 63 base::RepeatingCallback<bool()> callback) override; 64 65 protected: 66 URLRequestHttpJob(URLRequest* request, 67 const HttpUserAgentSettings* http_user_agent_settings); 68 69 ~URLRequestHttpJob() override; 70 71 // Overridden from URLRequestJob: 72 void SetPriority(RequestPriority priority) override; 73 void Start() override; 74 void Kill() override; 75 ConnectionAttempts GetConnectionAttempts() const override; 76 void CloseConnectionOnDestruction() override; 77 std::unique_ptr<SourceStream> SetUpSourceStream() override; 78 priority()79 RequestPriority priority() const { 80 return priority_; 81 } 82 83 private: 84 // For CookieRequestScheme histogram enum. 85 FRIEND_TEST_ALL_PREFIXES(URLRequestHttpJobTest, 86 CookieSchemeRequestSchemeHistogram); 87 88 enum CompletionCause { 89 ABORTED, 90 FINISHED 91 }; 92 93 // Used to indicate which kind of cookies are sent on which kind of requests, 94 // for use in histograms. A (non)secure set cookie means that the cookie was 95 // originally set by a (non)secure url. A (non)secure request means that the 96 // request url is (non)secure. An unset cookie scheme means that the cookie's 97 // source scheme was marked as "Unset" and thus cannot be compared with the 98 // request. 99 // These values are persisted to logs. Entries should not be renumbered and 100 // numeric values should never be reused. 101 enum class CookieRequestScheme { 102 kUnsetCookieScheme = 0, 103 kNonsecureSetNonsecureRequest, 104 kSecureSetSecureRequest, 105 kNonsecureSetSecureRequest, 106 kSecureSetNonsecureRequest, 107 108 kMaxValue = kSecureSetNonsecureRequest // Keep as the last value. 109 }; 110 111 typedef base::RefCountedData<bool> SharedBoolean; 112 113 // Shadows URLRequestJob's version of this method so we can grab cookies. 114 void NotifyHeadersComplete(); 115 116 void DestroyTransaction(); 117 118 // Computes the PrivacyMode that should be associated with this leg of the 119 // request. Must be recomputed on redirects. 120 PrivacyMode DeterminePrivacyMode() const; 121 122 void AddExtraHeaders(); 123 void AddCookieHeaderAndStart(); 124 void AnnotateAndMoveUserBlockedCookies( 125 CookieAccessResultList& maybe_included_cookies, 126 CookieAccessResultList& excluded_cookies) const; 127 void SaveCookiesAndNotifyHeadersComplete(int result); 128 129 // Processes the Strict-Transport-Security header, if one exists. 130 void ProcessStrictTransportSecurityHeader(); 131 132 // |result| should be OK, or the request is canceled. 133 void OnHeadersReceivedCallback(int result); 134 void OnStartCompleted(int result); 135 void OnReadCompleted(int result); 136 void NotifyBeforeStartTransactionCallback( 137 int result, 138 const absl::optional<HttpRequestHeaders>& headers); 139 // This just forwards the call to URLRequestJob::NotifyConnected(). 140 // We need it because that method is protected and cannot be bound in a 141 // callback in this class. 142 int NotifyConnectedCallback(const TransportInfo& info, 143 CompletionOnceCallback callback); 144 145 void RestartTransactionWithAuth(const AuthCredentials& credentials); 146 147 // Overridden from URLRequestJob: 148 void SetUpload(UploadDataStream* upload) override; 149 void SetExtraRequestHeaders(const HttpRequestHeaders& headers) override; 150 LoadState GetLoadState() const override; 151 bool GetMimeType(std::string* mime_type) const override; 152 bool GetCharset(std::string* charset) override; 153 void GetResponseInfo(HttpResponseInfo* info) override; 154 void GetLoadTimingInfo(LoadTimingInfo* load_timing_info) const override; 155 bool GetTransactionRemoteEndpoint(IPEndPoint* endpoint) const override; 156 int GetResponseCode() const override; 157 void PopulateNetErrorDetails(NetErrorDetails* details) const override; 158 bool CopyFragmentOnRedirect(const GURL& location) const override; 159 bool IsSafeRedirect(const GURL& location) override; 160 bool NeedsAuth() override; 161 std::unique_ptr<AuthChallengeInfo> GetAuthChallengeInfo() override; 162 void SetAuth(const AuthCredentials& credentials) override; 163 void CancelAuth() override; 164 void ContinueWithCertificate( 165 scoped_refptr<X509Certificate> client_cert, 166 scoped_refptr<SSLPrivateKey> client_private_key) override; 167 void ContinueDespiteLastError() override; 168 int ReadRawData(IOBuffer* buf, int buf_size) override; 169 int64_t GetTotalReceivedBytes() const override; 170 int64_t GetTotalSentBytes() const override; 171 void DoneReading() override; 172 void DoneReadingRedirectResponse() override; 173 174 IPEndPoint GetResponseRemoteEndpoint() const override; 175 void NotifyURLRequestDestroyed() override; 176 177 void RecordTimer(); 178 void ResetTimer(); 179 180 // Starts the transaction if extensions using the webrequest API do not 181 // object. 182 void StartTransaction(); 183 // If |result| is OK, calls StartTransactionInternal. Otherwise notifies 184 // cancellation. 185 void MaybeStartTransactionInternal(int result); 186 void StartTransactionInternal(); 187 188 void RecordCompletionHistograms(CompletionCause reason); 189 void DoneWithRequest(CompletionCause reason); 190 191 // Callback functions for Cookie Monster 192 void SetCookieHeaderAndStart(const CookieOptions& options, 193 const CookieAccessResultList& cookie_list, 194 const CookieAccessResultList& excluded_list); 195 196 // Another Cookie Monster callback 197 void OnSetCookieResult(const CookieOptions& options, 198 absl::optional<CanonicalCookie> cookie, 199 std::string cookie_string, 200 CookieAccessResult access_result); 201 int num_cookie_lines_left_ = 0; 202 CookieAndLineAccessResultList set_cookie_access_result_list_; 203 204 // Some servers send the body compressed, but specify the content length as 205 // the uncompressed size. If this is the case, we return true in order 206 // to request to work around this non-adherence to the HTTP standard. 207 // |rv| is the standard return value of a read function indicating the number 208 // of bytes read or, if negative, an error code. 209 bool ShouldFixMismatchedContentLength(int rv) const; 210 211 // Returns the effective response headers, considering that they may be 212 // overridden by `override_response_headers_` or 213 // `override_response_info_::headers`. 214 HttpResponseHeaders* GetResponseHeaders() const; 215 216 // Called after getting the FirstPartySetMetadata during Start for this job. 217 void OnGotFirstPartySetMetadata( 218 FirstPartySetMetadata first_party_set_metadata, 219 FirstPartySetsCacheFilter::MatchInfo match_info); 220 221 // Returns true iff this request leg should include the Cookie header. Note 222 // that cookies may still be eventually blocked by the CookieAccessDelegate 223 // even if this method returns true. 224 bool ShouldAddCookieHeader() const; 225 226 // Returns true if we should log how many partitioned cookies are included 227 // in a request. 228 bool ShouldRecordPartitionedCookieUsage() const; 229 230 RequestPriority priority_ = DEFAULT_PRIORITY; 231 232 HttpRequestInfo request_info_; 233 234 // Used for any logic, e.g. DNS-based scheme upgrade, that needs to synthesize 235 // response info to override the real response info. Transaction should be 236 // cleared before setting. 237 std::unique_ptr<HttpResponseInfo> override_response_info_; 238 239 // Auth states for proxy and origin server. 240 AuthState proxy_auth_state_ = AUTH_STATE_DONT_NEED_AUTH; 241 AuthState server_auth_state_ = AUTH_STATE_DONT_NEED_AUTH; 242 AuthCredentials auth_credentials_; 243 244 bool read_in_progress_ = false; 245 246 std::unique_ptr<HttpTransaction> transaction_; 247 248 // This needs to be declared after `transaction_` and 249 // `override_response_info_` because `response_info_` holds a pointer that's 250 // itself owned by one of those, so `response_info_` needs to be destroyed 251 // first. 252 raw_ptr<const HttpResponseInfo> response_info_ = nullptr; 253 254 // This is used to supervise traffic and enforce exponential 255 // back-off. May be NULL. 256 scoped_refptr<URLRequestThrottlerEntryInterface> throttling_entry_; 257 258 base::Time request_creation_time_; 259 260 // True when we are done doing work. 261 bool done_ = false; 262 263 // The start time for the job, ignoring re-starts. 264 base::TimeTicks start_time_; 265 266 // When the transaction finished reading the request headers. 267 base::TimeTicks receive_headers_end_; 268 269 // We allow the network delegate to modify a copy of the response headers. 270 // This prevents modifications of headers that are shared with the underlying 271 // layers of the network stack. 272 scoped_refptr<HttpResponseHeaders> override_response_headers_; 273 274 // Ordinarily the original URL's fragment is copied during redirects, unless 275 // the destination URL already has one. However, the NetworkDelegate can 276 // override this behavior by setting |preserve_fragment_on_redirect_url_|: 277 // * If set to absl::nullopt, the default behavior is used. 278 // * If the final URL in the redirect chain matches 279 // |preserve_fragment_on_redirect_url_|, its fragment unchanged. So this 280 // is basically a way for the embedder to force a redirect not to copy the 281 // original URL's fragment when the original URL had one. 282 absl::optional<GURL> preserve_fragment_on_redirect_url_; 283 284 // Flag used to verify that |this| is not deleted while we are awaiting 285 // a callback from the NetworkDelegate. Used as a fail-fast mechanism. 286 // True if we are waiting a callback and 287 // NetworkDelegate::NotifyURLRequestDestroyed has not been called, yet, 288 // to inform the NetworkDelegate that it may not call back. 289 bool awaiting_callback_ = false; 290 291 raw_ptr<const HttpUserAgentSettings> http_user_agent_settings_; 292 293 // Keeps track of total received bytes over the network from transactions used 294 // by this job that have already been destroyed. 295 int64_t total_received_bytes_from_previous_transactions_ = 0; 296 // Keeps track of total sent bytes over the network from transactions used by 297 // this job that have already been destroyed. 298 int64_t total_sent_bytes_from_previous_transactions_ = 0; 299 300 RequestHeadersCallback request_headers_callback_; 301 ResponseHeadersCallback early_response_headers_callback_; 302 ResponseHeadersCallback response_headers_callback_; 303 304 base::RepeatingCallback<bool()> is_shared_dictionary_read_allowed_callback_; 305 306 // The First-Party Set metadata associated with this job. Set when the job is 307 // started. 308 FirstPartySetMetadata first_party_set_metadata_; 309 310 base::WeakPtrFactory<URLRequestHttpJob> weak_factory_{this}; 311 }; 312 313 } // namespace net 314 315 #endif // NET_URL_REQUEST_URL_REQUEST_HTTP_JOB_H_ 316