1 // Copyright 2012 The Chromium Authors 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef NET_BASE_NETWORK_DELEGATE_H_ 6 #define NET_BASE_NETWORK_DELEGATE_H_ 7 8 #include <stdint.h> 9 10 #include <optional> 11 #include <set> 12 #include <string> 13 14 #include "base/functional/callback.h" 15 #include "base/gtest_prod_util.h" 16 #include "base/threading/thread_checker.h" 17 #include "base/types/optional_ref.h" 18 #include "net/base/auth.h" 19 #include "net/base/completion_once_callback.h" 20 #include "net/base/net_export.h" 21 #include "net/cookies/canonical_cookie.h" 22 #include "net/cookies/cookie_inclusion_status.h" 23 #include "net/cookies/cookie_setting_override.h" 24 #include "net/cookies/cookie_util.h" 25 #include "net/cookies/site_for_cookies.h" 26 #include "net/first_party_sets/first_party_set_metadata.h" 27 #include "net/first_party_sets/first_party_sets_cache_filter.h" 28 #include "net/proxy_resolution/proxy_retry_info.h" 29 #include "net/url_request/redirect_info.h" 30 31 class GURL; 32 33 namespace url { 34 class Origin; 35 } 36 37 namespace net { 38 39 // NOTE: Layering violations! 40 // We decided to accept these violations (depending 41 // on other net/ submodules from net/base/), because otherwise NetworkDelegate 42 // would have to be broken up into too many smaller interfaces targeted to each 43 // submodule. Also, since the lower levels in net/ may callback into higher 44 // levels, we may encounter dangerous casting issues. 45 // 46 // NOTE: It is not okay to add any compile-time dependencies on symbols outside 47 // of net/base here, because we have a net_base library. Forward declarations 48 // are ok. 49 class CookieOptions; 50 class CookieInclusionStatus; 51 class HttpRequestHeaders; 52 class HttpResponseHeaders; 53 class IPEndPoint; 54 class URLRequest; 55 56 class NET_EXPORT NetworkDelegate { 57 public: 58 virtual ~NetworkDelegate(); 59 60 // Notification interface called by the network stack. Note that these 61 // functions mostly forward to the private virtuals. They also add some sanity 62 // checking on parameters. See the corresponding virtuals for explanations of 63 // the methods and their arguments. 64 int NotifyBeforeURLRequest(URLRequest* request, 65 CompletionOnceCallback callback, 66 GURL* new_url); 67 using OnBeforeStartTransactionCallback = 68 base::OnceCallback<void(int, const std::optional<HttpRequestHeaders>&)>; 69 int NotifyBeforeStartTransaction(URLRequest* request, 70 const HttpRequestHeaders& headers, 71 OnBeforeStartTransactionCallback callback); 72 int NotifyHeadersReceived( 73 URLRequest* request, 74 CompletionOnceCallback callback, 75 const HttpResponseHeaders* original_response_headers, 76 scoped_refptr<HttpResponseHeaders>* override_response_headers, 77 const IPEndPoint& remote_endpoint, 78 std::optional<GURL>* preserve_fragment_on_redirect_url); 79 void NotifyBeforeRedirect(URLRequest* request, 80 const GURL& new_location); 81 void NotifyBeforeRetry(URLRequest* request); 82 void NotifyResponseStarted(URLRequest* request, int net_error); 83 void NotifyCompleted(URLRequest* request, bool started, int net_error); 84 void NotifyURLRequestDestroyed(URLRequest* request); 85 void NotifyPACScriptError(int line_number, const std::u16string& error); 86 bool AnnotateAndMoveUserBlockedCookies( 87 const URLRequest& request, 88 const net::FirstPartySetMetadata& first_party_set_metadata, 89 CookieAccessResultList& maybe_included_cookies, 90 CookieAccessResultList& excluded_cookies); 91 bool CanSetCookie(const URLRequest& request, 92 const net::CanonicalCookie& cookie, 93 CookieOptions* options, 94 const net::FirstPartySetMetadata& first_party_set_metadata, 95 CookieInclusionStatus* inclusion_status); 96 97 std::optional<cookie_util::StorageAccessStatus> GetStorageAccessStatus( 98 const URLRequest& request, 99 base::optional_ref<const RedirectInfo> redirect_info) const; 100 101 // Returns true if the `Sec-Fetch-Storage-Access` request header flow is 102 // enabled in the given context. 103 bool IsStorageAccessHeaderEnabled(const url::Origin* top_frame_origin, 104 const GURL& url) const; 105 106 // PrivacySetting is kStateDisallowed iff the given |url| has to be 107 // requested over connection that is not tracked by the server. 108 // 109 // Usually PrivacySetting is kStateAllowed, unless user privacy settings 110 // block cookies from being get or set. 111 // 112 // It may be set to kPartitionedStateAllowedOnly if the request allows 113 // partitioned state to be sent over the connection, but unpartitioned 114 // state should be blocked. 115 enum class PrivacySetting { 116 kStateAllowed, 117 kStateDisallowed, 118 // First-party requests will never have this setting. 119 kPartitionedStateAllowedOnly, 120 }; 121 PrivacySetting ForcePrivacyMode(const URLRequest& request) const; 122 123 bool CancelURLRequestWithPolicyViolatingReferrerHeader( 124 const URLRequest& request, 125 const GURL& target_url, 126 const GURL& referrer_url) const; 127 128 bool CanQueueReportingReport(const url::Origin& origin) const; 129 void CanSendReportingReports( 130 std::set<url::Origin> origins, 131 base::OnceCallback<void(std::set<url::Origin>)> result_callback) const; 132 bool CanSetReportingClient(const url::Origin& origin, 133 const GURL& endpoint) const; 134 bool CanUseReportingClient(const url::Origin& origin, 135 const GURL& endpoint) const; 136 137 protected: 138 // Adds the given ExclusionReason to all cookies in 139 // `mayble_included_cookies`, and moves the contents of 140 // `maybe_included_cookies` to `excluded_cookies`. 141 static void ExcludeAllCookies( 142 net::CookieInclusionStatus::ExclusionReason reason, 143 net::CookieAccessResultList& maybe_included_cookies, 144 net::CookieAccessResultList& excluded_cookies); 145 146 // Does the same as ExcludeAllCookies but will still include 147 // cookies that are partitioned if cookies are not disabled 148 // globally. 149 static void ExcludeAllCookiesExceptPartitioned( 150 net::CookieInclusionStatus::ExclusionReason reason, 151 net::CookieAccessResultList& maybe_included_cookies, 152 net::CookieAccessResultList& excluded_cookies); 153 154 // Moves any cookie in `maybe_included_cookies` that has an ExclusionReason 155 // into `excluded_cookies`. 156 static void MoveExcludedCookies( 157 net::CookieAccessResultList& maybe_included_cookies, 158 net::CookieAccessResultList& excluded_cookies); 159 160 THREAD_CHECKER(thread_checker_); 161 162 private: 163 FRIEND_TEST_ALL_PREFIXES(NetworkDelegateTest, ExcludeAllCookies); 164 FRIEND_TEST_ALL_PREFIXES(NetworkDelegateTest, MoveExcludedCookies); 165 // This is the interface for subclasses of NetworkDelegate to implement. These 166 // member functions will be called by the respective public notification 167 // member function, which will perform basic sanity checking. 168 // 169 // Note that these member functions refer to URLRequests which may be canceled 170 // or destroyed at any time. Implementations which return ERR_IO_PENDING must 171 // also implement OnURLRequestDestroyed and OnCompleted to handle cancelation. 172 // See below for details. 173 // 174 // (NetworkDelegateImpl has default implementations of these member functions. 175 // NetworkDelegate implementations should consider subclassing 176 // NetworkDelegateImpl.) 177 178 // Called before a request is sent. Allows the delegate to rewrite the URL 179 // being fetched by modifying |new_url|. If set, the URL must be valid. The 180 // reference fragment from the original URL is not automatically appended to 181 // |new_url|; callers are responsible for copying the reference fragment if 182 // desired. 183 // 184 // Returns OK to continue with the request, ERR_IO_PENDING if the result is 185 // not ready yet, and any other status code to cancel the request. If 186 // returning ERR_IO_PENDING, call |callback| when the result is ready. Note, 187 // however, that a pending operation may be cancelled by 188 // OnURLRequestDestroyed. Once cancelled, |request| and |new_url| become 189 // invalid and |callback| may not be called. 190 // 191 // The default implementation returns OK (continue with request). 192 virtual int OnBeforeURLRequest(URLRequest* request, 193 CompletionOnceCallback callback, 194 GURL* new_url) = 0; 195 196 // Called right before the network transaction starts. Allows the delegate to 197 // read |headers| and modify them by passing a new copy to |callback| before 198 // they get sent out. 199 // 200 // Returns OK to continue with the request, ERR_IO_PENDING if the result is 201 // not ready yet, and any other status code to cancel the request. If 202 // returning ERR_IO_PENDING, call |callback| when the result is ready. Note, 203 // however, that a pending operation may be cancelled by OnURLRequestDestroyed 204 // or OnCompleted. Once cancelled, |request| and |headers| become invalid and 205 // |callback| may not be called. 206 // 207 // The default implementation returns OK (continue with request). 208 virtual int OnBeforeStartTransaction( 209 URLRequest* request, 210 const HttpRequestHeaders& headers, 211 OnBeforeStartTransactionCallback callback) = 0; 212 213 // Called for HTTP requests when the headers have been received. 214 // |original_response_headers| contains the headers as received over the 215 // network, these must not be modified. |override_response_headers| can be set 216 // to new values, that should be considered as overriding 217 // |original_response_headers|. 218 // If the response is a redirect, and the Location response header value is 219 // identical to |preserve_fragment_on_redirect_url|, then the redirect is 220 // never blocked and the reference fragment is not copied from the original 221 // URL to the redirection target. 222 // 223 // Returns OK to continue with the request, ERR_IO_PENDING if the result is 224 // not ready yet, and any other status code to cancel the request. If 225 // returning ERR_IO_PENDING, call |callback| when the result is ready. Note, 226 // however, that a pending operation may be cancelled by 227 // OnURLRequestDestroyed. Once cancelled, |request|, 228 // |original_response_headers|, |override_response_headers|, and 229 // |preserve_fragment_on_redirect_url| become invalid and |callback| may not 230 // be called. 231 virtual int OnHeadersReceived( 232 URLRequest* request, 233 CompletionOnceCallback callback, 234 const HttpResponseHeaders* original_response_headers, 235 scoped_refptr<HttpResponseHeaders>* override_response_headers, 236 const IPEndPoint& remote_endpoint, 237 std::optional<GURL>* preserve_fragment_on_redirect_url) = 0; 238 239 // Called right after a redirect response code was received. |new_location| is 240 // only valid for the duration of the call. 241 virtual void OnBeforeRedirect(URLRequest* request, 242 const GURL& new_location) = 0; 243 244 virtual void OnBeforeRetry(URLRequest* request) = 0; 245 246 // This corresponds to URLRequestDelegate::OnResponseStarted. 247 virtual void OnResponseStarted(URLRequest* request, int net_error) = 0; 248 249 // Indicates that the URL request has been completed or failed. 250 // |started| indicates whether the request has been started. If false, 251 // some information like the socket address is not available. 252 virtual void OnCompleted(URLRequest* request, 253 bool started, 254 int net_error) = 0; 255 256 // Called when an URLRequest is being destroyed. Note that the request is 257 // being deleted, so it's not safe to call any methods that may result in 258 // a virtual method call. 259 virtual void OnURLRequestDestroyed(URLRequest* request) = 0; 260 261 // Corresponds to ProxyResolverJSBindings::OnError. 262 virtual void OnPACScriptError(int line_number, 263 const std::u16string& error) = 0; 264 265 // Called when reading cookies to allow the network delegate to block access 266 // to individual cookies, by adding the appropriate ExclusionReason and moving 267 // them to the `excluded_cookies` list. This method will never be invoked 268 // when LOAD_DO_NOT_SEND_COOKIES is specified. 269 // 270 // Returns false if the delegate has blocked access to all cookies; true 271 // otherwise. 272 virtual bool OnAnnotateAndMoveUserBlockedCookies( 273 const URLRequest& request, 274 const net::FirstPartySetMetadata& first_party_set_metadata, 275 net::CookieAccessResultList& maybe_included_cookies, 276 net::CookieAccessResultList& excluded_cookies) = 0; 277 278 // Called when a cookie is set to allow the network delegate to block access 279 // to the cookie. If the cookie is allowed, `inclusion_status` may be updated 280 // to include reason to warn about the given cookie according to the user 281 // cookie-blocking settings; Otherwise, `inclusion_status` may be updated with 282 // the proper exclusion reasons, if not then proper reasons need to be 283 // manually added in the caller. This method will never be invoked when 284 // LOAD_DO_NOT_SAVE_COOKIES is specified. 285 virtual bool OnCanSetCookie( 286 const URLRequest& request, 287 const CanonicalCookie& cookie, 288 CookieOptions* options, 289 const net::FirstPartySetMetadata& first_party_set_metadata, 290 CookieInclusionStatus* inclusion_status) = 0; 291 292 virtual PrivacySetting OnForcePrivacyMode( 293 const URLRequest& request) const = 0; 294 295 // Called when the |referrer_url| for requesting |target_url| during handling 296 // of the |request| is does not comply with the referrer policy (e.g. a 297 // secure referrer for an insecure initial target). 298 // Returns true if the request should be cancelled. Otherwise, the referrer 299 // header is stripped from the request. 300 virtual bool OnCancelURLRequestWithPolicyViolatingReferrerHeader( 301 const URLRequest& request, 302 const GURL& target_url, 303 const GURL& referrer_url) const = 0; 304 305 virtual bool OnCanQueueReportingReport(const url::Origin& origin) const = 0; 306 307 virtual void OnCanSendReportingReports( 308 std::set<url::Origin> origins, 309 base::OnceCallback<void(std::set<url::Origin>)> result_callback) 310 const = 0; 311 312 virtual bool OnCanSetReportingClient(const url::Origin& origin, 313 const GURL& endpoint) const = 0; 314 315 virtual bool OnCanUseReportingClient(const url::Origin& origin, 316 const GURL& endpoint) const = 0; 317 318 virtual std::optional<cookie_util::StorageAccessStatus> 319 OnGetStorageAccessStatus( 320 const URLRequest& request, 321 base::optional_ref<const RedirectInfo> redirect_info) const = 0; 322 323 virtual bool OnIsStorageAccessHeaderEnabled( 324 const url::Origin* top_frame_origin, 325 const GURL& url) const = 0; 326 }; 327 328 } // namespace net 329 330 #endif // NET_BASE_NETWORK_DELEGATE_H_ 331