1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 // 5 // The Safe Browsing service is responsible for downloading anti-phishing and 6 // anti-malware tables and checking urls against them. 7 8 #ifndef CHROME_BROWSER_SAFE_BROWSING_UI_MANAGER_H_ 9 #define CHROME_BROWSER_SAFE_BROWSING_UI_MANAGER_H_ 10 11 #include <string> 12 #include <vector> 13 14 #include "base/callback.h" 15 #include "base/memory/ref_counted.h" 16 #include "base/memory/scoped_ptr.h" 17 #include "base/observer_list.h" 18 #include "base/time/time.h" 19 #include "chrome/browser/safe_browsing/safe_browsing_util.h" 20 #include "content/public/browser/notification_observer.h" 21 #include "url/gurl.h" 22 23 class SafeBrowsingService; 24 25 namespace base { 26 class Thread; 27 } 28 29 // Construction needs to happen on the main thread. 30 class SafeBrowsingUIManager 31 : public base::RefCountedThreadSafe<SafeBrowsingUIManager> { 32 public: 33 // Passed a boolean indicating whether or not it is OK to proceed with 34 // loading an URL. 35 typedef base::Callback<void(bool /*proceed*/)> UrlCheckCallback; 36 37 // Structure used to pass parameters between the IO and UI thread when 38 // interacting with the blocking page. 39 struct UnsafeResource { 40 UnsafeResource(); 41 ~UnsafeResource(); 42 43 GURL url; 44 GURL original_url; 45 std::vector<GURL> redirect_urls; 46 bool is_subresource; 47 SBThreatType threat_type; 48 UrlCheckCallback callback; 49 int render_process_host_id; 50 int render_view_id; 51 }; 52 53 // Observer class can be used to get notified when a SafeBrowsing hit 54 // was found. 55 class Observer { 56 public: 57 // The |resource| was classified as unsafe by SafeBrowsing. 58 // This method will be called every time an unsafe resource is 59 // loaded, even if it has already been whitelisted by the user. 60 // The |resource| must not be accessed after OnSafeBrowsingHit returns. 61 // This method will be called on the UI thread. 62 virtual void OnSafeBrowsingMatch(const UnsafeResource& resource) = 0; 63 64 // The |resource| was classified as unsafe by SafeBrowsing, and is 65 // not whitelisted. 66 // The |resource| must not be accessed after OnSafeBrowsingHit returns. 67 // This method will be called on the UI thread. 68 virtual void OnSafeBrowsingHit(const UnsafeResource& resource) = 0; 69 70 protected: Observer()71 Observer() {} ~Observer()72 virtual ~Observer() {} 73 74 private: 75 DISALLOW_COPY_AND_ASSIGN(Observer); 76 }; 77 78 explicit SafeBrowsingUIManager( 79 const scoped_refptr<SafeBrowsingService>& service); 80 81 // Called to stop or shutdown operations on the io_thread. This may be called 82 // multiple times during the life of the UIManager. Should be called 83 // on IO thread. If shutdown is true, the manager is disabled permanently. 84 void StopOnIOThread(bool shutdown); 85 86 // Called on UI thread to decide if safe browsing related stats 87 // could be reported. 88 virtual bool CanReportStats() const; 89 90 // Called on the IO thread to display an interstitial page. 91 // |url| is the url of the resource that matches a safe browsing list. 92 // If the request contained a chain of redirects, |url| is the last url 93 // in the chain, and |original_url| is the first one (the root of the 94 // chain). Otherwise, |original_url| = |url|. 95 void DisplayBlockingPage(const GURL& url, 96 const GURL& original_url, 97 const std::vector<GURL>& redirect_urls, 98 bool is_subresource, 99 SBThreatType threat_type, 100 const UrlCheckCallback& callback, 101 int render_process_host_id, 102 int render_view_id); 103 104 // Same as above but gets invoked on the UI thread. 105 virtual void DoDisplayBlockingPage(const UnsafeResource& resource); 106 107 // Returns true if we already displayed an interstitial for that resource. 108 // Called on the UI thread. 109 bool IsWhitelisted(const UnsafeResource& resource); 110 111 // The blocking page on the UI thread has completed. 112 void OnBlockingPageDone(const std::vector<UnsafeResource>& resources, 113 bool proceed); 114 115 // Log the user perceived delay caused by SafeBrowsing. This delay is the time 116 // delta starting from when we would have started reading data from the 117 // network, and ending when the SafeBrowsing check completes indicating that 118 // the current page is 'safe'. 119 void LogPauseDelay(base::TimeDelta time); 120 121 // Called on the IO thread by the MalwareDetails with the serialized 122 // protocol buffer, so the service can send it over. 123 virtual void SendSerializedMalwareDetails(const std::string& serialized); 124 125 // Report hits to the unsafe contents (malware, phishing, unsafe download URL) 126 // to the server. Can only be called on UI thread. If |post_data| is 127 // non-empty, the request will be sent as a POST instead of a GET. 128 virtual void ReportSafeBrowsingHit(const GURL& malicious_url, 129 const GURL& page_url, 130 const GURL& referrer_url, 131 bool is_subresource, 132 SBThreatType threat_type, 133 const std::string& post_data); 134 135 // Add and remove observers. These methods must be invoked on the UI thread. 136 void AddObserver(Observer* observer); 137 void RemoveObserver(Observer* remove); 138 139 protected: 140 virtual ~SafeBrowsingUIManager(); 141 142 private: 143 friend class base::RefCountedThreadSafe<SafeBrowsingUIManager>; 144 145 // Used for whitelisting a render view when the user ignores our warning. 146 struct WhiteListedEntry; 147 148 // Call protocol manager on IO thread to report hits of unsafe contents. 149 void ReportSafeBrowsingHitOnIOThread(const GURL& malicious_url, 150 const GURL& page_url, 151 const GURL& referrer_url, 152 bool is_subresource, 153 SBThreatType threat_type, 154 const std::string& post_data); 155 156 // Adds the given entry to the whitelist. Called on the UI thread. 157 void UpdateWhitelist(const UnsafeResource& resource); 158 159 // Safebrowsing service. 160 scoped_refptr<SafeBrowsingService> sb_service_; 161 162 // Only access this whitelist from the UI thread. 163 std::vector<WhiteListedEntry> white_listed_entries_; 164 165 ObserverList<Observer> observer_list_; 166 167 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingUIManager); 168 }; 169 170 #endif // CHROME_BROWSER_SAFE_BROWSING_UI_MANAGER_H_ 171