Tamper Detection - Report Numbers of Tamper Detected Responses

Report numbers of responses that have tamper detection fingerprints added and
those fingerprints are valid (have not modified by intermediaries). The report
contains a total count (same to before), as well as separated counts for different
MIME types, including JavaScript, CSS, and image (GIF, JPG, PNG and WEBP).

BUG=381907

Review URL: https://codereview.chromium.org/1073313002

Cr-Commit-Position: refs/heads/master@{#326457}

4 files changed, 252 insertions, 9 deletions

diff --git a/components/data_reduction_proxy/core/browser/data_reduction_proxy_tamper_detection.cc b/components/data_reduction_proxy/core/browser/data_reduction_proxy_tamper_detection.cc
index a9f75c4..823d0a7 100644
--- a/components/data_reduction_proxy/core/browser/data_reduction_proxy_tamper_detection.cc
+++ b/components/data_reduction_proxy/core/browser/data_reduction_proxy_tamper_detection.cc
@@ -109,15 +109,9 @@ bool DataReductionProxyTamperDetection::DetectAndReport(
   }
 
   // Chrome-Proxy header has not been tampered with, and thus other
-  // fingerprints are valid. Reports the number of responses that other
-  // fingerprints will be checked.
-  REPORT_TAMPER_DETECTION_UMA(
-      scheme_is_https,
-      "DataReductionProxy.HeaderTamperDetectionHTTPS",
-      "DataReductionProxy.HeaderTamperDetectionHTTP",
-      carrier_id);
-
+  // fingerprints are valid.
   bool tampered = false;
+  int64 original_content_length = -1;
   std::string fingerprint;
 
   if (GetDataReductionProxyActionFingerprintVia(headers, &fingerprint)) {
@@ -140,7 +134,6 @@ bool DataReductionProxyTamperDetection::DetectAndReport(
 
   if (GetDataReductionProxyActionFingerprintContentLength(
       headers, &fingerprint)) {
-    int64 original_content_length;
     if (tamper_detection.ValidateContentLength(fingerprint,
                                                content_length,
                                                &original_content_length)) {
@@ -158,6 +151,10 @@ bool DataReductionProxyTamperDetection::DetectAndReport(
         carrier_id);
   }
 
+  // Reports the number of responses that other fingerprints will be checked,
+  // separated by MIME type.
+  tamper_detection.ReportUMAForTamperDetectionCount(original_content_length);
+
   return tampered;
 }
 
@@ -174,6 +171,88 @@ DataReductionProxyTamperDetection::DataReductionProxyTamperDetection(
 
 DataReductionProxyTamperDetection::~DataReductionProxyTamperDetection() {};
 
+void DataReductionProxyTamperDetection::ReportUMAForTamperDetectionCount(
+    int64 original_content_length) const {
+  REPORT_TAMPER_DETECTION_UMA(
+      scheme_is_https_, "DataReductionProxy.HeaderTamperDetectionHTTPS",
+      "DataReductionProxy.HeaderTamperDetectionHTTP", carrier_id_);
+
+  std::string mime_type;
+  response_headers_->GetMimeType(&mime_type);
+
+  if (net::MatchesMimeType("text/javascript", mime_type) ||
+      net::MatchesMimeType("application/x-javascript", mime_type) ||
+      net::MatchesMimeType("application/javascript", mime_type)) {
+    REPORT_TAMPER_DETECTION_UMA(
+        scheme_is_https_, "DataReductionProxy.HeaderTamperDetectionHTTPS_JS",
+        "DataReductionProxy.HeaderTamperDetectionHTTP_JS", carrier_id_);
+  } else if (net::MatchesMimeType("text/css", mime_type)) {
+    REPORT_TAMPER_DETECTION_UMA(
+        scheme_is_https_, "DataReductionProxy.HeaderTamperDetectionHTTPS_CSS",
+        "DataReductionProxy.HeaderTamperDetectionHTTP_CSS", carrier_id_);
+  } else if (net::MatchesMimeType("image/*", mime_type)) {
+    REPORT_TAMPER_DETECTION_UMA(
+        scheme_is_https_, "DataReductionProxy.HeaderTamperDetectionHTTPS_Image",
+        "DataReductionProxy.HeaderTamperDetectionHTTP_Image", carrier_id_);
+
+    if (net::MatchesMimeType("image/gif", mime_type)) {
+      REPORT_TAMPER_DETECTION_UMA(
+          scheme_is_https_,
+          "DataReductionProxy.HeaderTamperDetectionHTTPS_Image_GIF",
+          "DataReductionProxy.HeaderTamperDetectionHTTP_Image_GIF",
+          carrier_id_);
+    } else if (net::MatchesMimeType("image/jpeg", mime_type) ||
+               net::MatchesMimeType("image/jpg", mime_type)) {
+      REPORT_TAMPER_DETECTION_UMA(
+          scheme_is_https_,
+          "DataReductionProxy.HeaderTamperDetectionHTTPS_Image_JPG",
+          "DataReductionProxy.HeaderTamperDetectionHTTP_Image_JPG",
+          carrier_id_);
+    } else if (net::MatchesMimeType("image/png", mime_type)) {
+      REPORT_TAMPER_DETECTION_UMA(
+          scheme_is_https_,
+          "DataReductionProxy.HeaderTamperDetectionHTTPS_Image_PNG",
+          "DataReductionProxy.HeaderTamperDetectionHTTP_Image_PNG",
+          carrier_id_);
+    } else if (net::MatchesMimeType("image/webp", mime_type)) {
+      REPORT_TAMPER_DETECTION_UMA(
+          scheme_is_https_,
+          "DataReductionProxy.HeaderTamperDetectionHTTPS_Image_WEBP",
+          "DataReductionProxy.HeaderTamperDetectionHTTP_Image_WEBP",
+          carrier_id_);
+    }
+
+    if (original_content_length == -1)
+      return;
+
+    if (original_content_length < 10 * 1024) {  // 0-10KB
+      REPORT_TAMPER_DETECTION_UMA(
+          scheme_is_https_,
+          "DataReductionProxy.HeaderTamperDetectionHTTPS_Image_0_10KB",
+          "DataReductionProxy.HeaderTamperDetectionHTTP_Image_0_10KB",
+          carrier_id_);
+    } else if (original_content_length < 100 * 1024) {  // 10-100KB
+      REPORT_TAMPER_DETECTION_UMA(
+          scheme_is_https_,
+          "DataReductionProxy.HeaderTamperDetectionHTTPS_Image_10_100KB",
+          "DataReductionProxy.HeaderTamperDetectionHTTP_Image_10_100KB",
+          carrier_id_);
+    } else if (original_content_length < 500 * 1024) {  // 100-500KB
+      REPORT_TAMPER_DETECTION_UMA(
+          scheme_is_https_,
+          "DataReductionProxy.HeaderTamperDetectionHTTPS_Image_100_500KB",
+          "DataReductionProxy.HeaderTamperDetectionHTTP_Image_100_500KB",
+          carrier_id_);
+    } else {  // >=500KB
+      REPORT_TAMPER_DETECTION_UMA(
+          scheme_is_https_,
+          "DataReductionProxy.HeaderTamperDetectionHTTPS_Image_500KB",
+          "DataReductionProxy.HeaderTamperDetectionHTTP_Image_500KB",
+          carrier_id_);
+    }
+  }
+}
+
 // |fingerprint| is Base64 encoded. Decodes it first. Then calculates the
 // fingerprint of received Chrome-Proxy header, and compares the two to see
 // whether they are equal or not.
diff --git a/components/data_reduction_proxy/core/browser/data_reduction_proxy_tamper_detection.h b/components/data_reduction_proxy/core/browser/data_reduction_proxy_tamper_detection.h
index 4f52412..2c5712b 100644
--- a/components/data_reduction_proxy/core/browser/data_reduction_proxy_tamper_detection.h
+++ b/components/data_reduction_proxy/core/browser/data_reduction_proxy_tamper_detection.h
@@ -101,8 +101,14 @@ class DataReductionProxyTamperDetection {
   FRIEND_TEST_ALL_PREFIXES(DataReductionProxyTamperDetectionTest,
                            GetHeaderValues);
   FRIEND_TEST_ALL_PREFIXES(DataReductionProxyTamperDetectionTest,
+                           HistogramCount);
+  FRIEND_TEST_ALL_PREFIXES(DataReductionProxyTamperDetectionTest,
                            DetectAndReport);
 
+  // Reports UMA for the numbers of responses with valid fingerprints, separated
+  // by MIME type.
+  void ReportUMAForTamperDetectionCount(int64 original_content_length) const;
+
   // Returns the result of validating Chrome-Proxy header.
   bool ValidateChromeProxyHeader(const std::string& fingerprint) const;
 
diff --git a/components/data_reduction_proxy/core/browser/data_reduction_proxy_tamper_detection_unittest.cc b/components/data_reduction_proxy/core/browser/data_reduction_proxy_tamper_detection_unittest.cc
index 8023c31..cdda92c 100644
--- a/components/data_reduction_proxy/core/browser/data_reduction_proxy_tamper_detection_unittest.cc
+++ b/components/data_reduction_proxy/core/browser/data_reduction_proxy_tamper_detection_unittest.cc
@@ -14,6 +14,7 @@
 #include "base/memory/scoped_ptr.h"
 #include "base/strings/string_number_conversions.h"
 #include "base/strings/string_split.h"
+#include "base/test/histogram_tester.h"
 #include "components/data_reduction_proxy/core/common/data_reduction_proxy_headers.h"
 #include "components/data_reduction_proxy/core/common/data_reduction_proxy_headers_test_utils.h"
 #include "net/http/http_response_headers.h"
@@ -594,6 +595,107 @@ TEST_F(DataReductionProxyTamperDetectionTest, GetHeaderValues) {
   }
 }
 
+// Tests UMA histogram count.
+TEST_F(DataReductionProxyTamperDetectionTest, HistogramCount) {
+  struct {
+    std::string raw_header;
+    std::string histogram_name_suffix;
+    int original_content_length;
+    std::string image_histogram_name_suffix;
+  } tests[] = {
+      // Checks the correctness of histogram for Javascript
+      {"HTTP/1.1 200 OK\n"
+       "Content-Type: text/javascript\n",
+       "_JS",
+       -1,
+       ""},
+      // Checks the correctness of histogram for CSS
+      {"HTTP/1.1 200 OK\n"
+       "Content-Type: text/css\n",
+       "_CSS",
+       -1,
+       ""},
+      // Checks the correctness of histogram for image
+      {"HTTP/1.1 200 OK\n"
+       "Content-Type: image/test\n",
+       "_Image",
+       1,
+       "_Image_0_10KB"},
+      // Checks the correctness of histogram for GIF
+      {"HTTP/1.1 200 OK\n"
+       "Content-Type: image/gif\n",
+       "_Image_GIF",
+       20 * 1024,
+       "_Image_10_100KB"},
+      // Checks the correctness of histogram for JPG
+      {"HTTP/1.1 200 OK\n"
+       "Content-Type: image/jpeg\n",
+       "_Image_JPG",
+       200 * 1024,
+       "_Image_100_500KB"},
+      // Checks the correctness of histogram for PNG
+      {"HTTP/1.1 200 OK\n"
+       "Content-Type: image/png\n",
+       "_Image_PNG",
+       600 * 1024,
+       "_Image_500KB"},
+      // Checks the correctness of histogram for WebP
+      {"HTTP/1.1 200 OK\n"
+       "Content-Type: image/webp\n",
+       "_Image_WEBP",
+       -1,
+       ""},
+  };
+
+  const int carrier_id = 100;
+
+  for (auto& test : tests) {
+    std::string raw_headers(test.raw_header);
+    HeadersToRaw(&raw_headers);
+    scoped_refptr<net::HttpResponseHeaders> headers(
+        new net::HttpResponseHeaders(raw_headers));
+
+    // Test HTTPS and HTTP separately.
+    int https_values[] = {true, false};
+    for (auto https : https_values) {
+      base::HistogramTester histogram_tester;
+
+      DataReductionProxyTamperDetection tamper_detection(headers.get(), https,
+                                                         carrier_id);
+      tamper_detection.ReportUMAForTamperDetectionCount(
+          test.original_content_length);
+      histogram_tester.ExpectTotalCount(
+          std::string("DataReductionProxy.HeaderTamperDetectionHTTP") +
+              (https ? "S" : "") + test.histogram_name_suffix + "_Total",
+          1);
+      histogram_tester.ExpectUniqueSample(
+          std::string("DataReductionProxy.HeaderTamperDetectionHTTP") +
+              (https ? "S" : "") + test.histogram_name_suffix,
+          carrier_id, 1);
+      histogram_tester.ExpectTotalCount(
+          std::string("DataReductionProxy.HeaderTamperDetectionHTTP") +
+              (https ? "S" : "") + "_Total",
+          1);
+      histogram_tester.ExpectUniqueSample(
+          std::string("DataReductionProxy.HeaderTamperDetectionHTTP") +
+              (https ? "S" : ""),
+          carrier_id, 1);
+
+      if (test.original_content_length != -1) {
+        histogram_tester.ExpectTotalCount(
+            std::string("DataReductionProxy.HeaderTamperDetectionHTTP") +
+                (https ? "S" : "") + test.image_histogram_name_suffix +
+                "_Total",
+            1);
+        histogram_tester.ExpectUniqueSample(
+            std::string("DataReductionProxy.HeaderTamperDetectionHTTP") +
+                (https ? "S" : "") + test.image_histogram_name_suffix,
+            carrier_id, 1);
+      }
+    }
+  }
+}
+
 // Tests main function DetectAndReport.
 TEST_F(DataReductionProxyTamperDetectionTest, DetectAndReport) {
   struct {
diff --git a/tools/metrics/histograms/histograms.xml b/tools/metrics/histograms/histograms.xml
index afff6a7..7ffa0ec 100644
--- a/tools/metrics/histograms/histograms.xml
+++ b/tools/metrics/histograms/histograms.xml
@@ -64782,7 +64782,47 @@ To add a new entry, add it with any value and run test to compute valid value.
 <histogram_suffixes name="DataReductionProxy_TamperingTotal" separator="_">
   <suffix name="Total" label="total number of tamperings detected"/>
   <affected-histogram name="DataReductionProxy.HeaderTamperDetectionHTTP"/>
+  <affected-histogram name="DataReductionProxy.HeaderTamperDetectionHTTP_CSS"/>
+  <affected-histogram
+      name="DataReductionProxy.HeaderTamperDetectionHTTP_Image"/>
+  <affected-histogram
+      name="DataReductionProxy.HeaderTamperDetectionHTTP_Image_0_10KB"/>
+  <affected-histogram
+      name="DataReductionProxy.HeaderTamperDetectionHTTP_Image_100_500KB"/>
+  <affected-histogram
+      name="DataReductionProxy.HeaderTamperDetectionHTTP_Image_10_100KB"/>
+  <affected-histogram
+      name="DataReductionProxy.HeaderTamperDetectionHTTP_Image_500KB"/>
+  <affected-histogram
+      name="DataReductionProxy.HeaderTamperDetectionHTTP_Image_GIF"/>
+  <affected-histogram
+      name="DataReductionProxy.HeaderTamperDetectionHTTP_Image_JPG"/>
+  <affected-histogram
+      name="DataReductionProxy.HeaderTamperDetectionHTTP_Image_PNG"/>
+  <affected-histogram
+      name="DataReductionProxy.HeaderTamperDetectionHTTP_Image_WEBP"/>
+  <affected-histogram name="DataReductionProxy.HeaderTamperDetectionHTTP_JS"/>
   <affected-histogram name="DataReductionProxy.HeaderTamperDetectionHTTPS"/>
+  <affected-histogram name="DataReductionProxy.HeaderTamperDetectionHTTPS_CSS"/>
+  <affected-histogram
+      name="DataReductionProxy.HeaderTamperDetectionHTTPS_Image"/>
+  <affected-histogram
+      name="DataReductionProxy.HeaderTamperDetectionHTTPS_Image_0_10KB"/>
+  <affected-histogram
+      name="DataReductionProxy.HeaderTamperDetectionHTTPS_Image_100_500KB"/>
+  <affected-histogram
+      name="DataReductionProxy.HeaderTamperDetectionHTTPS_Image_10_100KB"/>
+  <affected-histogram
+      name="DataReductionProxy.HeaderTamperDetectionHTTPS_Image_500KB"/>
+  <affected-histogram
+      name="DataReductionProxy.HeaderTamperDetectionHTTPS_Image_GIF"/>
+  <affected-histogram
+      name="DataReductionProxy.HeaderTamperDetectionHTTPS_Image_JPG"/>
+  <affected-histogram
+      name="DataReductionProxy.HeaderTamperDetectionHTTPS_Image_PNG"/>
+  <affected-histogram
+      name="DataReductionProxy.HeaderTamperDetectionHTTPS_Image_WEBP"/>
+  <affected-histogram name="DataReductionProxy.HeaderTamperDetectionHTTPS_JS"/>
   <affected-histogram name="DataReductionProxy.HeaderTamperDetectionPassHTTP"/>
   <affected-histogram name="DataReductionProxy.HeaderTamperDetectionPassHTTPS"/>
   <affected-histogram name="DataReductionProxy.HeaderTamperedHTTP_ChromeProxy"/>
@@ -64819,6 +64859,22 @@ To add a new entry, add it with any value and run test to compute valid value.
       name="DataReductionProxy.HeaderTamperedHTTPS_Via_Missing"/>
 </histogram_suffixes>
 
+<histogram_suffixes name="DataReductionProxy_TotalCounts" separator="_">
+  <suffix name="JS" label="JavaScript count"/>
+  <suffix name="CSS" label="CSS count"/>
+  <suffix name="Image" label="image count"/>
+  <suffix name="Image_GIF" label="GIF image count"/>
+  <suffix name="Image_JPG" label="JPG image count"/>
+  <suffix name="Image_PNG" label="PNG image count"/>
+  <suffix name="Image_WEBP" label="WEBP image count"/>
+  <suffix name="Image_0_10KB" label="image counts of 0-10KB"/>
+  <suffix name="Image_10_100KB" label="image counts of 10-100KB"/>
+  <suffix name="Image_100_500KB" label="image counts of 100-500KB"/>
+  <suffix name="Image_500KB" label="image counts of more than 500KB"/>
+  <affected-histogram name="DataReductionProxy.HeaderTamperDetectionHTTP"/>
+  <affected-histogram name="DataReductionProxy.HeaderTamperDetectionHTTPS"/>
+</histogram_suffixes>
+
 <histogram_suffixes name="DataReductionProxyBypassedBytes" separator=".">
   <suffix name="SSL" label="Bypass due to SSL"/>
   <suffix name="LocalBypassRules"