diff options
| author | jcampan@chromium.org <jcampan@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2008-10-13 22:42:47 +0000 |
|---|---|---|
| committer | jcampan@chromium.org <jcampan@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2008-10-13 22:42:47 +0000 |
| commit | cbab76d1c74c93837bc76298d1a2e43646154194 (patch) | |
| tree | 7f1bdcd891e670b67eeac2993730c580698048eb /chrome/browser/safe_browsing | |
| parent | 3c1e4d080a8e69fb973638d1360d4d5dd0d2e4d5 (diff) | |
| download | chromium_src-cbab76d1c74c93837bc76298d1a2e43646154194.zip chromium_src-cbab76d1c74c93837bc76298d1a2e43646154194.tar.gz chromium_src-cbab76d1c74c93837bc76298d1a2e43646154194.tar.bz2 | |
This is the first pass at refactoring the interstitial page.
The SSL and malware blocking pages were doing similar things in 2 different classes.
There is now a base class called InterstitialPage that contains the common logic.
As part of that refactoring, the safe browsing was changed so that the SafeBrowsingBlockingPage is only used from the UI thread.
This CL also adds transient entries to the navigation controller: that type of entry gets deleted as soon as a navigation occurs. It is used by interstitial that need to create such a temporary entry while they show.
BUG=3013
TEST=Run the unit tests and ui tests.
Review URL: http://codereview.chromium.org/6311
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@3324 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/browser/safe_browsing')
4 files changed, 126 insertions, 236 deletions
diff --git a/chrome/browser/safe_browsing/safe_browsing_blocking_page.cc b/chrome/browser/safe_browsing/safe_browsing_blocking_page.cc index 7bae9c1..5aa292d 100644 --- a/chrome/browser/safe_browsing/safe_browsing_blocking_page.cc +++ b/chrome/browser/safe_browsing/safe_browsing_blocking_page.cc @@ -10,9 +10,11 @@ #include "chrome/browser/browser_process.h" #include "chrome/browser/browser_resources.h" #include "chrome/browser/dom_operation_notification_details.h" +#include "chrome/browser/dom_ui/new_tab_ui.h" #include "chrome/browser/google_util.h" #include "chrome/browser/navigation_controller.h" #include "chrome/browser/navigation_entry.h" +#include "chrome/browser/safe_browsing/safe_browsing_service.h" #include "chrome/browser/tab_util.h" #include "chrome/browser/web_contents.h" #include "chrome/common/jstemplate_builder.h" @@ -38,57 +40,27 @@ static const char* const kSbReportPhishingUrl = static const wchar_t* const kSbDiagnosticHtml = L"<a href=\"\" onClick=\"sendCommand(4); return false;\" onMouseDown=\"return false;\">%ls</a>"; -// Created on the io_thread. SafeBrowsingBlockingPage::SafeBrowsingBlockingPage( SafeBrowsingService* sb_service, - SafeBrowsingService::Client* client, - int render_process_host_id, - int render_view_id, - const GURL& url, - ResourceType::Type resource_type, - SafeBrowsingService::UrlCheckResult result) - : sb_service_(sb_service), - client_(client), - render_process_host_id_(render_process_host_id), - render_view_id_(render_view_id), - url_(url), - result_(result), + const SafeBrowsingService::BlockingPageParam& param) + : InterstitialPage(tab_util::GetTabContentsByID( + param.render_process_host_id, param.render_view_id), + param.resource_type == ResourceType::MAIN_FRAME, + param.url), + sb_service_(sb_service), + client_(param.client), + render_process_host_id_(param.render_process_host_id), + render_view_id_(param.render_view_id), + result_(param.result), proceed_(false), - tab_(NULL), - controller_(NULL), - delete_pending_(false), - is_main_frame_(resource_type == ResourceType::MAIN_FRAME), - created_temporary_entry_(false) { + did_notify_(false), + is_main_frame_(param.resource_type == ResourceType::MAIN_FRAME) { } -// Deleted on the io_thread. SafeBrowsingBlockingPage::~SafeBrowsingBlockingPage() { } -void SafeBrowsingBlockingPage::DisplayBlockingPage() { - TabContents* tab = tab_util::GetTabContentsByID(render_process_host_id_, - render_view_id_); - if (!tab || tab->type() != TAB_CONTENTS_WEB) { - NotifyDone(); - return; - } - - tab_ = tab; - controller_ = tab->controller(); - - // Register for notifications of events from this tab. - NotificationService* ns = NotificationService::current(); - DCHECK(ns); - ns->AddObserver(this, NOTIFY_TAB_CLOSING, - Source<NavigationController>(controller_)); - ns->AddObserver(this, NOTIFY_DOM_OPERATION_RESPONSE, - Source<TabContents>(tab_)); - - // Hold an extra reference to ourself until the interstitial is gone. - AddRef(); - - WebContents* web_contents = tab->AsWebContents(); - +std::string SafeBrowsingBlockingPage::GetHTMLContents() { // Load the HTML page and create the template components. DictionaryValue strings; ResourceBundle& rb = ResourceBundle::GetSharedInstance(); @@ -96,9 +68,10 @@ void SafeBrowsingBlockingPage::DisplayBlockingPage() { if (result_ == SafeBrowsingService::URL_MALWARE) { std::wstring link = StringPrintf(kSbDiagnosticHtml, - l10n_util::GetString(IDS_SAFE_BROWSING_MALWARE_DIAGNOSTIC_PAGE).c_str()); + l10n_util::GetString(IDS_SAFE_BROWSING_MALWARE_DIAGNOSTIC_PAGE). + c_str()); - strings.SetString(L"badURL", UTF8ToWide(url_.host())); + strings.SetString(L"badURL", UTF8ToWide(url().host())); strings.SetString(L"title", l10n_util::GetString(IDS_SAFE_BROWSING_MALWARE_TITLE)); strings.SetString(L"headLine", @@ -109,20 +82,20 @@ void SafeBrowsingBlockingPage::DisplayBlockingPage() { if (is_main_frame_) { strings.SetString(L"description1", l10n_util::GetStringF(IDS_SAFE_BROWSING_MALWARE_DESCRIPTION1, - UTF8ToWide(url_.host()))); + UTF8ToWide(url().host()))); strings.SetString(L"description2", l10n_util::GetStringF(IDS_SAFE_BROWSING_MALWARE_DESCRIPTION2, link, - UTF8ToWide(url_.host()))); + UTF8ToWide(url().host()))); } else { strings.SetString(L"description1", l10n_util::GetStringF(IDS_SAFE_BROWSING_MALWARE_DESCRIPTION4, - UTF8ToWide(tab_->GetURL().host()), - UTF8ToWide(url_.host()))); + UTF8ToWide(tab()->GetURL().host()), + UTF8ToWide(url().host()))); strings.SetString(L"description2", l10n_util::GetStringF(IDS_SAFE_BROWSING_MALWARE_DESCRIPTION5, link, - UTF8ToWide(url_.host()))); + UTF8ToWide(url().host()))); } strings.SetString(L"description3", @@ -137,17 +110,17 @@ void SafeBrowsingBlockingPage::DisplayBlockingPage() { (l10n_util::GetTextDirection() == l10n_util::RIGHT_TO_LEFT) ? L"rtl" : L"ltr"); html = rb.GetDataResource(IDR_SAFE_BROWSING_MALWARE_BLOCK); - } else { + } else { // Phishing. strings.SetString(L"title", l10n_util::GetString(IDS_SAFE_BROWSING_PHISHING_TITLE)); strings.SetString(L"headLine", l10n_util::GetString(IDS_SAFE_BROWSING_PHISHING_HEADLINE)); strings.SetString(L"description1", l10n_util::GetStringF(IDS_SAFE_BROWSING_PHISHING_DESCRIPTION1, - UTF8ToWide(url_.host()))); + UTF8ToWide(url().host()))); strings.SetString(L"description2", l10n_util::GetStringF(IDS_SAFE_BROWSING_PHISHING_DESCRIPTION2, - UTF8ToWide(url_.host()))); + UTF8ToWide(url().host()))); strings.SetString(L"continue_button", l10n_util::GetString(IDS_SAFE_BROWSING_PHISHING_PROCEED_BUTTON)); @@ -161,90 +134,13 @@ void SafeBrowsingBlockingPage::DisplayBlockingPage() { html = rb.GetDataResource(IDR_SAFE_BROWSING_PHISHING_BLOCK); } - std::string html_page(jstemplate_builder::GetTemplateHtml(html, - &strings, - "template_root")); - - // If the malware is the actual main frame and we have no pending entry - // (typically the navigation was initiated by the page), we create a fake - // navigation entry (so the location bar shows the page's URL). - if (is_main_frame_ && tab_->controller()->GetPendingEntryIndex() == -1) { - NavigationEntry new_entry(TAB_CONTENTS_WEB); - new_entry.set_url(url_); - new_entry.set_page_type(NavigationEntry::INTERSTITIAL_PAGE); - tab_->controller()->AddDummyEntryForInterstitial(new_entry); - created_temporary_entry_ = true; - } - - // Show the interstitial page. - web_contents->ShowInterstitialPage(html_page, this); -} - -void SafeBrowsingBlockingPage::Observe(NotificationType type, - const NotificationSource& source, - const NotificationDetails& details) { - switch (type) { - case NOTIFY_TAB_CLOSING: - HandleClose(); - break; - case NOTIFY_DOM_OPERATION_RESPONSE: - Continue(Details<DomOperationNotificationDetails>(details)->json()); - break; - default: - NOTREACHED(); - } -} - -void SafeBrowsingBlockingPage::InterstitialClosed() { - HandleClose(); -} - -bool SafeBrowsingBlockingPage::GoBack() { - WebContents* web_contents = tab_->AsWebContents(); - NavigationEntry* prev_entry = - web_contents->controller()->GetEntryAtOffset(-1); - - if (!prev_entry) { - // Nothing to go to, default to about:blank. Navigating will cause the - // interstitial to hide which will trigger "this" to be deleted. - tab_->controller()->LoadURL(GURL("about:blank"), - PageTransition::AUTO_BOOKMARK); - } else if (prev_entry->tab_type() != TAB_CONTENTS_WEB || - prev_entry->restored() || - !is_main_frame_) { - // We do navigate back if any of these is true: - // - the page is not a WebContents, its TabContents might have to be - // recreated. - // - we have not yet visited that navigation entry (typically session - // restore), in which case the page is not already available. - // - the interstitial was triggered by a sub-resource. In that case we - // really need to navigate, just hiding the interstitial would show the - // page containing the bad resource, and we don't want that. - web_contents->controller()->GoBack(); - } else { - // Otherwise, the user was viewing a page and navigated to a URL that was - // interrupted by an interstitial. Thus, we can just hide the interstitial - // and show the page the user was on before. - web_contents->HideInterstitialPage(false, false); - } - - // WARNING: at this point we are now either deleted or pending deletion from - // the IO thread. - - // Remove the navigation entry for the malware page. Note that we always - // remove the entry even if we did not create it as it has been flagged as - // malware and we don't want the user navigating back to it. - web_contents->controller()->RemoveLastEntryForInterstitial(); - - return true; + return jstemplate_builder::GetTemplateHtml(html, &strings, "template_root"); } -void SafeBrowsingBlockingPage::Continue(const std::string& user_action) { - TabContents* tab = tab_util::GetTabContentsByID(render_process_host_id_, - render_view_id_); - DCHECK(tab); - WebContents* web = tab->AsWebContents(); - if (user_action == "2") { +void SafeBrowsingBlockingPage::CommandReceived(const std::string& command) { + DCHECK(tab()->type() == TAB_CONTENTS_WEB); + WebContents* web = tab()->AsWebContents(); + if (command == "2") { // User pressed "Learn more". GURL url; if (result_ == SafeBrowsingService::URL_MALWARE) { @@ -257,76 +153,75 @@ void SafeBrowsingBlockingPage::Continue(const std::string& user_action) { web->OpenURL(url, CURRENT_TAB, PageTransition::LINK); return; } - if (user_action == "3") { + if (command == "3") { // User pressed "Report error" for a phishing site. // Note that we cannot just put a link in the interstitial at this point. // It is not OK to navigate in the context of an interstitial page. DCHECK(result_ == SafeBrowsingService::URL_PHISHING); GURL report_url = safe_browsing_util::GeneratePhishingReportUrl(kSbReportPhishingUrl, - url_.spec()); + url().spec()); + web->HideInterstitialPage(false, false); web->OpenURL(report_url, CURRENT_TAB, PageTransition::LINK); return; } - if (user_action == "4") { + if (command == "4") { // We're going to take the user to Google's SafeBrowsing diagnostic page. std::string diagnostic = StringPrintf(kSbDiagnosticUrl, - EscapeQueryParamValue(url_.spec()).c_str()); + EscapeQueryParamValue(url().spec()).c_str()); GURL diagnostic_url(diagnostic); diagnostic_url = google_util::AppendGoogleLocaleParam(diagnostic_url); DCHECK(result_ == SafeBrowsingService::URL_MALWARE); + web->HideInterstitialPage(false, false); web->OpenURL(diagnostic_url, CURRENT_TAB, PageTransition::LINK); return; } - proceed_ = user_action == "1"; + proceed_ = command == "1"; if (proceed_) { - // We are continuing, if we have created a temporary navigation entry, - // delete it as a new will be created on navigation. - if (created_temporary_entry_) - web->controller()->RemoveLastEntryForInterstitial(); if (is_main_frame_) web->HideInterstitialPage(true, true); else web->HideInterstitialPage(false, false); } else { - GoBack(); + if (is_main_frame_) { + DontProceed(); + } else { + NavigationController* controller = web->controller(); + controller->RemoveEntryAtIndex(controller->GetLastCommittedEntryIndex(), + NewTabUIURL()); + } } - NotifyDone(); } -void SafeBrowsingBlockingPage::HandleClose() { - NotificationService* ns = NotificationService::current(); - DCHECK(ns); - ns->RemoveObserver(this, NOTIFY_TAB_CLOSING, - Source<NavigationController>(controller_)); - ns->RemoveObserver(this, NOTIFY_DOM_OPERATION_RESPONSE, - Source<TabContents>(tab_)); - +void SafeBrowsingBlockingPage::InterstitialClosed() { NotifyDone(); - Release(); + InterstitialPage::InterstitialClosed(); + // We are now deleted. } void SafeBrowsingBlockingPage::NotifyDone() { - if (delete_pending_) + if (did_notify_) return; - delete_pending_ = true; - - if (tab_ && tab_->AsWebContents()) { - // Ensure the WebContents does not keep a pointer to us. - tab_->AsWebContents()->set_interstitial_delegate(NULL); - } + did_notify_ = true; base::Thread* io_thread = g_browser_process->io_thread(); if (!io_thread) return; + SafeBrowsingService::BlockingPageParam param; + param.url = url(); + param.result = result_; + param.client = client_; + param.render_process_host_id = render_process_host_id_; + param.render_view_id = render_view_id_; + param.proceed = proceed_; io_thread->message_loop()->PostTask(FROM_HERE, NewRunnableMethod( sb_service_, &SafeBrowsingService::OnBlockingPageDone, - this, client_, proceed_)); + param)); } diff --git a/chrome/browser/safe_browsing/safe_browsing_blocking_page.h b/chrome/browser/safe_browsing/safe_browsing_blocking_page.h index 405a3e3..056d9ae 100644 --- a/chrome/browser/safe_browsing/safe_browsing_blocking_page.h +++ b/chrome/browser/safe_browsing/safe_browsing_blocking_page.h @@ -9,7 +9,7 @@ // page with some options (go back, continue) to give the user a chance to avoid // the harmful page. // -// The SafeBrowsingBlockingPage is created by the SafeBrowsingService on the IO +// The SafeBrowsingBlockingPage is created by the SafeBrowsingService on the UI // thread when we've determined that a page is malicious. The operation of the // blocking page occurs on the UI thread, where it waits for the user to make a // decision about what to do: either go back or continue on. @@ -22,53 +22,31 @@ #define CHROME_BROWSER_SAFE_BROWSING_SAFE_BROWSING_BLOCKING_PAGE_H_ #include "base/logging.h" -#include "chrome/browser/interstitial_page_delegate.h" +#include "chrome/browser/interstitial_page.h" #include "chrome/browser/safe_browsing/safe_browsing_service.h" -#include "chrome/common/notification_service.h" #include "googleurl/src/gurl.h" class MessageLoop; class TabContents; class NavigationController; -class SafeBrowsingBlockingPage - : public InterstitialPageDelegate, - public base::RefCountedThreadSafe<SafeBrowsingBlockingPage>, - public NotificationObserver { +class SafeBrowsingBlockingPage : public InterstitialPage { public: - // Created and destroyed on the IO thread, operates on the UI thread. SafeBrowsingBlockingPage(SafeBrowsingService* service, - SafeBrowsingService::Client* client, - int render_process_host_id, - int render_view_id, - const GURL& url, - ResourceType::Type resource_type, - SafeBrowsingService::UrlCheckResult result); - ~SafeBrowsingBlockingPage(); + const SafeBrowsingService::BlockingPageParam& param); + virtual ~SafeBrowsingBlockingPage(); - // Display the page to the user. This method runs on the UI thread. - void DisplayBlockingPage(); - - // NotificationObserver interface, runs on the UI thread. - virtual void Observe(NotificationType type, - const NotificationSource& source, - const NotificationDetails& details); - - const GURL& url() { return url_; } - int render_process_host_id() { return render_process_host_id_; } - int render_view_id() { return render_view_id_; } - SafeBrowsingService::UrlCheckResult result() { return result_; } - - // InterstitialPageDelegate methods: + // InterstitialPage method: + virtual std::string GetHTMLContents(); virtual void InterstitialClosed(); - virtual bool GoBack(); - private: - // Handle user action for blocking page navigation choices. - void Continue(const std::string& user_action); + protected: + // InterstitialPage method: + virtual void CommandReceived(const std::string& command); - // Tell the SafeBrowsingService that the handling of the current page is done. - void HandleClose(); + private: + // Tells the SafeBrowsingService that the handling of the current page is + // done. void NotifyDone(); private: @@ -76,35 +54,30 @@ class SafeBrowsingBlockingPage SafeBrowsingService* sb_service_; SafeBrowsingService::Client* client_; MessageLoop* report_loop_; + SafeBrowsingService::UrlCheckResult result_; - // For determining which tab to block. + // For determining which tab to block (note that we need this even though we + // have access to the tab as when the interstitial is showing, retrieving the + // tab RPH and RV id would return the ones of the interstitial, not the ones + // for the page containing the malware). + // TODO(jcampan): when we refactor the interstitial to run as a separate view + // that does not interact with the WebContents as much, we can + // get rid of these. int render_process_host_id_; int render_view_id_; - GURL url_; - SafeBrowsingService::UrlCheckResult result_; - // Inform the SafeBrowsingService whether we are continuing with this page // load or going back to the previous page. bool proceed_; - // Stored for use in the notification service, and are only used for their - // pointer value, but not for calling methods on. This is done to allow us to - // unregister as observers after the tab has gone (is NULL). - TabContents* tab_; - NavigationController* controller_; - - // Used for cleaning up after ourself. - bool delete_pending_; + // Whether we have notify the SafeBrowsingService yet that a decision had been + // made whether to proceed or block the unsafe resource. + bool did_notify_; // Whether the flagged resource is the main page (or a sub-resource is false). bool is_main_frame_; - // Whether we have created a temporary navigation entry as part of showing - // the blocking page. - bool created_temporary_entry_; - - DISALLOW_EVIL_CONSTRUCTORS(SafeBrowsingBlockingPage); + DISALLOW_COPY_AND_ASSIGN(SafeBrowsingBlockingPage); }; #endif // CHROME_BROWSER_SAFE_BROWSING_SAFE_BROWSING_BLOCKING_PAGE_H_ diff --git a/chrome/browser/safe_browsing/safe_browsing_service.cc b/chrome/browser/safe_browsing/safe_browsing_service.cc index 9a35ddd..4f9a157 100644 --- a/chrome/browser/safe_browsing/safe_browsing_service.cc +++ b/chrome/browser/safe_browsing/safe_browsing_service.cc @@ -190,12 +190,25 @@ void SafeBrowsingService::DisplayBlockingPage(const GURL& url, } } - SafeBrowsingBlockingPage* blocking_page = new SafeBrowsingBlockingPage( - this, client, render_process_host_id, render_view_id, url, resource_type, - result); - blocking_page->AddRef(); - ui_loop->PostTask(FROM_HERE, NewRunnableMethod( - blocking_page, &SafeBrowsingBlockingPage::DisplayBlockingPage)); + BlockingPageParam param; + param.url = url; + param.resource_type = resource_type; + param.result = result; + param.client = client; + param.render_process_host_id = render_process_host_id; + param.render_view_id = render_view_id; + // The blocking page must be created from the UI thread. + ui_loop->PostTask(FROM_HERE, NewRunnableMethod(this, + &SafeBrowsingService::DoDisplayBlockingPage, + param)); +} + +// Invoked on the UI thread. +void SafeBrowsingService::DoDisplayBlockingPage( + const BlockingPageParam& param) { + SafeBrowsingBlockingPage* blocking_page = new SafeBrowsingBlockingPage(this, + param); + blocking_page->Show(); } void SafeBrowsingService::CancelCheck(Client* client) { @@ -386,23 +399,19 @@ void SafeBrowsingService::DatabaseUpdateFinished() { GetDatabase()->UpdateFinished(); } -void SafeBrowsingService::OnBlockingPageDone(SafeBrowsingBlockingPage* page, - Client* client, - bool proceed) { - NotifyClientBlockingComplete(client, proceed); +void SafeBrowsingService::OnBlockingPageDone(const BlockingPageParam& param) { + NotifyClientBlockingComplete(param.client, param.proceed); - if (proceed) { + if (param.proceed) { // Whitelist this domain and warning type for the given tab. WhiteListedEntry entry; - entry.render_process_host_id = page->render_process_host_id(); - entry.render_view_id = page->render_view_id(); - entry.domain = net::RegistryControlledDomainService::GetDomainAndRegistry( - page->url()); - entry.result = page->result(); + entry.render_process_host_id = param.render_process_host_id; + entry.render_view_id = param.render_view_id; + entry.domain = + net::RegistryControlledDomainService::GetDomainAndRegistry(param.url); + entry.result = param.result; white_listed_entries_.push_back(entry); } - - page->Release(); } void SafeBrowsingService::NotifyClientBlockingComplete(Client* client, diff --git a/chrome/browser/safe_browsing/safe_browsing_service.h b/chrome/browser/safe_browsing/safe_browsing_service.h index 1d25d53..aec465d 100644 --- a/chrome/browser/safe_browsing/safe_browsing_service.h +++ b/chrome/browser/safe_browsing/safe_browsing_service.h @@ -52,6 +52,18 @@ class SafeBrowsingService virtual void OnBlockingPageComplete(bool proceed) = 0; }; + // Structure used to pass parameters between the IO and UI thread when + // interacting with the blocking page. + struct BlockingPageParam { + GURL url; + bool proceed; + UrlCheckResult result; + Client* client; + int render_process_host_id; + int render_view_id; + ResourceType::Type resource_type; + }; + // Creates the safe browsing service. Need to initialize before using. SafeBrowsingService(); ~SafeBrowsingService(); @@ -125,9 +137,7 @@ class SafeBrowsingService void UpdateFinished(); // The blocking page on the UI thread has completed. - void OnBlockingPageDone(SafeBrowsingBlockingPage* page, - Client* client, - bool proceed); + void OnBlockingPageDone(const BlockingPageParam& param); // Called when the SafeBrowsingProtocolManager has received updated MAC keys. void OnNewMacKeys(const std::string& client_key, @@ -216,6 +226,9 @@ class SafeBrowsingService // power state. void HandleResume(); + // Invoked on the UI thread to show the blocking page. + void DoDisplayBlockingPage(const BlockingPageParam& param); + MessageLoop* io_loop_; typedef std::set<SafeBrowsingCheck*> CurrentChecks; |