diff options
| author | battre@chromium.org <battre@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-05-03 12:44:19 +0000 |
|---|---|---|
| committer | battre@chromium.org <battre@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-05-03 12:44:19 +0000 |
| commit | e0470bd2dd6b88f88b1e96cae90872a1b84fe265 (patch) | |
| tree | 68fe6de9bc811ad6ce4237c50812ee3028510196 /net/proxy | |
| parent | 82a3767c45e85b77fb41d4fc92fc49fcb879e75b (diff) | |
| download | chromium_src-e0470bd2dd6b88f88b1e96cae90872a1b84fe265.zip chromium_src-e0470bd2dd6b88f88b1e96cae90872a1b84fe265.tar.gz chromium_src-e0470bd2dd6b88f88b1e96cae90872a1b84fe265.tar.bz2 | |
Enable (optional) blocking of webrequests in case a PAC script cannot be fetched or is invalid.
The optional blocking is currently only exposed to the Proxy Settings API, not to command-line parameters or policies.
BUG=79344
TEST=Install the sample proxy extension and enter a non-existing url and a URL that does not point to a valid JavaScript file. In either case, the request should fail.
Review URL: http://codereview.chromium.org/6871019
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@83882 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/proxy')
| -rw-r--r-- | net/proxy/proxy_config.cc | 14 | ||||
| -rw-r--r-- | net/proxy/proxy_config.h | 16 | ||||
| -rw-r--r-- | net/proxy/proxy_service.cc | 45 | ||||
| -rw-r--r-- | net/proxy/proxy_service.h | 4 |
4 files changed, 61 insertions, 18 deletions
diff --git a/net/proxy/proxy_config.cc b/net/proxy/proxy_config.cc index 70e6549..42589a9 100644 --- a/net/proxy/proxy_config.cc +++ b/net/proxy/proxy_config.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -158,12 +158,14 @@ ProxyServer* ProxyConfig::ProxyRules::MapUrlSchemeToProxyNoFallback( return NULL; // No mapping for this scheme. } -ProxyConfig::ProxyConfig() : auto_detect_(false), id_(INVALID_ID) { +ProxyConfig::ProxyConfig() + : auto_detect_(false), pac_mandatory_(false), id_(INVALID_ID) { } ProxyConfig::ProxyConfig(const ProxyConfig& config) : auto_detect_(config.auto_detect_), pac_url_(config.pac_url_), + pac_mandatory_(config.pac_mandatory_), proxy_rules_(config.proxy_rules_), id_(config.id_) { } @@ -174,6 +176,7 @@ ProxyConfig::~ProxyConfig() { ProxyConfig& ProxyConfig::operator=(const ProxyConfig& config) { auto_detect_ = config.auto_detect_; pac_url_ = config.pac_url_; + pac_mandatory_ = config.pac_mandatory_; proxy_rules_ = config.proxy_rules_; id_ = config.id_; return *this; @@ -184,6 +187,7 @@ bool ProxyConfig::Equals(const ProxyConfig& other) const { // have the same settings. return auto_detect_ == other.auto_detect_ && pac_url_ == other.pac_url_ && + pac_mandatory_ == other.pac_mandatory_ && proxy_rules_.Equals(other.proxy_rules()); } @@ -202,8 +206,11 @@ Value* ProxyConfig::ToValue() const { // Output the automatic settings. if (auto_detect_) dict->SetBoolean("auto_detect", auto_detect_); - if (has_pac_url()) + if (has_pac_url()) { dict->SetString("pac_url", pac_url_.possibly_invalid_spec()); + if (pac_mandatory_) + dict->SetBoolean("pac_mandatory", pac_mandatory_); + } // Output the manual settings. if (proxy_rules_.type != ProxyRules::TYPE_NO_RULES) { @@ -246,4 +253,3 @@ Value* ProxyConfig::ToValue() const { } } // namespace net - diff --git a/net/proxy/proxy_config.h b/net/proxy/proxy_config.h index 9012a31..dc0fd71 100644 --- a/net/proxy/proxy_config.h +++ b/net/proxy/proxy_config.h @@ -1,4 +1,4 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -148,6 +148,14 @@ class ProxyConfig { return pac_url_; } + void set_pac_mandatory(bool enable_pac_mandatory) { + pac_mandatory_ = enable_pac_mandatory; + } + + bool pac_mandatory() const { + return pac_mandatory_; + } + bool has_pac_url() const { return pac_url_.is_valid(); } @@ -175,6 +183,8 @@ class ProxyConfig { static ProxyConfig CreateFromCustomPacURL(const GURL& pac_url) { ProxyConfig config; config.set_pac_url(pac_url); + // By default fall back to direct connection in case PAC script fails. + config.set_pac_mandatory(false); return config; } @@ -185,6 +195,10 @@ class ProxyConfig { // If non-empty, indicates the URL of the proxy auto-config file to use. GURL pac_url_; + // If true, blocks all traffic in case fetching the pac script from |pac_url_| + // fails. Only valid if |pac_url_| is non-empty. + bool pac_mandatory_; + // Manual proxy settings. ProxyRules proxy_rules_; diff --git a/net/proxy/proxy_service.cc b/net/proxy/proxy_service.cc index 75411c3..15ad381 100644 --- a/net/proxy/proxy_service.cc +++ b/net/proxy/proxy_service.cc @@ -562,6 +562,11 @@ int ProxyService::TryToCompleteSynchronously(const GURL& url, DCHECK_NE(config_.id(), ProxyConfig::INVALID_ID); + // If it was impossible to fetch or parse the PAC script, we cannot complete + // the request here and bail out. + if (permanent_error_ != OK) + return permanent_error_; + if (config_.HasAutomaticSettings()) return ERR_IO_PENDING; // Must submit the request to the proxy resolver. @@ -652,11 +657,20 @@ void ProxyService::OnInitProxyResolverComplete(int result) { init_proxy_resolver_.reset(); if (result != OK) { - VLOG(1) << "Failed configuring with PAC script, falling-back to manual " - "proxy servers."; - config_ = fetched_config_; - config_.ClearAutomaticSettings(); + if (fetched_config_.pac_mandatory()) { + VLOG(1) << "Failed configuring with mandatory PAC script, blocking all " + "traffic."; + config_ = fetched_config_; + result = ERR_MANDATORY_PROXY_CONFIGURATION_FAILED; + } else { + VLOG(1) << "Failed configuring with PAC script, falling-back to manual " + "proxy servers."; + config_ = fetched_config_; + config_.ClearAutomaticSettings(); + result = OK; + } } + permanent_error_ = result; config_.set_id(fetched_config_.id()); @@ -733,15 +747,19 @@ int ProxyService::DidFinishResolvingProxy(ProxyInfo* result, make_scoped_refptr(new NetLogIntegerParameter( "net_error", result_code))); - // Fall-back to direct when the proxy resolver fails. This corresponds - // with a javascript runtime error in the PAC script. - // - // This implicit fall-back to direct matches Firefox 3.5 and - // Internet Explorer 8. For more information, see: - // - // http://www.chromium.org/developers/design-documents/proxy-settings-fallback - result->UseDirect(); - result_code = OK; + if (!config_.pac_mandatory()) { + // Fall-back to direct when the proxy resolver fails. This corresponds + // with a javascript runtime error in the PAC script. + // + // This implicit fall-back to direct matches Firefox 3.5 and + // Internet Explorer 8. For more information, see: + // + // http://www.chromium.org/developers/design-documents/proxy-settings-fallback + result->UseDirect(); + result_code = OK; + } else { + result_code = ERR_MANDATORY_PROXY_CONFIGURATION_FAILED; + } } net_log.EndEvent(NetLog::TYPE_PROXY_SERVICE, NULL); @@ -766,6 +784,7 @@ ProxyService::State ProxyService::ResetProxyConfig(bool reset_fetched_config) { DCHECK(CalledOnValidThread()); State previous_state = current_state_; + permanent_error_ = OK; proxy_retry_info_.clear(); init_proxy_resolver_.reset(); SuspendAllPendingRequests(); diff --git a/net/proxy/proxy_service.h b/net/proxy/proxy_service.h index 4838954..f7856e5 100644 --- a/net/proxy/proxy_service.h +++ b/net/proxy/proxy_service.h @@ -330,6 +330,10 @@ class ProxyService : public NetworkChangeNotifier::IPAddressObserver, State current_state_; + // Either OK or an ERR_* value indicating that a permanent error (e.g. + // failed to fetch the PAC script) prevents proxy resolution. + int permanent_error_; + // This is the log where any events generated by |init_proxy_resolver_| are // sent to. NetLog* net_log_; |