// Copyright 2020 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "components/safe_browsing/content/browser/client_side_detection_host.h" #include <memory> #include <utility> #include "base/check_op.h" #include "base/command_line.h" #include "base/containers/span.h" #include "base/functional/bind.h" #include "base/memory/ptr_util.h" #include "base/memory/raw_ptr.h" #include "base/memory/ref_counted.h" #include "base/metrics/histogram_functions.h" #include "base/metrics/histogram_macros.h" #include "base/rand_util.h" #include "base/task/sequenced_task_runner_helpers.h" #include "base/task/thread_pool.h" #include "base/time/default_tick_clock.h" #include "base/time/tick_clock.h" #include "base/uuid.h" #include "components/permissions/permission_request_manager.h" #include "components/prefs/pref_service.h" #include "components/safe_browsing/content/browser/client_side_detection_feature_cache.h" #include "components/safe_browsing/content/browser/client_side_detection_service.h" #include "components/safe_browsing/content/browser/client_side_phishing_model.h" #include "components/safe_browsing/content/browser/unsafe_resource_util.h" #include "components/safe_browsing/content/common/safe_browsing.mojom-shared.h" #include "components/safe_browsing/content/common/safe_browsing.mojom.h" #include "components/safe_browsing/content/common/visual_utils.h" #include "components/safe_browsing/core/browser/db/allowlist_checker_client.h" #include "components/safe_browsing/core/browser/db/database_manager.h" #include "components/safe_browsing/core/browser/sync/sync_utils.h" #include "components/safe_browsing/core/common/features.h" #include "components/safe_browsing/core/common/proto/csd.pb.h" #include "components/safe_browsing/core/common/safe_browsing_prefs.h" #include "components/zoom/zoom_controller.h" #include "content/public/browser/browser_context.h" #include "content/public/browser/browser_task_traits.h" #include "content/public/browser/browser_thread.h" #include "content/public/browser/global_routing_id.h" #include "content/public/browser/navigation_handle.h" #include "content/public/browser/render_frame_host.h" #include "content/public/browser/render_process_host.h" #include "content/public/browser/render_widget_host_view.h" #include "content/public/browser/web_contents.h" #include "content/public/common/url_constants.h" #include "mojo/public/cpp/base/proto_wrapper.h" #include "net/base/ip_endpoint.h" #include "net/http/http_response_headers.h" #include "services/network/public/mojom/url_response_head.mojom.h" #include "services/service_manager/public/cpp/interface_provider.h" #include "third_party/blink/public/common/associated_interfaces/associated_interface_provider.h" #include "third_party/blink/public/mojom/loader/referrer.mojom.h" #include "url/gurl.h" #include "url/origin.h" #if BUILDFLAG(IS_ANDROID) #include "ui/android/view_android.h" #endif BrowserThread; WebContents; namespace safe_browsing { namespace { // Command-line flag that can be used to write extracted CSD features to disk. // This is also enables a few other behaviors that are useful for debugging. const char kCsdDebugFeatureDirectoryFlag[] = …; const char kSkipCSDAllowlistOnPreclassification[] = …; // Probability value used to sample pings on CSD allowlist match. For other safe // browsing countermeasures, we sample at 1 in 100 rate, but in this, we hit the // allowlist 1000 times more than the rate at which we send a ping due to local // model verdict. Therefore, we sample at 1 in 100,000 rate instead. const float kProbabilityForSendingSampleRequest = …; void WriteFeaturesToDisk(const ClientPhishingRequest& features, const base::FilePath& base_path) { … } bool HasDebugFeatureDirectory() { … } bool ShouldSkipCSDAllowlist() { … } base::FilePath GetDebugFeatureDirectory() { … } std::string GetRequestTypeName( ClientSideDetectionType client_side_detection_type) { … } PhishingDetectorResult GetPhishingDetectorResult( mojom::PhishingDetectorResult result) { … } void RecordAsyncCheckTriggerForceRequestResult( ClientSideDetectionHost::AsyncCheckTriggerForceRequestResult result) { … } } // namespace ShouldClassifyUrlCallback; // This class is instantiated each time a new toplevel URL loads, and // asynchronously checks whether the phishing classifier should run // for this URL. If so, it notifies the host class by calling the provided // callback from the UI thread. Objects of this class will be destroyed once // nobody uses it anymore. If |web_contents|, |csd_service| or |host| go away // you need to call Cancel(). We keep the |database_manager| alive in a ref // pointer for as long as it takes. class ClientSideDetectionHost::ShouldClassifyUrlRequest { … }; // static std::unique_ptr<ClientSideDetectionHost> ClientSideDetectionHost::Create( content::WebContents* tab, std::unique_ptr<Delegate> delegate, PrefService* pref_service, std::unique_ptr<SafeBrowsingTokenFetcher> token_fetcher, bool is_off_the_record, const PrimaryAccountSignedIn& account_signed_in_callback) { … } ClientSideDetectionHost::ClientSideDetectionHost( WebContents* tab, std::unique_ptr<Delegate> delegate, PrefService* pref_service, std::unique_ptr<SafeBrowsingTokenFetcher> token_fetcher, bool is_off_the_record, const PrimaryAccountSignedIn& account_signed_in_callback) : … { … } ClientSideDetectionHost::~ClientSideDetectionHost() { … } void ClientSideDetectionHost::RegisterPermissionRequestManager() { … } void ClientSideDetectionHost::RegisterAsyncCheckTracker() { … } void ClientSideDetectionHost::MaybeStartPreClassification( ClientSideDetectionType request_type) { … } void ClientSideDetectionHost::PrimaryPageChanged(content::Page& page) { … } void ClientSideDetectionHost::OnPromptAdded() { … } void ClientSideDetectionHost::OnPermissionRequestManagerDestructed() { … } void ClientSideDetectionHost::OnAsyncSafeBrowsingCheckCompleted() { … } void ClientSideDetectionHost::OnAsyncSafeBrowsingCheckTrackerDestructed() { … } void ClientSideDetectionHost::KeyboardLockRequested() { … } void ClientSideDetectionHost::PointerLockRequested() { … } void ClientSideDetectionHost::VibrationRequested() { … } void ClientSideDetectionHost::OnPhishingPreClassificationDone( ClientSideDetectionType request_type, bool should_classify, bool is_sample_ping, std::optional<bool> did_match_high_confidence_allowlist) { … } void ClientSideDetectionHost::PhishingDetectionDone( ClientSideDetectionType request_type, bool is_sample_ping, std::optional<bool> did_match_high_confidence_allowlist, mojom::PhishingDetectorResult result, std::optional<mojo_base::ProtoWrapper> wrapped_verdict) { … } void ClientSideDetectionHost::MaybeSendClientPhishingRequest( std::unique_ptr<ClientPhishingRequest> verdict, std::optional<bool> did_match_high_confidence_allowlist) { … } void ClientSideDetectionHost::PhishingImageEmbeddingDone( std::unique_ptr<ClientPhishingRequest> verdict, std::optional<bool> did_match_high_confidence_allowlist, mojom::PhishingImageEmbeddingResult result, std::optional<mojo_base::ProtoWrapper> image_feature_embedding) { … } void ClientSideDetectionHost::MaybeShowPhishingWarning( bool is_from_cache, ClientSideDetectionType request_type, std::optional<bool> did_match_high_confidence_allowlist, GURL phishing_url, bool is_phishing, std::optional<net::HttpStatusCode> response_code) { … } bool ClientSideDetectionHost::HasForceRequestFromRtUrlLookup() { … } void ClientSideDetectionHost::set_client_side_detection_service( base::WeakPtr<ClientSideDetectionService> service) { … } void ClientSideDetectionHost::set_ui_manager(BaseUIManager* ui_manager) { … } void ClientSideDetectionHost::set_database_manager( SafeBrowsingDatabaseManager* database_manager) { … } void ClientSideDetectionHost::OnGotAccessToken( std::unique_ptr<ClientPhishingRequest> verdict, std::optional<bool> did_match_high_confidence_allowlist, const std::string& access_token) { … } bool ClientSideDetectionHost::CanGetAccessToken() { … } void ClientSideDetectionHost::SendRequest( std::unique_ptr<ClientPhishingRequest> verdict, const std::string& access_token, std::optional<bool> did_match_high_confidence_allowlist) { … } } // namespace safe_browsing
Codebase Browser
chromium