// Copyright 2016 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "components/safe_browsing/content/browser/safe_browsing_navigation_observer_manager.h" #include <iterator> #include <memory> #include <vector> #include "base/containers/contains.h" #include "base/feature_list.h" #include "base/metrics/field_trial_params.h" #include "base/metrics/histogram_functions.h" #include "base/metrics/histogram_macros.h" #include "base/rand_util.h" #include "base/time/time.h" #include "base/timer/timer.h" #include "components/prefs/pref_service.h" #include "components/safe_browsing/content/browser/safe_browsing_navigation_observer.h" #include "components/safe_browsing/content/browser/safe_browsing_navigation_observer_manager_util.h" #include "components/safe_browsing/content/browser/web_ui/safe_browsing_ui.h" #include "components/safe_browsing/core/browser/referrer_chain_provider.h" #include "components/safe_browsing/core/common/features.h" #include "components/safe_browsing/core/common/safe_browsing_prefs.h" #include "components/safe_browsing/core/common/utils.h" #include "components/sessions/content/session_tab_helper.h" #include "content/public/browser/browser_context.h" #include "content/public/browser/global_routing_id.h" #include "content/public/browser/navigation_details.h" #include "content/public/browser/render_frame_host.h" #include "content/public/browser/render_process_host.h" #include "content/public/browser/service_worker_context.h" #include "content/public/browser/web_contents.h" #include "crypto/sha2.h" #include "ui/base/clipboard/clipboard.h" WebContents; namespace safe_browsing { namespace { // The expiration period of a user gesture. Any user gesture that happened 1.0 // second ago is considered as expired and not relevant to upcoming navigation // events. static constexpr base::TimeDelta kUserGestureTTL = …; // The expiration period of navigation events and resolved IP addresses. Any // navigation related records that happened 2 minutes ago are considered as // expired. So we clean up these navigation footprints every 2 minutes. static constexpr base::TimeDelta kNavigationFootprintTTL = …; // The maximum number of latest NavigationEvent we keep. It is used to limit // memory usage of navigation tracking. This number is picked based on UMA // metric "SafeBrowsing.NavigationObserver.NavigationEventCleanUpCount". // Lowering it could make room for abuse. static const int kNavigationRecordMaxSize = …; // The maximum number of ReferrerChainEntry. It is used to limit the size of // reports (e.g. ClientDownloadRequest) we send to SB server. static const int kReferrerChainMaxLength = …; constexpr size_t kMaxNumberOfNavigationsToAppend = …; // Given when an event happened and its TTL, determine if it is already expired. // Note, if for some reason this event's timestamp is in the future, this // event's timestamp is invalid, hence we treat it as expired. bool IsEventExpired(const base::Time& event_time, base::TimeDelta ttl) { … } // Helper function to determine if the URL type should be LANDING_REFERRER or // LANDING_PAGE, and modify AttributionResult accordingly. ReferrerChainEntry::URLType GetURLTypeAndAdjustAttributionResult( size_t user_gesture_count, SafeBrowsingNavigationObserverManager::AttributionResult* out_result) { … } std::string ShortOriginForReporting(const std::string& url) { … } } // namespace // -------------------------ReferrerChainData----------------------- // String value of kDownloadReferrerChainDataKey is not used. const char ReferrerChainData::kDownloadReferrerChainDataKey[] = …; ReferrerChainData::ReferrerChainData( ReferrerChainProvider::AttributionResult attribution_result, std::unique_ptr<ReferrerChain> referrer_chain, size_t referrer_chain_length, size_t recent_navigations_to_collect) : … { … } ReferrerChainData::~ReferrerChainData() { … } ReferrerChain* ReferrerChainData::GetReferrerChain() { … } // -------------------------NavigationEventList--------------------- NavigationEventList::NavigationEventList(std::size_t size_limit) : … { … } NavigationEventList::~NavigationEventList() = default; std::optional<size_t> NavigationEventList::FindNavigationEvent( const base::Time& last_event_timestamp, const GURL& target_url, const GURL& target_main_frame_url, SessionID target_tab_id, const content::GlobalRenderFrameHostId& outermost_main_frame_id, size_t start_index) { … } NavigationEvent* NavigationEventList::FindPendingNavigationEvent( const GURL& target_url) { … } size_t NavigationEventList::FindRetargetingNavigationEvent( const base::Time& last_event_timestamp, SessionID target_tab_id, size_t start_index) { … } void NavigationEventList::RecordNavigationEvent( std::unique_ptr<NavigationEvent> nav_event, std::optional<CopyPasteEntry> last_copy_paste_entry) { … } void NavigationEventList::RecordPendingNavigationEvent( content::NavigationHandle* navigation_handle, std::unique_ptr<NavigationEvent> nav_event) { … } void NavigationEventList::AddRedirectUrlToPendingNavigationEvent( content::NavigationHandle* navigation_handle, const GURL& server_redirect_url) { … } void NavigationEventList::RemovePendingNavigationEvent( content::NavigationHandle* navigation_handle) { … } std::size_t NavigationEventList::CleanUpNavigationEvents() { … } // -------------------------CopyPasteEntry--------------------- CopyPasteEntry::CopyPasteEntry(GURL target, GURL source_frame_url, GURL source_main_frame_url, base::Time recorded_time) : … { … } CopyPasteEntry::CopyPasteEntry(const CopyPasteEntry& other) = default; // -----------------SafeBrowsingNavigationObserverManager----------- // static bool SafeBrowsingNavigationObserverManager::IsUserGestureExpired( const base::Time& timestamp) { … } // static GURL SafeBrowsingNavigationObserverManager::ClearURLRef(const GURL& url) { … } // static bool SafeBrowsingNavigationObserverManager::IsEnabledAndReady( PrefService* prefs, bool has_safe_browsing_service) { … } // static void SafeBrowsingNavigationObserverManager::SanitizeReferrerChain( ReferrerChain* referrer_chain) { … } SafeBrowsingNavigationObserverManager::SafeBrowsingNavigationObserverManager( PrefService* pref_service, content::ServiceWorkerContext* context) : … { … } void SafeBrowsingNavigationObserverManager::RecordNavigationEvent( content::NavigationHandle* navigation_handle, std::unique_ptr<NavigationEvent> nav_event) { … } void SafeBrowsingNavigationObserverManager::RecordPendingNavigationEvent( content::NavigationHandle* navigation_handle, std::unique_ptr<NavigationEvent> nav_event) { … } void SafeBrowsingNavigationObserverManager:: AddRedirectUrlToPendingNavigationEvent( content::NavigationHandle* navigation_handle, const GURL& server_redirect_url) { … } void SafeBrowsingNavigationObserverManager::RecordUserGestureForWebContents( content::WebContents* web_contents) { … } void SafeBrowsingNavigationObserverManager::OnUserGestureConsumed( content::WebContents* web_contents) { … } bool SafeBrowsingNavigationObserverManager::HasUserGesture( content::WebContents* web_contents) { … } bool SafeBrowsingNavigationObserverManager::HasUnexpiredUserGesture( content::WebContents* web_contents) { … } void SafeBrowsingNavigationObserverManager::RecordHostToIpMapping( const std::string& host, const std::string& ip) { … } void SafeBrowsingNavigationObserverManager::OnWebContentDestroyed( content::WebContents* web_contents) { … } void SafeBrowsingNavigationObserverManager::CleanUpStaleNavigationFootprints() { … } SafeBrowsingNavigationObserverManager::AttributionResult SafeBrowsingNavigationObserverManager::IdentifyReferrerChainByEventURL( const GURL& event_url, SessionID event_tab_id, const content::GlobalRenderFrameHostId& outermost_main_frame_id, int user_gesture_count_limit, ReferrerChain* out_referrer_chain) { … } SafeBrowsingNavigationObserverManager::AttributionResult SafeBrowsingNavigationObserverManager::IdentifyReferrerChainByEventURL( const GURL& event_url, SessionID event_tab_id, int user_gesture_count_limit, ReferrerChain* out_referrer_chain) { … } SafeBrowsingNavigationObserverManager::AttributionResult SafeBrowsingNavigationObserverManager::IdentifyReferrerChainByPendingEventURL( const GURL& event_url, int user_gesture_count_limit, ReferrerChain* out_referrer_chain) { … } SafeBrowsingNavigationObserverManager::AttributionResult SafeBrowsingNavigationObserverManager::IdentifyReferrerChainByRenderFrameHost( content::RenderFrameHost* render_frame_host, int user_gesture_count_limit, ReferrerChain* out_referrer_chain) { … } SafeBrowsingNavigationObserverManager::AttributionResult SafeBrowsingNavigationObserverManager::IdentifyReferrerChainByHostingPage( const GURL& initiating_frame_url, const GURL& initiating_main_frame_url, const content::GlobalRenderFrameHostId& initiating_outermost_main_frame_id, SessionID tab_id, bool has_user_gesture, int user_gesture_count_limit, ReferrerChain* out_referrer_chain) { … } SafeBrowsingNavigationObserverManager:: ~SafeBrowsingNavigationObserverManager() { … } void SafeBrowsingNavigationObserverManager::RecordNewWebContents( content::WebContents* source_web_contents, content::RenderFrameHost* source_render_frame_host, const GURL& target_url, ui::PageTransition page_transition, content::WebContents* target_web_contents, bool renderer_initiated) { … } // static size_t SafeBrowsingNavigationObserverManager::CountOfRecentNavigationsToAppend( content::BrowserContext* browser_context, PrefService* prefs, AttributionResult result) { … } void SafeBrowsingNavigationObserverManager::AppendRecentNavigations( size_t recent_navigation_count, ReferrerChain* out_referrer_chain) { … } void SafeBrowsingNavigationObserverManager::OnCopyURL( const GURL& url, const GURL& source_frame_url, const GURL& source_main_frame_url) { … } void SafeBrowsingNavigationObserverManager::CleanUpNavigationEvents() { … } void SafeBrowsingNavigationObserverManager::CleanUpUserGestures() { … } void SafeBrowsingNavigationObserverManager::CleanUpIpAddresses() { … } void SafeBrowsingNavigationObserverManager::CleanUpCopyData() { … } void SafeBrowsingNavigationObserverManager:: CleanUpNotificationNavigationEvents() { … } bool SafeBrowsingNavigationObserverManager::IsCleanUpScheduled() const { … } void SafeBrowsingNavigationObserverManager::ScheduleNextCleanUpAfterInterval( base::TimeDelta interval) { … } void SafeBrowsingNavigationObserverManager::OnClientNavigated( const GURL& script_url, const GURL& url) { … } void SafeBrowsingNavigationObserverManager::OnWindowOpened( const GURL& script_url, const GURL& url) { … } void SafeBrowsingNavigationObserverManager::RecordNotificationNavigationEvent( const GURL& script_url, const GURL& url) { … } void SafeBrowsingNavigationObserverManager::MaybeAddToReferrerChain( ReferrerChain* referrer_chain, NavigationEvent* nav_event, const GURL& destination_main_frame_url, ReferrerChainEntry::URLType type) { … } void SafeBrowsingNavigationObserverManager::GetRemainingReferrerChain( size_t last_nav_event_traced_index, int current_user_gesture_count, int user_gesture_count_limit, ReferrerChain* out_referrer_chain, SafeBrowsingNavigationObserverManager::AttributionResult* out_result) { … } void SafeBrowsingNavigationObserverManager:: GetRemainingReferrerChainForNavEvent( NavigationEvent* last_nav_event_traced, size_t last_nav_event_traced_index, int current_user_gesture_count, int user_gesture_count_limit, ReferrerChain* out_referrer_chain, SafeBrowsingNavigationObserverManager::AttributionResult* out_result) { … } void SafeBrowsingNavigationObserverManager::RemoveSafeBrowsingAllowlistDomains( ReferrerChain* out_referrer_chain) { … } } // namespace safe_browsing
Codebase Browser
chromium