File: mixed_content_checker.h

package info (click to toggle)
chromium 120.0.6099.224-1~deb11u1
  • links: PTS, VCS
  • area: main
  • in suites: bullseye
  • size: 6,112,112 kB
  • sloc: cpp: 32,907,025; ansic: 8,148,123; javascript: 3,679,536; python: 2,031,248; asm: 959,718; java: 804,675; xml: 617,256; sh: 111,417; objc: 100,835; perl: 88,443; cs: 53,032; makefile: 29,579; fortran: 24,137; php: 21,162; tcl: 21,147; sql: 20,809; ruby: 17,735; pascal: 12,864; yacc: 8,045; lisp: 3,388; lex: 1,323; ada: 727; awk: 329; jsp: 267; csh: 117; exp: 43; sed: 37
file content (76 lines) | stat: -rw-r--r-- 3,137 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
 
// Copyright 2023 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#ifndef CONTENT_BROWSER_RENDERER_HOST_MIXED_CONTENT_CHECKER_H_
#define CONTENT_BROWSER_RENDERER_HOST_MIXED_CONTENT_CHECKER_H_

#include <set>

#include "base/gtest_prod_util.h"
#include "content/common/content_export.h"
#include "content/public/browser/navigation_handle.h"
#include "third_party/blink/public/mojom/fetch/fetch_api_request.mojom.h"
#include "third_party/blink/public/mojom/loader/mixed_content.mojom-forward.h"
#include "third_party/blink/public/mojom/use_counter/metrics/web_feature.mojom.h"
#include "url/gurl.h"

namespace content {

class FrameTreeNode;
class RenderFrameHostImpl;

// Utilities for browser-process-side mixed content security checks.
//
// Changes to this class might need to be reflected on its renderer counterpart,
// i.e. `blink::MixedContentChecker`.
//
// Current mixed content W3C draft that drives this implementation:
// https://w3c.github.io/webappsec-mixed-content/
class CONTENT_EXPORT MixedContentChecker {
 public:
  MixedContentChecker();
  ~MixedContentChecker();
  // Not copyable.
  MixedContentChecker(const MixedContentChecker&) = delete;
  MixedContentChecker& operator=(const MixedContentChecker&) = delete;

  // Checks if a navigation indicated by `navigation_handle` should be blocked
  // or not due to mixed content, and also updates the renderer about Blink
  // mixed content related features from this navigation.
  //
  // Based off of `blink::MixedContentChecker::ShouldBlockFetch()`.
  bool ShouldBlockNavigation(NavigationHandle& navigation_handle,
                             bool for_redirect);

 private:
  // Returns the parent frame where mixed content exists for the provided data
  // or nullptr if there is no mixed content.
  //
  // This mirrors `blink::MixedContentChecker::InWhichFrameIsContentMixed()`.
  RenderFrameHostImpl* InWhichFrameIsContentMixed(FrameTreeNode* node,
                                                  const GURL& url);

  // Updates the renderer about any Blink feature usage.
  void MaybeSendBlinkFeatureUsageReport(NavigationHandle& navigation_handle);

  // Records basic mixed content "feature" usage when any kind of mixed content
  // is found.
  //
  // Based off of `blink::MixedContentChecker::Count()`.
  void ReportBasicMixedContentFeatures(
      blink::mojom::RequestContextType request_context_type,
      blink::mojom::MixedContentContextType mixed_content_context_type);

  FRIEND_TEST_ALL_PREFIXES(MixedContentCheckerTest, IsMixedContent);
  // This mirrors `blink::MixedContentChecker::IsMixedContent()`.
  static bool IsMixedContentForTesting(const GURL& origin_url, const GURL& url);

  // Keeps track of mixed content features encountered while running one of the
  // navigation throttling steps. These values are reported to the respective
  // renderer process after each mixed content check is finished.
  std::set<blink::mojom::WebFeature> mixed_content_features_;
};

}  // namespace content
#endif  // CONTENT_BROWSER_RENDERER_HOST_MIXED_CONTENT_CHECKER_H_