1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
|
// Copyright 2018 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "components/safe_browsing/content/browser/safe_browsing_navigation_throttle.h"
#include "base/memory/ptr_util.h"
#include "base/metrics/histogram_functions.h"
#include "components/safe_browsing/content/browser/safe_browsing_blocking_page.h"
#include "components/safe_browsing/content/browser/safe_browsing_blocking_page_factory.h"
#include "components/safe_browsing/content/browser/ui_manager.h"
#include "components/security_interstitials/content/security_interstitial_tab_helper.h"
#include "components/security_interstitials/core/unsafe_resource.h"
#include "content/public/browser/navigation_handle.h"
#include "content/public/browser/navigation_throttle_registry.h"
namespace safe_browsing {
// static
void SafeBrowsingNavigationThrottle::MaybeCreateAndAdd(
content::NavigationThrottleRegistry& registry,
SafeBrowsingUIManager* ui_manager) {
if (!ui_manager) {
return;
}
// Only outer-most main frames show the interstitial through the navigation
// throttle. In other cases, the interstitial is shown via
// BaseUIManager::DisplayBlockingPage.
content::NavigationHandle& handle = registry.GetNavigationHandle();
if (!handle.IsInPrimaryMainFrame() && !handle.IsInPrerenderedMainFrame()) {
return;
}
registry.AddThrottle(base::WrapUnique(
new SafeBrowsingNavigationThrottle(registry, ui_manager)));
}
SafeBrowsingNavigationThrottle::SafeBrowsingNavigationThrottle(
content::NavigationThrottleRegistry& registry,
SafeBrowsingUIManager* manager)
: content::NavigationThrottle(registry), manager_(manager) {}
const char* SafeBrowsingNavigationThrottle::GetNameForLogging() {
return "SafeBrowsingNavigationThrottle";
}
content::NavigationThrottle::ThrottleCheckResult
SafeBrowsingNavigationThrottle::WillFailRequest() {
DCHECK(manager_);
// Goes over |RedirectChain| to get the severest threat information
security_interstitials::UnsafeResource resource;
content::NavigationHandle* handle = navigation_handle();
ThreatSeverity severity =
manager_->GetSeverestThreatForNavigation(handle, resource);
// Unsafe resource will show a blocking page
if (severity != std::numeric_limits<ThreatSeverity>::max() &&
resource.threat_type != SBThreatType::SB_THREAT_TYPE_SAFE) {
// Subframes and nested frame trees will show an interstitial directly
// from BaseUIManager::DisplayBlockingPage.
DCHECK(handle->IsInPrimaryMainFrame() ||
handle->IsInPrerenderedMainFrame());
// blocked_page_shown_timestamp is set to nullopt because this blocking
// page is triggered through navigation throttle, so the blocked page is
// never shown.
security_interstitials::SecurityInterstitialPage* blocking_page =
manager_->CreateBlockingPage(
handle->GetWebContents(), handle->GetURL(), {resource},
/*forward_extension_event=*/true,
/*blocked_page_shown_timestamp=*/std::nullopt);
std::string error_page_content = blocking_page->GetHTMLContents();
security_interstitials::SecurityInterstitialTabHelper::
AssociateBlockingPage(handle, base::WrapUnique(blocking_page));
base::UmaHistogramBoolean("SafeBrowsing.NavigationThrottle.IsSameURL",
handle->GetURL() == resource.url);
return content::NavigationThrottle::ThrottleCheckResult(
CANCEL, net::ERR_BLOCKED_BY_CLIENT, error_page_content);
}
return content::NavigationThrottle::PROCEED;
}
} // namespace safe_browsing
|
