1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/net/chrome_network_delegate.h"
11 #include "base/base_paths.h"
12 #include "base/debug/trace_event.h"
13 #include "base/logging.h"
14 #include "base/metrics/histogram.h"
15 #include "base/path_service.h"
16 #include "base/prefs/pref_member.h"
17 #include "base/prefs/pref_service.h"
18 #include "base/strings/string_number_conversions.h"
19 #include "base/time/time.h"
20 #include "chrome/browser/browser_process.h"
21 #include "chrome/browser/content_settings/cookie_settings.h"
22 #include "chrome/browser/content_settings/tab_specific_content_settings.h"
23 #include "chrome/browser/custom_handlers/protocol_handler_registry.h"
24 #include "chrome/browser/net/chrome_extensions_network_delegate.h"
25 #include "chrome/browser/net/client_hints.h"
26 #include "chrome/browser/net/connect_interceptor.h"
27 #include "chrome/browser/net/safe_search_util.h"
28 #include "chrome/browser/performance_monitor/performance_monitor.h"
29 #include "chrome/browser/prerender/prerender_tracker.h"
30 #include "chrome/browser/profiles/profile_manager.h"
31 #include "chrome/browser/task_manager/task_manager.h"
32 #include "chrome/common/pref_names.h"
33 #include "components/data_reduction_proxy/browser/data_reduction_proxy_auth_request_handler.h"
34 #include "components/data_reduction_proxy/browser/data_reduction_proxy_metrics.h"
35 #include "components/data_reduction_proxy/browser/data_reduction_proxy_params.h"
36 #include "components/data_reduction_proxy/browser/data_reduction_proxy_protocol.h"
37 #include "components/data_reduction_proxy/browser/data_reduction_proxy_usage_stats.h"
38 #include "components/domain_reliability/monitor.h"
39 #include "content/public/browser/browser_thread.h"
40 #include "content/public/browser/render_frame_host.h"
41 #include "content/public/browser/render_view_host.h"
42 #include "content/public/browser/resource_request_info.h"
43 #include "net/base/host_port_pair.h"
44 #include "net/base/net_errors.h"
45 #include "net/base/net_log.h"
46 #include "net/cookies/canonical_cookie.h"
47 #include "net/cookies/cookie_options.h"
48 #include "net/http/http_request_headers.h"
49 #include "net/http/http_response_headers.h"
50 #include "net/proxy/proxy_config.h"
51 #include "net/proxy/proxy_info.h"
52 #include "net/proxy/proxy_retry_info.h"
53 #include "net/proxy/proxy_server.h"
54 #include "net/socket_stream/socket_stream.h"
55 #include "net/url_request/url_request.h"
56 #include "net/url_request/url_request_context.h"
58 #if defined(OS_ANDROID)
59 #include "chrome/browser/io_thread.h"
60 #include "components/precache/content/precache_manager.h"
61 #include "components/precache/content/precache_manager_factory.h"
64 #if defined(OS_CHROMEOS)
65 #include "base/command_line.h"
66 #include "base/sys_info.h"
67 #include "chrome/common/chrome_switches.h"
70 #if defined(ENABLE_CONFIGURATION_POLICY)
71 #include "components/policy/core/browser/url_blacklist_manager.h"
74 #if defined(ENABLE_EXTENSIONS)
75 #include "extensions/common/constants.h"
78 using content::BrowserThread;
79 using content::RenderViewHost;
80 using content::ResourceRequestInfo;
81 using content::ResourceType;
83 // By default we don't allow access to all file:// urls on ChromeOS and
85 #if defined(OS_CHROMEOS) || defined(OS_ANDROID)
86 bool ChromeNetworkDelegate::g_allow_file_access_ = false;
88 bool ChromeNetworkDelegate::g_allow_file_access_ = true;
91 #if defined(ENABLE_EXTENSIONS)
92 // This remains false unless the --disable-extensions-http-throttling
93 // flag is passed to the browser.
94 bool ChromeNetworkDelegate::g_never_throttle_requests_ = false;
99 const char kDNTHeader[] = "DNT";
101 // Gets called when the extensions finish work on the URL. If the extensions
102 // did not do a redirect (so |new_url| is empty) then we enforce the
103 // SafeSearch parameters. Otherwise we will get called again after the
104 // redirect and we enforce SafeSearch then.
105 void ForceGoogleSafeSearchCallbackWrapper(
106 const net::CompletionCallback& callback,
107 net::URLRequest* request,
110 if (rv == net::OK && new_url->is_empty())
111 safe_search_util::ForceGoogleSafeSearch(request, new_url);
115 void UpdateContentLengthPrefs(
116 int received_content_length,
117 int original_content_length,
118 data_reduction_proxy::DataReductionProxyRequestType request_type,
120 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
121 DCHECK_GE(received_content_length, 0);
122 DCHECK_GE(original_content_length, 0);
124 // Can be NULL in a unit test.
125 if (!g_browser_process)
128 PrefService* prefs = g_browser_process->local_state();
132 // Ignore off-the-record data.
133 if (!g_browser_process->profile_manager()->IsValidProfile(profile) ||
134 profile->IsOffTheRecord()) {
137 #if defined(OS_ANDROID) && defined(SPDY_PROXY_AUTH_ORIGIN)
138 // If Android ever goes multi profile, the profile should be passed so that
139 // the browser preference will be taken.
140 bool with_data_reduction_proxy_enabled =
141 ProfileManager::GetActiveUserProfile()->GetPrefs()->GetBoolean(
142 data_reduction_proxy::prefs::kDataReductionProxyEnabled);
144 bool with_data_reduction_proxy_enabled = false;
147 data_reduction_proxy::UpdateContentLengthPrefs(received_content_length,
148 original_content_length,
149 with_data_reduction_proxy_enabled,
150 request_type, prefs);
153 void StoreAccumulatedContentLength(
154 int received_content_length,
155 int original_content_length,
156 data_reduction_proxy::DataReductionProxyRequestType request_type,
158 BrowserThread::PostTask(BrowserThread::UI, FROM_HERE,
159 base::Bind(&UpdateContentLengthPrefs,
160 received_content_length, original_content_length,
161 request_type, profile));
164 void RecordContentLengthHistograms(
165 int64 received_content_length,
166 int64 original_content_length,
167 const base::TimeDelta& freshness_lifetime) {
168 // Add the current resource to these histograms only when a valid
169 // X-Original-Content-Length header is present.
170 if (original_content_length >= 0) {
171 UMA_HISTOGRAM_COUNTS("Net.HttpContentLengthWithValidOCL",
172 received_content_length);
173 UMA_HISTOGRAM_COUNTS("Net.HttpOriginalContentLengthWithValidOCL",
174 original_content_length);
175 UMA_HISTOGRAM_COUNTS("Net.HttpContentLengthDifferenceWithValidOCL",
176 original_content_length - received_content_length);
178 // Presume the original content length is the same as the received content
179 // length if the X-Original-Content-Header is not present.
180 original_content_length = received_content_length;
182 UMA_HISTOGRAM_COUNTS("Net.HttpContentLength", received_content_length);
183 UMA_HISTOGRAM_COUNTS("Net.HttpOriginalContentLength",
184 original_content_length);
185 UMA_HISTOGRAM_COUNTS("Net.HttpContentLengthDifference",
186 original_content_length - received_content_length);
187 UMA_HISTOGRAM_CUSTOM_COUNTS("Net.HttpContentFreshnessLifetime",
188 freshness_lifetime.InSeconds(),
189 base::TimeDelta::FromHours(1).InSeconds(),
190 base::TimeDelta::FromDays(30).InSeconds(),
192 if (freshness_lifetime.InSeconds() <= 0)
194 UMA_HISTOGRAM_COUNTS("Net.HttpContentLengthCacheable",
195 received_content_length);
196 if (freshness_lifetime.InHours() < 4)
198 UMA_HISTOGRAM_COUNTS("Net.HttpContentLengthCacheable4Hours",
199 received_content_length);
201 if (freshness_lifetime.InHours() < 24)
203 UMA_HISTOGRAM_COUNTS("Net.HttpContentLengthCacheable24Hours",
204 received_content_length);
207 #if defined(OS_ANDROID)
208 void RecordPrecacheStatsOnUIThread(const GURL& url,
209 const base::Time& fetch_time, int64 size,
210 bool was_cached, void* profile_id) {
211 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
213 Profile* profile = reinterpret_cast<Profile*>(profile_id);
214 if (!g_browser_process->profile_manager()->IsValidProfile(profile)) {
218 precache::PrecacheManager* precache_manager =
219 precache::PrecacheManagerFactory::GetForBrowserContext(profile);
220 if (!precache_manager) {
221 // This could be NULL if the profile is off the record.
225 precache_manager->RecordStatsForFetch(url, fetch_time, size, was_cached);
228 void RecordIOThreadToRequestStartOnUIThread(
229 const base::TimeTicks& request_start) {
230 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
231 base::TimeDelta request_lag = request_start -
232 g_browser_process->io_thread()->creation_time();
233 UMA_HISTOGRAM_TIMES("Net.IOThreadCreationToHTTPRequestStart", request_lag);
235 #endif // defined(OS_ANDROID)
239 ChromeNetworkDelegate::ChromeNetworkDelegate(
240 extensions::EventRouterForwarder* event_router,
241 BooleanPrefMember* enable_referrers)
243 enable_referrers_(enable_referrers),
244 enable_do_not_track_(NULL),
245 force_google_safe_search_(NULL),
246 data_reduction_proxy_enabled_(NULL),
247 #if defined(ENABLE_CONFIGURATION_POLICY)
248 url_blacklist_manager_(NULL),
250 domain_reliability_monitor_(NULL),
251 received_content_length_(0),
252 original_content_length_(0),
253 first_request_(true),
254 prerender_tracker_(NULL),
255 data_reduction_proxy_params_(NULL),
256 data_reduction_proxy_usage_stats_(NULL),
257 data_reduction_proxy_auth_request_handler_(NULL) {
258 DCHECK(enable_referrers);
259 extensions_delegate_.reset(
260 ChromeExtensionsNetworkDelegate::Create(event_router));
263 ChromeNetworkDelegate::~ChromeNetworkDelegate() {}
265 void ChromeNetworkDelegate::set_extension_info_map(
266 extensions::InfoMap* extension_info_map) {
267 extensions_delegate_->set_extension_info_map(extension_info_map);
270 void ChromeNetworkDelegate::set_profile(void* profile) {
272 extensions_delegate_->set_profile(profile);
275 void ChromeNetworkDelegate::set_cookie_settings(
276 CookieSettings* cookie_settings) {
277 cookie_settings_ = cookie_settings;
280 void ChromeNetworkDelegate::set_predictor(
281 chrome_browser_net::Predictor* predictor) {
282 connect_interceptor_.reset(
283 new chrome_browser_net::ConnectInterceptor(predictor));
286 void ChromeNetworkDelegate::SetEnableClientHints() {
287 client_hints_.reset(new ClientHints());
288 client_hints_->Init();
292 #if defined(ENABLE_EXTENSIONS)
293 void ChromeNetworkDelegate::NeverThrottleRequests() {
294 g_never_throttle_requests_ = true;
299 void ChromeNetworkDelegate::InitializePrefsOnUIThread(
300 BooleanPrefMember* enable_referrers,
301 BooleanPrefMember* enable_do_not_track,
302 BooleanPrefMember* force_google_safe_search,
303 PrefService* pref_service) {
304 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
305 enable_referrers->Init(prefs::kEnableReferrers, pref_service);
306 enable_referrers->MoveToThread(
307 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::IO));
308 if (enable_do_not_track) {
309 enable_do_not_track->Init(prefs::kEnableDoNotTrack, pref_service);
310 enable_do_not_track->MoveToThread(
311 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::IO));
313 if (force_google_safe_search) {
314 force_google_safe_search->Init(prefs::kForceSafeSearch, pref_service);
315 force_google_safe_search->MoveToThread(
316 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::IO));
321 void ChromeNetworkDelegate::AllowAccessToAllFiles() {
322 g_allow_file_access_ = true;
326 base::Value* ChromeNetworkDelegate::HistoricNetworkStatsInfoToValue() {
327 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
328 PrefService* prefs = g_browser_process->local_state();
329 int64 total_received = prefs->GetInt64(
330 data_reduction_proxy::prefs::kHttpReceivedContentLength);
331 int64 total_original = prefs->GetInt64(
332 data_reduction_proxy::prefs::kHttpOriginalContentLength);
334 base::DictionaryValue* dict = new base::DictionaryValue();
335 // Use strings to avoid overflow. base::Value only supports 32-bit integers.
336 dict->SetString("historic_received_content_length",
337 base::Int64ToString(total_received));
338 dict->SetString("historic_original_content_length",
339 base::Int64ToString(total_original));
343 base::Value* ChromeNetworkDelegate::SessionNetworkStatsInfoToValue() const {
344 base::DictionaryValue* dict = new base::DictionaryValue();
345 // Use strings to avoid overflow. base::Value only supports 32-bit integers.
346 dict->SetString("session_received_content_length",
347 base::Int64ToString(received_content_length_));
348 dict->SetString("session_original_content_length",
349 base::Int64ToString(original_content_length_));
353 int ChromeNetworkDelegate::OnBeforeURLRequest(
354 net::URLRequest* request,
355 const net::CompletionCallback& callback,
357 #if defined(OS_ANDROID)
358 // This UMA tracks the time to the first user-initiated request start, so
359 // only non-null profiles are considered.
360 if (first_request_ && profile_) {
361 bool record_timing = true;
362 if (data_reduction_proxy_params_) {
364 (request->url() != data_reduction_proxy_params_->probe_url()) &&
365 (request->url() != data_reduction_proxy_params_->warmup_url());
368 first_request_ = false;
369 net::LoadTimingInfo timing_info;
370 request->GetLoadTimingInfo(&timing_info);
371 BrowserThread::PostTask(
372 BrowserThread::UI, FROM_HERE,
373 base::Bind(&RecordIOThreadToRequestStartOnUIThread,
374 timing_info.request_start));
377 #endif // defined(OS_ANDROID)
379 #if defined(ENABLE_CONFIGURATION_POLICY)
380 // TODO(joaodasilva): This prevents extensions from seeing URLs that are
381 // blocked. However, an extension might redirect the request to another URL,
382 // which is not blocked.
383 int error = net::ERR_BLOCKED_BY_ADMINISTRATOR;
384 if (url_blacklist_manager_ &&
385 url_blacklist_manager_->IsRequestBlocked(*request, &error)) {
386 // URL access blocked by policy.
387 request->net_log().AddEvent(
388 net::NetLog::TYPE_CHROME_POLICY_ABORTED_REQUEST,
389 net::NetLog::StringCallback("url",
390 &request->url().possibly_invalid_spec()));
395 extensions_delegate_->ForwardStartRequestStatus(request);
397 if (!enable_referrers_->GetValue())
398 request->SetReferrer(std::string());
399 if (enable_do_not_track_ && enable_do_not_track_->GetValue())
400 request->SetExtraRequestHeaderByName(kDNTHeader, "1", true /* override */);
403 request->SetExtraRequestHeaderByName(
404 ClientHints::kDevicePixelRatioHeader,
405 client_hints_->GetDevicePixelRatioHeader(), true);
408 bool force_safe_search = force_google_safe_search_ &&
409 force_google_safe_search_->GetValue();
411 net::CompletionCallback wrapped_callback = callback;
412 if (force_safe_search) {
413 wrapped_callback = base::Bind(&ForceGoogleSafeSearchCallbackWrapper,
415 base::Unretained(request),
416 base::Unretained(new_url));
419 int rv = extensions_delegate_->OnBeforeURLRequest(
420 request, wrapped_callback, new_url);
422 if (force_safe_search && rv == net::OK && new_url->is_empty())
423 safe_search_util::ForceGoogleSafeSearch(request, new_url);
425 if (connect_interceptor_)
426 connect_interceptor_->WitnessURLRequest(request);
431 void ChromeNetworkDelegate::OnResolveProxy(
434 const net::ProxyService& proxy_service,
435 net::ProxyInfo* result) {
436 if (!on_resolve_proxy_handler_.is_null() &&
437 !proxy_config_getter_.is_null()) {
438 on_resolve_proxy_handler_.Run(url, load_flags,
439 proxy_config_getter_.Run(),
440 proxy_service.proxy_retry_info(),
441 data_reduction_proxy_params_, result);
445 void ChromeNetworkDelegate::OnProxyFallback(const net::ProxyServer& bad_proxy,
447 if (data_reduction_proxy_usage_stats_) {
448 data_reduction_proxy_usage_stats_->RecordBypassEventHistograms(
449 bad_proxy, net_error);
453 int ChromeNetworkDelegate::OnBeforeSendHeaders(
454 net::URLRequest* request,
455 const net::CompletionCallback& callback,
456 net::HttpRequestHeaders* headers) {
457 bool force_safe_search = force_google_safe_search_ &&
458 force_google_safe_search_->GetValue();
459 if (force_safe_search)
460 safe_search_util::ForceYouTubeSafetyMode(request, headers);
462 TRACE_EVENT_ASYNC_STEP_PAST0("net", "URLRequest", request, "SendRequest");
463 return extensions_delegate_->OnBeforeSendHeaders(request, callback, headers);
466 void ChromeNetworkDelegate::OnBeforeSendProxyHeaders(
467 net::URLRequest* request,
468 const net::ProxyInfo& proxy_info,
469 net::HttpRequestHeaders* headers) {
470 if (data_reduction_proxy_auth_request_handler_) {
471 data_reduction_proxy_auth_request_handler_->MaybeAddRequestHeader(
472 request, proxy_info.proxy_server(), headers);
476 void ChromeNetworkDelegate::OnSendHeaders(
477 net::URLRequest* request,
478 const net::HttpRequestHeaders& headers) {
479 extensions_delegate_->OnSendHeaders(request, headers);
482 int ChromeNetworkDelegate::OnHeadersReceived(
483 net::URLRequest* request,
484 const net::CompletionCallback& callback,
485 const net::HttpResponseHeaders* original_response_headers,
486 scoped_refptr<net::HttpResponseHeaders>* override_response_headers,
487 GURL* allowed_unsafe_redirect_url) {
488 data_reduction_proxy::DataReductionProxyBypassType bypass_type;
489 if (data_reduction_proxy::MaybeBypassProxyAndPrepareToRetry(
490 data_reduction_proxy_params_,
492 original_response_headers,
493 override_response_headers,
495 if (data_reduction_proxy_usage_stats_)
496 data_reduction_proxy_usage_stats_->SetBypassType(bypass_type);
500 return extensions_delegate_->OnHeadersReceived(
503 original_response_headers,
504 override_response_headers,
505 allowed_unsafe_redirect_url);
508 void ChromeNetworkDelegate::OnBeforeRedirect(net::URLRequest* request,
509 const GURL& new_location) {
510 if (domain_reliability_monitor_)
511 domain_reliability_monitor_->OnBeforeRedirect(request);
512 extensions_delegate_->OnBeforeRedirect(request, new_location);
516 void ChromeNetworkDelegate::OnResponseStarted(net::URLRequest* request) {
517 TRACE_EVENT_ASYNC_STEP_PAST0("net", "URLRequest", request, "ResponseStarted");
518 extensions_delegate_->OnResponseStarted(request);
521 void ChromeNetworkDelegate::OnRawBytesRead(const net::URLRequest& request,
523 TRACE_EVENT_ASYNC_STEP_PAST1("net", "URLRequest", &request, "DidRead",
524 "bytes_read", bytes_read);
525 performance_monitor::PerformanceMonitor::GetInstance()->BytesReadOnIOThread(
526 request, bytes_read);
528 #if defined(ENABLE_TASK_MANAGER)
529 // This is not completely accurate, but as a first approximation ignore
530 // requests that are served from the cache. See bug 330931 for more info.
531 if (!request.was_cached())
532 TaskManager::GetInstance()->model()->NotifyBytesRead(request, bytes_read);
533 #endif // defined(ENABLE_TASK_MANAGER)
536 void ChromeNetworkDelegate::OnCompleted(net::URLRequest* request,
538 if (data_reduction_proxy_usage_stats_)
539 data_reduction_proxy_usage_stats_->OnUrlRequestCompleted(request, started);
541 TRACE_EVENT_ASYNC_END0("net", "URLRequest", request);
542 if (request->status().status() == net::URLRequestStatus::SUCCESS) {
543 // For better accuracy, we use the actual bytes read instead of the length
544 // specified with the Content-Length header, which may be inaccurate,
545 // or missing, as is the case with chunked encoding.
546 int64 received_content_length = request->received_response_content_length();
548 #if defined(OS_ANDROID)
549 if (precache::PrecacheManager::IsPrecachingEnabled()) {
550 // Record precache metrics when a fetch is completed successfully, if
551 // precaching is enabled.
552 BrowserThread::PostTask(
553 BrowserThread::UI, FROM_HERE,
554 base::Bind(&RecordPrecacheStatsOnUIThread, request->url(),
555 base::Time::Now(), received_content_length,
556 request->was_cached(), profile_));
558 #endif // defined(OS_ANDROID)
560 // Only record for http or https urls.
561 bool is_http = request->url().SchemeIs("http");
562 bool is_https = request->url().SchemeIs("https");
564 if (!request->was_cached() && // Don't record cached content
565 received_content_length && // Zero-byte responses aren't useful.
566 (is_http || is_https)) { // Only record for HTTP or HTTPS urls.
567 int64 original_content_length =
568 request->response_info().headers->GetInt64HeaderValue(
569 "x-original-content-length");
570 data_reduction_proxy::DataReductionProxyRequestType request_type =
571 data_reduction_proxy::GetDataReductionProxyRequestType(request);
573 base::TimeDelta freshness_lifetime =
574 request->response_info().headers->GetFreshnessLifetime(
575 request->response_info().response_time);
576 int64 adjusted_original_content_length =
577 data_reduction_proxy::GetAdjustedOriginalContentLength(
578 request_type, original_content_length,
579 received_content_length);
580 AccumulateContentLength(received_content_length,
581 adjusted_original_content_length,
583 RecordContentLengthHistograms(received_content_length,
584 original_content_length,
586 if (data_reduction_proxy_enabled_ &&
587 data_reduction_proxy_usage_stats_ &&
588 !proxy_config_getter_.is_null()) {
589 data_reduction_proxy_usage_stats_->RecordBypassedBytesHistograms(
591 *data_reduction_proxy_enabled_,
592 proxy_config_getter_.Run());
594 DVLOG(2) << __FUNCTION__
595 << " received content length: " << received_content_length
596 << " original content length: " << original_content_length
597 << " url: " << request->url();
600 extensions_delegate_->OnCompleted(request, started);
601 } else if (request->status().status() == net::URLRequestStatus::FAILED ||
602 request->status().status() == net::URLRequestStatus::CANCELED) {
603 extensions_delegate_->OnCompleted(request, started);
607 if (domain_reliability_monitor_)
608 domain_reliability_monitor_->OnCompleted(request, started);
609 extensions_delegate_->ForwardProxyErrors(request);
610 extensions_delegate_->ForwardDoneRequestStatus(request);
613 void ChromeNetworkDelegate::OnURLRequestDestroyed(net::URLRequest* request) {
614 extensions_delegate_->OnURLRequestDestroyed(request);
617 void ChromeNetworkDelegate::OnPACScriptError(int line_number,
618 const base::string16& error) {
619 extensions_delegate_->OnPACScriptError(line_number, error);
622 net::NetworkDelegate::AuthRequiredResponse
623 ChromeNetworkDelegate::OnAuthRequired(
624 net::URLRequest* request,
625 const net::AuthChallengeInfo& auth_info,
626 const AuthCallback& callback,
627 net::AuthCredentials* credentials) {
628 return extensions_delegate_->OnAuthRequired(
629 request, auth_info, callback, credentials);
632 bool ChromeNetworkDelegate::OnCanGetCookies(
633 const net::URLRequest& request,
634 const net::CookieList& cookie_list) {
635 // NULL during tests, or when we're running in the system context.
636 if (!cookie_settings_.get())
639 bool allow = cookie_settings_->IsReadingCookieAllowed(
640 request.url(), request.first_party_for_cookies());
642 int render_process_id = -1;
643 int render_frame_id = -1;
645 // |is_for_blocking_resource| indicates whether the cookies read were for a
646 // blocking resource (eg script, css). It is only temporarily added for
647 // diagnostic purposes, per bug 353678. Will be removed again once data
648 // collection is finished.
649 bool is_for_blocking_resource = false;
650 const ResourceRequestInfo* info = ResourceRequestInfo::ForRequest(&request);
651 if (info && ((!info->IsAsync()) ||
652 info->GetResourceType() == content::RESOURCE_TYPE_STYLESHEET ||
653 info->GetResourceType() == content::RESOURCE_TYPE_SCRIPT)) {
654 is_for_blocking_resource = true;
657 if (content::ResourceRequestInfo::GetRenderFrameForRequest(
658 &request, &render_process_id, &render_frame_id)) {
659 BrowserThread::PostTask(
660 BrowserThread::UI, FROM_HERE,
661 base::Bind(&TabSpecificContentSettings::CookiesRead,
662 render_process_id, render_frame_id,
663 request.url(), request.first_party_for_cookies(),
664 cookie_list, !allow, is_for_blocking_resource));
670 bool ChromeNetworkDelegate::OnCanSetCookie(const net::URLRequest& request,
671 const std::string& cookie_line,
672 net::CookieOptions* options) {
673 // NULL during tests, or when we're running in the system context.
674 if (!cookie_settings_.get())
677 bool allow = cookie_settings_->IsSettingCookieAllowed(
678 request.url(), request.first_party_for_cookies());
680 int render_process_id = -1;
681 int render_frame_id = -1;
682 if (content::ResourceRequestInfo::GetRenderFrameForRequest(
683 &request, &render_process_id, &render_frame_id)) {
684 BrowserThread::PostTask(
685 BrowserThread::UI, FROM_HERE,
686 base::Bind(&TabSpecificContentSettings::CookieChanged,
687 render_process_id, render_frame_id,
688 request.url(), request.first_party_for_cookies(),
689 cookie_line, *options, !allow));
692 if (prerender_tracker_) {
693 prerender_tracker_->OnCookieChangedForURL(
695 request.context()->cookie_store()->GetCookieMonster(),
702 bool ChromeNetworkDelegate::OnCanAccessFile(const net::URLRequest& request,
703 const base::FilePath& path) const {
704 if (g_allow_file_access_)
707 #if !defined(OS_CHROMEOS) && !defined(OS_ANDROID)
710 #if defined(OS_CHROMEOS)
711 // If we're running Chrome for ChromeOS on Linux, we want to allow file
713 if (!base::SysInfo::IsRunningOnChromeOS() ||
714 CommandLine::ForCurrentProcess()->HasSwitch(switches::kTestType)) {
718 // Use a whitelist to only allow access to files residing in the list of
719 // directories below.
720 static const char* const kLocalAccessWhiteList[] = {
721 "/home/chronos/user/Downloads",
722 "/home/chronos/user/log",
723 "/home/chronos/user/WebRTC Logs",
726 "/usr/share/chromeos-assets",
731 // The actual location of "/home/chronos/user/Xyz" is the Xyz directory under
732 // the profile path ("/home/chronos/user' is a hard link to current primary
733 // logged in profile.) For the support of multi-profile sessions, we are
734 // switching to use explicit "$PROFILE_PATH/Xyz" path and here whitelist such
736 if (!profile_path_.empty()) {
737 const base::FilePath downloads = profile_path_.AppendASCII("Downloads");
738 if (downloads == path.StripTrailingSeparators() || downloads.IsParent(path))
740 const base::FilePath webrtc_logs = profile_path_.AppendASCII("WebRTC Logs");
741 if (webrtc_logs == path.StripTrailingSeparators() ||
742 webrtc_logs.IsParent(path)) {
746 #elif defined(OS_ANDROID)
747 // Access to files in external storage is allowed.
748 base::FilePath external_storage_path;
749 PathService::Get(base::DIR_ANDROID_EXTERNAL_STORAGE, &external_storage_path);
750 if (external_storage_path.IsParent(path))
753 // Whitelist of other allowed directories.
754 static const char* const kLocalAccessWhiteList[] = {
760 for (size_t i = 0; i < arraysize(kLocalAccessWhiteList); ++i) {
761 const base::FilePath white_listed_path(kLocalAccessWhiteList[i]);
762 // base::FilePath::operator== should probably handle trailing separators.
763 if (white_listed_path == path.StripTrailingSeparators() ||
764 white_listed_path.IsParent(path)) {
769 DVLOG(1) << "File access denied - " << path.value().c_str();
771 #endif // !defined(OS_CHROMEOS) && !defined(OS_ANDROID)
774 bool ChromeNetworkDelegate::OnCanThrottleRequest(
775 const net::URLRequest& request) const {
776 #if defined(ENABLE_EXTENSIONS)
777 if (g_never_throttle_requests_)
779 return request.first_party_for_cookies().scheme() ==
780 extensions::kExtensionScheme;
786 bool ChromeNetworkDelegate::OnCanEnablePrivacyMode(
788 const GURL& first_party_for_cookies) const {
789 // NULL during tests, or when we're running in the system context.
790 if (!cookie_settings_.get())
793 bool reading_cookie_allowed = cookie_settings_->IsReadingCookieAllowed(
794 url, first_party_for_cookies);
795 bool setting_cookie_allowed = cookie_settings_->IsSettingCookieAllowed(
796 url, first_party_for_cookies);
797 bool privacy_mode = !(reading_cookie_allowed && setting_cookie_allowed);
801 int ChromeNetworkDelegate::OnBeforeSocketStreamConnect(
802 net::SocketStream* socket,
803 const net::CompletionCallback& callback) {
804 #if defined(ENABLE_CONFIGURATION_POLICY)
805 if (url_blacklist_manager_ &&
806 url_blacklist_manager_->IsURLBlocked(socket->url())) {
807 // URL access blocked by policy.
808 socket->net_log()->AddEvent(
809 net::NetLog::TYPE_CHROME_POLICY_ABORTED_REQUEST,
810 net::NetLog::StringCallback("url",
811 &socket->url().possibly_invalid_spec()));
812 return net::ERR_BLOCKED_BY_ADMINISTRATOR;
818 void ChromeNetworkDelegate::AccumulateContentLength(
819 int64 received_content_length,
820 int64 original_content_length,
821 data_reduction_proxy::DataReductionProxyRequestType request_type) {
822 DCHECK_GE(received_content_length, 0);
823 DCHECK_GE(original_content_length, 0);
824 StoreAccumulatedContentLength(received_content_length,
825 original_content_length,
827 reinterpret_cast<Profile*>(profile_));
828 received_content_length_ += received_content_length;
829 original_content_length_ += original_content_length;