1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/net/chrome_network_delegate.h"
11 #include "base/base_paths.h"
12 #include "base/debug/trace_event.h"
13 #include "base/logging.h"
14 #include "base/metrics/histogram.h"
15 #include "base/path_service.h"
16 #include "base/prefs/pref_member.h"
17 #include "base/prefs/pref_service.h"
18 #include "base/strings/string_number_conversions.h"
19 #include "base/strings/string_split.h"
20 #include "base/time/time.h"
21 #include "chrome/browser/browser_process.h"
22 #include "chrome/browser/content_settings/cookie_settings.h"
23 #include "chrome/browser/content_settings/tab_specific_content_settings.h"
24 #include "chrome/browser/custom_handlers/protocol_handler_registry.h"
25 #include "chrome/browser/extensions/api/proxy/proxy_api.h"
26 #include "chrome/browser/extensions/api/web_request/web_request_api.h"
27 #include "chrome/browser/extensions/event_router_forwarder.h"
28 #include "chrome/browser/extensions/extension_info_map.h"
29 #include "chrome/browser/extensions/extension_process_manager.h"
30 #include "chrome/browser/extensions/extension_system.h"
31 #include "chrome/browser/google/google_util.h"
32 #include "chrome/browser/net/chrome_network_data_saving_metrics.h"
33 #include "chrome/browser/net/client_hints.h"
34 #include "chrome/browser/net/connect_interceptor.h"
35 #include "chrome/browser/net/load_time_stats.h"
36 #include "chrome/browser/performance_monitor/performance_monitor.h"
37 #include "chrome/browser/profiles/profile_manager.h"
38 #include "chrome/browser/task_manager/task_manager.h"
39 #include "chrome/common/pref_names.h"
40 #include "chrome/common/url_constants.h"
41 #include "content/public/browser/browser_thread.h"
42 #include "content/public/browser/render_view_host.h"
43 #include "content/public/browser/resource_request_info.h"
44 #include "extensions/common/constants.h"
45 #include "net/base/host_port_pair.h"
46 #include "net/base/net_errors.h"
47 #include "net/base/net_log.h"
48 #include "net/cookies/canonical_cookie.h"
49 #include "net/cookies/cookie_options.h"
50 #include "net/http/http_request_headers.h"
51 #include "net/http/http_response_headers.h"
52 #include "net/socket_stream/socket_stream.h"
53 #include "net/url_request/url_request.h"
55 #if defined(OS_CHROMEOS)
56 #include "base/command_line.h"
57 #include "base/sys_info.h"
58 #include "chrome/common/chrome_switches.h"
61 #if defined(ENABLE_CONFIGURATION_POLICY)
62 #include "chrome/browser/policy/url_blacklist_manager.h"
65 using content::BrowserThread;
66 using content::RenderViewHost;
67 using content::ResourceRequestInfo;
69 // By default we don't allow access to all file:// urls on ChromeOS and
71 #if defined(OS_CHROMEOS) || defined(OS_ANDROID)
72 bool ChromeNetworkDelegate::g_allow_file_access_ = false;
74 bool ChromeNetworkDelegate::g_allow_file_access_ = true;
77 // This remains false unless the --disable-extensions-http-throttling
78 // flag is passed to the browser.
79 bool ChromeNetworkDelegate::g_never_throttle_requests_ = false;
83 const char kDNTHeader[] = "DNT";
85 // If the |request| failed due to problems with a proxy, forward the error to
86 // the proxy extension API.
87 void ForwardProxyErrors(net::URLRequest* request,
88 extensions::EventRouterForwarder* event_router,
90 if (request->status().status() == net::URLRequestStatus::FAILED) {
91 switch (request->status().error()) {
92 case net::ERR_PROXY_AUTH_UNSUPPORTED:
93 case net::ERR_PROXY_CONNECTION_FAILED:
94 case net::ERR_TUNNEL_CONNECTION_FAILED:
95 extensions::ProxyEventRouter::GetInstance()->OnProxyError(
96 event_router, profile, request->status().error());
101 // Returns whether a URL parameter, |first_parameter| (e.g. foo=bar), has the
102 // same key as the the |second_parameter| (e.g. foo=baz). Both parameters
103 // must be in key=value form.
104 bool HasSameParameterKey(const std::string& first_parameter,
105 const std::string& second_parameter) {
106 DCHECK(second_parameter.find("=") != std::string::npos);
107 // Prefix for "foo=bar" is "foo=".
108 std::string parameter_prefix = second_parameter.substr(
109 0, second_parameter.find("=") + 1);
110 return StartsWithASCII(first_parameter, parameter_prefix, false);
113 // Examines the query string containing parameters and adds the necessary ones
114 // so that SafeSearch is active. |query| is the string to examine and the
115 // return value is the |query| string modified such that SafeSearch is active.
116 std::string AddSafeSearchParameters(const std::string& query) {
117 std::vector<std::string> new_parameters;
118 std::string safe_parameter = chrome::kSafeSearchSafeParameter;
119 std::string ssui_parameter = chrome::kSafeSearchSsuiParameter;
121 std::vector<std::string> parameters;
122 base::SplitString(query, '&', ¶meters);
124 std::vector<std::string>::iterator it;
125 for (it = parameters.begin(); it < parameters.end(); ++it) {
126 if (!HasSameParameterKey(*it, safe_parameter) &&
127 !HasSameParameterKey(*it, ssui_parameter)) {
128 new_parameters.push_back(*it);
132 new_parameters.push_back(safe_parameter);
133 new_parameters.push_back(ssui_parameter);
134 return JoinString(new_parameters, '&');
137 // If |request| is a request to Google Web Search the function
138 // enforces that the SafeSearch query parameters are set to active.
139 // Sets the query part of |new_url| with the new value of the parameters.
140 void ForceGoogleSafeSearch(net::URLRequest* request,
142 if (!google_util::IsGoogleSearchUrl(request->url()) &&
143 !google_util::IsGoogleHomePageUrl(request->url()))
146 std::string query = request->url().query();
147 std::string new_query = AddSafeSearchParameters(query);
148 if (query == new_query)
151 GURL::Replacements replacements;
152 replacements.SetQueryStr(new_query);
153 *new_url = request->url().ReplaceComponents(replacements);
156 // Gets called when the extensions finish work on the URL. If the extensions
157 // did not do a redirect (so |new_url| is empty) then we enforce the
158 // SafeSearch parameters. Otherwise we will get called again after the
159 // redirect and we enforce SafeSearch then.
160 void ForceGoogleSafeSearchCallbackWrapper(
161 const net::CompletionCallback& callback,
162 net::URLRequest* request,
165 if (rv == net::OK && new_url->is_empty())
166 ForceGoogleSafeSearch(request, new_url);
170 enum RequestStatus { REQUEST_STARTED, REQUEST_DONE };
172 // Notifies the ExtensionProcessManager that a request has started or stopped
173 // for a particular RenderView.
174 void NotifyEPMRequestStatus(RequestStatus status,
177 int render_view_id) {
178 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
179 Profile* profile = reinterpret_cast<Profile*>(profile_id);
180 if (!g_browser_process->profile_manager()->IsValidProfile(profile))
183 ExtensionProcessManager* extension_process_manager =
184 extensions::ExtensionSystem::Get(profile)->process_manager();
185 // This may be NULL in unit tests.
186 if (!extension_process_manager)
189 // Will be NULL if the request was not issued on behalf of a renderer (e.g. a
190 // system-level request).
191 RenderViewHost* render_view_host =
192 RenderViewHost::FromID(process_id, render_view_id);
193 if (render_view_host) {
194 if (status == REQUEST_STARTED) {
195 extension_process_manager->OnNetworkRequestStarted(render_view_host);
196 } else if (status == REQUEST_DONE) {
197 extension_process_manager->OnNetworkRequestDone(render_view_host);
204 void ForwardRequestStatus(
205 RequestStatus status, net::URLRequest* request, void* profile_id) {
206 const ResourceRequestInfo* info = ResourceRequestInfo::ForRequest(request);
210 int process_id, render_view_id;
211 if (info->GetAssociatedRenderView(&process_id, &render_view_id)) {
212 BrowserThread::PostTask(BrowserThread::UI, FROM_HERE,
213 base::Bind(&NotifyEPMRequestStatus,
214 status, profile_id, process_id, render_view_id));
218 void UpdateContentLengthPrefs(int received_content_length,
219 int original_content_length,
220 bool via_data_reduction_proxy) {
221 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
222 DCHECK_GE(received_content_length, 0);
223 DCHECK_GE(original_content_length, 0);
225 // Can be NULL in a unit test.
226 if (!g_browser_process)
229 PrefService* prefs = g_browser_process->local_state();
233 #if defined(OS_ANDROID)
234 bool with_data_reduction_proxy_enabled =
235 g_browser_process->profile_manager()->GetDefaultProfile()->
236 GetPrefs()->GetBoolean(prefs::kSpdyProxyAuthEnabled);
238 bool with_data_reduction_proxy_enabled = false;
241 chrome_browser_net::UpdateContentLengthPrefs(
242 received_content_length,
243 original_content_length,
244 with_data_reduction_proxy_enabled,
245 via_data_reduction_proxy, prefs);
248 void StoreAccumulatedContentLength(int received_content_length,
249 int original_content_length,
250 bool data_reduction_proxy_was_used) {
251 BrowserThread::PostTask(BrowserThread::UI, FROM_HERE,
252 base::Bind(&UpdateContentLengthPrefs,
253 received_content_length, original_content_length,
254 data_reduction_proxy_was_used));
257 void RecordContentLengthHistograms(
258 int64 received_content_length,
259 int64 original_content_length,
260 const base::TimeDelta& freshness_lifetime) {
261 #if defined(OS_ANDROID)
262 // Add the current resource to these histograms only when a valid
263 // X-Original-Content-Length header is present.
264 if (original_content_length >= 0) {
265 UMA_HISTOGRAM_COUNTS("Net.HttpContentLengthWithValidOCL",
266 received_content_length);
267 UMA_HISTOGRAM_COUNTS("Net.HttpOriginalContentLengthWithValidOCL",
268 original_content_length);
269 UMA_HISTOGRAM_COUNTS("Net.HttpContentLengthDifferenceWithValidOCL",
270 original_content_length - received_content_length);
272 // Presume the original content length is the same as the received content
273 // length if the X-Original-Content-Header is not present.
274 original_content_length = received_content_length;
276 UMA_HISTOGRAM_COUNTS("Net.HttpContentLength", received_content_length);
277 UMA_HISTOGRAM_COUNTS("Net.HttpOriginalContentLength",
278 original_content_length);
279 UMA_HISTOGRAM_COUNTS("Net.HttpContentLengthDifference",
280 original_content_length - received_content_length);
281 UMA_HISTOGRAM_CUSTOM_COUNTS("Net.HttpContentFreshnessLifetime",
282 freshness_lifetime.InSeconds(),
283 base::TimeDelta::FromHours(1).InSeconds(),
284 base::TimeDelta::FromDays(30).InSeconds(),
286 if (freshness_lifetime.InSeconds() <= 0)
288 UMA_HISTOGRAM_COUNTS("Net.HttpContentLengthCacheable",
289 received_content_length);
290 if (freshness_lifetime.InHours() < 4)
292 UMA_HISTOGRAM_COUNTS("Net.HttpContentLengthCacheable4Hours",
293 received_content_length);
295 if (freshness_lifetime.InHours() < 24)
297 UMA_HISTOGRAM_COUNTS("Net.HttpContentLengthCacheable24Hours",
298 received_content_length);
299 #endif // defined(OS_ANDROID)
304 ChromeNetworkDelegate::ChromeNetworkDelegate(
305 extensions::EventRouterForwarder* event_router,
306 BooleanPrefMember* enable_referrers)
307 : event_router_(event_router),
309 enable_referrers_(enable_referrers),
310 enable_do_not_track_(NULL),
311 force_google_safe_search_(NULL),
312 url_blacklist_manager_(NULL),
313 load_time_stats_(NULL),
314 received_content_length_(0),
315 original_content_length_(0) {
316 DCHECK(event_router);
317 DCHECK(enable_referrers);
320 ChromeNetworkDelegate::~ChromeNetworkDelegate() {}
322 void ChromeNetworkDelegate::set_extension_info_map(
323 ExtensionInfoMap* extension_info_map) {
324 extension_info_map_ = extension_info_map;
327 void ChromeNetworkDelegate::set_cookie_settings(
328 CookieSettings* cookie_settings) {
329 cookie_settings_ = cookie_settings;
332 void ChromeNetworkDelegate::set_predictor(
333 chrome_browser_net::Predictor* predictor) {
334 connect_interceptor_.reset(
335 new chrome_browser_net::ConnectInterceptor(predictor));
338 void ChromeNetworkDelegate::SetEnableClientHints() {
339 client_hints_.reset(new ClientHints());
340 client_hints_->Init();
344 void ChromeNetworkDelegate::NeverThrottleRequests() {
345 g_never_throttle_requests_ = true;
349 void ChromeNetworkDelegate::InitializePrefsOnUIThread(
350 BooleanPrefMember* enable_referrers,
351 BooleanPrefMember* enable_do_not_track,
352 BooleanPrefMember* force_google_safe_search,
353 PrefService* pref_service) {
354 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
355 enable_referrers->Init(prefs::kEnableReferrers, pref_service);
356 enable_referrers->MoveToThread(
357 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::IO));
358 if (enable_do_not_track) {
359 enable_do_not_track->Init(prefs::kEnableDoNotTrack, pref_service);
360 enable_do_not_track->MoveToThread(
361 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::IO));
363 if (force_google_safe_search) {
364 force_google_safe_search->Init(prefs::kForceSafeSearch, pref_service);
365 force_google_safe_search->MoveToThread(
366 BrowserThread::GetMessageLoopProxyForThread(BrowserThread::IO));
371 void ChromeNetworkDelegate::AllowAccessToAllFiles() {
372 g_allow_file_access_ = true;
376 Value* ChromeNetworkDelegate::HistoricNetworkStatsInfoToValue() {
377 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
378 PrefService* prefs = g_browser_process->local_state();
379 int64 total_received = prefs->GetInt64(prefs::kHttpReceivedContentLength);
380 int64 total_original = prefs->GetInt64(prefs::kHttpOriginalContentLength);
382 DictionaryValue* dict = new DictionaryValue();
383 // Use strings to avoid overflow. base::Value only supports 32-bit integers.
384 dict->SetString("historic_received_content_length",
385 base::Int64ToString(total_received));
386 dict->SetString("historic_original_content_length",
387 base::Int64ToString(total_original));
391 Value* ChromeNetworkDelegate::SessionNetworkStatsInfoToValue() const {
392 DictionaryValue* dict = new DictionaryValue();
393 // Use strings to avoid overflow. base::Value only supports 32-bit integers.
394 dict->SetString("session_received_content_length",
395 base::Int64ToString(received_content_length_));
396 dict->SetString("session_original_content_length",
397 base::Int64ToString(original_content_length_));
401 int ChromeNetworkDelegate::OnBeforeURLRequest(
402 net::URLRequest* request,
403 const net::CompletionCallback& callback,
405 #if defined(ENABLE_CONFIGURATION_POLICY)
406 // TODO(joaodasilva): This prevents extensions from seeing URLs that are
407 // blocked. However, an extension might redirect the request to another URL,
408 // which is not blocked.
409 if (url_blacklist_manager_ &&
410 url_blacklist_manager_->IsRequestBlocked(*request)) {
411 // URL access blocked by policy.
412 request->net_log().AddEvent(
413 net::NetLog::TYPE_CHROME_POLICY_ABORTED_REQUEST,
414 net::NetLog::StringCallback("url",
415 &request->url().possibly_invalid_spec()));
416 return net::ERR_BLOCKED_BY_ADMINISTRATOR;
420 ForwardRequestStatus(REQUEST_STARTED, request, profile_);
422 if (!enable_referrers_->GetValue())
423 request->SetReferrer(std::string());
424 if (enable_do_not_track_ && enable_do_not_track_->GetValue())
425 request->SetExtraRequestHeaderByName(kDNTHeader, "1", true /* override */);
428 request->SetExtraRequestHeaderByName(
429 ClientHints::kDevicePixelRatioHeader,
430 client_hints_->GetDevicePixelRatioHeader(), true);
433 bool force_safe_search = force_google_safe_search_ &&
434 force_google_safe_search_->GetValue();
436 net::CompletionCallback wrapped_callback = callback;
437 if (force_safe_search) {
438 wrapped_callback = base::Bind(&ForceGoogleSafeSearchCallbackWrapper,
440 base::Unretained(request),
441 base::Unretained(new_url));
444 int rv = ExtensionWebRequestEventRouter::GetInstance()->OnBeforeRequest(
445 profile_, extension_info_map_.get(), request, wrapped_callback,
448 if (force_safe_search && rv == net::OK && new_url->is_empty())
449 ForceGoogleSafeSearch(request, new_url);
451 if (connect_interceptor_)
452 connect_interceptor_->WitnessURLRequest(request);
457 int ChromeNetworkDelegate::OnBeforeSendHeaders(
458 net::URLRequest* request,
459 const net::CompletionCallback& callback,
460 net::HttpRequestHeaders* headers) {
461 TRACE_EVENT_ASYNC_STEP_PAST0("net", "URLRequest", request, "SendRequest");
462 return ExtensionWebRequestEventRouter::GetInstance()->OnBeforeSendHeaders(
463 profile_, extension_info_map_.get(), request, callback, headers);
466 void ChromeNetworkDelegate::OnSendHeaders(
467 net::URLRequest* request,
468 const net::HttpRequestHeaders& headers) {
469 ExtensionWebRequestEventRouter::GetInstance()->OnSendHeaders(
470 profile_, extension_info_map_.get(), request, headers);
473 int ChromeNetworkDelegate::OnHeadersReceived(
474 net::URLRequest* request,
475 const net::CompletionCallback& callback,
476 const net::HttpResponseHeaders* original_response_headers,
477 scoped_refptr<net::HttpResponseHeaders>* override_response_headers) {
478 return ExtensionWebRequestEventRouter::GetInstance()->OnHeadersReceived(
479 profile_, extension_info_map_.get(), request, callback,
480 original_response_headers, override_response_headers);
483 void ChromeNetworkDelegate::OnBeforeRedirect(net::URLRequest* request,
484 const GURL& new_location) {
485 ExtensionWebRequestEventRouter::GetInstance()->OnBeforeRedirect(
486 profile_, extension_info_map_.get(), request, new_location);
490 void ChromeNetworkDelegate::OnResponseStarted(net::URLRequest* request) {
491 TRACE_EVENT_ASYNC_STEP_PAST0("net", "URLRequest", request, "ResponseStarted");
492 ExtensionWebRequestEventRouter::GetInstance()->OnResponseStarted(
493 profile_, extension_info_map_.get(), request);
494 ForwardProxyErrors(request, event_router_.get(), profile_);
497 void ChromeNetworkDelegate::OnRawBytesRead(const net::URLRequest& request,
499 TRACE_EVENT_ASYNC_STEP_PAST1("net", "URLRequest", &request, "DidRead",
500 "bytes_read", bytes_read);
501 performance_monitor::PerformanceMonitor::GetInstance()->BytesReadOnIOThread(
502 request, bytes_read);
504 #if defined(ENABLE_TASK_MANAGER)
505 TaskManager::GetInstance()->model()->NotifyBytesRead(request, bytes_read);
506 #endif // defined(ENABLE_TASK_MANAGER)
509 void ChromeNetworkDelegate::OnCompleted(net::URLRequest* request,
511 TRACE_EVENT_ASYNC_END0("net", "URLRequest", request);
512 if (request->status().status() == net::URLRequestStatus::SUCCESS) {
513 // For better accuracy, we use the actual bytes read instead of the length
514 // specified with the Content-Length header, which may be inaccurate,
515 // or missing, as is the case with chunked encoding.
516 int64 received_content_length = request->received_response_content_length();
518 // Only record for http or https urls.
519 bool is_http = request->url().SchemeIs("http");
520 bool is_https = request->url().SchemeIs("https");
522 if (!request->was_cached() && // Don't record cached content
523 received_content_length && // Zero-byte responses aren't useful.
524 (is_http || is_https)) { // Only record for HTTP or HTTPS urls.
525 int64 original_content_length =
526 request->response_info().headers->GetInt64HeaderValue(
527 "x-original-content-length");
528 bool via_data_reduction_proxy =
529 request->response_info().headers->HasHeaderValue(
530 "via", "1.1 Chrome Compression Proxy");
532 // Since there was no indication of the original content length, presume
533 // it is no different from the number of bytes read.
534 int64 adjusted_original_content_length = original_content_length;
535 if (adjusted_original_content_length == -1)
536 adjusted_original_content_length = received_content_length;
537 base::TimeDelta freshness_lifetime =
538 request->response_info().headers->GetFreshnessLifetime(
539 request->response_info().response_time);
540 AccumulateContentLength(received_content_length,
541 adjusted_original_content_length,
542 via_data_reduction_proxy);
543 RecordContentLengthHistograms(received_content_length,
544 original_content_length,
546 DVLOG(2) << __FUNCTION__
547 << " received content length: " << received_content_length
548 << " original content length: " << original_content_length
549 << " url: " << request->url();
552 bool is_redirect = request->response_headers() &&
553 net::HttpResponseHeaders::IsRedirectResponseCode(
554 request->response_headers()->response_code());
556 ExtensionWebRequestEventRouter::GetInstance()->OnCompleted(
557 profile_, extension_info_map_.get(), request);
559 } else if (request->status().status() == net::URLRequestStatus::FAILED ||
560 request->status().status() == net::URLRequestStatus::CANCELED) {
561 ExtensionWebRequestEventRouter::GetInstance()->OnErrorOccurred(
562 profile_, extension_info_map_.get(), request, started);
566 ForwardProxyErrors(request, event_router_.get(), profile_);
568 ForwardRequestStatus(REQUEST_DONE, request, profile_);
571 void ChromeNetworkDelegate::OnURLRequestDestroyed(net::URLRequest* request) {
572 ExtensionWebRequestEventRouter::GetInstance()->OnURLRequestDestroyed(
574 if (load_time_stats_)
575 load_time_stats_->OnURLRequestDestroyed(*request);
578 void ChromeNetworkDelegate::OnPACScriptError(int line_number,
579 const string16& error) {
580 extensions::ProxyEventRouter::GetInstance()->OnPACScriptError(
581 event_router_.get(), profile_, line_number, error);
584 net::NetworkDelegate::AuthRequiredResponse
585 ChromeNetworkDelegate::OnAuthRequired(
586 net::URLRequest* request,
587 const net::AuthChallengeInfo& auth_info,
588 const AuthCallback& callback,
589 net::AuthCredentials* credentials) {
590 return ExtensionWebRequestEventRouter::GetInstance()->OnAuthRequired(
591 profile_, extension_info_map_.get(), request, auth_info,
592 callback, credentials);
595 bool ChromeNetworkDelegate::OnCanGetCookies(
596 const net::URLRequest& request,
597 const net::CookieList& cookie_list) {
598 // NULL during tests, or when we're running in the system context.
599 if (!cookie_settings_.get())
602 bool allow = cookie_settings_->IsReadingCookieAllowed(
603 request.url(), request.first_party_for_cookies());
605 int render_process_id = -1;
606 int render_view_id = -1;
607 if (content::ResourceRequestInfo::GetRenderViewForRequest(
608 &request, &render_process_id, &render_view_id)) {
609 BrowserThread::PostTask(
610 BrowserThread::UI, FROM_HERE,
611 base::Bind(&TabSpecificContentSettings::CookiesRead,
612 render_process_id, render_view_id,
613 request.url(), request.first_party_for_cookies(),
614 cookie_list, !allow));
620 bool ChromeNetworkDelegate::OnCanSetCookie(const net::URLRequest& request,
621 const std::string& cookie_line,
622 net::CookieOptions* options) {
623 // NULL during tests, or when we're running in the system context.
624 if (!cookie_settings_.get())
627 bool allow = cookie_settings_->IsSettingCookieAllowed(
628 request.url(), request.first_party_for_cookies());
630 int render_process_id = -1;
631 int render_view_id = -1;
632 if (content::ResourceRequestInfo::GetRenderViewForRequest(
633 &request, &render_process_id, &render_view_id)) {
634 BrowserThread::PostTask(
635 BrowserThread::UI, FROM_HERE,
636 base::Bind(&TabSpecificContentSettings::CookieChanged,
637 render_process_id, render_view_id,
638 request.url(), request.first_party_for_cookies(),
639 cookie_line, *options, !allow));
645 bool ChromeNetworkDelegate::OnCanAccessFile(const net::URLRequest& request,
646 const base::FilePath& path) const {
647 if (g_allow_file_access_)
650 #if !defined(OS_CHROMEOS) && !defined(OS_ANDROID)
653 #if defined(OS_CHROMEOS)
654 // If we're running Chrome for ChromeOS on Linux, we want to allow file
656 if (!base::SysInfo::IsRunningOnChromeOS() ||
657 CommandLine::ForCurrentProcess()->HasSwitch(switches::kTestType)) {
661 // Use a whitelist to only allow access to files residing in the list of
662 // directories below.
663 static const char* const kLocalAccessWhiteList[] = {
664 "/home/chronos/user/Downloads",
665 "/home/chronos/user/log",
668 "/usr/share/chromeos-assets",
673 // The actual location of "/home/chronos/user/Downloads" is the Downloads
674 // directory under the profile path ("/home/chronos/user' is a hard link to
675 // current primary logged in profile.) For the support of multi-profile
676 // sessions, we are switching to use explicit "$PROFILE_PATH/Downloads" path
677 // and here whitelist such access.
678 if (!profile_path_.empty()) {
679 const base::FilePath downloads = profile_path_.AppendASCII("Downloads");
680 if (downloads == path.StripTrailingSeparators() || downloads.IsParent(path))
683 #elif defined(OS_ANDROID)
684 // Access to files in external storage is allowed.
685 base::FilePath external_storage_path;
686 PathService::Get(base::DIR_ANDROID_EXTERNAL_STORAGE, &external_storage_path);
687 if (external_storage_path.IsParent(path))
690 // Whitelist of other allowed directories.
691 static const char* const kLocalAccessWhiteList[] = {
697 for (size_t i = 0; i < arraysize(kLocalAccessWhiteList); ++i) {
698 const base::FilePath white_listed_path(kLocalAccessWhiteList[i]);
699 // base::FilePath::operator== should probably handle trailing separators.
700 if (white_listed_path == path.StripTrailingSeparators() ||
701 white_listed_path.IsParent(path)) {
706 DVLOG(1) << "File access denied - " << path.value().c_str();
708 #endif // !defined(OS_CHROMEOS) && !defined(OS_ANDROID)
711 bool ChromeNetworkDelegate::OnCanThrottleRequest(
712 const net::URLRequest& request) const {
713 if (g_never_throttle_requests_) {
717 return request.first_party_for_cookies().scheme() ==
718 extensions::kExtensionScheme;
721 bool ChromeNetworkDelegate::OnCanEnablePrivacyMode(
723 const GURL& first_party_for_cookies) const {
724 // NULL during tests, or when we're running in the system context.
725 if (!cookie_settings_.get())
728 bool reading_cookie_allowed = cookie_settings_->IsReadingCookieAllowed(
729 url, first_party_for_cookies);
730 bool setting_cookie_allowed = cookie_settings_->IsSettingCookieAllowed(
731 url, first_party_for_cookies);
732 bool privacy_mode = !(reading_cookie_allowed && setting_cookie_allowed);
736 int ChromeNetworkDelegate::OnBeforeSocketStreamConnect(
737 net::SocketStream* socket,
738 const net::CompletionCallback& callback) {
739 #if defined(ENABLE_CONFIGURATION_POLICY)
740 if (url_blacklist_manager_ &&
741 url_blacklist_manager_->IsURLBlocked(socket->url())) {
742 // URL access blocked by policy.
743 socket->net_log()->AddEvent(
744 net::NetLog::TYPE_CHROME_POLICY_ABORTED_REQUEST,
745 net::NetLog::StringCallback("url",
746 &socket->url().possibly_invalid_spec()));
747 return net::ERR_BLOCKED_BY_ADMINISTRATOR;
753 void ChromeNetworkDelegate::OnRequestWaitStateChange(
754 const net::URLRequest& request,
755 RequestWaitState state) {
756 if (load_time_stats_)
757 load_time_stats_->OnRequestWaitStateChange(request, state);
760 void ChromeNetworkDelegate::AccumulateContentLength(
761 int64 received_content_length, int64 original_content_length,
762 bool via_data_reduction_proxy) {
763 DCHECK_GE(received_content_length, 0);
764 DCHECK_GE(original_content_length, 0);
765 StoreAccumulatedContentLength(received_content_length,
766 original_content_length,
767 via_data_reduction_proxy);
768 received_content_length_ += received_content_length;
769 original_content_length_ += original_content_length;