src/content/browser/loader/buffered_resource_handler.cc

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "content/browser/loader/buffered_resource_handler.h"
   6
   7 #include <vector>
   8
   9 #include "base/bind.h"
  10 #include "base/logging.h"
  11 #include "base/metrics/histogram.h"
  12 #include "base/strings/string_util.h"
  13 #include "content/browser/download/download_resource_handler.h"
  14 #include "content/browser/download/download_stats.h"
  15 #include "content/browser/loader/certificate_resource_handler.h"
  16 #include "content/browser/loader/resource_dispatcher_host_impl.h"
  17 #include "content/browser/loader/resource_request_info_impl.h"
  18 #include "content/browser/plugin_service_impl.h"
  19 #include "content/public/browser/content_browser_client.h"
  20 #include "content/public/browser/download_item.h"
  21 #include "content/public/browser/download_save_info.h"
  22 #include "content/public/browser/download_url_parameters.h"
  23 #include "content/public/browser/resource_context.h"
  24 #include "content/public/browser/resource_dispatcher_host_delegate.h"
  25 #include "content/public/common/resource_response.h"
  26 #include "content/public/common/webplugininfo.h"
  27 #include "net/base/io_buffer.h"
  28 #include "net/base/mime_sniffer.h"
  29 #include "net/base/mime_util.h"
  30 #include "net/base/net_errors.h"
  31 #include "net/http/http_content_disposition.h"
  32 #include "net/http/http_response_headers.h"
  33
  34 namespace content {
  35
  36 namespace {
  37
  38 void RecordSnifferMetrics(bool sniffing_blocked,
  39                           bool we_would_like_to_sniff,
  40                           const std::string& mime_type) {
  41   static base::HistogramBase* nosniff_usage(NULL);
  42   if (!nosniff_usage)
  43     nosniff_usage = base::BooleanHistogram::FactoryGet(
  44         "nosniff.usage", base::HistogramBase::kUmaTargetedHistogramFlag);
  45   nosniff_usage->AddBoolean(sniffing_blocked);
  46
  47   if (sniffing_blocked) {
  48     static base::HistogramBase* nosniff_otherwise(NULL);
  49     if (!nosniff_otherwise)
  50       nosniff_otherwise = base::BooleanHistogram::FactoryGet(
  51           "nosniff.otherwise", base::HistogramBase::kUmaTargetedHistogramFlag);
  52     nosniff_otherwise->AddBoolean(we_would_like_to_sniff);
  53
  54     static base::HistogramBase* nosniff_empty_mime_type(NULL);
  55     if (!nosniff_empty_mime_type)
  56       nosniff_empty_mime_type = base::BooleanHistogram::FactoryGet(
  57           "nosniff.empty_mime_type",
  58           base::HistogramBase::kUmaTargetedHistogramFlag);
  59     nosniff_empty_mime_type->AddBoolean(mime_type.empty());
  60   }
  61 }
  62
  63 // Used to write into an existing IOBuffer at a given offset.
  64 class DependentIOBuffer : public net::WrappedIOBuffer {
  65  public:
  66   DependentIOBuffer(net::IOBuffer* buf, int offset)
  67       : net::WrappedIOBuffer(buf->data() + offset),
  68         buf_(buf) {
  69   }
  70
  71  private:
  72   virtual ~DependentIOBuffer() {}
  73
  74   scoped_refptr<net::IOBuffer> buf_;
  75 };
  76
  77 }  // namespace
  78
  79 BufferedResourceHandler::BufferedResourceHandler(
  80     scoped_ptr<ResourceHandler> next_handler,
  81     ResourceDispatcherHostImpl* host,
  82     net::URLRequest* request)
  83     : LayeredResourceHandler(request, next_handler.Pass()),
  84       state_(STATE_STARTING),
  85       host_(host),
  86       read_buffer_size_(0),
  87       bytes_read_(0),
  88       must_download_(false),
  89       must_download_is_set_(false),
  90       weak_ptr_factory_(this) {
  91 }
  92
  93 BufferedResourceHandler::~BufferedResourceHandler() {
  94 }
  95
  96 void BufferedResourceHandler::SetController(ResourceController* controller) {
  97   ResourceHandler::SetController(controller);
  98
  99   // Downstream handlers see us as their ResourceController, which allows us to
 100   // consume part or all of the resource response, and then later replay it to
 101   // downstream handler.
 102   DCHECK(next_handler_.get());
 103   next_handler_->SetController(this);
 104 }
 105
 106 bool BufferedResourceHandler::OnResponseStarted(
 107     int request_id,
 108     ResourceResponse* response,
 109     bool* defer) {
 110   response_ = response;
 111
 112   // TODO(darin): It is very odd to special-case 304 responses at this level.
 113   // We do so only because the code always has, see r24977 and r29355.  The
 114   // fact that 204 is no longer special-cased this way suggests that 304 need
 115   // not be special-cased either.
 116   //
 117   // The network stack only forwards 304 responses that were not received in
 118   // response to a conditional request (i.e., If-Modified-Since).  Other 304
 119   // responses end up being translated to 200 or whatever the cached response
 120   // code happens to be.  It should be very rare to see a 304 at this level.
 121
 122   if (!(response_->head.headers.get() &&
 123         response_->head.headers->response_code() == 304)) {
 124     if (ShouldSniffContent()) {
 125       state_ = STATE_BUFFERING;
 126       return true;
 127     }
 128
 129     if (response_->head.mime_type.empty()) {
 130       // Ugg.  The server told us not to sniff the content but didn't give us
 131       // a mime type.  What's a browser to do?  Turns out, we're supposed to
 132       // treat the response as "text/plain".  This is the most secure option.
 133       response_->head.mime_type.assign("text/plain");
 134     }
 135
 136     // Treat feed types as text/plain.
 137     if (response_->head.mime_type == "application/rss+xml" ||
 138         response_->head.mime_type == "application/atom+xml") {
 139       response_->head.mime_type.assign("text/plain");
 140     }
 141   }
 142
 143   state_ = STATE_PROCESSING;
 144   return ProcessResponse(defer);
 145 }
 146
 147 // We'll let the original event handler provide a buffer, and reuse it for
 148 // subsequent reads until we're done buffering.
 149 bool BufferedResourceHandler::OnWillRead(int request_id,
 150                                          scoped_refptr<net::IOBuffer>* buf,
 151                                          int* buf_size,
 152                                          int min_size) {
 153   if (state_ == STATE_STREAMING)
 154     return next_handler_->OnWillRead(request_id, buf, buf_size, min_size);
 155
 156   DCHECK_EQ(-1, min_size);
 157
 158   if (read_buffer_.get()) {
 159     CHECK_LT(bytes_read_, read_buffer_size_);
 160     *buf = new DependentIOBuffer(read_buffer_.get(), bytes_read_);
 161     *buf_size = read_buffer_size_ - bytes_read_;
 162   } else {
 163     if (!next_handler_->OnWillRead(request_id, buf, buf_size, min_size))
 164       return false;
 165
 166     read_buffer_ = *buf;
 167     read_buffer_size_ = *buf_size;
 168     DCHECK_GE(read_buffer_size_, net::kMaxBytesToSniff * 2);
 169   }
 170   return true;
 171 }
 172
 173 bool BufferedResourceHandler::OnReadCompleted(int request_id, int bytes_read,
 174                                               bool* defer) {
 175   if (state_ == STATE_STREAMING)
 176     return next_handler_->OnReadCompleted(request_id, bytes_read, defer);
 177
 178   DCHECK_EQ(state_, STATE_BUFFERING);
 179   bytes_read_ += bytes_read;
 180
 181   if (!DetermineMimeType() && (bytes_read > 0))
 182     return true;  // Needs more data, so keep buffering.
 183
 184   state_ = STATE_PROCESSING;
 185   return ProcessResponse(defer);
 186 }
 187
 188 void BufferedResourceHandler::OnResponseCompleted(
 189     int request_id,
 190     const net::URLRequestStatus& status,
 191     const std::string& security_info,
 192     bool* defer) {
 193   // Upon completion, act like a pass-through handler in case the downstream
 194   // handler defers OnResponseCompleted.
 195   state_ = STATE_STREAMING;
 196
 197   next_handler_->OnResponseCompleted(request_id, status, security_info, defer);
 198 }
 199
 200 void BufferedResourceHandler::Resume() {
 201   switch (state_) {
 202     case STATE_BUFFERING:
 203     case STATE_PROCESSING:
 204       NOTREACHED();
 205       break;
 206     case STATE_REPLAYING:
 207       base::MessageLoop::current()->PostTask(
 208           FROM_HERE,
 209           base::Bind(&BufferedResourceHandler::CallReplayReadCompleted,
 210                      weak_ptr_factory_.GetWeakPtr()));
 211       break;
 212     case STATE_STARTING:
 213     case STATE_STREAMING:
 214       controller()->Resume();
 215       break;
 216   }
 217 }
 218
 219 void BufferedResourceHandler::Cancel() {
 220   controller()->Cancel();
 221 }
 222
 223 void BufferedResourceHandler::CancelAndIgnore() {
 224   controller()->CancelAndIgnore();
 225 }
 226
 227 void BufferedResourceHandler::CancelWithError(int error_code) {
 228   controller()->CancelWithError(error_code);
 229 }
 230
 231 bool BufferedResourceHandler::ProcessResponse(bool* defer) {
 232   DCHECK_EQ(STATE_PROCESSING, state_);
 233
 234   // TODO(darin): Stop special-casing 304 responses.
 235   if (!(response_->head.headers.get() &&
 236         response_->head.headers->response_code() == 304)) {
 237     if (!SelectNextHandler(defer))
 238       return false;
 239     if (*defer)
 240       return true;
 241   }
 242
 243   state_ = STATE_REPLAYING;
 244
 245   if (!next_handler_->OnResponseStarted(GetRequestID(), response_.get(), defer))
 246     return false;
 247
 248   if (!read_buffer_.get()) {
 249     state_ = STATE_STREAMING;
 250     return true;
 251   }
 252
 253   if (!*defer)
 254     return ReplayReadCompleted(defer);
 255
 256   return true;
 257 }
 258
 259 bool BufferedResourceHandler::ShouldSniffContent() {
 260   const std::string& mime_type = response_->head.mime_type;
 261
 262   std::string content_type_options;
 263   request()->GetResponseHeaderByName("x-content-type-options",
 264                                      &content_type_options);
 265
 266   bool sniffing_blocked =
 267       LowerCaseEqualsASCII(content_type_options, "nosniff");
 268   bool we_would_like_to_sniff =
 269       net::ShouldSniffMimeType(request()->url(), mime_type);
 270
 271   RecordSnifferMetrics(sniffing_blocked, we_would_like_to_sniff, mime_type);
 272
 273   if (!sniffing_blocked && we_would_like_to_sniff) {
 274     // We're going to look at the data before deciding what the content type
 275     // is.  That means we need to delay sending the ResponseStarted message
 276     // over the IPC channel.
 277     VLOG(1) << "To buffer: " << request()->url().spec();
 278     return true;
 279   }
 280
 281   return false;
 282 }
 283
 284 bool BufferedResourceHandler::DetermineMimeType() {
 285   DCHECK_EQ(STATE_BUFFERING, state_);
 286
 287   const std::string& type_hint = response_->head.mime_type;
 288
 289   std::string new_type;
 290   bool made_final_decision =
 291       net::SniffMimeType(read_buffer_->data(), bytes_read_, request()->url(),
 292                          type_hint, &new_type);
 293
 294   // SniffMimeType() returns false if there is not enough data to determine
 295   // the mime type. However, even if it returns false, it returns a new type
 296   // that is probably better than the current one.
 297   response_->head.mime_type.assign(new_type);
 298
 299   return made_final_decision;
 300 }
 301
 302 bool BufferedResourceHandler::SelectNextHandler(bool* defer) {
 303   DCHECK(!response_->head.mime_type.empty());
 304
 305   ResourceRequestInfoImpl* info = GetRequestInfo();
 306   const std::string& mime_type = response_->head.mime_type;
 307
 308   if (net::IsSupportedCertificateMimeType(mime_type)) {
 309     // Install certificate file.
 310     info->set_is_download(true);
 311     scoped_ptr<ResourceHandler> handler(
 312         new CertificateResourceHandler(request()));
 313     return UseAlternateNextHandler(handler.Pass());
 314   }
 315
 316   if (!info->allow_download())
 317     return true;
 318
 319   bool must_download = MustDownload();
 320   if (!must_download) {
 321     if (net::IsSupportedMimeType(mime_type))
 322       return true;
 323
 324     scoped_ptr<ResourceHandler> handler(
 325         host_->MaybeInterceptAsStream(request(), response_.get()));
 326     if (handler)
 327       return UseAlternateNextHandler(handler.Pass());
 328
 329 #if defined(ENABLE_PLUGINS)
 330     bool stale;
 331     bool has_plugin = HasSupportingPlugin(&stale);
 332     if (stale) {
 333       // Refresh the plugins asynchronously.
 334       PluginServiceImpl::GetInstance()->GetPlugins(
 335           base::Bind(&BufferedResourceHandler::OnPluginsLoaded,
 336                      weak_ptr_factory_.GetWeakPtr()));
 337       request()->LogBlockedBy("BufferedResourceHandler");
 338       *defer = true;
 339       return true;
 340     }
 341     if (has_plugin)
 342       return true;
 343 #endif
 344   }
 345
 346   // Install download handler
 347   info->set_is_download(true);
 348   scoped_ptr<ResourceHandler> handler(
 349       host_->CreateResourceHandlerForDownload(
 350           request(),
 351           true,  // is_content_initiated
 352           must_download,
 353           content::DownloadItem::kInvalidId,
 354           scoped_ptr<DownloadSaveInfo>(new DownloadSaveInfo()),
 355           DownloadUrlParameters::OnStartedCallback()));
 356   return UseAlternateNextHandler(handler.Pass());
 357 }
 358
 359 bool BufferedResourceHandler::UseAlternateNextHandler(
 360     scoped_ptr<ResourceHandler> new_handler) {
 361   if (response_->head.headers.get() &&  // Can be NULL if FTP.
 362       response_->head.headers->response_code() / 100 != 2) {
 363     // The response code indicates that this is an error page, but we don't
 364     // know how to display the content.  We follow Firefox here and show our
 365     // own error page instead of triggering a download.
 366     // TODO(abarth): We should abstract the response_code test, but this kind
 367     //               of check is scattered throughout our codebase.
 368     request()->CancelWithError(net::ERR_FILE_NOT_FOUND);
 369     return false;
 370   }
 371
 372   int request_id = GetRequestID();
 373
 374   // Inform the original ResourceHandler that this will be handled entirely by
 375   // the new ResourceHandler.
 376   // TODO(darin): We should probably check the return values of these.
 377   bool defer_ignored = false;
 378   next_handler_->OnResponseStarted(request_id, response_.get(), &defer_ignored);
 379   // Although deferring OnResponseStarted is legal, the only downstream handler
 380   // which does so is CrossSiteResourceHandler. Cross-site transitions should
 381   // not trigger when switching handlers.
 382   DCHECK(!defer_ignored);
 383   net::URLRequestStatus status(net::URLRequestStatus::CANCELED,
 384                                net::ERR_ABORTED);
 385   next_handler_->OnResponseCompleted(request_id, status, std::string(),
 386                                      &defer_ignored);
 387   DCHECK(!defer_ignored);
 388
 389   // This is handled entirely within the new ResourceHandler, so just reset the
 390   // original ResourceHandler.
 391   next_handler_ = new_handler.Pass();
 392   next_handler_->SetController(this);
 393
 394   return CopyReadBufferToNextHandler(request_id);
 395 }
 396
 397 bool BufferedResourceHandler::ReplayReadCompleted(bool* defer) {
 398   DCHECK(read_buffer_.get());
 399
 400   bool result = next_handler_->OnReadCompleted(GetRequestID(), bytes_read_,
 401                                                defer);
 402
 403   read_buffer_ = NULL;
 404   read_buffer_size_ = 0;
 405   bytes_read_ = 0;
 406
 407   state_ = STATE_STREAMING;
 408
 409   return result;
 410 }
 411
 412 void BufferedResourceHandler::CallReplayReadCompleted() {
 413   bool defer = false;
 414   if (!ReplayReadCompleted(&defer)) {
 415     controller()->Cancel();
 416   } else if (!defer) {
 417     state_ = STATE_STREAMING;
 418     controller()->Resume();
 419   }
 420 }
 421
 422 bool BufferedResourceHandler::MustDownload() {
 423   if (must_download_is_set_)
 424     return must_download_;
 425
 426   must_download_is_set_ = true;
 427
 428   std::string disposition;
 429   request()->GetResponseHeaderByName("content-disposition", &disposition);
 430   if (!disposition.empty() &&
 431       net::HttpContentDisposition(disposition, std::string()).is_attachment()) {
 432     must_download_ = true;
 433   } else if (host_->delegate() &&
 434              host_->delegate()->ShouldForceDownloadResource(
 435                  request()->url(), response_->head.mime_type)) {
 436     must_download_ = true;
 437   } else {
 438     must_download_ = false;
 439   }
 440
 441   return must_download_;
 442 }
 443
 444 bool BufferedResourceHandler::HasSupportingPlugin(bool* stale) {
 445 #if defined(ENABLE_PLUGINS)
 446   ResourceRequestInfoImpl* info = GetRequestInfo();
 447
 448   bool allow_wildcard = false;
 449   WebPluginInfo plugin;
 450   return PluginServiceImpl::GetInstance()->GetPluginInfo(
 451       info->GetChildID(), info->GetRenderFrameID(), info->GetContext(),
 452       request()->url(), GURL(), response_->head.mime_type, allow_wildcard,
 453       stale, &plugin, NULL);
 454 #else
 455   if (stale)
 456     *stale = false;
 457   return false;
 458 #endif
 459 }
 460
 461 bool BufferedResourceHandler::CopyReadBufferToNextHandler(int request_id) {
 462   if (!bytes_read_)
 463     return true;
 464
 465   scoped_refptr<net::IOBuffer> buf;
 466   int buf_len = 0;
 467   if (!next_handler_->OnWillRead(request_id, &buf, &buf_len, bytes_read_))
 468     return false;
 469
 470   CHECK((buf_len >= bytes_read_) && (bytes_read_ >= 0));
 471   memcpy(buf->data(), read_buffer_->data(), bytes_read_);
 472   return true;
 473 }
 474
 475 void BufferedResourceHandler::OnPluginsLoaded(
 476     const std::vector<WebPluginInfo>& plugins) {
 477   request()->LogUnblocked();
 478   bool defer = false;
 479   if (!ProcessResponse(&defer)) {
 480     controller()->Cancel();
 481   } else if (!defer) {
 482     controller()->Resume();
 483   }
 484 }
 485
 486 }  // namespace content