search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
hunspell: Cleanup to fix the header include guards under google/ directory.
[chromium-blink-merge.git] / ios / web / webui / url_data_manager_ios_backend.cc
blob8d1a464074ba787185db8d78371f4416bd152c98
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "ios/web/webui/url_data_manager_ios_backend.h"
6
7 #include <set>
8
9 #include "base/basictypes.h"
10 #include "base/bind.h"
11 #include "base/command_line.h"
12 #include "base/compiler_specific.h"
13 #include "base/debug/alias.h"
14 #include "base/lazy_instance.h"
15 #include "base/memory/ref_counted.h"
16 #include "base/memory/ref_counted_memory.h"
17 #include "base/memory/weak_ptr.h"
18 #include "base/message_loop/message_loop.h"
19 #include "base/strings/string_util.h"
20 #include "base/strings/stringprintf.h"
21 #include "base/trace_event/trace_event.h"
22 #include "ios/web/public/browser_state.h"
23 #include "ios/web/public/web_client.h"
24 #include "ios/web/public/web_thread.h"
25 #include "ios/web/webui/shared_resources_data_source_ios.h"
26 #include "ios/web/webui/url_data_source_ios_impl.h"
27 #include "net/base/io_buffer.h"
28 #include "net/base/net_errors.h"
29 #include "net/http/http_response_headers.h"
30 #include "net/http/http_status_code.h"
31 #include "net/url_request/url_request.h"
32 #include "net/url_request/url_request_context.h"
33 #include "net/url_request/url_request_job.h"
34 #include "net/url_request/url_request_job_factory.h"
35 #include "url/url_util.h"
36
37 using web::WebThread;
38
39 namespace web {
40
41 namespace {
42
43 // TODO(tsepez) remove unsafe-eval when bidichecker_packaged.js fixed.
44 const char kChromeURLContentSecurityPolicyHeaderBase[] =
45 "Content-Security-Policy: script-src chrome://resources "
46 "'self' 'unsafe-eval'; ";
47
48 const char kChromeURLXFrameOptionsHeader[] = "X-Frame-Options: DENY";
49
50 bool SchemeIsInSchemes(const std::string& scheme,
51 const std::vector<std::string>& schemes) {
52 return std::find(schemes.begin(), schemes.end(), scheme) != schemes.end();
53 }
54
55 // Returns whether |url| passes some sanity checks and is a valid GURL.
56 bool CheckURLIsValid(const GURL& url) {
57 std::vector<std::string> additional_schemes;
58 DCHECK(GetWebClient()->IsAppSpecificURL(url) ||
59 (GetWebClient()->GetAdditionalWebUISchemes(&additional_schemes),
60 SchemeIsInSchemes(url.scheme(), additional_schemes)));
61
62 if (!url.is_valid()) {
63 NOTREACHED();
64 return false;
65 }
66
67 return true;
68 }
69
70 // Parse |url| to get the path which will be used to resolve the request. The
71 // path is the remaining portion after the scheme and hostname.
72 void URLToRequestPath(const GURL& url, std::string* path) {
73 const std::string& spec = url.possibly_invalid_spec();
74 const url::Parsed& parsed = url.parsed_for_possibly_invalid_spec();
75 // + 1 to skip the slash at the beginning of the path.
76 int offset = parsed.CountCharactersBefore(url::Parsed::PATH, false) + 1;
77
78 if (offset < static_cast<int>(spec.size()))
79 path->assign(spec.substr(offset));
80 }
81
82 } // namespace
83
84 // URLRequestChromeJob is a net::URLRequestJob that manages running
85 // chrome-internal resource requests asynchronously.
86 // It hands off URL requests to ChromeURLDataManagerIOS, which asynchronously
87 // calls back once the data is available.
88 class URLRequestChromeJob : public net::URLRequestJob {
89 public:
90 // |is_incognito| set when job is generated from an incognito profile.
91 URLRequestChromeJob(net::URLRequest* request,
92 net::NetworkDelegate* network_delegate,
93 BrowserState* browser_state,
94 bool is_incognito);
95
96 // net::URLRequestJob implementation.
97 void Start() override;
98 void Kill() override;
99 bool ReadRawData(net::IOBuffer* buf, int buf_size, int* bytes_read) override;
100 bool GetMimeType(std::string* mime_type) const override;
101 int GetResponseCode() const override;
102 void GetResponseInfo(net::HttpResponseInfo* info) override;
103
104 // Used to notify that the requested data's |mime_type| is ready.
105 void MimeTypeAvailable(const std::string& mime_type);
106
107 // Called by ChromeURLDataManagerIOS to notify us that the data blob is ready
108 // for us.
109 void DataAvailable(base::RefCountedMemory* bytes);
110
111 void set_mime_type(const std::string& mime_type) { mime_type_ = mime_type; }
112
113 void set_allow_caching(bool allow_caching) { allow_caching_ = allow_caching; }
114
115 void set_add_content_security_policy(bool add_content_security_policy) {
116 add_content_security_policy_ = add_content_security_policy;
117 }
118
119 void set_content_security_policy_object_source(const std::string& data) {
120 content_security_policy_object_source_ = data;
121 }
122
123 void set_content_security_policy_frame_source(const std::string& data) {
124 content_security_policy_frame_source_ = data;
125 }
126
127 void set_deny_xframe_options(bool deny_xframe_options) {
128 deny_xframe_options_ = deny_xframe_options;
129 }
130
131 void set_send_content_type_header(bool send_content_type_header) {
132 send_content_type_header_ = send_content_type_header;
133 }
134
135 // Returns true when job was generated from an incognito profile.
136 bool is_incognito() const { return is_incognito_; }
137
138 private:
139 friend class URLDataManagerIOSBackend;
140
141 ~URLRequestChromeJob() override;
142
143 // Do the actual copy from data_ (the data we're serving) into |buf|.
144 // Separate from ReadRawData so we can handle async I/O.
145 void CompleteRead(net::IOBuffer* buf, int buf_size, int* bytes_read);
146
147 // The actual data we're serving. NULL until it's been fetched.
148 scoped_refptr<base::RefCountedMemory> data_;
149 // The current offset into the data that we're handing off to our
150 // callers via the Read interfaces.
151 int data_offset_;
152
153 // For async reads, we keep around a pointer to the buffer that
154 // we're reading into.
155 scoped_refptr<net::IOBuffer> pending_buf_;
156 int pending_buf_size_;
157 std::string mime_type_;
158
159 // If true, set a header in the response to prevent it from being cached.
160 bool allow_caching_;
161
162 // If true, set the Content Security Policy (CSP) header.
163 bool add_content_security_policy_;
164
165 // These are used with the CSP.
166 std::string content_security_policy_object_source_;
167 std::string content_security_policy_frame_source_;
168
169 // If true, sets the "X-Frame-Options: DENY" header.
170 bool deny_xframe_options_;
171
172 // If true, sets the "Content-Type: <mime-type>" header.
173 bool send_content_type_header_;
174
175 // True when job is generated from an incognito profile.
176 const bool is_incognito_;
177
178 // The BrowserState with which this job is associated.
179 BrowserState* browser_state_;
180
181 // The backend is owned by the BrowserState and always outlives us. It is
182 // obtained from the BrowserState on the IO thread.
183 URLDataManagerIOSBackend* backend_;
184
185 base::WeakPtrFactory<URLRequestChromeJob> weak_factory_;
186
187 DISALLOW_COPY_AND_ASSIGN(URLRequestChromeJob);
188 };
189
190 URLRequestChromeJob::URLRequestChromeJob(
191 net::URLRequest* request,
192 net::NetworkDelegate* network_delegate,
193 BrowserState* browser_state,
194 bool is_incognito)
195 : net::URLRequestJob(request, network_delegate),
196 data_offset_(0),
197 pending_buf_size_(0),
198 allow_caching_(true),
199 add_content_security_policy_(true),
200 content_security_policy_object_source_("object-src 'none';"),
201 content_security_policy_frame_source_("frame-src 'none';"),
202 deny_xframe_options_(true),
203 send_content_type_header_(false),
204 is_incognito_(is_incognito),
205 browser_state_(browser_state),
206 backend_(NULL),
207 weak_factory_(this) {
208 DCHECK(browser_state_);
209 }
210
211 URLRequestChromeJob::~URLRequestChromeJob() {
212 if (backend_) {
213 CHECK(!backend_->HasPendingJob(this));
214 }
215 }
216
217 void URLRequestChromeJob::Start() {
218 TRACE_EVENT_ASYNC_BEGIN1("browser",
219 "DataManager:Request",
220 this,
221 "URL",
222 request_->url().possibly_invalid_spec());
223
224 if (!request_)
225 return;
226 DCHECK(browser_state_);
227
228 // Obtain the URLDataManagerIOSBackend instance that is associated with
229 // |browser_state_|. Note that this *must* be done on the IO thread.
230 backend_ = browser_state_->GetURLDataManagerIOSBackendOnIOThread();
231 DCHECK(backend_);
232
233 if (!backend_->StartRequest(request_, this)) {
234 NotifyStartError(net::URLRequestStatus(net::URLRequestStatus::FAILED,
235 net::ERR_INVALID_URL));
236 }
237 }
238
239 void URLRequestChromeJob::Kill() {
240 weak_factory_.InvalidateWeakPtrs();
241 if (backend_)
242 backend_->RemoveRequest(this);
243 URLRequestJob::Kill();
244 }
245
246 bool URLRequestChromeJob::GetMimeType(std::string* mime_type) const {
247 *mime_type = mime_type_;
248 return !mime_type_.empty();
249 }
250
251 int URLRequestChromeJob::GetResponseCode() const {
252 return net::HTTP_OK;
253 }
254
255 void URLRequestChromeJob::GetResponseInfo(net::HttpResponseInfo* info) {
256 DCHECK(!info->headers.get());
257 // Set the headers so that requests serviced by ChromeURLDataManagerIOS
258 // return a status code of 200. Without this they return a 0, which makes the
259 // status indistiguishable from other error types. Instant relies on getting
260 // a 200.
261 info->headers = new net::HttpResponseHeaders("HTTP/1.1 200 OK");
262
263 // Determine the least-privileged content security policy header, if any,
264 // that is compatible with a given WebUI URL, and append it to the existing
265 // response headers.
266 if (add_content_security_policy_) {
267 std::string base = kChromeURLContentSecurityPolicyHeaderBase;
268 base.append(content_security_policy_object_source_);
269 base.append(content_security_policy_frame_source_);
270 info->headers->AddHeader(base);
271 }
272
273 if (deny_xframe_options_)
274 info->headers->AddHeader(kChromeURLXFrameOptionsHeader);
275
276 if (!allow_caching_)
277 info->headers->AddHeader("Cache-Control: no-cache");
278
279 if (send_content_type_header_ && !mime_type_.empty()) {
280 std::string content_type = base::StringPrintf(
281 "%s:%s", net::HttpRequestHeaders::kContentType, mime_type_.c_str());
282 info->headers->AddHeader(content_type);
283 }
284 }
285
286 void URLRequestChromeJob::MimeTypeAvailable(const std::string& mime_type) {
287 set_mime_type(mime_type);
288 NotifyHeadersComplete();
289 }
290
291 void URLRequestChromeJob::DataAvailable(base::RefCountedMemory* bytes) {
292 TRACE_EVENT_ASYNC_END0("browser", "DataManager:Request", this);
293 if (bytes) {
294 // The request completed, and we have all the data.
295 // Clear any IO pending status.
296 SetStatus(net::URLRequestStatus());
297
298 data_ = bytes;
299 int bytes_read;
300 if (pending_buf_.get()) {
301 CHECK(pending_buf_->data());
302 CompleteRead(pending_buf_.get(), pending_buf_size_, &bytes_read);
303 pending_buf_ = NULL;
304 NotifyReadComplete(bytes_read);
305 }
306 } else {
307 // The request failed.
308 NotifyDone(
309 net::URLRequestStatus(net::URLRequestStatus::FAILED, net::ERR_FAILED));
310 }
311 }
312
313 bool URLRequestChromeJob::ReadRawData(net::IOBuffer* buf,
314 int buf_size,
315 int* bytes_read) {
316 if (!data_.get()) {
317 SetStatus(net::URLRequestStatus(net::URLRequestStatus::IO_PENDING, 0));
318 DCHECK(!pending_buf_.get());
319 CHECK(buf->data());
320 pending_buf_ = buf;
321 pending_buf_size_ = buf_size;
322 return false; // Tell the caller we're still waiting for data.
323 }
324
325 // Otherwise, the data is available.
326 CompleteRead(buf, buf_size, bytes_read);
327 return true;
328 }
329
330 void URLRequestChromeJob::CompleteRead(net::IOBuffer* buf,
331 int buf_size,
332 int* bytes_read) {
333 // http://crbug.com/373841
334 char url_buf[128];
335 base::strlcpy(url_buf, request_->url().spec().c_str(), arraysize(url_buf));
336 base::debug::Alias(url_buf);
337
338 int remaining = static_cast<int>(data_->size()) - data_offset_;
339 if (buf_size > remaining)
340 buf_size = remaining;
341 if (buf_size > 0) {
342 memcpy(buf->data(), data_->front() + data_offset_, buf_size);
343 data_offset_ += buf_size;
344 }
345 *bytes_read = buf_size;
346 }
347
348 namespace {
349
350 // Gets mime type for data that is available from |source| by |path|.
351 // After that, notifies |job| that mime type is available. This method
352 // should be called on the UI thread, but notification is performed on
353 // the IO thread.
354 void GetMimeTypeOnUI(URLDataSourceIOSImpl* source,
355 const std::string& path,
356 const base::WeakPtr<URLRequestChromeJob>& job) {
357 DCHECK_CURRENTLY_ON_WEB_THREAD(WebThread::UI);
358 std::string mime_type = source->source()->GetMimeType(path);
359 WebThread::PostTask(
360 WebThread::IO, FROM_HERE,
361 base::Bind(&URLRequestChromeJob::MimeTypeAvailable, job, mime_type));
362 }
363
364 } // namespace
365
366 namespace {
367
368 class ChromeProtocolHandler
369 : public net::URLRequestJobFactory::ProtocolHandler {
370 public:
371 // |is_incognito| should be set for incognito profiles.
372 ChromeProtocolHandler(BrowserState* browser_state,
373 bool is_incognito)
374 : browser_state_(browser_state), is_incognito_(is_incognito) {}
375 ~ChromeProtocolHandler() override {}
376
377 net::URLRequestJob* MaybeCreateJob(
378 net::URLRequest* request,
379 net::NetworkDelegate* network_delegate) const override {
380 DCHECK(request);
381
382 return new URLRequestChromeJob(
383 request, network_delegate, browser_state_, is_incognito_);
384 }
385
386 bool IsSafeRedirectTarget(const GURL& location) const override {
387 return false;
388 }
389
390 private:
391 BrowserState* browser_state_;
392
393 // True when generated from an incognito profile.
394 const bool is_incognito_;
395
396 DISALLOW_COPY_AND_ASSIGN(ChromeProtocolHandler);
397 };
398
399 } // namespace
400
401 URLDataManagerIOSBackend::URLDataManagerIOSBackend() : next_request_id_(0) {
402 URLDataSourceIOS* shared_source = new SharedResourcesDataSourceIOS();
403 URLDataSourceIOSImpl* source_impl =
404 new URLDataSourceIOSImpl(shared_source->GetSource(), shared_source);
405 AddDataSource(source_impl);
406 }
407
408 URLDataManagerIOSBackend::~URLDataManagerIOSBackend() {
409 for (DataSourceMap::iterator i = data_sources_.begin();
410 i != data_sources_.end();
411 ++i) {
412 i->second->backend_ = NULL;
413 }
414 data_sources_.clear();
415 }
416
417 // static
418 net::URLRequestJobFactory::ProtocolHandler*
419 URLDataManagerIOSBackend::CreateProtocolHandler(
420 BrowserState* browser_state) {
421 DCHECK(browser_state);
422 return new ChromeProtocolHandler(browser_state,
423 browser_state->IsOffTheRecord());
424 }
425
426 void URLDataManagerIOSBackend::AddDataSource(URLDataSourceIOSImpl* source) {
427 DCHECK_CURRENTLY_ON_WEB_THREAD(WebThread::IO);
428 DataSourceMap::iterator i = data_sources_.find(source->source_name());
429 if (i != data_sources_.end()) {
430 if (!source->source()->ShouldReplaceExistingSource())
431 return;
432 i->second->backend_ = NULL;
433 }
434 data_sources_[source->source_name()] = source;
435 source->backend_ = this;
436 }
437
438 bool URLDataManagerIOSBackend::HasPendingJob(URLRequestChromeJob* job) const {
439 for (PendingRequestMap::const_iterator i = pending_requests_.begin();
440 i != pending_requests_.end();
441 ++i) {
442 if (i->second == job)
443 return true;
444 }
445 return false;
446 }
447
448 bool URLDataManagerIOSBackend::StartRequest(const net::URLRequest* request,
449 URLRequestChromeJob* job) {
450 if (!CheckURLIsValid(request->url()))
451 return false;
452
453 URLDataSourceIOSImpl* source = GetDataSourceFromURL(request->url());
454 if (!source)
455 return false;
456
457 if (!source->source()->ShouldServiceRequest(request))
458 return false;
459
460 std::string path;
461 URLToRequestPath(request->url(), &path);
462 source->source()->WillServiceRequest(request, &path);
463
464 // Save this request so we know where to send the data.
465 RequestID request_id = next_request_id_++;
466 pending_requests_.insert(std::make_pair(request_id, job));
467
468 job->set_allow_caching(source->source()->AllowCaching());
469 job->set_add_content_security_policy(true);
470 job->set_content_security_policy_object_source(
471 source->source()->GetContentSecurityPolicyObjectSrc());
472 job->set_content_security_policy_frame_source("frame-src 'none';");
473 job->set_deny_xframe_options(source->source()->ShouldDenyXFrameOptions());
474 job->set_send_content_type_header(false);
475
476 // Forward along the request to the data source.
477 // URLRequestChromeJob should receive mime type before data. This
478 // is guaranteed because request for mime type is placed in the
479 // message loop before request for data. And correspondingly their
480 // replies are put on the IO thread in the same order.
481 base::MessageLoop* target_message_loop =
482 web::WebThread::UnsafeGetMessageLoopForThread(web::WebThread::UI);
483 target_message_loop->PostTask(
484 FROM_HERE,
485 base::Bind(&GetMimeTypeOnUI,
486 scoped_refptr<URLDataSourceIOSImpl>(source),
487 path,
488 job->weak_factory_.GetWeakPtr()));
489
490 target_message_loop->PostTask(
491 FROM_HERE,
492 base::Bind(&URLDataManagerIOSBackend::CallStartRequest,
493 make_scoped_refptr(source),
494 path,
495 request_id));
496 return true;
497 }
498
499 URLDataSourceIOSImpl* URLDataManagerIOSBackend::GetDataSourceFromURL(
500 const GURL& url) {
501 // The input usually looks like: chrome://source_name/extra_bits?foo
502 // so do a lookup using the host of the URL.
503 DataSourceMap::iterator i = data_sources_.find(url.host());
504 if (i != data_sources_.end())
505 return i->second.get();
506
507 // No match using the host of the URL, so do a lookup using the scheme for
508 // URLs on the form source_name://extra_bits/foo .
509 i = data_sources_.find(url.scheme() + "://");
510 if (i != data_sources_.end())
511 return i->second.get();
512
513 // No matches found, so give up.
514 return NULL;
515 }
516
517 void URLDataManagerIOSBackend::CallStartRequest(
518 scoped_refptr<URLDataSourceIOSImpl> source,
519 const std::string& path,
520 int request_id) {
521 source->source()->StartDataRequest(
522 path,
523 base::Bind(&URLDataSourceIOSImpl::SendResponse, source, request_id));
524 }
525
526 void URLDataManagerIOSBackend::RemoveRequest(URLRequestChromeJob* job) {
527 // Remove the request from our list of pending requests.
528 // If/when the source sends the data that was requested, the data will just
529 // be thrown away.
530 for (PendingRequestMap::iterator i = pending_requests_.begin();
531 i != pending_requests_.end();
532 ++i) {
533 if (i->second == job) {
534 pending_requests_.erase(i);
535 return;
536 }
537 }
538 }
539
540 void URLDataManagerIOSBackend::DataAvailable(RequestID request_id,
541 base::RefCountedMemory* bytes) {
542 // Forward this data on to the pending net::URLRequest, if it exists.
543 PendingRequestMap::iterator i = pending_requests_.find(request_id);
544 if (i != pending_requests_.end()) {
545 URLRequestChromeJob* job(i->second);
546 pending_requests_.erase(i);
547 job->DataAvailable(bytes);
548 }
549 }
550
551 } // namespace web