SafeBrowsing for Network Service: refactor the browser-side code.

This is a preparation for adding support for Android WebView: - moves some files from chrome/browser to components/safe_browsing/browser. - introduces UrlCheckerDelegate interface and moves chrome-specific logic into a subclass of UrlCheckerDelegate. Bug=715673 Change-Id: I7c7e440f5146e6b7928e71265e7d5657f2c5b295 Reviewed-on: https://chromium-review.googlesource.com/567586 Commit-Queue: Yuzhu Shen <yzshen@chromium.org> Reviewed-by: Varun Khaneja <vakh@chromium.org> Reviewed-by: John Abd-El-Malek <jam@chromium.org> Cr-Commit-Position: refs/heads/master@{#487644}

SafeBrowsing for Network Service: refactor the browser-side code.
This is a preparation for adding support for Android WebView: - moves some files from chrome/browser to components/safe_browsing/browser. - introduces UrlCheckerDelegate interface and moves chrome-specific logic into a subclass of UrlCheckerDelegate. Bug=715673 Change-Id: I7c7e440f5146e6b7928e71265e7d5657f2c5b295 Reviewed-on: https://chromium-review.googlesource.com/567586 Commit-Queue: Yuzhu Shen <yzshen@chromium.org> Reviewed-by: Varun Khaneja <vakh@chromium.org> Reviewed-by: John Abd-El-Malek <jam@chromium.org> Cr-Commit-Position: refs/heads/master@{#487644}
44094e25 · Yuzhu Shen · Commit Bot · cfbec4b3 · 44094e25 · 44094e25
Commit 44094e25 authored Jul 18, 2017 by Yuzhu Shen Committed by Commit Bot Jul 18, 2017
16 changed files
--- a/chrome/browser/chrome_content_browser_client.cc
+++ b/chrome/browser/chrome_content_browser_client.cc
@@ -73,11 +73,11 @@
 #include "chrome/browser/renderer_host/chrome_render_message_filter.h"
 #include "chrome/browser/renderer_host/pepper/chrome_browser_pepper_host_factory.h"
 #include "chrome/browser/resource_coordinator/background_tab_navigation_throttle.h"
-#include "chrome/browser/safe_browsing/browser_url_loader_throttle.h"
 #include "chrome/browser/safe_browsing/certificate_reporting_service.h"
 #include "chrome/browser/safe_browsing/certificate_reporting_service_factory.h"
-#include "chrome/browser/safe_browsing/mojo_safe_browsing_impl.h"
 #include "chrome/browser/safe_browsing/safe_browsing_service.h"
+#include "chrome/browser/safe_browsing/ui_manager.h"
+#include "chrome/browser/safe_browsing/url_checker_delegate_impl.h"
 #include "chrome/browser/search/instant_service.h"
 #include "chrome/browser/search/instant_service_factory.h"
 #include "chrome/browser/search/search.h"
@@ -147,7 +147,11 @@
 #include "components/rappor/public/rappor_utils.h"
 #include "components/rappor/rappor_recorder_impl.h"
 #include "components/rappor/rappor_service_impl.h"
+#include "components/safe_browsing/browser/browser_url_loader_throttle.h"
+#include "components/safe_browsing/browser/mojo_safe_browsing_impl.h"
+#include "components/safe_browsing/browser/url_checker_delegate.h"
 #include "components/safe_browsing/common/safe_browsing_prefs.h"
+#include "components/safe_browsing_db/database_manager.h"
 #include "components/security_interstitials/core/ssl_error_ui.h"
 #include "components/signin/core/common/profile_management_switches.h"
 #include "components/spellcheck/spellcheck_build_features.h"
@@ -2863,10 +2867,12 @@ void ChromeContentBrowserClient::ExposeInterfacesToRenderer(
  if (base::FeatureList::IsEnabled(features::kNetworkService)) {
    registry->AddInterface(
-        base::Bind(&safe_browsing::MojoSafeBrowsingImpl::Create,
+        base::Bind(
-                   safe_browsing_service_->database_manager(),
+            &safe_browsing::MojoSafeBrowsingImpl::MaybeCreate,
-                   safe_browsing_service_->ui_manager(),
+            render_process_host->GetID(),
-                   render_process_host->GetID()),
+            base::Bind(
+                &ChromeContentBrowserClient::GetSafeBrowsingUrlCheckerDelegate,
+                base::Unretained(this))),
        BrowserThread::GetTaskRunnerForThread(BrowserThread::IO));
  }
@@ -3373,9 +3379,13 @@ ChromeContentBrowserClient::CreateURLLoaderThrottles(
  DCHECK(base::FeatureList::IsEnabled(features::kNetworkService));
  std::vector<std::unique_ptr<content::URLLoaderThrottle>> result;
-  result.push_back(base::MakeUnique<safe_browsing::BrowserURLLoaderThrottle>(
-      safe_browsing_service_->database_manager(),
+  auto safe_browsing_throttle =
-      safe_browsing_service_->ui_manager(), wc_getter));
+      safe_browsing::BrowserURLLoaderThrottle::MaybeCreate(
+          GetSafeBrowsingUrlCheckerDelegate(), wc_getter);
+  if (safe_browsing_throttle)
+    result.push_back(std::move(safe_browsing_throttle));
  return result;
 }
@@ -3431,3 +3441,18 @@ void ChromeContentBrowserClient::SetDefaultQuotaSettingsForTesting(
    const storage::QuotaSettings* settings) {
  g_default_quota_settings = settings;
 }
+safe_browsing::UrlCheckerDelegate*
+ChromeContentBrowserClient::GetSafeBrowsingUrlCheckerDelegate() {
+  DCHECK_CURRENTLY_ON(BrowserThread::IO);
+  // |safe_browsing_service_| may be unavailable in tests.
+  if (safe_browsing_service_ && !safe_browsing_url_checker_delegate_) {
+    safe_browsing_url_checker_delegate_ =
+        new safe_browsing::UrlCheckerDelegateImpl(
+            safe_browsing_service_->database_manager(),
+            safe_browsing_service_->ui_manager());
+  }
+  return safe_browsing_url_checker_delegate_.get();
+}
--- a/chrome/browser/chrome_content_browser_client.h
+++ b/chrome/browser/chrome_content_browser_client.h
@@ -43,6 +43,7 @@ class QuotaPermissionContext;
 namespace safe_browsing {
 class SafeBrowsingService;
+class UrlCheckerDelegate;
 }
 namespace user_prefs {
@@ -380,6 +381,8 @@ class ChromeContentBrowserClient : public content::ContentBrowserClient {
  static void SetDefaultQuotaSettingsForTesting(
      const storage::QuotaSettings *settings);
+  safe_browsing::UrlCheckerDelegate* GetSafeBrowsingUrlCheckerDelegate();
 #if BUILDFLAG(ENABLE_PLUGINS)
  // Set of origins that can use TCP/UDP private APIs from NaCl.
  std::set<std::string> allowed_socket_origins_;
@@ -397,6 +400,8 @@ class ChromeContentBrowserClient : public content::ContentBrowserClient {
  service_manager::BinderRegistry gpu_binder_registry_;
  scoped_refptr<safe_browsing::SafeBrowsingService> safe_browsing_service_;
+  scoped_refptr<safe_browsing::UrlCheckerDelegate>
+      safe_browsing_url_checker_delegate_;
  std::unique_ptr<service_manager::BinderRegistry> frame_interfaces_;
  std::unique_ptr<

--- a/chrome/browser/safe_browsing/BUILD.gn
+++ b/chrome/browser/safe_browsing/BUILD.gn
@@ -13,8 +13,6 @@ proto_library("chunk_proto") {
 static_library("safe_browsing") {
  sources = [
-    "browser_url_loader_throttle.cc",
-    "browser_url_loader_throttle.h",
    "chrome_cleaner/chrome_cleaner_controller_win.cc",
    "chrome_cleaner/chrome_cleaner_controller_win.h",
    "chrome_cleaner/chrome_cleaner_fetcher_win.cc",
@@ -37,12 +35,10 @@ static_library("safe_browsing") {
    "chrome_cleaner/srt_field_trial_win.h",
    "chrome_cleaner/srt_global_error_win.cc",
    "chrome_cleaner/srt_global_error_win.h",
-    "mojo_safe_browsing_impl.cc",
-    "mojo_safe_browsing_impl.h",
    "safe_browsing_tab_observer.cc",
    "safe_browsing_tab_observer.h",
-    "safe_browsing_url_checker_impl.cc",
+    "url_checker_delegate_impl.cc",
-    "safe_browsing_url_checker_impl.h",
+    "url_checker_delegate_impl.h",
  ]
  deps = [

--- a/chrome/browser/safe_browsing/url_checker_delegate_impl.cc
+++ b/chrome/browser/safe_browsing/url_checker_delegate_impl.cc
+// Copyright 2017 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+#include "chrome/browser/safe_browsing/url_checker_delegate_impl.h"
+#include "base/bind.h"
+#include "chrome/browser/prerender/prerender_contents.h"
+#include "chrome/browser/prerender/prerender_final_status.h"
+#include "chrome/browser/safe_browsing/ui_manager.h"
+#include "components/safe_browsing_db/database_manager.h"
+#include "components/safe_browsing_db/v4_protocol_manager_util.h"
+#include "content/public/browser/browser_thread.h"
+#include "content/public/browser/web_contents.h"
+namespace safe_browsing {
+namespace {
+// Destroys the prerender contents associated with the web_contents, if any.
+void DestroyPrerenderContents(
+    const base::Callback<content::WebContents*()>& web_contents_getter) {
+  content::WebContents* web_contents = web_contents_getter.Run();
+  if (web_contents) {
+    prerender::PrerenderContents* prerender_contents =
+        prerender::PrerenderContents::FromWebContents(web_contents);
+    if (prerender_contents)
+      prerender_contents->Destroy(prerender::FINAL_STATUS_SAFE_BROWSING);
+  }
+}
+void StartDisplayingBlockingPage(
+    scoped_refptr<BaseUIManager> ui_manager,
+    const security_interstitials::UnsafeResource& resource) {
+  content::WebContents* web_contents = resource.web_contents_getter.Run();
+  if (web_contents) {
+    prerender::PrerenderContents* prerender_contents =
+        prerender::PrerenderContents::FromWebContents(web_contents);
+    if (prerender_contents) {
+      prerender_contents->Destroy(prerender::FINAL_STATUS_SAFE_BROWSING);
+    } else {
+      ui_manager->DisplayBlockingPage(resource);
+      return;
+    }
+  }
+  // Tab is gone or it's being prerendered.
+  content::BrowserThread::PostTask(content::BrowserThread::IO, FROM_HERE,
+                                   base::Bind(resource.callback, false));
+}
+}  // namespace
+UrlCheckerDelegateImpl::UrlCheckerDelegateImpl(
+    scoped_refptr<SafeBrowsingDatabaseManager> database_manager,
+    scoped_refptr<SafeBrowsingUIManager> ui_manager)
+    : database_manager_(std::move(database_manager)),
+      ui_manager_(std::move(ui_manager)),
+      threat_types_(
+          CreateSBThreatTypeSet({safe_browsing::SB_THREAT_TYPE_URL_MALWARE,
+                                 safe_browsing::SB_THREAT_TYPE_URL_PHISHING,
+                                 safe_browsing::SB_THREAT_TYPE_URL_UNWANTED})) {
+}
+UrlCheckerDelegateImpl::~UrlCheckerDelegateImpl() = default;
+void UrlCheckerDelegateImpl::MaybeDestroyPrerenderContents(
+    const base::Callback<content::WebContents*()>& web_contents_getter) {
+  // Destroy the prefetch with FINAL_STATUS_SAFEBROSWING.
+  content::BrowserThread::PostTask(
+      content::BrowserThread::UI, FROM_HERE,
+      base::BindOnce(&DestroyPrerenderContents, web_contents_getter));
+}
+void UrlCheckerDelegateImpl::StartDisplayingBlockingPageHelper(
+    const security_interstitials::UnsafeResource& resource) {
+  content::BrowserThread::PostTask(
+      content::BrowserThread::UI, FROM_HERE,
+      base::BindOnce(&StartDisplayingBlockingPage, ui_manager_, resource));
+}
+const SBThreatTypeSet& UrlCheckerDelegateImpl::GetThreatTypes() {
+  return threat_types_;
+}
+SafeBrowsingDatabaseManager* UrlCheckerDelegateImpl::GetDatabaseManager() {
+  return database_manager_.get();
+}
+BaseUIManager* UrlCheckerDelegateImpl::GetUIManager() {
+  return ui_manager_.get();
+}
+}  // namespace safe_browsing
--- a/chrome/browser/safe_browsing/url_checker_delegate_impl.h
+++ b/chrome/browser/safe_browsing/url_checker_delegate_impl.h
+// Copyright 2017 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+#ifndef CHROME_BROWSER_SAFE_BROWSING_URL_CHECKER_DELEGATE_IMPL_H_
+#define CHROME_BROWSER_SAFE_BROWSING_URL_CHECKER_DELEGATE_IMPL_H_
+#include "base/macros.h"
+#include "base/memory/ref_counted.h"
+#include "components/safe_browsing/browser/url_checker_delegate.h"
+namespace safe_browsing {
+class SafeBrowsingUIManager;
+class UrlCheckerDelegateImpl : public UrlCheckerDelegate {
+ public:
+  UrlCheckerDelegateImpl(
+      scoped_refptr<SafeBrowsingDatabaseManager> database_manager,
+      scoped_refptr<SafeBrowsingUIManager> ui_manager);
+ private:
+  ~UrlCheckerDelegateImpl() override;
+  // Implementation of UrlCheckerDelegate:
+  void MaybeDestroyPrerenderContents(
+      const base::Callback<content::WebContents*()>& web_contents_getter)
+      override;
+  void StartDisplayingBlockingPageHelper(
+      const security_interstitials::UnsafeResource& resource) override;
+  const SBThreatTypeSet& GetThreatTypes() override;
+  SafeBrowsingDatabaseManager* GetDatabaseManager() override;
+  BaseUIManager* GetUIManager() override;
+  scoped_refptr<SafeBrowsingDatabaseManager> database_manager_;
+  scoped_refptr<SafeBrowsingUIManager> ui_manager_;
+  SBThreatTypeSet threat_types_;
+  DISALLOW_COPY_AND_ASSIGN(UrlCheckerDelegateImpl);
+};
+}  // namespace safe_browsing
+#endif  // CHROME_BROWSER_SAFE_BROWSING_URL_CHECKER_DELEGATE_IMPL_H_
--- a/components/safe_browsing/DEPS
+++ b/components/safe_browsing/DEPS
@@ -6,6 +6,7 @@ include_rules = [
  "+content/public/browser",
  "+content/public/common",
  "+google_apis",
+  "+mojo/public/cpp",
  "+net/base",
  "+net/log",
  "+net/traffic_annotation",

--- a/components/safe_browsing/browser/BUILD.gn
+++ b/components/safe_browsing/browser/BUILD.gn
@@ -6,6 +6,12 @@ import("//build/config/features.gni")
 source_set("browser") {
  sources = [
+    "browser_url_loader_throttle.cc",
+    "browser_url_loader_throttle.h",
+    "mojo_safe_browsing_impl.cc",
+    "mojo_safe_browsing_impl.h",
+    "safe_browsing_url_checker_impl.cc",
+    "safe_browsing_url_checker_impl.h",
    "safe_browsing_url_request_context_getter.cc",
    "safe_browsing_url_request_context_getter.h",
    "threat_details.cc",
@@ -14,6 +20,7 @@ source_set("browser") {
    "threat_details_cache.h",
    "threat_details_history.cc",
    "threat_details_history.h",
+    "url_checker_delegate.h",
  ]
  deps = [
@@ -22,6 +29,7 @@ source_set("browser") {
    "//components/safe_browsing:csd_proto",
    "//components/safe_browsing:safe_browsing",
    "//components/safe_browsing/common:common",
+    "//components/safe_browsing_db:database_manager",
    "//components/security_interstitials/content:security_interstitial_page",
    "//content/public/browser:browser",
    "//net:extras",

--- a/components/safe_browsing/browser/DEPS
+++ b/components/safe_browsing/browser/DEPS
@@ -2,9 +2,10 @@ include_rules = [
  "+components/history/core/browser",
  "+components/safe_browsing/csd.pb.h",
  "+content/public/browser",
+  "+ipc/ipc_message.h",
  "+net/cookies",
  "+net/extras",
  "+net/http",
  "+net/ssl",
  "+net/traffic_annotation",
 ]
\ No newline at end of file
--- a/chrome/browser/safe_browsing/browser_url_loader_throttle.cc
+++ b/chrome/browser/safe_browsing/browser_url_loader_throttle.cc
@@ -2,22 +2,33 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
-#include "chrome/browser/safe_browsing/browser_url_loader_throttle.h"
+#include "components/safe_browsing/browser/browser_url_loader_throttle.h"
 #include "base/logging.h"
-#include "chrome/browser/safe_browsing/safe_browsing_url_checker_impl.h"
+#include "components/safe_browsing/browser/safe_browsing_url_checker_impl.h"
-#include "chrome/browser/safe_browsing/ui_manager.h"
+#include "components/safe_browsing/browser/url_checker_delegate.h"
-#include "components/safe_browsing_db/database_manager.h"
 #include "net/url_request/redirect_info.h"
 namespace safe_browsing {
+// static
+std::unique_ptr<BrowserURLLoaderThrottle> BrowserURLLoaderThrottle::MaybeCreate(
+    scoped_refptr<UrlCheckerDelegate> url_checker_delegate,
+    const base::Callback<content::WebContents*()>& web_contents_getter) {
+  if (!url_checker_delegate ||
+      !url_checker_delegate->GetDatabaseManager()->IsSupported()) {
+    return nullptr;
+  }
+  return base::WrapUnique<BrowserURLLoaderThrottle>(
+      new BrowserURLLoaderThrottle(std::move(url_checker_delegate),
+                                   web_contents_getter));
+}
 BrowserURLLoaderThrottle::BrowserURLLoaderThrottle(
-    scoped_refptr<SafeBrowsingDatabaseManager> database_manager,
+    scoped_refptr<UrlCheckerDelegate> url_checker_delegate,
-    scoped_refptr<SafeBrowsingUIManager> ui_manager,
    const base::Callback<content::WebContents*()>& web_contents_getter)
-    : database_manager_(database_manager),
+    : url_checker_delegate_(std::move(url_checker_delegate)),
-      ui_manager_(ui_manager),
      web_contents_getter_(web_contents_getter) {}
 BrowserURLLoaderThrottle::~BrowserURLLoaderThrottle() = default;
@@ -33,8 +44,8 @@ void BrowserURLLoaderThrottle::WillStartRequest(
  pending_checks_++;
  url_checker_ = base::MakeUnique<SafeBrowsingUrlCheckerImpl>(
-      load_flags, resource_type, std::move(database_manager_),
+      load_flags, resource_type, std::move(url_checker_delegate_),
-      std::move(ui_manager_), web_contents_getter_);
+      web_contents_getter_);
  url_checker_->CheckUrl(
      url, base::BindOnce(&BrowserURLLoaderThrottle::OnCheckUrlResult,
                          base::Unretained(this)));

--- a/chrome/browser/safe_browsing/browser_url_loader_throttle.h
+++ b/chrome/browser/safe_browsing/browser_url_loader_throttle.h
@@ -2,8 +2,8 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
-#ifndef CHROME_BROWSER_SAFE_BROWSING_BROWSER_URL_LOADER_THROTTLE_H_
+#ifndef COMPONENTS_SAFE_BROWSING_BROWSER_BROWSER_URL_LOADER_THROTTLE_H_
-#define CHROME_BROWSER_SAFE_BROWSING_BROWSER_URL_LOADER_THROTTLE_H_
+#define COMPONENTS_SAFE_BROWSING_BROWSER_BROWSER_URL_LOADER_THROTTLE_H_
 #include <memory>
@@ -18,8 +18,7 @@ class WebContents;
 namespace safe_browsing {
-class SafeBrowsingDatabaseManager;
+class UrlCheckerDelegate;
-class SafeBrowsingUIManager;
 class SafeBrowsingUrlCheckerImpl;
 // BrowserURLLoaderThrottle is used in the browser process to query
@@ -29,12 +28,10 @@ class SafeBrowsingUrlCheckerImpl;
 // Used when --enable-network-service is in effect.
 class BrowserURLLoaderThrottle : public content::URLLoaderThrottle {
 public:
-  // |web_contents_getter| is used for displaying SafeBrowsing UI when
+  static std::unique_ptr<BrowserURLLoaderThrottle> MaybeCreate(
-  // necessary.
+      scoped_refptr<UrlCheckerDelegate> url_checker_delegate,
-  BrowserURLLoaderThrottle(
-      scoped_refptr<SafeBrowsingDatabaseManager> database_manager,
-      scoped_refptr<SafeBrowsingUIManager> ui_manager,
      const base::Callback<content::WebContents*()>& web_contents_getter);
  ~BrowserURLLoaderThrottle() override;
  // content::URLLoaderThrottle implementation.
@@ -47,11 +44,16 @@ class BrowserURLLoaderThrottle : public content::URLLoaderThrottle {
  void WillProcessResponse(bool* defer) override;
 private:
+  // |web_contents_getter| is used for displaying SafeBrowsing UI when
+  // necessary.
+  BrowserURLLoaderThrottle(
+      scoped_refptr<UrlCheckerDelegate> url_checker_delegate,
+      const base::Callback<content::WebContents*()>& web_contents_getter);
  void OnCheckUrlResult(bool safe);
-  // The following two members stay valid until |url_checker_| is created.
+  // The following member stays valid until |url_checker_| is created.
-  scoped_refptr<SafeBrowsingDatabaseManager> database_manager_;
+  scoped_refptr<UrlCheckerDelegate> url_checker_delegate_;
-  scoped_refptr<SafeBrowsingUIManager> ui_manager_;
  base::Callback<content::WebContents*()> web_contents_getter_;
@@ -65,4 +67,4 @@ class BrowserURLLoaderThrottle : public content::URLLoaderThrottle {
 }  // namespace safe_browsing
-#endif  // CHROME_BROWSER_SAFE_BROWSING_BROWSER_URL_LOADER_THROTTLE_H_
+#endif  // COMPONENTS_SAFE_BROWSING_BROWSER_BROWSER_URL_LOADER_THROTTLE_H_
--- a/chrome/browser/safe_browsing/mojo_safe_browsing_impl.cc
+++ b/chrome/browser/safe_browsing/mojo_safe_browsing_impl.cc
@@ -2,15 +2,12 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
-#include "chrome/browser/safe_browsing/mojo_safe_browsing_impl.h"
+#include "components/safe_browsing/browser/mojo_safe_browsing_impl.h"
 #include <vector>
 #include "base/memory/ptr_util.h"
-#include "chrome/browser/safe_browsing/safe_browsing_url_checker_impl.h"
+#include "components/safe_browsing/browser/safe_browsing_url_checker_impl.h"
-#include "chrome/browser/safe_browsing/ui_manager.h"
-#include "components/safe_browsing_db/database_manager.h"
-#include "components/safe_browsing_db/v4_protocol_manager_util.h"
 #include "content/public/browser/browser_thread.h"
 #include "content/public/browser/render_frame_host.h"
 #include "content/public/browser/web_contents.h"
@@ -54,28 +51,29 @@ class BooleanCallbackWrapper {
 }  // namespace
 MojoSafeBrowsingImpl::MojoSafeBrowsingImpl(
-    scoped_refptr<SafeBrowsingDatabaseManager> database_manager,
+    scoped_refptr<UrlCheckerDelegate> delegate,
-    scoped_refptr<SafeBrowsingUIManager> ui_manager,
    int render_process_id)
-    : database_manager_(std::move(database_manager)),
+    : delegate_(std::move(delegate)), render_process_id_(render_process_id) {}
-      ui_manager_(std::move(ui_manager)),
-      render_process_id_(render_process_id) {}
 MojoSafeBrowsingImpl::~MojoSafeBrowsingImpl() {
  DCHECK_CURRENTLY_ON(content::BrowserThread::IO);
 }
 // static
-void MojoSafeBrowsingImpl::Create(
+void MojoSafeBrowsingImpl::MaybeCreate(
-    scoped_refptr<SafeBrowsingDatabaseManager> database_manager,
-    scoped_refptr<SafeBrowsingUIManager> ui_manager,
    int render_process_id,
+    const base::Callback<UrlCheckerDelegate*()>& delegate_getter,
    const service_manager::BindSourceInfo& source_info,
    mojom::SafeBrowsingRequest request) {
  DCHECK_CURRENTLY_ON(content::BrowserThread::IO);
-  mojo::MakeStrongBinding(base::MakeUnique<MojoSafeBrowsingImpl>(
-                              std::move(database_manager),
+  scoped_refptr<UrlCheckerDelegate> delegate = delegate_getter.Run();
-                              std::move(ui_manager), render_process_id),
+  if (!delegate || !delegate->GetDatabaseManager()->IsSupported())
+    return;
+  mojo::MakeStrongBinding(base::WrapUnique(new MojoSafeBrowsingImpl(
+                              std::move(delegate), render_process_id)),
                          std::move(request));
 }
@@ -88,8 +86,7 @@ void MojoSafeBrowsingImpl::CreateCheckerAndCheck(
    CreateCheckerAndCheckCallback callback) {
  DCHECK_CURRENTLY_ON(content::BrowserThread::IO);
  auto checker_impl = base::MakeUnique<SafeBrowsingUrlCheckerImpl>(
-      static_cast<int>(load_flags), resource_type, database_manager_,
+      static_cast<int>(load_flags), resource_type, delegate_,
-      ui_manager_,
      base::Bind(&GetWebContentsFromID, render_process_id_,
                 static_cast<int>(render_frame_id)));

--- a/chrome/browser/safe_browsing/mojo_safe_browsing_impl.h
+++ b/chrome/browser/safe_browsing/mojo_safe_browsing_impl.h
@@ -2,14 +2,13 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
-#ifndef CHROME_BROWSER_SAFE_BROWSING_MOJO_SAFE_BROWSING_IMPL_H_
+#ifndef COMPONENTS_SAFE_BROWSING_BROWSER_MOJO_SAFE_BROWSING_IMPL_H_
-#define CHROME_BROWSER_SAFE_BROWSING_MOJO_SAFE_BROWSING_IMPL_H_
+#define COMPONENTS_SAFE_BROWSING_BROWSER_MOJO_SAFE_BROWSING_IMPL_H_
 #include "base/macros.h"
 #include "base/memory/ref_counted.h"
-#include "chrome/browser/safe_browsing/ui_manager.h"
+#include "components/safe_browsing/browser/url_checker_delegate.h"
 #include "components/safe_browsing/common/safe_browsing.mojom.h"
-#include "components/safe_browsing_db/database_manager.h"
 #include "ipc/ipc_message.h"
 namespace service_manager {
@@ -22,20 +21,18 @@ namespace safe_browsing {
 // SafeBrowsing URL checks.
 class MojoSafeBrowsingImpl : public mojom::SafeBrowsing {
 public:
-  MojoSafeBrowsingImpl(
-      scoped_refptr<SafeBrowsingDatabaseManager> database_manager,
-      scoped_refptr<SafeBrowsingUIManager> ui_manager,
-      int render_process_id);
  ~MojoSafeBrowsingImpl() override;
-  static void Create(
+  static void MaybeCreate(
-      scoped_refptr<SafeBrowsingDatabaseManager> database_manager,
-      scoped_refptr<SafeBrowsingUIManager> ui_manager,
      int render_process_id,
+      const base::Callback<UrlCheckerDelegate*()>& delegate_getter,
      const service_manager::BindSourceInfo& source_info,
      mojom::SafeBrowsingRequest request);
 private:
+  MojoSafeBrowsingImpl(scoped_refptr<UrlCheckerDelegate> delegate,
+                       int render_process_id);
  // mojom::SafeBrowsing implementation.
  void CreateCheckerAndCheck(int32_t render_frame_id,
                             mojom::SafeBrowsingUrlCheckerRequest request,
@@ -44,8 +41,7 @@ class MojoSafeBrowsingImpl : public mojom::SafeBrowsing {
                             content::ResourceType resource_type,
                             CreateCheckerAndCheckCallback callback) override;
-  scoped_refptr<SafeBrowsingDatabaseManager> database_manager_;
+  scoped_refptr<UrlCheckerDelegate> delegate_;
-  scoped_refptr<SafeBrowsingUIManager> ui_manager_;
  int render_process_id_ = MSG_ROUTING_NONE;
  DISALLOW_COPY_AND_ASSIGN(MojoSafeBrowsingImpl);
@@ -53,4 +49,4 @@ class MojoSafeBrowsingImpl : public mojom::SafeBrowsing {
 }  // namespace safe_browsing
-#endif  // CHROME_BROWSER_SAFE_BROWSING_MOJO_SAFE_BROWSING_IMPL_H_
+#endif  // COMPONENTS_SAFE_BROWSING_BROWSER_MOJO_SAFE_BROWSING_IMPL_H_
--- a/chrome/browser/safe_browsing/safe_browsing_url_checker_impl.cc
+++ b/chrome/browser/safe_browsing/safe_browsing_url_checker_impl.cc
@@ -2,11 +2,10 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
-#include "chrome/browser/safe_browsing/safe_browsing_url_checker_impl.h"
+#include "components/safe_browsing/browser/safe_browsing_url_checker_impl.h"
-#include "chrome/browser/prerender/prerender_contents.h"
+#include "components/safe_browsing/browser/url_checker_delegate.h"
-#include "chrome/browser/safe_browsing/ui_manager.h"
+#include "components/security_interstitials/content/unsafe_resource.h"
-#include "components/safe_browsing_db/v4_protocol_manager_util.h"
 #include "content/public/browser/browser_thread.h"
 #include "content/public/browser/web_contents.h"
 #include "net/base/load_flags.h"
@@ -25,14 +24,13 @@ const int kCheckUrlTimeoutMs = 5000;
 SafeBrowsingUrlCheckerImpl::SafeBrowsingUrlCheckerImpl(
    int load_flags,
    content::ResourceType resource_type,
-    scoped_refptr<SafeBrowsingDatabaseManager> database_manager,
+    scoped_refptr<UrlCheckerDelegate> url_checker_delegate,
-    scoped_refptr<SafeBrowsingUIManager> ui_manager,
    const base::Callback<content::WebContents*()>& web_contents_getter)
    : load_flags_(load_flags),
      resource_type_(resource_type),
      web_contents_getter_(web_contents_getter),
-      database_manager_(std::move(database_manager)),
+      url_checker_delegate_(std::move(url_checker_delegate)),
-      ui_manager_(std::move(ui_manager)),
+      database_manager_(url_checker_delegate_->GetDatabaseManager()),
      weak_factory_(this) {}
 SafeBrowsingUrlCheckerImpl::~SafeBrowsingUrlCheckerImpl() {
@@ -71,8 +69,10 @@ void SafeBrowsingUrlCheckerImpl::OnCheckBrowseUrlResult(
  }
  if (load_flags_ & net::LOAD_PREFETCH) {
-    // TODO(yzshen): Destroy prerender contents if necessary.
+    // Destroy the prefetch with FINAL_STATUS_SAFEBROSWING.
+    if (resource_type_ == content::RESOURCE_TYPE_MAIN_FRAME)
+      url_checker_delegate_->MaybeDestroyPrerenderContents(
+          web_contents_getter_);
    BlockAndProcessUrls();
    return;
  }
@@ -95,35 +95,7 @@ void SafeBrowsingUrlCheckerImpl::OnCheckBrowseUrlResult(
  resource.threat_source = database_manager_->GetThreatSource();
  state_ = STATE_DISPLAYING_BLOCKING_PAGE;
+  url_checker_delegate_->StartDisplayingBlockingPageHelper(resource);
-  content::BrowserThread::PostTask(
-      content::BrowserThread::UI, FROM_HERE,
-      base::BindOnce(&SafeBrowsingUrlCheckerImpl::StartDisplayingBlockingPage,
-                     weak_factory_.GetWeakPtr(), ui_manager_, resource));
-}
-// static
-void SafeBrowsingUrlCheckerImpl::StartDisplayingBlockingPage(
-    const base::WeakPtr<SafeBrowsingUrlCheckerImpl>& checker,
-    scoped_refptr<BaseUIManager> ui_manager,
-    const security_interstitials::UnsafeResource& resource) {
-  content::WebContents* web_contents = resource.web_contents_getter.Run();
-  if (web_contents) {
-    prerender::PrerenderContents* prerender_contents =
-        prerender::PrerenderContents::FromWebContents(web_contents);
-    if (prerender_contents) {
-      prerender_contents->Destroy(prerender::FINAL_STATUS_SAFE_BROWSING);
-    } else {
-      ui_manager->DisplayBlockingPage(resource);
-      return;
-    }
-  }
-  // Tab is gone or it's being prerendered.
-  content::BrowserThread::PostTask(
-      content::BrowserThread::IO, FROM_HERE,
-      base::BindOnce(&SafeBrowsingUrlCheckerImpl::BlockAndProcessUrls,
-                     checker));
 }
 void SafeBrowsingUrlCheckerImpl::OnCheckUrlTimeout() {
@@ -146,14 +118,9 @@ void SafeBrowsingUrlCheckerImpl::ProcessUrls() {
    // TODO(yzshen): Consider moving CanCheckResourceType() to the renderer
    // side. That would save some IPCs. It requires a method on the
    // SafeBrowsing mojo interface to query all supported resource types.
-    // TODO(ricea):  SB_THREAT_TYPE_URL_UNWANTED should not be included for
-    // Android WebView.
    if (!database_manager_->CanCheckResourceType(resource_type_) ||
        database_manager_->CheckBrowseUrl(
-            urls_[next_index_],
+            urls_[next_index_], url_checker_delegate_->GetThreatTypes(),
-            CreateSBThreatTypeSet({SB_THREAT_TYPE_URL_PHISHING,
-                                   SB_THREAT_TYPE_URL_MALWARE,
-                                   SB_THREAT_TYPE_URL_UNWANTED}),
            this)) {
      std::move(callbacks_[next_index_]).Run(true);
      next_index_++;

--- a/chrome/browser/safe_browsing/safe_browsing_url_checker_impl.h
+++ b/chrome/browser/safe_browsing/safe_browsing_url_checker_impl.h
@@ -2,8 +2,8 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
-#ifndef CHROME_BROWSER_SAFE_BROWSING_SAFE_BROWSING_URL_CHECKER_IMPL_H_
+#ifndef COMPONENTS_SAFE_BROWSING_BROWSER_SAFE_BROWSING_URL_CHECKER_IMPL_H_
-#define CHROME_BROWSER_SAFE_BROWSING_SAFE_BROWSING_URL_CHECKER_IMPL_H_
+#define COMPONENTS_SAFE_BROWSING_BROWSER_SAFE_BROWSING_URL_CHECKER_IMPL_H_
 #include <vector>
@@ -20,14 +20,9 @@ namespace content {
 class WebContents;
 }
-namespace security_interstitials {
-struct UnsafeResource;
-}
 namespace safe_browsing {
-class SafeBrowsingUIManager;
+class UrlCheckerDelegate;
-class BaseUIManager;
 // A SafeBrowsingUrlCheckerImpl instance is used to perform SafeBrowsing check
 // for a URL and its redirect URLs. It implements Mojo interface so that it can
@@ -36,9 +31,6 @@ class BaseUIManager;
 // directly instead of through Mojo.
 // Used when --enable-network-service is in effect.
 //
-// TODO(yzshen): Handle the case where SafeBrowsing is not enabled, or
-// !database_manager()->IsSupported().
-// TODO(yzshen): Make sure it also works on Andorid.
 // TODO(yzshen): Do all the logging like what BaseResourceThrottle does.
 class SafeBrowsingUrlCheckerImpl : public mojom::SafeBrowsingUrlChecker,
                                   public SafeBrowsingDatabaseManager::Client {
@@ -46,8 +38,7 @@ class SafeBrowsingUrlCheckerImpl : public mojom::SafeBrowsingUrlChecker,
  SafeBrowsingUrlCheckerImpl(
      int load_flags,
      content::ResourceType resource_type,
-      scoped_refptr<SafeBrowsingDatabaseManager> database_manager,
+      scoped_refptr<UrlCheckerDelegate> url_checker_delegate,
-      scoped_refptr<SafeBrowsingUIManager> ui_manager,
      const base::Callback<content::WebContents*()>& web_contents_getter);
  ~SafeBrowsingUrlCheckerImpl() override;
@@ -61,11 +52,6 @@ class SafeBrowsingUrlCheckerImpl : public mojom::SafeBrowsingUrlChecker,
                              SBThreatType threat_type,
                              const ThreatMetadata& metadata) override;
-  static void StartDisplayingBlockingPage(
-      const base::WeakPtr<SafeBrowsingUrlCheckerImpl>& checker,
-      scoped_refptr<BaseUIManager> ui_manager,
-      const security_interstitials::UnsafeResource& resource);
  void OnCheckUrlTimeout();
  void ProcessUrls();
@@ -88,8 +74,8 @@ class SafeBrowsingUrlCheckerImpl : public mojom::SafeBrowsingUrlChecker,
  const int load_flags_;
  const content::ResourceType resource_type_;
  base::Callback<content::WebContents*()> web_contents_getter_;
+  scoped_refptr<UrlCheckerDelegate> url_checker_delegate_;
  scoped_refptr<SafeBrowsingDatabaseManager> database_manager_;
-  scoped_refptr<BaseUIManager> ui_manager_;
  // The redirect chain for this resource, including the original URL and
  // subsequent redirect URLs.
@@ -113,4 +99,4 @@ class SafeBrowsingUrlCheckerImpl : public mojom::SafeBrowsingUrlChecker,
 }  // namespace safe_browsing
-#endif  // CHROME_BROWSER_SAFE_BROWSING_SAFE_BROWSING_URL_CHECKER_IMPL_H_
+#endif  // COMPONENTS_SAFE_BROWSING_BROWSER_SAFE_BROWSING_URL_CHECKER_IMPL_H_
--- a/components/safe_browsing/browser/url_checker_delegate.h
+++ b/components/safe_browsing/browser/url_checker_delegate.h
+// Copyright 2017 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+#ifndef COMPONENTS_SAFE_BROWSING_BROWSER_URL_CHECKER_DELEGATE_H_
+#define COMPONENTS_SAFE_BROWSING_BROWSER_URL_CHECKER_DELEGATE_H_
+#include "base/callback.h"
+#include "base/memory/ref_counted.h"
+#include "components/safe_browsing_db/v4_protocol_manager_util.h"
+namespace content {
+class WebContents;
+}
+namespace security_interstitials {
+struct UnsafeResource;
+}
+namespace safe_browsing {
+class BaseUIManager;
+class SafeBrowsingDatabaseManager;
+// Delegate interface for SafeBrowsingUrlCheckerImpl. SafeBrowsingUrlCheckerImpl
+// is embedder-independent. It delegates to this interface those operations that
+// different embedders (Chrome and Android WebView) handle differently.
+//
+// All methods should only be called from the IO thread.
+class UrlCheckerDelegate
+    : public base::RefCountedThreadSafe<UrlCheckerDelegate> {
+ public:
+  // Destroys prerender contents if necessary.
+  virtual void MaybeDestroyPrerenderContents(
+      const base::Callback<content::WebContents*()>& web_contents_getter) = 0;
+  // Starts displaying the SafeBrowsing interstitial page.
+  virtual void StartDisplayingBlockingPageHelper(
+      const security_interstitials::UnsafeResource& resource) = 0;
+  virtual const SBThreatTypeSet& GetThreatTypes() = 0;
+  virtual SafeBrowsingDatabaseManager* GetDatabaseManager() = 0;
+  virtual BaseUIManager* GetUIManager() = 0;
+ protected:
+  friend class base::RefCountedThreadSafe<UrlCheckerDelegate>;
+  virtual ~UrlCheckerDelegate() {}
+};
+}  // namespace safe_browsing
+#endif  // COMPONENTS_SAFE_BROWSING_BROWSER_URL_CHECKER_DELEGATE_H_
--- a/components/safe_browsing/common/BUILD.gn
+++ b/components/safe_browsing/common/BUILD.gn
@@ -24,6 +24,10 @@ source_set("common") {
    "//ipc",
    "//url/ipc:url_ipc",
  ]
+  public_deps = [
+    ":interfaces",
+  ]
 }
 static_library("safe_browsing_prefs") {