[WebLayer] Add initial native skeleton implementation for safebrowsing

In this patch:
- add skeleton classes such as UrlCheckerDelegateImpl, UI manager,
- add safebrowsing for weblayer feature,
- add safebrowsing throttle,
- add build configs, deps and owners files.

In the skeleton classes most methods are not implemented yet and
will be implemented where necessary in further CLs. Also proper
init sequence will be implemented separately.

BUG=1015418

Change-Id: I80a9a40b18204e760289c7f01a48c69370f6d7c5
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1866832
Commit-Queue: Tim Volodine <timvolodine@chromium.org>
Reviewed-by: John Abd-El-Malek <jam@chromium.org>
Cr-Commit-Position: refs/heads/master@{#708672}

weblayer/BUILD.gn

@@ -53,6 +53,10 @@ jumbo_static_library("weblayer_lib") {
     "browser/navigation_impl.h",
     "browser/profile_impl.cc",
     "browser/profile_impl.h",
+    "browser/safe_browsing/safe_browsing_ui_manager.cc",
+    "browser/safe_browsing/safe_browsing_ui_manager.h",
+    "browser/safe_browsing/url_checker_delegate_impl.cc",
+    "browser/safe_browsing/url_checker_delegate_impl.h",
     "browser/weblayer_content_browser_overlay_manifest.cc",
     "browser/weblayer_content_browser_overlay_manifest.h",
     "browser/webui/web_ui_controller_factory.cc",
@@ -61,6 +65,8 @@ jumbo_static_library("weblayer_lib") {
     "browser/webui/weblayer_internals_ui.h",
     "common/content_client_impl.cc",
     "common/content_client_impl.h",
+    "common/features.cc",
+    "common/features.h",
     "public/browser_controller.h",
     "public/browser_observer.h",
     "public/download_delegate.h",
@@ -89,6 +95,9 @@ jumbo_static_library("weblayer_lib") {
     "//base:base_static",
     "//base/third_party/dynamic_annotations",
     "//cc",
+    "//components/safe_browsing",
+    "//components/safe_browsing/browser",
+    "//components/safe_browsing/db:database_manager",
     "//content:resources",
     "//content/app/resources",
     "//content/public/app:both",
@@ -125,6 +134,10 @@ jumbo_static_library("weblayer_lib") {
     "//weblayer/browser/webui:mojo_bindings",
   ]
 
+  if (is_android) {
+    deps += [ "//components/safe_browsing/android:remote_database_manager" ]
+  }
+
   if (enable_vulkan) {
     deps += [ "//gpu/vulkan/init" ]
   }

weblayer/browser/DEPS

 include_rules = [
   "+cc",
   "+components/embedder_support",
+  "+components/safe_browsing",
   "+content/public",
   "+mojo/public",
   "+net",

weblayer/browser/content_browser_client_impl.cc

@@ -12,6 +12,8 @@
 #include "base/path_service.h"
 #include "base/stl_util.h"
 #include "build/build_config.h"
+#include "components/safe_browsing/android/remote_database_manager.h"
+#include "components/safe_browsing/browser/browser_url_loader_throttle.h"
 #include "content/public/browser/browser_context.h"
 #include "content/public/browser/devtools_manager_delegate.h"
 #include "content/public/browser/network_service_instance.h"
@@ -26,7 +28,10 @@
 #include "url/origin.h"
 #include "weblayer/browser/browser_controller_impl.h"
 #include "weblayer/browser/browser_main_parts_impl.h"
+#include "weblayer/browser/safe_browsing/safe_browsing_ui_manager.h"
+#include "weblayer/browser/safe_browsing/url_checker_delegate_impl.h"
 #include "weblayer/browser/weblayer_content_browser_overlay_manifest.h"
+#include "weblayer/common/features.h"
 #include "weblayer/public/fullscreen_delegate.h"
 #include "weblayer/public/main.h"
 
@@ -45,6 +50,19 @@
 #include "services/service_manager/sandbox/win/sandbox_win.h"
 #endif
 
+namespace {
+
+bool IsSafebrowsingSupported() {
+  // TODO(timvolodine): consider the non-android case, see crbug.com/1015809.
+  // TODO(timvolodine): consider refactoring this out into safe_browsing/.
+#if defined(OS_ANDROID)
+  return true;
+#endif
+  return false;
+}
+
+}  // namespace
+
 namespace weblayer {
 
 ContentBrowserClientImpl::ContentBrowserClientImpl(MainParams* params)
@@ -143,6 +161,46 @@ void ContentBrowserClientImpl::OnNetworkServiceCreated(
 #endif
 }
 
+std::vector<std::unique_ptr<blink::URLLoaderThrottle>>
+ContentBrowserClientImpl::CreateURLLoaderThrottles(
+    const network::ResourceRequest& request,
+    content::BrowserContext* browser_context,
+    const base::RepeatingCallback<content::WebContents*()>& wc_getter,
+    content::NavigationUIData* navigation_ui_data,
+    int frame_tree_node_id) {
+  std::vector<std::unique_ptr<blink::URLLoaderThrottle>> result;
+
+  if (base::FeatureList::IsEnabled(features::kWebLayerSafeBrowsing) &&
+      IsSafebrowsingSupported()) {
+    result.push_back(safe_browsing::BrowserURLLoaderThrottle::Create(
+        base::BindOnce(
+            [](ContentBrowserClientImpl* client, content::ResourceContext*) {
+              return client->GetSafeBrowsingUrlCheckerDelegate();
+            },
+            base::Unretained(this)),
+        wc_getter, frame_tree_node_id, browser_context->GetResourceContext()));
+  }
+
+  return result;
+}
+
+scoped_refptr<safe_browsing::UrlCheckerDelegate>
+ContentBrowserClientImpl::GetSafeBrowsingUrlCheckerDelegate() {
+  DCHECK_CURRENTLY_ON(content::BrowserThread::IO);
+
+#if defined(OS_ANDROID)
+  if (!safe_browsing_url_checker_delegate_) {
+    // TODO(timvolodine): consider a better place for the database manager and
+    // the ui manager (also w.r.t. future safebrowsing init sequence).
+    safe_browsing_url_checker_delegate_ = new UrlCheckerDelegateImpl(
+        new safe_browsing::RemoteSafeBrowsingDatabaseManager(),
+        new SafeBrowsingUIManager());
+  }
+#endif
+
+  return safe_browsing_url_checker_delegate_;
+}
+
 #if defined(OS_LINUX) || defined(OS_ANDROID)
 void ContentBrowserClientImpl::GetAdditionalMappedFilesForChildProcess(
     const base::CommandLine& command_line,

weblayer/browser/content_browser_client_impl.h

@@ -15,6 +15,10 @@
 #include "content/public/browser/content_browser_client.h"
 #include "services/service_manager/public/cpp/binder_registry.h"
 
+namespace safe_browsing {
+class UrlCheckerDelegate;
+}
+
 namespace weblayer {
 
 struct MainParams;
@@ -43,6 +47,13 @@ class ContentBrowserClientImpl : public content::ContentBrowserClient {
       const base::FilePath& relative_partition_path) override;
   void OnNetworkServiceCreated(
       network::mojom::NetworkService* network_service) override;
+  std::vector<std::unique_ptr<blink::URLLoaderThrottle>>
+  CreateURLLoaderThrottles(
+      const network::ResourceRequest& request,
+      content::BrowserContext* browser_context,
+      const base::RepeatingCallback<content::WebContents*()>& wc_getter,
+      content::NavigationUIData* navigation_ui_data,
+      int frame_tree_node_id) override;
 
 #if defined(OS_LINUX) || defined(OS_ANDROID)
   void GetAdditionalMappedFilesForChildProcess(
@@ -52,7 +63,13 @@ class ContentBrowserClientImpl : public content::ContentBrowserClient {
 #endif  // defined(OS_LINUX) || defined(OS_ANDROID)
 
  private:
+  scoped_refptr<safe_browsing::UrlCheckerDelegate>
+  GetSafeBrowsingUrlCheckerDelegate();
+
   MainParams* params_;
+
+  scoped_refptr<safe_browsing::UrlCheckerDelegate>
+      safe_browsing_url_checker_delegate_;
 };
 
 }  // namespace weblayer

weblayer/browser/safe_browsing/OWNERS

+timvolodine@chromium.org

weblayer/browser/safe_browsing/safe_browsing_ui_manager.cc

+// Copyright 2019 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "weblayer/browser/safe_browsing/safe_browsing_ui_manager.h"
+
+#include "content/public/browser/browser_thread.h"
+
+using content::BrowserThread;
+
+namespace weblayer {
+
+SafeBrowsingUIManager::SafeBrowsingUIManager() {
+  DCHECK_CURRENTLY_ON(BrowserThread::UI);
+  // TODO(timvolodine): properly init the ui manager and the context.
+}
+
+SafeBrowsingUIManager::~SafeBrowsingUIManager() {}
+
+void SafeBrowsingUIManager::DisplayBlockingPage(
+    const UnsafeResource& resource) {
+  DCHECK_CURRENTLY_ON(BrowserThread::UI);
+  // TODO(timvolodine): check if we can reuse the base class implementation here
+  // as is.
+}
+
+void SafeBrowsingUIManager::SendSerializedThreatDetails(
+    const std::string& serialized) {
+  DCHECK_CURRENTLY_ON(BrowserThread::UI);
+  // TODO(timvolodine): figure out if we want to send any threat reporting here.
+  // Note the base implementation does not send anything.
+}
+
+}  // namespace weblayer

weblayer/browser/safe_browsing/safe_browsing_ui_manager.h

+// Copyright 2019 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef WEBLAYER_BROWSER_SAFE_BROWSING_SAFE_BROWSING_UI_MANAGER_H_
+#define WEBLAYER_BROWSER_SAFE_BROWSING_SAFE_BROWSING_UI_MANAGER_H_
+
+#include "components/safe_browsing/base_ui_manager.h"
+
+namespace weblayer {
+
+class SafeBrowsingUIManager : public safe_browsing::BaseUIManager {
+ public:
+  // Construction needs to happen on the UI thread.
+  SafeBrowsingUIManager();
+
+  // BaseUIManager overrides.
+  void DisplayBlockingPage(const UnsafeResource& resource) override;
+  void SendSerializedThreatDetails(const std::string& serialized) override;
+
+ protected:
+  ~SafeBrowsingUIManager() override;
+
+ private:
+  DISALLOW_COPY_AND_ASSIGN(SafeBrowsingUIManager);
+};
+
+}  // namespace weblayer
+
+#endif  // WEBLAYER_BROWSER_SAFE_BROWSING_SAFE_BROWSING_UI_MANAGER_H_
\ No newline at end of file

weblayer/browser/safe_browsing/url_checker_delegate_impl.cc

+// Copyright 2019 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "weblayer/browser/safe_browsing/url_checker_delegate_impl.h"
+
+#include "components/safe_browsing/db/database_manager.h"
+#include "weblayer/browser/safe_browsing/safe_browsing_ui_manager.h"
+
+namespace weblayer {
+
+UrlCheckerDelegateImpl::UrlCheckerDelegateImpl(
+    scoped_refptr<safe_browsing::SafeBrowsingDatabaseManager> database_manager,
+    scoped_refptr<SafeBrowsingUIManager> ui_manager)
+    : database_manager_(std::move(database_manager)),
+      ui_manager_(std::move(ui_manager)) {}
+
+UrlCheckerDelegateImpl::~UrlCheckerDelegateImpl() = default;
+
+void UrlCheckerDelegateImpl::MaybeDestroyPrerenderContents(
+    const base::Callback<content::WebContents*()>& web_contents_getter) {}
+
+void UrlCheckerDelegateImpl::StartDisplayingBlockingPageHelper(
+    const security_interstitials::UnsafeResource& resource,
+    const std::string& method,
+    const net::HttpRequestHeaders& headers,
+    bool is_main_frame,
+    bool has_user_gesture) {
+  // TODO(timvolodine): figure out what to do here.
+}
+
+bool UrlCheckerDelegateImpl::IsUrlWhitelisted(const GURL& url) {
+  // TODO(timvolodine): false for now, we may want whitelisting support later.
+  return false;
+}
+
+bool UrlCheckerDelegateImpl::ShouldSkipRequestCheck(
+    content::ResourceContext* resource_context,
+    const GURL& original_url,
+    int frame_tree_node_id,
+    int render_process_id,
+    int render_frame_id,
+    bool originated_from_service_worker) {
+  // TODO(timvolodine): this is needed when safebrowsing is not enabled.
+  // For now in the context of weblayer we consider safebrowsing as always
+  // enabled. This may change in the future.
+  return false;
+}
+
+void UrlCheckerDelegateImpl::NotifySuspiciousSiteDetected(
+    const base::RepeatingCallback<content::WebContents*()>&
+        web_contents_getter) {}
+
+const safe_browsing::SBThreatTypeSet& UrlCheckerDelegateImpl::GetThreatTypes() {
+  // TODO(timvolodine): revisit with the relevant threat types.
+  return threat_types_;
+}
+
+safe_browsing::SafeBrowsingDatabaseManager*
+UrlCheckerDelegateImpl::GetDatabaseManager() {
+  return database_manager_.get();
+}
+
+safe_browsing::BaseUIManager* UrlCheckerDelegateImpl::GetUIManager() {
+  return ui_manager_.get();
+}
+
+}  // namespace weblayer

weblayer/browser/safe_browsing/url_checker_delegate_impl.h

+// Copyright 2019 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef WEBLAYER_BROWSER_SAFE_BROWSING_URL_CHECKER_DELEGATE_IMPL_H_
+#define WEBLAYER_BROWSER_SAFE_BROWSING_URL_CHECKER_DELEGATE_IMPL_H_
+
+#include "base/macros.h"
+#include "base/memory/ref_counted.h"
+#include "components/safe_browsing/browser/url_checker_delegate.h"
+
+namespace weblayer {
+
+class SafeBrowsingUIManager;
+
+class UrlCheckerDelegateImpl : public safe_browsing::UrlCheckerDelegate {
+ public:
+  UrlCheckerDelegateImpl(
+      scoped_refptr<safe_browsing::SafeBrowsingDatabaseManager>
+          database_manager,
+      scoped_refptr<SafeBrowsingUIManager> ui_manager);
+
+ private:
+  ~UrlCheckerDelegateImpl() override;
+
+  // Implementation of UrlCheckerDelegate:
+  void MaybeDestroyPrerenderContents(
+      const base::Callback<content::WebContents*()>& web_contents_getter)
+      override;
+  void StartDisplayingBlockingPageHelper(
+      const security_interstitials::UnsafeResource& resource,
+      const std::string& method,
+      const net::HttpRequestHeaders& headers,
+      bool is_main_frame,
+      bool has_user_gesture) override;
+  bool IsUrlWhitelisted(const GURL& url) override;
+  bool ShouldSkipRequestCheck(content::ResourceContext* resource_context,
+                              const GURL& original_url,
+                              int frame_tree_node_id,
+                              int render_process_id,
+                              int render_frame_id,
+                              bool originated_from_service_worker) override;
+  void NotifySuspiciousSiteDetected(
+      const base::RepeatingCallback<content::WebContents*()>&
+          web_contents_getter) override;
+  const safe_browsing::SBThreatTypeSet& GetThreatTypes() override;
+  safe_browsing::SafeBrowsingDatabaseManager* GetDatabaseManager() override;
+  safe_browsing::BaseUIManager* GetUIManager() override;
+
+  scoped_refptr<safe_browsing::SafeBrowsingDatabaseManager> database_manager_;
+  scoped_refptr<SafeBrowsingUIManager> ui_manager_;
+  safe_browsing::SBThreatTypeSet threat_types_;
+
+  DISALLOW_COPY_AND_ASSIGN(UrlCheckerDelegateImpl);
+};
+
+}  // namespace weblayer
+
+#endif  // WEBLAYER_BROWSER_SAFE_BROWSING_URL_CHECKER_DELEGATE_IMPL_H_
\ No newline at end of file

weblayer/common/features.cc

+// Copyright 2019 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "weblayer/common/features.h"
+
+namespace weblayer {
+namespace features {
+
+// Weblayer features in alphabetical order.
+
+// Safebrowsing support for weblayer.
+const base::Feature kWebLayerSafeBrowsing{"WebLayerSafeBrowsing",
+                                          base::FEATURE_DISABLED_BY_DEFAULT};
+
+}  // namespace features
+}  // namespace weblayer

weblayer/common/features.h

+// Copyright 2019 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef WEBLAYER_COMMON_FEATURES_H_
+#define WEBLAYER_COMMON_FEATURES_H_
+
+#include "base/feature_list.h"
+
+namespace weblayer {
+namespace features {
+
+// Weblayer features in alphabetical order.
+
+extern const base::Feature kWebLayerSafeBrowsing;
+
+}  // namespace features
+}  // namespace weblayer
+
+#endif  // WEBLAYER_COMMON_FEATURES_H_