Add Plumbing for Calling Whitelisting

Safebrowsing checks can be prevented for certain domains by passing these domains via a whitelisting API. This code lands the plumbing for using that whitelisting code. Bug: 726770 Change-Id: I3e6278afb4900929bef6d05e81fae34529fe920e Reviewed-on: https://chromium-review.googlesource.com/577921Reviewed-by: Nate Fischer <ntfschr@chromium.org> Commit-Queue: Selim Gurun <sgurun@chromium.org> Cr-Commit-Position: refs/heads/master@{#488029}

Add Plumbing for Calling Whitelisting
Safebrowsing checks can be prevented for certain domains by passing these domains via a whitelisting API. This code lands the plumbing for using that whitelisting code. Bug: 726770 Change-Id: I3e6278afb4900929bef6d05e81fae34529fe920e Reviewed-on: https://chromium-review.googlesource.com/577921Reviewed-by: Nate Fischer <ntfschr@chromium.org> Commit-Queue: Selim Gurun <sgurun@chromium.org> Cr-Commit-Position: refs/heads/master@{#488029}
f5285289 · Selim Gurun · Commit Bot · 0b3e7a5f · f5285289 · f5285289
Commit f5285289 authored Jul 19, 2017 by Selim Gurun Committed by Commit Bot Jul 19, 2017
7 changed files
--- a/android_webview/browser/aw_contents_statics.cc
+++ b/android_webview/browser/aw_contents_statics.cc
@@ -44,6 +44,13 @@ void NotifyClientCertificatesChanged() {
  net::CertDatabase::GetInstance()->OnAndroidKeyStoreChanged();
 }
+void SafeBrowsingWhitelistAssigned(const JavaRef<jobject>& callback,
+                                   bool success) {
+  DCHECK_CURRENTLY_ON(BrowserThread::UI);
+  JNIEnv* env = AttachCurrentThread();
+  Java_AwContentsStatics_safeBrowsingWhitelistAssigned(env, callback, success);
+}
 }  // namespace
 // static
@@ -93,14 +100,18 @@ void SetSafeBrowsingEnabledByManifest(JNIEnv* env,
 }
 // static
-void SetSafeBrowsingWhiteList(JNIEnv* env,
+void SetSafeBrowsingWhitelist(JNIEnv* env,
                              const JavaParamRef<jclass>&,
-                              const JavaParamRef<jobjectArray>& jrules) {
+                              const JavaParamRef<jobjectArray>& jrules,
+                              const JavaParamRef<jobject>& callback) {
  std::vector<std::string> rules;
  base::android::AppendJavaStringArrayToStringVector(env, jrules, &rules);
  AwSafeBrowsingWhitelistManager* whitelist_manager =
      AwBrowserContext::GetDefault()->GetSafeBrowsingWhitelistManager();
-  whitelist_manager->SetWhitelistOnUIThread(std::move(rules));
+  whitelist_manager->SetWhitelistOnUIThread(
+      std::move(rules),
+      base::Bind(&SafeBrowsingWhitelistAssigned,
+                 ScopedJavaGlobalRef<jobject>(env, callback)));
 }
 // static

--- a/android_webview/browser/aw_safe_browsing_whitelist_manager.cc
+++ b/android_webview/browser/aw_safe_browsing_whitelist_manager.cc
@@ -143,12 +143,14 @@ bool AddRuleToWhitelist(base::StringPiece rule, TrieNode* root) {
  return true;
 }
-void AddRules(const std::vector<std::string>& rules, TrieNode* root) {
+bool AddRules(const std::vector<std::string>& rules, TrieNode* root) {
  for (auto rule : rules) {
    if (!AddRuleToWhitelist(rule, root)) {
-      LOG(ERROR) << " Dropping invalid whitelist rule " << rule;
+      LOG(ERROR) << " invalid whitelist rule " << rule;
+      return false;
    }
  }
+  return true;
 }
 bool IsWhitelisted(const GURL& url, const TrieNode* node) {
@@ -193,30 +195,37 @@ void AwSafeBrowsingWhitelistManager::SetWhitelist(
 // A task that builds the whitelist on a background thread.
 void AwSafeBrowsingWhitelistManager::BuildWhitelist(
-    const std::vector<std::string>& rules) {
+    const std::vector<std::string>& rules,
+    const base::Callback<void(bool)>& callback) {
  DCHECK(background_task_runner_->RunsTasksInCurrentSequence());
  std::unique_ptr<TrieNode> whitelist(base::MakeUnique<TrieNode>());
-  AddRules(rules, whitelist.get());
+  bool success = AddRules(rules, whitelist.get());
  DCHECK(!whitelist->is_terminal);
  DCHECK(!whitelist->match_prefix);
-  // use base::Unretained as AwSafeBrowsingWhitelistManager is a singleton and
-  // not cleaned.
+  ui_task_runner_->PostTask(FROM_HERE, base::Bind(callback, success));
-  io_task_runner_->PostTask(
-      FROM_HERE,
+  if (success) {
-      base::Bind(&AwSafeBrowsingWhitelistManager::SetWhitelist,
+    // use base::Unretained as AwSafeBrowsingWhitelistManager is a singleton and
-                 base::Unretained(this), base::Passed(std::move(whitelist))));
+    // not cleaned.
+    io_task_runner_->PostTask(
+        FROM_HERE,
+        base::Bind(&AwSafeBrowsingWhitelistManager::SetWhitelist,
+                   base::Unretained(this), base::Passed(std::move(whitelist))));
+  }
 }
 void AwSafeBrowsingWhitelistManager::SetWhitelistOnUIThread(
-    std::vector<std::string>&& rules) {
+    std::vector<std::string>&& rules,
+    const base::Callback<void(bool)>& callback) {
  DCHECK(ui_task_runner_->RunsTasksInCurrentSequence());
  // use base::Unretained as AwSafeBrowsingWhitelistManager is a singleton and
  // not cleaned.
  background_task_runner_->PostTask(
-      FROM_HERE,
+      FROM_HERE, base::Bind(&AwSafeBrowsingWhitelistManager::BuildWhitelist,
-      base::Bind(&AwSafeBrowsingWhitelistManager::BuildWhitelist,
+                            base::Unretained(this),
-                 base::Unretained(this), base::Passed(std::move(rules))));
+                            base::Passed(std::move(rules)), callback));
 }
 bool AwSafeBrowsingWhitelistManager::IsURLWhitelisted(const GURL& url) const {

--- a/android_webview/browser/aw_safe_browsing_whitelist_manager.h
+++ b/android_webview/browser/aw_safe_browsing_whitelist_manager.h
@@ -65,11 +65,13 @@ class AwSafeBrowsingWhitelistManager {
  bool IsURLWhitelisted(const GURL& url) const;
  // Replace the current host whitelist with a new one.
-  void SetWhitelistOnUIThread(std::vector<std::string>&& rules);
+  void SetWhitelistOnUIThread(std::vector<std::string>&& rules,
+                              const base::Callback<void(bool)>& callback);
 private:
  // Builds whitelist on background thread.
-  void BuildWhitelist(const std::vector<std::string>& rules);
+  void BuildWhitelist(const std::vector<std::string>& rules,
+                      const base::Callback<void(bool)>& callback);
  // Replaces the current whitelist. Must be called on the IO thread.
  void SetWhitelist(std::unique_ptr<TrieNode> whitelist);

--- a/android_webview/browser/aw_safe_browsing_whitelist_manager_unittest.cc
+++ b/android_webview/browser/aw_safe_browsing_whitelist_manager_unittest.cc
--- a/android_webview/glue/java/src/com/android/webview/chromium/WebViewChromiumFactoryProvider.java
+++ b/android_webview/glue/java/src/com/android/webview/chromium/WebViewChromiumFactoryProvider.java
@@ -68,6 +68,7 @@ import org.chromium.content.browser.input.LGEmailActionModeWorkaround;
 import org.chromium.net.NetworkChangeNotifier;
 import java.io.File;
+import java.util.List;
 import java.util.Queue;
 import java.util.concurrent.Callable;
 import java.util.concurrent.ConcurrentLinkedQueue;
@@ -576,6 +577,12 @@ public class WebViewChromiumFactoryProvider implements WebViewFactoryProvider {
                        AwContentsStatics.shutdownSafeBrowsing();
                    }
+                    // TODO(ntfschr): add @Override once next android SDK rolls
+                    public void setSafeBrowsingWhitelist(
+                            List<String> urls, ValueCallback<Boolean> callback) {
+                        AwContentsStatics.setSafeBrowsingWhitelist(urls, callback);
+                    }
                };
            }
        }

--- a/android_webview/java/src/org/chromium/android_webview/AwContentsStatics.java
+++ b/android_webview/java/src/org/chromium/android_webview/AwContentsStatics.java
@@ -13,6 +13,7 @@ import org.chromium.base.annotations.CalledByNative;
 import org.chromium.base.annotations.JNINamespace;
 import java.lang.reflect.Method;
+import java.util.List;
 /**
 * Implementations of various static methods, and also a home for static
@@ -107,8 +108,23 @@ public class AwContentsStatics {
        setSafeBrowsingEnabledByManifest(enable);
    }
-    public static void setSafeBrowsingWhiteList(String[] urls) {
+    @CalledByNative
-        nativeSetSafeBrowsingWhiteList(urls);
+    private static void safeBrowsingWhitelistAssigned(
+            ValueCallback<Boolean> callback, boolean success) {
+        if (callback == null) return;
+        callback.onReceiveValue(success);
+    }
+    public static void setSafeBrowsingWhitelist(
+            List<String> urls, ValueCallback<Boolean> callback) {
+        String[] urlArray = urls.toArray(new String[urls.size()]);
+        if (callback == null) {
+            callback = new ValueCallback<Boolean>() {
+                @Override
+                public void onReceiveValue(Boolean b) {}
+            };
+        }
+        nativeSetSafeBrowsingWhitelist(urlArray, callback);
    }
    @SuppressWarnings("unchecked")
@@ -173,7 +189,8 @@ public class AwContentsStatics {
            AwContentsIoThreadClient ioThreadClient, AwBrowserContext browserContext);
    private static native boolean nativeGetSafeBrowsingEnabledByManifest();
    private static native void nativeSetSafeBrowsingEnabledByManifest(boolean enable);
-    private static native void nativeSetSafeBrowsingWhiteList(String[] urls);
+    private static native void nativeSetSafeBrowsingWhitelist(
+            String[] urls, ValueCallback<Boolean> callback);
    private static native void nativeSetCheckClearTextPermitted(boolean permitted);
    private static native String nativeFindAddress(String addr);
 }
--- a/android_webview/javatests/src/org/chromium/android_webview/test/SafeBrowsingTest.java
+++ b/android_webview/javatests/src/org/chromium/android_webview/test/SafeBrowsingTest.java
@@ -44,6 +44,7 @@ import org.chromium.content.browser.test.util.CriteriaHelper;
 import org.chromium.content_public.browser.WebContents;
 import org.chromium.net.test.EmbeddedTestServer;
+import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.concurrent.Callable;
@@ -261,6 +262,15 @@ public class SafeBrowsingTest extends AwTestBase {
        }
    }
+    private static class WhitelistHelper extends CallbackHelper implements ValueCallback<Boolean> {
+        public boolean success;
+        public void onReceiveValue(Boolean success) {
+            this.success = success;
+            notifyCalled();
+        }
+    }
    @Override
    public void setUp() throws Exception {
        super.setUp();
@@ -446,14 +456,44 @@ public class SafeBrowsingTest extends AwTestBase {
            @Override
            public void run() {
                String host = Uri.parse(responseUrl).getHost();
-                String[] s = new String[] {host};
+                ArrayList<String> s = new ArrayList<String>();
-                AwContentsStatics.setSafeBrowsingWhiteList(s);
+                s.add(host);
+                AwContentsStatics.setSafeBrowsingWhitelist(s, null);
            }
        });
        loadUrlSync(mAwContents, mContentsClient.getOnPageFinishedHelper(), responseUrl);
        assertTargetPageHasLoaded(MALWARE_PAGE_BACKGROUND_COLOR);
    }
+    @SmallTest
+    @Feature({"AndroidWebView"})
+    @CommandLineFlags.Add(AwSwitches.WEBVIEW_ENABLE_SAFEBROWSING_SUPPORT)
+    public void testCallbackCalledOnSafeBrowsingBadWhitelistRule() throws Throwable {
+        verifyWhiteListRule("http://www.google.com", false);
+    }
+    @SmallTest
+    @Feature({"AndroidWebView"})
+    @CommandLineFlags.Add(AwSwitches.WEBVIEW_ENABLE_SAFEBROWSING_SUPPORT)
+    public void testCallbackCalledOnSafeBrowsingGoodWhitelistRule() throws Throwable {
+        verifyWhiteListRule("www.google.com", true);
+    }
+    private void verifyWhiteListRule(final String rule, boolean expected) throws Throwable {
+        final WhitelistHelper helper = new WhitelistHelper();
+        final int count = helper.getCallCount();
+        ThreadUtils.runOnUiThreadBlocking(new Runnable() {
+            @Override
+            public void run() {
+                ArrayList<String> s = new ArrayList<String>();
+                s.add(rule);
+                AwContentsStatics.setSafeBrowsingWhitelist(s, helper);
+            }
+        });
+        helper.waitForCallback(count);
+        assertEquals(expected, helper.success);
+    }
    @SmallTest
    @Feature({"AndroidWebView"})
    @CommandLineFlags.Add(AwSwitches.WEBVIEW_ENABLE_SAFEBROWSING_SUPPORT)