1 // Copyright 2012 The Chromium Authors 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef NET_URL_REQUEST_URL_REQUEST_HTTP_JOB_H_ 6 #define NET_URL_REQUEST_URL_REQUEST_HTTP_JOB_H_ 7 8 #include <stddef.h> 9 #include <stdint.h> 10 11 #include <memory> 12 #include <optional> 13 #include <string> 14 #include <vector> 15 16 #include "base/compiler_specific.h" 17 #include "base/gtest_prod_util.h" 18 #include "base/memory/raw_ptr.h" 19 #include "base/memory/weak_ptr.h" 20 #include "base/time/time.h" 21 #include "net/base/auth.h" 22 #include "net/base/ip_endpoint.h" 23 #include "net/base/net_error_details.h" 24 #include "net/base/net_export.h" 25 #include "net/base/privacy_mode.h" 26 #include "net/cookies/cookie_inclusion_status.h" 27 #include "net/first_party_sets/first_party_set_metadata.h" 28 #include "net/first_party_sets/first_party_sets_cache_filter.h" 29 #include "net/http/http_request_info.h" 30 #include "net/socket/connection_attempts.h" 31 #include "net/url_request/url_request_job.h" 32 33 namespace net { 34 35 class HttpRequestHeaders; 36 class HttpResponseHeaders; 37 class HttpResponseInfo; 38 class HttpTransaction; 39 class HttpUserAgentSettings; 40 class SSLPrivateKey; 41 struct TransportInfo; 42 class UploadDataStream; 43 44 // A URLRequestJob subclass that is built on top of HttpTransaction. It 45 // provides an implementation for both HTTP and HTTPS. 46 class NET_EXPORT_PRIVATE URLRequestHttpJob : public URLRequestJob { 47 public: 48 // Creates URLRequestJob for the specified HTTP, HTTPS, WS, or WSS URL. 49 // Returns a job that returns a redirect in the case of HSTS, and returns a 50 // job that fails for unencrypted requests if current settings dont allow 51 // them. Never returns nullptr. 52 static std::unique_ptr<URLRequestJob> Create(URLRequest* request); 53 54 URLRequestHttpJob(const URLRequestHttpJob&) = delete; 55 URLRequestHttpJob& operator=(const URLRequestHttpJob&) = delete; 56 57 void SetRequestHeadersCallback(RequestHeadersCallback callback) override; 58 void SetEarlyResponseHeadersCallback( 59 ResponseHeadersCallback callback) override; 60 void SetResponseHeadersCallback(ResponseHeadersCallback callback) override; 61 void SetIsSharedDictionaryReadAllowedCallback( 62 base::RepeatingCallback<bool()> callback) override; 63 64 protected: 65 URLRequestHttpJob(URLRequest* request, 66 const HttpUserAgentSettings* http_user_agent_settings); 67 68 ~URLRequestHttpJob() override; 69 70 // Overridden from URLRequestJob: 71 void SetPriority(RequestPriority priority) override; 72 void Start() override; 73 void Kill() override; 74 ConnectionAttempts GetConnectionAttempts() const override; 75 void CloseConnectionOnDestruction() override; 76 std::unique_ptr<SourceStream> SetUpSourceStream() override; 77 priority()78 RequestPriority priority() const { 79 return priority_; 80 } 81 82 private: 83 // For CookieRequestScheme histogram enum. 84 FRIEND_TEST_ALL_PREFIXES(URLRequestHttpJobTest, 85 CookieSchemeRequestSchemeHistogram); 86 87 enum CompletionCause { 88 ABORTED, 89 FINISHED 90 }; 91 92 // Used to indicate which kind of cookies are sent on which kind of requests, 93 // for use in histograms. A (non)secure set cookie means that the cookie was 94 // originally set by a (non)secure url. A (non)secure request means that the 95 // request url is (non)secure. An unset cookie scheme means that the cookie's 96 // source scheme was marked as "Unset" and thus cannot be compared with the 97 // request. 98 // These values are persisted to logs. Entries should not be renumbered and 99 // numeric values should never be reused. 100 enum class CookieRequestScheme { 101 kUnsetCookieScheme = 0, 102 kNonsecureSetNonsecureRequest, 103 kSecureSetSecureRequest, 104 kNonsecureSetSecureRequest, 105 kSecureSetNonsecureRequest, 106 107 kMaxValue = kSecureSetNonsecureRequest // Keep as the last value. 108 }; 109 110 typedef base::RefCountedData<bool> SharedBoolean; 111 112 // Shadows URLRequestJob's version of this method so we can grab cookies. 113 void NotifyHeadersComplete(); 114 115 void DestroyTransaction(); 116 117 // Computes the PrivacyMode that should be associated with this leg of the 118 // request. Must be recomputed on redirects. 119 PrivacyMode DeterminePrivacyMode() const; 120 121 void AddExtraHeaders(); 122 void AddCookieHeaderAndStart(); 123 void AnnotateAndMoveUserBlockedCookies( 124 CookieAccessResultList& maybe_included_cookies, 125 CookieAccessResultList& excluded_cookies) const; 126 void SaveCookiesAndNotifyHeadersComplete(int result); 127 128 #if BUILDFLAG(ENABLE_DEVICE_BOUND_SESSIONS) 129 // Process the DBSC header, if one exists. 130 void ProcessDeviceBoundSessionsHeader(); 131 #endif // BUILDFLAG(ENABLE_DEVICE_BOUND_SESSIONS) 132 133 // Processes the Strict-Transport-Security header, if one exists. 134 void ProcessStrictTransportSecurityHeader(); 135 136 // |result| should be OK, or the request is canceled. 137 void OnHeadersReceivedCallback(int result); 138 void OnStartCompleted(int result); 139 void OnReadCompleted(int result); 140 void NotifyBeforeStartTransactionCallback( 141 int result, 142 const std::optional<HttpRequestHeaders>& headers); 143 // This just forwards the call to URLRequestJob::NotifyConnected(). 144 // We need it because that method is protected and cannot be bound in a 145 // callback in this class. 146 int NotifyConnectedCallback(const TransportInfo& info, 147 CompletionOnceCallback callback); 148 149 void RestartTransactionWithAuth(const AuthCredentials& credentials); 150 151 // Overridden from URLRequestJob: 152 void SetUpload(UploadDataStream* upload) override; 153 void SetExtraRequestHeaders(const HttpRequestHeaders& headers) override; 154 LoadState GetLoadState() const override; 155 bool GetMimeType(std::string* mime_type) const override; 156 bool GetCharset(std::string* charset) override; 157 void GetResponseInfo(HttpResponseInfo* info) override; 158 void GetLoadTimingInfo(LoadTimingInfo* load_timing_info) const override; 159 bool GetTransactionRemoteEndpoint(IPEndPoint* endpoint) const override; 160 int GetResponseCode() const override; 161 void PopulateNetErrorDetails(NetErrorDetails* details) const override; 162 bool CopyFragmentOnRedirect(const GURL& location) const override; 163 bool IsSafeRedirect(const GURL& location) override; 164 bool NeedsAuth() override; 165 std::unique_ptr<AuthChallengeInfo> GetAuthChallengeInfo() override; 166 void SetAuth(const AuthCredentials& credentials) override; 167 void CancelAuth() override; 168 void ContinueWithCertificate( 169 scoped_refptr<X509Certificate> client_cert, 170 scoped_refptr<SSLPrivateKey> client_private_key) override; 171 void ContinueDespiteLastError() override; 172 int ReadRawData(IOBuffer* buf, int buf_size) override; 173 int64_t GetTotalReceivedBytes() const override; 174 int64_t GetTotalSentBytes() const override; 175 void DoneReading() override; 176 void DoneReadingRedirectResponse() override; 177 178 IPEndPoint GetResponseRemoteEndpoint() const override; 179 void NotifyURLRequestDestroyed() override; 180 181 void RecordTimer(); 182 void ResetTimer(); 183 184 // Starts the transaction if extensions using the webrequest API do not 185 // object. 186 void StartTransaction(); 187 // If |result| is OK, calls StartTransactionInternal. Otherwise notifies 188 // cancellation. 189 void MaybeStartTransactionInternal(int result); 190 void StartTransactionInternal(); 191 192 void RecordCompletionHistograms(CompletionCause reason); 193 void DoneWithRequest(CompletionCause reason); 194 195 // Callback functions for Cookie Monster 196 void SetCookieHeaderAndStart(const CookieOptions& options, 197 const CookieAccessResultList& cookie_list, 198 const CookieAccessResultList& excluded_list); 199 200 // Another Cookie Monster callback 201 void OnSetCookieResult(const CookieOptions& options, 202 std::optional<CanonicalCookie> cookie, 203 std::string cookie_string, 204 CookieAccessResult access_result); 205 int num_cookie_lines_left_ = 0; 206 CookieAndLineAccessResultList set_cookie_access_result_list_; 207 208 // Some servers send the body compressed, but specify the content length as 209 // the uncompressed size. If this is the case, we return true in order 210 // to request to work around this non-adherence to the HTTP standard. 211 // |rv| is the standard return value of a read function indicating the number 212 // of bytes read or, if negative, an error code. 213 bool ShouldFixMismatchedContentLength(int rv) const; 214 215 // Returns the effective response headers, considering that they may be 216 // overridden by `override_response_headers_` or 217 // `override_response_info_::headers`. 218 HttpResponseHeaders* GetResponseHeaders() const; 219 220 // Called after getting the FirstPartySetMetadata during Start for this job. 221 void OnGotFirstPartySetMetadata( 222 FirstPartySetMetadata first_party_set_metadata, 223 FirstPartySetsCacheFilter::MatchInfo match_info); 224 225 // Returns true iff this request leg should include the Cookie header. Note 226 // that cookies may still be eventually blocked by the CookieAccessDelegate 227 // even if this method returns true. 228 bool ShouldAddCookieHeader() const; 229 230 // Returns true if we should log how many partitioned cookies are included 231 // in a request. 232 bool ShouldRecordPartitionedCookieUsage() const; 233 234 RequestPriority priority_ = DEFAULT_PRIORITY; 235 236 HttpRequestInfo request_info_; 237 238 // Used for any logic, e.g. DNS-based scheme upgrade, that needs to synthesize 239 // response info to override the real response info. Transaction should be 240 // cleared before setting. 241 std::unique_ptr<HttpResponseInfo> override_response_info_; 242 243 // Auth states for proxy and origin server. 244 AuthState proxy_auth_state_ = AUTH_STATE_DONT_NEED_AUTH; 245 AuthState server_auth_state_ = AUTH_STATE_DONT_NEED_AUTH; 246 AuthCredentials auth_credentials_; 247 248 bool read_in_progress_ = false; 249 250 std::unique_ptr<HttpTransaction> transaction_; 251 252 // This needs to be declared after `transaction_` and 253 // `override_response_info_` because `response_info_` holds a pointer that's 254 // itself owned by one of those, so `response_info_` needs to be destroyed 255 // first. 256 raw_ptr<const HttpResponseInfo> response_info_ = nullptr; 257 258 base::Time request_creation_time_; 259 260 // True when we are done doing work. 261 bool done_ = false; 262 263 // The start time for the job, ignoring re-starts. 264 base::TimeTicks start_time_; 265 266 // When the transaction finished reading the request headers. 267 base::TimeTicks receive_headers_end_; 268 269 // We allow the network delegate to modify a copy of the response headers. 270 // This prevents modifications of headers that are shared with the underlying 271 // layers of the network stack. 272 scoped_refptr<HttpResponseHeaders> override_response_headers_; 273 274 // Ordinarily the original URL's fragment is copied during redirects, unless 275 // the destination URL already has one. However, the NetworkDelegate can 276 // override this behavior by setting |preserve_fragment_on_redirect_url_|: 277 // * If set to std::nullopt, the default behavior is used. 278 // * If the final URL in the redirect chain matches 279 // |preserve_fragment_on_redirect_url_|, its fragment unchanged. So this 280 // is basically a way for the embedder to force a redirect not to copy the 281 // original URL's fragment when the original URL had one. 282 std::optional<GURL> preserve_fragment_on_redirect_url_; 283 284 // Flag used to verify that |this| is not deleted while we are awaiting 285 // a callback from the NetworkDelegate. Used as a fail-fast mechanism. 286 // True if we are waiting a callback and 287 // NetworkDelegate::NotifyURLRequestDestroyed has not been called, yet, 288 // to inform the NetworkDelegate that it may not call back. 289 bool awaiting_callback_ = false; 290 291 raw_ptr<const HttpUserAgentSettings> http_user_agent_settings_; 292 293 // Keeps track of total received bytes over the network from transactions used 294 // by this job that have already been destroyed. 295 int64_t total_received_bytes_from_previous_transactions_ = 0; 296 // Keeps track of total sent bytes over the network from transactions used by 297 // this job that have already been destroyed. 298 int64_t total_sent_bytes_from_previous_transactions_ = 0; 299 300 RequestHeadersCallback request_headers_callback_; 301 ResponseHeadersCallback early_response_headers_callback_; 302 ResponseHeadersCallback response_headers_callback_; 303 304 base::RepeatingCallback<bool()> is_shared_dictionary_read_allowed_callback_; 305 306 // The First-Party Set metadata associated with this job. Set when the job is 307 // started. 308 FirstPartySetMetadata first_party_set_metadata_; 309 310 base::WeakPtrFactory<URLRequestHttpJob> weak_factory_{this}; 311 }; 312 313 } // namespace net 314 315 #endif // NET_URL_REQUEST_URL_REQUEST_HTTP_JOB_H_ 316