Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code

Side by Side Diff: src/plugin/PluginWbPassThrough.cpp

Issue 4974480757620736: Issue #1356 - Improve detection of the issuer of the request (Closed)
Patch Set: Revert the incorrect cleanup Created Oct. 31, 2014, 3:08 p.m.
Left:
Right:
Use n/p to move between diff chunks; N/P to move between comments.
Jump to:
View unified diff | Download patch
OLDNEW
1 #include "PluginStdAfx.h" 1 #include "PluginStdAfx.h"
2 2
3 #include "PluginWbPassThrough.h" 3 #include "PluginWbPassThrough.h"
4 #include "PluginClient.h" 4 #include "PluginClient.h"
5 #include "PluginClientFactory.h" 5 #include "PluginClientFactory.h"
6 #include "PluginFilter.h" 6 #include "PluginFilter.h"
7 #include "PluginSettings.h" 7 #include "PluginSettings.h"
8 #include "PluginClass.h" 8 #include "PluginClass.h"
9 #include "PluginSystem.h" 9 #include "PluginSystem.h"
10 #include <WinInet.h> 10 #include <WinInet.h>
11 #include "wtypes.h" 11 #include "wtypes.h"
12 #include "../shared/Utils.h"
12 13
13 namespace 14 namespace
14 { 15 {
15 std::string g_blockedByABPPage = "<!DOCTYPE html>" 16 std::string g_blockedByABPPage = "<!DOCTYPE html>"
16 "<html>" 17 "<html>"
17 "<body>" 18 "<body>"
18 "<!-- blocked by AdblockPlus -->" 19 "<!-- blocked by AdblockPlus -->"
19 "</body>" 20 "</body>"
20 "</html>"; 21 "</html>";
21 } 22 }
(...skipping 96 matching lines...) Expand 10 before | Expand all | Expand 10 after
118 //////////////////////////////////////////////////////////////////////////////// //////// 119 //////////////////////////////////////////////////////////////////////////////// ////////
119 //WBPassthruSink 120 //WBPassthruSink
120 //Monitor and/or cancel every request and responde 121 //Monitor and/or cancel every request and responde
121 //WB makes, including images, sounds, scripts, etc 122 //WB makes, including images, sounds, scripts, etc
122 //////////////////////////////////////////////////////////////////////////////// //////// 123 //////////////////////////////////////////////////////////////////////////////// ////////
123 HRESULT WBPassthruSink::OnStart(LPCWSTR szUrl, IInternetProtocolSink *pOIProtSin k, 124 HRESULT WBPassthruSink::OnStart(LPCWSTR szUrl, IInternetProtocolSink *pOIProtSin k,
124 IInternetBindInfo *pOIBindInfo, DWORD grfPI, HAN DLE_PTR dwReserved, 125 IInternetBindInfo *pOIBindInfo, DWORD grfPI, HAN DLE_PTR dwReserved,
125 IInternetProtocol* pTargetProtocol, bool& handle d) 126 IInternetProtocol* pTargetProtocol, bool& handle d)
126 { 127 {
127 m_pTargetProtocol = pTargetProtocol; 128 m_pTargetProtocol = pTargetProtocol;
128 bool isBlocked = false; 129 return BaseClass::OnStart(szUrl, pOIProtSink, pOIBindInfo, grfPI, dwReserved, pTargetProtocol);
129 CString src = szUrl;
130 DEBUG_GENERAL(src);
131 CPluginClient::UnescapeUrl(src);
132
133 // call the impl of the base class as soon as possible because it initializes the base class
134 // members, used by this method. It queries for the required interfaces.
135 HRESULT hr = BaseClass::OnStart(szUrl, pOIProtSink, pOIBindInfo, grfPI, dwRese rved, pTargetProtocol);
136 if (FAILED(hr))
137 {
138 return hr;
139 }
140
141 CString mimeType;
142 if (pOIBindInfo)
143 {
144 ULONG resLen = 0;
145
146 // Apparently IE will report random mime type if there's more then 1 in the list.
147 // So we get the whole list and just use the first one (top priority one)
148 LPOLESTR mime[10];
149 pOIBindInfo->GetBindString(BINDSTRING_ACCEPT_MIMES, mime, 10, &resLen);
150 if (mime && resLen > 0)
151 {
152 mimeType.SetString(mime[0]);
153 }
154 LPOLESTR bindString = nullptr;
155 pOIBindInfo->GetBindString(BINDSTRING_FLAG_BIND_TO_OBJECT, &bindString, 1, & resLen);
156 LPOLESTR domainRetrieved = nullptr;
157 if (resLen == 0 || wcscmp(bindString, L"FALSE") == 0)
158 {
159 HRESULT hr = pOIBindInfo->GetBindString(BINDSTRING_XDR_ORIGIN, &domainRetr ieved, 1, &resLen);
160 if ((hr == S_OK) && domainRetrieved && (resLen > 0))
161 {
162 m_boundDomain = domainRetrieved;
163 }
164 }
165 // We can obtain IBindCtx* here, but IEnumString obtained via IBindCtx::Enum ObjectParam
166 // does not return any parameter, so it's useless.
167 }
168
169 CString cookie;
170 ULONG len1 = 2048;
171 ULONG len2 = 2048;
172
173 CPluginTab* tab = CPluginClass::GetTab(::GetCurrentThreadId());
174 CPluginClient* client = CPluginClient::GetInstance();
175
176 if (tab && client)
177 {
178 CString documentUrl = tab->GetDocumentUrl();
179 // Page is identical to document => don't block
180 if (documentUrl == src)
181 {
182 // fall through
183 }
184 else if (CPluginSettings::GetInstance()->IsPluginEnabled() && !client->IsWhi telistedUrl(std::wstring(documentUrl)))
185 {
186 m_boundDomain = tab->GetDocumentUrl();
187 m_contentType = CFilter::contentTypeAny;
188 if (tab != nullptr && tab->IsFrameCached(src))
189 {
190 m_contentType = CFilter::contentTypeSubdocument;
191 }
192 else
193 {
194 m_contentType = GetContentType(mimeType, m_boundDomain, src);
195 }
196 }
197 }
198
199 if (tab == nullptr)
200 {
201 m_contentType = GetContentType(mimeType, m_boundDomain, src);
202 }
203
204 {
205 // Here is the heuristic which detects the requests issued by Flash.ocx.
206 // It turned out that the implementation from ''Flash.ocx'' (tested version is 15.0.0.152)
207 // returns quite minimal configuration in comparison with the implementation from Microsofts'
208 // libraries (see grfBINDF and bindInfo.dwOptions). The impl from MS often i ncludes something
209 // else.
210 ATL::CComPtr<IBindStatusCallback> bscb;
211 if (SUCCEEDED(QueryServiceFromClient(&bscb)) && !!bscb)
212 {
213 DWORD grfBINDF = 0;
214 BINDINFO bindInfo = {};
215 bindInfo.cbSize = sizeof(bindInfo);
216 if (SUCCEEDED(bscb->GetBindInfo(&grfBINDF, &bindInfo))
217 && (BINDF_ASYNCHRONOUS | BINDF_ASYNCSTORAGE| BINDF_PULLDATA) == grfBINDF
218 && (BINDINFO_OPTIONS_ENABLE_UTF8 | BINDINFO_OPTIONS_USE_IE_ENCODING) == bindInfo.dwOptions
219 )
220 {
221 m_contentType = CFilter::EContentType::contentTypeObjectSubrequest;
222 }
223 }
224 }
225
226 // The descision about EContentType::contentTypeAny is made later in
227 // WBPassthruSink::BeginningTransaction. Sometimes here we cannot detect the r equest type, but
228 // in WBPassthruSink::BeginningTransaction the header Accept is available whic h allows to
229 // obtain the "request type" in our terminology.
230 if (nullptr != client
231 && CFilter::EContentType::contentTypeAny != m_contentType
232 && client->ShouldBlock(static_cast<const wchar_t*>(src), m_contentType, m_bo undDomain, true))
233 {
234 isBlocked = true;
235 }
236
237 // For IE6 and earlier there is iframe back button issue, so avoid it.
238 if (isBlocked && client->GetIEVersion() > 6)
239 {
240 handled = true;
241 if (CFilter::EContentType::contentTypeImage == m_contentType)
242 {
243 // IE shows a cross that img is not loaded
244 return INET_E_REDIRECT_FAILED;
245 }
246 if (CFilter::EContentType::contentTypeSubdocument == m_contentType)
247 {
248 PassthroughAPP::CustomSinkStartPolicy<WBPassthru, WBPassthruSink>::GetProt ocol(this)->m_shouldSupplyCustomContent = true;
249 m_spInternetProtocolSink->ReportProgress(BINDSTATUS_MIMETYPEAVAILABLE, L"t ext/html");
250 m_spInternetProtocolSink->ReportData(BSCF_FIRSTDATANOTIFICATION, 0, static _cast<ULONG>(g_blockedByABPPage.size()));
251 return S_OK;
252 }
253 if (CFilter::EContentType::contentTypeScript == m_contentType)
254 {
255 m_spInternetProtocolSink->ReportProgress(BINDSTATUS_MIMETYPEAVAILABLE, L"t ext/javascript");
256 m_spInternetProtocolSink->ReportResult(INET_E_REDIRECTING, 301, L"data:");
257 return INET_E_REDIRECT_FAILED;
258 }
259 if (CFilter::EContentType::contentTypeXmlHttpRequest == m_contentType)
260 {
261 m_spInternetProtocolSink->ReportResult(INET_E_REDIRECTING, 301, L"data:");
262 return INET_E_REDIRECT_FAILED;
263 }
264 if (CFilter::EContentType::contentTypeAny != m_contentType)
265 {
266 m_spInternetProtocolSink->ReportResult(INET_E_REDIRECTING, 301, L"data:");
267 return INET_E_REDIRECT_FAILED;
268 }
269 }
270
271 return isBlocked ? S_FALSE : hr;
272 } 130 }
273 131
274 HRESULT WBPassthruSink::OnRead(void* pv, ULONG cb, ULONG* pcbRead) 132 HRESULT WBPassthruSink::OnRead(void* pv, ULONG cb, ULONG* pcbRead)
275 { 133 {
276 if (pv == nullptr) 134 if (pv == nullptr)
277 { 135 {
278 return E_POINTER; 136 return E_POINTER;
279 } 137 }
280 if (pcbRead == nullptr) 138 if (pcbRead == nullptr)
281 { 139 {
(...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after
335 */ 193 */
336 return m_spInternetProtocolSink ? m_spInternetProtocolSink->Switch(pProtocolDa ta) : E_UNEXPECTED; 194 return m_spInternetProtocolSink ? m_spInternetProtocolSink->Switch(pProtocolDa ta) : E_UNEXPECTED;
337 } 195 }
338 196
339 STDMETHODIMP WBPassthruSink::BeginningTransaction(LPCWSTR szURL, LPCWSTR szHeade rs, DWORD dwReserved, LPWSTR* pszAdditionalHeaders) 197 STDMETHODIMP WBPassthruSink::BeginningTransaction(LPCWSTR szURL, LPCWSTR szHeade rs, DWORD dwReserved, LPWSTR* pszAdditionalHeaders)
340 { 198 {
341 if (pszAdditionalHeaders) 199 if (pszAdditionalHeaders)
342 { 200 {
343 *pszAdditionalHeaders = nullptr; 201 *pszAdditionalHeaders = nullptr;
344 } 202 }
203 std::wstring src = szURL;
Felix Dahlke 2014/11/03 04:58:16 Shouldn't this be stored as a CString? It's only e
Oleksandr 2014/11/03 11:37:37 There is a folow-up review where we will be removi
204 DEBUG_GENERAL(ToCString(src));
345 205
346 CPluginClient* client = nullptr; 206 CComPtr<IHttpNegotiate> spHttpNegotiate;
Felix Dahlke 2014/11/03 04:58:16 Other local variables here don't use hungarian not
347 if (CFilter::EContentType::contentTypeAny == m_contentType && (client = CPlugi nClient::GetInstance())) 207 QueryServiceFromClient(&spHttpNegotiate);
208 // This fills the pszAdditionalHeaders with more headers. One of which is the Referer header, which we need.
209 // There doesn't seem to be any other way to get this header before the reques t has been made.
210 HRESULT nativeHr = spHttpNegotiate ? spHttpNegotiate->BeginningTransaction(szU RL, szHeaders,dwReserved, pszAdditionalHeaders) : S_OK;
Felix Dahlke 2014/11/03 04:58:16 Space after "szHeaders,".
211
212 auto acceptHeader = [&]() -> std::string
Felix Dahlke 2014/11/03 04:58:16 Looks like this could move up to be the first thin
348 { 213 {
349 auto acceptHeader = [&]() -> std::string 214 // Despite there is HTTP_QUERY_ACCEPT and other query info flags, they don't work here,
Felix Dahlke 2014/11/03 04:58:16 s/is/being/?
215 // only HTTP_QUERY_RAW_HEADERS_CRLF | HTTP_QUERY_FLAG_REQUEST_HEADERS does d ork.
216 ATL::CComPtr<IWinInetHttpInfo> winInetHttpInfo;
217 HRESULT hr = m_spTargetProtocol->QueryInterface(&winInetHttpInfo);
218 if(FAILED(hr))
Felix Dahlke 2014/11/03 04:58:16 Space before "(" please, also below.
350 { 219 {
351 // Despite there is HTTP_QUERY_ACCEPT and other query info flags, they don 't work here, 220 return "";
352 // only HTTP_QUERY_RAW_HEADERS_CRLF | HTTP_QUERY_FLAG_REQUEST_HEADERS does dork. 221 }
353 ATL::CComPtr<IWinInetHttpInfo> winInetHttpInfo; 222 DWORD size = 0;
354 HRESULT hr = m_spTargetProtocol->QueryInterface(&winInetHttpInfo); 223 DWORD flags = 0;
355 if(FAILED(hr)) 224 hr = winInetHttpInfo->QueryInfo(HTTP_QUERY_RAW_HEADERS_CRLF | HTTP_QUERY_FLA G_REQUEST_HEADERS,
225 /*buffer*/nullptr, /* get size */&size, &flags, /*reserved*/ 0);
Felix Dahlke 2014/11/03 04:58:16 How about /*get size*/ for consistency?
226 if(FAILED(hr))
227 {
228 return "";
229 }
230 std::string buf(size, '\0');
231 hr = winInetHttpInfo->QueryInfo(HTTP_QUERY_RAW_HEADERS_CRLF | HTTP_QUERY_FLA G_REQUEST_HEADERS,
Felix Dahlke 2014/11/03 04:58:16 Can you store the headers to retrieve in a variabl
232 &buf[0], &size, &flags, 0);
233 if(FAILED(hr))
234 {
235 return "";
236 }
237 return ExtractHTTPHeader<std::string>(buf, "Accept:", "\r\n");
238 }();
239 m_contentType = GetContentTypeFromMimeType(ATL::CString(acceptHeader.c_str())) ;
240 if (*pszAdditionalHeaders != 0)
241 {
242 m_boundDomain = ExtractHTTPHeader<std::wstring>(std::wstring(*pszAdditionalH eaders), L"Referer:", L"\n").c_str();
243 }
244 m_boundDomain = TrimString(m_boundDomain);
245 CPluginTab* tab = CPluginClass::GetTab(::GetCurrentThreadId());
246 CPluginClient* client = CPluginClient::GetInstance();
247
248 if (tab && client)
249 {
250 CString documentUrl = tab->GetDocumentUrl();
251 // Page is identical to document => don't block
252 if (documentUrl == ToCString(src))
253 {
254 return nativeHr;
255 }
256 else if (CPluginSettings::GetInstance()->IsPluginEnabled() && !client->IsWhi telistedUrl(std::wstring(documentUrl)))
257 {
258 if (tab->IsFrameCached(ToCString(src)))
356 { 259 {
357 return ""; 260 m_contentType = CFilter::contentTypeSubdocument;
358 } 261 }
359 DWORD size = 0;
360 DWORD flags = 0;
361 hr = winInetHttpInfo->QueryInfo(HTTP_QUERY_RAW_HEADERS_CRLF | HTTP_QUERY_F LAG_REQUEST_HEADERS,
362 /*buffer*/nullptr, /* get size */&size, &flags, /*reserved*/ 0);
363 if(FAILED(hr))
364 {
365 return "";
366 }
367 std::string buf(size, '\0');
368 hr = winInetHttpInfo->QueryInfo(HTTP_QUERY_RAW_HEADERS_CRLF | HTTP_QUERY_F LAG_REQUEST_HEADERS,
369 &buf[0], &size, &flags, 0);
370 if(FAILED(hr))
371 {
372 return "";
373 }
374 char acceptHeader[] = "Accept:";
375 auto acceptHeaderBeginsAt = buf.find(acceptHeader);
376 if (std::string::npos == acceptHeaderBeginsAt)
377 {
378 return "";
379 }
380 acceptHeaderBeginsAt += sizeof(acceptHeader);
381 auto acceptHeaderEndsAt = buf.find("\n", acceptHeaderBeginsAt);
382 if (std::string::npos == acceptHeaderEndsAt)
383 {
384 return "";
385 }
386 return buf.substr(acceptHeaderBeginsAt, acceptHeaderEndsAt - acceptHeaderB eginsAt);
387 }();
388 m_contentType = GetContentTypeFromMimeType(ATL::CString(acceptHeader.c_str() ));
389 bool isBlocked = client->ShouldBlock(szURL, m_contentType, m_boundDomain, /* debug flag but must be set*/true);
390 if (isBlocked)
391 {
392 m_blockedInTransaction = true;
393 return E_ABORT;
394 } 262 }
395 } 263 }
396 CComPtr<IHttpNegotiate> spHttpNegotiate; 264
397 QueryServiceFromClient(&spHttpNegotiate); 265 {
Felix Dahlke 2014/11/03 04:58:16 Also something I'd suggest to move to a dedicated
398 return spHttpNegotiate ? spHttpNegotiate->BeginningTransaction(szURL, szHeader s,dwReserved, pszAdditionalHeaders) : S_OK; 266 // Here is the heuristic which detects the requests issued by Flash.ocx.
267 // It turned out that the implementation from ''Flash.ocx'' (tested version is 15.0.0.152)
268 // returns quite minimal configuration in comparison with the implementation from Microsofts'
269 // libraries (see grfBINDF and bindInfo.dwOptions). The impl from MS often i ncludes something
270 // else.
271 ATL::CComPtr<IBindStatusCallback> bscb;
272 if (SUCCEEDED(QueryServiceFromClient(&bscb)) && !!bscb)
273 {
274 DWORD grfBINDF = 0;
275 BINDINFO bindInfo = {};
276 bindInfo.cbSize = sizeof(bindInfo);
277 if (SUCCEEDED(bscb->GetBindInfo(&grfBINDF, &bindInfo))
278 && (BINDF_ASYNCHRONOUS | BINDF_ASYNCSTORAGE| BINDF_PULLDATA) == grfBINDF
Felix Dahlke 2014/11/03 04:58:16 According to Mozilla's style, we should break afte
279 && (BINDINFO_OPTIONS_ENABLE_UTF8 | BINDINFO_OPTIONS_USE_IE_ENCODING) == bindInfo.dwOptions
280 )
281 {
282 m_contentType = CFilter::EContentType::contentTypeObjectSubrequest;
283 }
284 }
285 }
286
287 m_blockedInTransaction = client->ShouldBlock(szURL, m_contentType, m_boundDoma in, /*debug flag but must be set*/true);
288 if (m_blockedInTransaction)
289 {
290 return E_ABORT;
291 }
292 return nativeHr;
399 } 293 }
400 294
401 STDMETHODIMP WBPassthruSink::OnResponse(DWORD dwResponseCode, LPCWSTR szResponse Headers, LPCWSTR szRequestHeaders, LPWSTR *pszAdditionalRequestHeaders) 295 STDMETHODIMP WBPassthruSink::OnResponse(DWORD dwResponseCode, LPCWSTR szResponse Headers, LPCWSTR szRequestHeaders, LPWSTR *pszAdditionalRequestHeaders)
402 { 296 {
403 if (pszAdditionalRequestHeaders) 297 if (pszAdditionalRequestHeaders)
404 { 298 {
405 *pszAdditionalRequestHeaders = 0; 299 *pszAdditionalRequestHeaders = 0;
406 } 300 }
407 301
408 CComPtr<IHttpNegotiate> spHttpNegotiate; 302 CComPtr<IHttpNegotiate> spHttpNegotiate;
(...skipping 15 matching lines...) Expand all
424 // Current method is called by the original protocol implementation and we a re intercepting the 318 // Current method is called by the original protocol implementation and we a re intercepting the
425 // call here and eating it, we will call the proper ReportResult later by ou rself. 319 // call here and eating it, we will call the proper ReportResult later by ou rself.
426 return S_OK; 320 return S_OK;
427 } 321 }
428 return BaseClass::ReportResult(hrResult, dwError, szResult); 322 return BaseClass::ReportResult(hrResult, dwError, szResult);
429 } 323 }
430 324
431 325
432 WBPassthru::WBPassthru() 326 WBPassthru::WBPassthru()
433 : m_shouldSupplyCustomContent(false) 327 : m_shouldSupplyCustomContent(false)
434 , m_hasOriginalStartCalled(false)
435 { 328 {
436 } 329 }
437 330
438 STDMETHODIMP WBPassthru::Start(LPCWSTR szUrl, IInternetProtocolSink *pOIProtSink , 331 STDMETHODIMP WBPassthru::Start(LPCWSTR szUrl, IInternetProtocolSink *pOIProtSink ,
439 IInternetBindInfo *pOIBindInfo, DWORD grfPI, HANDLE_PTR dwReserved) 332 IInternetBindInfo *pOIBindInfo, DWORD grfPI, HANDLE_PTR dwReserved)
440 { 333 {
441 ATLASSERT(m_spInternetProtocol != 0); 334 ATLASSERT(m_spInternetProtocol != 0);
442 if (!m_spInternetProtocol) 335 if (!m_spInternetProtocol)
443 { 336 {
444 return E_UNEXPECTED; 337 return E_UNEXPECTED;
445 } 338 }
446 339
447 return OnStart(szUrl, pOIProtSink, pOIBindInfo, grfPI, dwReserved, m_spInterne tProtocol); 340 return OnStart(szUrl, pOIProtSink, pOIBindInfo, grfPI, dwReserved, m_spInterne tProtocol);
448 } 341 }
449 342
450 STDMETHODIMP WBPassthru::Read(/* [in, out] */ void *pv,/* [in] */ ULONG cb,/* [o ut] */ ULONG *pcbRead) 343 STDMETHODIMP WBPassthru::Read(/* [in, out] */ void *pv,/* [in] */ ULONG cb,/* [o ut] */ ULONG *pcbRead)
451 { 344 {
452 WBPassthruSink* pSink = GetSink(); 345 WBPassthruSink* pSink = GetSink();
453 return pSink->OnRead(pv, cb, pcbRead); 346 return pSink->OnRead(pv, cb, pcbRead);
454 } 347 }
455 348
456 STDMETHODIMP WBPassthru::LockRequest(/* [in] */ DWORD options) 349 STDMETHODIMP WBPassthru::LockRequest(/* [in] */ DWORD options)
457 { 350 {
458 if (!m_hasOriginalStartCalled)
459 {
460 return S_OK;
461 }
462 return BaseClass::LockRequest(options); 351 return BaseClass::LockRequest(options);
463 } 352 }
464 353
465 STDMETHODIMP WBPassthru::UnlockRequest() 354 STDMETHODIMP WBPassthru::UnlockRequest()
466 { 355 {
467 if (!m_hasOriginalStartCalled)
468 {
469 return S_OK;
470 }
471 return BaseClass::UnlockRequest(); 356 return BaseClass::UnlockRequest();
472 } 357 }
OLDNEW
« no previous file with comments | « src/plugin/PluginWbPassThrough.h ('k') | src/plugin/SinkPolicy.inl » ('j') | src/shared/Utils.h » ('J')

Powered by Google App Engine
This is Rietveld