1 // Copyright 2016 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CHROME_BROWSER_BROWSING_DATA_CHROME_BROWSING_DATA_REMOVER_DELEGATE_H_ 6 #define CHROME_BROWSER_BROWSING_DATA_CHROME_BROWSING_DATA_REMOVER_DELEGATE_H_ 7 8 #include <memory> 9 10 #include "base/callback_forward.h" 11 #include "base/memory/ref_counted.h" 12 #include "base/memory/weak_ptr.h" 13 #include "base/optional.h" 14 #include "base/synchronization/waitable_event_watcher.h" 15 #include "base/task/cancelable_task_tracker.h" 16 #include "build/build_config.h" 17 #include "chrome/common/buildflags.h" 18 #include "components/browsing_data/core/browsing_data_utils.h" 19 #include "components/keyed_service/core/keyed_service.h" 20 #include "components/nacl/common/buildflags.h" 21 #include "components/offline_pages/core/offline_page_model.h" 22 #include "content/public/browser/browsing_data_remover.h" 23 #include "content/public/browser/browsing_data_remover_delegate.h" 24 #include "extensions/buildflags/buildflags.h" 25 #include "media/media_buildflags.h" 26 #include "ppapi/buildflags/buildflags.h" 27 #include "services/network/public/mojom/network_context.mojom.h" 28 29 class Profile; 30 class WebappRegistry; 31 32 namespace content { 33 class BrowserContext; 34 } 35 36 namespace webrtc_event_logging { 37 class WebRtcEventLogManager; 38 } // namespace webrtc_event_logging 39 40 // A delegate used by BrowsingDataRemover to delete data specific to Chrome 41 // as the embedder. 42 class ChromeBrowsingDataRemoverDelegate 43 : public content::BrowsingDataRemoverDelegate, 44 public KeyedService 45 { 46 public: 47 // This is an extension of content::BrowsingDataRemover::RemoveDataMask which 48 // includes all datatypes therefrom and adds additional Chrome-specific ones. 49 enum DataType : uint64_t { 50 // Embedder can start adding datatypes after the last platform datatype. 51 DATA_TYPE_EMBEDDER_BEGIN = 52 content::BrowsingDataRemover::DATA_TYPE_CONTENT_END << 1, 53 54 // Chrome-specific datatypes. 55 DATA_TYPE_HISTORY = DATA_TYPE_EMBEDDER_BEGIN, 56 DATA_TYPE_FORM_DATA = DATA_TYPE_EMBEDDER_BEGIN << 1, 57 DATA_TYPE_PASSWORDS = DATA_TYPE_EMBEDDER_BEGIN << 2, 58 DATA_TYPE_PLUGIN_DATA = DATA_TYPE_EMBEDDER_BEGIN << 3, 59 #if defined(OS_ANDROID) 60 DATA_TYPE_WEB_APP_DATA = DATA_TYPE_EMBEDDER_BEGIN << 4, 61 #endif 62 DATA_TYPE_SITE_USAGE_DATA = DATA_TYPE_EMBEDDER_BEGIN << 5, 63 DATA_TYPE_DURABLE_PERMISSION = DATA_TYPE_EMBEDDER_BEGIN << 6, 64 DATA_TYPE_EXTERNAL_PROTOCOL_DATA = DATA_TYPE_EMBEDDER_BEGIN << 7, 65 DATA_TYPE_HOSTED_APP_DATA_TEST_ONLY = DATA_TYPE_EMBEDDER_BEGIN << 8, 66 DATA_TYPE_CONTENT_SETTINGS = DATA_TYPE_EMBEDDER_BEGIN << 9, 67 DATA_TYPE_BOOKMARKS = DATA_TYPE_EMBEDDER_BEGIN << 10, 68 DATA_TYPE_ISOLATED_ORIGINS = DATA_TYPE_EMBEDDER_BEGIN << 11, 69 DATA_TYPE_ACCOUNT_PASSWORDS = DATA_TYPE_EMBEDDER_BEGIN << 12, 70 DATA_TYPE_LOCAL_CUSTOM_DICTIONARY = DATA_TYPE_EMBEDDER_BEGIN << 13, 71 72 // Group datatypes. 73 74 // "Site data" includes storage backend accessible to websites and some 75 // additional metadata kept by the browser (e.g. site usage data). 76 DATA_TYPE_SITE_DATA = 77 content::BrowsingDataRemover::DATA_TYPE_COOKIES | 78 content::BrowsingDataRemover::DATA_TYPE_DOM_STORAGE | 79 content::BrowsingDataRemover::DATA_TYPE_MEDIA_LICENSES | 80 DATA_TYPE_PLUGIN_DATA | 81 #if defined(OS_ANDROID) 82 DATA_TYPE_WEB_APP_DATA | 83 #endif 84 DATA_TYPE_SITE_USAGE_DATA | DATA_TYPE_DURABLE_PERMISSION | 85 DATA_TYPE_EXTERNAL_PROTOCOL_DATA | DATA_TYPE_ISOLATED_ORIGINS | 86 content::BrowsingDataRemover::DATA_TYPE_TRUST_TOKENS | 87 content::BrowsingDataRemover::DATA_TYPE_CONVERSIONS, 88 89 // Datatypes protected by Important Sites. 90 IMPORTANT_SITES_DATA_TYPES = 91 DATA_TYPE_SITE_DATA | content::BrowsingDataRemover::DATA_TYPE_CACHE, 92 93 // Datatypes that can be deleted partially per URL / origin / domain, 94 // whichever makes sense. 95 FILTERABLE_DATA_TYPES = DATA_TYPE_SITE_DATA | 96 content::BrowsingDataRemover::DATA_TYPE_CACHE | 97 content::BrowsingDataRemover::DATA_TYPE_DOWNLOADS, 98 99 // Datatypes with account-scoped data that needs to be removed 100 // before Google cookies are deleted. 101 DEFERRED_COOKIE_DELETION_DATA_TYPES = DATA_TYPE_ACCOUNT_PASSWORDS, 102 103 // Includes all the available remove options. Meant to be used by clients 104 // that wish to wipe as much data as possible from a Profile, to make it 105 // look like a new Profile. Does not delete account-scoped data like 106 // passwords but will remove access to account-scoped data by signing the 107 // user out. 108 109 ALL_DATA_TYPES = DATA_TYPE_SITE_DATA | // 110 content::BrowsingDataRemover::DATA_TYPE_CACHE | 111 content::BrowsingDataRemover::DATA_TYPE_DOWNLOADS | 112 DATA_TYPE_FORM_DATA | // 113 DATA_TYPE_HISTORY | // 114 DATA_TYPE_PASSWORDS | // 115 DATA_TYPE_CONTENT_SETTINGS | // 116 DATA_TYPE_BOOKMARKS | // 117 DATA_TYPE_LOCAL_CUSTOM_DICTIONARY, 118 119 // Includes all available remove options. Meant to be used when the Profile 120 // is scheduled to be deleted, and all possible data should be wiped from 121 // disk as soon as possible. 122 WIPE_PROFILE = 123 ALL_DATA_TYPES | content::BrowsingDataRemover::DATA_TYPE_NO_CHECKS, 124 }; 125 126 // This is an extension of content::BrowsingDataRemover::OriginType which 127 // includes all origin types therefrom and adds additional Chrome-specific 128 // ones. 129 enum OriginType : uint64_t { 130 // Embedder can start adding origin types after the last 131 // platform origin type. 132 ORIGIN_TYPE_EMBEDDER_BEGIN = 133 content::BrowsingDataRemover::ORIGIN_TYPE_CONTENT_END << 1, 134 135 #if BUILDFLAG(ENABLE_EXTENSIONS) 136 // Packaged apps and extensions (chrome-extension://*). 137 ORIGIN_TYPE_EXTENSION = ORIGIN_TYPE_EMBEDDER_BEGIN, 138 #endif 139 140 // All origin types. 141 ALL_ORIGIN_TYPES = 142 content::BrowsingDataRemover::ORIGIN_TYPE_UNPROTECTED_WEB | 143 #if BUILDFLAG(ENABLE_EXTENSIONS) 144 ORIGIN_TYPE_EXTENSION | 145 #endif 146 content::BrowsingDataRemover::ORIGIN_TYPE_PROTECTED_WEB, 147 }; 148 149 // Important sites protect a small set of sites from the deletion of certain 150 // datatypes. Therefore, those datatypes must be filterable by 151 // url/origin/domain. 152 static_assert((IMPORTANT_SITES_DATA_TYPES & ~FILTERABLE_DATA_TYPES) == 0, 153 "All important sites datatypes must be filterable."); 154 155 static_assert((DEFERRED_COOKIE_DELETION_DATA_TYPES & FILTERABLE_DATA_TYPES) == 156 0, 157 "Deferred deletion is currently not implemented for filterable " 158 "data types"); 159 160 static_assert((DEFERRED_COOKIE_DELETION_DATA_TYPES & WIPE_PROFILE) == 0, 161 "Account data should not be included in deletions that remove " 162 "all local data"); 163 164 explicit ChromeBrowsingDataRemoverDelegate( 165 content::BrowserContext* browser_context); 166 ~ChromeBrowsingDataRemoverDelegate() override; 167 168 // KeyedService: 169 void Shutdown() override; 170 171 // BrowsingDataRemoverDelegate: 172 content::BrowsingDataRemoverDelegate::EmbedderOriginTypeMatcher 173 GetOriginTypeMatcher() override; 174 bool MayRemoveDownloadHistory() override; 175 std::vector<std::string> GetDomainsForDeferredCookieDeletion( 176 uint64_t remove_mask) override; 177 void RemoveEmbedderData( 178 const base::Time& delete_begin, 179 const base::Time& delete_end, 180 uint64_t remove_mask, 181 content::BrowsingDataFilterBuilder* filter_builder, 182 uint64_t origin_type_mask, 183 base::OnceCallback<void(/*failed_data_types=*/uint64_t)> callback) 184 override; 185 186 #if defined(OS_ANDROID) 187 void OverrideWebappRegistryForTesting( 188 std::unique_ptr<WebappRegistry> webapp_registry); 189 #endif 190 191 using DomainReliabilityClearer = base::RepeatingCallback<void( 192 content::BrowsingDataFilterBuilder* filter_builder, 193 network::mojom::NetworkContext_DomainReliabilityClearMode, 194 network::mojom::NetworkContext::ClearDomainReliabilityCallback)>; 195 void OverrideDomainReliabilityClearerForTesting( 196 DomainReliabilityClearer clearer); 197 198 private: 199 using WebRtcEventLogManager = webrtc_event_logging::WebRtcEventLogManager; 200 201 // For debugging purposes. Please add new deletion tasks at the end. 202 // This enum is recorded in a histogram, so don't change or reuse ids. 203 // Entries must also be added to ChromeBrowsingDataRemoverTasks in enums.xml. 204 enum class TracingDataType { 205 kSynchronous = 1, 206 kHistory = 2, 207 kHostNameResolution = 3, 208 kNaclCache = 4, 209 kPnaclCache = 5, 210 kAutofillData = 6, 211 kAutofillOrigins = 7, 212 kPluginData = 8, 213 kFlashLsoHelper = 9, // deprecated 214 kDomainReliability = 10, 215 kNetworkPredictor = 11, 216 kWebrtcLogs = 12, 217 kVideoDecodeHistory = 13, 218 kCookies = 14, 219 kPasswords = 15, 220 kHttpAuthCache = 16, 221 kDisableAutoSignin = 17, 222 kPasswordsStatistics = 18, 223 kKeywordsModel = 19, 224 kReportingCache = 20, 225 kNetworkErrorLogging = 21, 226 kFlashDeauthorization = 22, 227 kOfflinePages = 23, 228 kPrecache = 24, 229 kExploreSites = 25, 230 kLegacyStrikes = 26, 231 kWebrtcEventLogs = 27, 232 kDrmLicenses = 28, 233 kHostCache = 29, 234 kTpmAttestationKeys = 30, 235 kStrikes = 31, 236 kLeakedCredentials = 32, // deprecated 237 kFieldInfo = 33, 238 kCompromisedCredentials = 34, 239 kUserDataSnapshot = 35, 240 kMediaFeeds = 36, 241 kAccountPasswords = 37, 242 kAccountPasswordsSynced = 38, 243 kAccountCompromisedCredentials = 39, 244 kMaxValue = kAccountCompromisedCredentials, 245 }; 246 247 // Called by CreateTaskCompletionClosure(). 248 void OnTaskStarted(TracingDataType data_type); 249 250 // Called by the closures returned by CreateTaskCompletionClosure(). 251 // Checks if all tasks have completed, and if so, calls callback_. 252 void OnTaskComplete(TracingDataType data_type, 253 uint64_t data_type_mask, 254 bool success); 255 256 // Increments the number of pending tasks by one, and returns a OnceClosure 257 // that calls OnTaskComplete(). The Remover is complete once all the closures 258 // created by this method have been invoked. 259 base::OnceClosure CreateTaskCompletionClosure(TracingDataType data_type); 260 // Like CreateTaskCompletionClosure(), but allows tracking success/failure of 261 // the task. If |success = false| is passed to the callback, |data_type_mask| 262 // will be added to |failed_data_types_|. 263 base::OnceCallback<void(bool /* success */)> CreateTaskCompletionCallback( 264 TracingDataType data_type, 265 uint64_t data_type_mask); 266 267 // Same as CreateTaskCompletionClosure() but guarantees that 268 // OnTaskComplete() is called if the task is dropped. That can typically 269 // happen when the connection is closed while an interface call is made. 270 base::OnceClosure CreateTaskCompletionClosureForMojo( 271 TracingDataType data_type); 272 273 // Records unfinished tasks from |pending_sub_tasks_| after a delay. 274 void RecordUnfinishedSubTasks(); 275 276 // A helper method that checks if time period is for "all time". 277 bool IsForAllTime() const; 278 279 #if defined(OS_CHROMEOS) 280 void OnClearPlatformKeys(base::OnceClosure done, bool); 281 #endif 282 283 #if BUILDFLAG(ENABLE_PLUGINS) 284 // Called when plugin data has been cleared. Invokes NotifyIfDone. 285 void OnWaitableEventSignaled(base::OnceClosure done, 286 base::WaitableEvent* waitable_event); 287 #endif 288 289 // The profile for which the data will be deleted. 290 Profile* profile_; 291 292 // Start time to delete from. 293 base::Time delete_begin_; 294 295 // End time to delete to. 296 base::Time delete_end_; 297 298 // Completion callback to call when all data are deleted. 299 base::OnceCallback<void(uint64_t)> callback_; 300 301 // Records which tasks of a deletion are currently active. 302 std::set<TracingDataType> pending_sub_tasks_; 303 304 uint64_t failed_data_types_ = 0; 305 306 // Fires after some time to track slow tasks. Cancelled when all tasks 307 // are finished. 308 base::CancelableClosure slow_pending_tasks_closure_; 309 310 DomainReliabilityClearer domain_reliability_clearer_; 311 312 // Used if we need to clear history. 313 base::CancelableTaskTracker history_task_tracker_; 314 315 #if defined(OS_ANDROID) 316 // WebappRegistry makes calls across the JNI. In unit tests, the Java side is 317 // not initialised, so the registry must be mocked out. 318 std::unique_ptr<WebappRegistry> webapp_registry_; 319 #endif 320 321 bool should_clear_password_account_storage_settings_ = false; 322 323 base::WeakPtrFactory<ChromeBrowsingDataRemoverDelegate> weak_ptr_factory_{ 324 this}; 325 326 DISALLOW_COPY_AND_ASSIGN(ChromeBrowsingDataRemoverDelegate); 327 }; 328 329 #endif // CHROME_BROWSER_BROWSING_DATA_CHROME_BROWSING_DATA_REMOVER_DELEGATE_H_ 330