1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "extensions/browser/updater/manifest_fetch_data.h"
6
7 #include <vector>
8
9 #include "base/check.h"
10 #include "base/metrics/histogram_macros.h"
11 #include "base/notreached.h"
12 #include "base/strings/string_number_conversions.h"
13 #include "base/strings/string_util.h"
14 #include "base/strings/stringprintf.h"
15 #include "extensions/browser/disable_reason.h"
16 #include "net/base/escape.h"
17
18 namespace extensions {
19
20 namespace {
21
22 // Maximum length of an extension manifest update check url, since it is a GET
23 // request. We want to stay under 2K because of proxies, etc.
24 const int kExtensionsManifestMaxURLSize = 2000;
25
26 // Strings to report the manifest location in Omaha update pings. Please use
27 // strings with no capitalization, spaces or underscorse.
28 const char kInternalLocation[] = "internal";
29 const char kExternalLocation[] = "external";
30 const char kPolicyLocation[] = "policy";
31 const char kOtherLocation[] = "other";
32 const char kInvalidLocation[] = "invalid";
33
AddEnabledStateToPing(std::string * ping_value,const ManifestFetchData::PingData * ping_data)34 void AddEnabledStateToPing(std::string* ping_value,
35 const ManifestFetchData::PingData* ping_data) {
36 *ping_value += "&e=" + std::string(ping_data->is_enabled ? "1" : "0");
37 if (!ping_data->is_enabled) {
38 // Add a dr=<number> param for each bit set in disable reasons.
39 for (int enum_value = 1; enum_value < disable_reason::DISABLE_REASON_LAST;
40 enum_value <<= 1) {
41 if (ping_data->disable_reasons & enum_value)
42 *ping_value += "&dr=" + base::NumberToString(enum_value);
43 }
44 }
45 }
46
47 } // namespace
48
ExtensionData()49 ManifestFetchData::ExtensionData::ExtensionData() : version(base::Version()) {}
50
51 ManifestFetchData::ExtensionData::ExtensionData(const ExtensionData& other) =
52 default;
53
ExtensionData(const base::Version & version,const std::string & update_url_data,const std::string & install_source,Manifest::Location extension_location)54 ManifestFetchData::ExtensionData::ExtensionData(
55 const base::Version& version,
56 const std::string& update_url_data,
57 const std::string& install_source,
58 Manifest::Location extension_location)
59 : version(version),
60 update_url_data(update_url_data),
61 install_source(install_source),
62 extension_location(extension_location) {}
63
64 ManifestFetchData::ExtensionData::~ExtensionData() = default;
65
66 // static
GetSimpleLocationString(Manifest::Location loc)67 std::string ManifestFetchData::GetSimpleLocationString(Manifest::Location loc) {
68 std::string result = kInvalidLocation;
69 switch (loc) {
70 case Manifest::INTERNAL:
71 result = kInternalLocation;
72 break;
73 case Manifest::EXTERNAL_PREF:
74 case Manifest::EXTERNAL_PREF_DOWNLOAD:
75 case Manifest::EXTERNAL_REGISTRY:
76 result = kExternalLocation;
77 break;
78 case Manifest::COMPONENT:
79 case Manifest::EXTERNAL_COMPONENT:
80 case Manifest::UNPACKED:
81 case Manifest::COMMAND_LINE:
82 result = kOtherLocation;
83 break;
84 case Manifest::EXTERNAL_POLICY_DOWNLOAD:
85 case Manifest::EXTERNAL_POLICY:
86 result = kPolicyLocation;
87 break;
88 case Manifest::INVALID_LOCATION:
89 case Manifest::NUM_LOCATIONS:
90 NOTREACHED();
91 break;
92 }
93
94 return result;
95 }
96
ManifestFetchData(const GURL & update_url,int request_id,const std::string & brand_code,const std::string & base_query_params,PingMode ping_mode,FetchPriority fetch_priority)97 ManifestFetchData::ManifestFetchData(const GURL& update_url,
98 int request_id,
99 const std::string& brand_code,
100 const std::string& base_query_params,
101 PingMode ping_mode,
102 FetchPriority fetch_priority)
103 : base_url_(update_url),
104 full_url_(update_url),
105 brand_code_(brand_code),
106 ping_mode_(ping_mode),
107 fetch_priority_(fetch_priority),
108 is_all_external_policy_download_(false) {
109 UpdateFullUrl(base_query_params);
110 request_ids_.insert(request_id);
111 }
112
113 ManifestFetchData::~ManifestFetchData() = default;
114
115 // The format for request parameters in update checks is:
116 //
117 // ?x=EXT1_INFO&x=EXT2_INFO
118 //
119 // where EXT1_INFO and EXT2_INFO are url-encoded strings of the form:
120 //
121 // id=EXTENSION_ID&v=VERSION&uc
122 //
123 // Provide ping data with the parameter ping=PING_DATA where PING_DATA
124 // looks like r=DAYS or a=DAYS for extensions in the Chrome extensions gallery.
125 // ('r' refers to 'roll call' ie installation, and 'a' refers to 'active').
126 // These values will each be present at most once every 24 hours, and indicate
127 // the number of days since the last time it was present in an update check.
128 //
129 // So for two extensions like:
130 // Extension 1- id:aaaa version:1.1
131 // Extension 2- id:bbbb version:2.0
132 //
133 // the full update url would be:
134 // http://somehost/path?x=id%3Daaaa%26v%3D1.1%26uc&x=id%3Dbbbb%26v%3D2.0%26uc
135 //
136 // (Note that '=' is %3D and '&' is %26 when urlencoded.)
AddExtension(const std::string & id,const std::string & version,const PingData * ping_data,const std::string & update_url_data,const std::string & install_source,Manifest::Location extension_location,FetchPriority fetch_priority)137 bool ManifestFetchData::AddExtension(const std::string& id,
138 const std::string& version,
139 const PingData* ping_data,
140 const std::string& update_url_data,
141 const std::string& install_source,
142 Manifest::Location extension_location,
143 FetchPriority fetch_priority) {
144 DCHECK(!is_all_external_policy_download_ ||
145 extension_location == Manifest::Location::EXTERNAL_POLICY_DOWNLOAD);
146 if (extensions_data_.find(id) != extensions_data_.end()) {
147 NOTREACHED() << "Duplicate extension id " << id;
148 return false;
149 }
150
151 if (fetch_priority_ != FOREGROUND) {
152 fetch_priority_ = fetch_priority;
153 }
154
155 const std::string install_location =
156 GetSimpleLocationString(extension_location);
157
158 // Compute the string we'd append onto the full_url_, and see if it fits.
159 std::vector<std::string> parts;
160 parts.push_back("id=" + id);
161 parts.push_back("v=" + version);
162 if (!install_source.empty())
163 parts.push_back("installsource=" + install_source);
164 if (!install_location.empty())
165 parts.push_back("installedby=" + install_location);
166 parts.push_back("uc");
167
168 if (!update_url_data.empty()) {
169 // Make sure the update_url_data string is escaped before using it so that
170 // there is no chance of overriding the id or v other parameter value
171 // we place into the x= value.
172 parts.push_back("ap=" + net::EscapeQueryParamValue(update_url_data, true));
173 }
174
175 // Append brand code, rollcall and active ping parameters.
176 if (ping_mode_ != NO_PING) {
177 if (!brand_code_.empty())
178 parts.push_back(base::StringPrintf("brand=%s", brand_code_.c_str()));
179
180 std::string ping_value;
181 pings_[id] = PingData(0, 0, false, 0);
182 if (ping_data) {
183 if (ping_data->rollcall_days == kNeverPinged ||
184 ping_data->rollcall_days > 0) {
185 ping_value += "r=" + base::NumberToString(ping_data->rollcall_days);
186 if (ping_mode_ == PING_WITH_ENABLED_STATE)
187 AddEnabledStateToPing(&ping_value, ping_data);
188 pings_[id].rollcall_days = ping_data->rollcall_days;
189 pings_[id].is_enabled = ping_data->is_enabled;
190 }
191 if (ping_data->active_days == kNeverPinged ||
192 ping_data->active_days > 0) {
193 if (!ping_value.empty())
194 ping_value += "&";
195 ping_value += "a=" + base::NumberToString(ping_data->active_days);
196 pings_[id].active_days = ping_data->active_days;
197 }
198 }
199 if (!ping_value.empty())
200 parts.push_back("ping=" + net::EscapeQueryParamValue(ping_value, true));
201 }
202
203 std::string extra = full_url_.has_query() ? "&" : "?";
204 extra +=
205 "x=" + net::EscapeQueryParamValue(base::JoinString(parts, "&"), true);
206
207 // Check against our max url size, exempting the first extension added.
208 int new_size = full_url_.possibly_invalid_spec().size() + extra.size();
209 if (!extensions_data_.empty() && new_size > kExtensionsManifestMaxURLSize) {
210 UMA_HISTOGRAM_PERCENTAGE("Extensions.UpdateCheckHitUrlSizeLimit", 1);
211 return false;
212 }
213 UMA_HISTOGRAM_PERCENTAGE("Extensions.UpdateCheckHitUrlSizeLimit", 0);
214
215 // We have room so go ahead and add the extension.
216 extensions_data_[id] = ExtensionData(base::Version(version), update_url_data,
217 install_source, extension_location);
218 full_url_ = GURL(full_url_.possibly_invalid_spec() + extra);
219 return true;
220 }
221
UpdateFullUrl(const std::string & base_query_params)222 void ManifestFetchData::UpdateFullUrl(const std::string& base_query_params) {
223 std::string query =
224 full_url_.has_query() ? full_url_.query() + "&" : std::string();
225 query += base_query_params;
226 GURL::Replacements replacements;
227 replacements.SetQueryStr(query);
228 full_url_ = full_url_.ReplaceComponents(replacements);
229 }
230
RemoveExtensions(const ExtensionIdSet & id_to_remove,const std::string & base_query_params)231 void ManifestFetchData::RemoveExtensions(const ExtensionIdSet& id_to_remove,
232 const std::string& base_query_params) {
233 const std::map<ExtensionId, ExtensionData> extensions_data =
234 std::move(extensions_data_);
235 extensions_data_.clear();
236 full_url_ = base_url_;
237 UpdateFullUrl(base_query_params);
238
239 for (const auto& data : extensions_data) {
240 const ExtensionId& extension_id = data.first;
241 if (id_to_remove.count(extension_id))
242 continue;
243 const ExtensionData& extension_data = data.second;
244 auto it = pings_.find(extension_id);
245 const PingData* optional_ping_data =
246 it != pings_.end() ? &(it->second) : nullptr;
247 AddExtension(extension_id, extension_data.version.GetString(),
248 optional_ping_data, extension_data.update_url_data,
249 extension_data.install_source,
250 extension_data.extension_location, fetch_priority_);
251 }
252 }
253
GetExtensionIds() const254 ExtensionIdSet ManifestFetchData::GetExtensionIds() const {
255 ExtensionIdSet extension_ids;
256 for (const auto& extension_data : extensions_data_)
257 extension_ids.insert(extension_data.first);
258 return extension_ids;
259 }
260
Includes(const std::string & extension_id) const261 bool ManifestFetchData::Includes(const std::string& extension_id) const {
262 return extensions_data_.find(extension_id) != extensions_data_.end();
263 }
264
DidPing(const std::string & extension_id,PingType type) const265 bool ManifestFetchData::DidPing(const std::string& extension_id,
266 PingType type) const {
267 auto i = pings_.find(extension_id);
268 if (i == pings_.end())
269 return false;
270 int value = 0;
271 if (type == ROLLCALL)
272 value = i->second.rollcall_days;
273 else if (type == ACTIVE)
274 value = i->second.active_days;
275 else
276 NOTREACHED();
277 return value == kNeverPinged || value > 0;
278 }
279
Merge(const ManifestFetchData & other)280 void ManifestFetchData::Merge(const ManifestFetchData& other) {
281 DCHECK(full_url() == other.full_url());
282 if (fetch_priority_ != FOREGROUND) {
283 fetch_priority_ = other.fetch_priority_;
284 }
285 request_ids_.insert(other.request_ids_.begin(), other.request_ids_.end());
286 }
287
set_is_all_external_policy_download()288 void ManifestFetchData::set_is_all_external_policy_download() {
289 is_all_external_policy_download_ = true;
290 }
291
292 } // namespace extensions
293