// Copyright 2017 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. module network.mojom; import "mojo/public/mojom/base/file.mojom"; import "mojo/public/mojom/base/file_path.mojom"; import "mojo/public/mojom/base/read_only_buffer.mojom"; import "mojo/public/mojom/base/string16.mojom"; import "mojo/public/mojom/base/values.mojom"; import "services/network/public/mojom/cookie_manager.mojom"; import "services/network/public/mojom/network_change_manager.mojom"; import "services/network/public/mojom/network_context.mojom"; import "services/network/public/mojom/network_param.mojom"; import "services/network/public/mojom/network_quality_estimator_manager.mojom"; import "services/network/public/mojom/signed_tree_head.mojom"; import "services/network/public/mojom/url_loader.mojom"; import "services/network/public/mojom/url_loader_factory.mojom"; import "url/mojom/origin.mojom"; import "url/mojom/url.mojom"; // The content/browser implementation of this SSLPrivateKey interface wraps the // scoped_refptr that is received from // SSLClientAuthDelegate::ContinueWithCertificate(), and this mojo interface is // sent from content/browser to services/network so that services/network can // have its own net::SSLPrivateKey implementation that internally uses this mojo // interface. // The |algorithm| and |input| parameters correspond to the |algorithm| and // |input| parameters in net::SSLPrivateKey::Sign(). // The |net_error| and |signature| parameters correspond to the parameters in // net::SSLPrivateKey::SignCallback. interface SSLPrivateKey { Sign(uint16 algorithm, array input) => (int32 net_error, array signature); }; // The |credentials| output parameter is given to URLRequest::SetAuth() // through this mojo interface. It is not set when URLRequest::CancelAuth() // needs to be called. interface AuthChallengeResponder { OnAuthCredentials(AuthCredentials? credentials); }; struct LoadInfo { uint32 process_id; uint32 routing_id; string host; uint32 load_state; // net::LoadState enum mojo_base.mojom.String16 state_param; uint64 upload_position; uint64 upload_size; }; // Network service interface to the browser. interface NetworkServiceClient { // Called when we receive an authentication failure. // The |auth_challenge_responder| will respond to auth challenge with // credentials. |head| can provide response headers for the response // which has elicited this auth request, if applicable. OnAuthRequired(uint32 process_id, uint32 routing_id, uint32 request_id, url.mojom.Url url, url.mojom.Url site_for_cookies, bool first_auth_attempt, AuthChallengeInfo auth_info, int32 resource_type, URLResponseHead? head, AuthChallengeResponder auth_challenge_responder); // Called when an SSL certificate requested message is received for client // authentication. // The |algorithm_preferences| parameter corresponds to the return value // of net::SSLPrivateKey::GetAlgorithmPreferences(). // The |cancel_certificate_selection| parameter is used to distinguish // between the following two cases because the |x509_certificate| will be // nullptr in both cases: // 1. The connection is continued with no client cert, // net::URLRequest::ContinueWithCertificate(nullptr, nullptr) needs to be // called. // 2. The request is aborted, net::URLRequest::CancelWithError() needs to be // called. OnCertificateRequested(uint32 process_id, uint32 routing_id, uint32 request_id, network.mojom.SSLCertRequestInfo cert_info) => ( network.mojom.X509Certificate x509_certificate, array algorithm_preferences, SSLPrivateKey ssl_private_key, bool cancel_certificate_selection); // Called when an SSL certificate is encountered. // The callback argument is a net::ERROR value. If it's net::OK, then the // request is resumed. Otherwise it's cancelled with the given error. OnSSLCertificateError(uint32 process_id, uint32 routing_id, uint32 request_id, int32 resource_type, url.mojom.Url url, SSLInfo ssl_info, bool fatal) => (int32 net_error); // Called when file uploading was requested. // If the process that requested the uploads has permission to read all of // the files referenced by |file_paths|, the callback arguments will be // net::OK, along with an array of open file handles. The array will contain // exactly one handle for each path in |file_paths|, in the same order. // If any files referenced by |file_paths| cannot be read, a net::ERROR will // be returned, and |files| will be an empty list. If the |async| parameter // is true, the files will be opened with FLAG_ASYNC. OnFileUploadRequested(uint32 process_id, bool async, array file_paths) => (int32 net_error, array files); // Called when an attempt has been made to set |cookie|. OnCookieChange( int32 process_id, int32 routing_id, url.mojom.Url url, url.mojom.Url frame_url, CanonicalCookie cookie, bool blocked_by_policy); // Called when an attempt has been made to read the cookies in |cookie_list|. OnCookiesRead( int32 process_id, int32 routing_id, url.mojom.Url url, url.mojom.Url frame_url, array cookie_list, bool blocked_by_policy); // Called periodically to update the client about progress of the current // loads. To avoid flooding the client, it has to ack the update before it can // receive the next update. OnLoadingStateUpdate(array infos) => (); // Called when the Clear-Site-Data header has been received. The callback // should be run after the data is deleted. // https://www.w3.org/TR/clear-site-data/ // TODO(crbug.com/876931): We might want to move header parsing work to // Network Service for security concerns (e.g. |header_value| => booleans). OnClearSiteData(int32 process_id, int32 routing_id, url.mojom.Url url, string header_value, int32 load_flags) => (); }; // An HTTPS server to send DNS queries to, per the DNS Queries over HTTPS spec. // spec: https://tools.ietf.org/html/draft-ietf-doh-dns-over-https-12 struct DnsOverHttpsServer { // DNS over HTTPS server URI template. Must be HTTPS. string server_template; // Whether to use POST to do DNS lookups. Otherwise, GET is used. See spec // for more details. bool use_post = false; }; // Values for configuring HTTP authentication that can only be set once. struct HttpAuthStaticParams { // List of supported auth schemes. Unrecognized schemes are ignored. // The default value of this field (an empty list) does not match default // behavior of NetworkService when no HttpAuthStaticParams is specified. array supported_schemes; // File name the GSSAPI library to load. Only supported on // (OS_POSIX && !OS_ANDROID && !OS_CHROMEOS && OS_IOS) platforms. string gssapi_library_name; // Indicates whether the GSSAPI library should be loaded. Only supported on // ChromeOS. bool allow_gssapi_library_load = true; }; // Values for configurating HTTP authentication that can be changed as needed. struct HttpAuthDynamicParams { // Comma / semi-colon delimited whitelist of server origins which the network // service may send the default credentials for NTLM or Negotiate // authentication. string server_whitelist; // Comma / semi-colon delimited whitelist of server origins for which Kerberos // delegation is allowed for NTLM or Negotiate authentication. string delegate_whitelist; // True if canonical hostnames should be resolved when using Negotiate. bool negotiate_disable_cname_lookup = false; // True if Negotiate SPNs (service principal names) should include ports // when the port isn't a standard port (80 or 443). bool enable_negotiate_port = true; // Whether NTLM V2 is enabled on POSIX platforms. No effect elsewhere. bool ntlm_v2_enabled = false; // The AccountManager AccountManagerget.AccountsByTypeAndFeatures on Android // when using Negotiate authentication. string android_negotiate_account_type; }; // Values for configuring OSCrypt. [EnableIf=needs_crypt_config] struct CryptConfig { // Force OSCrypt to use a specific linux password store. string store; // The product name to use for permission prompts. string product_name; // Controls whether preference on using or ignoring backends is used. bool should_use_preference; // Preferences are stored in a separate file in the user data directory. mojo_base.mojom.FilePath user_data_path; }; // Browser interface to the network service. interface NetworkService { // Sets client used by all |NetworkContext|s creating by |NetworkService|. // Pending requests may hang if the |client| pipe is closed before they // complete. SetClient(NetworkServiceClient client); // Starts observing the NetLog event stream and writing entries to |file|. // |constants| is a legend used for decoding constant values in the log; it // will be merged with the |GetNetConstants()| dictionary before being passed // through to the FileObserver. (See |FileNetLogObserver::CreateBounded()| // for more details). Most clients will just be adding a dictionary under // the key "clientInfo". StartNetLog(mojo_base.mojom.File file, mojo_base.mojom.DictionaryValue constants); // Creates a new network context with the given parameters. CreateNetworkContext(NetworkContext& context, NetworkContextParams params); // Configures whether the built-in stub host resolver is used in preference // over getaddrinfo. When enabled, the stub resolver will attempt to use the // system's DNS settings to do DNS lookups itself. See // https://tools.ietf.org/html/rfc1034#section-5.3.1 for definition of a stub // resolver. // // |dns_over_https_servers| is an optional list of DNS over HTTPS servers. // When populated, all DNS lookups will try to use DNS over HTTPS in the order // the servers are provided in and will only fall back to using system // settings if DNS over HTTPS fails. It is illegal to have a populated // |dns_over_https_servers| when |stub_resolver_enabled| is false. // // DNS over HTTPS will use the primary NetworkContext, so can only be enabled // after the primary network context has been created. Other than that // limitation, this method can be called at any time to change DNS // configuration, though calling it will fail any DNS lookups that have // already been started. // // Both the stub resolver and DNS over HTTPS are disabled by default. ConfigureStubHostResolver(bool stub_resolver_enabled, array? dns_over_https_servers); // Disables QUIC for the NetworkService. Affects all existing NetworkContexts, // and all new ones that are created. Once called, QUIC cannot be re-enabled. DisableQuic(); // Configures HTTP authentication for all NetworkContexts created using the // NetworkService. May only be called at most once, and may only be called // before any NetworkContexts are created. // // If this method is not invoked, default values will be used (which currently // allow all supported schemes on the current platform). SetUpHttpAuth(HttpAuthStaticParams http_auth_static_params); // Sets global auth params. Unlike SetUpAuth(), may be called multiple times, // at any point in time. Affects all NetworkContexts, both already existing // one and subsequently created ones. ConfigureHttpAuthPrefs(HttpAuthDynamicParams http_auth_dynamic_params); // Specifies whether requests for raw headers coming through URLLoaderFactory // associated with the specified process will be granted. Granting such a // permission increases risks in case the child process becomes compromised, // so this should be done only in specific cases (e.g. DevTools attached). SetRawHeadersAccess(uint32 process_id, bool allow); // Gets the NetworkChangeManager. GetNetworkChangeManager( NetworkChangeManager& network_change_manager); // Gets the NetworkQualityEstimatorManager. GetNetworkQualityEstimatorManager( NetworkQualityEstimatorManager& network_quality_estimator_manager); // Gets the accumulated network usage since the start/restart of the service. GetTotalNetworkUsages() => (array total_network_usages); // Updates Signed Tree Heads (STH) used in the handling of Certificate // Transparency. Broadcast to each NetworkContext using the NetworkService. // NetworkContextes ignore STHs from unrecognized logs. UpdateSignedTreeHead(SignedTreeHead signed_tree_head); // Updates the CRLSet used in the verification of certificates. CRLSets that // cannot be parsed using net::CRLSet::Parse will be ignored, as will older // CRLSets (where older is determined by the sequence number). All Network // Contexts created by the Network Service, including those created after // this call, will use the same CRLSet. UpdateCRLSet(mojo_base.mojom.ReadOnlyBuffer crl_set); // Sets up OSCrypt for the network service process. Must be called before // encrypted cookies can be read or set. [EnableIf=needs_crypt_config] SetCryptConfig(CryptConfig crypt_config); // Send the encryption key to the network service to use for AES encryption. [EnableIf=is_mac] SetEncryptionKey(string encryption_key); // Notifies CORB (Cross-Origin Read Blocking) that |process_id| is proxying // requests on behalf of a universal-access plugin and therefore CORB should // stop blocking requests marked as RESOURCE_TYPE_PLUGIN_RESOURCE. // // TODO(lukasza, laforge): https://crbug.com/702995: Remove the ...ForPlugin // methods once Flash support is removed from Chromium (probably around 2020 // - see https://www.chromium.org/flash-roadmap). AddCorbExceptionForPlugin(uint32 process_id); // Reverts AddCorbExceptionForPlugin. RemoveCorbExceptionForPlugin(uint32 process_id); };