blob: 633e775a54544fcfd6687abbecf9ad8689a6dd2f [file] [log] [blame]
/*
* Copyright (C) 2019 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
* THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
* THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "config.h"
#include "AdClickAttribution.h"
#include "Logging.h"
#include "RuntimeEnabledFeatures.h"
#include <wtf/Expected.h>
#include <wtf/RandomNumber.h>
#include <wtf/URL.h>
#include <wtf/text/StringBuilder.h>
#include <wtf/text/StringView.h>
namespace WebCore {
static const char adClickAttributionPathPrefix[] = "/.well-known/ad-click-attribution/";
const size_t adClickConversionDataPathSegmentSize = 2;
const size_t adClickPriorityPathSegmentSize = 2;
const Seconds maxAge { 24_h * 7 };
bool AdClickAttribution::isValid() const
{
return m_conversion
&& m_conversion.value().isValid()
&& m_campaign.isValid()
&& !m_source.registrableDomain.isEmpty()
&& !m_destination.registrableDomain.isEmpty()
&& m_earliestTimeToSend;
}
Expected<AdClickAttribution::Conversion, String> AdClickAttribution::parseConversionRequest(const URL& redirectURL)
{
if (!redirectURL.protocolIs("https"_s) || redirectURL.hasUsername() || redirectURL.hasPassword() || redirectURL.hasQuery() || redirectURL.hasFragment()) {
if (UNLIKELY(debugModeEnabled())) {
RELEASE_LOG_INFO(AdClickAttribution, "Conversion was not accepted because the URL's protocol is not HTTPS or the URL contains one or more of username, password, query string, and fragment.");
return makeUnexpected("[Ad Click Attribution] Conversion was not accepted because the URL's protocol is not HTTPS or the URL contains one or more of username, password, query string, and fragment."_s);
}
return makeUnexpected(nullString());
}
auto path = StringView(redirectURL.string()).substring(redirectURL.pathStart(), redirectURL.pathEnd() - redirectURL.pathStart());
if (path.isEmpty() || !path.startsWith(adClickAttributionPathPrefix)) {
if (UNLIKELY(debugModeEnabled())) {
RELEASE_LOG_INFO(AdClickAttribution, "Conversion was not accepted because the URL path did not start with %" PUBLIC_LOG_STRING ".", adClickAttributionPathPrefix);
return makeUnexpected(makeString("[Ad Click Attribution] Conversion was not accepted because the URL path did not start with "_s, adClickAttributionPathPrefix, "."_s));
}
return makeUnexpected(nullString());
}
auto prefixLength = sizeof(adClickAttributionPathPrefix) - 1;
if (path.length() == prefixLength + adClickConversionDataPathSegmentSize) {
auto conversionDataUInt64 = path.substring(prefixLength, adClickConversionDataPathSegmentSize).toUInt64Strict();
if (!conversionDataUInt64 || *conversionDataUInt64 > MaxEntropy) {
if (UNLIKELY(debugModeEnabled())) {
RELEASE_LOG_INFO(AdClickAttribution, "Conversion was not accepted because the conversion data could not be parsed or was higher than the allowed maximum of %{public}u.", MaxEntropy);
return makeUnexpected(makeString("[Ad Click Attribution] Conversion was not accepted because the conversion data could not be parsed or was higher than the allowed maximum of "_s, MaxEntropy, "."_s));
}
return makeUnexpected(nullString());
}
return Conversion { static_cast<uint32_t>(*conversionDataUInt64), Priority { 0 } };
}
if (path.length() == prefixLength + adClickConversionDataPathSegmentSize + 1 + adClickPriorityPathSegmentSize) {
auto conversionDataUInt64 = path.substring(prefixLength, adClickConversionDataPathSegmentSize).toUInt64Strict();
if (!conversionDataUInt64 || *conversionDataUInt64 > MaxEntropy) {
if (UNLIKELY(debugModeEnabled())) {
RELEASE_LOG_INFO(AdClickAttribution, "Conversion was not accepted because the conversion data could not be parsed or was higher than the allowed maximum of %{public}u.", MaxEntropy);
return makeUnexpected(makeString("[Ad Click Attribution] Conversion was not accepted because the conversion data could not be parsed or was higher than the allowed maximum of "_s, MaxEntropy, "."_s));
}
return makeUnexpected(nullString());
}
auto conversionPriorityUInt64 = path.substring(prefixLength + adClickConversionDataPathSegmentSize + 1, adClickPriorityPathSegmentSize).toUInt64Strict();
if (!conversionPriorityUInt64 || *conversionPriorityUInt64 > MaxEntropy) {
if (UNLIKELY(debugModeEnabled())) {
RELEASE_LOG_INFO(AdClickAttribution, "Conversion was not accepted because the priority could not be parsed or was higher than the allowed maximum of %{public}u.", MaxEntropy);
return makeUnexpected(makeString("[Ad Click Attribution] Conversion was not accepted because the priority could not be parsed or was higher than the allowed maximum of "_s, MaxEntropy, "."_s));
}
return makeUnexpected(nullString());
}
return Conversion { static_cast<uint32_t>(*conversionDataUInt64), Priority { static_cast<uint32_t>(*conversionPriorityUInt64) } };
}
if (UNLIKELY(debugModeEnabled())) {
RELEASE_LOG_INFO(AdClickAttribution, "Conversion was not accepted because the URL path contained unrecognized parts.");
return makeUnexpected("[Ad Click Attribution] Conversion was not accepted because the URL path contained unrecognized parts."_s);
}
return makeUnexpected(nullString());
}
Optional<Seconds> AdClickAttribution::convertAndGetEarliestTimeToSend(Conversion&& conversion)
{
if (!conversion.isValid() || (m_conversion && m_conversion->priority >= conversion.priority))
return { };
m_conversion = WTFMove(conversion);
// 24-48 hour delay before sending. This helps privacy since the conversion and the attribution
// requests are detached and the time of the attribution does not reveal the time of the conversion.
auto seconds = 24_h + Seconds(randomNumber() * (24_h).value());
m_earliestTimeToSend = WallTime::now() + seconds;
return seconds;
}
void AdClickAttribution::markAsExpired()
{
m_timeOfAdClick = { };
}
bool AdClickAttribution::hasExpired() const
{
return WallTime::now() > m_timeOfAdClick + maxAge;
}
bool AdClickAttribution::hasHigherPriorityThan(const AdClickAttribution& other) const
{
if (!other.m_conversion)
return true;
if (!m_conversion)
return false;
return m_conversion->priority > other.m_conversion->priority;
}
URL AdClickAttribution::url() const
{
if (!isValid())
return URL();
StringBuilder builder;
builder.appendLiteral("https://");
builder.append(m_source.registrableDomain.string());
builder.appendLiteral(adClickAttributionPathPrefix);
builder.appendNumber(m_conversion.value().data);
builder.append('/');
builder.appendNumber(m_campaign.id);
URL url { URL(), builder.toString() };
if (url.isValid())
return url;
return URL();
}
URL AdClickAttribution::referrer() const
{
if (!isValid())
return URL();
StringBuilder builder;
builder.appendLiteral("https://");
builder.append(m_destination.registrableDomain.string());
builder.append('/');
URL url { URL(), builder.toString() };
if (url.isValid())
return url;
return URL();
}
URL AdClickAttribution::urlForTesting(const URL& baseURL) const
{
auto host = m_source.registrableDomain.string();
if (host != "localhost" && host != "127.0.0.1")
return URL();
StringBuilder builder;
builder.appendLiteral("?conversion=");
builder.appendNumber(m_conversion.value().data);
builder.appendLiteral("&campaign=");
builder.appendNumber(m_campaign.id);
if (baseURL.hasQuery()) {
builder.append('&');
builder.append(baseURL.query());
}
return URL(baseURL, builder.toString());
}
void AdClickAttribution::markConversionAsSent()
{
ASSERT(m_conversion);
if (m_conversion)
m_conversion->wasSent = Conversion::WasSent::Yes;
}
bool AdClickAttribution::wasConversionSent() const
{
return m_conversion && m_conversion->wasSent == Conversion::WasSent::Yes;
}
String AdClickAttribution::toString() const
{
StringBuilder builder;
builder.appendLiteral("Source: ");
builder.append(m_source.registrableDomain.string());
builder.appendLiteral("\nDestination: ");
builder.append(m_destination.registrableDomain.string());
builder.appendLiteral("\nCampaign ID: ");
builder.appendNumber(m_campaign.id);
if (m_conversion) {
builder.appendLiteral("\nConversion data: ");
builder.appendNumber(m_conversion.value().data);
builder.appendLiteral("\nConversion priority: ");
builder.appendNumber(m_conversion.value().priority);
builder.appendLiteral("\nConversion earliest time to send: ");
if (!m_earliestTimeToSend)
builder.appendLiteral("Not set");
else {
auto secondsUntilSend = *m_earliestTimeToSend - WallTime::now();
builder.append((secondsUntilSend >= 24_h && secondsUntilSend <= 48_h) ? "Within 24-48 hours" : "Outside 24-48 hours");
}
builder.appendLiteral("\nConversion request sent: ");
builder.append((wasConversionSent() ? "true" : "false"));
} else
builder.appendLiteral("\nNo conversion data.");
builder.append('\n');
return builder.toString();
}
bool AdClickAttribution::debugModeEnabled()
{
return RuntimeEnabledFeatures::sharedFeatures().adClickAttributionDebugModeEnabled();
}
}