Add a policy to disable proceeding through the Safe Browsing interstitials.

chrome/browser/safe_browsing/safe_browsing_blocking_page.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 //
 // Implementation of the SafeBrowsingBlockingPage class.
 
 #include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h"
 
 #include <string>
 
@@ skipping 213 matching lines @@
     const string16& title,
     const string16& headline,
     const string16& description1,
     const string16& description2,
     const string16& description3) {
   strings->SetString("title", title);
   strings->SetString("headLine", headline);
   strings->SetString("description1", description1);
   strings->SetString("description2", description2);
   strings->SetString("description3", description3);
+  strings->SetBoolean("proceedDisabled",
+                      IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled));
 }
 
 void SafeBrowsingBlockingPage::PopulateMultipleThreatStringDictionary(
     DictionaryValue* strings) {
   bool malware = false;
   bool phishing = false;
 
   string16 malware_label =
       l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_LABEL);
   string16 malware_link =
@@ skipping 129 matching lines @@
 
     std::string privacy_link = base::StringPrintf(
         kPrivacyLinkHtml,
         l10n_util::GetStringUTF8(
             IDS_SAFE_BROWSING_PRIVACY_POLICY_PAGE).c_str());
 
     strings->SetString("confirm_text",
                        l10n_util::GetStringFUTF16(
                            IDS_SAFE_BROWSING_MALWARE_REPORTING_AGREE,
                            UTF8ToUTF16(privacy_link)));
-
-    Profile* profile = Profile::FromBrowserContext(
-        web_contents_->GetBrowserContext());
-    const PrefService::Preference* pref =
-        profile->GetPrefs()->FindPreference(
-            prefs::kSafeBrowsingReportingEnabled);
-
-    bool value;
-    if (pref && pref->GetValue()->GetAsBoolean(&value) && value) {
+    if (IsPrefEnabled(prefs::kSafeBrowsingReportingEnabled))
       strings->SetString(kBoxChecked, "yes");
-    } else {
+    else
       strings->SetString(kBoxChecked, "");
-    }
   }
 }
 
 void SafeBrowsingBlockingPage::PopulatePhishingStringDictionary(
     DictionaryValue* strings) {
   std::string proceed_link = base::StringPrintf(
       kPLinkHtml,
       l10n_util::GetStringUTF8(
           IDS_SAFE_BROWSING_PHISHING_PROCEED_LINK).c_str());
   string16 description3 = l10n_util::GetStringFUTF16(
@@ skipping 55 matching lines @@
 
   if (command == kShowPrivacyCommand) {
     // User pressed "Safe Browsing privacy policy".
     GURL url(kSbPrivacyPolicyUrl);
     OpenURLParams params(
         url, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_LINK, false);
     web_contents_->OpenURL(params);
     return;
   }
 
+  bool proceed_blocked = false;
   if (command == kProceedCommand) {
-    interstitial_page_->Proceed();
-    // We are deleted after this.
-    return;
+    if (IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled)) {
+      proceed_blocked = true;
+    } else {
+      interstitial_page_->Proceed();
+      // |this| has been deleted after Proceed() returns.
+      return;
+    }
   }
 
-  if (command == kTakeMeBackCommand) {
+  if (command == kTakeMeBackCommand || proceed_blocked) {
     if (is_main_frame_load_blocked_) {
       // If the load is blocked, we want to close the interstitial and discard
       // the pending entry.
       interstitial_page_->DontProceed();
-      // We are deleted after this.
+      // |this| has been deleted after DontProceed() returns.
       return;
     }
 
     // Otherwise the offending entry has committed, and we need to go back or
     // to a safe page.  We will close the interstitial when that page commits.
     if (web_contents_->GetController().CanGoBack()) {
       web_contents_->GetController().GoBack();
     } else {
       web_contents_->GetController().LoadURL(
           GURL(chrome::kChromeUINewTabURL),
@@ skipping 103 matching lines @@
   if (blocking_page)
     blocking_page->interstitial_page_->Show();
 }
 
 void SafeBrowsingBlockingPage::OnDontProceed() {
   // We could have already called Proceed(), in which case we must not notify
   // the SafeBrowsingService again, as the client has been deleted.
   if (proceeded_)
     return;
 
   RecordUserAction(DONT_PROCEED);

[mattm, 2012/07/02 21:47:00]

Probably want to split this into two user metrics, so that the proceed:don't
proceed choice ratio isn't polluted by results where the user didn't have a
choice.

(Also need to update AddComputedActions in chrome/tools/extract_actions.py)

[Joao da Silva, 2012/07/03 13:39:52]

Done. Please have a look at the changes in chrome/tools; I guess that's what you
meant, but extract_actions.py added a couple other entries that might have been
missing.

[mattm, 2012/07/03 19:41:34]

Yep, I think that just means someone added some metrics without running the
script.

   // Send the malware details, if we opted to.
   FinishMalwareDetails(0);  // No delay
 
   NotifySafeBrowsingService(sb_service_, unsafe_resources_, false);
 
   // The user does not want to proceed, clear the queued unsafe resources
   // notifications we received while the interstitial was showing.
   UnsafeResourceMap* unsafe_resource_map = GetUnsafeResourcesMap();
   UnsafeResourceMap::iterator iter = unsafe_resource_map->find(web_contents_);
   if (iter != unsafe_resource_map->end() && !iter->second.empty()) {
@@ skipping 56 matching lines @@
       NOTREACHED() << "Unexpected event: " << event;
   }
 
   content::RecordComputedAction(action);
 }
 
 void SafeBrowsingBlockingPage::FinishMalwareDetails(int64 delay_ms) {
   if (malware_details_ == NULL)
     return;  // Not all interstitials have malware details (eg phishing).
 
-  Profile* profile = Profile::FromBrowserContext(
-      web_contents_->GetBrowserContext());
-  const PrefService::Preference* pref =
-      profile->GetPrefs()->FindPreference(prefs::kSafeBrowsingReportingEnabled);
-
-  bool value;
-  if (pref && pref->GetValue()->GetAsBoolean(&value) && value) {
+  if (IsPrefEnabled(prefs::kSafeBrowsingReportingEnabled)) {
     // Finish the malware details collection, send it over.
     BrowserThread::PostDelayedTask(
         BrowserThread::IO, FROM_HERE,
         base::Bind(&MalwareDetails::FinishCollection, malware_details_.get()),
         base::TimeDelta::FromMilliseconds(delay_ms));
   }
 }
 
+bool SafeBrowsingBlockingPage::IsPrefEnabled(const char* pref) {
+  Profile* profile =
+      Profile::FromBrowserContext(web_contents_->GetBrowserContext());
+  return profile->GetPrefs()->GetBoolean(pref);
+}
+
 // static
 void SafeBrowsingBlockingPage::NotifySafeBrowsingService(
     SafeBrowsingService* sb_service,
     const UnsafeResourceList& unsafe_resources,
     bool proceed) {
   BrowserThread::PostTask(
       BrowserThread::IO, FROM_HERE,
       base::Bind(&SafeBrowsingService::OnBlockingPageDone,
                  sb_service, unsafe_resources, proceed));
 }
@@ skipping 47 matching lines @@
   // Client-side phishing detection interstitials never block the main frame
   // load, since they happen after the page is finished loading.
   if (unsafe_resources[0].threat_type ==
       SafeBrowsingService::CLIENT_SIDE_PHISHING_URL) {
     return false;
   }
 
   // Otherwise, check the threat type.
   return unsafe_resources.size() == 1 && !unsafe_resources[0].is_subresource;
 }