Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(233)

Side by Side Diff: chrome/browser/safe_browsing/safe_browsing_blocking_page.cc

Issue 10855260: Safe Browsing malware interstitial redesign field trial. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: rebase Created 8 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 // 4 //
5 // Implementation of the SafeBrowsingBlockingPage class. 5 // Implementation of the SafeBrowsingBlockingPage class.
6 6
7 #include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h" 7 #include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h"
8 8
9 #include <string> 9 #include <string>
10 10
11 #include "base/bind.h" 11 #include "base/bind.h"
12 #include "base/i18n/rtl.h" 12 #include "base/i18n/rtl.h"
13 #include "base/lazy_instance.h" 13 #include "base/lazy_instance.h"
14 #include "base/metrics/field_trial.h"
14 #include "base/metrics/histogram.h" 15 #include "base/metrics/histogram.h"
15 #include "base/string_number_conversions.h" 16 #include "base/string_number_conversions.h"
16 #include "base/string_piece.h" 17 #include "base/string_piece.h"
17 #include "base/stringprintf.h" 18 #include "base/stringprintf.h"
18 #include "base/time.h" 19 #include "base/time.h"
19 #include "base/utf_string_conversions.h" 20 #include "base/utf_string_conversions.h"
20 #include "base/values.h" 21 #include "base/values.h"
21 #include "chrome/browser/browser_process.h" 22 #include "chrome/browser/browser_process.h"
22 #include "chrome/browser/google/google_util.h" 23 #include "chrome/browser/google/google_util.h"
23 #include "chrome/browser/prefs/pref_service.h" 24 #include "chrome/browser/prefs/pref_service.h"
24 #include "chrome/browser/profiles/profile.h" 25 #include "chrome/browser/profiles/profile.h"
25 #include "chrome/browser/renderer_preferences_util.h" 26 #include "chrome/browser/renderer_preferences_util.h"
26 #include "chrome/browser/safe_browsing/malware_details.h" 27 #include "chrome/browser/safe_browsing/malware_details.h"
27 #include "chrome/browser/safe_browsing/safe_browsing_service.h" 28 #include "chrome/browser/safe_browsing/safe_browsing_service.h"
28 #include "chrome/browser/tab_contents/tab_util.h" 29 #include "chrome/browser/tab_contents/tab_util.h"
29 #include "chrome/browser/ui/webui/ntp/new_tab_ui.h" 30 #include "chrome/browser/ui/webui/ntp/new_tab_ui.h"
30 #include "chrome/common/jstemplate_builder.h" 31 #include "chrome/common/jstemplate_builder.h"
31 #include "chrome/common/pref_names.h" 32 #include "chrome/common/pref_names.h"
32 #include "chrome/common/url_constants.h" 33 #include "chrome/common/url_constants.h"
33 #include "content/public/browser/browser_thread.h" 34 #include "content/public/browser/browser_thread.h"
34 #include "content/public/browser/interstitial_page.h" 35 #include "content/public/browser/interstitial_page.h"
35 #include "content/public/browser/navigation_controller.h" 36 #include "content/public/browser/navigation_controller.h"
36 #include "content/public/browser/user_metrics.h" 37 #include "content/public/browser/user_metrics.h"
37 #include "content/public/browser/web_contents.h" 38 #include "content/public/browser/web_contents.h"
38 #include "grit/browser_resources.h" 39 #include "grit/browser_resources.h"
40 #include "grit/chromium_strings.h"
39 #include "grit/generated_resources.h" 41 #include "grit/generated_resources.h"
40 #include "grit/locale_settings.h" 42 #include "grit/locale_settings.h"
41 #include "net/base/escape.h" 43 #include "net/base/escape.h"
42 #include "ui/base/l10n/l10n_util.h" 44 #include "ui/base/l10n/l10n_util.h"
43 #include "ui/base/layout.h" 45 #include "ui/base/layout.h"
44 #include "ui/base/resource/resource_bundle.h" 46 #include "ui/base/resource/resource_bundle.h"
45 47
46 using content::BrowserThread; 48 using content::BrowserThread;
47 using content::InterstitialPage; 49 using content::InterstitialPage;
48 using content::OpenURLParams; 50 using content::OpenURLParams;
(...skipping 11 matching lines...) Expand all
60 "http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=%s&clie nt=chromium"; 62 "http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=%s&clie nt=chromium";
61 #endif 63 #endif
62 64
63 static const char* const kSbReportPhishingErrorUrl = 65 static const char* const kSbReportPhishingErrorUrl =
64 "http://www.google.com/safebrowsing/report_error/"; 66 "http://www.google.com/safebrowsing/report_error/";
65 67
66 // URL for the "Learn more" link on the multi threat malware blocking page. 68 // URL for the "Learn more" link on the multi threat malware blocking page.
67 static const char* const kLearnMoreMalwareUrl = 69 static const char* const kLearnMoreMalwareUrl =
68 "https://www.google.com/support/bin/answer.py?answer=45449&topic=360" 70 "https://www.google.com/support/bin/answer.py?answer=45449&topic=360"
69 "&sa=X&oi=malwarewarninglink&resnum=1&ct=help"; 71 "&sa=X&oi=malwarewarninglink&resnum=1&ct=help";
72 static const char* const kLearnMoreMalwareUrlV2 =
73 "https://www.google.com/goodtoknow/online-safety/malware/";
70 74
71 // URL for the "Learn more" link on the phishing blocking page. 75 // URL for the "Learn more" link on the phishing blocking page.
72 static const char* const kLearnMorePhishingUrl = 76 static const char* const kLearnMorePhishingUrl =
73 "https://www.google.com/support/bin/answer.py?answer=106318"; 77 "https://www.google.com/support/bin/answer.py?answer=106318";
74 78 static const char* const kLearnMorePhishingUrlV2 =
75 // URL for the "Safe Browsing Privacy Policies" link on the blocking page. 79 "https://www.google.com/goodtoknow/online-safety/phishing/";
kewang 2012/08/21 10:23:05 when will this be shown?
mattm 2012/08/21 18:29:12 Ah, added that prematurely. Removed for now.
76 // Note: this page is not yet localized.
77 static const char* const kSbPrivacyPolicyUrl =
78 "http://www.google.com/intl/en_us/privacy/browsing.html";
79 80
80 static const char* const kSbDiagnosticHtml = 81 static const char* const kSbDiagnosticHtml =
81 "<a href=\"\" onclick=\"sendCommand('showDiagnostic'); return false;\" " 82 "<a href=\"\" onclick=\"sendCommand('showDiagnostic'); return false;\" "
82 "onmousedown=\"return false;\">%s</a>"; 83 "onmousedown=\"return false;\">%s</a>";
83 84
84 static const char* const kPLinkHtml = 85 static const char* const kPLinkHtml =
85 "<a href=\"\" onclick=\"sendCommand('proceed'); return false;\" " 86 "<a href=\"\" onclick=\"sendCommand('proceed'); return false;\" "
86 "onmousedown=\"return false;\">%s</a>"; 87 "onmousedown=\"return false;\">%s</a>";
87 88
88 static const char* const kPrivacyLinkHtml = 89 static const char* const kPrivacyLinkHtml =
89 "<a href=\"\" onclick=\"sendCommand('showPrivacy'); return false;\" " 90 "<a href=\"\" onclick=\"sendCommand('showPrivacy'); return false;\" "
90 "onmousedown=\"return false;\">%s</a>"; 91 "onmousedown=\"return false;\">%s</a>";
91 92
92 // After a malware interstitial where the user opted-in to the report 93 // After a malware interstitial where the user opted-in to the report
93 // but clicked "proceed anyway", we delay the call to 94 // but clicked "proceed anyway", we delay the call to
94 // MalwareDetails::FinishCollection() by this much time (in 95 // MalwareDetails::FinishCollection() by this much time (in
95 // milliseconds). 96 // milliseconds).
96 static const int64 kMalwareDetailsProceedDelayMilliSeconds = 3000; 97 static const int64 kMalwareDetailsProceedDelayMilliSeconds = 3000;
97 98
98 // The commands returned by the page when the user performs an action. 99 // The commands returned by the page when the user performs an action.
99 static const char* const kShowDiagnosticCommand = "showDiagnostic"; 100 static const char* const kShowDiagnosticCommand = "showDiagnostic";
100 static const char* const kReportErrorCommand = "reportError"; 101 static const char* const kReportErrorCommand = "reportError";
101 static const char* const kLearnMoreCommand = "learnMore"; 102 static const char* const kLearnMoreCommand = "learnMore";
103 static const char* const kLearnMoreCommandV2 = "learnMore2";
102 static const char* const kShowPrivacyCommand = "showPrivacy"; 104 static const char* const kShowPrivacyCommand = "showPrivacy";
103 static const char* const kProceedCommand = "proceed"; 105 static const char* const kProceedCommand = "proceed";
104 static const char* const kTakeMeBackCommand = "takeMeBack"; 106 static const char* const kTakeMeBackCommand = "takeMeBack";
105 static const char* const kDoReportCommand = "doReport"; 107 static const char* const kDoReportCommand = "doReport";
106 static const char* const kDontReportCommand = "dontReport"; 108 static const char* const kDontReportCommand = "dontReport";
107 static const char* const kDisplayCheckBox = "displaycheckbox"; 109 static const char* const kDisplayCheckBox = "displaycheckbox";
110 static const char* const kDisplayShowDiagnostic = "displayShowDiagnostic";
108 static const char* const kBoxChecked = "boxchecked"; 111 static const char* const kBoxChecked = "boxchecked";
112 static const char* const kExpandedSeeMore = "expandedSeeMore";
109 // Special command that we use when the user navigated away from the 113 // Special command that we use when the user navigated away from the
110 // page. E.g., closed the tab or the window. This is only used by 114 // page. E.g., closed the tab or the window. This is only used by
111 // RecordUserReactionTime. 115 // RecordUserReactionTime.
112 static const char* const kNavigatedAwayMetaCommand = "closed"; 116 static const char* const kNavigatedAwayMetaCommand = "closed";
113 117
114 // static 118 // static
115 SafeBrowsingBlockingPageFactory* SafeBrowsingBlockingPage::factory_ = NULL; 119 SafeBrowsingBlockingPageFactory* SafeBrowsingBlockingPage::factory_ = NULL;
116 120
117 static base::LazyInstance<SafeBrowsingBlockingPage::UnsafeResourceMap> 121 static base::LazyInstance<SafeBrowsingBlockingPage::UnsafeResourceMap>
118 g_unsafe_resource_map = LAZY_INSTANCE_INITIALIZER; 122 g_unsafe_resource_map = LAZY_INSTANCE_INITIALIZER;
119 123
120 // The default SafeBrowsingBlockingPageFactory. Global, made a singleton so we 124 // The default SafeBrowsingBlockingPageFactory. Global, made a singleton so we
121 // don't leak it. 125 // don't leak it.
122 class SafeBrowsingBlockingPageFactoryImpl 126 class SafeBrowsingBlockingPageFactoryImpl
123 : public SafeBrowsingBlockingPageFactory { 127 : public SafeBrowsingBlockingPageFactory {
124 public: 128 public:
125 SafeBrowsingBlockingPage* CreateSafeBrowsingPage( 129 SafeBrowsingBlockingPage* CreateSafeBrowsingPage(
126 SafeBrowsingService* service, 130 SafeBrowsingService* service,
127 WebContents* web_contents, 131 WebContents* web_contents,
128 const SafeBrowsingBlockingPage::UnsafeResourceList& unsafe_resources) { 132 const SafeBrowsingBlockingPage::UnsafeResourceList& unsafe_resources) {
129 return new SafeBrowsingBlockingPage(service, web_contents, 133 // Only do the trial if the interstitial is a malware one, the other types
kewang 2012/08/21 10:23:05 Basically we do this trial if there is only one un
mattm 2012/08/21 18:29:12 Done.
130 unsafe_resources); 134 // have not been updated to V2 yet.
135 if (unsafe_resources.size() == 1 &&
136 unsafe_resources[0].threat_type == SafeBrowsingService::URL_MALWARE) {
137 if (base::FieldTrialList::FindFullName("SBInterstitial") == "V2") {
138 DVLOG(1) << "In V2 group.";
139 return new SafeBrowsingBlockingPageV2(service, web_contents,
140 unsafe_resources);
141 }
142 DVLOG(1) << "In V1 group.";
143 }
144 return new SafeBrowsingBlockingPageV1(service, web_contents,
145 unsafe_resources);
131 } 146 }
132 147
133 private: 148 private:
134 friend struct base::DefaultLazyInstanceTraits< 149 friend struct base::DefaultLazyInstanceTraits<
135 SafeBrowsingBlockingPageFactoryImpl>; 150 SafeBrowsingBlockingPageFactoryImpl>;
136 151
137 SafeBrowsingBlockingPageFactoryImpl() { } 152 SafeBrowsingBlockingPageFactoryImpl() { }
138 153
139 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingBlockingPageFactoryImpl); 154 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingBlockingPageFactoryImpl);
140 }; 155 };
141 156
142 static base::LazyInstance<SafeBrowsingBlockingPageFactoryImpl> 157 static base::LazyInstance<SafeBrowsingBlockingPageFactoryImpl>
143 g_safe_browsing_blocking_page_factory_impl = LAZY_INSTANCE_INITIALIZER; 158 g_safe_browsing_blocking_page_factory_impl = LAZY_INSTANCE_INITIALIZER;
144 159
145 SafeBrowsingBlockingPage::SafeBrowsingBlockingPage( 160 SafeBrowsingBlockingPage::SafeBrowsingBlockingPage(
146 SafeBrowsingService* sb_service, 161 SafeBrowsingService* sb_service,
147 WebContents* web_contents, 162 WebContents* web_contents,
148 const UnsafeResourceList& unsafe_resources) 163 const UnsafeResourceList& unsafe_resources)
149 : malware_details_proceed_delay_ms_( 164 : malware_details_proceed_delay_ms_(
150 kMalwareDetailsProceedDelayMilliSeconds), 165 kMalwareDetailsProceedDelayMilliSeconds),
151 sb_service_(sb_service), 166 sb_service_(sb_service),
152 report_loop_(NULL), 167 report_loop_(NULL),
153 is_main_frame_load_blocked_(IsMainPageLoadBlocked(unsafe_resources)), 168 is_main_frame_load_blocked_(IsMainPageLoadBlocked(unsafe_resources)),
154 unsafe_resources_(unsafe_resources), 169 unsafe_resources_(unsafe_resources),
155 proceeded_(false), 170 proceeded_(false),
156 web_contents_(web_contents), 171 web_contents_(web_contents),
157 url_(unsafe_resources[0].url) { 172 url_(unsafe_resources[0].url),
173 has_expanded_see_more_section_(false) {
174 bool malware = false;
175 bool phishing = false;
176 for (UnsafeResourceList::const_iterator iter = unsafe_resources_.begin();
177 iter != unsafe_resources_.end(); ++iter) {
178 const SafeBrowsingService::UnsafeResource& resource = *iter;
179 SafeBrowsingService::UrlCheckResult threat_type = resource.threat_type;
180 if (threat_type == SafeBrowsingService::URL_MALWARE) {
181 malware = true;
182 } else {
183 DCHECK(threat_type == SafeBrowsingService::URL_PHISHING ||
184 threat_type == SafeBrowsingService::CLIENT_SIDE_PHISHING_URL);
185 phishing = true;
186 }
187 }
188 DCHECK(phishing || malware);
189 if (malware && phishing)
190 interstitial_type_ = TYPE_MALWARE_AND_PHISHING;
191 else if (malware)
192 interstitial_type_ = TYPE_MALWARE;
193 else
194 interstitial_type_ = TYPE_PHISHING;
158 RecordUserAction(SHOW); 195 RecordUserAction(SHOW);
159 if (!is_main_frame_load_blocked_) { 196 if (!is_main_frame_load_blocked_) {
160 navigation_entry_index_to_remove_ = 197 navigation_entry_index_to_remove_ =
161 web_contents->GetController().GetLastCommittedEntryIndex(); 198 web_contents->GetController().GetLastCommittedEntryIndex();
162 } else { 199 } else {
163 navigation_entry_index_to_remove_ = -1; 200 navigation_entry_index_to_remove_ = -1;
164 } 201 }
165 202
166 // Start computing malware details. They will be sent only 203 // Start computing malware details. They will be sent only
167 // if the user opts-in on the blocking page later. 204 // if the user opts-in on the blocking page later.
(...skipping 13 matching lines...) Expand all
181 } 218 }
182 219
183 bool SafeBrowsingBlockingPage::CanShowMalwareDetailsOption() { 220 bool SafeBrowsingBlockingPage::CanShowMalwareDetailsOption() {
184 return (!web_contents_->GetBrowserContext()->IsOffTheRecord() && 221 return (!web_contents_->GetBrowserContext()->IsOffTheRecord() &&
185 web_contents_->GetURL().SchemeIs(chrome::kHttpScheme)); 222 web_contents_->GetURL().SchemeIs(chrome::kHttpScheme));
186 } 223 }
187 224
188 SafeBrowsingBlockingPage::~SafeBrowsingBlockingPage() { 225 SafeBrowsingBlockingPage::~SafeBrowsingBlockingPage() {
189 } 226 }
190 227
191 std::string SafeBrowsingBlockingPage::GetHTMLContents() {
192 // Load the HTML page and create the template components.
193 DictionaryValue strings;
194 ResourceBundle& rb = ResourceBundle::GetSharedInstance();
195 std::string html;
196
197 if (unsafe_resources_.empty()) {
198 NOTREACHED();
199 return std::string();
200 }
201
202 if (unsafe_resources_.size() > 1) {
203 PopulateMultipleThreatStringDictionary(&strings);
204 html = rb.GetRawDataResource(
205 IDR_SAFE_BROWSING_MULTIPLE_THREAT_BLOCK,
206 ui::SCALE_FACTOR_NONE).as_string();
207 is_malware_interstitial_ = true;
208 } else {
209 SafeBrowsingService::UrlCheckResult threat_type =
210 unsafe_resources_[0].threat_type;
211 if (threat_type == SafeBrowsingService::URL_MALWARE) {
212 PopulateMalwareStringDictionary(&strings);
213 html = rb.GetRawDataResource(
214 IDR_SAFE_BROWSING_MALWARE_BLOCK,
215 ui::SCALE_FACTOR_NONE).as_string();
216 is_malware_interstitial_ = true;
217 } else { // Phishing.
218 DCHECK(threat_type == SafeBrowsingService::URL_PHISHING ||
219 threat_type == SafeBrowsingService::CLIENT_SIDE_PHISHING_URL);
220 PopulatePhishingStringDictionary(&strings);
221 html = rb.GetRawDataResource(
222 IDR_SAFE_BROWSING_PHISHING_BLOCK,
223 ui::SCALE_FACTOR_NONE).as_string();
224 is_malware_interstitial_ = false;
225 }
226 }
227 interstitial_show_time_ = base::TimeTicks::Now();
228 return jstemplate_builder::GetTemplatesHtml(html, &strings, "template_root");
229 }
230
231 void SafeBrowsingBlockingPage::PopulateStringDictionary(
232 DictionaryValue* strings,
233 const string16& title,
234 const string16& headline,
235 const string16& description1,
236 const string16& description2,
237 const string16& description3) {
238 strings->SetString("title", title);
239 strings->SetString("headLine", headline);
240 strings->SetString("description1", description1);
241 strings->SetString("description2", description2);
242 strings->SetString("description3", description3);
243 strings->SetBoolean("proceedDisabled",
244 IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled));
245 }
246
247 void SafeBrowsingBlockingPage::PopulateMultipleThreatStringDictionary(
248 DictionaryValue* strings) {
249 bool malware = false;
250 bool phishing = false;
251
252 string16 malware_label =
253 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_LABEL);
254 string16 malware_link =
255 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_DIAGNOSTIC_PAGE);
256 string16 phishing_label =
257 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_LABEL);
258 string16 phishing_link =
259 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_REPORT_ERROR);
260
261 ListValue* error_strings = new ListValue;
262 for (UnsafeResourceList::const_iterator iter = unsafe_resources_.begin();
263 iter != unsafe_resources_.end(); ++iter) {
264 const SafeBrowsingService::UnsafeResource& resource = *iter;
265 SafeBrowsingService::UrlCheckResult threat_type = resource.threat_type;
266 DictionaryValue* current_error_strings = new DictionaryValue;
267 if (threat_type == SafeBrowsingService::URL_MALWARE) {
268 malware = true;
269 current_error_strings->SetString("type", "malware");
270 current_error_strings->SetString("typeLabel", malware_label);
271 current_error_strings->SetString("errorLink", malware_link);
272 } else {
273 DCHECK(threat_type == SafeBrowsingService::URL_PHISHING ||
274 threat_type == SafeBrowsingService::CLIENT_SIDE_PHISHING_URL);
275 phishing = true;
276 current_error_strings->SetString("type", "phishing");
277 current_error_strings->SetString("typeLabel", phishing_label);
278 current_error_strings->SetString("errorLink", phishing_link);
279 }
280 current_error_strings->SetString("url", resource.url.spec());
281 error_strings->Append(current_error_strings);
282 }
283 strings->Set("errors", error_strings);
284 DCHECK(phishing || malware);
285
286 if (malware && phishing) {
287 PopulateStringDictionary(
288 strings,
289 // Use the malware headline, it is the scariest one.
290 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MULTI_THREAT_TITLE),
291 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_HEADLINE),
292 l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_MULTI_THREAT_DESCRIPTION1,
293 UTF8ToUTF16(web_contents_->GetURL().host())),
294 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MULTI_THREAT_DESCRIPTION2),
295 string16());
296 } else if (malware) {
297 // Just malware.
298 PopulateStringDictionary(
299 strings,
300 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_TITLE),
301 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_HEADLINE),
302 l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_MULTI_MALWARE_DESCRIPTION1,
303 UTF8ToUTF16(web_contents_->GetURL().host())),
304 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MULTI_MALWARE_DESCRIPTION2),
305 l10n_util::GetStringUTF16(
306 IDS_SAFE_BROWSING_MULTI_MALWARE_DESCRIPTION3));
307 } else {
308 // Just phishing.
309 PopulateStringDictionary(
310 strings,
311 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_TITLE),
312 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_HEADLINE),
313 l10n_util::GetStringFUTF16(
314 IDS_SAFE_BROWSING_MULTI_PHISHING_DESCRIPTION1,
315 UTF8ToUTF16(web_contents_->GetURL().host())),
316 string16(),
317 string16());
318 }
319
320 strings->SetString("confirm_text",
321 l10n_util::GetStringUTF16(
322 IDS_SAFE_BROWSING_MULTI_MALWARE_DESCRIPTION_AGREE));
323 strings->SetString("continue_button",
324 l10n_util::GetStringUTF16(
325 IDS_SAFE_BROWSING_MULTI_MALWARE_PROCEED_BUTTON));
326 strings->SetString("back_button",
327 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_BACK_BUTTON));
328 strings->SetString("textdirection", base::i18n::IsRTL() ? "rtl" : "ltr");
329 }
330
331 void SafeBrowsingBlockingPage::PopulateMalwareStringDictionary(
332 DictionaryValue* strings) {
333 std::string diagnostic_link = base::StringPrintf(kSbDiagnosticHtml,
334 l10n_util::GetStringUTF8(
335 IDS_SAFE_BROWSING_MALWARE_DIAGNOSTIC_PAGE).c_str());
336
337 strings->SetString("badURL", url_.host());
338 // Check to see if we're blocking the main page, or a sub-resource on the
339 // main page.
340 string16 description1, description3, description5;
341 if (is_main_frame_load_blocked_) {
342 description1 = l10n_util::GetStringFUTF16(
343 IDS_SAFE_BROWSING_MALWARE_DESCRIPTION1, UTF8ToUTF16(url_.host()));
344 } else {
345 description1 = l10n_util::GetStringFUTF16(
346 IDS_SAFE_BROWSING_MALWARE_DESCRIPTION4,
347 UTF8ToUTF16(web_contents_->GetURL().host()),
348 UTF8ToUTF16(url_.host()));
349 }
350
351 std::string proceed_link = base::StringPrintf(kPLinkHtml,
352 l10n_util::GetStringUTF8(IDS_SAFE_BROWSING_MALWARE_PROCEED_LINK).c_str());
353 description3 =
354 l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_MALWARE_DESCRIPTION3,
355 UTF8ToUTF16(proceed_link));
356
357 PopulateStringDictionary(
358 strings,
359 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_TITLE),
360 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_HEADLINE),
361 description1,
362 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_DESCRIPTION2),
363 description3);
364
365 description5 =
366 l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_MALWARE_DESCRIPTION5,
367 UTF8ToUTF16(url_.host()),
368 UTF8ToUTF16(url_.host()),
369 UTF8ToUTF16(diagnostic_link));
370
371 strings->SetString("description5", description5);
372
373 strings->SetString("back_button",
374 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_BACK_BUTTON));
375 strings->SetString("proceed_link",
376 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_PROCEED_LINK));
377 strings->SetString("textdirection", base::i18n::IsRTL() ? "rtl" : "ltr");
378
379 if (!CanShowMalwareDetailsOption()) {
380 strings->SetBoolean(kDisplayCheckBox, false);
381 } else {
382 // Show the checkbox for sending malware details.
383 strings->SetBoolean(kDisplayCheckBox, true);
384
385 std::string privacy_link = base::StringPrintf(
386 kPrivacyLinkHtml,
387 l10n_util::GetStringUTF8(
388 IDS_SAFE_BROWSING_PRIVACY_POLICY_PAGE).c_str());
389
390 strings->SetString("confirm_text",
391 l10n_util::GetStringFUTF16(
392 IDS_SAFE_BROWSING_MALWARE_REPORTING_AGREE,
393 UTF8ToUTF16(privacy_link)));
394 if (IsPrefEnabled(prefs::kSafeBrowsingReportingEnabled))
395 strings->SetString(kBoxChecked, "yes");
396 else
397 strings->SetString(kBoxChecked, "");
398 }
399 }
400
401 void SafeBrowsingBlockingPage::PopulatePhishingStringDictionary(
402 DictionaryValue* strings) {
403 std::string proceed_link = base::StringPrintf(
404 kPLinkHtml,
405 l10n_util::GetStringUTF8(
406 IDS_SAFE_BROWSING_PHISHING_PROCEED_LINK).c_str());
407 string16 description3 = l10n_util::GetStringFUTF16(
408 IDS_SAFE_BROWSING_PHISHING_DESCRIPTION3,
409 UTF8ToUTF16(proceed_link));
410
411 PopulateStringDictionary(
412 strings,
413 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_TITLE),
414 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_HEADLINE),
415 l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_PHISHING_DESCRIPTION1,
416 UTF8ToUTF16(url_.host())),
417 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_DESCRIPTION2),
418 description3);
419
420 strings->SetString("back_button",
421 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_BACK_BUTTON));
422 strings->SetString("report_error",
423 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_REPORT_ERROR));
424 strings->SetString("textdirection", base::i18n::IsRTL() ? "rtl" : "ltr");
425 }
426
427 void SafeBrowsingBlockingPage::CommandReceived(const std::string& cmd) { 228 void SafeBrowsingBlockingPage::CommandReceived(const std::string& cmd) {
428 std::string command(cmd); // Make a local copy so we can modify it. 229 std::string command(cmd); // Make a local copy so we can modify it.
429 // The Jasonified response has quotes, remove them. 230 // The Jasonified response has quotes, remove them.
430 if (command.length() > 1 && command[0] == '"') { 231 if (command.length() > 1 && command[0] == '"') {
431 command = command.substr(1, command.length() - 2); 232 command = command.substr(1, command.length() - 2);
432 } 233 }
433 RecordUserReactionTime(command); 234 RecordUserReactionTime(command);
434 if (command == kDoReportCommand) { 235 if (command == kDoReportCommand) {
435 SetReportingPreference(true); 236 SetReportingPreference(true);
436 return; 237 return;
(...skipping 17 matching lines...) Expand all
454 } else { 255 } else {
455 NOTREACHED(); 256 NOTREACHED();
456 } 257 }
457 258
458 OpenURLParams params( 259 OpenURLParams params(
459 url, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_LINK, false); 260 url, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_LINK, false);
460 web_contents_->OpenURL(params); 261 web_contents_->OpenURL(params);
461 return; 262 return;
462 } 263 }
463 264
265 if (command == kLearnMoreCommandV2) {
266 // User pressed "Learn more".
267 GURL url;
268 SafeBrowsingService::UrlCheckResult threat_type =
269 unsafe_resources_[0].threat_type;
270 if (threat_type == SafeBrowsingService::URL_MALWARE) {
271 url = google_util::AppendGoogleLocaleParam(GURL(kLearnMoreMalwareUrlV2));
272 } else if (threat_type == SafeBrowsingService::URL_PHISHING ||
273 threat_type == SafeBrowsingService::CLIENT_SIDE_PHISHING_URL) {
kewang 2012/08/21 10:23:05 Wil this part ever be reached? I think the v2 only
mattm 2012/08/21 18:29:12 removed.
274 url = google_util::AppendGoogleLocaleParam(GURL(kLearnMorePhishingUrlV2));
275 } else {
276 NOTREACHED();
277 }
278
279 OpenURLParams params(
280 url, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_LINK, false);
281 web_contents_->OpenURL(params);
282 return;
283 }
284
464 if (command == kShowPrivacyCommand) { 285 if (command == kShowPrivacyCommand) {
465 // User pressed "Safe Browsing privacy policy". 286 // User pressed "Safe Browsing privacy policy".
466 GURL url(kSbPrivacyPolicyUrl); 287 GURL url(l10n_util::GetStringUTF8(IDS_SAFE_BROWSING_PRIVACY_POLICY_URL));
467 OpenURLParams params( 288 OpenURLParams params(
468 url, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_LINK, false); 289 url, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_LINK, false);
469 web_contents_->OpenURL(params); 290 web_contents_->OpenURL(params);
470 return; 291 return;
471 } 292 }
472 293
473 bool proceed_blocked = false; 294 bool proceed_blocked = false;
474 if (command == kProceedCommand) { 295 if (command == kProceedCommand) {
475 if (IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled)) { 296 if (IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled)) {
476 proceed_blocked = true; 297 proceed_blocked = true;
(...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after
553 diagnostic_url = google_util::AppendGoogleLocaleParam(diagnostic_url); 374 diagnostic_url = google_util::AppendGoogleLocaleParam(diagnostic_url);
554 DCHECK(unsafe_resources_[element_index].threat_type == 375 DCHECK(unsafe_resources_[element_index].threat_type ==
555 SafeBrowsingService::URL_MALWARE); 376 SafeBrowsingService::URL_MALWARE);
556 OpenURLParams params( 377 OpenURLParams params(
557 diagnostic_url, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_LINK, 378 diagnostic_url, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_LINK,
558 false); 379 false);
559 web_contents_->OpenURL(params); 380 web_contents_->OpenURL(params);
560 return; 381 return;
561 } 382 }
562 383
384 if (command == kExpandedSeeMore) {
385 // User expanded the "see more info" section of the page. We don't actually
386 // do any action based on this, it's just so that RecordUserReactionTime can
387 // track it.
388 return;
389 }
390
563 NOTREACHED() << "Unexpected command: " << command; 391 NOTREACHED() << "Unexpected command: " << command;
564 } 392 }
565 393
566 void SafeBrowsingBlockingPage::OverrideRendererPrefs( 394 void SafeBrowsingBlockingPage::OverrideRendererPrefs(
567 content::RendererPreferences* prefs) { 395 content::RendererPreferences* prefs) {
568 Profile* profile = Profile::FromBrowserContext( 396 Profile* profile = Profile::FromBrowserContext(
569 web_contents_->GetBrowserContext()); 397 web_contents_->GetBrowserContext());
570 renderer_preferences_util::UpdateFromSystemSettings(prefs, profile); 398 renderer_preferences_util::UpdateFromSystemSettings(prefs, profile);
571 } 399 }
572 400
(...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after
637 if (navigation_entry_index_to_remove_ != -1 && 465 if (navigation_entry_index_to_remove_ != -1 &&
638 navigation_entry_index_to_remove_ != last_committed_index && 466 navigation_entry_index_to_remove_ != last_committed_index &&
639 !web_contents_->IsBeingDestroyed()) { 467 !web_contents_->IsBeingDestroyed()) {
640 web_contents_->GetController().RemoveEntryAtIndex( 468 web_contents_->GetController().RemoveEntryAtIndex(
641 navigation_entry_index_to_remove_); 469 navigation_entry_index_to_remove_);
642 navigation_entry_index_to_remove_ = -1; 470 navigation_entry_index_to_remove_ = -1;
643 } 471 }
644 } 472 }
645 473
646 void SafeBrowsingBlockingPage::RecordUserAction(BlockingPageEvent event) { 474 void SafeBrowsingBlockingPage::RecordUserAction(BlockingPageEvent event) {
647 // Determine the interstitial type from the blocked resources. 475 // This enum is used for a histogram. Don't reorder, delete, or insert
648 // This is the same logic that is used to actually construct the 476 // elements. New elements should be added before MAX_ACTION only.
649 // page contents; we can look at the title to see which type of 477 enum {
650 // interstitial is being displayed. 478 MALWARE_SHOW = 0,
651 DictionaryValue strings; 479 MALWARE_DONT_PROCEED,
652 PopulateMultipleThreatStringDictionary(&strings); 480 MALWARE_FORCED_DONT_PROCEED,
481 MALWARE_PROCEED,
482 MULTIPLE_SHOW,
483 MULTIPLE_DONT_PROCEED,
484 MULTIPLE_FORCED_DONT_PROCEED,
485 MULTIPLE_PROCEED,
486 PHISHING_SHOW,
487 PHISHING_DONT_PROCEED,
488 PHISHING_FORCED_DONT_PROCEED,
489 PHISHING_PROCEED,
490 MAX_ACTION
491 } histogram_action;
653 492
654 string16 title; 493 switch (event) {
655 bool success = strings.GetString("title", &title); 494 case SHOW:
656 DCHECK(success); 495 switch (interstitial_type_) {
496 case TYPE_MALWARE_AND_PHISHING:
497 histogram_action = MULTIPLE_SHOW;
498 break;
499 case TYPE_MALWARE:
500 histogram_action = MALWARE_SHOW;
501 break;
502 case TYPE_PHISHING:
503 histogram_action = PHISHING_SHOW;
504 break;
505 }
506 break;
507 case PROCEED:
508 switch (interstitial_type_) {
509 case TYPE_MALWARE_AND_PHISHING:
510 histogram_action = MULTIPLE_PROCEED;
511 break;
512 case TYPE_MALWARE:
513 histogram_action = MALWARE_PROCEED;
514 break;
515 case TYPE_PHISHING:
516 histogram_action = PHISHING_PROCEED;
517 break;
518 }
519 break;
520 case DONT_PROCEED:
521 if (IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled)) {
522 switch (interstitial_type_) {
523 case TYPE_MALWARE_AND_PHISHING:
524 histogram_action = MULTIPLE_FORCED_DONT_PROCEED;
525 break;
526 case TYPE_MALWARE:
527 histogram_action = MALWARE_FORCED_DONT_PROCEED;
528 break;
529 case TYPE_PHISHING:
530 histogram_action = PHISHING_FORCED_DONT_PROCEED;
531 break;
532 }
533 } else {
534 switch (interstitial_type_) {
535 case TYPE_MALWARE_AND_PHISHING:
536 histogram_action = MULTIPLE_DONT_PROCEED;
537 break;
538 case TYPE_MALWARE:
539 histogram_action = MALWARE_DONT_PROCEED;
540 break;
541 case TYPE_PHISHING:
542 histogram_action = PHISHING_DONT_PROCEED;
543 break;
544 }
545 }
546 break;
547 default:
548 NOTREACHED() << "Unexpected event: " << event;
549 }
550 UMA_HISTOGRAM_ENUMERATION("SB2.InterstitialAction", histogram_action,
551 MAX_ACTION);
552 UMA_HISTOGRAM_ENUMERATION(
553 base::FieldTrial::MakeName("SB2.InterstitialAction", "SBInterstitial"),
554 histogram_action,
555 MAX_ACTION);
657 556
557 // TODO(mattm): now that we've added the histogram above, should we remove
558 // this old user metric at some future point?
658 std::string action = "SBInterstitial"; 559 std::string action = "SBInterstitial";
659 if (title == 560 switch (interstitial_type_) {
660 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MULTI_THREAT_TITLE)) { 561 case TYPE_MALWARE_AND_PHISHING:
661 action.append("Multiple"); 562 action.append("Multiple");
662 } else if (title == 563 break;
663 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_TITLE)) { 564 case TYPE_MALWARE:
664 action.append("Malware"); 565 action.append("Malware");
665 } else { 566 break;
666 DCHECK_EQ(title, 567 case TYPE_PHISHING:
667 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_TITLE)); 568 action.append("Phishing");
668 action.append("Phishing"); 569 break;
669 } 570 }
670 571
671 switch (event) { 572 switch (event) {
672 case SHOW: 573 case SHOW:
673 action.append("Show"); 574 action.append("Show");
674 break; 575 break;
675 case PROCEED: 576 case PROCEED:
676 action.append("Proceed"); 577 action.append("Proceed");
677 break; 578 break;
678 case DONT_PROCEED: 579 case DONT_PROCEED:
679 if (IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled)) 580 if (IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled))
680 action.append("ForcedDontProceed"); 581 action.append("ForcedDontProceed");
681 else 582 else
682 action.append("DontProceed"); 583 action.append("DontProceed");
683 break; 584 break;
684 default: 585 default:
685 NOTREACHED() << "Unexpected event: " << event; 586 NOTREACHED() << "Unexpected event: " << event;
686 } 587 }
687 588
589 std::string field_trial_action;
590 if (base::FieldTrialList::FindFullName("SBInterstitial") == "V2")
591 field_trial_action = action + "_V2";
592 else
593 field_trial_action = action + "_V1";
594
688 content::RecordComputedAction(action); 595 content::RecordComputedAction(action);
596 content::RecordComputedAction(field_trial_action);
689 } 597 }
690 598
691 void SafeBrowsingBlockingPage::RecordUserReactionTime( 599 void SafeBrowsingBlockingPage::RecordUserReactionTime(
692 const std::string& command) { 600 const std::string& command) {
693 if (interstitial_show_time_.is_null()) 601 if (interstitial_show_time_.is_null())
694 return; // We already reported the user reaction time. 602 return; // We already reported the user reaction time.
695 base::TimeDelta dt = base::TimeTicks::Now() - interstitial_show_time_; 603 base::TimeDelta dt = base::TimeTicks::Now() - interstitial_show_time_;
696 DVLOG(1) << "User reaction time for command:" << command 604 DVLOG(1) << "User reaction time for command:" << command
697 << " on is_malware:" << is_malware_interstitial_ 605 << " on interstitial_type_:" << interstitial_type_
698 << " warning took " << dt.InMilliseconds() << "ms"; 606 << " warning took " << dt.InMilliseconds() << "ms";
699 bool recorded = true; 607 bool recorded = true;
700 if (is_malware_interstitial_) { 608 if (interstitial_type_ == TYPE_MALWARE ||
609 interstitial_type_ == TYPE_MALWARE_AND_PHISHING) {
701 // There are six ways in which the malware interstitial can go 610 // There are six ways in which the malware interstitial can go
702 // away. We handle all of them here but we group two together: closing the 611 // away. We handle all of them here but we group two together: closing the
703 // tag / browser window and clicking on the back button in the browser (not 612 // tag / browser window and clicking on the back button in the browser (not
704 // the big green button) are considered the same action. 613 // the big green button) are considered the same action.
705 if (command == kProceedCommand) { 614 if (command == kProceedCommand) {
706 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimeProceed", dt); 615 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimeProceed", dt);
616 UMA_HISTOGRAM_MEDIUM_TIMES(base::FieldTrial::MakeName(
617 "SB2.MalwareInterstitialTimeProceed", "SBInterstitial"), dt);
707 } else if (command == kTakeMeBackCommand) { 618 } else if (command == kTakeMeBackCommand) {
708 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimeTakeMeBack", dt); 619 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimeTakeMeBack", dt);
620 UMA_HISTOGRAM_MEDIUM_TIMES(base::FieldTrial::MakeName(
621 "SB2.MalwareInterstitialTimeTakeMeBack", "SBInterstitial"), dt);
709 } else if (command == kShowDiagnosticCommand) { 622 } else if (command == kShowDiagnosticCommand) {
710 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimeDiagnostic", dt); 623 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimeDiagnostic", dt);
624 UMA_HISTOGRAM_MEDIUM_TIMES(base::FieldTrial::MakeName(
625 "SB2.MalwareInterstitialTimeDiagnostic", "SBInterstitial"), dt);
711 } else if (command == kShowPrivacyCommand) { 626 } else if (command == kShowPrivacyCommand) {
712 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimePrivacyPolicy", 627 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimePrivacyPolicy",
713 dt); 628 dt);
629 UMA_HISTOGRAM_MEDIUM_TIMES(base::FieldTrial::MakeName(
630 "SB2.MalwareInterstitialTimePrivacyPolicy", "SBInterstitial"), dt);
631 } else if (command == kLearnMoreCommand || command == kLearnMoreCommandV2) {
632 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialLearnMore",
633 dt);
634 UMA_HISTOGRAM_MEDIUM_TIMES(base::FieldTrial::MakeName(
635 "SB2.MalwareInterstitialLearnMore", "SBInterstitial"), dt);
714 } else if (command == kNavigatedAwayMetaCommand) { 636 } else if (command == kNavigatedAwayMetaCommand) {
715 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimeClosed", dt); 637 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimeClosed", dt);
638 UMA_HISTOGRAM_MEDIUM_TIMES(base::FieldTrial::MakeName(
639 "SB2.MalwareInterstitialTimeClosed", "SBInterstitial"), dt);
640 } else if (command == kExpandedSeeMore) {
641 // Only record the expanded histogram once per display of the
642 // interstitial.
643 if (has_expanded_see_more_section_)
644 return;
645 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimeExpandedSeeMore",
646 dt);
647 has_expanded_see_more_section_ = true;
648 // Expanding the "See More" section doesn't finish the interstitial, so
649 // don't mark the reaction time as recorded.
650 recorded = false;
716 } else { 651 } else {
717 recorded = false; 652 recorded = false;
718 } 653 }
719 } else { 654 } else {
720 // Same as above but for phishing warnings. 655 // Same as above but for phishing warnings.
721 if (command == kProceedCommand) { 656 if (command == kProceedCommand) {
722 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.PhishingInterstitialTimeProceed", dt); 657 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.PhishingInterstitialTimeProceed", dt);
723 } else if (command == kTakeMeBackCommand) { 658 } else if (command == kTakeMeBackCommand) {
724 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.PhishingInterstitialTimeTakeMeBack", dt); 659 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.PhishingInterstitialTimeTakeMeBack", dt);
725 } else if (command == kShowDiagnosticCommand) { 660 } else if (command == kShowDiagnosticCommand) {
726 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.PhishingInterstitialTimeReportError", dt); 661 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.PhishingInterstitialTimeReportError", dt);
727 } else if (command == kShowPrivacyCommand) { 662 } else if (command == kLearnMoreCommand || command == kLearnMoreCommandV2) {
728 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.PhishingInterstitialTimeLearnMore", dt); 663 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.PhishingInterstitialTimeLearnMore", dt);
729 } else if (command == kNavigatedAwayMetaCommand) { 664 } else if (command == kNavigatedAwayMetaCommand) {
730 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.PhishingInterstitialTimeClosed", dt); 665 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.PhishingInterstitialTimeClosed", dt);
666 } else if (command == kExpandedSeeMore) {
667 // TODO(mattm): Add histogram for this when we implement V2 of the
668 // phishing interstitial.
669 NOTREACHED();
670 recorded = false;
731 } else { 671 } else {
732 recorded = false; 672 recorded = false;
733 } 673 }
734 } 674 }
735 if (recorded) // Making sure we don't double-count reaction times. 675 if (recorded) // Making sure we don't double-count reaction times.
736 interstitial_show_time_ = base::TimeTicks(); // Resets the show time. 676 interstitial_show_time_ = base::TimeTicks(); // Resets the show time.
737 } 677 }
738 678
739 void SafeBrowsingBlockingPage::FinishMalwareDetails(int64 delay_ms) { 679 void SafeBrowsingBlockingPage::FinishMalwareDetails(int64 delay_ms) {
740 if (malware_details_ == NULL) 680 if (malware_details_ == NULL)
(...skipping 74 matching lines...) Expand 10 before | Expand all | Expand 10 after
815 // Client-side phishing detection interstitials never block the main frame 755 // Client-side phishing detection interstitials never block the main frame
816 // load, since they happen after the page is finished loading. 756 // load, since they happen after the page is finished loading.
817 if (unsafe_resources[0].threat_type == 757 if (unsafe_resources[0].threat_type ==
818 SafeBrowsingService::CLIENT_SIDE_PHISHING_URL) { 758 SafeBrowsingService::CLIENT_SIDE_PHISHING_URL) {
819 return false; 759 return false;
820 } 760 }
821 761
822 // Otherwise, check the threat type. 762 // Otherwise, check the threat type.
823 return unsafe_resources.size() == 1 && !unsafe_resources[0].is_subresource; 763 return unsafe_resources.size() == 1 && !unsafe_resources[0].is_subresource;
824 } 764 }
765
766 SafeBrowsingBlockingPageV1::SafeBrowsingBlockingPageV1(
767 SafeBrowsingService* sb_service,
768 WebContents* web_contents,
769 const UnsafeResourceList& unsafe_resources)
770 : SafeBrowsingBlockingPage(sb_service, web_contents, unsafe_resources) {
771 }
772
773 std::string SafeBrowsingBlockingPageV1::GetHTMLContents() {
774 // Load the HTML page and create the template components.
775 DictionaryValue strings;
776 ResourceBundle& rb = ResourceBundle::GetSharedInstance();
777 std::string html;
778
779 if (unsafe_resources_.empty()) {
780 NOTREACHED();
781 return std::string();
782 }
783
784 if (unsafe_resources_.size() > 1) {
785 PopulateMultipleThreatStringDictionary(&strings);
786 html = rb.GetRawDataResource(
787 IDR_SAFE_BROWSING_MULTIPLE_THREAT_BLOCK,
788 ui::SCALE_FACTOR_NONE).as_string();
789 } else {
790 SafeBrowsingService::UrlCheckResult threat_type =
791 unsafe_resources_[0].threat_type;
792 if (threat_type == SafeBrowsingService::URL_MALWARE) {
793 PopulateMalwareStringDictionary(&strings);
794 html = rb.GetRawDataResource(
795 IDR_SAFE_BROWSING_MALWARE_BLOCK,
796 ui::SCALE_FACTOR_NONE).as_string();
797 } else { // Phishing.
798 DCHECK(threat_type == SafeBrowsingService::URL_PHISHING ||
799 threat_type == SafeBrowsingService::CLIENT_SIDE_PHISHING_URL);
800 PopulatePhishingStringDictionary(&strings);
801 html = rb.GetRawDataResource(
802 IDR_SAFE_BROWSING_PHISHING_BLOCK,
803 ui::SCALE_FACTOR_NONE).as_string();
804 }
805 }
806 interstitial_show_time_ = base::TimeTicks::Now();
807 return jstemplate_builder::GetTemplatesHtml(html, &strings, "template_root");
808 }
809
810 void SafeBrowsingBlockingPageV1::PopulateStringDictionary(
811 DictionaryValue* strings,
812 const string16& title,
813 const string16& headline,
814 const string16& description1,
815 const string16& description2,
816 const string16& description3) {
817 strings->SetString("title", title);
818 strings->SetString("headLine", headline);
819 strings->SetString("description1", description1);
820 strings->SetString("description2", description2);
821 strings->SetString("description3", description3);
822 strings->SetBoolean("proceedDisabled",
823 IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled));
824 }
825
826 void SafeBrowsingBlockingPageV1::PopulateMultipleThreatStringDictionary(
827 DictionaryValue* strings) {
828
829 string16 malware_label =
830 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_LABEL);
831 string16 malware_link =
832 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_DIAGNOSTIC_PAGE);
833 string16 phishing_label =
834 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_LABEL);
835 string16 phishing_link =
836 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_REPORT_ERROR);
837
838 ListValue* error_strings = new ListValue;
839 for (UnsafeResourceList::const_iterator iter = unsafe_resources_.begin();
840 iter != unsafe_resources_.end(); ++iter) {
841 const SafeBrowsingService::UnsafeResource& resource = *iter;
842 SafeBrowsingService::UrlCheckResult threat_type = resource.threat_type;
843 DictionaryValue* current_error_strings = new DictionaryValue;
844 if (threat_type == SafeBrowsingService::URL_MALWARE) {
845 current_error_strings->SetString("type", "malware");
846 current_error_strings->SetString("typeLabel", malware_label);
847 current_error_strings->SetString("errorLink", malware_link);
848 } else {
849 DCHECK(threat_type == SafeBrowsingService::URL_PHISHING ||
850 threat_type == SafeBrowsingService::CLIENT_SIDE_PHISHING_URL);
851 current_error_strings->SetString("type", "phishing");
852 current_error_strings->SetString("typeLabel", phishing_label);
853 current_error_strings->SetString("errorLink", phishing_link);
854 }
855 current_error_strings->SetString("url", resource.url.spec());
856 error_strings->Append(current_error_strings);
857 }
858 strings->Set("errors", error_strings);
859
860 switch (interstitial_type_) {
861 case TYPE_MALWARE_AND_PHISHING:
862 PopulateStringDictionary(
863 strings,
864 // Use the malware headline, it is the scariest one.
865 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MULTI_THREAT_TITLE),
866 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_HEADLINE),
867 l10n_util::GetStringFUTF16(
868 IDS_SAFE_BROWSING_MULTI_THREAT_DESCRIPTION1,
869 UTF8ToUTF16(web_contents_->GetURL().host())),
870 l10n_util::GetStringUTF16(
871 IDS_SAFE_BROWSING_MULTI_THREAT_DESCRIPTION2),
872 string16());
873 break;
874 case TYPE_MALWARE:
875 PopulateStringDictionary(
876 strings,
877 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_TITLE),
878 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_HEADLINE),
879 l10n_util::GetStringFUTF16(
880 IDS_SAFE_BROWSING_MULTI_MALWARE_DESCRIPTION1,
881 UTF8ToUTF16(web_contents_->GetURL().host())),
882 l10n_util::GetStringUTF16(
883 IDS_SAFE_BROWSING_MULTI_MALWARE_DESCRIPTION2),
884 l10n_util::GetStringUTF16(
885 IDS_SAFE_BROWSING_MULTI_MALWARE_DESCRIPTION3));
886 break;
887 case TYPE_PHISHING:
888 PopulateStringDictionary(
889 strings,
890 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_TITLE),
891 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_HEADLINE),
892 l10n_util::GetStringFUTF16(
893 IDS_SAFE_BROWSING_MULTI_PHISHING_DESCRIPTION1,
894 UTF8ToUTF16(web_contents_->GetURL().host())),
895 string16(),
896 string16());
897 break;
898 }
899
900 strings->SetString("confirm_text",
901 l10n_util::GetStringUTF16(
902 IDS_SAFE_BROWSING_MULTI_MALWARE_DESCRIPTION_AGREE));
903 strings->SetString("continue_button",
904 l10n_util::GetStringUTF16(
905 IDS_SAFE_BROWSING_MULTI_MALWARE_PROCEED_BUTTON));
906 strings->SetString("back_button",
907 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_BACK_BUTTON));
908 strings->SetString("textdirection", base::i18n::IsRTL() ? "rtl" : "ltr");
909 }
910
911 void SafeBrowsingBlockingPageV1::PopulateMalwareStringDictionary(
912 DictionaryValue* strings) {
913 std::string diagnostic_link = base::StringPrintf(kSbDiagnosticHtml,
914 l10n_util::GetStringUTF8(
915 IDS_SAFE_BROWSING_MALWARE_DIAGNOSTIC_PAGE).c_str());
916
917 // Check to see if we're blocking the main page, or a sub-resource on the
918 // main page.
919 string16 description1, description3, description5;
920 if (is_main_frame_load_blocked_) {
921 description1 = l10n_util::GetStringFUTF16(
922 IDS_SAFE_BROWSING_MALWARE_DESCRIPTION1, UTF8ToUTF16(url_.host()));
923 } else {
924 description1 = l10n_util::GetStringFUTF16(
925 IDS_SAFE_BROWSING_MALWARE_DESCRIPTION4,
926 UTF8ToUTF16(web_contents_->GetURL().host()),
927 UTF8ToUTF16(url_.host()));
928 }
929
930 std::string proceed_link = base::StringPrintf(kPLinkHtml,
931 l10n_util::GetStringUTF8(IDS_SAFE_BROWSING_MALWARE_PROCEED_LINK).c_str());
932 description3 =
933 l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_MALWARE_DESCRIPTION3,
934 UTF8ToUTF16(proceed_link));
935
936 PopulateStringDictionary(
937 strings,
938 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_TITLE),
939 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_HEADLINE),
940 description1,
941 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_DESCRIPTION2),
942 description3);
943
944 description5 =
945 l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_MALWARE_DESCRIPTION5,
946 UTF8ToUTF16(url_.host()),
947 UTF8ToUTF16(url_.host()),
948 UTF8ToUTF16(diagnostic_link));
949
950 strings->SetString("description5", description5);
951
952 strings->SetString("back_button",
953 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_BACK_BUTTON));
954 strings->SetString("proceed_link",
955 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_PROCEED_LINK));
956 strings->SetString("textdirection", base::i18n::IsRTL() ? "rtl" : "ltr");
957
958 if (!CanShowMalwareDetailsOption()) {
959 strings->SetBoolean(kDisplayCheckBox, false);
960 } else {
961 // Show the checkbox for sending malware details.
962 strings->SetBoolean(kDisplayCheckBox, true);
963
964 std::string privacy_link = base::StringPrintf(
965 kPrivacyLinkHtml,
966 l10n_util::GetStringUTF8(
967 IDS_SAFE_BROWSING_PRIVACY_POLICY_PAGE).c_str());
968
969 strings->SetString("confirm_text",
970 l10n_util::GetStringFUTF16(
971 IDS_SAFE_BROWSING_MALWARE_REPORTING_AGREE,
972 UTF8ToUTF16(privacy_link)));
973 if (IsPrefEnabled(prefs::kSafeBrowsingReportingEnabled))
974 strings->SetString(kBoxChecked, "yes");
975 else
976 strings->SetString(kBoxChecked, "");
977 }
978 }
979
980 void SafeBrowsingBlockingPageV1::PopulatePhishingStringDictionary(
981 DictionaryValue* strings) {
982 std::string proceed_link = base::StringPrintf(
983 kPLinkHtml,
984 l10n_util::GetStringUTF8(
985 IDS_SAFE_BROWSING_PHISHING_PROCEED_LINK).c_str());
986 string16 description3 = l10n_util::GetStringFUTF16(
987 IDS_SAFE_BROWSING_PHISHING_DESCRIPTION3,
988 UTF8ToUTF16(proceed_link));
989
990 PopulateStringDictionary(
991 strings,
992 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_TITLE),
993 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_HEADLINE),
994 l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_PHISHING_DESCRIPTION1,
995 UTF8ToUTF16(url_.host())),
996 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_DESCRIPTION2),
997 description3);
998
999 strings->SetString("back_button",
1000 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_BACK_BUTTON));
1001 strings->SetString("report_error",
1002 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_REPORT_ERROR));
1003 strings->SetString("textdirection", base::i18n::IsRTL() ? "rtl" : "ltr");
1004 }
1005
1006 SafeBrowsingBlockingPageV2::SafeBrowsingBlockingPageV2(
1007 SafeBrowsingService* sb_service,
1008 WebContents* web_contents,
1009 const UnsafeResourceList& unsafe_resources)
1010 : SafeBrowsingBlockingPage(sb_service, web_contents, unsafe_resources) {
1011 }
1012
1013 std::string SafeBrowsingBlockingPageV2::GetHTMLContents() {
1014 // Load the HTML page and create the template components.
1015 DictionaryValue strings;
1016 ResourceBundle& rb = ResourceBundle::GetSharedInstance();
1017 std::string html;
1018
1019 if (unsafe_resources_.empty()) {
1020 NOTREACHED();
1021 return std::string();
1022 }
1023
1024 if (unsafe_resources_.size() > 1) {
1025 NOTREACHED();
1026 } else {
1027 SafeBrowsingService::UrlCheckResult threat_type =
1028 unsafe_resources_[0].threat_type;
1029 if (threat_type == SafeBrowsingService::URL_MALWARE) {
1030 PopulateMalwareStringDictionary(&strings);
1031 html = rb.GetRawDataResource(
1032 IDR_SAFE_BROWSING_MALWARE_BLOCK_V2,
1033 ui::SCALE_FACTOR_NONE).as_string();
1034 } else { // Phishing.
1035 DCHECK(threat_type == SafeBrowsingService::URL_PHISHING ||
1036 threat_type == SafeBrowsingService::CLIENT_SIDE_PHISHING_URL);
1037 NOTREACHED();
1038 }
1039 }
1040 interstitial_show_time_ = base::TimeTicks::Now();
1041 return jstemplate_builder::GetTemplatesHtml(html, &strings, "template_root");
1042 }
1043
1044 void SafeBrowsingBlockingPageV2::PopulateStringDictionary(
1045 DictionaryValue* strings,
1046 const string16& title,
1047 const string16& headline,
1048 const string16& description1,
1049 const string16& description2,
1050 const string16& description3,
1051 const string16& description4) {
1052 strings->SetString("title", title);
1053 strings->SetString("headLine", headline);
1054 strings->SetString("description1", description1);
1055 strings->SetString("description2", description2);
1056 strings->SetString("description3", description3);
1057 strings->SetString("description4", description4);
1058 strings->SetBoolean("proceedDisabled",
1059 IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled));
1060
1061 strings->SetString("textdirection", base::i18n::IsRTL() ? "rtl" : "ltr");
1062 strings->SetString("back_button",
1063 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_BACK_BUTTON));
1064 strings->SetString("seeMore", l10n_util::GetStringUTF16(
1065 IDS_SAFE_BROWSING_MALWARE_V2_SEE_MORE));
1066 strings->SetString("seeLess", l10n_util::GetStringUTF16(
1067 IDS_SAFE_BROWSING_MALWARE_V2_SEE_LESS));
1068 }
1069
1070 void SafeBrowsingBlockingPageV2::PopulateMultipleThreatStringDictionary(
1071 DictionaryValue* strings) {
1072 NOTREACHED();
1073 }
1074
1075 void SafeBrowsingBlockingPageV2::PopulateMalwareStringDictionary(
1076 DictionaryValue* strings) {
1077 std::string diagnostic_link = base::StringPrintf(kSbDiagnosticHtml,
1078 l10n_util::GetStringUTF8(
1079 IDS_SAFE_BROWSING_MALWARE_DIAGNOSTIC_PAGE).c_str());
1080
1081 // Check to see if we're blocking the main page, or a sub-resource on the
1082 // main page.
1083 string16 headline, description1, description2, description3, description4;
1084
1085
1086 if (is_main_frame_load_blocked_) {
1087 headline = l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_V2_HEADLINE);
1088 description1 = l10n_util::GetStringFUTF16(
1089 IDS_SAFE_BROWSING_MALWARE_V2_DESCRIPTION1,
1090 l10n_util::GetStringUTF16(IDS_PRODUCT_NAME),
1091 UTF8ToUTF16(url_.host()));
1092 description2 = l10n_util::GetStringUTF16(
1093 IDS_SAFE_BROWSING_MALWARE_V2_DESCRIPTION2);
1094 description3 = l10n_util::GetStringUTF16(
1095 IDS_SAFE_BROWSING_MALWARE_V2_DESCRIPTION3);
1096 description4 = l10n_util::GetStringUTF16(
1097 IDS_SAFE_BROWSING_MALWARE_V2_DESCRIPTION4);
1098 strings->SetBoolean(kDisplayShowDiagnostic, true);
1099 } else {
1100 headline = l10n_util::GetStringUTF16(
1101 IDS_SAFE_BROWSING_MALWARE_V2_HEADLINE_SUBRESOURCE);
1102 description1 = l10n_util::GetStringFUTF16(
1103 IDS_SAFE_BROWSING_MALWARE_V2_DESCRIPTION1_SUBRESOURCE,
1104 l10n_util::GetStringUTF16(IDS_PRODUCT_NAME),
1105 UTF8ToUTF16(web_contents_->GetURL().host()));
1106 description2 = l10n_util::GetStringUTF16(
1107 IDS_SAFE_BROWSING_MALWARE_V2_DESCRIPTION2_SUBRESOURCE);
1108 description3 = l10n_util::GetStringUTF16(
1109 IDS_SAFE_BROWSING_MALWARE_V2_DESCRIPTION3_SUBRESOURCE);
1110 description4 = l10n_util::GetStringFUTF16(
1111 IDS_SAFE_BROWSING_MALWARE_V2_DESCRIPTION4_SUBRESOURCE,
1112 UTF8ToUTF16(url_.host()));
1113 strings->SetBoolean(kDisplayShowDiagnostic, false);
1114 }
1115
1116 PopulateStringDictionary(
1117 strings,
1118 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_V2_TITLE),
1119 headline,
1120 description1,
1121 description2,
1122 description3,
1123 description4);
1124
1125 if (!CanShowMalwareDetailsOption()) {
1126 strings->SetBoolean(kDisplayCheckBox, false);
1127 } else {
1128 // Show the checkbox for sending malware details.
1129 strings->SetBoolean(kDisplayCheckBox, true);
1130
1131 std::string privacy_link = base::StringPrintf(
1132 kPrivacyLinkHtml,
1133 l10n_util::GetStringUTF8(
1134 IDS_SAFE_BROWSING_PRIVACY_POLICY_PAGE_V2).c_str());
1135
1136 strings->SetString("confirm_text",
1137 l10n_util::GetStringFUTF16(
1138 IDS_SAFE_BROWSING_MALWARE_V2_REPORTING_AGREE,
1139 UTF8ToUTF16(privacy_link)));
1140 if (IsPrefEnabled(prefs::kSafeBrowsingReportingEnabled))
1141 strings->SetString(kBoxChecked, "yes");
1142 else
1143 strings->SetString(kBoxChecked, "");
1144 }
1145
1146 strings->SetString("learnMore",
1147 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_V2_LEARN_MORE));
1148 strings->SetString("details",
1149 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_V2_DETAILS));
1150 }
1151
1152 void SafeBrowsingBlockingPageV2::PopulatePhishingStringDictionary(
1153 DictionaryValue* strings) {
1154 NOTREACHED();
1155 }
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698