| OLD | NEW |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 // | 4 // |
| 5 // Classes for managing the SafeBrowsing interstitial pages. | 5 // Classes for managing the SafeBrowsing interstitial pages. |
| 6 // | 6 // |
| 7 // When a user is about to visit a page the SafeBrowsing system has deemed to | 7 // When a user is about to visit a page the SafeBrowsing system has deemed to |
| 8 // be malicious, either as malware or a phishing page, we show an interstitial | 8 // be malicious, either as malware or a phishing page, we show an interstitial |
| 9 // page with some options (go back, continue) to give the user a chance to avoid | 9 // page with some options (go back, continue) to give the user a chance to avoid |
| 10 // the harmful page. | 10 // the harmful page. |
| (...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 67 SafeBrowsingService* service, | 67 SafeBrowsingService* service, |
| 68 const SafeBrowsingService::UnsafeResource& resource); | 68 const SafeBrowsingService::UnsafeResource& resource); |
| 69 | 69 |
| 70 // Makes the passed |factory| the factory used to instanciate | 70 // Makes the passed |factory| the factory used to instanciate |
| 71 // SafeBrowsingBlockingPage objects. Usefull for tests. | 71 // SafeBrowsingBlockingPage objects. Usefull for tests. |
| 72 static void RegisterFactory(SafeBrowsingBlockingPageFactory* factory) { | 72 static void RegisterFactory(SafeBrowsingBlockingPageFactory* factory) { |
| 73 factory_ = factory; | 73 factory_ = factory; |
| 74 } | 74 } |
| 75 | 75 |
| 76 // InterstitialPageDelegate method: | 76 // InterstitialPageDelegate method: |
| 77 virtual std::string GetHTMLContents() OVERRIDE; | |
| 78 virtual void CommandReceived(const std::string& command) OVERRIDE; | 77 virtual void CommandReceived(const std::string& command) OVERRIDE; |
| 79 virtual void OverrideRendererPrefs( | 78 virtual void OverrideRendererPrefs( |
| 80 content::RendererPreferences* prefs) OVERRIDE; | 79 content::RendererPreferences* prefs) OVERRIDE; |
| 81 virtual void OnProceed() OVERRIDE; | 80 virtual void OnProceed() OVERRIDE; |
| 82 virtual void OnDontProceed() OVERRIDE; | 81 virtual void OnDontProceed() OVERRIDE; |
| 83 | 82 |
| 84 protected: | 83 protected: |
| 85 friend class SafeBrowsingBlockingPageTest; | 84 friend class SafeBrowsingBlockingPageTest; |
| 86 FRIEND_TEST_ALL_PREFIXES(SafeBrowsingBlockingPageTest, | 85 FRIEND_TEST_ALL_PREFIXES(SafeBrowsingBlockingPageTest, |
| 87 ProceedThenDontProceed); | 86 ProceedThenDontProceed); |
| 88 | 87 |
| 89 void SetReportingPreference(bool report); | 88 void SetReportingPreference(bool report); |
| 90 | 89 |
| 91 // Don't instanciate this class directly, use ShowBlockingPage instead. | 90 // Don't instanciate this class directly, use ShowBlockingPage instead. |
| 92 SafeBrowsingBlockingPage(SafeBrowsingService* service, | 91 SafeBrowsingBlockingPage(SafeBrowsingService* service, |
| 93 content::WebContents* web_contents, | 92 content::WebContents* web_contents, |
| 94 const UnsafeResourceList& unsafe_resources); | 93 const UnsafeResourceList& unsafe_resources); |
| 95 | 94 |
| 96 // After a malware interstitial where the user opted-in to the | 95 // After a malware interstitial where the user opted-in to the |
| 97 // report but clicked "proceed anyway", we delay the call to | 96 // report but clicked "proceed anyway", we delay the call to |
| 98 // MalwareDetails::FinishCollection() by this much time (in | 97 // MalwareDetails::FinishCollection() by this much time (in |
| 99 // milliseconds), in order to get data from the blocked resource itself. | 98 // milliseconds), in order to get data from the blocked resource itself. |
| 100 int64 malware_details_proceed_delay_ms_; | 99 int64 malware_details_proceed_delay_ms_; |
| 101 content::InterstitialPage* interstitial_page() const { | 100 content::InterstitialPage* interstitial_page() const { |
| 102 return interstitial_page_; | 101 return interstitial_page_; |
| 103 } | 102 } |
| 104 | 103 |
| 105 private: | |
| 106 FRIEND_TEST_ALL_PREFIXES(SafeBrowsingBlockingPageTest, MalwareReports); | 104 FRIEND_TEST_ALL_PREFIXES(SafeBrowsingBlockingPageTest, MalwareReports); |
| 107 | 105 |
| 108 enum BlockingPageEvent { | 106 enum BlockingPageEvent { |
| 109 SHOW, | 107 SHOW, |
| 110 PROCEED, | 108 PROCEED, |
| 111 DONT_PROCEED, | 109 DONT_PROCEED, |
| 112 }; | 110 }; |
| 113 | 111 |
| 114 // Fills the passed dictionary with the strings passed to JS Template when | |
| 115 // creating the HTML. | |
| 116 void PopulateMultipleThreatStringDictionary(base::DictionaryValue* strings); | |
| 117 void PopulateMalwareStringDictionary(base::DictionaryValue* strings); | |
| 118 void PopulatePhishingStringDictionary(base::DictionaryValue* strings); | |
| 119 | |
| 120 // A helper method used by the Populate methods above used to populate common | |
| 121 // fields. | |
| 122 void PopulateStringDictionary(base::DictionaryValue* strings, | |
| 123 const string16& title, | |
| 124 const string16& headline, | |
| 125 const string16& description1, | |
| 126 const string16& description2, | |
| 127 const string16& description3); | |
| 128 | |
| 129 // Records a user action for this interstitial, using the form | 112 // Records a user action for this interstitial, using the form |
| 130 // SBInterstitial[Phishing|Malware|Multiple][Show|Proceed|DontProceed]. | 113 // SBInterstitial[Phishing|Malware|Multiple][Show|Proceed|DontProceed]. |
| 131 void RecordUserAction(BlockingPageEvent event); | 114 void RecordUserAction(BlockingPageEvent event); |
| 132 | 115 |
| 133 // Records the time it took for the user to react to the | 116 // Records the time it took for the user to react to the |
| 134 // interstitial. We won't double-count if this method is called | 117 // interstitial. We won't double-count if this method is called |
| 135 // multiple times. | 118 // multiple times. |
| 136 void RecordUserReactionTime(const std::string& command); | 119 void RecordUserReactionTime(const std::string& command); |
| 137 | 120 |
| 138 // Checks if we should even show the malware details option. For example, we | 121 // Checks if we should even show the malware details option. For example, we |
| (...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 193 | 176 |
| 194 content::WebContents* web_contents_; | 177 content::WebContents* web_contents_; |
| 195 GURL url_; | 178 GURL url_; |
| 196 content::InterstitialPage* interstitial_page_; // Owns us | 179 content::InterstitialPage* interstitial_page_; // Owns us |
| 197 | 180 |
| 198 // Time when the interstitial was show. This variable is set in | 181 // Time when the interstitial was show. This variable is set in |
| 199 // GetHTMLContents() which is called right before the interstitial | 182 // GetHTMLContents() which is called right before the interstitial |
| 200 // is shown to the user. Will return is_null() once we reported the | 183 // is shown to the user. Will return is_null() once we reported the |
| 201 // user action. | 184 // user action. |
| 202 base::TimeTicks interstitial_show_time_; | 185 base::TimeTicks interstitial_show_time_; |
| 203 // True if the interstitial that is shown is a malware interstitial | 186 |
| 204 // and false if it's a phishing interstitial. If it's a multi-threat | 187 // Whether the user has expanded the "see more" section of the page already |
| 205 // interstitial we'll say it's malware. | 188 // during this interstitial page. |
| 206 bool is_malware_interstitial_; | 189 bool has_expanded_see_more_section_; |
| 190 |
| 191 // Which type of interstitial this is. |
| 192 enum { |
| 193 TYPE_MALWARE, |
| 194 TYPE_PHISHING, |
| 195 TYPE_MALWARE_AND_PHISHING, |
| 196 } interstitial_type_; |
| 207 | 197 |
| 208 // The factory used to instanciate SafeBrowsingBlockingPage objects. | 198 // The factory used to instanciate SafeBrowsingBlockingPage objects. |
| 209 // Usefull for tests, so they can provide their own implementation of | 199 // Usefull for tests, so they can provide their own implementation of |
| 210 // SafeBrowsingBlockingPage. | 200 // SafeBrowsingBlockingPage. |
| 211 static SafeBrowsingBlockingPageFactory* factory_; | 201 static SafeBrowsingBlockingPageFactory* factory_; |
| 212 | 202 |
| 213 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingBlockingPage); | 203 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingBlockingPage); |
| 214 }; | 204 }; |
| 215 | 205 |
| 206 class SafeBrowsingBlockingPageV1 : public SafeBrowsingBlockingPage { |
| 207 public: |
| 208 // Don't instanciate this class directly, use ShowBlockingPage instead. |
| 209 SafeBrowsingBlockingPageV1(SafeBrowsingService* service, |
| 210 content::WebContents* web_contents, |
| 211 const UnsafeResourceList& unsafe_resources); |
| 212 |
| 213 // InterstitialPageDelegate method: |
| 214 virtual std::string GetHTMLContents() OVERRIDE; |
| 215 |
| 216 private: |
| 217 // Fills the passed dictionary with the strings passed to JS Template when |
| 218 // creating the HTML. |
| 219 void PopulateMultipleThreatStringDictionary(base::DictionaryValue* strings); |
| 220 void PopulateMalwareStringDictionary(base::DictionaryValue* strings); |
| 221 void PopulatePhishingStringDictionary(base::DictionaryValue* strings); |
| 222 |
| 223 // A helper method used by the Populate methods above used to populate common |
| 224 // fields. |
| 225 void PopulateStringDictionary(base::DictionaryValue* strings, |
| 226 const string16& title, |
| 227 const string16& headline, |
| 228 const string16& description1, |
| 229 const string16& description2, |
| 230 const string16& description3); |
| 231 |
| 232 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingBlockingPageV1); |
| 233 }; |
| 234 |
| 235 class SafeBrowsingBlockingPageV2 : public SafeBrowsingBlockingPage { |
| 236 public: |
| 237 // Don't instanciate this class directly, use ShowBlockingPage instead. |
| 238 SafeBrowsingBlockingPageV2(SafeBrowsingService* service, |
| 239 content::WebContents* web_contents, |
| 240 const UnsafeResourceList& unsafe_resources); |
| 241 |
| 242 // InterstitialPageDelegate method: |
| 243 virtual std::string GetHTMLContents() OVERRIDE; |
| 244 |
| 245 private: |
| 246 // Fills the passed dictionary with the strings passed to JS Template when |
| 247 // creating the HTML. |
| 248 void PopulateMultipleThreatStringDictionary(base::DictionaryValue* strings); |
| 249 void PopulateMalwareStringDictionary(base::DictionaryValue* strings); |
| 250 void PopulatePhishingStringDictionary(base::DictionaryValue* strings); |
| 251 |
| 252 // A helper method used by the Populate methods above used to populate common |
| 253 // fields. |
| 254 void PopulateStringDictionary(base::DictionaryValue* strings, |
| 255 const string16& title, |
| 256 const string16& headline, |
| 257 const string16& description1, |
| 258 const string16& description2, |
| 259 const string16& description3, |
| 260 const string16& description4); |
| 261 |
| 262 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingBlockingPageV2); |
| 263 }; |
| 264 |
| 216 // Factory for creating SafeBrowsingBlockingPage. Useful for tests. | 265 // Factory for creating SafeBrowsingBlockingPage. Useful for tests. |
| 217 class SafeBrowsingBlockingPageFactory { | 266 class SafeBrowsingBlockingPageFactory { |
| 218 public: | 267 public: |
| 219 virtual ~SafeBrowsingBlockingPageFactory() { } | 268 virtual ~SafeBrowsingBlockingPageFactory() { } |
| 220 | 269 |
| 221 virtual SafeBrowsingBlockingPage* CreateSafeBrowsingPage( | 270 virtual SafeBrowsingBlockingPage* CreateSafeBrowsingPage( |
| 222 SafeBrowsingService* service, | 271 SafeBrowsingService* service, |
| 223 content::WebContents* web_contents, | 272 content::WebContents* web_contents, |
| 224 const SafeBrowsingBlockingPage::UnsafeResourceList& unsafe_resources) = 0; | 273 const SafeBrowsingBlockingPage::UnsafeResourceList& unsafe_resources) = 0; |
| 225 }; | 274 }; |
| 226 | 275 |
| 227 #endif // CHROME_BROWSER_SAFE_BROWSING_SAFE_BROWSING_BLOCKING_PAGE_H_ | 276 #endif // CHROME_BROWSER_SAFE_BROWSING_SAFE_BROWSING_BLOCKING_PAGE_H_ |
| OLD | NEW |