Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(670)

Side by Side Diff: chrome/browser/safe_browsing/safe_browsing_blocking_page.cc

Issue 10855260: Safe Browsing malware interstitial redesign field trial. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: webui style fixes Created 8 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 // 4 //
5 // Implementation of the SafeBrowsingBlockingPage class. 5 // Implementation of the SafeBrowsingBlockingPage class.
6 6
7 #include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h" 7 #include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h"
8 8
9 #include <string> 9 #include <string>
10 10
11 #include "base/bind.h" 11 #include "base/bind.h"
12 #include "base/i18n/rtl.h" 12 #include "base/i18n/rtl.h"
13 #include "base/lazy_instance.h" 13 #include "base/lazy_instance.h"
14 #include "base/metrics/field_trial.h"
14 #include "base/metrics/histogram.h" 15 #include "base/metrics/histogram.h"
15 #include "base/string_number_conversions.h" 16 #include "base/string_number_conversions.h"
16 #include "base/string_piece.h" 17 #include "base/string_piece.h"
17 #include "base/stringprintf.h" 18 #include "base/stringprintf.h"
18 #include "base/time.h" 19 #include "base/time.h"
19 #include "base/utf_string_conversions.h" 20 #include "base/utf_string_conversions.h"
20 #include "base/values.h" 21 #include "base/values.h"
21 #include "chrome/browser/browser_process.h" 22 #include "chrome/browser/browser_process.h"
22 #include "chrome/browser/google/google_util.h" 23 #include "chrome/browser/google/google_util.h"
23 #include "chrome/browser/prefs/pref_service.h" 24 #include "chrome/browser/prefs/pref_service.h"
24 #include "chrome/browser/profiles/profile.h" 25 #include "chrome/browser/profiles/profile.h"
25 #include "chrome/browser/renderer_preferences_util.h" 26 #include "chrome/browser/renderer_preferences_util.h"
26 #include "chrome/browser/safe_browsing/malware_details.h" 27 #include "chrome/browser/safe_browsing/malware_details.h"
27 #include "chrome/browser/safe_browsing/safe_browsing_service.h" 28 #include "chrome/browser/safe_browsing/safe_browsing_service.h"
28 #include "chrome/browser/tab_contents/tab_util.h" 29 #include "chrome/browser/tab_contents/tab_util.h"
29 #include "chrome/browser/ui/webui/ntp/new_tab_ui.h" 30 #include "chrome/browser/ui/webui/ntp/new_tab_ui.h"
30 #include "chrome/common/jstemplate_builder.h" 31 #include "chrome/common/jstemplate_builder.h"
31 #include "chrome/common/pref_names.h" 32 #include "chrome/common/pref_names.h"
32 #include "chrome/common/url_constants.h" 33 #include "chrome/common/url_constants.h"
33 #include "content/public/browser/browser_thread.h" 34 #include "content/public/browser/browser_thread.h"
34 #include "content/public/browser/interstitial_page.h" 35 #include "content/public/browser/interstitial_page.h"
35 #include "content/public/browser/navigation_controller.h" 36 #include "content/public/browser/navigation_controller.h"
36 #include "content/public/browser/user_metrics.h" 37 #include "content/public/browser/user_metrics.h"
37 #include "content/public/browser/web_contents.h" 38 #include "content/public/browser/web_contents.h"
38 #include "grit/browser_resources.h" 39 #include "grit/browser_resources.h"
40 #include "grit/chromium_strings.h"
39 #include "grit/generated_resources.h" 41 #include "grit/generated_resources.h"
40 #include "grit/locale_settings.h" 42 #include "grit/locale_settings.h"
41 #include "net/base/escape.h" 43 #include "net/base/escape.h"
42 #include "ui/base/l10n/l10n_util.h" 44 #include "ui/base/l10n/l10n_util.h"
43 #include "ui/base/layout.h" 45 #include "ui/base/layout.h"
44 #include "ui/base/resource/resource_bundle.h" 46 #include "ui/base/resource/resource_bundle.h"
45 47
46 using content::BrowserThread; 48 using content::BrowserThread;
47 using content::InterstitialPage; 49 using content::InterstitialPage;
48 using content::OpenURLParams; 50 using content::OpenURLParams;
(...skipping 11 matching lines...) Expand all
60 "http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=%s&clie nt=chromium"; 62 "http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=%s&clie nt=chromium";
61 #endif 63 #endif
62 64
63 static const char* const kSbReportPhishingErrorUrl = 65 static const char* const kSbReportPhishingErrorUrl =
64 "http://www.google.com/safebrowsing/report_error/"; 66 "http://www.google.com/safebrowsing/report_error/";
65 67
66 // URL for the "Learn more" link on the multi threat malware blocking page. 68 // URL for the "Learn more" link on the multi threat malware blocking page.
67 static const char* const kLearnMoreMalwareUrl = 69 static const char* const kLearnMoreMalwareUrl =
68 "https://www.google.com/support/bin/answer.py?answer=45449&topic=360" 70 "https://www.google.com/support/bin/answer.py?answer=45449&topic=360"
69 "&sa=X&oi=malwarewarninglink&resnum=1&ct=help"; 71 "&sa=X&oi=malwarewarninglink&resnum=1&ct=help";
72 static const char* const kLearnMoreMalwareUrlV2 =
73 "https://www.google.com/goodtoknow/online-safety/malware/";
70 74
71 // URL for the "Learn more" link on the phishing blocking page. 75 // URL for the "Learn more" link on the phishing blocking page.
72 static const char* const kLearnMorePhishingUrl = 76 static const char* const kLearnMorePhishingUrl =
73 "https://www.google.com/support/bin/answer.py?answer=106318"; 77 "https://www.google.com/support/bin/answer.py?answer=106318";
74 78
75 // URL for the "Safe Browsing Privacy Policies" link on the blocking page.
76 // Note: this page is not yet localized.
77 static const char* const kSbPrivacyPolicyUrl =
78 "http://www.google.com/intl/en_us/privacy/browsing.html";
79
80 static const char* const kSbDiagnosticHtml = 79 static const char* const kSbDiagnosticHtml =
81 "<a href=\"\" onclick=\"sendCommand('showDiagnostic'); return false;\" " 80 "<a href=\"\" onclick=\"sendCommand('showDiagnostic'); return false;\" "
82 "onmousedown=\"return false;\">%s</a>"; 81 "onmousedown=\"return false;\">%s</a>";
83 82
84 static const char* const kPLinkHtml = 83 static const char* const kPLinkHtml =
85 "<a href=\"\" onclick=\"sendCommand('proceed'); return false;\" " 84 "<a href=\"\" onclick=\"sendCommand('proceed'); return false;\" "
86 "onmousedown=\"return false;\">%s</a>"; 85 "onmousedown=\"return false;\">%s</a>";
87 86
88 static const char* const kPrivacyLinkHtml = 87 static const char* const kPrivacyLinkHtml =
89 "<a href=\"\" onclick=\"sendCommand('showPrivacy'); return false;\" " 88 "<a href=\"\" onclick=\"sendCommand('showPrivacy'); return false;\" "
90 "onmousedown=\"return false;\">%s</a>"; 89 "onmousedown=\"return false;\">%s</a>";
91 90
92 // After a malware interstitial where the user opted-in to the report 91 // After a malware interstitial where the user opted-in to the report
93 // but clicked "proceed anyway", we delay the call to 92 // but clicked "proceed anyway", we delay the call to
94 // MalwareDetails::FinishCollection() by this much time (in 93 // MalwareDetails::FinishCollection() by this much time (in
95 // milliseconds). 94 // milliseconds).
96 static const int64 kMalwareDetailsProceedDelayMilliSeconds = 3000; 95 static const int64 kMalwareDetailsProceedDelayMilliSeconds = 3000;
97 96
98 // The commands returned by the page when the user performs an action. 97 // The commands returned by the page when the user performs an action.
99 static const char* const kShowDiagnosticCommand = "showDiagnostic"; 98 static const char* const kShowDiagnosticCommand = "showDiagnostic";
100 static const char* const kReportErrorCommand = "reportError"; 99 static const char* const kReportErrorCommand = "reportError";
101 static const char* const kLearnMoreCommand = "learnMore"; 100 static const char* const kLearnMoreCommand = "learnMore";
101 static const char* const kLearnMoreCommandV2 = "learnMore2";
102 static const char* const kShowPrivacyCommand = "showPrivacy"; 102 static const char* const kShowPrivacyCommand = "showPrivacy";
103 static const char* const kProceedCommand = "proceed"; 103 static const char* const kProceedCommand = "proceed";
104 static const char* const kTakeMeBackCommand = "takeMeBack"; 104 static const char* const kTakeMeBackCommand = "takeMeBack";
105 static const char* const kDoReportCommand = "doReport"; 105 static const char* const kDoReportCommand = "doReport";
106 static const char* const kDontReportCommand = "dontReport"; 106 static const char* const kDontReportCommand = "dontReport";
107 static const char* const kDisplayCheckBox = "displaycheckbox"; 107 static const char* const kDisplayCheckBox = "displaycheckbox";
108 static const char* const kDisplayShowDiagnostic = "displayShowDiagnostic";
108 static const char* const kBoxChecked = "boxchecked"; 109 static const char* const kBoxChecked = "boxchecked";
110 static const char* const kExpandedSeeMore = "expandedSeeMore";
109 // Special command that we use when the user navigated away from the 111 // Special command that we use when the user navigated away from the
110 // page. E.g., closed the tab or the window. This is only used by 112 // page. E.g., closed the tab or the window. This is only used by
111 // RecordUserReactionTime. 113 // RecordUserReactionTime.
112 static const char* const kNavigatedAwayMetaCommand = "closed"; 114 static const char* const kNavigatedAwayMetaCommand = "closed";
113 115
114 // static 116 // static
115 SafeBrowsingBlockingPageFactory* SafeBrowsingBlockingPage::factory_ = NULL; 117 SafeBrowsingBlockingPageFactory* SafeBrowsingBlockingPage::factory_ = NULL;
116 118
117 static base::LazyInstance<SafeBrowsingBlockingPage::UnsafeResourceMap> 119 static base::LazyInstance<SafeBrowsingBlockingPage::UnsafeResourceMap>
118 g_unsafe_resource_map = LAZY_INSTANCE_INITIALIZER; 120 g_unsafe_resource_map = LAZY_INSTANCE_INITIALIZER;
119 121
120 // The default SafeBrowsingBlockingPageFactory. Global, made a singleton so we 122 // The default SafeBrowsingBlockingPageFactory. Global, made a singleton so we
121 // don't leak it. 123 // don't leak it.
122 class SafeBrowsingBlockingPageFactoryImpl 124 class SafeBrowsingBlockingPageFactoryImpl
123 : public SafeBrowsingBlockingPageFactory { 125 : public SafeBrowsingBlockingPageFactory {
124 public: 126 public:
125 SafeBrowsingBlockingPage* CreateSafeBrowsingPage( 127 SafeBrowsingBlockingPage* CreateSafeBrowsingPage(
126 SafeBrowsingService* service, 128 SafeBrowsingService* service,
127 WebContents* web_contents, 129 WebContents* web_contents,
128 const SafeBrowsingBlockingPage::UnsafeResourceList& unsafe_resources) { 130 const SafeBrowsingBlockingPage::UnsafeResourceList& unsafe_resources) {
129 return new SafeBrowsingBlockingPage(service, web_contents, 131 // Only do the trial if the interstitial is for a single malware resource,
130 unsafe_resources); 132 // the other types of interstitials have not been updated to V2 yet.
133 if (unsafe_resources.size() == 1 &&
134 unsafe_resources[0].threat_type == SafeBrowsingService::URL_MALWARE) {
135 if (base::FieldTrialList::FindFullName("SBInterstitial") == "V2") {
136 DVLOG(1) << "In V2 group.";
137 return new SafeBrowsingBlockingPageV2(service, web_contents,
138 unsafe_resources);
139 }
140 DVLOG(1) << "In V1 group.";
141 }
142 return new SafeBrowsingBlockingPageV1(service, web_contents,
143 unsafe_resources);
131 } 144 }
132 145
133 private: 146 private:
134 friend struct base::DefaultLazyInstanceTraits< 147 friend struct base::DefaultLazyInstanceTraits<
135 SafeBrowsingBlockingPageFactoryImpl>; 148 SafeBrowsingBlockingPageFactoryImpl>;
136 149
137 SafeBrowsingBlockingPageFactoryImpl() { } 150 SafeBrowsingBlockingPageFactoryImpl() { }
138 151
139 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingBlockingPageFactoryImpl); 152 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingBlockingPageFactoryImpl);
140 }; 153 };
141 154
142 static base::LazyInstance<SafeBrowsingBlockingPageFactoryImpl> 155 static base::LazyInstance<SafeBrowsingBlockingPageFactoryImpl>
143 g_safe_browsing_blocking_page_factory_impl = LAZY_INSTANCE_INITIALIZER; 156 g_safe_browsing_blocking_page_factory_impl = LAZY_INSTANCE_INITIALIZER;
144 157
145 SafeBrowsingBlockingPage::SafeBrowsingBlockingPage( 158 SafeBrowsingBlockingPage::SafeBrowsingBlockingPage(
146 SafeBrowsingService* sb_service, 159 SafeBrowsingService* sb_service,
147 WebContents* web_contents, 160 WebContents* web_contents,
148 const UnsafeResourceList& unsafe_resources) 161 const UnsafeResourceList& unsafe_resources)
149 : malware_details_proceed_delay_ms_( 162 : malware_details_proceed_delay_ms_(
150 kMalwareDetailsProceedDelayMilliSeconds), 163 kMalwareDetailsProceedDelayMilliSeconds),
151 sb_service_(sb_service), 164 sb_service_(sb_service),
152 report_loop_(NULL), 165 report_loop_(NULL),
153 is_main_frame_load_blocked_(IsMainPageLoadBlocked(unsafe_resources)), 166 is_main_frame_load_blocked_(IsMainPageLoadBlocked(unsafe_resources)),
154 unsafe_resources_(unsafe_resources), 167 unsafe_resources_(unsafe_resources),
155 proceeded_(false), 168 proceeded_(false),
156 web_contents_(web_contents), 169 web_contents_(web_contents),
157 url_(unsafe_resources[0].url) { 170 url_(unsafe_resources[0].url),
171 has_expanded_see_more_section_(false) {
172 bool malware = false;
173 bool phishing = false;
174 for (UnsafeResourceList::const_iterator iter = unsafe_resources_.begin();
175 iter != unsafe_resources_.end(); ++iter) {
176 const SafeBrowsingService::UnsafeResource& resource = *iter;
177 SafeBrowsingService::UrlCheckResult threat_type = resource.threat_type;
178 if (threat_type == SafeBrowsingService::URL_MALWARE) {
179 malware = true;
180 } else {
181 DCHECK(threat_type == SafeBrowsingService::URL_PHISHING ||
182 threat_type == SafeBrowsingService::CLIENT_SIDE_PHISHING_URL);
183 phishing = true;
184 }
185 }
186 DCHECK(phishing || malware);
187 if (malware && phishing)
188 interstitial_type_ = TYPE_MALWARE_AND_PHISHING;
189 else if (malware)
190 interstitial_type_ = TYPE_MALWARE;
191 else
192 interstitial_type_ = TYPE_PHISHING;
158 RecordUserAction(SHOW); 193 RecordUserAction(SHOW);
159 if (!is_main_frame_load_blocked_) { 194 if (!is_main_frame_load_blocked_) {
160 navigation_entry_index_to_remove_ = 195 navigation_entry_index_to_remove_ =
161 web_contents->GetController().GetLastCommittedEntryIndex(); 196 web_contents->GetController().GetLastCommittedEntryIndex();
162 } else { 197 } else {
163 navigation_entry_index_to_remove_ = -1; 198 navigation_entry_index_to_remove_ = -1;
164 } 199 }
165 200
166 // Start computing malware details. They will be sent only 201 // Start computing malware details. They will be sent only
167 // if the user opts-in on the blocking page later. 202 // if the user opts-in on the blocking page later.
(...skipping 13 matching lines...) Expand all
181 } 216 }
182 217
183 bool SafeBrowsingBlockingPage::CanShowMalwareDetailsOption() { 218 bool SafeBrowsingBlockingPage::CanShowMalwareDetailsOption() {
184 return (!web_contents_->GetBrowserContext()->IsOffTheRecord() && 219 return (!web_contents_->GetBrowserContext()->IsOffTheRecord() &&
185 web_contents_->GetURL().SchemeIs(chrome::kHttpScheme)); 220 web_contents_->GetURL().SchemeIs(chrome::kHttpScheme));
186 } 221 }
187 222
188 SafeBrowsingBlockingPage::~SafeBrowsingBlockingPage() { 223 SafeBrowsingBlockingPage::~SafeBrowsingBlockingPage() {
189 } 224 }
190 225
191 std::string SafeBrowsingBlockingPage::GetHTMLContents() {
192 // Load the HTML page and create the template components.
193 DictionaryValue strings;
194 ResourceBundle& rb = ResourceBundle::GetSharedInstance();
195 std::string html;
196
197 if (unsafe_resources_.empty()) {
198 NOTREACHED();
199 return std::string();
200 }
201
202 if (unsafe_resources_.size() > 1) {
203 PopulateMultipleThreatStringDictionary(&strings);
204 html = rb.GetRawDataResource(
205 IDR_SAFE_BROWSING_MULTIPLE_THREAT_BLOCK,
206 ui::SCALE_FACTOR_NONE).as_string();
207 is_malware_interstitial_ = true;
208 } else {
209 SafeBrowsingService::UrlCheckResult threat_type =
210 unsafe_resources_[0].threat_type;
211 if (threat_type == SafeBrowsingService::URL_MALWARE) {
212 PopulateMalwareStringDictionary(&strings);
213 html = rb.GetRawDataResource(
214 IDR_SAFE_BROWSING_MALWARE_BLOCK,
215 ui::SCALE_FACTOR_NONE).as_string();
216 is_malware_interstitial_ = true;
217 } else { // Phishing.
218 DCHECK(threat_type == SafeBrowsingService::URL_PHISHING ||
219 threat_type == SafeBrowsingService::CLIENT_SIDE_PHISHING_URL);
220 PopulatePhishingStringDictionary(&strings);
221 html = rb.GetRawDataResource(
222 IDR_SAFE_BROWSING_PHISHING_BLOCK,
223 ui::SCALE_FACTOR_NONE).as_string();
224 is_malware_interstitial_ = false;
225 }
226 }
227 interstitial_show_time_ = base::TimeTicks::Now();
228 return jstemplate_builder::GetTemplatesHtml(html, &strings, "template_root");
229 }
230
231 void SafeBrowsingBlockingPage::PopulateStringDictionary(
232 DictionaryValue* strings,
233 const string16& title,
234 const string16& headline,
235 const string16& description1,
236 const string16& description2,
237 const string16& description3) {
238 strings->SetString("title", title);
239 strings->SetString("headLine", headline);
240 strings->SetString("description1", description1);
241 strings->SetString("description2", description2);
242 strings->SetString("description3", description3);
243 strings->SetBoolean("proceedDisabled",
244 IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled));
245 }
246
247 void SafeBrowsingBlockingPage::PopulateMultipleThreatStringDictionary(
248 DictionaryValue* strings) {
249 bool malware = false;
250 bool phishing = false;
251
252 string16 malware_label =
253 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_LABEL);
254 string16 malware_link =
255 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_DIAGNOSTIC_PAGE);
256 string16 phishing_label =
257 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_LABEL);
258 string16 phishing_link =
259 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_REPORT_ERROR);
260
261 ListValue* error_strings = new ListValue;
262 for (UnsafeResourceList::const_iterator iter = unsafe_resources_.begin();
263 iter != unsafe_resources_.end(); ++iter) {
264 const SafeBrowsingService::UnsafeResource& resource = *iter;
265 SafeBrowsingService::UrlCheckResult threat_type = resource.threat_type;
266 DictionaryValue* current_error_strings = new DictionaryValue;
267 if (threat_type == SafeBrowsingService::URL_MALWARE) {
268 malware = true;
269 current_error_strings->SetString("type", "malware");
270 current_error_strings->SetString("typeLabel", malware_label);
271 current_error_strings->SetString("errorLink", malware_link);
272 } else {
273 DCHECK(threat_type == SafeBrowsingService::URL_PHISHING ||
274 threat_type == SafeBrowsingService::CLIENT_SIDE_PHISHING_URL);
275 phishing = true;
276 current_error_strings->SetString("type", "phishing");
277 current_error_strings->SetString("typeLabel", phishing_label);
278 current_error_strings->SetString("errorLink", phishing_link);
279 }
280 current_error_strings->SetString("url", resource.url.spec());
281 error_strings->Append(current_error_strings);
282 }
283 strings->Set("errors", error_strings);
284 DCHECK(phishing || malware);
285
286 if (malware && phishing) {
287 PopulateStringDictionary(
288 strings,
289 // Use the malware headline, it is the scariest one.
290 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MULTI_THREAT_TITLE),
291 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_HEADLINE),
292 l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_MULTI_THREAT_DESCRIPTION1,
293 UTF8ToUTF16(web_contents_->GetURL().host())),
294 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MULTI_THREAT_DESCRIPTION2),
295 string16());
296 } else if (malware) {
297 // Just malware.
298 PopulateStringDictionary(
299 strings,
300 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_TITLE),
301 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_HEADLINE),
302 l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_MULTI_MALWARE_DESCRIPTION1,
303 UTF8ToUTF16(web_contents_->GetURL().host())),
304 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MULTI_MALWARE_DESCRIPTION2),
305 l10n_util::GetStringUTF16(
306 IDS_SAFE_BROWSING_MULTI_MALWARE_DESCRIPTION3));
307 } else {
308 // Just phishing.
309 PopulateStringDictionary(
310 strings,
311 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_TITLE),
312 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_HEADLINE),
313 l10n_util::GetStringFUTF16(
314 IDS_SAFE_BROWSING_MULTI_PHISHING_DESCRIPTION1,
315 UTF8ToUTF16(web_contents_->GetURL().host())),
316 string16(),
317 string16());
318 }
319
320 strings->SetString("confirm_text",
321 l10n_util::GetStringUTF16(
322 IDS_SAFE_BROWSING_MULTI_MALWARE_DESCRIPTION_AGREE));
323 strings->SetString("continue_button",
324 l10n_util::GetStringUTF16(
325 IDS_SAFE_BROWSING_MULTI_MALWARE_PROCEED_BUTTON));
326 strings->SetString("back_button",
327 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_BACK_BUTTON));
328 strings->SetString("textdirection", base::i18n::IsRTL() ? "rtl" : "ltr");
329 }
330
331 void SafeBrowsingBlockingPage::PopulateMalwareStringDictionary(
332 DictionaryValue* strings) {
333 std::string diagnostic_link = base::StringPrintf(kSbDiagnosticHtml,
334 l10n_util::GetStringUTF8(
335 IDS_SAFE_BROWSING_MALWARE_DIAGNOSTIC_PAGE).c_str());
336
337 strings->SetString("badURL", url_.host());
338 // Check to see if we're blocking the main page, or a sub-resource on the
339 // main page.
340 string16 description1, description3, description5;
341 if (is_main_frame_load_blocked_) {
342 description1 = l10n_util::GetStringFUTF16(
343 IDS_SAFE_BROWSING_MALWARE_DESCRIPTION1, UTF8ToUTF16(url_.host()));
344 } else {
345 description1 = l10n_util::GetStringFUTF16(
346 IDS_SAFE_BROWSING_MALWARE_DESCRIPTION4,
347 UTF8ToUTF16(web_contents_->GetURL().host()),
348 UTF8ToUTF16(url_.host()));
349 }
350
351 std::string proceed_link = base::StringPrintf(kPLinkHtml,
352 l10n_util::GetStringUTF8(IDS_SAFE_BROWSING_MALWARE_PROCEED_LINK).c_str());
353 description3 =
354 l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_MALWARE_DESCRIPTION3,
355 UTF8ToUTF16(proceed_link));
356
357 PopulateStringDictionary(
358 strings,
359 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_TITLE),
360 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_HEADLINE),
361 description1,
362 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_DESCRIPTION2),
363 description3);
364
365 description5 =
366 l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_MALWARE_DESCRIPTION5,
367 UTF8ToUTF16(url_.host()),
368 UTF8ToUTF16(url_.host()),
369 UTF8ToUTF16(diagnostic_link));
370
371 strings->SetString("description5", description5);
372
373 strings->SetString("back_button",
374 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_BACK_BUTTON));
375 strings->SetString("proceed_link",
376 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_PROCEED_LINK));
377 strings->SetString("textdirection", base::i18n::IsRTL() ? "rtl" : "ltr");
378
379 if (!CanShowMalwareDetailsOption()) {
380 strings->SetBoolean(kDisplayCheckBox, false);
381 } else {
382 // Show the checkbox for sending malware details.
383 strings->SetBoolean(kDisplayCheckBox, true);
384
385 std::string privacy_link = base::StringPrintf(
386 kPrivacyLinkHtml,
387 l10n_util::GetStringUTF8(
388 IDS_SAFE_BROWSING_PRIVACY_POLICY_PAGE).c_str());
389
390 strings->SetString("confirm_text",
391 l10n_util::GetStringFUTF16(
392 IDS_SAFE_BROWSING_MALWARE_REPORTING_AGREE,
393 UTF8ToUTF16(privacy_link)));
394 if (IsPrefEnabled(prefs::kSafeBrowsingReportingEnabled))
395 strings->SetString(kBoxChecked, "yes");
396 else
397 strings->SetString(kBoxChecked, "");
398 }
399 }
400
401 void SafeBrowsingBlockingPage::PopulatePhishingStringDictionary(
402 DictionaryValue* strings) {
403 std::string proceed_link = base::StringPrintf(
404 kPLinkHtml,
405 l10n_util::GetStringUTF8(
406 IDS_SAFE_BROWSING_PHISHING_PROCEED_LINK).c_str());
407 string16 description3 = l10n_util::GetStringFUTF16(
408 IDS_SAFE_BROWSING_PHISHING_DESCRIPTION3,
409 UTF8ToUTF16(proceed_link));
410
411 PopulateStringDictionary(
412 strings,
413 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_TITLE),
414 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_HEADLINE),
415 l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_PHISHING_DESCRIPTION1,
416 UTF8ToUTF16(url_.host())),
417 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_DESCRIPTION2),
418 description3);
419
420 strings->SetString("back_button",
421 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_BACK_BUTTON));
422 strings->SetString("report_error",
423 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_REPORT_ERROR));
424 strings->SetString("textdirection", base::i18n::IsRTL() ? "rtl" : "ltr");
425 }
426
427 void SafeBrowsingBlockingPage::CommandReceived(const std::string& cmd) { 226 void SafeBrowsingBlockingPage::CommandReceived(const std::string& cmd) {
428 std::string command(cmd); // Make a local copy so we can modify it. 227 std::string command(cmd); // Make a local copy so we can modify it.
429 // The Jasonified response has quotes, remove them. 228 // The Jasonified response has quotes, remove them.
430 if (command.length() > 1 && command[0] == '"') { 229 if (command.length() > 1 && command[0] == '"') {
431 command = command.substr(1, command.length() - 2); 230 command = command.substr(1, command.length() - 2);
432 } 231 }
433 RecordUserReactionTime(command); 232 RecordUserReactionTime(command);
434 if (command == kDoReportCommand) { 233 if (command == kDoReportCommand) {
435 SetReportingPreference(true); 234 SetReportingPreference(true);
436 return; 235 return;
(...skipping 17 matching lines...) Expand all
454 } else { 253 } else {
455 NOTREACHED(); 254 NOTREACHED();
456 } 255 }
457 256
458 OpenURLParams params( 257 OpenURLParams params(
459 url, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_LINK, false); 258 url, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_LINK, false);
460 web_contents_->OpenURL(params); 259 web_contents_->OpenURL(params);
461 return; 260 return;
462 } 261 }
463 262
263 if (command == kLearnMoreCommandV2) {
264 // User pressed "Learn more".
265 GURL url;
266 SafeBrowsingService::UrlCheckResult threat_type =
267 unsafe_resources_[0].threat_type;
268 if (threat_type == SafeBrowsingService::URL_MALWARE) {
269 url = google_util::AppendGoogleLocaleParam(GURL(kLearnMoreMalwareUrlV2));
270 } else {
271 NOTREACHED();
272 }
273
274 OpenURLParams params(
275 url, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_LINK, false);
276 web_contents_->OpenURL(params);
277 return;
278 }
279
464 if (command == kShowPrivacyCommand) { 280 if (command == kShowPrivacyCommand) {
465 // User pressed "Safe Browsing privacy policy". 281 // User pressed "Safe Browsing privacy policy".
466 GURL url(kSbPrivacyPolicyUrl); 282 GURL url(l10n_util::GetStringUTF8(IDS_SAFE_BROWSING_PRIVACY_POLICY_URL));
467 OpenURLParams params( 283 OpenURLParams params(
468 url, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_LINK, false); 284 url, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_LINK, false);
469 web_contents_->OpenURL(params); 285 web_contents_->OpenURL(params);
470 return; 286 return;
471 } 287 }
472 288
473 bool proceed_blocked = false; 289 bool proceed_blocked = false;
474 if (command == kProceedCommand) { 290 if (command == kProceedCommand) {
475 if (IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled)) { 291 if (IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled)) {
476 proceed_blocked = true; 292 proceed_blocked = true;
(...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after
553 diagnostic_url = google_util::AppendGoogleLocaleParam(diagnostic_url); 369 diagnostic_url = google_util::AppendGoogleLocaleParam(diagnostic_url);
554 DCHECK(unsafe_resources_[element_index].threat_type == 370 DCHECK(unsafe_resources_[element_index].threat_type ==
555 SafeBrowsingService::URL_MALWARE); 371 SafeBrowsingService::URL_MALWARE);
556 OpenURLParams params( 372 OpenURLParams params(
557 diagnostic_url, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_LINK, 373 diagnostic_url, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_LINK,
558 false); 374 false);
559 web_contents_->OpenURL(params); 375 web_contents_->OpenURL(params);
560 return; 376 return;
561 } 377 }
562 378
379 if (command == kExpandedSeeMore) {
380 // User expanded the "see more info" section of the page. We don't actually
381 // do any action based on this, it's just so that RecordUserReactionTime can
382 // track it.
383 return;
384 }
385
563 NOTREACHED() << "Unexpected command: " << command; 386 NOTREACHED() << "Unexpected command: " << command;
564 } 387 }
565 388
566 void SafeBrowsingBlockingPage::OverrideRendererPrefs( 389 void SafeBrowsingBlockingPage::OverrideRendererPrefs(
567 content::RendererPreferences* prefs) { 390 content::RendererPreferences* prefs) {
568 Profile* profile = Profile::FromBrowserContext( 391 Profile* profile = Profile::FromBrowserContext(
569 web_contents_->GetBrowserContext()); 392 web_contents_->GetBrowserContext());
570 renderer_preferences_util::UpdateFromSystemSettings(prefs, profile); 393 renderer_preferences_util::UpdateFromSystemSettings(prefs, profile);
571 } 394 }
572 395
(...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after
637 if (navigation_entry_index_to_remove_ != -1 && 460 if (navigation_entry_index_to_remove_ != -1 &&
638 navigation_entry_index_to_remove_ != last_committed_index && 461 navigation_entry_index_to_remove_ != last_committed_index &&
639 !web_contents_->IsBeingDestroyed()) { 462 !web_contents_->IsBeingDestroyed()) {
640 web_contents_->GetController().RemoveEntryAtIndex( 463 web_contents_->GetController().RemoveEntryAtIndex(
641 navigation_entry_index_to_remove_); 464 navigation_entry_index_to_remove_);
642 navigation_entry_index_to_remove_ = -1; 465 navigation_entry_index_to_remove_ = -1;
643 } 466 }
644 } 467 }
645 468
646 void SafeBrowsingBlockingPage::RecordUserAction(BlockingPageEvent event) { 469 void SafeBrowsingBlockingPage::RecordUserAction(BlockingPageEvent event) {
647 // Determine the interstitial type from the blocked resources. 470 // This enum is used for a histogram. Don't reorder, delete, or insert
648 // This is the same logic that is used to actually construct the 471 // elements. New elements should be added before MAX_ACTION only.
649 // page contents; we can look at the title to see which type of 472 enum {
650 // interstitial is being displayed. 473 MALWARE_SHOW = 0,
651 DictionaryValue strings; 474 MALWARE_DONT_PROCEED,
652 PopulateMultipleThreatStringDictionary(&strings); 475 MALWARE_FORCED_DONT_PROCEED,
476 MALWARE_PROCEED,
477 MULTIPLE_SHOW,
478 MULTIPLE_DONT_PROCEED,
479 MULTIPLE_FORCED_DONT_PROCEED,
480 MULTIPLE_PROCEED,
481 PHISHING_SHOW,
482 PHISHING_DONT_PROCEED,
483 PHISHING_FORCED_DONT_PROCEED,
484 PHISHING_PROCEED,
485 MAX_ACTION
486 } histogram_action;
653 487
654 string16 title; 488 switch (event) {
655 bool success = strings.GetString("title", &title); 489 case SHOW:
656 DCHECK(success); 490 switch (interstitial_type_) {
491 case TYPE_MALWARE_AND_PHISHING:
492 histogram_action = MULTIPLE_SHOW;
493 break;
494 case TYPE_MALWARE:
495 histogram_action = MALWARE_SHOW;
496 break;
497 case TYPE_PHISHING:
498 histogram_action = PHISHING_SHOW;
499 break;
500 }
501 break;
502 case PROCEED:
503 switch (interstitial_type_) {
504 case TYPE_MALWARE_AND_PHISHING:
505 histogram_action = MULTIPLE_PROCEED;
506 break;
507 case TYPE_MALWARE:
508 histogram_action = MALWARE_PROCEED;
509 break;
510 case TYPE_PHISHING:
511 histogram_action = PHISHING_PROCEED;
512 break;
513 }
514 break;
515 case DONT_PROCEED:
516 if (IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled)) {
517 switch (interstitial_type_) {
518 case TYPE_MALWARE_AND_PHISHING:
519 histogram_action = MULTIPLE_FORCED_DONT_PROCEED;
520 break;
521 case TYPE_MALWARE:
522 histogram_action = MALWARE_FORCED_DONT_PROCEED;
523 break;
524 case TYPE_PHISHING:
525 histogram_action = PHISHING_FORCED_DONT_PROCEED;
526 break;
527 }
528 } else {
529 switch (interstitial_type_) {
530 case TYPE_MALWARE_AND_PHISHING:
531 histogram_action = MULTIPLE_DONT_PROCEED;
532 break;
533 case TYPE_MALWARE:
534 histogram_action = MALWARE_DONT_PROCEED;
535 break;
536 case TYPE_PHISHING:
537 histogram_action = PHISHING_DONT_PROCEED;
538 break;
539 }
540 }
541 break;
542 default:
543 NOTREACHED() << "Unexpected event: " << event;
544 }
545 UMA_HISTOGRAM_ENUMERATION("SB2.InterstitialAction", histogram_action,
546 MAX_ACTION);
547 UMA_HISTOGRAM_ENUMERATION(
548 base::FieldTrial::MakeName("SB2.InterstitialAction", "SBInterstitial"),
549 histogram_action,
550 MAX_ACTION);
657 551
552 // TODO(mattm): now that we've added the histogram above, should we remove
553 // this old user metric at some future point?
658 std::string action = "SBInterstitial"; 554 std::string action = "SBInterstitial";
659 if (title == 555 switch (interstitial_type_) {
660 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MULTI_THREAT_TITLE)) { 556 case TYPE_MALWARE_AND_PHISHING:
661 action.append("Multiple"); 557 action.append("Multiple");
662 } else if (title == 558 break;
663 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_TITLE)) { 559 case TYPE_MALWARE:
664 action.append("Malware"); 560 action.append("Malware");
665 } else { 561 break;
666 DCHECK_EQ(title, 562 case TYPE_PHISHING:
667 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_TITLE)); 563 action.append("Phishing");
668 action.append("Phishing"); 564 break;
669 } 565 }
670 566
671 switch (event) { 567 switch (event) {
672 case SHOW: 568 case SHOW:
673 action.append("Show"); 569 action.append("Show");
674 break; 570 break;
675 case PROCEED: 571 case PROCEED:
676 action.append("Proceed"); 572 action.append("Proceed");
677 break; 573 break;
678 case DONT_PROCEED: 574 case DONT_PROCEED:
679 if (IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled)) 575 if (IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled))
680 action.append("ForcedDontProceed"); 576 action.append("ForcedDontProceed");
681 else 577 else
682 action.append("DontProceed"); 578 action.append("DontProceed");
683 break; 579 break;
684 default: 580 default:
685 NOTREACHED() << "Unexpected event: " << event; 581 NOTREACHED() << "Unexpected event: " << event;
686 } 582 }
687 583
584 std::string field_trial_action;
585 if (base::FieldTrialList::FindFullName("SBInterstitial") == "V2")
586 field_trial_action = action + "_V2";
587 else
588 field_trial_action = action + "_V1";
589
688 content::RecordComputedAction(action); 590 content::RecordComputedAction(action);
591 content::RecordComputedAction(field_trial_action);
689 } 592 }
690 593
691 void SafeBrowsingBlockingPage::RecordUserReactionTime( 594 void SafeBrowsingBlockingPage::RecordUserReactionTime(
692 const std::string& command) { 595 const std::string& command) {
693 if (interstitial_show_time_.is_null()) 596 if (interstitial_show_time_.is_null())
694 return; // We already reported the user reaction time. 597 return; // We already reported the user reaction time.
695 base::TimeDelta dt = base::TimeTicks::Now() - interstitial_show_time_; 598 base::TimeDelta dt = base::TimeTicks::Now() - interstitial_show_time_;
696 DVLOG(1) << "User reaction time for command:" << command 599 DVLOG(1) << "User reaction time for command:" << command
697 << " on is_malware:" << is_malware_interstitial_ 600 << " on interstitial_type_:" << interstitial_type_
698 << " warning took " << dt.InMilliseconds() << "ms"; 601 << " warning took " << dt.InMilliseconds() << "ms";
699 bool recorded = true; 602 bool recorded = true;
700 if (is_malware_interstitial_) { 603 if (interstitial_type_ == TYPE_MALWARE ||
604 interstitial_type_ == TYPE_MALWARE_AND_PHISHING) {
701 // There are six ways in which the malware interstitial can go 605 // There are six ways in which the malware interstitial can go
702 // away. We handle all of them here but we group two together: closing the 606 // away. We handle all of them here but we group two together: closing the
703 // tag / browser window and clicking on the back button in the browser (not 607 // tag / browser window and clicking on the back button in the browser (not
704 // the big green button) are considered the same action. 608 // the big green button) are considered the same action.
705 if (command == kProceedCommand) { 609 if (command == kProceedCommand) {
706 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimeProceed", dt); 610 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimeProceed", dt);
611 UMA_HISTOGRAM_MEDIUM_TIMES(base::FieldTrial::MakeName(
612 "SB2.MalwareInterstitialTimeProceed", "SBInterstitial"), dt);
707 } else if (command == kTakeMeBackCommand) { 613 } else if (command == kTakeMeBackCommand) {
708 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimeTakeMeBack", dt); 614 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimeTakeMeBack", dt);
615 UMA_HISTOGRAM_MEDIUM_TIMES(base::FieldTrial::MakeName(
616 "SB2.MalwareInterstitialTimeTakeMeBack", "SBInterstitial"), dt);
709 } else if (command == kShowDiagnosticCommand) { 617 } else if (command == kShowDiagnosticCommand) {
710 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimeDiagnostic", dt); 618 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimeDiagnostic", dt);
619 UMA_HISTOGRAM_MEDIUM_TIMES(base::FieldTrial::MakeName(
620 "SB2.MalwareInterstitialTimeDiagnostic", "SBInterstitial"), dt);
711 } else if (command == kShowPrivacyCommand) { 621 } else if (command == kShowPrivacyCommand) {
712 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimePrivacyPolicy", 622 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimePrivacyPolicy",
713 dt); 623 dt);
624 UMA_HISTOGRAM_MEDIUM_TIMES(base::FieldTrial::MakeName(
625 "SB2.MalwareInterstitialTimePrivacyPolicy", "SBInterstitial"), dt);
626 } else if (command == kLearnMoreCommand || command == kLearnMoreCommandV2) {
627 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialLearnMore",
628 dt);
629 UMA_HISTOGRAM_MEDIUM_TIMES(base::FieldTrial::MakeName(
630 "SB2.MalwareInterstitialLearnMore", "SBInterstitial"), dt);
714 } else if (command == kNavigatedAwayMetaCommand) { 631 } else if (command == kNavigatedAwayMetaCommand) {
715 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimeClosed", dt); 632 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimeClosed", dt);
633 UMA_HISTOGRAM_MEDIUM_TIMES(base::FieldTrial::MakeName(
634 "SB2.MalwareInterstitialTimeClosed", "SBInterstitial"), dt);
635 } else if (command == kExpandedSeeMore) {
636 // Only record the expanded histogram once per display of the
637 // interstitial.
638 if (has_expanded_see_more_section_)
639 return;
640 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimeExpandedSeeMore",
641 dt);
642 has_expanded_see_more_section_ = true;
643 // Expanding the "See More" section doesn't finish the interstitial, so
644 // don't mark the reaction time as recorded.
645 recorded = false;
716 } else { 646 } else {
717 recorded = false; 647 recorded = false;
718 } 648 }
719 } else { 649 } else {
720 // Same as above but for phishing warnings. 650 // Same as above but for phishing warnings.
721 if (command == kProceedCommand) { 651 if (command == kProceedCommand) {
722 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.PhishingInterstitialTimeProceed", dt); 652 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.PhishingInterstitialTimeProceed", dt);
723 } else if (command == kTakeMeBackCommand) { 653 } else if (command == kTakeMeBackCommand) {
724 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.PhishingInterstitialTimeTakeMeBack", dt); 654 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.PhishingInterstitialTimeTakeMeBack", dt);
725 } else if (command == kShowDiagnosticCommand) { 655 } else if (command == kShowDiagnosticCommand) {
726 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.PhishingInterstitialTimeReportError", dt); 656 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.PhishingInterstitialTimeReportError", dt);
727 } else if (command == kShowPrivacyCommand) { 657 } else if (command == kLearnMoreCommand || command == kLearnMoreCommandV2) {
728 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.PhishingInterstitialTimeLearnMore", dt); 658 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.PhishingInterstitialTimeLearnMore", dt);
729 } else if (command == kNavigatedAwayMetaCommand) { 659 } else if (command == kNavigatedAwayMetaCommand) {
730 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.PhishingInterstitialTimeClosed", dt); 660 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.PhishingInterstitialTimeClosed", dt);
661 } else if (command == kExpandedSeeMore) {
662 // TODO(mattm): Add histogram for this when we implement V2 of the
663 // phishing interstitial.
664 NOTREACHED();
665 recorded = false;
731 } else { 666 } else {
732 recorded = false; 667 recorded = false;
733 } 668 }
734 } 669 }
735 if (recorded) // Making sure we don't double-count reaction times. 670 if (recorded) // Making sure we don't double-count reaction times.
736 interstitial_show_time_ = base::TimeTicks(); // Resets the show time. 671 interstitial_show_time_ = base::TimeTicks(); // Resets the show time.
737 } 672 }
738 673
739 void SafeBrowsingBlockingPage::FinishMalwareDetails(int64 delay_ms) { 674 void SafeBrowsingBlockingPage::FinishMalwareDetails(int64 delay_ms) {
740 if (malware_details_ == NULL) 675 if (malware_details_ == NULL)
(...skipping 28 matching lines...) Expand all
769 // static 704 // static
770 SafeBrowsingBlockingPage::UnsafeResourceMap* 705 SafeBrowsingBlockingPage::UnsafeResourceMap*
771 SafeBrowsingBlockingPage::GetUnsafeResourcesMap() { 706 SafeBrowsingBlockingPage::GetUnsafeResourcesMap() {
772 return g_unsafe_resource_map.Pointer(); 707 return g_unsafe_resource_map.Pointer();
773 } 708 }
774 709
775 // static 710 // static
776 void SafeBrowsingBlockingPage::ShowBlockingPage( 711 void SafeBrowsingBlockingPage::ShowBlockingPage(
777 SafeBrowsingService* sb_service, 712 SafeBrowsingService* sb_service,
778 const SafeBrowsingService::UnsafeResource& unsafe_resource) { 713 const SafeBrowsingService::UnsafeResource& unsafe_resource) {
714 DVLOG(1) << __FUNCTION__ << " " << unsafe_resource.url.spec();
779 WebContents* web_contents = tab_util::GetWebContentsByID( 715 WebContents* web_contents = tab_util::GetWebContentsByID(
780 unsafe_resource.render_process_host_id, unsafe_resource.render_view_id); 716 unsafe_resource.render_process_host_id, unsafe_resource.render_view_id);
781 717
782 InterstitialPage* interstitial = 718 InterstitialPage* interstitial =
783 InterstitialPage::GetInterstitialPage(web_contents); 719 InterstitialPage::GetInterstitialPage(web_contents);
784 if (interstitial && !unsafe_resource.is_subresource) { 720 if (interstitial && !unsafe_resource.is_subresource) {
785 // There is already an interstitial showing and we are about to display a 721 // There is already an interstitial showing and we are about to display a
786 // new one for the main frame. Just hide the current one, it is now 722 // new one for the main frame. Just hide the current one, it is now
787 // irrelevent 723 // irrelevent
788 interstitial->DontProceed(); 724 interstitial->DontProceed();
(...skipping 26 matching lines...) Expand all
815 // Client-side phishing detection interstitials never block the main frame 751 // Client-side phishing detection interstitials never block the main frame
816 // load, since they happen after the page is finished loading. 752 // load, since they happen after the page is finished loading.
817 if (unsafe_resources[0].threat_type == 753 if (unsafe_resources[0].threat_type ==
818 SafeBrowsingService::CLIENT_SIDE_PHISHING_URL) { 754 SafeBrowsingService::CLIENT_SIDE_PHISHING_URL) {
819 return false; 755 return false;
820 } 756 }
821 757
822 // Otherwise, check the threat type. 758 // Otherwise, check the threat type.
823 return unsafe_resources.size() == 1 && !unsafe_resources[0].is_subresource; 759 return unsafe_resources.size() == 1 && !unsafe_resources[0].is_subresource;
824 } 760 }
761
762 SafeBrowsingBlockingPageV1::SafeBrowsingBlockingPageV1(
763 SafeBrowsingService* sb_service,
764 WebContents* web_contents,
765 const UnsafeResourceList& unsafe_resources)
766 : SafeBrowsingBlockingPage(sb_service, web_contents, unsafe_resources) {
767 }
768
769 std::string SafeBrowsingBlockingPageV1::GetHTMLContents() {
770 // Load the HTML page and create the template components.
771 DictionaryValue strings;
772 ResourceBundle& rb = ResourceBundle::GetSharedInstance();
773 std::string html;
774
775 if (unsafe_resources_.empty()) {
776 NOTREACHED();
777 return std::string();
778 }
779
780 if (unsafe_resources_.size() > 1) {
781 PopulateMultipleThreatStringDictionary(&strings);
782 html = rb.GetRawDataResource(
783 IDR_SAFE_BROWSING_MULTIPLE_THREAT_BLOCK,
784 ui::SCALE_FACTOR_NONE).as_string();
785 } else {
786 SafeBrowsingService::UrlCheckResult threat_type =
787 unsafe_resources_[0].threat_type;
788 if (threat_type == SafeBrowsingService::URL_MALWARE) {
789 PopulateMalwareStringDictionary(&strings);
790 html = rb.GetRawDataResource(
791 IDR_SAFE_BROWSING_MALWARE_BLOCK,
792 ui::SCALE_FACTOR_NONE).as_string();
793 } else { // Phishing.
794 DCHECK(threat_type == SafeBrowsingService::URL_PHISHING ||
795 threat_type == SafeBrowsingService::CLIENT_SIDE_PHISHING_URL);
796 PopulatePhishingStringDictionary(&strings);
797 html = rb.GetRawDataResource(
798 IDR_SAFE_BROWSING_PHISHING_BLOCK,
799 ui::SCALE_FACTOR_NONE).as_string();
800 }
801 }
802 interstitial_show_time_ = base::TimeTicks::Now();
803 return jstemplate_builder::GetTemplatesHtml(html, &strings, "template_root");
804 }
805
806 void SafeBrowsingBlockingPageV1::PopulateStringDictionary(
807 DictionaryValue* strings,
808 const string16& title,
809 const string16& headline,
810 const string16& description1,
811 const string16& description2,
812 const string16& description3) {
813 strings->SetString("title", title);
814 strings->SetString("headLine", headline);
815 strings->SetString("description1", description1);
816 strings->SetString("description2", description2);
817 strings->SetString("description3", description3);
818 strings->SetBoolean("proceedDisabled",
819 IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled));
820 }
821
822 void SafeBrowsingBlockingPageV1::PopulateMultipleThreatStringDictionary(
823 DictionaryValue* strings) {
824
825 string16 malware_label =
826 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_LABEL);
827 string16 malware_link =
828 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_DIAGNOSTIC_PAGE);
829 string16 phishing_label =
830 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_LABEL);
831 string16 phishing_link =
832 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_REPORT_ERROR);
833
834 ListValue* error_strings = new ListValue;
835 for (UnsafeResourceList::const_iterator iter = unsafe_resources_.begin();
836 iter != unsafe_resources_.end(); ++iter) {
837 const SafeBrowsingService::UnsafeResource& resource = *iter;
838 SafeBrowsingService::UrlCheckResult threat_type = resource.threat_type;
839 DictionaryValue* current_error_strings = new DictionaryValue;
840 if (threat_type == SafeBrowsingService::URL_MALWARE) {
841 current_error_strings->SetString("type", "malware");
842 current_error_strings->SetString("typeLabel", malware_label);
843 current_error_strings->SetString("errorLink", malware_link);
844 } else {
845 DCHECK(threat_type == SafeBrowsingService::URL_PHISHING ||
846 threat_type == SafeBrowsingService::CLIENT_SIDE_PHISHING_URL);
847 current_error_strings->SetString("type", "phishing");
848 current_error_strings->SetString("typeLabel", phishing_label);
849 current_error_strings->SetString("errorLink", phishing_link);
850 }
851 current_error_strings->SetString("url", resource.url.spec());
852 error_strings->Append(current_error_strings);
853 }
854 strings->Set("errors", error_strings);
855
856 switch (interstitial_type_) {
857 case TYPE_MALWARE_AND_PHISHING:
858 PopulateStringDictionary(
859 strings,
860 // Use the malware headline, it is the scariest one.
861 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MULTI_THREAT_TITLE),
862 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_HEADLINE),
863 l10n_util::GetStringFUTF16(
864 IDS_SAFE_BROWSING_MULTI_THREAT_DESCRIPTION1,
865 UTF8ToUTF16(web_contents_->GetURL().host())),
866 l10n_util::GetStringUTF16(
867 IDS_SAFE_BROWSING_MULTI_THREAT_DESCRIPTION2),
868 string16());
869 break;
870 case TYPE_MALWARE:
871 PopulateStringDictionary(
872 strings,
873 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_TITLE),
874 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_HEADLINE),
875 l10n_util::GetStringFUTF16(
876 IDS_SAFE_BROWSING_MULTI_MALWARE_DESCRIPTION1,
877 UTF8ToUTF16(web_contents_->GetURL().host())),
878 l10n_util::GetStringUTF16(
879 IDS_SAFE_BROWSING_MULTI_MALWARE_DESCRIPTION2),
880 l10n_util::GetStringUTF16(
881 IDS_SAFE_BROWSING_MULTI_MALWARE_DESCRIPTION3));
882 break;
883 case TYPE_PHISHING:
884 PopulateStringDictionary(
885 strings,
886 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_TITLE),
887 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_HEADLINE),
888 l10n_util::GetStringFUTF16(
889 IDS_SAFE_BROWSING_MULTI_PHISHING_DESCRIPTION1,
890 UTF8ToUTF16(web_contents_->GetURL().host())),
891 string16(),
892 string16());
893 break;
894 }
895
896 strings->SetString("confirm_text",
897 l10n_util::GetStringUTF16(
898 IDS_SAFE_BROWSING_MULTI_MALWARE_DESCRIPTION_AGREE));
899 strings->SetString("continue_button",
900 l10n_util::GetStringUTF16(
901 IDS_SAFE_BROWSING_MULTI_MALWARE_PROCEED_BUTTON));
902 strings->SetString("back_button",
903 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_BACK_BUTTON));
904 strings->SetString("textdirection", base::i18n::IsRTL() ? "rtl" : "ltr");
905 }
906
907 void SafeBrowsingBlockingPageV1::PopulateMalwareStringDictionary(
908 DictionaryValue* strings) {
909 std::string diagnostic_link = base::StringPrintf(kSbDiagnosticHtml,
910 l10n_util::GetStringUTF8(
911 IDS_SAFE_BROWSING_MALWARE_DIAGNOSTIC_PAGE).c_str());
912
913 // Check to see if we're blocking the main page, or a sub-resource on the
914 // main page.
915 string16 description1, description3, description5;
916 if (is_main_frame_load_blocked_) {
917 description1 = l10n_util::GetStringFUTF16(
918 IDS_SAFE_BROWSING_MALWARE_DESCRIPTION1, UTF8ToUTF16(url_.host()));
919 } else {
920 description1 = l10n_util::GetStringFUTF16(
921 IDS_SAFE_BROWSING_MALWARE_DESCRIPTION4,
922 UTF8ToUTF16(web_contents_->GetURL().host()),
923 UTF8ToUTF16(url_.host()));
924 }
925
926 std::string proceed_link = base::StringPrintf(kPLinkHtml,
927 l10n_util::GetStringUTF8(IDS_SAFE_BROWSING_MALWARE_PROCEED_LINK).c_str());
928 description3 =
929 l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_MALWARE_DESCRIPTION3,
930 UTF8ToUTF16(proceed_link));
931
932 PopulateStringDictionary(
933 strings,
934 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_TITLE),
935 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_HEADLINE),
936 description1,
937 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_DESCRIPTION2),
938 description3);
939
940 description5 =
941 l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_MALWARE_DESCRIPTION5,
942 UTF8ToUTF16(url_.host()),
943 UTF8ToUTF16(url_.host()),
944 UTF8ToUTF16(diagnostic_link));
945
946 strings->SetString("description5", description5);
947
948 strings->SetString("back_button",
949 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_BACK_BUTTON));
950 strings->SetString("proceed_link",
951 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_PROCEED_LINK));
952 strings->SetString("textdirection", base::i18n::IsRTL() ? "rtl" : "ltr");
953
954 if (!CanShowMalwareDetailsOption()) {
955 strings->SetBoolean(kDisplayCheckBox, false);
956 } else {
957 // Show the checkbox for sending malware details.
958 strings->SetBoolean(kDisplayCheckBox, true);
959
960 std::string privacy_link = base::StringPrintf(
961 kPrivacyLinkHtml,
962 l10n_util::GetStringUTF8(
963 IDS_SAFE_BROWSING_PRIVACY_POLICY_PAGE).c_str());
964
965 strings->SetString("confirm_text",
966 l10n_util::GetStringFUTF16(
967 IDS_SAFE_BROWSING_MALWARE_REPORTING_AGREE,
968 UTF8ToUTF16(privacy_link)));
969 if (IsPrefEnabled(prefs::kSafeBrowsingReportingEnabled))
970 strings->SetString(kBoxChecked, "yes");
971 else
972 strings->SetString(kBoxChecked, "");
973 }
974 }
975
976 void SafeBrowsingBlockingPageV1::PopulatePhishingStringDictionary(
977 DictionaryValue* strings) {
978 std::string proceed_link = base::StringPrintf(
979 kPLinkHtml,
980 l10n_util::GetStringUTF8(
981 IDS_SAFE_BROWSING_PHISHING_PROCEED_LINK).c_str());
982 string16 description3 = l10n_util::GetStringFUTF16(
983 IDS_SAFE_BROWSING_PHISHING_DESCRIPTION3,
984 UTF8ToUTF16(proceed_link));
985
986 PopulateStringDictionary(
987 strings,
988 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_TITLE),
989 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_HEADLINE),
990 l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_PHISHING_DESCRIPTION1,
991 UTF8ToUTF16(url_.host())),
992 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_DESCRIPTION2),
993 description3);
994
995 strings->SetString("back_button",
996 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_BACK_BUTTON));
997 strings->SetString("report_error",
998 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_REPORT_ERROR));
999 strings->SetString("textdirection", base::i18n::IsRTL() ? "rtl" : "ltr");
1000 }
1001
1002 SafeBrowsingBlockingPageV2::SafeBrowsingBlockingPageV2(
1003 SafeBrowsingService* sb_service,
1004 WebContents* web_contents,
1005 const UnsafeResourceList& unsafe_resources)
1006 : SafeBrowsingBlockingPage(sb_service, web_contents, unsafe_resources) {
1007 }
1008
1009 std::string SafeBrowsingBlockingPageV2::GetHTMLContents() {
1010 // Load the HTML page and create the template components.
1011 DictionaryValue strings;
1012 ResourceBundle& rb = ResourceBundle::GetSharedInstance();
1013 std::string html;
1014
1015 if (unsafe_resources_.empty()) {
1016 NOTREACHED();
1017 return std::string();
1018 }
1019
1020 if (unsafe_resources_.size() > 1) {
1021 NOTREACHED();
1022 } else {
1023 SafeBrowsingService::UrlCheckResult threat_type =
1024 unsafe_resources_[0].threat_type;
1025 if (threat_type == SafeBrowsingService::URL_MALWARE) {
1026 PopulateMalwareStringDictionary(&strings);
1027 html = rb.GetRawDataResource(
1028 IDR_SAFE_BROWSING_MALWARE_BLOCK_V2,
1029 ui::SCALE_FACTOR_NONE).as_string();
1030 } else { // Phishing.
1031 DCHECK(threat_type == SafeBrowsingService::URL_PHISHING ||
1032 threat_type == SafeBrowsingService::CLIENT_SIDE_PHISHING_URL);
1033 NOTREACHED();
1034 }
1035 }
1036 interstitial_show_time_ = base::TimeTicks::Now();
1037 return jstemplate_builder::GetTemplatesHtml(html, &strings, "template_root");
1038 }
1039
1040 void SafeBrowsingBlockingPageV2::PopulateStringDictionary(
1041 DictionaryValue* strings,
1042 const string16& title,
1043 const string16& headline,
1044 const string16& description1,
1045 const string16& description2,
1046 const string16& description3,
1047 const string16& description4) {
1048 strings->SetString("title", title);
1049 strings->SetString("headLine", headline);
1050 strings->SetString("description1", description1);
1051 strings->SetString("description2", description2);
1052 strings->SetString("description3", description3);
1053 strings->SetString("description4", description4);
1054 strings->SetBoolean("proceedDisabled",
1055 IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled));
1056
1057 strings->SetString("textdirection", base::i18n::IsRTL() ? "rtl" : "ltr");
1058 strings->SetString("back_button",
1059 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_BACK_BUTTON));
1060 strings->SetString("seeMore", l10n_util::GetStringUTF16(
1061 IDS_SAFE_BROWSING_MALWARE_V2_SEE_MORE));
1062 strings->SetString("seeLess", l10n_util::GetStringUTF16(
1063 IDS_SAFE_BROWSING_MALWARE_V2_SEE_LESS));
1064 }
1065
1066 void SafeBrowsingBlockingPageV2::PopulateMultipleThreatStringDictionary(
1067 DictionaryValue* strings) {
1068 NOTREACHED();
1069 }
1070
1071 void SafeBrowsingBlockingPageV2::PopulateMalwareStringDictionary(
1072 DictionaryValue* strings) {
1073 std::string diagnostic_link = base::StringPrintf(kSbDiagnosticHtml,
1074 l10n_util::GetStringUTF8(
1075 IDS_SAFE_BROWSING_MALWARE_DIAGNOSTIC_PAGE).c_str());
1076
1077 // Check to see if we're blocking the main page, or a sub-resource on the
1078 // main page.
1079 string16 headline, description1, description2, description3, description4;
1080
1081
1082 if (is_main_frame_load_blocked_) {
1083 headline = l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_V2_HEADLINE);
1084 description1 = l10n_util::GetStringFUTF16(
1085 IDS_SAFE_BROWSING_MALWARE_V2_DESCRIPTION1,
1086 l10n_util::GetStringUTF16(IDS_PRODUCT_NAME),
1087 UTF8ToUTF16(url_.host()));
1088 description2 = l10n_util::GetStringUTF16(
1089 IDS_SAFE_BROWSING_MALWARE_V2_DESCRIPTION2);
1090 description3 = l10n_util::GetStringUTF16(
1091 IDS_SAFE_BROWSING_MALWARE_V2_DESCRIPTION3);
1092 description4 = l10n_util::GetStringUTF16(
1093 IDS_SAFE_BROWSING_MALWARE_V2_DESCRIPTION4);
1094 strings->SetBoolean(kDisplayShowDiagnostic, true);
1095 } else {
1096 headline = l10n_util::GetStringUTF16(
1097 IDS_SAFE_BROWSING_MALWARE_V2_HEADLINE_SUBRESOURCE);
1098 description1 = l10n_util::GetStringFUTF16(
1099 IDS_SAFE_BROWSING_MALWARE_V2_DESCRIPTION1_SUBRESOURCE,
1100 l10n_util::GetStringUTF16(IDS_PRODUCT_NAME),
1101 UTF8ToUTF16(web_contents_->GetURL().host()));
1102 description2 = l10n_util::GetStringUTF16(
1103 IDS_SAFE_BROWSING_MALWARE_V2_DESCRIPTION2_SUBRESOURCE);
1104 description3 = l10n_util::GetStringUTF16(
1105 IDS_SAFE_BROWSING_MALWARE_V2_DESCRIPTION3_SUBRESOURCE);
1106 description4 = l10n_util::GetStringFUTF16(
1107 IDS_SAFE_BROWSING_MALWARE_V2_DESCRIPTION4_SUBRESOURCE,
1108 UTF8ToUTF16(url_.host()));
1109 strings->SetBoolean(kDisplayShowDiagnostic, false);
1110 }
1111
1112 PopulateStringDictionary(
1113 strings,
1114 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_V2_TITLE),
1115 headline,
1116 description1,
1117 description2,
1118 description3,
1119 description4);
1120
1121 if (!CanShowMalwareDetailsOption()) {
1122 strings->SetBoolean(kDisplayCheckBox, false);
1123 } else {
1124 // Show the checkbox for sending malware details.
1125 strings->SetBoolean(kDisplayCheckBox, true);
1126
1127 std::string privacy_link = base::StringPrintf(
1128 kPrivacyLinkHtml,
1129 l10n_util::GetStringUTF8(
1130 IDS_SAFE_BROWSING_PRIVACY_POLICY_PAGE_V2).c_str());
1131
1132 strings->SetString("confirm_text",
1133 l10n_util::GetStringFUTF16(
1134 IDS_SAFE_BROWSING_MALWARE_V2_REPORTING_AGREE,
1135 UTF8ToUTF16(privacy_link)));
1136 if (IsPrefEnabled(prefs::kSafeBrowsingReportingEnabled))
1137 strings->SetString(kBoxChecked, "yes");
1138 else
1139 strings->SetString(kBoxChecked, "");
1140 }
1141
1142 strings->SetString("learnMore",
1143 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_V2_LEARN_MORE));
1144 strings->SetString("details",
1145 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_V2_DETAILS));
1146 }
1147
1148 void SafeBrowsingBlockingPageV2::PopulatePhishingStringDictionary(
1149 DictionaryValue* strings) {
1150 NOTREACHED();
1151 }
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698