Chromium Code Reviews Chromium Code Reviews
Issue 1035023002:
Adding the Finch code for the certificate error reporter experiment (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ssl/ssl_blocking_page.h" | 5 #include "chrome/browser/ssl/ssl_blocking_page.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
| 9 #include "base/build_time.h" | 9 #include "base/build_time.h" |
| 10 #include "base/callback_helpers.h" | 10 #include "base/callback_helpers.h" |
| 11 #include "base/command_line.h" | 11 #include "base/command_line.h" |
| 12 #include "base/i18n/rtl.h" | 12 #include "base/i18n/rtl.h" |
| 13 #include "base/i18n/time_formatting.h" | 13 #include "base/i18n/time_formatting.h" |
| 14 #include "base/metrics/field_trial.h" | 14 #include "base/metrics/field_trial.h" |
| 15 #include "base/metrics/histogram.h" | 15 #include "base/metrics/histogram.h" |
| 16 #include "base/prefs/pref_service.h" | 16 #include "base/prefs/pref_service.h" |
| 17 #include "base/process/launch.h" | 17 #include "base/process/launch.h" |
| 18 #include "base/rand_util.h" | |
| 18 #include "base/strings/string_number_conversions.h" | 19 #include "base/strings/string_number_conversions.h" |
| 19 #include "base/strings/string_piece.h" | 20 #include "base/strings/string_piece.h" |
| 20 #include "base/strings/string_util.h" | 21 #include "base/strings/string_util.h" |
| 21 #include "base/strings/stringprintf.h" | 22 #include "base/strings/stringprintf.h" |
| 22 #include "base/strings/utf_string_conversions.h" | 23 #include "base/strings/utf_string_conversions.h" |
| 23 #include "base/time/time.h" | 24 #include "base/time/time.h" |
| 24 #include "base/values.h" | 25 #include "base/values.h" |
| 25 #include "chrome/browser/browser_process.h" | 26 #include "chrome/browser/browser_process.h" |
| 26 #include "chrome/browser/chrome_notification_types.h" | 27 #include "chrome/browser/chrome_notification_types.h" |
| 27 #include "chrome/browser/interstitials/security_interstitial_metrics_helper.h" | 28 #include "chrome/browser/interstitials/security_interstitial_metrics_helper.h" |
| 28 #include "chrome/browser/profiles/profile.h" | 29 #include "chrome/browser/profiles/profile.h" |
| 29 #include "chrome/browser/renderer_preferences_util.h" | 30 #include "chrome/browser/renderer_preferences_util.h" |
| 30 #include "chrome/browser/safe_browsing/ui_manager.h" | 31 #include "chrome/browser/safe_browsing/ui_manager.h" |
| 31 #include "chrome/browser/ssl/ssl_error_classification.h" | 32 #include "chrome/browser/ssl/ssl_error_classification.h" |
| 32 #include "chrome/browser/ssl/ssl_error_info.h" | 33 #include "chrome/browser/ssl/ssl_error_info.h" |
| 33 #include "chrome/common/chrome_switches.h" | 34 #include "chrome/common/chrome_switches.h" |
| 34 #include "chrome/common/pref_names.h" | 35 #include "chrome/common/pref_names.h" |
| 35 #include "chrome/grit/chromium_strings.h" | 36 #include "chrome/grit/chromium_strings.h" |
| 36 #include "chrome/grit/generated_resources.h" | 37 #include "chrome/grit/generated_resources.h" |
| 37 #include "components/google/core/browser/google_util.h" | 38 #include "components/google/core/browser/google_util.h" |
| 39 #include "components/variations/variations_associated_data.h" | |
| 38 #include "content/public/browser/browser_thread.h" | 40 #include "content/public/browser/browser_thread.h" |
| 39 #include "content/public/browser/cert_store.h" | 41 #include "content/public/browser/cert_store.h" |
| 40 #include "content/public/browser/interstitial_page.h" | 42 #include "content/public/browser/interstitial_page.h" |
| 41 #include "content/public/browser/interstitial_page_delegate.h" | 43 #include "content/public/browser/interstitial_page_delegate.h" |
| 42 #include "content/public/browser/navigation_controller.h" | 44 #include "content/public/browser/navigation_controller.h" |
| 43 #include "content/public/browser/navigation_entry.h" | 45 #include "content/public/browser/navigation_entry.h" |
| 44 #include "content/public/browser/notification_service.h" | 46 #include "content/public/browser/notification_service.h" |
| 45 #include "content/public/browser/notification_types.h" | 47 #include "content/public/browser/notification_types.h" |
| 46 #include "content/public/browser/render_process_host.h" | 48 #include "content/public/browser/render_process_host.h" |
| 47 #include "content/public/browser/render_view_host.h" | 49 #include "content/public/browser/render_view_host.h" |
| (...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 93 EXPIRED_AND_PROCEED, | 95 EXPIRED_AND_PROCEED, |
| 94 EXPIRED_AND_DO_NOT_PROCEED, | 96 EXPIRED_AND_DO_NOT_PROCEED, |
| 95 NOT_EXPIRED_AND_PROCEED, | 97 NOT_EXPIRED_AND_PROCEED, |
| 96 NOT_EXPIRED_AND_DO_NOT_PROCEED, | 98 NOT_EXPIRED_AND_DO_NOT_PROCEED, |
| 97 END_OF_SSL_EXPIRATION_AND_DECISION, | 99 END_OF_SSL_EXPIRATION_AND_DECISION, |
| 98 }; | 100 }; |
| 99 | 101 |
| 100 // Rappor prefix | 102 // Rappor prefix |
| 101 const char kSSLRapporPrefix[] = "ssl"; | 103 const char kSSLRapporPrefix[] = "ssl"; |
| 102 | 104 |
| 105 // Check whether to report certificate verification errors to Google | |
| 106 bool ReportCertificateErrors() { | |
| 107 // Check Finch parameters | |
| 108 const std::string show = | |
| 109 base::FieldTrialList::FindFullName("ReportCertificateErrors"); | |
| 110 if (show.compare("ShowAndPossiblySend") == 0) { | |
| 111 const std::string param = variations::GetVariationParamValue( | |
| 112 "ReportCertificateErrors", "possibly_send"); | |
| 113 if (param.compare("") != 0) { | |
| 114 double possiblySend; | |
| 115 LOG(ERROR) << "RandValue: " << base::RandDouble(); | |
| 116 if (base::StringToDouble(param, &possiblySend)) | |
| 117 return base::RandDouble() <= possiblySend; | |
| 118 } | |
| 119 } | |
| 120 return false; | |
| 121 } | |
| 122 | |
| 123 // Check whether to show the certificate reporter checkbox | |
| 124 bool ShowCertificateReporterCheckbox() { | |
| 125 // Check Finch parameters | |
| 126 return base::FieldTrialList::FindFullName("ReportCertificateErrors") | |
|
estark
2015/04/02 01:19:51
How about doing the incognito check in here?
| |
| 127 .compare("ShowAndPossiblySend") == 0; | |
| 128 } | |
| 129 | |
| 103 void RecordSSLExpirationPageEventState(bool expired_but_previously_allowed, | 130 void RecordSSLExpirationPageEventState(bool expired_but_previously_allowed, |
| 104 bool proceed, | 131 bool proceed, |
| 105 bool overridable) { | 132 bool overridable) { |
| 106 SSLExpirationAndDecision event; | 133 SSLExpirationAndDecision event; |
| 107 if (expired_but_previously_allowed && proceed) | 134 if (expired_but_previously_allowed && proceed) |
| 108 event = EXPIRED_AND_PROCEED; | 135 event = EXPIRED_AND_PROCEED; |
| 109 else if (expired_but_previously_allowed && !proceed) | 136 else if (expired_but_previously_allowed && !proceed) |
| 110 event = EXPIRED_AND_DO_NOT_PROCEED; | 137 event = EXPIRED_AND_DO_NOT_PROCEED; |
| 111 else if (!expired_but_previously_allowed && proceed) | 138 else if (!expired_but_previously_allowed && proceed) |
| 112 event = NOT_EXPIRED_AND_PROCEED; | 139 event = NOT_EXPIRED_AND_PROCEED; |
| (...skipping 338 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 451 "pem", JoinString(encoded_chain, std::string())); | 478 "pem", JoinString(encoded_chain, std::string())); |
| 452 | 479 |
| 453 PopulateExtendedReportingOption(load_time_data); | 480 PopulateExtendedReportingOption(load_time_data); |
| 454 } | 481 } |
| 455 | 482 |
| 456 void SSLBlockingPage::PopulateExtendedReportingOption( | 483 void SSLBlockingPage::PopulateExtendedReportingOption( |
| 457 base::DictionaryValue* load_time_data) { | 484 base::DictionaryValue* load_time_data) { |
| 458 // Only show the checkbox if not off-the-record and if the | 485 // Only show the checkbox if not off-the-record and if the |
| 459 // command-line option is set. | 486 // command-line option is set. |
| 460 const bool show = !web_contents()->GetBrowserContext()->IsOffTheRecord() && | 487 const bool show = !web_contents()->GetBrowserContext()->IsOffTheRecord() && |
| 461 base::CommandLine::ForCurrentProcess()->HasSwitch( | 488 ShowCertificateReporterCheckbox(); |
|
estark
2015/04/02 01:19:51
If you do the incognito check in ShowCertificateRe
| |
| 462 switches::kEnableInvalidCertCollection); | |
| 463 | 489 |
| 464 load_time_data->SetBoolean(interstitials::kDisplayCheckBox, show); | 490 load_time_data->SetBoolean(interstitials::kDisplayCheckBox, show); |
| 465 if (!show) | 491 if (!show) |
| 466 return; | 492 return; |
| 467 | 493 |
| 468 load_time_data->SetBoolean( | 494 load_time_data->SetBoolean( |
| 469 interstitials::kBoxChecked, | 495 interstitials::kBoxChecked, |
| 470 IsPrefEnabled(prefs::kSafeBrowsingExtendedReportingEnabled)); | 496 IsPrefEnabled(prefs::kSafeBrowsingExtendedReportingEnabled)); |
| 471 | 497 |
| 472 const std::string privacy_link = base::StringPrintf( | 498 const std::string privacy_link = base::StringPrintf( |
| (...skipping 165 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 638 else | 664 else |
| 639 event_name.append(kEventNotOverridable); | 665 event_name.append(kEventNotOverridable); |
| 640 event_name.append(net::ErrorToString(cert_error_)); | 666 event_name.append(net::ErrorToString(cert_error_)); |
| 641 return event_name; | 667 return event_name; |
| 642 } | 668 } |
| 643 | 669 |
| 644 void SSLBlockingPage::FinishCertCollection() { | 670 void SSLBlockingPage::FinishCertCollection() { |
| 645 base::ScopedClosureRunner scoped_callback( | 671 base::ScopedClosureRunner scoped_callback( |
| 646 certificate_report_callback_for_testing_); | 672 certificate_report_callback_for_testing_); |
| 647 | 673 |
| 648 if (!base::CommandLine::ForCurrentProcess()->HasSwitch( | 674 if (!ReportCertificateErrors() || |
|
estark
2015/04/02 01:19:51
I think this should just be:
if (!ShowCertificate
fahl
2015/04/02 02:01:22
Done.
| |
| 649 switches::kEnableInvalidCertCollection) || | 675 web_contents()->GetBrowserContext()->IsOffTheRecord()) |
| 650 web_contents()->GetBrowserContext()->IsOffTheRecord()) { | |
| 651 return; | 676 return; |
| 652 } | |
| 653 | 677 |
| 654 const bool enabled = | 678 const bool enabled = |
| 655 IsPrefEnabled(prefs::kSafeBrowsingExtendedReportingEnabled); | 679 IsPrefEnabled(prefs::kSafeBrowsingExtendedReportingEnabled); |
| 656 | 680 |
| 657 if (!enabled) | 681 if (!enabled) |
| 658 return; | 682 return; |
| 659 | 683 |
| 660 metrics_helper()->RecordUserInteraction( | 684 metrics_helper()->RecordUserInteraction( |
| 661 SecurityInterstitialMetricsHelper::EXTENDED_REPORTING_IS_ENABLED); | 685 SecurityInterstitialMetricsHelper::EXTENDED_REPORTING_IS_ENABLED); |
| 662 | 686 |
| 663 if (certificate_report_callback_for_testing_.is_null()) | 687 if (ReportCertificateErrors()) { |
| 664 scoped_callback.Reset(base::Bind(&base::DoNothing)); | 688 if (certificate_report_callback_for_testing_.is_null()) |
| 665 | 689 scoped_callback.Reset(base::Bind(&base::DoNothing)); |
| 666 safe_browsing_ui_manager_->ReportInvalidCertificateChain( | 690 safe_browsing_ui_manager_->ReportInvalidCertificateChain( |
| 667 request_url().host(), ssl_info_, scoped_callback.Release()); | 691 request_url().host(), ssl_info_, scoped_callback.Release()); |
| 692 } | |
| 668 } | 693 } |
| 669 | 694 |
| 670 // static | 695 // static |
| 671 bool SSLBlockingPage::IsOptionsOverridable(int options_mask) { | 696 bool SSLBlockingPage::IsOptionsOverridable(int options_mask) { |
| 672 return (options_mask & SSLBlockingPage::OVERRIDABLE) && | 697 return (options_mask & SSLBlockingPage::OVERRIDABLE) && |
| 673 !(options_mask & SSLBlockingPage::STRICT_ENFORCEMENT); | 698 !(options_mask & SSLBlockingPage::STRICT_ENFORCEMENT); |
| 674 } | 699 } |
| OLD | NEW |
