| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <vector> | 5 #include <vector> |
| 6 | 6 |
| 7 #include "chrome/browser/ssl/ssl_error_classification.h" | 7 #include "chrome/browser/ssl/ssl_error_classification.h" |
| 8 | 8 |
| 9 #include "base/build_time.h" | 9 #include "base/build_time.h" |
| 10 #include "base/metrics/field_trial.h" | 10 #include "base/metrics/field_trial.h" |
| 11 #include "base/metrics/histogram.h" | 11 #include "base/metrics/histogram.h" |
| 12 #include "base/strings/string_split.h" | 12 #include "base/strings/string_split.h" |
| 13 #include "base/strings/utf_string_conversions.h" | 13 #include "base/strings/utf_string_conversions.h" |
| 14 #include "base/time/time.h" | 14 #include "base/time/time.h" |
| 15 #include "chrome/browser/browser_process.h" | 15 #include "chrome/browser/browser_process.h" |
| 16 #include "chrome/browser/chrome_notification_types.h" | 16 #include "chrome/browser/chrome_notification_types.h" |
| 17 #include "chrome/browser/profiles/profile.h" | 17 #include "chrome/browser/profiles/profile.h" |
| 18 #include "chrome/browser/ssl/ssl_error_info.h" | 18 #include "components/ssl_errors/error_info.h" |
| 19 #include "content/public/browser/notification_service.h" | 19 #include "content/public/browser/notification_service.h" |
| 20 #include "content/public/browser/web_contents.h" | 20 #include "content/public/browser/web_contents.h" |
| 21 #include "net/base/net_util.h" | 21 #include "net/base/net_util.h" |
| 22 #include "net/base/registry_controlled_domains/registry_controlled_domain.h" | 22 #include "net/base/registry_controlled_domains/registry_controlled_domain.h" |
| 23 #include "net/cert/x509_cert_types.h" | 23 #include "net/cert/x509_cert_types.h" |
| 24 #include "net/cert/x509_certificate.h" | 24 #include "net/cert/x509_certificate.h" |
| 25 #include "url/gurl.h" | 25 #include "url/gurl.h" |
| 26 | 26 |
| 27 #if defined(ENABLE_CAPTIVE_PORTAL_DETECTION) | 27 #if defined(ENABLE_CAPTIVE_PORTAL_DETECTION) |
| 28 #include "chrome/browser/captive_portal/captive_portal_service.h" | 28 #include "chrome/browser/captive_portal/captive_portal_service.h" |
| (...skipping 144 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 173 else if (captive_portal_no_response_) | 173 else if (captive_portal_no_response_) |
| 174 RecordCaptivePortalEventStats( | 174 RecordCaptivePortalEventStats( |
| 175 overridable ? | 175 overridable ? |
| 176 CAPTIVE_PORTAL_NO_RESPONSE_OVERRIDABLE : | 176 CAPTIVE_PORTAL_NO_RESPONSE_OVERRIDABLE : |
| 177 CAPTIVE_PORTAL_NO_RESPONSE); | 177 CAPTIVE_PORTAL_NO_RESPONSE); |
| 178 #endif | 178 #endif |
| 179 } | 179 } |
| 180 | 180 |
| 181 void SSLErrorClassification::RecordUMAStatistics( | 181 void SSLErrorClassification::RecordUMAStatistics( |
| 182 bool overridable) const { | 182 bool overridable) const { |
| 183 SSLErrorInfo::ErrorType type = | 183 ssl_errors::ErrorInfo::ErrorType type = |
| 184 SSLErrorInfo::NetErrorToErrorType(cert_error_); | 184 ssl_errors::ErrorInfo::NetErrorToErrorType(cert_error_); |
| 185 UMA_HISTOGRAM_ENUMERATION( | 185 UMA_HISTOGRAM_ENUMERATION("interstitial.ssl_error_type", type, |
| 186 "interstitial.ssl_error_type", type, SSLErrorInfo::END_OF_ENUM); | 186 ssl_errors::ErrorInfo::END_OF_ENUM); |
| 187 switch (type) { | 187 switch (type) { |
| 188 case SSLErrorInfo::CERT_DATE_INVALID: { | 188 case ssl_errors::ErrorInfo::CERT_DATE_INVALID: { |
| 189 if (IsUserClockInThePast(base::Time::NowFromSystemTime())) { | 189 if (IsUserClockInThePast(base::Time::NowFromSystemTime())) { |
| 190 RecordSSLInterstitialCause(overridable, CLOCK_PAST); | 190 RecordSSLInterstitialCause(overridable, CLOCK_PAST); |
| 191 } else if (IsUserClockInTheFuture(base::Time::NowFromSystemTime())) { | 191 } else if (IsUserClockInTheFuture(base::Time::NowFromSystemTime())) { |
| 192 RecordSSLInterstitialCause(overridable, CLOCK_FUTURE); | 192 RecordSSLInterstitialCause(overridable, CLOCK_FUTURE); |
| 193 } else if (cert_.HasExpired() && TimePassedSinceExpiry().InDays() < 28) { | 193 } else if (cert_.HasExpired() && TimePassedSinceExpiry().InDays() < 28) { |
| 194 RecordSSLInterstitialCause(overridable, EXPIRED_RECENTLY); | 194 RecordSSLInterstitialCause(overridable, EXPIRED_RECENTLY); |
| 195 } | 195 } |
| 196 break; | 196 break; |
| 197 } | 197 } |
| 198 case SSLErrorInfo::CERT_COMMON_NAME_INVALID: { | 198 case ssl_errors::ErrorInfo::CERT_COMMON_NAME_INVALID: { |
| 199 std::string host_name = request_url_.host(); | 199 std::string host_name = request_url_.host(); |
| 200 if (IsHostNameKnownTLD(host_name)) { | 200 if (IsHostNameKnownTLD(host_name)) { |
| 201 Tokens host_name_tokens = Tokenize(host_name); | 201 Tokens host_name_tokens = Tokenize(host_name); |
| 202 if (IsWWWSubDomainMatch()) | 202 if (IsWWWSubDomainMatch()) |
| 203 RecordSSLInterstitialCause(overridable, WWW_SUBDOMAIN_MATCH); | 203 RecordSSLInterstitialCause(overridable, WWW_SUBDOMAIN_MATCH); |
| 204 if (IsSubDomainOutsideWildcard(host_name_tokens)) | 204 if (IsSubDomainOutsideWildcard(host_name_tokens)) |
| 205 RecordSSLInterstitialCause(overridable, SUBDOMAIN_OUTSIDE_WILDCARD); | 205 RecordSSLInterstitialCause(overridable, SUBDOMAIN_OUTSIDE_WILDCARD); |
| 206 std::vector<std::string> dns_names; | 206 std::vector<std::string> dns_names; |
| 207 cert_.GetDNSNames(&dns_names); | 207 cert_.GetDNSNames(&dns_names); |
| 208 std::vector<Tokens> dns_name_tokens = GetTokenizedDNSNames(dns_names); | 208 std::vector<Tokens> dns_name_tokens = GetTokenizedDNSNames(dns_names); |
| 209 if (NameUnderAnyNames(host_name_tokens, dns_name_tokens)) | 209 if (NameUnderAnyNames(host_name_tokens, dns_name_tokens)) |
| 210 RecordSSLInterstitialCause(overridable, SUBDOMAIN_MATCH); | 210 RecordSSLInterstitialCause(overridable, SUBDOMAIN_MATCH); |
| 211 if (AnyNamesUnderName(dns_name_tokens, host_name_tokens)) | 211 if (AnyNamesUnderName(dns_name_tokens, host_name_tokens)) |
| 212 RecordSSLInterstitialCause(overridable, SUBDOMAIN_INVERSE_MATCH); | 212 RecordSSLInterstitialCause(overridable, SUBDOMAIN_INVERSE_MATCH); |
| 213 if (IsCertLikelyFromMultiTenantHosting()) | 213 if (IsCertLikelyFromMultiTenantHosting()) |
| 214 RecordSSLInterstitialCause(overridable, LIKELY_MULTI_TENANT_HOSTING); | 214 RecordSSLInterstitialCause(overridable, LIKELY_MULTI_TENANT_HOSTING); |
| 215 if (IsCertLikelyFromSameDomain()) | 215 if (IsCertLikelyFromSameDomain()) |
| 216 RecordSSLInterstitialCause(overridable, LIKELY_SAME_DOMAIN); | 216 RecordSSLInterstitialCause(overridable, LIKELY_SAME_DOMAIN); |
| 217 } else { | 217 } else { |
| 218 RecordSSLInterstitialCause(overridable, HOST_NAME_NOT_KNOWN_TLD); | 218 RecordSSLInterstitialCause(overridable, HOST_NAME_NOT_KNOWN_TLD); |
| 219 } | 219 } |
| 220 break; | 220 break; |
| 221 } | 221 } |
| 222 case SSLErrorInfo::CERT_AUTHORITY_INVALID: { | 222 case ssl_errors::ErrorInfo::CERT_AUTHORITY_INVALID: { |
| 223 const std::string& hostname = request_url_.HostNoBrackets(); | 223 const std::string& hostname = request_url_.HostNoBrackets(); |
| 224 if (net::IsLocalhost(hostname)) | 224 if (net::IsLocalhost(hostname)) |
| 225 RecordSSLInterstitialCause(overridable, LOCALHOST); | 225 RecordSSLInterstitialCause(overridable, LOCALHOST); |
| 226 if (IsHostnameNonUniqueOrDotless(hostname)) | 226 if (IsHostnameNonUniqueOrDotless(hostname)) |
| 227 RecordSSLInterstitialCause(overridable, PRIVATE_URL); | 227 RecordSSLInterstitialCause(overridable, PRIVATE_URL); |
| 228 if (captive_portal_probe_completed_ && captive_portal_detected_) | 228 if (captive_portal_probe_completed_ && captive_portal_detected_) |
| 229 RecordSSLInterstitialCause(overridable, AUTHORITY_ERROR_CAPTIVE_PORTAL); | 229 RecordSSLInterstitialCause(overridable, AUTHORITY_ERROR_CAPTIVE_PORTAL); |
| 230 if (net::X509Certificate::IsSelfSigned(cert_.os_cert_handle())) | 230 if (net::X509Certificate::IsSelfSigned(cert_.os_cert_handle())) |
| 231 RecordSSLInterstitialCause(overridable, SELF_SIGNED); | 231 RecordSSLInterstitialCause(overridable, SELF_SIGNED); |
| 232 break; | 232 break; |
| (...skipping 317 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 550 // sure we don't clear the captive protal flag, since the interstitial was | 550 // sure we don't clear the captive protal flag, since the interstitial was |
| 551 // potentially caused by the captive portal. | 551 // potentially caused by the captive portal. |
| 552 captive_portal_detected_ = captive_portal_detected_ || | 552 captive_portal_detected_ = captive_portal_detected_ || |
| 553 (results->result == captive_portal::RESULT_BEHIND_CAPTIVE_PORTAL); | 553 (results->result == captive_portal::RESULT_BEHIND_CAPTIVE_PORTAL); |
| 554 // Also keep track of non-HTTP portals and error cases. | 554 // Also keep track of non-HTTP portals and error cases. |
| 555 captive_portal_no_response_ = captive_portal_no_response_ || | 555 captive_portal_no_response_ = captive_portal_no_response_ || |
| 556 (results->result == captive_portal::RESULT_NO_RESPONSE); | 556 (results->result == captive_portal::RESULT_NO_RESPONSE); |
| 557 } | 557 } |
| 558 #endif | 558 #endif |
| 559 } | 559 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1341923002:
Create a component for SSL error handling (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master