OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 // | 4 // |
5 // Implementation of the SafeBrowsingBlockingPage class. | 5 // Implementation of the SafeBrowsingBlockingPage class. |
6 | 6 |
7 #include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h" | 7 #include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h" |
8 | 8 |
9 #include <string> | 9 #include <string> |
10 | 10 |
(...skipping 15 matching lines...) Expand all Loading... |
26 #include "chrome/browser/renderer_preferences_util.h" | 26 #include "chrome/browser/renderer_preferences_util.h" |
27 #include "chrome/browser/safe_browsing/threat_details.h" | 27 #include "chrome/browser/safe_browsing/threat_details.h" |
28 #include "chrome/browser/safe_browsing/ui_manager.h" | 28 #include "chrome/browser/safe_browsing/ui_manager.h" |
29 #include "chrome/browser/tab_contents/tab_util.h" | 29 #include "chrome/browser/tab_contents/tab_util.h" |
30 #include "chrome/common/chrome_switches.h" | 30 #include "chrome/common/chrome_switches.h" |
31 #include "chrome/common/pref_names.h" | 31 #include "chrome/common/pref_names.h" |
32 #include "chrome/common/url_constants.h" | 32 #include "chrome/common/url_constants.h" |
33 #include "chrome/grit/generated_resources.h" | 33 #include "chrome/grit/generated_resources.h" |
34 #include "chrome/grit/locale_settings.h" | 34 #include "chrome/grit/locale_settings.h" |
35 #include "components/google/core/browser/google_util.h" | 35 #include "components/google/core/browser/google_util.h" |
| 36 #include "components/security_interstitials/core/controller_client.h" |
36 #include "content/public/browser/browser_thread.h" | 37 #include "content/public/browser/browser_thread.h" |
37 #include "content/public/browser/interstitial_page.h" | 38 #include "content/public/browser/interstitial_page.h" |
38 #include "content/public/browser/navigation_controller.h" | 39 #include "content/public/browser/navigation_controller.h" |
39 #include "content/public/browser/user_metrics.h" | 40 #include "content/public/browser/user_metrics.h" |
40 #include "content/public/browser/web_contents.h" | 41 #include "content/public/browser/web_contents.h" |
41 #include "content/public/common/renderer_preferences.h" | 42 #include "content/public/common/renderer_preferences.h" |
42 #include "grit/browser_resources.h" | 43 #include "grit/browser_resources.h" |
43 #include "net/base/escape.h" | 44 #include "net/base/escape.h" |
44 #include "ui/base/l10n/l10n_util.h" | 45 #include "ui/base/l10n/l10n_util.h" |
45 | 46 |
46 using base::UserMetricsAction; | 47 using base::UserMetricsAction; |
47 using content::BrowserThread; | 48 using content::BrowserThread; |
48 using content::InterstitialPage; | 49 using content::InterstitialPage; |
49 using content::OpenURLParams; | 50 using content::OpenURLParams; |
50 using content::Referrer; | 51 using content::Referrer; |
51 using content::WebContents; | 52 using content::WebContents; |
| 53 using security_interstitials::ControllerClient; |
52 | 54 |
53 namespace safe_browsing { | 55 namespace safe_browsing { |
54 | 56 |
55 namespace { | 57 namespace { |
56 | 58 |
57 // For malware interstitial pages, we link the problematic URL to Google's | 59 // For malware interstitial pages, we link the problematic URL to Google's |
58 // diagnostic page. | 60 // diagnostic page. |
59 #if defined(GOOGLE_CHROME_BUILD) | 61 #if defined(GOOGLE_CHROME_BUILD) |
60 const char kSbDiagnosticUrl[] = | 62 const char kSbDiagnosticUrl[] = |
61 "https://www.google.com/safebrowsing/diagnostic?site=%s&client=googlechrome"
; | 63 "https://www.google.com/safebrowsing/diagnostic?site=%s&client=googlechrome"
; |
(...skipping 169 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
231 // content::WaitForRenderFrameReady sends this message when the page | 233 // content::WaitForRenderFrameReady sends this message when the page |
232 // load completes. Ignore it. | 234 // load completes. Ignore it. |
233 return; | 235 return; |
234 } | 236 } |
235 | 237 |
236 int command = 0; | 238 int command = 0; |
237 bool retval = base::StringToInt(page_cmd, &command); | 239 bool retval = base::StringToInt(page_cmd, &command); |
238 DCHECK(retval) << page_cmd; | 240 DCHECK(retval) << page_cmd; |
239 | 241 |
240 switch (command) { | 242 switch (command) { |
241 case CMD_DO_REPORT: { | 243 case ControllerClient::CMD_DO_REPORT: { |
242 // User enabled SB Extended Reporting via the checkbox. | 244 // User enabled SB Extended Reporting via the checkbox. |
243 SetReportingPreference(true); | 245 SetReportingPreference(true); |
244 break; | 246 break; |
245 } | 247 } |
246 case CMD_DONT_REPORT: { | 248 case ControllerClient::CMD_DONT_REPORT: { |
247 // User disabled SB Extended Reporting via the checkbox. | 249 // User disabled SB Extended Reporting via the checkbox. |
248 SetReportingPreference(false); | 250 SetReportingPreference(false); |
249 break; | 251 break; |
250 } | 252 } |
251 case CMD_OPEN_HELP_CENTER: { | 253 case ControllerClient::CMD_OPEN_HELP_CENTER: { |
252 // User pressed "Learn more". | 254 // User pressed "Learn more". |
253 metrics_helper()->RecordUserInteraction( | 255 metrics_helper()->RecordUserInteraction( |
254 security_interstitials::MetricsHelper::SHOW_LEARN_MORE); | 256 security_interstitials::MetricsHelper::SHOW_LEARN_MORE); |
255 GURL learn_more_url( | 257 GURL learn_more_url( |
256 interstitial_reason_ == SB_REASON_PHISHING ? | 258 interstitial_reason_ == SB_REASON_PHISHING ? |
257 kLearnMorePhishingUrlV2 : kLearnMoreMalwareUrlV2); | 259 kLearnMorePhishingUrlV2 : kLearnMoreMalwareUrlV2); |
258 learn_more_url = google_util::AppendGoogleLocaleParam( | 260 learn_more_url = google_util::AppendGoogleLocaleParam( |
259 learn_more_url, g_browser_process->GetApplicationLocale()); | 261 learn_more_url, g_browser_process->GetApplicationLocale()); |
260 OpenURLParams params(learn_more_url, | 262 OpenURLParams params(learn_more_url, |
261 Referrer(), | 263 Referrer(), |
262 CURRENT_TAB, | 264 CURRENT_TAB, |
263 ui::PAGE_TRANSITION_LINK, | 265 ui::PAGE_TRANSITION_LINK, |
264 false); | 266 false); |
265 web_contents()->OpenURL(params); | 267 web_contents()->OpenURL(params); |
266 break; | 268 break; |
267 } | 269 } |
268 case CMD_OPEN_REPORTING_PRIVACY: { | 270 case ControllerClient::CMD_OPEN_REPORTING_PRIVACY: { |
269 // User pressed on the SB Extended Reporting "privacy policy" link. | 271 // User pressed on the SB Extended Reporting "privacy policy" link. |
270 OpenExtendedReportingPrivacyPolicy(); | 272 OpenExtendedReportingPrivacyPolicy(); |
271 break; | 273 break; |
272 } | 274 } |
273 case CMD_PROCEED: { | 275 case ControllerClient::CMD_PROCEED: { |
274 // User pressed on the button to proceed. | 276 // User pressed on the button to proceed. |
275 if (!IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled)) { | 277 if (!IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled)) { |
276 metrics_helper()->RecordUserDecision( | 278 metrics_helper()->RecordUserDecision( |
277 security_interstitials::MetricsHelper::PROCEED); | 279 security_interstitials::MetricsHelper::PROCEED); |
278 interstitial_page()->Proceed(); | 280 interstitial_page()->Proceed(); |
279 // |this| has been deleted after Proceed() returns. | 281 // |this| has been deleted after Proceed() returns. |
280 break; | 282 break; |
281 } | 283 } |
282 // If the user can't proceed, fall through to CMD_DONT_PROCEED. | 284 // If the user can't proceed, fall through to CMD_DONT_PROCEED. |
283 } | 285 } |
284 case CMD_DONT_PROCEED: { | 286 case ControllerClient::CMD_DONT_PROCEED: { |
285 // User pressed on the button to return to safety. | 287 // User pressed on the button to return to safety. |
286 // Don't record the user action here because there are other ways of | 288 // Don't record the user action here because there are other ways of |
287 // triggering DontProceed, like clicking the back button. | 289 // triggering DontProceed, like clicking the back button. |
288 if (is_main_frame_load_blocked_) { | 290 if (is_main_frame_load_blocked_) { |
289 // If the load is blocked, we want to close the interstitial and discard | 291 // If the load is blocked, we want to close the interstitial and discard |
290 // the pending entry. | 292 // the pending entry. |
291 interstitial_page()->DontProceed(); | 293 interstitial_page()->DontProceed(); |
292 // |this| has been deleted after DontProceed() returns. | 294 // |this| has been deleted after DontProceed() returns. |
293 break; | 295 break; |
294 } | 296 } |
295 | 297 |
296 // Otherwise the offending entry has committed, and we need to go back or | 298 // Otherwise the offending entry has committed, and we need to go back or |
297 // to a safe page. We will close the interstitial when that page commits. | 299 // to a safe page. We will close the interstitial when that page commits. |
298 if (web_contents()->GetController().CanGoBack()) { | 300 if (web_contents()->GetController().CanGoBack()) { |
299 web_contents()->GetController().GoBack(); | 301 web_contents()->GetController().GoBack(); |
300 } else { | 302 } else { |
301 web_contents()->GetController().LoadURL( | 303 web_contents()->GetController().LoadURL( |
302 GURL(chrome::kChromeUINewTabURL), | 304 GURL(chrome::kChromeUINewTabURL), |
303 content::Referrer(), | 305 content::Referrer(), |
304 ui::PAGE_TRANSITION_AUTO_TOPLEVEL, | 306 ui::PAGE_TRANSITION_AUTO_TOPLEVEL, |
305 std::string()); | 307 std::string()); |
306 } | 308 } |
307 break; | 309 break; |
308 } | 310 } |
309 case CMD_OPEN_DIAGNOSTIC: { | 311 case ControllerClient::CMD_OPEN_DIAGNOSTIC: { |
310 // User wants to see why this page is blocked. | 312 // User wants to see why this page is blocked. |
311 const UnsafeResource& unsafe_resource = unsafe_resources_[0]; | 313 const UnsafeResource& unsafe_resource = unsafe_resources_[0]; |
312 std::string bad_url_spec = unsafe_resource.url.spec(); | 314 std::string bad_url_spec = unsafe_resource.url.spec(); |
313 metrics_helper()->RecordUserInteraction( | 315 metrics_helper()->RecordUserInteraction( |
314 security_interstitials::MetricsHelper::SHOW_DIAGNOSTIC); | 316 security_interstitials::MetricsHelper::SHOW_DIAGNOSTIC); |
315 std::string diagnostic = | 317 std::string diagnostic = |
316 base::StringPrintf(kSbDiagnosticUrl, | 318 base::StringPrintf(kSbDiagnosticUrl, |
317 net::EscapeQueryParamValue(bad_url_spec, true).c_str()); | 319 net::EscapeQueryParamValue(bad_url_spec, true).c_str()); |
318 GURL diagnostic_url(diagnostic); | 320 GURL diagnostic_url(diagnostic); |
319 diagnostic_url = google_util::AppendGoogleLocaleParam( | 321 diagnostic_url = google_util::AppendGoogleLocaleParam( |
320 diagnostic_url, g_browser_process->GetApplicationLocale()); | 322 diagnostic_url, g_browser_process->GetApplicationLocale()); |
321 DCHECK(unsafe_resource.threat_type == SB_THREAT_TYPE_URL_MALWARE || | 323 DCHECK(unsafe_resource.threat_type == SB_THREAT_TYPE_URL_MALWARE || |
322 unsafe_resource.threat_type == | 324 unsafe_resource.threat_type == |
323 SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL || | 325 SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL || |
324 unsafe_resource.threat_type == SB_THREAT_TYPE_URL_UNWANTED); | 326 unsafe_resource.threat_type == SB_THREAT_TYPE_URL_UNWANTED); |
325 OpenURLParams params( | 327 OpenURLParams params( |
326 diagnostic_url, Referrer(), CURRENT_TAB, ui::PAGE_TRANSITION_LINK, | 328 diagnostic_url, Referrer(), CURRENT_TAB, ui::PAGE_TRANSITION_LINK, |
327 false); | 329 false); |
328 web_contents()->OpenURL(params); | 330 web_contents()->OpenURL(params); |
329 break; | 331 break; |
330 } | 332 } |
331 case CMD_SHOW_MORE_SECTION: { | 333 case ControllerClient::CMD_SHOW_MORE_SECTION: { |
332 // User has opened up the hidden text. | 334 // User has opened up the hidden text. |
333 metrics_helper()->RecordUserInteraction( | 335 metrics_helper()->RecordUserInteraction( |
334 security_interstitials::MetricsHelper::SHOW_ADVANCED); | 336 security_interstitials::MetricsHelper::SHOW_ADVANCED); |
335 break; | 337 break; |
336 } | 338 } |
337 case CMD_REPORT_PHISHING_ERROR: { | 339 case ControllerClient::CMD_REPORT_PHISHING_ERROR: { |
338 // User wants to report a phishing error. | 340 // User wants to report a phishing error. |
339 metrics_helper()->RecordUserInteraction( | 341 metrics_helper()->RecordUserInteraction( |
340 security_interstitials::MetricsHelper::REPORT_PHISHING_ERROR); | 342 security_interstitials::MetricsHelper::REPORT_PHISHING_ERROR); |
341 GURL phishing_error_url(kReportPhishingErrorUrl); | 343 GURL phishing_error_url(kReportPhishingErrorUrl); |
342 phishing_error_url = google_util::AppendGoogleLocaleParam( | 344 phishing_error_url = google_util::AppendGoogleLocaleParam( |
343 phishing_error_url, g_browser_process->GetApplicationLocale()); | 345 phishing_error_url, g_browser_process->GetApplicationLocale()); |
344 OpenURLParams params(phishing_error_url, Referrer(), CURRENT_TAB, | 346 OpenURLParams params(phishing_error_url, Referrer(), CURRENT_TAB, |
345 ui::PAGE_TRANSITION_LINK, false); | 347 ui::PAGE_TRANSITION_LINK, false); |
346 web_contents()->OpenURL(params); | 348 web_contents()->OpenURL(params); |
347 break; | 349 break; |
(...skipping 277 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
625 case SB_REASON_PHISHING: | 627 case SB_REASON_PHISHING: |
626 PopulatePhishingLoadTimeData(load_time_data); | 628 PopulatePhishingLoadTimeData(load_time_data); |
627 break; | 629 break; |
628 } | 630 } |
629 } | 631 } |
630 | 632 |
631 void SafeBrowsingBlockingPage::PopulateExtendedReportingOption( | 633 void SafeBrowsingBlockingPage::PopulateExtendedReportingOption( |
632 base::DictionaryValue* load_time_data) { | 634 base::DictionaryValue* load_time_data) { |
633 // Only show checkbox if !(HTTPS || incognito-mode). | 635 // Only show checkbox if !(HTTPS || incognito-mode). |
634 const bool show = CanShowThreatDetailsOption(); | 636 const bool show = CanShowThreatDetailsOption(); |
635 load_time_data->SetBoolean(interstitials::kDisplayCheckBox, show); | 637 load_time_data->SetBoolean(security_interstitials::kDisplayCheckBox, show); |
636 if (!show) | 638 if (!show) |
637 return; | 639 return; |
638 | 640 |
639 const std::string privacy_link = base::StringPrintf( | 641 const std::string privacy_link = base::StringPrintf( |
640 interstitials::kPrivacyLinkHtml, CMD_OPEN_REPORTING_PRIVACY, | 642 security_interstitials::kPrivacyLinkHtml, |
| 643 ControllerClient::CMD_OPEN_REPORTING_PRIVACY, |
641 l10n_util::GetStringUTF8(IDS_SAFE_BROWSING_PRIVACY_POLICY_PAGE).c_str()); | 644 l10n_util::GetStringUTF8(IDS_SAFE_BROWSING_PRIVACY_POLICY_PAGE).c_str()); |
642 load_time_data->SetString( | 645 load_time_data->SetString( |
643 interstitials::kOptInLink, | 646 security_interstitials::kOptInLink, |
644 l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_MALWARE_REPORTING_AGREE, | 647 l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_MALWARE_REPORTING_AGREE, |
645 base::UTF8ToUTF16(privacy_link))); | 648 base::UTF8ToUTF16(privacy_link))); |
646 load_time_data->SetBoolean( | 649 load_time_data->SetBoolean( |
647 interstitials::kBoxChecked, | 650 security_interstitials::kBoxChecked, |
648 IsPrefEnabled(prefs::kSafeBrowsingExtendedReportingEnabled)); | 651 IsPrefEnabled(prefs::kSafeBrowsingExtendedReportingEnabled)); |
649 } | 652 } |
650 | 653 |
651 void SafeBrowsingBlockingPage::PopulateMalwareLoadTimeData( | 654 void SafeBrowsingBlockingPage::PopulateMalwareLoadTimeData( |
652 base::DictionaryValue* load_time_data) { | 655 base::DictionaryValue* load_time_data) { |
653 load_time_data->SetBoolean("phishing", false); | 656 load_time_data->SetBoolean("phishing", false); |
654 load_time_data->SetString( | 657 load_time_data->SetString( |
655 "heading", l10n_util::GetStringUTF16(IDS_MALWARE_V3_HEADING)); | 658 "heading", l10n_util::GetStringUTF16(IDS_MALWARE_V3_HEADING)); |
656 load_time_data->SetString( | 659 load_time_data->SetString( |
657 "primaryParagraph", | 660 "primaryParagraph", |
(...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
726 } else { | 729 } else { |
727 load_time_data->SetString( | 730 load_time_data->SetString( |
728 "finalParagraph", | 731 "finalParagraph", |
729 l10n_util::GetStringUTF16(IDS_PHISHING_V3_PROCEED_PARAGRAPH)); | 732 l10n_util::GetStringUTF16(IDS_PHISHING_V3_PROCEED_PARAGRAPH)); |
730 } | 733 } |
731 | 734 |
732 PopulateExtendedReportingOption(load_time_data); | 735 PopulateExtendedReportingOption(load_time_data); |
733 } | 736 } |
734 | 737 |
735 } // namespace safe_browsing | 738 } // namespace safe_browsing |
OLD | NEW |