Chromium Code Reviews Chromium Code Reviews
Issue 14752005:
Finch experiments on SSL, malware, and phishing interstitials (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 // | 4 // |
| 5 // Implementation of the SafeBrowsingBlockingPage class. | 5 // Implementation of the SafeBrowsingBlockingPage class. |
| 6 | 6 |
| 7 #include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h" | 7 #include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h" |
| 8 | 8 |
| 9 #include <string> | 9 #include <string> |
| 10 | 10 |
| (...skipping 95 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 106 static const char* const kDoReportCommand = "doReport"; | 106 static const char* const kDoReportCommand = "doReport"; |
| 107 static const char* const kDontReportCommand = "dontReport"; | 107 static const char* const kDontReportCommand = "dontReport"; |
| 108 static const char* const kDisplayCheckBox = "displaycheckbox"; | 108 static const char* const kDisplayCheckBox = "displaycheckbox"; |
| 109 static const char* const kBoxChecked = "boxchecked"; | 109 static const char* const kBoxChecked = "boxchecked"; |
| 110 static const char* const kExpandedSeeMore = "expandedSeeMore"; | 110 static const char* const kExpandedSeeMore = "expandedSeeMore"; |
| 111 // Special command that we use when the user navigated away from the | 111 // Special command that we use when the user navigated away from the |
| 112 // page. E.g., closed the tab or the window. This is only used by | 112 // page. E.g., closed the tab or the window. This is only used by |
| 113 // RecordUserReactionTime. | 113 // RecordUserReactionTime. |
| 114 static const char* const kNavigatedAwayMetaCommand = "closed"; | 114 static const char* const kNavigatedAwayMetaCommand = "closed"; |
| 115 | 115 |
| 116 // These are the conditions for the summer 2013 Finch experiment. | |
| 117 static const std::string kCond1MalwareControl = "Cond1MalwareControl"; | |
|
agl
2013/05/01 18:54:12
static const char kCond1Foo[] = "...";
avoid stat
felt
2013/05/01 19:39:45
Done.
| |
| 118 static const std::string kCond2MalwareNoBrand = "Cond2MalwareNoBrand"; | |
| 119 static const std::string kCond3PhishingControl = "Cond3PhishingControl"; | |
| 120 static const std::string kCond4PhishingNoBrand = "Cond4PhishingNoBrand"; | |
| 121 static const std::string kCond5MalwareOneStep = "Cond5MalwareOneStep"; | |
| 122 static const std::string kCond6PhishingOneStep = "Cond6PhishingOneStep"; | |
| 123 static const std::string kCond7MalwareFearMsg = "Cond7MalwareFearMsg"; | |
| 124 static const std::string kCond8PhishingFearMsg = "Cond8PhishingFearMsg"; | |
| 125 static const std::string kCond9MalwareCollabMsg = "Cond9MalwareCollabMsg"; | |
| 126 static const std::string kCond10PhishingCollabMsg = "Cond10PhishingCollabMsg"; | |
| 127 static const std::string kCond11MalwareQuestion = "Cond11MalwareQuestion"; | |
| 128 static const std::string kCond12PhishingQuestion = "Cond12PhishingQuestion"; | |
| 129 static const std::string kCond13MalwareGoBack = "Cond13MalwareGoBack"; | |
| 130 static const std::string kCond14PhishingGoBack = "Cond14PhishingGoBack"; | |
| 131 | |
| 116 // static | 132 // static |
| 117 SafeBrowsingBlockingPageFactory* SafeBrowsingBlockingPage::factory_ = NULL; | 133 SafeBrowsingBlockingPageFactory* SafeBrowsingBlockingPage::factory_ = NULL; |
| 118 | 134 |
| 119 static base::LazyInstance<SafeBrowsingBlockingPage::UnsafeResourceMap> | 135 static base::LazyInstance<SafeBrowsingBlockingPage::UnsafeResourceMap> |
| 120 g_unsafe_resource_map = LAZY_INSTANCE_INITIALIZER; | 136 g_unsafe_resource_map = LAZY_INSTANCE_INITIALIZER; |
| 121 | 137 |
| 122 // The default SafeBrowsingBlockingPageFactory. Global, made a singleton so we | 138 // The default SafeBrowsingBlockingPageFactory. Global, made a singleton so we |
| 123 // don't leak it. | 139 // don't leak it. |
| 124 class SafeBrowsingBlockingPageFactoryImpl | 140 class SafeBrowsingBlockingPageFactoryImpl |
| 125 : public SafeBrowsingBlockingPageFactory { | 141 : public SafeBrowsingBlockingPageFactory { |
| 126 public: | 142 public: |
| 127 virtual SafeBrowsingBlockingPage* CreateSafeBrowsingPage( | 143 virtual SafeBrowsingBlockingPage* CreateSafeBrowsingPage( |
| 128 SafeBrowsingUIManager* ui_manager, | 144 SafeBrowsingUIManager* ui_manager, |
| 129 WebContents* web_contents, | 145 WebContents* web_contents, |
| 130 const SafeBrowsingBlockingPage::UnsafeResourceList& unsafe_resources) | 146 const SafeBrowsingBlockingPage::UnsafeResourceList& unsafe_resources) |
| 131 OVERRIDE { | 147 OVERRIDE { |
| 132 // Only do the trial if the interstitial is for a single malware or | 148 // Only use the V2 page if the interstitial is for a single malware or |
| 133 // phishing resource, the multi-threat interstitial has not been updated to | 149 // phishing resource, the multi-threat interstitial has not been updated to |
| 134 // V2 yet. | 150 // V2 yet. |
| 135 if (unsafe_resources.size() == 1 && | 151 if (unsafe_resources.size() == 1 && |
| 136 (unsafe_resources[0].threat_type == SB_THREAT_TYPE_URL_MALWARE || | 152 (unsafe_resources[0].threat_type == SB_THREAT_TYPE_URL_MALWARE || |
| 137 unsafe_resources[0].threat_type == SB_THREAT_TYPE_URL_PHISHING)) { | 153 unsafe_resources[0].threat_type == SB_THREAT_TYPE_URL_PHISHING)) { |
| 138 return new SafeBrowsingBlockingPageV2(ui_manager, web_contents, | 154 return new SafeBrowsingBlockingPageV2(ui_manager, web_contents, |
| 139 unsafe_resources); | 155 unsafe_resources); |
| 140 } | 156 } |
| 141 return new SafeBrowsingBlockingPageV1(ui_manager, web_contents, | 157 return new SafeBrowsingBlockingPageV1(ui_manager, web_contents, |
| 142 unsafe_resources); | 158 unsafe_resources); |
| (...skipping 228 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 371 DCHECK(unsafe_resources_[element_index].threat_type == | 387 DCHECK(unsafe_resources_[element_index].threat_type == |
| 372 SB_THREAT_TYPE_URL_MALWARE); | 388 SB_THREAT_TYPE_URL_MALWARE); |
| 373 OpenURLParams params( | 389 OpenURLParams params( |
| 374 diagnostic_url, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_LINK, | 390 diagnostic_url, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_LINK, |
| 375 false); | 391 false); |
| 376 web_contents_->OpenURL(params); | 392 web_contents_->OpenURL(params); |
| 377 return; | 393 return; |
| 378 } | 394 } |
| 379 | 395 |
| 380 if (command == kExpandedSeeMore) { | 396 if (command == kExpandedSeeMore) { |
| 397 if (!has_expanded_see_more_section_) // Toggled in RecordUserReactionTime. | |
| 398 RecordUserAction(ADVANCED); | |
| 381 // User expanded the "see more info" section of the page. We don't actually | 399 // User expanded the "see more info" section of the page. We don't actually |
| 382 // do any action based on this, it's just so that RecordUserReactionTime can | 400 // do any action based on this, it's just so that RecordUserReactionTime can |
| 383 // track it. | 401 // track it. |
| 384 return; | 402 return; |
| 385 } | 403 } |
| 386 | 404 |
| 387 NOTREACHED() << "Unexpected command: " << command; | 405 NOTREACHED() << "Unexpected command: " << command; |
| 388 } | 406 } |
| 389 | 407 |
| 390 void SafeBrowsingBlockingPage::OverrideRendererPrefs( | 408 void SafeBrowsingBlockingPage::OverrideRendererPrefs( |
| (...skipping 85 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 476 MALWARE_FORCED_DONT_PROCEED, | 494 MALWARE_FORCED_DONT_PROCEED, |
| 477 MALWARE_PROCEED, | 495 MALWARE_PROCEED, |
| 478 MULTIPLE_SHOW, | 496 MULTIPLE_SHOW, |
| 479 MULTIPLE_DONT_PROCEED, | 497 MULTIPLE_DONT_PROCEED, |
| 480 MULTIPLE_FORCED_DONT_PROCEED, | 498 MULTIPLE_FORCED_DONT_PROCEED, |
| 481 MULTIPLE_PROCEED, | 499 MULTIPLE_PROCEED, |
| 482 PHISHING_SHOW, | 500 PHISHING_SHOW, |
| 483 PHISHING_DONT_PROCEED, | 501 PHISHING_DONT_PROCEED, |
| 484 PHISHING_FORCED_DONT_PROCEED, | 502 PHISHING_FORCED_DONT_PROCEED, |
| 485 PHISHING_PROCEED, | 503 PHISHING_PROCEED, |
| 504 MALWARE_ADVANCED, | |
|
agl
2013/05/01 18:54:12
likewise, I'm not sure that these enum elements ha
felt
2013/05/01 19:39:45
Done.
| |
| 505 MULTIPLE_ADVANCED, | |
| 506 PHISHING_ADVANCED, | |
| 486 MAX_ACTION | 507 MAX_ACTION |
| 487 } histogram_action = MAX_ACTION; | 508 } histogram_action = MAX_ACTION; |
| 488 | 509 |
| 489 switch (event) { | 510 switch (event) { |
| 490 case SHOW: | 511 case SHOW: |
| 491 switch (interstitial_type_) { | 512 switch (interstitial_type_) { |
| 492 case TYPE_MALWARE_AND_PHISHING: | 513 case TYPE_MALWARE_AND_PHISHING: |
| 493 histogram_action = MULTIPLE_SHOW; | 514 histogram_action = MULTIPLE_SHOW; |
| 494 break; | 515 break; |
| 495 case TYPE_MALWARE: | 516 case TYPE_MALWARE: |
| (...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 533 break; | 554 break; |
| 534 case TYPE_MALWARE: | 555 case TYPE_MALWARE: |
| 535 histogram_action = MALWARE_DONT_PROCEED; | 556 histogram_action = MALWARE_DONT_PROCEED; |
| 536 break; | 557 break; |
| 537 case TYPE_PHISHING: | 558 case TYPE_PHISHING: |
| 538 histogram_action = PHISHING_DONT_PROCEED; | 559 histogram_action = PHISHING_DONT_PROCEED; |
| 539 break; | 560 break; |
| 540 } | 561 } |
| 541 } | 562 } |
| 542 break; | 563 break; |
| 564 case ADVANCED: | |
| 565 switch (interstitial_type_) { | |
| 566 case TYPE_MALWARE_AND_PHISHING: | |
| 567 histogram_action = MULTIPLE_ADVANCED; | |
| 568 break; | |
| 569 case TYPE_MALWARE: | |
| 570 histogram_action = MALWARE_ADVANCED; | |
| 571 break; | |
| 572 case TYPE_PHISHING: | |
| 573 histogram_action = PHISHING_ADVANCED; | |
| 574 break; | |
| 575 } | |
| 576 break; | |
| 543 default: | 577 default: |
| 544 NOTREACHED() << "Unexpected event: " << event; | 578 NOTREACHED() << "Unexpected event: " << event; |
| 545 } | 579 } |
| 546 if (histogram_action == MAX_ACTION) { | 580 if (histogram_action == MAX_ACTION) { |
| 547 NOTREACHED(); | 581 NOTREACHED(); |
| 548 } else { | 582 } else { |
| 549 UMA_HISTOGRAM_ENUMERATION("SB2.InterstitialAction", histogram_action, | 583 UMA_HISTOGRAM_ENUMERATION("SB2.InterstitialAction", histogram_action, |
| 550 MAX_ACTION); | 584 MAX_ACTION); |
| 551 } | 585 } |
| 552 | 586 |
| (...skipping 331 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 884 void SafeBrowsingBlockingPageV1::PopulatePhishingStringDictionary( | 918 void SafeBrowsingBlockingPageV1::PopulatePhishingStringDictionary( |
| 885 DictionaryValue* strings) { | 919 DictionaryValue* strings) { |
| 886 NOTREACHED(); | 920 NOTREACHED(); |
| 887 } | 921 } |
| 888 | 922 |
| 889 SafeBrowsingBlockingPageV2::SafeBrowsingBlockingPageV2( | 923 SafeBrowsingBlockingPageV2::SafeBrowsingBlockingPageV2( |
| 890 SafeBrowsingUIManager* ui_manager, | 924 SafeBrowsingUIManager* ui_manager, |
| 891 WebContents* web_contents, | 925 WebContents* web_contents, |
| 892 const UnsafeResourceList& unsafe_resources) | 926 const UnsafeResourceList& unsafe_resources) |
| 893 : SafeBrowsingBlockingPage(ui_manager, web_contents, unsafe_resources) { | 927 : SafeBrowsingBlockingPage(ui_manager, web_contents, unsafe_resources) { |
| 928 trial_ = ""; | |
|
agl
2013/05/01 18:54:12
std::strings do not need to be explicitly cleared.
felt
2013/05/01 19:39:45
Done.
| |
| 929 if (unsafe_resources_[0].threat_type == SB_THREAT_TYPE_URL_MALWARE) | |
|
agl
2013/05/01 18:54:12
I feel that once a conditional grows past an if an
felt
2013/05/01 19:39:45
Done.
| |
| 930 trial_ = base::FieldTrialList::FindFullName("InterstitialMalware"); | |
| 931 else if (unsafe_resources_[0].threat_type == SB_THREAT_TYPE_URL_PHISHING || | |
| 932 unsafe_resources_[0].threat_type == | |
| 933 SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL) | |
| 934 trial_ = base::FieldTrialList::FindFullName("InterstitialPhishing"); | |
| 894 } | 935 } |
| 895 | 936 |
| 896 std::string SafeBrowsingBlockingPageV2::GetHTMLContents() { | 937 std::string SafeBrowsingBlockingPageV2::GetHTMLContents() { |
| 897 // Load the HTML page and create the template components. | 938 // Load the HTML page and create the template components. |
| 898 DictionaryValue strings; | 939 DictionaryValue strings; |
| 899 ResourceBundle& rb = ResourceBundle::GetSharedInstance(); | 940 ResourceBundle& rb = ResourceBundle::GetSharedInstance(); |
| 900 std::string html; | 941 std::string html; |
| 901 | 942 |
| 902 if (unsafe_resources_.empty()) { | 943 if (unsafe_resources_.empty()) { |
| 903 NOTREACHED(); | 944 NOTREACHED(); |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 940 IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled)); | 981 IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled)); |
| 941 strings->SetBoolean("isMainFrame", is_main_frame_load_blocked_); | 982 strings->SetBoolean("isMainFrame", is_main_frame_load_blocked_); |
| 942 strings->SetBoolean("isPhishing", interstitial_type_ == TYPE_PHISHING); | 983 strings->SetBoolean("isPhishing", interstitial_type_ == TYPE_PHISHING); |
| 943 | 984 |
| 944 strings->SetString("back_button", | 985 strings->SetString("back_button", |
| 945 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_BACK_BUTTON)); | 986 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_BACK_BUTTON)); |
| 946 strings->SetString("seeMore", l10n_util::GetStringUTF16( | 987 strings->SetString("seeMore", l10n_util::GetStringUTF16( |
| 947 IDS_SAFE_BROWSING_MALWARE_V2_SEE_MORE)); | 988 IDS_SAFE_BROWSING_MALWARE_V2_SEE_MORE)); |
| 948 strings->SetString("proceed", | 989 strings->SetString("proceed", |
| 949 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_V2_PROCEED_LINK)); | 990 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_V2_PROCEED_LINK)); |
| 991 strings->SetString("trialType", trial_); // Finch trial | |
| 950 | 992 |
| 951 webui::SetFontAndTextDirection(strings); | 993 webui::SetFontAndTextDirection(strings); |
| 952 } | 994 } |
| 953 | 995 |
| 954 void SafeBrowsingBlockingPageV2::PopulateMultipleThreatStringDictionary( | 996 void SafeBrowsingBlockingPageV2::PopulateMultipleThreatStringDictionary( |
| 955 DictionaryValue* strings) { | 997 DictionaryValue* strings) { |
| 956 NOTREACHED(); | 998 NOTREACHED(); |
| 957 } | 999 } |
| 958 | 1000 |
| 959 void SafeBrowsingBlockingPageV2::PopulateMalwareStringDictionary( | 1001 void SafeBrowsingBlockingPageV2::PopulateMalwareStringDictionary( |
| (...skipping 85 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1045 strings->SetString("details", std::string()); | 1087 strings->SetString("details", std::string()); |
| 1046 strings->SetString("confirm_text", std::string()); | 1088 strings->SetString("confirm_text", std::string()); |
| 1047 strings->SetString(kBoxChecked, std::string()); | 1089 strings->SetString(kBoxChecked, std::string()); |
| 1048 strings->SetString( | 1090 strings->SetString( |
| 1049 "report_error", | 1091 "report_error", |
| 1050 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_V2_REPORT_ERROR)); | 1092 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_V2_REPORT_ERROR)); |
| 1051 strings->SetBoolean(kDisplayCheckBox, false); | 1093 strings->SetBoolean(kDisplayCheckBox, false); |
| 1052 strings->SetString("learnMore", | 1094 strings->SetString("learnMore", |
| 1053 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_V2_LEARN_MORE)); | 1095 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_V2_LEARN_MORE)); |
| 1054 } | 1096 } |
| OLD | NEW |
