Finch experiments on SSL, malware, and phishing interstitials

chrome/browser/safe_browsing/safe_browsing_blocking_page.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 //
 // Implementation of the SafeBrowsingBlockingPage class.
 
 #include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h"
 
 #include <string>
 
@@ skipping 95 matching lines @@
 static const char* const kDoReportCommand = "doReport";
 static const char* const kDontReportCommand = "dontReport";
 static const char* const kDisplayCheckBox = "displaycheckbox";
 static const char* const kBoxChecked = "boxchecked";
 static const char* const kExpandedSeeMore = "expandedSeeMore";
 // Special command that we use when the user navigated away from the
 // page.  E.g., closed the tab or the window.  This is only used by
 // RecordUserReactionTime.
 static const char* const kNavigatedAwayMetaCommand = "closed";
 
+// These are the conditions for the summer 2013 Finch experiment.
+static const char kCond1MalwareControl[] = "Cond1MalwareControl";

[mattm, 2013/05/02 20:00:11]

probably should change these to match the same style as the above string
constants for consistency.

[felt, 2013/05/02 22:15:20]

Made the first letter lowercase.

On 2013/05/02 20:00:11, mattm wrote:

[mattm, 2013/05/03 23:25:45]

ah, actually I was referring to the char[] vs char*

On 2013/05/02 22:15:20, felt wrote:

[felt, 2013/05/03 23:44:49]

Done.

+static const char kCond2MalwareNoBrand[] = "Cond2MalwareNoBrand";
+static const char kCond3PhishingControl[] = "Cond3PhishingControl";
+static const char kCond4PhishingNoBrand[] = "Cond4PhishingNoBrand";
+static const char kCond5MalwareOneStep[] = "Cond5MalwareOneStep";
+static const char kCond6PhishingOneStep[] = "Cond6PhishingOneStep";
+static const char kCond7MalwareFearMsg[] = "Cond7MalwareFearMsg";
+static const char kCond8PhishingFearMsg[] = "Cond8PhishingFearMsg";
+static const char kCond9MalwareCollabMsg[] = "Cond9MalwareCollabMsg";
+static const char kCond10PhishingCollabMsg[] = "Cond10PhishingCollabMsg";
+static const char kCond11MalwareQuestion[] = "Cond11MalwareQuestion";
+static const char kCond12PhishingQuestion[] = "Cond12PhishingQuestion";
+static const char kCond13MalwareGoBack[] = "Cond13MalwareGoBack";
+static const char kCond14PhishingGoBack[] = "Cond14PhishingGoBack";
+
 // static
 SafeBrowsingBlockingPageFactory* SafeBrowsingBlockingPage::factory_ = NULL;
 
 static base::LazyInstance<SafeBrowsingBlockingPage::UnsafeResourceMap>
     g_unsafe_resource_map = LAZY_INSTANCE_INITIALIZER;
 
 // The default SafeBrowsingBlockingPageFactory.  Global, made a singleton so we
 // don't leak it.
 class SafeBrowsingBlockingPageFactoryImpl
     : public SafeBrowsingBlockingPageFactory {
  public:
   virtual SafeBrowsingBlockingPage* CreateSafeBrowsingPage(
       SafeBrowsingUIManager* ui_manager,
       WebContents* web_contents,
       const SafeBrowsingBlockingPage::UnsafeResourceList& unsafe_resources)
       OVERRIDE {
-    // Only do the trial if the interstitial is for a single malware or
+    // Only use the V2 page if the interstitial is for a single malware or
     // phishing resource, the multi-threat interstitial has not been updated to
     // V2 yet.
     if (unsafe_resources.size() == 1 &&
         (unsafe_resources[0].threat_type == SB_THREAT_TYPE_URL_MALWARE ||
          unsafe_resources[0].threat_type == SB_THREAT_TYPE_URL_PHISHING)) {
       return new SafeBrowsingBlockingPageV2(ui_manager, web_contents,
           unsafe_resources);
     }
     return new SafeBrowsingBlockingPageV1(ui_manager, web_contents,
                                           unsafe_resources);
@@ skipping 228 matching lines @@
     DCHECK(unsafe_resources_[element_index].threat_type ==
            SB_THREAT_TYPE_URL_MALWARE);
     OpenURLParams params(
         diagnostic_url, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_LINK,
         false);
     web_contents_->OpenURL(params);
     return;
   }
 
   if (command == kExpandedSeeMore) {
+    if (!has_expanded_see_more_section_)  // Toggled in RecordUserReactionTime.
+      RecordUserAction(SHOW_ADVANCED);
     // User expanded the "see more info" section of the page.  We don't actually
     // do any action based on this, it's just so that RecordUserReactionTime can
     // track it.
     return;
   }
 
   NOTREACHED() << "Unexpected command: " << command;
 }
 
 void SafeBrowsingBlockingPage::OverrideRendererPrefs(
@@ skipping 85 matching lines @@
     MALWARE_FORCED_DONT_PROCEED,
     MALWARE_PROCEED,
     MULTIPLE_SHOW,
     MULTIPLE_DONT_PROCEED,
     MULTIPLE_FORCED_DONT_PROCEED,
     MULTIPLE_PROCEED,
     PHISHING_SHOW,
     PHISHING_DONT_PROCEED,
     PHISHING_FORCED_DONT_PROCEED,
     PHISHING_PROCEED,
+    MALWARE_SHOW_ADVANCED,
+    MULTIPLE_SHOW_ADVANCED,
+    PHISHING_SHOW_ADVANCED,
     MAX_ACTION
   } histogram_action = MAX_ACTION;
 
   switch (event) {
     case SHOW:
       switch (interstitial_type_) {
         case TYPE_MALWARE_AND_PHISHING:
           histogram_action = MULTIPLE_SHOW;
           break;
         case TYPE_MALWARE:
@@ skipping 37 matching lines @@
             break;
           case TYPE_MALWARE:
             histogram_action = MALWARE_DONT_PROCEED;
             break;
           case TYPE_PHISHING:
             histogram_action = PHISHING_DONT_PROCEED;
             break;
         }
       }
       break;
+    case SHOW_ADVANCED:
+      switch (interstitial_type_) {
+        case TYPE_MALWARE_AND_PHISHING:
+          histogram_action = MULTIPLE_SHOW_ADVANCED;
+          break;
+        case TYPE_MALWARE:
+          histogram_action = MALWARE_SHOW_ADVANCED;
+          break;
+        case TYPE_PHISHING:
+          histogram_action = PHISHING_SHOW_ADVANCED;
+          break;
+      }
+      break;
     default:
       NOTREACHED() << "Unexpected event: " << event;
   }
   if (histogram_action == MAX_ACTION) {
     NOTREACHED();
   } else {
     UMA_HISTOGRAM_ENUMERATION("SB2.InterstitialAction", histogram_action,
                               MAX_ACTION);
   }
 
@@ skipping 331 matching lines @@
 void SafeBrowsingBlockingPageV1::PopulatePhishingStringDictionary(
     DictionaryValue* strings) {
   NOTREACHED();
 }
 
 SafeBrowsingBlockingPageV2::SafeBrowsingBlockingPageV2(
     SafeBrowsingUIManager* ui_manager,
     WebContents* web_contents,
     const UnsafeResourceList& unsafe_resources)
   : SafeBrowsingBlockingPage(ui_manager, web_contents, unsafe_resources) {
+    if (unsafe_resources_[0].threat_type == SB_THREAT_TYPE_URL_MALWARE) {
+      trialCondition_ =
+          base::FieldTrialList::FindFullName("InterstitialMalware");
+    } else if (unsafe_resources_[0].threat_type ==
+                   SB_THREAT_TYPE_URL_PHISHING ||
+               unsafe_resources_[0].threat_type ==
+                   SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL) {
+      trialCondition_ =
+          base::FieldTrialList::FindFullName("InterstitialPhishing");
+    }
 }
 
 std::string SafeBrowsingBlockingPageV2::GetHTMLContents() {
   // Load the HTML page and create the template components.
   DictionaryValue strings;
   ResourceBundle& rb = ResourceBundle::GetSharedInstance();
   std::string html;
 
   if (unsafe_resources_.empty()) {
     NOTREACHED();
@@ skipping 37 matching lines @@
   strings->SetBoolean("isMainFrame", is_main_frame_load_blocked_);
   strings->SetBoolean("isPhishing", interstitial_type_ == TYPE_PHISHING);
 
   strings->SetString("back_button",
       l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_BACK_BUTTON));
   strings->SetString("seeMore", l10n_util::GetStringUTF16(
       IDS_SAFE_BROWSING_MALWARE_V2_SEE_MORE));
   strings->SetString("proceed",
       l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_V2_PROCEED_LINK));
 
+  // Field trial
+  strings->SetString("trialType", trialCondition_);
+  if (trialCondition_ == kCond7MalwareFearMsg) {
+    strings->SetString("headLine",
+        l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_BACK_BUTTON));

[mattm, 2013/05/02 20:00:11]

should be IDS_SAFE_BROWSING_MALWARE_FEAR_HEADLINE?

[felt, 2013/05/02 22:15:20]

Fixed! (And I'll make sure to double check all 21 test cases before committing,
to ensure none of the small changes I've made during the review have broken
anything.)

+  } else if (trialCondition_ == kCond8PhishingFearMsg) {
+    strings->SetString("headLine",
+        l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_FEAR_HEADLINE));
+  } else if (trialCondition_ == kCond9MalwareCollabMsg) {
+    strings->SetString("headLine",
+        l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_COLLAB_HEADLINE));
+  } else if (trialCondition_ == kCond10PhishingCollabMsg) {
+    strings->SetString("headLine",
+        l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_COLLAB_HEADLINE));
+  } else if (trialCondition_ == kCond11MalwareQuestion) {
+    strings->SetString("headLine",
+        l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_QUESTION_HEADLINE));
+  } else if (trialCondition_ == kCond12PhishingQuestion) {
+    strings->SetString("headLine",
+        l10n_util::GetStringUTF16(
+            IDS_SAFE_BROWSING_PHISHING_QUESTION_HEADLINE));
+  } else if (trialCondition_ == kCond13MalwareGoBack) {
+    strings->SetString("headLine",
+        l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_BACK_HEADLINE));
+  } else if (trialCondition_ == kCond14PhishingGoBack) {
+    strings->SetString("headLine",
+        l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_BACK_HEADLINE));
+  }
+
   webui::SetFontAndTextDirection(strings);
 }
 
 void SafeBrowsingBlockingPageV2::PopulateMultipleThreatStringDictionary(
     DictionaryValue* strings) {
   NOTREACHED();
 }
 
 void SafeBrowsingBlockingPageV2::PopulateMalwareStringDictionary(
     DictionaryValue* strings) {
@@ skipping 84 matching lines @@
   strings->SetString("details", std::string());
   strings->SetString("confirm_text", std::string());
   strings->SetString(kBoxChecked, std::string());
   strings->SetString(
       "report_error",
       l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_V2_REPORT_ERROR));
   strings->SetBoolean(kDisplayCheckBox, false);
   strings->SetString("learnMore",
       l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_V2_LEARN_MORE));
 }