Finch experiments on SSL, malware, and phishing interstitials

chrome/browser/safe_browsing/safe_browsing_blocking_page.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 //
 // Implementation of the SafeBrowsingBlockingPage class.
 
 #include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h"
 
 #include <string>
 
@@ skipping 101 matching lines @@
 // page.  E.g., closed the tab or the window.  This is only used by
 // RecordUserReactionTime.
 static const char* const kNavigatedAwayMetaCommand = "closed";
 
 // static
 SafeBrowsingBlockingPageFactory* SafeBrowsingBlockingPage::factory_ = NULL;
 
 static base::LazyInstance<SafeBrowsingBlockingPage::UnsafeResourceMap>
     g_unsafe_resource_map = LAZY_INSTANCE_INITIALIZER;
 
+namespace {
+
+// These are the conditions for the summer 2013 Finch experiment.
+const char kMalwareStudyName[] = "InterstitialMalware310";
+const char kPhishingStudyName[] = "InterstitialPhishing564";
+const char kCond1MalwareControl[] = "cond1MalwareControl";
+const char kCond2MalwareNoBrand[] = "cond2MalwareNoBrand";
+const char kCond3PhishingControl[] = "cond3PhishingControl";
+const char kCond4PhishingNoBrand[] = "cond4PhishingNoBrand";
+const char kCond5MalwareOneStep[] = "cond5MalwareOneStep";
+const char kCond6PhishingOneStep[] = "cond6PhishingOneStep";
+const char kCond7MalwareFearMsg[] = "cond7MalwareFearMsg";
+const char kCond8PhishingFearMsg[] = "cond8PhishingFearMsg";
+const char kCond9MalwareCollabMsg[] = "cond9MalwareCollabMsg";
+const char kCond10PhishingCollabMsg[] = "cond10PhishingCollabMsg";
+const char kCond11MalwareQuestion[] = "cond11MalwareQuestion";
+const char kCond12PhishingQuestion[] = "cond12PhishingQuestion";
+const char kCond13MalwareGoBack[] = "cond13MalwareGoBack";
+const char kCond14PhishingGoBack[] = "cond14PhishingGoBack";
+
+} // namespace
+
+
 // The default SafeBrowsingBlockingPageFactory.  Global, made a singleton so we
 // don't leak it.
 class SafeBrowsingBlockingPageFactoryImpl
     : public SafeBrowsingBlockingPageFactory {
  public:
   virtual SafeBrowsingBlockingPage* CreateSafeBrowsingPage(
       SafeBrowsingUIManager* ui_manager,
       WebContents* web_contents,
       const SafeBrowsingBlockingPage::UnsafeResourceList& unsafe_resources)
       OVERRIDE {
-    // Only do the trial if the interstitial is for a single malware or
+    // Only use the V2 page if the interstitial is for a single malware or
     // phishing resource, the multi-threat interstitial has not been updated to
     // V2 yet.
     if (unsafe_resources.size() == 1 &&
         (unsafe_resources[0].threat_type == SB_THREAT_TYPE_URL_MALWARE ||
          unsafe_resources[0].threat_type == SB_THREAT_TYPE_URL_PHISHING)) {
       return new SafeBrowsingBlockingPageV2(ui_manager, web_contents,
           unsafe_resources);
     }
     return new SafeBrowsingBlockingPageV1(ui_manager, web_contents,
                                           unsafe_resources);
@@ skipping 228 matching lines @@
     DCHECK(unsafe_resources_[element_index].threat_type ==
            SB_THREAT_TYPE_URL_MALWARE);
     OpenURLParams params(
         diagnostic_url, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_LINK,
         false);
     web_contents_->OpenURL(params);
     return;
   }
 
   if (command == kExpandedSeeMore) {
+    if (!has_expanded_see_more_section_)  // Toggled in RecordUserReactionTime.
+      RecordUserAction(SHOW_ADVANCED);

[mattm, 2013/05/03 23:25:45]

Is this ever triggered?  RecordUserReactionTime is called at the start of this
method, so it seems like has_expanded_see_more_section_ would never be false by
the time we get here.  (You can check chrome://histograms to see what have been
recorded in the current session)

[felt, 2013/05/03 23:44:49]

You're right. I moved the call.

On 2013/05/03 23:25:45, mattm wrote:

     // User expanded the "see more info" section of the page.  We don't actually
     // do any action based on this, it's just so that RecordUserReactionTime can
     // track it.
     return;
   }
 
   NOTREACHED() << "Unexpected command: " << command;
 }
 
 void SafeBrowsingBlockingPage::OverrideRendererPrefs(
@@ skipping 85 matching lines @@
     MALWARE_FORCED_DONT_PROCEED,
     MALWARE_PROCEED,
     MULTIPLE_SHOW,
     MULTIPLE_DONT_PROCEED,
     MULTIPLE_FORCED_DONT_PROCEED,
     MULTIPLE_PROCEED,
     PHISHING_SHOW,
     PHISHING_DONT_PROCEED,
     PHISHING_FORCED_DONT_PROCEED,
     PHISHING_PROCEED,
+    MALWARE_SHOW_ADVANCED,
+    MULTIPLE_SHOW_ADVANCED,
+    PHISHING_SHOW_ADVANCED,
     MAX_ACTION
   } histogram_action = MAX_ACTION;
 
   switch (event) {
     case SHOW:
       switch (interstitial_type_) {
         case TYPE_MALWARE_AND_PHISHING:
           histogram_action = MULTIPLE_SHOW;
           break;
         case TYPE_MALWARE:
@@ skipping 37 matching lines @@
             break;
           case TYPE_MALWARE:
             histogram_action = MALWARE_DONT_PROCEED;
             break;
           case TYPE_PHISHING:
             histogram_action = PHISHING_DONT_PROCEED;
             break;
         }
       }
       break;
+    case SHOW_ADVANCED:
+      switch (interstitial_type_) {
+        case TYPE_MALWARE_AND_PHISHING:
+          histogram_action = MULTIPLE_SHOW_ADVANCED;
+          break;
+        case TYPE_MALWARE:
+          histogram_action = MALWARE_SHOW_ADVANCED;
+          break;
+        case TYPE_PHISHING:
+          histogram_action = PHISHING_SHOW_ADVANCED;
+          break;
+      }
+      break;
     default:
       NOTREACHED() << "Unexpected event: " << event;
   }
   if (histogram_action == MAX_ACTION) {
     NOTREACHED();
   } else {
     UMA_HISTOGRAM_ENUMERATION("SB2.InterstitialAction", histogram_action,
                               MAX_ACTION);
   }
 
@@ skipping 331 matching lines @@
 void SafeBrowsingBlockingPageV1::PopulatePhishingStringDictionary(
     DictionaryValue* strings) {
   NOTREACHED();
 }
 
 SafeBrowsingBlockingPageV2::SafeBrowsingBlockingPageV2(
     SafeBrowsingUIManager* ui_manager,
     WebContents* web_contents,
     const UnsafeResourceList& unsafe_resources)
   : SafeBrowsingBlockingPage(ui_manager, web_contents, unsafe_resources) {
+    if (unsafe_resources_[0].threat_type == SB_THREAT_TYPE_URL_MALWARE) {
+      trialCondition_ =
+          base::FieldTrialList::FindFullName(kMalwareStudyName);
+    } else if (unsafe_resources_[0].threat_type ==
+                   SB_THREAT_TYPE_URL_PHISHING ||
+               unsafe_resources_[0].threat_type ==
+                   SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL) {
+      trialCondition_ =
+          base::FieldTrialList::FindFullName(kPhishingStudyName);
+    }
 }
 
 std::string SafeBrowsingBlockingPageV2::GetHTMLContents() {
   // Load the HTML page and create the template components.
   DictionaryValue strings;
   ResourceBundle& rb = ResourceBundle::GetSharedInstance();
   std::string html;
 
   if (unsafe_resources_.empty()) {
     NOTREACHED();
@@ skipping 37 matching lines @@
   strings->SetBoolean("isMainFrame", is_main_frame_load_blocked_);
   strings->SetBoolean("isPhishing", interstitial_type_ == TYPE_PHISHING);
 
   strings->SetString("back_button",
       l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_BACK_BUTTON));
   strings->SetString("seeMore", l10n_util::GetStringUTF16(
       IDS_SAFE_BROWSING_MALWARE_V2_SEE_MORE));
   strings->SetString("proceed",
       l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_V2_PROCEED_LINK));
 
+  // Field trial
+  strings->SetString("trialType", trialCondition_);
+  if (trialCondition_ == kCond7MalwareFearMsg) {
+    strings->SetString("headLine",
+        l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_FEAR_HEADLINE));
+  } else if (trialCondition_ == kCond8PhishingFearMsg) {
+    strings->SetString("headLine",
+        l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_FEAR_HEADLINE));
+  } else if (trialCondition_ == kCond9MalwareCollabMsg) {
+    strings->SetString("headLine",
+        l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_COLLAB_HEADLINE));
+  } else if (trialCondition_ == kCond10PhishingCollabMsg) {
+    strings->SetString("headLine",
+        l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_COLLAB_HEADLINE));
+  } else if (trialCondition_ == kCond11MalwareQuestion) {
+    strings->SetString("headLine",
+        l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_QUESTION_HEADLINE));
+  } else if (trialCondition_ == kCond12PhishingQuestion) {
+    strings->SetString("headLine",
+        l10n_util::GetStringUTF16(
+            IDS_SAFE_BROWSING_PHISHING_QUESTION_HEADLINE));
+  } else if (trialCondition_ == kCond13MalwareGoBack) {
+    strings->SetString("headLine",
+        l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_BACK_HEADLINE));
+  } else if (trialCondition_ == kCond14PhishingGoBack) {
+    strings->SetString("headLine",
+        l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_BACK_HEADLINE));
+  }
+
   webui::SetFontAndTextDirection(strings);
 }
 
 void SafeBrowsingBlockingPageV2::PopulateMultipleThreatStringDictionary(
     DictionaryValue* strings) {
   NOTREACHED();
 }
 
 void SafeBrowsingBlockingPageV2::PopulateMalwareStringDictionary(
     DictionaryValue* strings) {
@@ skipping 84 matching lines @@
   strings->SetString("details", std::string());
   strings->SetString("confirm_text", std::string());
   strings->SetString(kBoxChecked, std::string());
   strings->SetString(
       "report_error",
       l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_V2_REPORT_ERROR));
   strings->SetBoolean(kDisplayCheckBox, false);
   strings->SetString("learnMore",
       l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_V2_LEARN_MORE));
 }