Fixes for Safe Browsing with unrelated pending navigations.

chrome/browser/ui/webui/interstitials/interstitial_ui.cc

Index: chrome/browser/ui/webui/interstitials/interstitial_ui.cc
diff --git a/chrome/browser/ui/webui/interstitials/interstitial_ui.cc b/chrome/browser/ui/webui/interstitials/interstitial_ui.cc
index 1524407d50b7ea554af32d614f5f0f46f0fe4398..29add318bce1994caf061d47bb579612a8a928d9 100644
--- a/chrome/browser/ui/webui/interstitials/interstitial_ui.cc
+++ b/chrome/browser/ui/webui/interstitials/interstitial_ui.cc
@@ -16,6 +16,8 @@
 #include "chrome/grit/browser_resources.h"
 #include "components/grit/components_resources.h"
 #include "content/public/browser/interstitial_page_delegate.h"
+#include "content/public/browser/render_process_host.h"
+#include "content/public/browser/render_view_host.h"
 #include "content/public/browser/web_contents.h"
 #include "content/public/browser/web_ui.h"
 #include "content/public/browser/web_ui_controller.h"
@@ -186,35 +188,43 @@ safe_browsing::SafeBrowsingBlockingPage* CreateSafeBrowsingBlockingPage(
     if (GURL(url_param).is_valid())
       request_url = GURL(url_param);
   }
+  GURL main_frame_url(request_url);
+  // TODO(mattm): add flag to change main_frame_url or add dedicated flag to
+  // test subresource interstitials.
   std::string type_param;
   if (net::GetValueForKeyInQuery(web_contents->GetURL(),
                                  "type",
                                  &type_param)) {
+    // TODO(mattm): add param for SB_THREAT_TYPE_URL_UNWANTED.
     if (type_param == "malware") {
-      threat_type =  safe_browsing::SB_THREAT_TYPE_URL_MALWARE;
+      threat_type = safe_browsing::SB_THREAT_TYPE_URL_MALWARE;
     } else if (type_param == "phishing") {
       threat_type = safe_browsing::SB_THREAT_TYPE_URL_PHISHING;
     } else if (type_param == "clientside_malware") {
       threat_type = safe_browsing::SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL;
     } else if (type_param == "clientside_phishing") {
       threat_type = safe_browsing::SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL;
-      // Interstitials for client side phishing urls load after the page loads
-      // (see SafeBrowsingBlockingPage::IsMainPageLoadBlocked), so there should
-      // either be a new navigation entry, or there shouldn't be any pending
-      // entries. Clear any pending navigation entries.
-      content::NavigationController* controller =
-          &web_contents->GetController();
-      controller->DiscardNonCommittedEntries();
     }
   }
   safe_browsing::SafeBrowsingBlockingPage::UnsafeResource resource;
   resource.url = request_url;
-  resource.threat_type =  threat_type;
-  // Create a blocking page without showing the interstitial.
+  resource.is_subresource = request_url != main_frame_url;
+  resource.is_subframe = false;
+  resource.threat_type = threat_type;
+  resource.render_process_host_id =
+      web_contents->GetRenderProcessHost()->GetID();
+  resource.render_view_id = web_contents->GetRenderViewHost()->GetRoutingID();
+  resource.threat_source = safe_browsing::ThreatSource::LOCAL_PVER3;
+  // Normally safebrowsing interstitial types which block the main page load

[Charlie Reis, 2015/12/11 05:39:25]

nit: Blank line before.

[mattm, 2015/12/15 01:42:25]

Done.

+  // (SB_THREAT_TYPE_URL_MALWARE, SB_THREAT_TYPE_URL_PHISHING, and
+  // SB_THREAT_TYPE_URL_UNWANTED on main-frame loads) would expect there to be a
+  // pending navigation when the SafeBrowsingBlockingPage is created. This test

[Charlie Reis, 2015/12/11 05:39:25]

"This test" -> I'm confused.  This isn't test code.

[mattm, 2015/12/15 01:42:25]

I couldn't quite think of proper wording. This isn't a test, but it's not a real
safebrowsing hit either. You can go to chrome://interstitials to view an example
of various interstitial pages. I replaced it with "demo".

[Charlie Reis, 2015/12/17 19:24:18]

Ah, cool!  I didn't realize that page existed.

+  // creates a SafeBrowsingBlockingPage but does not actually show a real
+  // interstitial. Instead it extracts the html and displays it manually, so the
+  // parts which depend on the NavigationEntry are not hit.
   return safe_browsing::SafeBrowsingBlockingPage::CreateBlockingPage(
       g_browser_process->safe_browsing_service()->ui_manager().get(),
-      web_contents,
-      resource);
+      web_contents, resource, main_frame_url);
 }
 
 #if defined(ENABLE_CAPTIVE_PORTAL_DETECTION)