Record download target connection security state

content/browser/download/download_manager_impl.cc

Index: content/browser/download/download_manager_impl.cc
diff --git a/content/browser/download/download_manager_impl.cc b/content/browser/download/download_manager_impl.cc
index b4fc75689a0c5afec326b36d94f36168c3ce1b2a..7ef636c9a01629665531298d3a65bfc930dc3bea 100644
--- a/content/browser/download/download_manager_impl.cc
+++ b/content/browser/download/download_manager_impl.cc
@@ -15,6 +15,7 @@
 #include "base/memory/ptr_util.h"
 #include "base/memory/weak_ptr.h"
 #include "base/message_loop/message_loop.h"
+#include "base/metrics/histogram_macros.h"
 #include "base/stl_util.h"
 #include "base/strings/stringprintf.h"
 #include "base/strings/sys_string_conversions.h"
@@ -109,6 +110,46 @@ std::unique_ptr<UrlDownloader, BrowserThread::DeleteOnIOThread> BeginDownload(
           .release());
 }
 
+// Enumerate for histogramming purposes.
+// DO NOT CHANGE THE ORDERING OF THESE VALUES.
+enum DownloadConnectionSecurity {
+  DOWNLOAD_SECURE,  // Final download url and its redirects all use https
+  DOWNLOAD_TARGET_INSECURE,  // Final download url uses http, redirects are all
+                             // https
+  DOWNLOAD_REDIRECT_INSECURE,  // Final download url uses https, but at least
+                               // one redirect uses http
+  DOWNLOAD_REDIRECT_TARGET_INSECURE,  // Final download url uses http, and at
+                                      // least one redirect uses http
+  DOWNLOAD_NONE_HTTPX,  // Final download url uses scheme other than http/https
+  DOWNLOAD_CONNECTION_SECURITY_MAX
+};
+
+void RecordDownloadConnectionSecurity(const GURL& download_url,
+                                      const std::vector<GURL>& url_chain) {
+  DownloadConnectionSecurity state =
+      DownloadConnectionSecurity::DOWNLOAD_NONE_HTTPX;
+  if (download_url.SchemeIsHTTPOrHTTPS()) {

[asanka, 2016/09/29 21:13:40]

Do we care cross-scheme redirects? E.g. things like HTTP -> FTP?

[Jialiu Lin, 2016/09/29 21:29:29]

If the final download url is not http or https, then we record it as
DOWNLOAD_NONE_HTTPX no matter how redirects looks like. 

+    bool is_final_download_secure = download_url.SchemeIs(url::kHttpsScheme);
+    bool is_redirect_chain_secure = true;
+    if (url_chain.size()>std::size_t(1)) {
+      for (std::size_t i = std::size_t(0); i < url_chain.size() - 1; i++) {
+        if (url_chain[i].SchemeIs(url::kHttpScheme)) {

[asanka, 2016/09/29 21:13:40]

!url.SchemeIsCryptographic() ?

[Jialiu Lin, 2016/09/29 21:29:29]

Ah, yes, that's better. Fixed. Thanks!.

+          is_redirect_chain_secure = false;
+          break;
+        }
+      }
+    }
+    state = is_final_download_secure
+                ? is_redirect_chain_secure ? DOWNLOAD_SECURE
+                                           : DOWNLOAD_REDIRECT_INSECURE
+                : is_redirect_chain_secure ? DOWNLOAD_TARGET_INSECURE
+                                           : DOWNLOAD_REDIRECT_TARGET_INSECURE;
+  }
+
+  UMA_HISTOGRAM_ENUMERATION("Download.TargetConnectionSecurity", state,
+                            DOWNLOAD_CONNECTION_SECURITY_MAX);
+}
+
 class DownloadItemFactoryImpl : public DownloadItemFactory {
  public:
   DownloadItemFactoryImpl() {}
@@ -309,6 +350,8 @@ void DownloadManagerImpl::StartDownload(
             << "() result=" << DownloadInterruptReasonToString(info->result);
   uint32_t download_id = info->download_id;
   const bool new_download = (download_id == content::DownloadItem::kInvalidId);
+  if (new_download)
+    RecordDownloadConnectionSecurity(info->url(), info->url_chain);
   base::Callback<void(uint32_t)> got_id(base::Bind(
       &DownloadManagerImpl::StartDownloadWithId, weak_factory_.GetWeakPtr(),
       base::Passed(&info), base::Passed(&stream), on_started, new_download));