Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(274)

Side by Side Diff: chrome/browser/ssl/ssl_blocking_page.cc

Issue 23965003: New SSL blocking screen (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Rebased Created 7 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/ssl/ssl_blocking_page.h" 5 #include "chrome/browser/ssl/ssl_blocking_page.h"
6 6
7 #include "base/i18n/rtl.h" 7 #include "base/i18n/rtl.h"
8 #include "base/metrics/field_trial.h" 8 #include "base/metrics/field_trial.h"
9 #include "base/metrics/histogram.h" 9 #include "base/metrics/histogram.h"
10 #include "base/strings/string_number_conversions.h"
10 #include "base/strings/string_piece.h" 11 #include "base/strings/string_piece.h"
12 #include "base/strings/stringprintf.h"
11 #include "base/strings/utf_string_conversions.h" 13 #include "base/strings/utf_string_conversions.h"
12 #include "base/values.h" 14 #include "base/values.h"
13 #include "chrome/browser/history/history_service_factory.h" 15 #include "chrome/browser/history/history_service_factory.h"
14 #include "chrome/browser/profiles/profile.h" 16 #include "chrome/browser/profiles/profile.h"
15 #include "chrome/browser/renderer_preferences_util.h" 17 #include "chrome/browser/renderer_preferences_util.h"
16 #include "chrome/browser/ssl/ssl_error_info.h" 18 #include "chrome/browser/ssl/ssl_error_info.h"
17 #include "chrome/browser/ui/browser.h" 19 #include "chrome/browser/ui/browser.h"
18 #include "chrome/browser/ui/browser_finder.h" 20 #include "chrome/browser/ui/browser_finder.h"
19 #include "content/public/browser/cert_store.h" 21 #include "content/public/browser/cert_store.h"
20 #include "content/public/browser/interstitial_page.h" 22 #include "content/public/browser/interstitial_page.h"
21 #include "content/public/browser/navigation_controller.h" 23 #include "content/public/browser/navigation_controller.h"
22 #include "content/public/browser/navigation_entry.h" 24 #include "content/public/browser/navigation_entry.h"
23 #include "content/public/browser/notification_service.h" 25 #include "content/public/browser/notification_service.h"
24 #include "content/public/browser/notification_types.h" 26 #include "content/public/browser/notification_types.h"
25 #include "content/public/browser/render_process_host.h" 27 #include "content/public/browser/render_process_host.h"
26 #include "content/public/browser/render_view_host.h" 28 #include "content/public/browser/render_view_host.h"
27 #include "content/public/browser/web_contents.h" 29 #include "content/public/browser/web_contents.h"
28 #include "content/public/common/ssl_status.h" 30 #include "content/public/common/ssl_status.h"
29 #include "grit/app_locale_settings.h" 31 #include "grit/app_locale_settings.h"
30 #include "grit/browser_resources.h" 32 #include "grit/browser_resources.h"
31 #include "grit/generated_resources.h" 33 #include "grit/generated_resources.h"
34 #include "net/base/hash_value.h"
32 #include "net/base/net_errors.h" 35 #include "net/base/net_errors.h"
33 #include "net/base/net_util.h" 36 #include "net/base/net_util.h"
34 #include "ui/base/l10n/l10n_util.h" 37 #include "ui/base/l10n/l10n_util.h"
35 #include "ui/base/resource/resource_bundle.h" 38 #include "ui/base/resource/resource_bundle.h"
36 #include "ui/base/webui/jstemplate_builder.h" 39 #include "ui/base/webui/jstemplate_builder.h"
37 40
38 #if defined(OS_WIN) 41 #if defined(OS_WIN)
39 #include "base/win/windows_version.h" 42 #include "base/win/windows_version.h"
40 #endif 43 #endif
41 44
42 using base::TimeTicks; 45 using base::TimeTicks;
43 using content::InterstitialPage; 46 using content::InterstitialPage;
44 using content::NavigationController; 47 using content::NavigationController;
45 using content::NavigationEntry; 48 using content::NavigationEntry;
46 49
47 namespace { 50 namespace {
48 51
49 // These represent the commands sent by ssl_roadblock.html. 52 // These represent the commands sent by ssl_roadblock.html.
50 enum SSLBlockingPageCommands { 53 enum SSLBlockingPageCommands {
51 CMD_DONT_PROCEED, 54 CMD_DONT_PROCEED,
52 CMD_PROCEED, 55 CMD_PROCEED,
53 CMD_FOCUS, 56 CMD_FOCUS,
54 CMD_MORE 57 CMD_MORE,
58 CMD_RELOAD,
55 }; 59 };
56 60
57 // Events for UMA. 61 // Events for UMA.
58 enum SSLBlockingPageEvent { 62 enum SSLBlockingPageEvent {
59 SHOW_ALL, 63 SHOW_ALL,
60 SHOW_OVERRIDABLE, 64 SHOW_OVERRIDABLE,
61 PROCEED_OVERRIDABLE, 65 PROCEED_OVERRIDABLE,
62 PROCEED_NAME, 66 PROCEED_NAME,
63 PROCEED_DATE, 67 PROCEED_DATE,
64 PROCEED_AUTHORITY, 68 PROCEED_AUTHORITY,
(...skipping 126 matching lines...) Expand 10 before | Expand all | Expand 10 after
191 internal_, 195 internal_,
192 display_start_time_, 196 display_start_time_,
193 num_visits_); 197 num_visits_);
194 // The page is closed without the user having chosen what to do, default to 198 // The page is closed without the user having chosen what to do, default to
195 // deny. 199 // deny.
196 NotifyDenyCertificate(); 200 NotifyDenyCertificate();
197 } 201 }
198 } 202 }
199 203
200 std::string SSLBlockingPage::GetHTMLContents() { 204 std::string SSLBlockingPage::GetHTMLContents() {
201 // Let's build the html error page.
202 DictionaryValue strings; 205 DictionaryValue strings;
203 SSLErrorInfo error_info = 206 int resource_id;
204 SSLErrorInfo::CreateError(SSLErrorInfo::NetErrorToErrorType(cert_error_), 207 if (overridable_ && !strict_enforcement_) {
205 ssl_info_.cert.get(), 208 // Let's build the overridable error page.
206 request_url_); 209 SSLErrorInfo error_info =
210 SSLErrorInfo::CreateError(
211 SSLErrorInfo::NetErrorToErrorType(cert_error_),
212 ssl_info_.cert.get(),
213 request_url_);
207 214
208 int resource_id = IDR_SSL_ROAD_BLOCK_HTML; 215 resource_id = IDR_SSL_ROAD_BLOCK_HTML;
209 strings.SetString("headLine", error_info.title()); 216 strings.SetString("headLine", error_info.title());
210 strings.SetString("description", error_info.details()); 217 strings.SetString("description", error_info.details());
211 strings.SetString("moreInfoTitle", 218 strings.SetString("moreInfoTitle",
212 l10n_util::GetStringUTF16(IDS_CERT_ERROR_EXTRA_INFO_TITLE)); 219 l10n_util::GetStringUTF16(IDS_CERT_ERROR_EXTRA_INFO_TITLE));
213 SetExtraInfo(&strings, error_info.extra_information()); 220 SetExtraInfo(&strings, error_info.extra_information());
214 221
215 strings.SetString("exit", 222 strings.SetString(
216 l10n_util::GetStringUTF16(IDS_SSL_BLOCKING_PAGE_EXIT)); 223 "exit", l10n_util::GetStringUTF16(IDS_SSL_OVERRIDABLE_PAGE_EXIT));
224 strings.SetString(
225 "title", l10n_util::GetStringUTF16(IDS_SSL_OVERRIDABLE_PAGE_TITLE));
226 strings.SetString(
227 "proceed", l10n_util::GetStringUTF16(IDS_SSL_OVERRIDABLE_PAGE_PROCEED));
228 strings.SetString(
229 "reasonForNotProceeding", l10n_util::GetStringUTF16(
230 IDS_SSL_OVERRIDABLE_PAGE_SHOULD_NOT_PROCEED));
231 strings.SetString("errorType", "overridable");
232 strings.SetString("textdirection", base::i18n::IsRTL() ? "rtl" : "ltr");
233 } else {
234 // Let's build the blocking error page.
235 resource_id = IDR_SSL_BLOCKING_HTML;
217 236
218 if (overridable_ && !strict_enforcement_) { 237 // Strings that are not dependent on the URL.
219 strings.SetString("title", 238 strings.SetString(
220 l10n_util::GetStringUTF16(IDS_SSL_BLOCKING_PAGE_TITLE)); 239 "title", l10n_util::GetStringUTF16(IDS_SSL_BLOCKING_PAGE_TITLE));
221 strings.SetString("proceed", 240 strings.SetString(
222 l10n_util::GetStringUTF16(IDS_SSL_BLOCKING_PAGE_PROCEED)); 241 "reloadMsg", l10n_util::GetStringUTF16(IDS_ERRORPAGES_BUTTON_RELOAD));
223 strings.SetString("reasonForNotProceeding", 242 strings.SetString(
224 l10n_util::GetStringUTF16( 243 "more", l10n_util::GetStringUTF16(IDS_ERRORPAGES_BUTTON_MORE));
225 IDS_SSL_BLOCKING_PAGE_SHOULD_NOT_PROCEED)); 244 strings.SetString(
226 strings.SetString("errorType", "overridable"); 245 "less", l10n_util::GetStringUTF16(IDS_ERRORPAGES_BUTTON_LESS));
227 } else { 246 strings.SetString(
228 strings.SetString("title", 247 "moreTitle",
229 l10n_util::GetStringUTF16(IDS_SSL_ERROR_PAGE_TITLE)); 248 l10n_util::GetStringUTF16(IDS_SSL_BLOCKING_PAGE_MORE_TITLE));
230 if (strict_enforcement_) { 249 strings.SetString(
231 strings.SetString("reasonForNotProceeding", 250 "techTitle",
232 l10n_util::GetStringUTF16( 251 l10n_util::GetStringUTF16(IDS_SSL_BLOCKING_PAGE_TECH_TITLE));
233 IDS_SSL_ERROR_PAGE_CANNOT_PROCEED)); 252
253 // Strings that are dependent on the URL.
254 string16 url(ASCIIToUTF16(request_url_.host()));
255 bool rtl = base::i18n::IsRTL();
256 strings.SetString("textDirection", rtl ? "rtl" : "ltr");
257 if (rtl)
258 base::i18n::WrapStringWithLTRFormatting(&url);
259 strings.SetString(
260 "headline", l10n_util::GetStringFUTF16(IDS_SSL_BLOCKING_PAGE_HEADLINE,
261 url.c_str()));
262 strings.SetString(
263 "message", l10n_util::GetStringFUTF16(IDS_SSL_BLOCKING_PAGE_BODY_TEXT,
264 url.c_str()));
265 strings.SetString(
266 "moreMessage",
267 l10n_util::GetStringFUTF16(IDS_SSL_BLOCKING_PAGE_MORE_TEXT,
268 url.c_str()));
269 strings.SetString("reloadUrl", request_url_.spec());
270
271 // Strings that are dependent on the error type.
272 SSLErrorInfo::ErrorType type =
273 SSLErrorInfo::NetErrorToErrorType(cert_error_);
274 string16 errorType;
275 if (type == SSLErrorInfo::CERT_REVOKED) {
276 errorType = string16(ASCIIToUTF16("Key revocation"));
277 strings.SetString(
278 "failure",
279 l10n_util::GetStringUTF16(IDS_SSL_BLOCKING_PAGE_REVOKED));
280 } else if (type == SSLErrorInfo::CERT_INVALID) {
281 errorType = string16(ASCIIToUTF16("Malformed certificate"));
282 strings.SetString(
283 "failure",
284 l10n_util::GetStringUTF16(IDS_SSL_BLOCKING_PAGE_FORMATTED));
285 } else if (type == SSLErrorInfo::CERT_PINNED_KEY_MISSING) {
286 errorType = string16(ASCIIToUTF16("Certificate pinning failure"));
287 strings.SetString(
288 "failure",
289 l10n_util::GetStringFUTF16(IDS_SSL_BLOCKING_PAGE_PINNING,
290 url.c_str()));
291 } else if (type == SSLErrorInfo::CERT_WEAK_KEY_DH) {
292 errorType = string16(ASCIIToUTF16("Weak DH public key"));
293 strings.SetString(
294 "failure",
295 l10n_util::GetStringFUTF16(IDS_SSL_BLOCKING_PAGE_WEAK_DH,
296 url.c_str()));
234 } else { 297 } else {
235 strings.SetString("reasonForNotProceeding", std::string()); 298 // HSTS failure.
299 errorType = string16(ASCIIToUTF16("HSTS failure"));
300 strings.SetString(
301 "failure",
302 l10n_util::GetStringFUTF16(IDS_SSL_BLOCKING_PAGE_HSTS, url.c_str()));
236 } 303 }
237 strings.SetString("errorType", "notoverridable"); 304 if (rtl)
305 base::i18n::WrapStringWithLTRFormatting(&errorType);
306 strings.SetString(
307 "errorType", l10n_util::GetStringFUTF16(IDS_SSL_BLOCKING_PAGE_ERROR,
308 errorType.c_str()));
309
310 // Strings that display the invalid cert.
311 string16 subject(ASCIIToUTF16(ssl_info_.cert->subject().GetDisplayName()));
312 string16 issuer(ASCIIToUTF16(ssl_info_.cert->issuer().GetDisplayName()));
313 std::string hashes;
314 for (std::vector<net::HashValue>::iterator it =
315 ssl_info_.public_key_hashes.begin();
316 it != ssl_info_.public_key_hashes.end();
317 ++it) {
318 base::StringAppendF(&hashes, "%s ", it->ToString().c_str());
319 }
320 string16 fingerprint(ASCIIToUTF16(hashes));
321 if (rtl) {
322 // These are always going to be LTR.
323 base::i18n::WrapStringWithLTRFormatting(&subject);
324 base::i18n::WrapStringWithLTRFormatting(&issuer);
325 base::i18n::WrapStringWithLTRFormatting(&fingerprint);
326 }
327 strings.SetString(
328 "subject", l10n_util::GetStringFUTF16(IDS_SSL_BLOCKING_PAGE_SUBJECT,
329 subject.c_str()));
330 strings.SetString(
331 "issuer", l10n_util::GetStringFUTF16(IDS_SSL_BLOCKING_PAGE_ISSUER,
332 issuer.c_str()));
333 strings.SetString(
334 "fingerprint",
335 l10n_util::GetStringFUTF16(IDS_SSL_BLOCKING_PAGE_HASHES,
336 fingerprint.c_str()));
238 } 337 }
239 338
240 strings.SetString("textdirection", base::i18n::IsRTL() ? "rtl" : "ltr");
241
242 base::StringPiece html( 339 base::StringPiece html(
243 ResourceBundle::GetSharedInstance().GetRawDataResource( 340 ResourceBundle::GetSharedInstance().GetRawDataResource(
244 resource_id)); 341 resource_id));
245
246 return webui::GetI18nTemplateHtml(html, &strings); 342 return webui::GetI18nTemplateHtml(html, &strings);
247 } 343 }
248 344
249 void SSLBlockingPage::OverrideEntry(NavigationEntry* entry) { 345 void SSLBlockingPage::OverrideEntry(NavigationEntry* entry) {
250 int cert_id = content::CertStore::GetInstance()->StoreCert( 346 int cert_id = content::CertStore::GetInstance()->StoreCert(
251 ssl_info_.cert.get(), web_contents_->GetRenderProcessHost()->GetID()); 347 ssl_info_.cert.get(), web_contents_->GetRenderProcessHost()->GetID());
252 348
253 entry->GetSSL().security_style = 349 entry->GetSSL().security_style =
254 content::SECURITY_STYLE_AUTHENTICATION_BROKEN; 350 content::SECURITY_STYLE_AUTHENTICATION_BROKEN;
255 entry->GetSSL().cert_id = cert_id; 351 entry->GetSSL().cert_id = cert_id;
(...skipping 11 matching lines...) Expand all
267 int cmd = atoi(command.c_str()); 363 int cmd = atoi(command.c_str());
268 if (cmd == CMD_DONT_PROCEED) { 364 if (cmd == CMD_DONT_PROCEED) {
269 interstitial_page_->DontProceed(); 365 interstitial_page_->DontProceed();
270 } else if (cmd == CMD_PROCEED) { 366 } else if (cmd == CMD_PROCEED) {
271 interstitial_page_->Proceed(); 367 interstitial_page_->Proceed();
272 } else if (cmd == CMD_FOCUS) { 368 } else if (cmd == CMD_FOCUS) {
273 // Start recording the time when the page is first in focus 369 // Start recording the time when the page is first in focus
274 display_start_time_ = base::TimeTicks::Now(); 370 display_start_time_ = base::TimeTicks::Now();
275 } else if (cmd == CMD_MORE) { 371 } else if (cmd == CMD_MORE) {
276 RecordSSLBlockingPageEventStats(MORE); 372 RecordSSLBlockingPageEventStats(MORE);
373 } else if (cmd == CMD_RELOAD) {
374 // The interstitial can't refresh itself.
375 content::NavigationController* controller = &web_contents_->GetController();
376 controller->Reload(true);
277 } 377 }
278 } 378 }
279 379
280 void SSLBlockingPage::OverrideRendererPrefs( 380 void SSLBlockingPage::OverrideRendererPrefs(
281 content::RendererPreferences* prefs) { 381 content::RendererPreferences* prefs) {
282 Profile* profile = Profile::FromBrowserContext( 382 Profile* profile = Profile::FromBrowserContext(
283 web_contents_->GetBrowserContext()); 383 web_contents_->GetBrowserContext());
284 renderer_preferences_util::UpdateFromSystemSettings(prefs, profile); 384 renderer_preferences_util::UpdateFromSystemSettings(prefs, profile);
285 } 385 }
286 386
(...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after
339 strings->SetString(keys[i], std::string()); 439 strings->SetString(keys[i], std::string());
340 } 440 }
341 } 441 }
342 442
343 void SSLBlockingPage::OnGotHistoryCount(HistoryService::Handle handle, 443 void SSLBlockingPage::OnGotHistoryCount(HistoryService::Handle handle,
344 bool success, 444 bool success,
345 int num_visits, 445 int num_visits,
346 base::Time first_visit) { 446 base::Time first_visit) {
347 num_visits_ = num_visits; 447 num_visits_ = num_visits;
348 } 448 }
OLDNEW
« no previous file with comments | « chrome/browser/resources/ssl/ssl_errors_common.js ('k') | chrome/renderer/resources/neterror.css » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698