Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(321)

Side by Side Diff: chrome/browser/ssl/ssl_blocking_page.cc

Issue 23965003: New SSL blocking screen (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Got the buttons working Created 7 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/ssl/ssl_blocking_page.h" 5 #include "chrome/browser/ssl/ssl_blocking_page.h"
6 6
7 #include "base/i18n/rtl.h" 7 #include "base/i18n/rtl.h"
8 #include "base/metrics/field_trial.h" 8 #include "base/metrics/field_trial.h"
9 #include "base/metrics/histogram.h" 9 #include "base/metrics/histogram.h"
10 #include "base/strings/string_number_conversions.h"
10 #include "base/strings/string_piece.h" 11 #include "base/strings/string_piece.h"
11 #include "base/strings/utf_string_conversions.h" 12 #include "base/strings/utf_string_conversions.h"
12 #include "base/values.h" 13 #include "base/values.h"
13 #include "chrome/browser/history/history_service_factory.h" 14 #include "chrome/browser/history/history_service_factory.h"
14 #include "chrome/browser/profiles/profile.h" 15 #include "chrome/browser/profiles/profile.h"
15 #include "chrome/browser/renderer_preferences_util.h" 16 #include "chrome/browser/renderer_preferences_util.h"
16 #include "chrome/browser/ssl/ssl_error_info.h" 17 #include "chrome/browser/ssl/ssl_error_info.h"
17 #include "chrome/browser/ui/browser.h" 18 #include "chrome/browser/ui/browser.h"
18 #include "chrome/browser/ui/browser_finder.h" 19 #include "chrome/browser/ui/browser_finder.h"
19 #include "content/public/browser/cert_store.h" 20 #include "content/public/browser/cert_store.h"
(...skipping 24 matching lines...) Expand all
44 using content::NavigationController; 45 using content::NavigationController;
45 using content::NavigationEntry; 46 using content::NavigationEntry;
46 47
47 namespace { 48 namespace {
48 49
49 // These represent the commands sent by ssl_roadblock.html. 50 // These represent the commands sent by ssl_roadblock.html.
50 enum SSLBlockingPageCommands { 51 enum SSLBlockingPageCommands {
51 CMD_DONT_PROCEED, 52 CMD_DONT_PROCEED,
52 CMD_PROCEED, 53 CMD_PROCEED,
53 CMD_FOCUS, 54 CMD_FOCUS,
54 CMD_MORE 55 CMD_MORE,
56 CMD_RELOAD,
55 }; 57 };
56 58
57 // Events for UMA. 59 // Events for UMA.
58 enum SSLBlockingPageEvent { 60 enum SSLBlockingPageEvent {
59 SHOW_ALL, 61 SHOW_ALL,
60 SHOW_OVERRIDABLE, 62 SHOW_OVERRIDABLE,
61 PROCEED_OVERRIDABLE, 63 PROCEED_OVERRIDABLE,
62 PROCEED_NAME, 64 PROCEED_NAME,
63 PROCEED_DATE, 65 PROCEED_DATE,
64 PROCEED_AUTHORITY, 66 PROCEED_AUTHORITY,
(...skipping 126 matching lines...) Expand 10 before | Expand all | Expand 10 after
191 internal_, 193 internal_,
192 display_start_time_, 194 display_start_time_,
193 num_visits_); 195 num_visits_);
194 // The page is closed without the user having chosen what to do, default to 196 // The page is closed without the user having chosen what to do, default to
195 // deny. 197 // deny.
196 NotifyDenyCertificate(); 198 NotifyDenyCertificate();
197 } 199 }
198 } 200 }
199 201
200 std::string SSLBlockingPage::GetHTMLContents() { 202 std::string SSLBlockingPage::GetHTMLContents() {
201 // Let's build the html error page.
202 DictionaryValue strings; 203 DictionaryValue strings;
203 SSLErrorInfo error_info = 204 int resource_id;
204 SSLErrorInfo::CreateError(SSLErrorInfo::NetErrorToErrorType(cert_error_), 205 if (overridable_ && !strict_enforcement_) {
205 ssl_info_.cert.get(), 206 // Let's build the overridable error page.
206 request_url_); 207 SSLErrorInfo error_info =
208 SSLErrorInfo::CreateError(
209 SSLErrorInfo::NetErrorToErrorType(cert_error_),
210 ssl_info_.cert.get(),
211 request_url_);
207 212
208 int resource_id = IDR_SSL_ROAD_BLOCK_HTML; 213 resource_id = IDR_SSL_ROAD_BLOCK_HTML;
209 strings.SetString("headLine", error_info.title()); 214 strings.SetString("headLine", error_info.title());
210 strings.SetString("description", error_info.details()); 215 strings.SetString("description", error_info.details());
211 strings.SetString("moreInfoTitle", 216 strings.SetString("moreInfoTitle",
212 l10n_util::GetStringUTF16(IDS_CERT_ERROR_EXTRA_INFO_TITLE)); 217 l10n_util::GetStringUTF16(IDS_CERT_ERROR_EXTRA_INFO_TITLE));
213 SetExtraInfo(&strings, error_info.extra_information()); 218 SetExtraInfo(&strings, error_info.extra_information());
214 219
215 strings.SetString("exit", 220 strings.SetString(
216 l10n_util::GetStringUTF16(IDS_SSL_BLOCKING_PAGE_EXIT)); 221 "exit", l10n_util::GetStringUTF16(IDS_SSL_OVERRIDABLE_PAGE_EXIT));
222 strings.SetString(
223 "title", l10n_util::GetStringUTF16(IDS_SSL_OVERRIDABLE_PAGE_TITLE));
224 strings.SetString(
225 "proceed", l10n_util::GetStringUTF16(IDS_SSL_OVERRIDABLE_PAGE_PROCEED));
226 strings.SetString(
227 "reasonForNotProceeding", l10n_util::GetStringUTF16(
228 IDS_SSL_OVERRIDABLE_PAGE_SHOULD_NOT_PROCEED));
229 strings.SetString("errorType", "overridable");
230 strings.SetString("textdirection", base::i18n::IsRTL() ? "rtl" : "ltr");
231 } else {
232 // Let's build the blocking error page.
233 resource_id = IDR_SSL_BLOCKING_HTML;
217 234
218 if (overridable_ && !strict_enforcement_) { 235 // Strings that are not dependent on the URL.
219 strings.SetString("title", 236 strings.SetString(
220 l10n_util::GetStringUTF16(IDS_SSL_BLOCKING_PAGE_TITLE)); 237 "title", l10n_util::GetStringUTF16(IDS_SSL_BLOCKING_PAGE_TITLE));
221 strings.SetString("proceed", 238 strings.SetString(
222 l10n_util::GetStringUTF16(IDS_SSL_BLOCKING_PAGE_PROCEED)); 239 "secondPar",
223 strings.SetString("reasonForNotProceeding", 240 l10n_util::GetStringUTF16(IDS_SSL_BLOCKING_PAGE_SECOND_PAR));
224 l10n_util::GetStringUTF16( 241 strings.SetString(
225 IDS_SSL_BLOCKING_PAGE_SHOULD_NOT_PROCEED)); 242 "reloadMsg", l10n_util::GetStringUTF16(IDS_ERRORPAGES_BUTTON_RELOAD));
226 strings.SetString("errorType", "overridable"); 243 strings.SetString(
227 } else { 244 "more", l10n_util::GetStringUTF16(IDS_ERRORPAGES_BUTTON_MORE));
228 strings.SetString("title", 245 strings.SetString(
229 l10n_util::GetStringUTF16(IDS_SSL_ERROR_PAGE_TITLE)); 246 "less", l10n_util::GetStringUTF16(IDS_ERRORPAGES_BUTTON_LESS));
247 strings.SetString(
248 "moreTitle",
249 l10n_util::GetStringUTF16(IDS_SSL_BLOCKING_PAGE_MORE_TITLE));
250 strings.SetString(
251 "moreContentSecond",
252 l10n_util::GetStringUTF16(IDS_SSL_BLOCKING_PAGE_MORE_SECOND_PAR));
253 strings.SetString(
254 "techTitle",
255 l10n_util::GetStringUTF16(IDS_SSL_BLOCKING_PAGE_TECH_TITLE));
256
257 // Strings that are dependent on the URL.
258 string16 url(ASCIIToUTF16(request_url_.host()));
259 bool rtl = base::i18n::IsRTL();
260 strings.SetString("textDirection", rtl ? "rtl" : "ltr");
261 if (rtl)
262 base::i18n::WrapStringWithLTRFormatting(&url);
263 strings.SetString(
264 "headline", l10n_util::GetStringFUTF16(IDS_SSL_BLOCKING_PAGE_HEADLINE,
265 url.c_str()));
266 strings.SetString(
267 "firstPar", l10n_util::GetStringFUTF16(IDS_SSL_BLOCKING_PAGE_FIRST_PAR,
268 url.c_str()));
269 strings.SetString(
270 "thirdPar", l10n_util::GetStringFUTF16(IDS_SSL_BLOCKING_PAGE_THIRD_PAR,
271 url.c_str()));
272 strings.SetString(
273 "moreContentFirst",
274 l10n_util::GetStringFUTF16(IDS_SSL_BLOCKING_PAGE_MORE_FIRST_PAR,
275 url.c_str()));
276 strings.SetString("reloadUrl", request_url_.spec());
277
278 // Strings that are dependent on the error type.
279 SSLErrorInfo::ErrorType type =
280 SSLErrorInfo::NetErrorToErrorType(cert_error_);
281 string16 errorType;
230 if (strict_enforcement_) { 282 if (strict_enforcement_) {
231 strings.SetString("reasonForNotProceeding", 283 errorType = string16(ASCIIToUTF16("HSTS failure"));
palmer 2013/09/06 17:01:33 This string bothers me a tiny bit, because even wh
felt 2013/09/06 17:37:47 At the present time, only HSTS can trigger this ca
felt 2013/09/09 14:34:12 However, I did add the strings to the grd file so
232 l10n_util::GetStringUTF16( 284 strings.SetString(
233 IDS_SSL_ERROR_PAGE_CANNOT_PROCEED)); 285 "failure",
286 l10n_util::GetStringFUTF16(IDS_SSL_BLOCKING_PAGE_HSTS, url.c_str()));
287 } else if (type == SSLErrorInfo::CERT_REVOKED) {
288 errorType = string16(ASCIIToUTF16("Key revocation"));
289 strings.SetString(
290 "failure",
291 l10n_util::GetStringUTF16(IDS_SSL_BLOCKING_PAGE_REVOKED));
234 } else { 292 } else {
235 strings.SetString("reasonForNotProceeding", std::string()); 293 // This is SSLErrorInfo::CERT_INVALID and any other corner case.
294 errorType = string16(ASCIIToUTF16("Malformed certificate"));
295 strings.SetString(
296 "failure",
297 l10n_util::GetStringUTF16(IDS_SSL_BLOCKING_PAGE_FORMATTED));
236 } 298 }
237 strings.SetString("errorType", "notoverridable"); 299 if (rtl)
300 base::i18n::WrapStringWithLTRFormatting(&errorType);
301 strings.SetString(
302 "errorType", l10n_util::GetStringFUTF16(IDS_SSL_BLOCKING_PAGE_ERROR,
303 errorType.c_str()));
304
305 // Strings that display the invalid cert.
306 string16 subject(ASCIIToUTF16(ssl_info_.cert->subject().GetDisplayName()));
307 string16 issuer(ASCIIToUTF16(ssl_info_.cert->issuer().GetDisplayName()));
308 string16 fingerprint(ASCIIToUTF16(
309 base::HexEncode(ssl_info_.cert->fingerprint().data,
palmer 2013/09/06 17:01:33 Ahh, so answering my previous question: The finger
felt 2013/09/06 17:37:47 Someone (either you or Sleevi) asked me to put the
felt 2013/09/09 14:34:12 Updated this to SPKI hashes.
310 sizeof(ssl_info_.cert->fingerprint().data))));
311 if (rtl) {
312 // These are always going to be LTR.
313 base::i18n::WrapStringWithLTRFormatting(&subject);
314 base::i18n::WrapStringWithLTRFormatting(&issuer);
315 base::i18n::WrapStringWithLTRFormatting(&fingerprint);
316 }
317 strings.SetString(
318 "subject", l10n_util::GetStringFUTF16(IDS_SSL_BLOCKING_PAGE_SUBJECT,
319 subject.c_str()));
320 strings.SetString(
321 "issuer", l10n_util::GetStringFUTF16(IDS_SSL_BLOCKING_PAGE_ISSUER,
322 issuer.c_str()));
323 strings.SetString(
324 "fingerprint",
325 l10n_util::GetStringFUTF16(IDS_SSL_BLOCKING_PAGE_FINGERPRINT,
326 fingerprint.c_str()));
238 } 327 }
239 328
240 strings.SetString("textdirection", base::i18n::IsRTL() ? "rtl" : "ltr");
241
242 base::StringPiece html( 329 base::StringPiece html(
243 ResourceBundle::GetSharedInstance().GetRawDataResource( 330 ResourceBundle::GetSharedInstance().GetRawDataResource(
244 resource_id)); 331 resource_id));
245
246 return webui::GetI18nTemplateHtml(html, &strings); 332 return webui::GetI18nTemplateHtml(html, &strings);
247 } 333 }
248 334
249 void SSLBlockingPage::OverrideEntry(NavigationEntry* entry) { 335 void SSLBlockingPage::OverrideEntry(NavigationEntry* entry) {
250 int cert_id = content::CertStore::GetInstance()->StoreCert( 336 int cert_id = content::CertStore::GetInstance()->StoreCert(
251 ssl_info_.cert.get(), web_contents_->GetRenderProcessHost()->GetID()); 337 ssl_info_.cert.get(), web_contents_->GetRenderProcessHost()->GetID());
252 338
253 entry->GetSSL().security_style = 339 entry->GetSSL().security_style =
254 content::SECURITY_STYLE_AUTHENTICATION_BROKEN; 340 content::SECURITY_STYLE_AUTHENTICATION_BROKEN;
255 entry->GetSSL().cert_id = cert_id; 341 entry->GetSSL().cert_id = cert_id;
(...skipping 11 matching lines...) Expand all
267 int cmd = atoi(command.c_str()); 353 int cmd = atoi(command.c_str());
268 if (cmd == CMD_DONT_PROCEED) { 354 if (cmd == CMD_DONT_PROCEED) {
269 interstitial_page_->DontProceed(); 355 interstitial_page_->DontProceed();
270 } else if (cmd == CMD_PROCEED) { 356 } else if (cmd == CMD_PROCEED) {
271 interstitial_page_->Proceed(); 357 interstitial_page_->Proceed();
272 } else if (cmd == CMD_FOCUS) { 358 } else if (cmd == CMD_FOCUS) {
273 // Start recording the time when the page is first in focus 359 // Start recording the time when the page is first in focus
274 display_start_time_ = base::TimeTicks::Now(); 360 display_start_time_ = base::TimeTicks::Now();
275 } else if (cmd == CMD_MORE) { 361 } else if (cmd == CMD_MORE) {
276 RecordSSLBlockingPageEventStats(MORE); 362 RecordSSLBlockingPageEventStats(MORE);
363 } else if (cmd == CMD_RELOAD) {
364 // The interstitial can't refresh itself.
365 content::NavigationController* controller = &web_contents_->GetController();
366 controller->Reload(true);
277 } 367 }
278 } 368 }
279 369
280 void SSLBlockingPage::OverrideRendererPrefs( 370 void SSLBlockingPage::OverrideRendererPrefs(
281 content::RendererPreferences* prefs) { 371 content::RendererPreferences* prefs) {
282 Profile* profile = Profile::FromBrowserContext( 372 Profile* profile = Profile::FromBrowserContext(
283 web_contents_->GetBrowserContext()); 373 web_contents_->GetBrowserContext());
284 renderer_preferences_util::UpdateFromSystemSettings(prefs, profile); 374 renderer_preferences_util::UpdateFromSystemSettings(prefs, profile);
285 } 375 }
286 376
(...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after
339 strings->SetString(keys[i], std::string()); 429 strings->SetString(keys[i], std::string());
340 } 430 }
341 } 431 }
342 432
343 void SSLBlockingPage::OnGotHistoryCount(HistoryService::Handle handle, 433 void SSLBlockingPage::OnGotHistoryCount(HistoryService::Handle handle,
344 bool success, 434 bool success,
345 int num_visits, 435 int num_visits,
346 base::Time first_visit) { 436 base::Time first_visit) {
347 num_visits_ = num_visits; 437 num_visits_ = num_visits;
348 } 438 }
OLDNEW
« chrome/app/generated_resources.grd ('K') | « chrome/browser/resources/ssl/locked_page_200.png ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698