OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/ssl/ssl_blocking_page.h" | 5 #include "chrome/browser/ssl/ssl_blocking_page.h" |
6 | 6 |
7 #include "base/i18n/rtl.h" | 7 #include "base/i18n/rtl.h" |
8 #include "base/metrics/field_trial.h" | 8 #include "base/metrics/field_trial.h" |
9 #include "base/metrics/histogram.h" | 9 #include "base/metrics/histogram.h" |
10 #include "base/strings/string_number_conversions.h" | |
10 #include "base/strings/string_piece.h" | 11 #include "base/strings/string_piece.h" |
11 #include "base/strings/utf_string_conversions.h" | 12 #include "base/strings/utf_string_conversions.h" |
12 #include "base/values.h" | 13 #include "base/values.h" |
13 #include "chrome/browser/history/history_service_factory.h" | 14 #include "chrome/browser/history/history_service_factory.h" |
14 #include "chrome/browser/profiles/profile.h" | 15 #include "chrome/browser/profiles/profile.h" |
15 #include "chrome/browser/renderer_preferences_util.h" | 16 #include "chrome/browser/renderer_preferences_util.h" |
16 #include "chrome/browser/ssl/ssl_error_info.h" | 17 #include "chrome/browser/ssl/ssl_error_info.h" |
17 #include "chrome/browser/ui/browser.h" | 18 #include "chrome/browser/ui/browser.h" |
18 #include "chrome/browser/ui/browser_finder.h" | 19 #include "chrome/browser/ui/browser_finder.h" |
19 #include "content/public/browser/cert_store.h" | 20 #include "content/public/browser/cert_store.h" |
(...skipping 24 matching lines...) Expand all Loading... | |
44 using content::NavigationController; | 45 using content::NavigationController; |
45 using content::NavigationEntry; | 46 using content::NavigationEntry; |
46 | 47 |
47 namespace { | 48 namespace { |
48 | 49 |
49 // These represent the commands sent by ssl_roadblock.html. | 50 // These represent the commands sent by ssl_roadblock.html. |
50 enum SSLBlockingPageCommands { | 51 enum SSLBlockingPageCommands { |
51 CMD_DONT_PROCEED, | 52 CMD_DONT_PROCEED, |
52 CMD_PROCEED, | 53 CMD_PROCEED, |
53 CMD_FOCUS, | 54 CMD_FOCUS, |
54 CMD_MORE | 55 CMD_MORE, |
56 CMD_RELOAD, | |
55 }; | 57 }; |
56 | 58 |
57 // Events for UMA. | 59 // Events for UMA. |
58 enum SSLBlockingPageEvent { | 60 enum SSLBlockingPageEvent { |
59 SHOW_ALL, | 61 SHOW_ALL, |
60 SHOW_OVERRIDABLE, | 62 SHOW_OVERRIDABLE, |
61 PROCEED_OVERRIDABLE, | 63 PROCEED_OVERRIDABLE, |
62 PROCEED_NAME, | 64 PROCEED_NAME, |
63 PROCEED_DATE, | 65 PROCEED_DATE, |
64 PROCEED_AUTHORITY, | 66 PROCEED_AUTHORITY, |
(...skipping 126 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
191 internal_, | 193 internal_, |
192 display_start_time_, | 194 display_start_time_, |
193 num_visits_); | 195 num_visits_); |
194 // The page is closed without the user having chosen what to do, default to | 196 // The page is closed without the user having chosen what to do, default to |
195 // deny. | 197 // deny. |
196 NotifyDenyCertificate(); | 198 NotifyDenyCertificate(); |
197 } | 199 } |
198 } | 200 } |
199 | 201 |
200 std::string SSLBlockingPage::GetHTMLContents() { | 202 std::string SSLBlockingPage::GetHTMLContents() { |
201 // Let's build the html error page. | |
202 DictionaryValue strings; | 203 DictionaryValue strings; |
203 SSLErrorInfo error_info = | 204 int resource_id; |
204 SSLErrorInfo::CreateError(SSLErrorInfo::NetErrorToErrorType(cert_error_), | 205 if (overridable_ && !strict_enforcement_) { |
205 ssl_info_.cert.get(), | 206 // Let's build the overridable error page. |
206 request_url_); | 207 SSLErrorInfo error_info = |
208 SSLErrorInfo::CreateError( | |
209 SSLErrorInfo::NetErrorToErrorType(cert_error_), | |
210 ssl_info_.cert.get(), | |
211 request_url_); | |
207 | 212 |
208 int resource_id = IDR_SSL_ROAD_BLOCK_HTML; | 213 resource_id = IDR_SSL_ROAD_BLOCK_HTML; |
209 strings.SetString("headLine", error_info.title()); | 214 strings.SetString("headLine", error_info.title()); |
210 strings.SetString("description", error_info.details()); | 215 strings.SetString("description", error_info.details()); |
211 strings.SetString("moreInfoTitle", | 216 strings.SetString("moreInfoTitle", |
212 l10n_util::GetStringUTF16(IDS_CERT_ERROR_EXTRA_INFO_TITLE)); | 217 l10n_util::GetStringUTF16(IDS_CERT_ERROR_EXTRA_INFO_TITLE)); |
213 SetExtraInfo(&strings, error_info.extra_information()); | 218 SetExtraInfo(&strings, error_info.extra_information()); |
214 | 219 |
215 strings.SetString("exit", | 220 strings.SetString( |
216 l10n_util::GetStringUTF16(IDS_SSL_BLOCKING_PAGE_EXIT)); | 221 "exit", l10n_util::GetStringUTF16(IDS_SSL_OVERRIDABLE_PAGE_EXIT)); |
222 strings.SetString( | |
223 "title", l10n_util::GetStringUTF16(IDS_SSL_OVERRIDABLE_PAGE_TITLE)); | |
224 strings.SetString( | |
225 "proceed", l10n_util::GetStringUTF16(IDS_SSL_OVERRIDABLE_PAGE_PROCEED)); | |
226 strings.SetString( | |
227 "reasonForNotProceeding", l10n_util::GetStringUTF16( | |
228 IDS_SSL_OVERRIDABLE_PAGE_SHOULD_NOT_PROCEED)); | |
229 strings.SetString("errorType", "overridable"); | |
230 strings.SetString("textdirection", base::i18n::IsRTL() ? "rtl" : "ltr"); | |
231 } else { | |
232 // Let's build the blocking error page. | |
233 resource_id = IDR_SSL_BLOCKING_HTML; | |
217 | 234 |
218 if (overridable_ && !strict_enforcement_) { | 235 // Strings that are not dependent on the URL. |
219 strings.SetString("title", | 236 strings.SetString( |
220 l10n_util::GetStringUTF16(IDS_SSL_BLOCKING_PAGE_TITLE)); | 237 "title", l10n_util::GetStringUTF16(IDS_SSL_BLOCKING_PAGE_TITLE)); |
221 strings.SetString("proceed", | 238 strings.SetString( |
222 l10n_util::GetStringUTF16(IDS_SSL_BLOCKING_PAGE_PROCEED)); | 239 "secondPar", |
223 strings.SetString("reasonForNotProceeding", | 240 l10n_util::GetStringUTF16(IDS_SSL_BLOCKING_PAGE_SECOND_PAR)); |
224 l10n_util::GetStringUTF16( | 241 strings.SetString( |
225 IDS_SSL_BLOCKING_PAGE_SHOULD_NOT_PROCEED)); | 242 "reloadMsg", l10n_util::GetStringUTF16(IDS_ERRORPAGES_BUTTON_RELOAD)); |
226 strings.SetString("errorType", "overridable"); | 243 strings.SetString( |
227 } else { | 244 "more", l10n_util::GetStringUTF16(IDS_ERRORPAGES_BUTTON_MORE)); |
228 strings.SetString("title", | 245 strings.SetString( |
229 l10n_util::GetStringUTF16(IDS_SSL_ERROR_PAGE_TITLE)); | 246 "less", l10n_util::GetStringUTF16(IDS_ERRORPAGES_BUTTON_LESS)); |
247 strings.SetString( | |
248 "moreTitle", | |
249 l10n_util::GetStringUTF16(IDS_SSL_BLOCKING_PAGE_MORE_TITLE)); | |
250 strings.SetString( | |
251 "moreContentSecond", | |
252 l10n_util::GetStringUTF16(IDS_SSL_BLOCKING_PAGE_MORE_SECOND_PAR)); | |
253 strings.SetString( | |
254 "techTitle", | |
255 l10n_util::GetStringUTF16(IDS_SSL_BLOCKING_PAGE_TECH_TITLE)); | |
256 | |
257 // Strings that are dependent on the URL. | |
258 string16 url(ASCIIToUTF16(request_url_.host())); | |
259 bool rtl = base::i18n::IsRTL(); | |
260 strings.SetString("textDirection", rtl ? "rtl" : "ltr"); | |
261 if (rtl) | |
262 base::i18n::WrapStringWithLTRFormatting(&url); | |
263 strings.SetString( | |
264 "headline", l10n_util::GetStringFUTF16(IDS_SSL_BLOCKING_PAGE_HEADLINE, | |
265 url.c_str())); | |
266 strings.SetString( | |
267 "firstPar", l10n_util::GetStringFUTF16(IDS_SSL_BLOCKING_PAGE_FIRST_PAR, | |
268 url.c_str())); | |
269 strings.SetString( | |
270 "thirdPar", l10n_util::GetStringFUTF16(IDS_SSL_BLOCKING_PAGE_THIRD_PAR, | |
271 url.c_str())); | |
272 strings.SetString( | |
273 "moreContentFirst", | |
274 l10n_util::GetStringFUTF16(IDS_SSL_BLOCKING_PAGE_MORE_FIRST_PAR, | |
275 url.c_str())); | |
276 strings.SetString("reloadUrl", request_url_.spec()); | |
277 | |
278 // Strings that are dependent on the error type. | |
279 SSLErrorInfo::ErrorType type = | |
280 SSLErrorInfo::NetErrorToErrorType(cert_error_); | |
281 string16 errorType; | |
230 if (strict_enforcement_) { | 282 if (strict_enforcement_) { |
231 strings.SetString("reasonForNotProceeding", | 283 errorType = string16(ASCIIToUTF16("HSTS failure")); |
palmer
2013/09/06 17:01:33
This string bothers me a tiny bit, because even wh
felt
2013/09/06 17:37:47
At the present time, only HSTS can trigger this ca
felt
2013/09/09 14:34:12
However, I did add the strings to the grd file so
| |
232 l10n_util::GetStringUTF16( | 284 strings.SetString( |
233 IDS_SSL_ERROR_PAGE_CANNOT_PROCEED)); | 285 "failure", |
286 l10n_util::GetStringFUTF16(IDS_SSL_BLOCKING_PAGE_HSTS, url.c_str())); | |
287 } else if (type == SSLErrorInfo::CERT_REVOKED) { | |
288 errorType = string16(ASCIIToUTF16("Key revocation")); | |
289 strings.SetString( | |
290 "failure", | |
291 l10n_util::GetStringUTF16(IDS_SSL_BLOCKING_PAGE_REVOKED)); | |
234 } else { | 292 } else { |
235 strings.SetString("reasonForNotProceeding", std::string()); | 293 // This is SSLErrorInfo::CERT_INVALID and any other corner case. |
294 errorType = string16(ASCIIToUTF16("Malformed certificate")); | |
295 strings.SetString( | |
296 "failure", | |
297 l10n_util::GetStringUTF16(IDS_SSL_BLOCKING_PAGE_FORMATTED)); | |
236 } | 298 } |
237 strings.SetString("errorType", "notoverridable"); | 299 if (rtl) |
300 base::i18n::WrapStringWithLTRFormatting(&errorType); | |
301 strings.SetString( | |
302 "errorType", l10n_util::GetStringFUTF16(IDS_SSL_BLOCKING_PAGE_ERROR, | |
303 errorType.c_str())); | |
304 | |
305 // Strings that display the invalid cert. | |
306 string16 subject(ASCIIToUTF16(ssl_info_.cert->subject().GetDisplayName())); | |
307 string16 issuer(ASCIIToUTF16(ssl_info_.cert->issuer().GetDisplayName())); | |
308 string16 fingerprint(ASCIIToUTF16( | |
309 base::HexEncode(ssl_info_.cert->fingerprint().data, | |
palmer
2013/09/06 17:01:33
Ahh, so answering my previous question: The finger
felt
2013/09/06 17:37:47
Someone (either you or Sleevi) asked me to put the
felt
2013/09/09 14:34:12
Updated this to SPKI hashes.
| |
310 sizeof(ssl_info_.cert->fingerprint().data)))); | |
311 if (rtl) { | |
312 // These are always going to be LTR. | |
313 base::i18n::WrapStringWithLTRFormatting(&subject); | |
314 base::i18n::WrapStringWithLTRFormatting(&issuer); | |
315 base::i18n::WrapStringWithLTRFormatting(&fingerprint); | |
316 } | |
317 strings.SetString( | |
318 "subject", l10n_util::GetStringFUTF16(IDS_SSL_BLOCKING_PAGE_SUBJECT, | |
319 subject.c_str())); | |
320 strings.SetString( | |
321 "issuer", l10n_util::GetStringFUTF16(IDS_SSL_BLOCKING_PAGE_ISSUER, | |
322 issuer.c_str())); | |
323 strings.SetString( | |
324 "fingerprint", | |
325 l10n_util::GetStringFUTF16(IDS_SSL_BLOCKING_PAGE_FINGERPRINT, | |
326 fingerprint.c_str())); | |
238 } | 327 } |
239 | 328 |
240 strings.SetString("textdirection", base::i18n::IsRTL() ? "rtl" : "ltr"); | |
241 | |
242 base::StringPiece html( | 329 base::StringPiece html( |
243 ResourceBundle::GetSharedInstance().GetRawDataResource( | 330 ResourceBundle::GetSharedInstance().GetRawDataResource( |
244 resource_id)); | 331 resource_id)); |
245 | |
246 return webui::GetI18nTemplateHtml(html, &strings); | 332 return webui::GetI18nTemplateHtml(html, &strings); |
247 } | 333 } |
248 | 334 |
249 void SSLBlockingPage::OverrideEntry(NavigationEntry* entry) { | 335 void SSLBlockingPage::OverrideEntry(NavigationEntry* entry) { |
250 int cert_id = content::CertStore::GetInstance()->StoreCert( | 336 int cert_id = content::CertStore::GetInstance()->StoreCert( |
251 ssl_info_.cert.get(), web_contents_->GetRenderProcessHost()->GetID()); | 337 ssl_info_.cert.get(), web_contents_->GetRenderProcessHost()->GetID()); |
252 | 338 |
253 entry->GetSSL().security_style = | 339 entry->GetSSL().security_style = |
254 content::SECURITY_STYLE_AUTHENTICATION_BROKEN; | 340 content::SECURITY_STYLE_AUTHENTICATION_BROKEN; |
255 entry->GetSSL().cert_id = cert_id; | 341 entry->GetSSL().cert_id = cert_id; |
(...skipping 11 matching lines...) Expand all Loading... | |
267 int cmd = atoi(command.c_str()); | 353 int cmd = atoi(command.c_str()); |
268 if (cmd == CMD_DONT_PROCEED) { | 354 if (cmd == CMD_DONT_PROCEED) { |
269 interstitial_page_->DontProceed(); | 355 interstitial_page_->DontProceed(); |
270 } else if (cmd == CMD_PROCEED) { | 356 } else if (cmd == CMD_PROCEED) { |
271 interstitial_page_->Proceed(); | 357 interstitial_page_->Proceed(); |
272 } else if (cmd == CMD_FOCUS) { | 358 } else if (cmd == CMD_FOCUS) { |
273 // Start recording the time when the page is first in focus | 359 // Start recording the time when the page is first in focus |
274 display_start_time_ = base::TimeTicks::Now(); | 360 display_start_time_ = base::TimeTicks::Now(); |
275 } else if (cmd == CMD_MORE) { | 361 } else if (cmd == CMD_MORE) { |
276 RecordSSLBlockingPageEventStats(MORE); | 362 RecordSSLBlockingPageEventStats(MORE); |
363 } else if (cmd == CMD_RELOAD) { | |
364 // The interstitial can't refresh itself. | |
365 content::NavigationController* controller = &web_contents_->GetController(); | |
366 controller->Reload(true); | |
277 } | 367 } |
278 } | 368 } |
279 | 369 |
280 void SSLBlockingPage::OverrideRendererPrefs( | 370 void SSLBlockingPage::OverrideRendererPrefs( |
281 content::RendererPreferences* prefs) { | 371 content::RendererPreferences* prefs) { |
282 Profile* profile = Profile::FromBrowserContext( | 372 Profile* profile = Profile::FromBrowserContext( |
283 web_contents_->GetBrowserContext()); | 373 web_contents_->GetBrowserContext()); |
284 renderer_preferences_util::UpdateFromSystemSettings(prefs, profile); | 374 renderer_preferences_util::UpdateFromSystemSettings(prefs, profile); |
285 } | 375 } |
286 | 376 |
(...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
339 strings->SetString(keys[i], std::string()); | 429 strings->SetString(keys[i], std::string()); |
340 } | 430 } |
341 } | 431 } |
342 | 432 |
343 void SSLBlockingPage::OnGotHistoryCount(HistoryService::Handle handle, | 433 void SSLBlockingPage::OnGotHistoryCount(HistoryService::Handle handle, |
344 bool success, | 434 bool success, |
345 int num_visits, | 435 int num_visits, |
346 base::Time first_visit) { | 436 base::Time first_visit) { |
347 num_visits_ = num_visits; | 437 num_visits_ = num_visits; |
348 } | 438 } |
OLD | NEW |