Expand WebsiteSettings histograms for HTTP-bad

chrome/browser/ui/website_settings/website_settings.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/ui/website_settings/website_settings.h"
 
 #include <openssl/ssl.h>
 #include <stddef.h>
 #include <stdint.h>
 
@@ skipping 250 matching lines @@
       content::WebContentsObserver(web_contents),
       ui_(ui),
       show_info_bar_(false),
       site_url_(url),
       site_identity_status_(SITE_IDENTITY_STATUS_UNKNOWN),
       site_connection_status_(SITE_CONNECTION_STATUS_UNKNOWN),
       content_settings_(HostContentSettingsMapFactory::GetForProfile(profile)),
       chrome_ssl_host_state_delegate_(
           ChromeSSLHostStateDelegateFactory::GetForProfile(profile)),
       did_revoke_user_ssl_decisions_(false),
-      profile_(profile) {
+      profile_(profile),
+      security_level_(security_state::SecurityStateModel::NONE) {
   Init(url, security_info);
 
   PresentSitePermissions();
   PresentSiteData();
   PresentSiteIdentity();
 
   // Every time the Website Settings UI is opened a |WebsiteSettings| object is
   // created. So this counts how ofter the Website Settings UI is opened.
   RecordWebsiteSettingsAction(WEBSITE_SETTINGS_OPENED);
 }
 
 WebsiteSettings::~WebsiteSettings() {
 }
 
 void WebsiteSettings::RecordWebsiteSettingsAction(
     WebsiteSettingsAction action) {
   UMA_HISTOGRAM_ENUMERATION("WebsiteSettings.Action",
                             action,
                             WEBSITE_SETTINGS_COUNT);
 
-  // Use a separate histogram to record actions if they are done on a page with
-  // an HTTPS URL. Note that this *disregards* security status.
-  //
+  std::string histogram_name;
 
-  // TODO(palmer): Consider adding a new histogram for
-  // GURL::SchemeIsCryptographic. (We don't want to replace this call with a
-  // call to that function because we don't want to change the meanings of
-  // existing metrics.) This would inform the decision to mark non-secure
-  // origins as Dubious or Non-Secure; the overall bug for that is
-  // crbug.com/454579.
-  if (site_url_.SchemeIs(url::kHttpsScheme)) {
-    UMA_HISTOGRAM_ENUMERATION("WebsiteSettings.Action.HttpsUrl",
-                              action,
-                              WEBSITE_SETTINGS_COUNT);
+  if (site_url_.SchemeIsCryptographic()) {
+    if (security_level_ == security_state::SecurityStateModel::SECURE ||
+        security_level_ == security_state::SecurityStateModel::EV_SECURE) {
+      UMA_HISTOGRAM_ENUMERATION("Security.PageInfo.Action.HttpsUrl.Valid",
+                                action, WEBSITE_SETTINGS_COUNT);
+    } else if (security_level_ == security_state::SecurityStateModel::NONE) {
+      UMA_HISTOGRAM_ENUMERATION("Security.PageInfo.Action.HttpsUrl.Downgraded",
+                                action, WEBSITE_SETTINGS_COUNT);
+    } else if (security_level_ ==
+               security_state::SecurityStateModel::DANGEROUS) {
+      UMA_HISTOGRAM_ENUMERATION("Security.PageInfo.Action.HttpsUrl.Dangerous",
+                                action, WEBSITE_SETTINGS_COUNT);
+    }
+    return;
+  }
+
+  if (security_level_ ==
+      security_state::SecurityStateModel::HTTP_SHOW_WARNING) {
+    UMA_HISTOGRAM_ENUMERATION("Security.PageInfo.Action.HttpUrl.Warning",
+                              action, WEBSITE_SETTINGS_COUNT);
+  } else if (security_level_ == security_state::SecurityStateModel::DANGEROUS) {
+    UMA_HISTOGRAM_ENUMERATION("Security.PageInfo.Action.HttpUrl.Dangerous",
+                              action, WEBSITE_SETTINGS_COUNT);
+  } else {
+    UMA_HISTOGRAM_ENUMERATION("Security.PageInfo.Action.HttpUrl.Neutral",
+                              action, WEBSITE_SETTINGS_COUNT);
   }
 }
 
 void WebsiteSettings::OnSitePermissionChanged(ContentSettingsType type,
                                               ContentSetting setting) {
   // Count how often a permission for a specific content type is changed using
   // the Website Settings UI.
   size_t num_values;
   int histogram_value = ContentSettingTypeToHistogramValue(type, &num_values);
   UMA_HISTOGRAM_ENUMERATION("WebsiteSettings.OriginInfo.PermissionChanged",
@@ skipping 89 matching lines @@
          !url.SchemeIs(content::kChromeDevToolsScheme) &&
          !url.SchemeIs(content::kViewSourceScheme) &&
          !url.SchemeIs(content_settings::kExtensionScheme));
 #endif
 
   bool isChromeUINativeScheme = false;
 #if BUILDFLAG(ANDROID_JAVA_UI)
   isChromeUINativeScheme = url.SchemeIs(chrome::kChromeUINativeScheme);
 #endif
 
+  security_level_ = security_info.security_level;
+
   if (url.SchemeIs(url::kAboutScheme)) {
     // All about: URLs except about:blank are redirected.
     DCHECK_EQ(url::kAboutBlankURL, url.spec());
     site_identity_status_ = SITE_IDENTITY_STATUS_NO_CERT;
     site_identity_details_ =
         l10n_util::GetStringUTF16(IDS_PAGE_INFO_SECURITY_TAB_INSECURE_IDENTITY);
     site_connection_status_ = SITE_CONNECTION_STATUS_UNENCRYPTED;
     site_connection_details_ = l10n_util::GetStringFUTF16(
         IDS_PAGE_INFO_SECURITY_TAB_NOT_ENCRYPTED_CONNECTION_TEXT,
         UTF8ToUTF16(url.spec()));
@@ skipping 395 matching lines @@
   info.connection_status = site_connection_status_;
   info.connection_status_description =
       UTF16ToUTF8(site_connection_details_);
   info.identity_status = site_identity_status_;
   info.identity_status_description =
       UTF16ToUTF8(site_identity_details_);
   info.certificate = certificate_;
   info.show_ssl_decision_revoke_button = show_ssl_decision_revoke_button_;
   ui_->SetIdentityInfo(info);
 }