Expose malware/phishing/etc. distinction from SafeBrowsingUIManager

chrome/browser/ssl/chrome_security_state_model_client.cc

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/ssl/chrome_security_state_model_client.h"
 
 #include <vector>
 
 #include "base/command_line.h"
 #include "base/metrics/field_trial.h"
@@ skipping 140 matching lines @@
 // Check to see whether the security state should be downgraded to reflect
 // a Safe Browsing verdict.
 void CheckSafeBrowsingStatus(content::NavigationEntry* entry,
                              content::WebContents* web_contents,
                              SecurityStateModel::VisibleSecurityState* state) {
   safe_browsing::SafeBrowsingService* sb_service =
       g_browser_process->safe_browsing_service();
   if (!sb_service)
     return;
   scoped_refptr<SafeBrowsingUIManager> sb_ui_manager = sb_service->ui_manager();
+  safe_browsing::SBThreatType threat_type;
   if (sb_ui_manager->IsUrlWhitelistedOrPendingForWebContents(
-          entry->GetURL(), false, entry, web_contents, false)) {
-    state->fails_malware_check = true;
+          entry->GetURL(), false, entry, web_contents, false, &threat_type)) {
+    switch (threat_type) {
+      case safe_browsing::SB_THREAT_TYPE_SAFE:
+        break;
+      case safe_browsing::SB_THREAT_TYPE_URL_PHISHING:
+      case safe_browsing::SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL:
+        state->malicious_content_status = security_state::SecurityStateModel::
+            MALICIOUS_CONTENT_STATUS_SOCIAL_ENGINEERING;
+        break;
+      case safe_browsing::SB_THREAT_TYPE_URL_MALWARE:
+      case safe_browsing::SB_THREAT_TYPE_BINARY_MALWARE_URL:
+      case safe_browsing::SB_THREAT_TYPE_EXTENSION:

[Nathan Parker, 2016/11/10 00:13:03]

nit: I think _EXTENSION and _BINARY_MALWARE_URL won't ever be associated with an
interstitial.  So therefore those could move down to the NOTREACHED section.

[estark, 2016/11/11 20:28:13]

Done.

+      case safe_browsing::SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL:
+        state->malicious_content_status = security_state::SecurityStateModel::
+            MALICIOUS_CONTENT_STATUS_MALWARE;
+        break;
+      case safe_browsing::SB_THREAT_TYPE_URL_UNWANTED:
+        state->malicious_content_status = security_state::SecurityStateModel::
+            MALICIOUS_CONTENT_STATUS_UNWANTED_SOFTWARE;
+        break;
+      case safe_browsing::SB_THREAT_TYPE_BLACKLISTED_RESOURCE:

[Nathan Parker, 2016/11/10 00:13:03]

Maybe add a comment that these are not associated with interstitials.  I'm sure
we'll add some new types in the future, and we'll need to add them here as well.

[estark, 2016/11/11 20:28:14]

Done.

+      case safe_browsing::SB_THREAT_TYPE_API_ABUSE:
+        NOTREACHED();
+        break;
+    }
   }
 }
 
 }  // namespace
 
 ChromeSecurityStateModelClient::ChromeSecurityStateModelClient(
     content::WebContents* web_contents)
     : content::WebContentsObserver(web_contents),
       web_contents_(web_contents),
       security_state_model_(new SecurityStateModel()),
@@ skipping 255 matching lines @@
       !!(ssl.content_status & content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS);
   state->displayed_password_field_on_http =
       !!(ssl.content_status &
          content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
   state->displayed_credit_card_field_on_http =
       !!(ssl.content_status &
          content::SSLStatus::DISPLAYED_CREDIT_CARD_FIELD_ON_HTTP);
 
   CheckSafeBrowsingStatus(entry, web_contents_, state);
 }