Add WebsiteSettings strings for malware/UwS/phishing

chrome/browser/ui/website_settings/website_settings.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/ui/website_settings/website_settings.h"
 
 #include <stddef.h>
 #include <stdint.h>
 
 #include <string>
@@ skipping 157 matching lines @@
   // that useful (and would potentially be confusing) to warn about
   // subesources that had certificate errors too.
   if (net::IsCertStatusError(security_info.cert_status) &&
       !net::IsCertStatusMinorError(security_info.cert_status)) {
     return;
   }
   CheckContentStatus(security_info.content_with_cert_errors_status, displayed,
                      ran);
 }
 
+void GetSiteIdentityByMaliciousContentStatus(
+    security_state::SecurityStateModel::MaliciousContentStatus
+        malicious_content_status,
+    WebsiteSettings::SiteIdentityStatus* status,
+    base::string16* details) {
+  switch (malicious_content_status) {
+    case security_state::SecurityStateModel::MALICIOUS_CONTENT_STATUS_NONE:
+      NOTREACHED();
+      break;
+    case security_state::SecurityStateModel::MALICIOUS_CONTENT_STATUS_MALWARE:
+      *status = WebsiteSettings::SITE_IDENTITY_STATUS_MALWARE;
+      *details =
+          l10n_util::GetStringUTF16(IDS_WEBSITE_SETTINGS_MALWARE_DETAILS);
+      break;
+    case security_state::SecurityStateModel::
+        MALICIOUS_CONTENT_STATUS_SOCIAL_ENGINEERING:
+      *status = WebsiteSettings::SITE_IDENTITY_STATUS_SOCIAL_ENGINEERING;
+      *details = l10n_util::GetStringUTF16(
+          IDS_WEBSITE_SETTINGS_SOCIAL_ENGINEERING_DETAILS);
+      break;
+    case security_state::SecurityStateModel::
+        MALICIOUS_CONTENT_STATUS_UNWANTED_SOFTWARE:
+      *status = WebsiteSettings::SITE_IDENTITY_STATUS_UNWANTED_SOFTWARE;
+      *details = l10n_util::GetStringUTF16(
+          IDS_WEBSITE_SETTINGS_UNWANTED_SOFTWARE_DETAILS);
+      break;
+  }
+}
+
 // Returns true if any of the given statuses match |status|.
 bool CertificateTransparencyStatusMatchAny(
     const std::vector<net::ct::SCTVerifyStatus>& sct_verify_statuses,
     net::ct::SCTVerifyStatus status) {
   for (const auto& verify_status : sct_verify_statuses) {
     if (verify_status == status)
       return true;
   }
   return false;
 }
@@ skipping 259 matching lines @@
     site_identity_status_ = SITE_IDENTITY_STATUS_INTERNAL_PAGE;
     site_identity_details_ =
         l10n_util::GetStringUTF16(IDS_PAGE_INFO_INTERNAL_PAGE);
     site_connection_status_ = SITE_CONNECTION_STATUS_INTERNAL_PAGE;
     return;
   }
 
   // Identity section.
   certificate_ = security_info.certificate;
 
-  // HTTPS with no or minor errors.
-  if (certificate_ &&
-      (!net::IsCertStatusError(security_info.cert_status) ||
-       net::IsCertStatusMinorError(security_info.cert_status))) {
-    // There are no major errors. Check for minor errors.
+  if (security_info.malicious_content_status !=
+      security_state::SecurityStateModel::MALICIOUS_CONTENT_STATUS_NONE) {
+    // The site has been flagged by Safe Browsing as dangerous.
+    GetSiteIdentityByMaliciousContentStatus(
+        security_info.malicious_content_status, &site_identity_status_,
+        &site_identity_details_);

[estark, 2016/11/11 22:22:15]

I don't 100% understand what's going on here with site_identity_details_. It
looks to me like it's used on android to set the description, but not on other
platforms.

[lgarron, 2016/11/11 22:39:01]

Yeah, the identity/connection split is legacy code for desktop code, but I'm not
planning to remove it until Q1 because it's still used on Android.

Assuming you meant for Safe Browsing errors to show up over invalid certs (which
sounds fine), this looks alright to me.

+  } else if (certificate_ &&
+             (!net::IsCertStatusError(security_info.cert_status) ||
+              net::IsCertStatusMinorError(security_info.cert_status))) {
+    // HTTPS with no or minor errors.
     if (security_info.security_level ==
         SecurityStateModel::SECURE_WITH_POLICY_INSTALLED_CERT) {
       site_identity_status_ = SITE_IDENTITY_STATUS_ADMIN_PROVIDED_CERT;
       site_identity_details_ = l10n_util::GetStringFUTF16(
           IDS_CERT_POLICY_PROVIDED_CERT_MESSAGE, UTF8ToUTF16(url.host()));
     } else if (net::IsCertStatusMinorError(security_info.cert_status)) {
       site_identity_status_ = SITE_IDENTITY_STATUS_CERT_REVOCATION_UNKNOWN;
       base::string16 issuer_name(
           UTF8ToUTF16(certificate_->issuer().GetDisplayName()));
       if (issuer_name.empty()) {
@@ skipping 366 matching lines @@
   info.connection_status = site_connection_status_;
   info.connection_status_description =
       UTF16ToUTF8(site_connection_details_);
   info.identity_status = site_identity_status_;
   info.identity_status_description =
       UTF16ToUTF8(site_identity_details_);
   info.certificate = certificate_;
   info.show_ssl_decision_revoke_button = show_ssl_decision_revoke_button_;
   ui_->SetIdentityInfo(info);
 }