OLD | NEW |
| (Empty) |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "components/security_interstitials/core/safe_browsing_error_ui.h" | |
6 | |
7 #include "base/i18n/time_formatting.h" | |
8 #include "base/metrics/histogram_macros.h" | |
9 #include "base/strings/stringprintf.h" | |
10 #include "base/strings/utf_string_conversions.h" | |
11 #include "components/google/core/browser/google_util.h" | |
12 #include "components/security_interstitials/core/common_string_util.h" | |
13 #include "components/security_interstitials/core/metrics_helper.h" | |
14 #include "components/strings/grit/components_strings.h" | |
15 #include "net/base/escape.h" | |
16 #include "ui/base/l10n/l10n_util.h" | |
17 | |
18 namespace security_interstitials { | |
19 namespace { | |
20 | |
21 // URL for the Help Center article on Safe Browsing warnings. | |
22 const char kLearnMore[] = "https://support.google.com/chrome/answer/99020"; | |
23 | |
24 // For malware interstitial pages, we link the problematic URL to Google's | |
25 // diagnostic page. | |
26 #if defined(GOOGLE_CHROME_BUILD) | |
27 const char kSbDiagnosticUrl[] = | |
28 "https://www.google.com/safebrowsing/" | |
29 "diagnostic?site=%s&client=googlechrome"; | |
30 #else | |
31 const char kSbDiagnosticUrl[] = | |
32 "https://www.google.com/safebrowsing/diagnostic?site=%s&client=chromium"; | |
33 #endif | |
34 | |
35 // Constants for the V4 phishing string upgrades. | |
36 const char kReportPhishingErrorUrl[] = | |
37 "https://www.google.com/safebrowsing/report_error/"; | |
38 | |
39 void RecordExtendedReportingPrefChanged(bool report, bool is_scout) { | |
40 if (is_scout) { | |
41 UMA_HISTOGRAM_BOOLEAN( | |
42 "SafeBrowsing.Pref.Scout.SetPref.SBER2Pref.SecurityInterstitial", | |
43 report); | |
44 } else { | |
45 UMA_HISTOGRAM_BOOLEAN( | |
46 "SafeBrowsing.Pref.Scout.SetPref.SBER1Pref.SecurityInterstitial", | |
47 report); | |
48 } | |
49 } | |
50 | |
51 } // namespace | |
52 | |
53 SafeBrowsingErrorUI::SafeBrowsingErrorUI( | |
54 const GURL& request_url, | |
55 const GURL& main_frame_url, | |
56 SBInterstitialReason reason, | |
57 const SBErrorDisplayOptions& display_options, | |
58 const std::string& app_locale, | |
59 const base::Time& time_triggered, | |
60 ControllerClient* controller) | |
61 : request_url_(request_url), | |
62 main_frame_url_(main_frame_url), | |
63 interstitial_reason_(reason), | |
64 display_options_(display_options), | |
65 app_locale_(app_locale), | |
66 time_triggered_(time_triggered), | |
67 controller_(controller) { | |
68 controller_->metrics_helper()->RecordUserDecision(MetricsHelper::SHOW); | |
69 controller_->metrics_helper()->RecordUserInteraction( | |
70 MetricsHelper::TOTAL_VISITS); | |
71 if (display_options_.is_proceed_anyway_disabled) | |
72 controller_->metrics_helper()->RecordUserDecision( | |
73 security_interstitials::MetricsHelper::PROCEEDING_DISABLED); | |
74 } | |
75 | |
76 SafeBrowsingErrorUI::~SafeBrowsingErrorUI() { | |
77 controller_->metrics_helper()->RecordShutdownMetrics(); | |
78 } | |
79 | |
80 void SafeBrowsingErrorUI::PopulateStringsForHTML( | |
81 base::DictionaryValue* load_time_data) { | |
82 DCHECK(load_time_data); | |
83 | |
84 load_time_data->SetString("type", "SAFEBROWSING"); | |
85 load_time_data->SetString( | |
86 "tabTitle", l10n_util::GetStringUTF16(IDS_SAFEBROWSING_V3_TITLE)); | |
87 load_time_data->SetString( | |
88 "openDetails", | |
89 l10n_util::GetStringUTF16(IDS_SAFEBROWSING_V3_OPEN_DETAILS_BUTTON)); | |
90 load_time_data->SetString( | |
91 "closeDetails", | |
92 l10n_util::GetStringUTF16(IDS_SAFEBROWSING_V3_CLOSE_DETAILS_BUTTON)); | |
93 load_time_data->SetString( | |
94 "primaryButtonText", | |
95 l10n_util::GetStringUTF16(IDS_SAFEBROWSING_OVERRIDABLE_SAFETY_BUTTON)); | |
96 load_time_data->SetBoolean("overridable", | |
97 !display_options_.is_proceed_anyway_disabled); | |
98 load_time_data->SetBoolean("hide_primary_button", !controller_->CanGoBack()); | |
99 | |
100 switch (interstitial_reason_) { | |
101 case SB_REASON_MALWARE: | |
102 PopulateMalwareLoadTimeData(load_time_data); | |
103 break; | |
104 case SB_REASON_HARMFUL: | |
105 PopulateHarmfulLoadTimeData(load_time_data); | |
106 break; | |
107 case SB_REASON_PHISHING: | |
108 PopulatePhishingLoadTimeData(load_time_data); | |
109 break; | |
110 } | |
111 | |
112 PopulateExtendedReportingOption(load_time_data); | |
113 } | |
114 | |
115 void SafeBrowsingErrorUI::HandleCommand(SecurityInterstitialCommands command) { | |
116 switch (command) { | |
117 case CMD_PROCEED: { | |
118 // User pressed on the button to proceed. | |
119 if (!display_options_.is_proceed_anyway_disabled) { | |
120 controller_->metrics_helper()->RecordUserDecision( | |
121 MetricsHelper::PROCEED); | |
122 controller_->Proceed(); | |
123 break; | |
124 } | |
125 } | |
126 // If the user can't proceed, fall through to CMD_DONT_PROCEED. | |
127 case CMD_DONT_PROCEED: { | |
128 // User pressed on the button to return to safety. | |
129 // Don't record the user action here because there are other ways of | |
130 // triggering DontProceed, like clicking the back button. | |
131 if (display_options_.is_resource_cancellable) { | |
132 // If the load is blocked, we want to close the interstitial and discard | |
133 // the pending entry. | |
134 controller_->GoBack(); | |
135 } else { | |
136 // Otherwise the offending entry has committed, and we need to go back | |
137 // or to a safe page. We will close the interstitial when that page | |
138 // commits. | |
139 controller_->GoBackAfterNavigationCommitted(); | |
140 } | |
141 break; | |
142 } | |
143 case CMD_DO_REPORT: { | |
144 // User enabled SB Extended Reporting via the checkbox. | |
145 display_options_.is_extended_reporting_enabled = true; | |
146 controller_->SetReportingPreference(true); | |
147 RecordExtendedReportingPrefChanged( | |
148 true, display_options_.is_scout_reporting_enabled); | |
149 break; | |
150 } | |
151 case CMD_DONT_REPORT: { | |
152 // User disabled SB Extended Reporting via the checkbox. | |
153 display_options_.is_extended_reporting_enabled = false; | |
154 controller_->SetReportingPreference(false); | |
155 RecordExtendedReportingPrefChanged( | |
156 false, display_options_.is_scout_reporting_enabled); | |
157 break; | |
158 } | |
159 case CMD_SHOW_MORE_SECTION: { | |
160 controller_->metrics_helper()->RecordUserInteraction( | |
161 security_interstitials::MetricsHelper::SHOW_ADVANCED); | |
162 break; | |
163 } | |
164 case CMD_OPEN_HELP_CENTER: { | |
165 // User pressed "Learn more". | |
166 controller_->metrics_helper()->RecordUserInteraction( | |
167 security_interstitials::MetricsHelper::SHOW_LEARN_MORE); | |
168 GURL learn_more_url(kLearnMore); | |
169 learn_more_url = | |
170 google_util::AppendGoogleLocaleParam(learn_more_url, app_locale_); | |
171 controller_->OpenUrlInCurrentTab(learn_more_url); | |
172 break; | |
173 } | |
174 case CMD_RELOAD: { | |
175 controller_->metrics_helper()->RecordUserInteraction( | |
176 security_interstitials::MetricsHelper::RELOAD); | |
177 controller_->Reload(); | |
178 break; | |
179 } | |
180 case CMD_OPEN_REPORTING_PRIVACY: { | |
181 // User pressed on the SB Extended Reporting "privacy policy" link. | |
182 controller_->OpenExtendedReportingPrivacyPolicy(); | |
183 break; | |
184 } | |
185 case CMD_OPEN_WHITEPAPER: { | |
186 controller_->OpenExtendedReportingWhitepaper(); | |
187 break; | |
188 } | |
189 case CMD_OPEN_DIAGNOSTIC: { | |
190 controller_->metrics_helper()->RecordUserInteraction( | |
191 security_interstitials::MetricsHelper::SHOW_DIAGNOSTIC); | |
192 std::string diagnostic = base::StringPrintf( | |
193 kSbDiagnosticUrl, | |
194 net::EscapeQueryParamValue(request_url_.spec(), true).c_str()); | |
195 GURL diagnostic_url(diagnostic); | |
196 diagnostic_url = | |
197 google_util::AppendGoogleLocaleParam(diagnostic_url, app_locale_); | |
198 controller_->OpenUrlInCurrentTab(diagnostic_url); | |
199 break; | |
200 } | |
201 case CMD_REPORT_PHISHING_ERROR: { | |
202 controller_->metrics_helper()->RecordUserInteraction( | |
203 security_interstitials::MetricsHelper::REPORT_PHISHING_ERROR); | |
204 GURL phishing_error_url(kReportPhishingErrorUrl); | |
205 phishing_error_url = | |
206 google_util::AppendGoogleLocaleParam(phishing_error_url, app_locale_); | |
207 controller_->OpenUrlInCurrentTab(phishing_error_url); | |
208 break; | |
209 } | |
210 case CMD_OPEN_DATE_SETTINGS: | |
211 case CMD_OPEN_LOGIN: | |
212 case CMD_ERROR: | |
213 case CMD_TEXT_FOUND: | |
214 case CMD_TEXT_NOT_FOUND: | |
215 break; | |
216 } | |
217 } | |
218 | |
219 bool SafeBrowsingErrorUI::CanShowExtendedReportingOption() { | |
220 return !is_off_the_record() && is_extended_reporting_opt_in_allowed(); | |
221 } | |
222 | |
223 void SafeBrowsingErrorUI::PopulateMalwareLoadTimeData( | |
224 base::DictionaryValue* load_time_data) { | |
225 load_time_data->SetBoolean("phishing", false); | |
226 load_time_data->SetString("heading", | |
227 l10n_util::GetStringUTF16(IDS_MALWARE_V3_HEADING)); | |
228 load_time_data->SetString( | |
229 "primaryParagraph", | |
230 l10n_util::GetStringFUTF16( | |
231 IDS_MALWARE_V3_PRIMARY_PARAGRAPH, | |
232 common_string_util::GetFormattedHostName(request_url_))); | |
233 load_time_data->SetString( | |
234 "explanationParagraph", | |
235 display_options_.is_main_frame_load_blocked | |
236 ? l10n_util::GetStringFUTF16( | |
237 IDS_MALWARE_V3_EXPLANATION_PARAGRAPH, | |
238 common_string_util::GetFormattedHostName(request_url_)) | |
239 : l10n_util::GetStringFUTF16( | |
240 IDS_MALWARE_V3_EXPLANATION_PARAGRAPH_SUBRESOURCE, | |
241 base::UTF8ToUTF16(main_frame_url_.host()), | |
242 common_string_util::GetFormattedHostName(request_url_))); | |
243 load_time_data->SetString( | |
244 "finalParagraph", | |
245 l10n_util::GetStringUTF16(IDS_MALWARE_V3_PROCEED_PARAGRAPH)); | |
246 } | |
247 | |
248 void SafeBrowsingErrorUI::PopulateHarmfulLoadTimeData( | |
249 base::DictionaryValue* load_time_data) { | |
250 load_time_data->SetBoolean("phishing", false); | |
251 load_time_data->SetString("heading", | |
252 l10n_util::GetStringUTF16(IDS_HARMFUL_V3_HEADING)); | |
253 load_time_data->SetString( | |
254 "primaryParagraph", | |
255 l10n_util::GetStringFUTF16( | |
256 IDS_HARMFUL_V3_PRIMARY_PARAGRAPH, | |
257 common_string_util::GetFormattedHostName(request_url_))); | |
258 load_time_data->SetString( | |
259 "explanationParagraph", | |
260 l10n_util::GetStringFUTF16( | |
261 IDS_HARMFUL_V3_EXPLANATION_PARAGRAPH, | |
262 common_string_util::GetFormattedHostName(request_url_))); | |
263 load_time_data->SetString( | |
264 "finalParagraph", | |
265 l10n_util::GetStringUTF16(IDS_HARMFUL_V3_PROCEED_PARAGRAPH)); | |
266 } | |
267 | |
268 void SafeBrowsingErrorUI::PopulatePhishingLoadTimeData( | |
269 base::DictionaryValue* load_time_data) { | |
270 load_time_data->SetBoolean("phishing", true); | |
271 load_time_data->SetString("heading", | |
272 l10n_util::GetStringUTF16(IDS_PHISHING_V4_HEADING)); | |
273 load_time_data->SetString( | |
274 "primaryParagraph", | |
275 l10n_util::GetStringFUTF16( | |
276 IDS_PHISHING_V4_PRIMARY_PARAGRAPH, | |
277 common_string_util::GetFormattedHostName(request_url_))); | |
278 load_time_data->SetString( | |
279 "explanationParagraph", | |
280 l10n_util::GetStringFUTF16( | |
281 IDS_PHISHING_V4_EXPLANATION_PARAGRAPH, | |
282 common_string_util::GetFormattedHostName(request_url_))); | |
283 load_time_data->SetString( | |
284 "finalParagraph", | |
285 l10n_util::GetStringUTF16(IDS_PHISHING_V4_PROCEED_AND_REPORT_PARAGRAPH)); | |
286 } | |
287 | |
288 void SafeBrowsingErrorUI::PopulateExtendedReportingOption( | |
289 base::DictionaryValue* load_time_data) { | |
290 bool can_show_extended_reporting_option = CanShowExtendedReportingOption(); | |
291 load_time_data->SetBoolean(security_interstitials::kDisplayCheckBox, | |
292 can_show_extended_reporting_option); | |
293 if (!can_show_extended_reporting_option) | |
294 return; | |
295 | |
296 const std::string privacy_link = base::StringPrintf( | |
297 security_interstitials::kPrivacyLinkHtml, | |
298 security_interstitials::CMD_OPEN_REPORTING_PRIVACY, | |
299 l10n_util::GetStringUTF8(IDS_SAFE_BROWSING_PRIVACY_POLICY_PAGE).c_str()); | |
300 load_time_data->SetString(security_interstitials::kOptInLink, | |
301 l10n_util::GetStringFUTF16( | |
302 display_options_.is_scout_reporting_enabled | |
303 ? IDS_SAFE_BROWSING_SCOUT_REPORTING_AGREE | |
304 : IDS_SAFE_BROWSING_MALWARE_REPORTING_AGREE, | |
305 base::UTF8ToUTF16(privacy_link))); | |
306 load_time_data->SetBoolean(security_interstitials::kBoxChecked, | |
307 display_options_.is_extended_reporting_enabled); | |
308 } | |
309 | |
310 } // security_interstitials | |
OLD | NEW |