OLD | NEW |
| (Empty) |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "components/security_interstitials/core/safe_browsing_error_ui.h" | |
6 | |
7 #include "base/i18n/time_formatting.h" | |
8 #include "base/metrics/histogram_macros.h" | |
9 #include "base/strings/stringprintf.h" | |
10 #include "base/strings/utf_string_conversions.h" | |
11 #include "components/google/core/browser/google_util.h" | |
12 #include "components/security_interstitials/core/common_string_util.h" | |
13 #include "components/security_interstitials/core/metrics_helper.h" | |
14 #include "components/strings/grit/components_strings.h" | |
15 #include "net/base/escape.h" | |
16 #include "ui/base/l10n/l10n_util.h" | |
17 | |
18 namespace security_interstitials { | |
19 namespace { | |
20 | |
21 // URL for the Help Center article on Safe Browsing warnings. | |
22 const char kLearnMore[] = "https://support.google.com/chrome/answer/99020"; | |
23 | |
24 // For malware interstitial pages, we link the problematic URL to Google's | |
25 // diagnostic page. | |
26 #if defined(GOOGLE_CHROME_BUILD) | |
27 const char kSbDiagnosticUrl[] = | |
28 "https://www.google.com/safebrowsing/" | |
29 "diagnostic?site=%s&client=googlechrome"; | |
30 #else | |
31 const char kSbDiagnosticUrl[] = | |
32 "https://www.google.com/safebrowsing/diagnostic?site=%s&client=chromium"; | |
33 #endif | |
34 | |
35 // Constants for the V4 phishing string upgrades. | |
36 const char kReportPhishingErrorUrl[] = | |
37 "https://www.google.com/safebrowsing/report_error/"; | |
38 | |
39 void RecordExtendedReportingPrefChanged(bool report, bool is_scout) { | |
40 if (is_scout) { | |
41 UMA_HISTOGRAM_BOOLEAN( | |
42 "SafeBrowsing.Pref.Scout.SetPref.SBER2Pref.SecurityInterstitial", | |
43 report); | |
44 } else { | |
45 UMA_HISTOGRAM_BOOLEAN( | |
46 "SafeBrowsing.Pref.Scout.SetPref.SBER1Pref.SecurityInterstitial", | |
47 report); | |
48 } | |
49 } | |
50 | |
51 } // namespace | |
52 | |
53 SafeBrowsingErrorUI::SafeBrowsingErrorUI( | |
54 const GURL& request_url, | |
55 const GURL& main_frame_url, | |
56 SBInterstitialReason reason, | |
57 const SBErrorDisplayOptions& display_options, | |
58 const std::string& app_locale, | |
59 const base::Time& time_triggered, | |
60 ControllerClient* controller) | |
61 : request_url_(request_url), | |
62 main_frame_url_(main_frame_url), | |
63 interstitial_reason_(reason), | |
64 display_options_(display_options), | |
65 app_locale_(app_locale), | |
66 time_triggered_(time_triggered), | |
67 controller_(controller) { | |
68 controller_->metrics_helper()->RecordUserDecision(MetricsHelper::SHOW); | |
69 controller_->metrics_helper()->RecordUserInteraction( | |
70 MetricsHelper::TOTAL_VISITS); | |
71 if (display_options_.is_proceed_anyway_disabled) | |
72 controller_->metrics_helper()->RecordUserDecision( | |
73 security_interstitials::MetricsHelper::PROCEEDING_DISABLED); | |
74 } | |
75 | |
76 SafeBrowsingErrorUI::~SafeBrowsingErrorUI() { | |
77 controller_->metrics_helper()->RecordShutdownMetrics(); | |
78 } | |
79 | |
80 void SafeBrowsingErrorUI::PopulateStringsForHTML( | |
81 base::DictionaryValue* load_time_data) { | |
82 DCHECK(load_time_data); | |
83 | |
84 load_time_data->SetString("type", "SAFEBROWSING"); | |
85 load_time_data->SetString( | |
86 "tabTitle", l10n_util::GetStringUTF16(IDS_SAFEBROWSING_V3_TITLE)); | |
87 load_time_data->SetString( | |
88 "openDetails", | |
89 l10n_util::GetStringUTF16(IDS_SAFEBROWSING_V3_OPEN_DETAILS_BUTTON)); | |
90 load_time_data->SetString( | |
91 "closeDetails", | |
92 l10n_util::GetStringUTF16(IDS_SAFEBROWSING_V3_CLOSE_DETAILS_BUTTON)); | |
93 load_time_data->SetString( | |
94 "primaryButtonText", | |
95 l10n_util::GetStringUTF16(IDS_SAFEBROWSING_OVERRIDABLE_SAFETY_BUTTON)); | |
96 load_time_data->SetBoolean("overridable", | |
97 !display_options_.is_proceed_anyway_disabled); | |
98 | |
99 switch (interstitial_reason_) { | |
100 case SB_REASON_MALWARE: | |
101 PopulateMalwareLoadTimeData(load_time_data); | |
102 break; | |
103 case SB_REASON_HARMFUL: | |
104 PopulateHarmfulLoadTimeData(load_time_data); | |
105 break; | |
106 case SB_REASON_PHISHING: | |
107 PopulatePhishingLoadTimeData(load_time_data); | |
108 break; | |
109 } | |
110 | |
111 PopulateExtendedReportingOption(load_time_data); | |
112 } | |
113 | |
114 void SafeBrowsingErrorUI::HandleCommand(SecurityInterstitialCommands command) { | |
115 switch (command) { | |
116 case CMD_PROCEED: { | |
117 // User pressed on the button to proceed. | |
118 if (!display_options_.is_proceed_anyway_disabled) { | |
119 controller_->metrics_helper()->RecordUserDecision( | |
120 MetricsHelper::PROCEED); | |
121 controller_->Proceed(); | |
122 break; | |
123 } | |
124 } | |
125 // If the user can't proceed, fall through to CMD_DONT_PROCEED. | |
126 case CMD_DONT_PROCEED: { | |
127 // User pressed on the button to return to safety. | |
128 // Don't record the user action here because there are other ways of | |
129 // triggering DontProceed, like clicking the back button. | |
130 if (display_options_.is_resource_cancellable) { | |
131 // If the load is blocked, we want to close the interstitial and discard | |
132 // the pending entry. | |
133 controller_->GoBack(); | |
134 } else { | |
135 // Otherwise the offending entry has committed, and we need to go back | |
136 // or to a safe page. We will close the interstitial when that page | |
137 // commits. | |
138 controller_->GoBackAfterNavigationCommitted(); | |
139 } | |
140 break; | |
141 } | |
142 case CMD_DO_REPORT: { | |
143 // User enabled SB Extended Reporting via the checkbox. | |
144 display_options_.is_extended_reporting_enabled = true; | |
145 controller_->SetReportingPreference(true); | |
146 RecordExtendedReportingPrefChanged( | |
147 true, display_options_.is_scout_reporting_enabled); | |
148 break; | |
149 } | |
150 case CMD_DONT_REPORT: { | |
151 // User disabled SB Extended Reporting via the checkbox. | |
152 display_options_.is_extended_reporting_enabled = false; | |
153 controller_->SetReportingPreference(false); | |
154 RecordExtendedReportingPrefChanged( | |
155 false, display_options_.is_scout_reporting_enabled); | |
156 break; | |
157 } | |
158 case CMD_SHOW_MORE_SECTION: { | |
159 controller_->metrics_helper()->RecordUserInteraction( | |
160 security_interstitials::MetricsHelper::SHOW_ADVANCED); | |
161 break; | |
162 } | |
163 case CMD_OPEN_HELP_CENTER: { | |
164 // User pressed "Learn more". | |
165 controller_->metrics_helper()->RecordUserInteraction( | |
166 security_interstitials::MetricsHelper::SHOW_LEARN_MORE); | |
167 GURL learn_more_url(kLearnMore); | |
168 learn_more_url = | |
169 google_util::AppendGoogleLocaleParam(learn_more_url, app_locale_); | |
170 controller_->OpenUrlInCurrentTab(learn_more_url); | |
171 break; | |
172 } | |
173 case CMD_RELOAD: { | |
174 controller_->metrics_helper()->RecordUserInteraction( | |
175 security_interstitials::MetricsHelper::RELOAD); | |
176 controller_->Reload(); | |
177 break; | |
178 } | |
179 case CMD_OPEN_REPORTING_PRIVACY: { | |
180 // User pressed on the SB Extended Reporting "privacy policy" link. | |
181 controller_->OpenExtendedReportingPrivacyPolicy(); | |
182 break; | |
183 } | |
184 case CMD_OPEN_WHITEPAPER: { | |
185 controller_->OpenExtendedReportingWhitepaper(); | |
186 break; | |
187 } | |
188 case CMD_OPEN_DIAGNOSTIC: { | |
189 controller_->metrics_helper()->RecordUserInteraction( | |
190 security_interstitials::MetricsHelper::SHOW_DIAGNOSTIC); | |
191 std::string diagnostic = base::StringPrintf( | |
192 kSbDiagnosticUrl, | |
193 net::EscapeQueryParamValue(request_url_.spec(), true).c_str()); | |
194 GURL diagnostic_url(diagnostic); | |
195 diagnostic_url = | |
196 google_util::AppendGoogleLocaleParam(diagnostic_url, app_locale_); | |
197 controller_->OpenUrlInCurrentTab(diagnostic_url); | |
198 break; | |
199 } | |
200 case CMD_REPORT_PHISHING_ERROR: { | |
201 controller_->metrics_helper()->RecordUserInteraction( | |
202 security_interstitials::MetricsHelper::REPORT_PHISHING_ERROR); | |
203 GURL phishing_error_url(kReportPhishingErrorUrl); | |
204 phishing_error_url = | |
205 google_util::AppendGoogleLocaleParam(phishing_error_url, app_locale_); | |
206 controller_->OpenUrlInCurrentTab(phishing_error_url); | |
207 break; | |
208 } | |
209 case CMD_OPEN_DATE_SETTINGS: | |
210 case CMD_OPEN_LOGIN: | |
211 case CMD_ERROR: | |
212 case CMD_TEXT_FOUND: | |
213 case CMD_TEXT_NOT_FOUND: | |
214 break; | |
215 } | |
216 } | |
217 | |
218 bool SafeBrowsingErrorUI::CanShowExtendedReportingOption() { | |
219 return !is_off_the_record() && is_extended_reporting_opt_in_allowed(); | |
220 } | |
221 | |
222 void SafeBrowsingErrorUI::PopulateMalwareLoadTimeData( | |
223 base::DictionaryValue* load_time_data) { | |
224 load_time_data->SetBoolean("phishing", false); | |
225 load_time_data->SetString("heading", | |
226 l10n_util::GetStringUTF16(IDS_MALWARE_V3_HEADING)); | |
227 load_time_data->SetString( | |
228 "primaryParagraph", | |
229 l10n_util::GetStringFUTF16( | |
230 IDS_MALWARE_V3_PRIMARY_PARAGRAPH, | |
231 common_string_util::GetFormattedHostName(request_url_))); | |
232 load_time_data->SetString( | |
233 "explanationParagraph", | |
234 display_options_.is_main_frame_load_blocked | |
235 ? l10n_util::GetStringFUTF16( | |
236 IDS_MALWARE_V3_EXPLANATION_PARAGRAPH, | |
237 common_string_util::GetFormattedHostName(request_url_)) | |
238 : l10n_util::GetStringFUTF16( | |
239 IDS_MALWARE_V3_EXPLANATION_PARAGRAPH_SUBRESOURCE, | |
240 base::UTF8ToUTF16(main_frame_url_.host()), | |
241 common_string_util::GetFormattedHostName(request_url_))); | |
242 load_time_data->SetString( | |
243 "finalParagraph", | |
244 l10n_util::GetStringUTF16(IDS_MALWARE_V3_PROCEED_PARAGRAPH)); | |
245 } | |
246 | |
247 void SafeBrowsingErrorUI::PopulateHarmfulLoadTimeData( | |
248 base::DictionaryValue* load_time_data) { | |
249 load_time_data->SetBoolean("phishing", false); | |
250 load_time_data->SetString("heading", | |
251 l10n_util::GetStringUTF16(IDS_HARMFUL_V3_HEADING)); | |
252 load_time_data->SetString( | |
253 "primaryParagraph", | |
254 l10n_util::GetStringFUTF16( | |
255 IDS_HARMFUL_V3_PRIMARY_PARAGRAPH, | |
256 common_string_util::GetFormattedHostName(request_url_))); | |
257 load_time_data->SetString( | |
258 "explanationParagraph", | |
259 l10n_util::GetStringFUTF16( | |
260 IDS_HARMFUL_V3_EXPLANATION_PARAGRAPH, | |
261 common_string_util::GetFormattedHostName(request_url_))); | |
262 load_time_data->SetString( | |
263 "finalParagraph", | |
264 l10n_util::GetStringUTF16(IDS_HARMFUL_V3_PROCEED_PARAGRAPH)); | |
265 } | |
266 | |
267 void SafeBrowsingErrorUI::PopulatePhishingLoadTimeData( | |
268 base::DictionaryValue* load_time_data) { | |
269 load_time_data->SetBoolean("phishing", true); | |
270 load_time_data->SetString("heading", | |
271 l10n_util::GetStringUTF16(IDS_PHISHING_V4_HEADING)); | |
272 load_time_data->SetString( | |
273 "primaryParagraph", | |
274 l10n_util::GetStringFUTF16( | |
275 IDS_PHISHING_V4_PRIMARY_PARAGRAPH, | |
276 common_string_util::GetFormattedHostName(request_url_))); | |
277 load_time_data->SetString( | |
278 "explanationParagraph", | |
279 l10n_util::GetStringFUTF16( | |
280 IDS_PHISHING_V4_EXPLANATION_PARAGRAPH, | |
281 common_string_util::GetFormattedHostName(request_url_))); | |
282 load_time_data->SetString( | |
283 "finalParagraph", | |
284 l10n_util::GetStringUTF16(IDS_PHISHING_V4_PROCEED_AND_REPORT_PARAGRAPH)); | |
285 } | |
286 | |
287 void SafeBrowsingErrorUI::PopulateExtendedReportingOption( | |
288 base::DictionaryValue* load_time_data) { | |
289 bool can_show_extended_reporting_option = CanShowExtendedReportingOption(); | |
290 load_time_data->SetBoolean(security_interstitials::kDisplayCheckBox, | |
291 can_show_extended_reporting_option); | |
292 if (!can_show_extended_reporting_option) | |
293 return; | |
294 | |
295 const std::string privacy_link = base::StringPrintf( | |
296 security_interstitials::kPrivacyLinkHtml, | |
297 security_interstitials::CMD_OPEN_REPORTING_PRIVACY, | |
298 l10n_util::GetStringUTF8(IDS_SAFE_BROWSING_PRIVACY_POLICY_PAGE).c_str()); | |
299 load_time_data->SetString(security_interstitials::kOptInLink, | |
300 l10n_util::GetStringFUTF16( | |
301 display_options_.is_scout_reporting_enabled | |
302 ? IDS_SAFE_BROWSING_SCOUT_REPORTING_AGREE | |
303 : IDS_SAFE_BROWSING_MALWARE_REPORTING_AGREE, | |
304 base::UTF8ToUTF16(privacy_link))); | |
305 load_time_data->SetBoolean(security_interstitials::kBoxChecked, | |
306 display_options_.is_extended_reporting_enabled); | |
307 } | |
308 | |
309 } // security_interstitials | |
OLD | NEW |