| OLD | NEW |
|---|
| 1 // Copyright 2017 The Chromium Authors. All rights reserved. | 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/safe_browsing/chrome_password_protection_service.h" | 5 #include "chrome/browser/safe_browsing/chrome_password_protection_service.h" |
| 6 | 6 |
| 7 #include "base/feature_list.h" | 7 #include "base/feature_list.h" |
| 8 #include "base/metrics/field_trial_params.h" | 8 #include "base/metrics/field_trial_params.h" |
| 9 #include "base/metrics/histogram_macros.h" | 9 #include "base/metrics/histogram_macros.h" |
| 10 #include "chrome/browser/content_settings/host_content_settings_map_factory.h" | 10 #include "chrome/browser/content_settings/host_content_settings_map_factory.h" |
| 11 #include "chrome/browser/history/history_service_factory.h" | 11 #include "chrome/browser/history/history_service_factory.h" |
| 12 #include "chrome/browser/profiles/profile.h" | 12 #include "chrome/browser/profiles/profile.h" |
| 13 #include "chrome/browser/safe_browsing/safe_browsing_navigation_observer_manager
.h" | 13 #include "chrome/browser/safe_browsing/safe_browsing_navigation_observer_manager
.h" |
| 14 #include "chrome/browser/safe_browsing/safe_browsing_service.h" | 14 #include "chrome/browser/safe_browsing/safe_browsing_service.h" |
| 15 #include "chrome/browser/safe_browsing/ui_manager.h" |
| 15 #include "chrome/browser/sync/profile_sync_service_factory.h" | 16 #include "chrome/browser/sync/profile_sync_service_factory.h" |
| 17 #include "chrome/common/pref_names.h" |
| 16 #include "components/browser_sync/profile_sync_service.h" | 18 #include "components/browser_sync/profile_sync_service.h" |
| 19 #include "components/prefs/pref_service.h" |
| 17 #include "components/safe_browsing/common/safe_browsing_prefs.h" | 20 #include "components/safe_browsing/common/safe_browsing_prefs.h" |
| 18 #include "components/safe_browsing/password_protection/password_protection_reque
st.h" | 21 #include "components/safe_browsing/password_protection/password_protection_reque
st.h" |
| 19 #include "components/safe_browsing_db/database_manager.h" | 22 #include "components/safe_browsing_db/database_manager.h" |
| 23 #include "content/public/browser/render_frame_host.h" |
| 24 #include "content/public/browser/render_process_host.h" |
| 25 #include "content/public/browser/web_contents.h" |
| 20 | 26 |
| 21 using content::BrowserThread; | 27 using content::BrowserThread; |
| 22 | 28 |
| 23 namespace safe_browsing { | 29 namespace safe_browsing { |
| 24 | 30 |
| 25 namespace { | 31 namespace { |
| 26 | 32 |
| 27 // The number of user gestures we trace back for login event attribution. | 33 // The number of user gestures we trace back for login event attribution. |
| 28 const int kPasswordEventAttributionUserGestureLimit = 2; | 34 const int kPasswordEventAttributionUserGestureLimit = 2; |
| 29 | 35 |
| 30 } // namespace | 36 } // namespace |
| 31 | 37 |
| 32 ChromePasswordProtectionService::ChromePasswordProtectionService( | 38 ChromePasswordProtectionService::ChromePasswordProtectionService( |
| 33 SafeBrowsingService* sb_service, | 39 SafeBrowsingService* sb_service, |
| 34 Profile* profile) | 40 Profile* profile) |
| 35 : PasswordProtectionService( | 41 : PasswordProtectionService( |
| 36 sb_service->database_manager(), | 42 sb_service->database_manager(), |
| 37 sb_service->url_request_context(), | 43 sb_service->url_request_context(), |
| 38 HistoryServiceFactory::GetForProfile( | 44 HistoryServiceFactory::GetForProfile( |
| 39 profile, | 45 profile, |
| 40 ServiceAccessType::EXPLICIT_ACCESS), | 46 ServiceAccessType::EXPLICIT_ACCESS), |
| 41 HostContentSettingsMapFactory::GetForProfile(profile)), | 47 HostContentSettingsMapFactory::GetForProfile(profile)), |
| 48 ui_manager_(sb_service->ui_manager()), |
| 42 profile_(profile), | 49 profile_(profile), |
| 43 navigation_observer_manager_(sb_service->navigation_observer_manager()) { | 50 navigation_observer_manager_(sb_service->navigation_observer_manager()) { |
| 44 DCHECK(profile_); | 51 DCHECK(profile_); |
| 45 } | 52 } |
| 46 | 53 |
| 47 ChromePasswordProtectionService::~ChromePasswordProtectionService() { | 54 ChromePasswordProtectionService::~ChromePasswordProtectionService() { |
| 48 if (content_settings()) { | 55 if (content_settings()) { |
| 49 CleanUpExpiredVerdicts(); | 56 CleanUpExpiredVerdicts(); |
| 50 UMA_HISTOGRAM_COUNTS_1000( | 57 UMA_HISTOGRAM_COUNTS_1000( |
| 51 "PasswordProtection.NumberOfCachedVerdictBeforeShutdown", | 58 "PasswordProtection.NumberOfCachedVerdictBeforeShutdown", |
| (...skipping 23 matching lines...) Expand all Loading... |
| 75 } | 82 } |
| 76 | 83 |
| 77 bool ChromePasswordProtectionService::IsIncognito() { | 84 bool ChromePasswordProtectionService::IsIncognito() { |
| 78 DCHECK(profile_); | 85 DCHECK(profile_); |
| 79 return profile_->IsOffTheRecord(); | 86 return profile_->IsOffTheRecord(); |
| 80 } | 87 } |
| 81 | 88 |
| 82 bool ChromePasswordProtectionService::IsPingingEnabled( | 89 bool ChromePasswordProtectionService::IsPingingEnabled( |
| 83 const base::Feature& feature, | 90 const base::Feature& feature, |
| 84 RequestOutcome* reason) { | 91 RequestOutcome* reason) { |
| 92 // Don't start pinging on an invalid profile, or if user turns off Safe |
| 93 // Browsing service. |
| 94 if (!profile_ || |
| 95 !profile_->GetPrefs()->GetBoolean(prefs::kSafeBrowsingEnabled)) { |
| 96 return false; |
| 97 } |
| 98 |
| 85 DCHECK(feature.name == kProtectedPasswordEntryPinging.name || | 99 DCHECK(feature.name == kProtectedPasswordEntryPinging.name || |
| 86 feature.name == kPasswordFieldOnFocusPinging.name); | 100 feature.name == kPasswordFieldOnFocusPinging.name); |
| 87 if (!base::FeatureList::IsEnabled(feature)) { | 101 if (!base::FeatureList::IsEnabled(feature)) { |
| 88 *reason = DISABLED_DUE_TO_FEATURE_DISABLED; | 102 *reason = DISABLED_DUE_TO_FEATURE_DISABLED; |
| 89 return false; | 103 return false; |
| 90 } | 104 } |
| 91 | 105 |
| 92 bool allowed_incognito = | 106 bool allowed_incognito = |
| 93 base::GetFieldTrialParamByFeatureAsBool(feature, "incognito", false); | 107 base::GetFieldTrialParamByFeatureAsBool(feature, "incognito", false); |
| 94 if (IsIncognito() && !allowed_incognito) { | 108 if (IsIncognito() && !allowed_incognito) { |
| (...skipping 21 matching lines...) Expand all Loading... |
| 116 return allowed_all_population; | 130 return allowed_all_population; |
| 117 } | 131 } |
| 118 | 132 |
| 119 bool ChromePasswordProtectionService::IsHistorySyncEnabled() { | 133 bool ChromePasswordProtectionService::IsHistorySyncEnabled() { |
| 120 browser_sync::ProfileSyncService* sync = | 134 browser_sync::ProfileSyncService* sync = |
| 121 ProfileSyncServiceFactory::GetInstance()->GetForProfile(profile_); | 135 ProfileSyncServiceFactory::GetInstance()->GetForProfile(profile_); |
| 122 return sync && sync->IsSyncActive() && !sync->IsLocalSyncEnabled() && | 136 return sync && sync->IsSyncActive() && !sync->IsLocalSyncEnabled() && |
| 123 sync->GetActiveDataTypes().Has(syncer::HISTORY_DELETE_DIRECTIVES); | 137 sync->GetActiveDataTypes().Has(syncer::HISTORY_DELETE_DIRECTIVES); |
| 124 } | 138 } |
| 125 | 139 |
| 126 ChromePasswordProtectionService::ChromePasswordProtectionService() | 140 void ChromePasswordProtectionService::ShowPhishingInterstitial( |
| 127 : PasswordProtectionService(nullptr, nullptr, nullptr, nullptr) {} | 141 const GURL& phishing_url, |
| 142 const std::string& token, |
| 143 content::WebContents* web_contents) { |
| 144 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
| 145 if (!ui_manager_) |
| 146 return; |
| 147 security_interstitials::UnsafeResource resource; |
| 148 resource.url = phishing_url; |
| 149 resource.original_url = phishing_url; |
| 150 resource.is_subresource = false; |
| 151 resource.threat_type = SB_THREAT_TYPE_PASSWORD_PROTECTION_PHISHING_URL; |
| 152 resource.threat_source = |
| 153 safe_browsing::ThreatSource::PASSWORD_PROTECTION_SERVICE; |
| 154 resource.web_contents_getter = |
| 155 safe_browsing::SafeBrowsingUIManager::UnsafeResource:: |
| 156 GetWebContentsGetter(web_contents->GetRenderProcessHost()->GetID(), |
| 157 web_contents->GetMainFrame()->GetRoutingID()); |
| 158 resource.token = token; |
| 159 if (!ui_manager_->IsWhitelisted(resource)) { |
| 160 web_contents->GetController().DiscardNonCommittedEntries(); |
| 161 } |
| 162 ui_manager_->DisplayBlockingPage(resource); |
| 163 } |
| 164 |
| 165 ChromePasswordProtectionService::ChromePasswordProtectionService( |
| 166 Profile* profile) |
| 167 : PasswordProtectionService(nullptr, nullptr, nullptr, nullptr), |
| 168 profile_(profile) {} |
| 128 } // namespace safe_browsing | 169 } // namespace safe_browsing |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2905343002:
Show interstitial on a password on focus ping with PHISHING verdict. (Closed)
