Implement code for Start/Finish threat details collection in WebView.

android_webview/browser/aw_safe_browsing_blocking_page.cc

 // Copyright 2017 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "android_webview/browser/aw_safe_browsing_blocking_page.h"
 
 #include "android_webview/browser/aw_browser_context.h"
 #include "android_webview/browser/aw_safe_browsing_ui_manager.h"
 #include "android_webview/browser/net/aw_url_request_context_getter.h"
+#include "components/safe_browsing/browser/threat_details.h"
+#include "components/safe_browsing/triggers/trigger_manager.h"
 #include "components/security_interstitials/content/security_interstitial_controller_client.h"
 #include "components/security_interstitials/content/unsafe_resource.h"
 #include "components/security_interstitials/core/base_safe_browsing_error_ui.h"
 #include "components/security_interstitials/core/safe_browsing_quiet_error_ui.h"
 #include "content/public/browser/interstitial_page.h"
 #include "content/public/browser/navigation_entry.h"
 #include "content/public/browser/web_contents.h"
 
 using content::InterstitialPage;
 using content::WebContents;
 using security_interstitials::BaseSafeBrowsingErrorUI;
 using security_interstitials::SafeBrowsingQuietErrorUI;
 using security_interstitials::SecurityInterstitialControllerClient;
 
 namespace android_webview {
 
 AwSafeBrowsingBlockingPage::AwSafeBrowsingBlockingPage(
     AwSafeBrowsingUIManager* ui_manager,
     WebContents* web_contents,
     const GURL& main_frame_url,
     const UnsafeResourceList& unsafe_resources,
     std::unique_ptr<SecurityInterstitialControllerClient> controller_client,
     const BaseSafeBrowsingErrorUI::SBErrorDisplayOptions& display_options,
     ErrorUiType errorUiType)
     : BaseBlockingPage(ui_manager,
                        web_contents,
                        main_frame_url,
                        unsafe_resources,
                        std::move(controller_client),
-                       display_options) {
+                       display_options),
+      threat_details_in_progress_(false) {
   if (errorUiType == ErrorUiType::QUIET_SMALL ||
       errorUiType == ErrorUiType::QUIET_GIANT) {
     set_sb_error_ui(base::MakeUnique<SafeBrowsingQuietErrorUI>(
         unsafe_resources[0].url, main_frame_url,
         GetInterstitialReason(unsafe_resources), display_options,
         ui_manager->app_locale(), base::Time::NowFromSystemTime(), controller(),
         errorUiType == ErrorUiType::QUIET_GIANT));
   }
 
-  // TODO(timvolodine): invoke TriggerManager::StartCollectingThreatDetails(),
-  // (via AwBrowserContext, e.g.
-  // AwBrowserContext::FromWebContents(web_contents)), crbug.com/731747.
+  if (unsafe_resources.size() == 1 &&
+      ShouldReportThreatDetails(unsafe_resources[0].threat_type)) {
+    AwBrowserContext* aw_browser_context =
+        AwBrowserContext::FromWebContents(web_contents);
+    // TODO(timvolodine): create a proper history service; currently the
+    // HistoryServiceFactory lives in the chrome/ layer and relies on Profile
+    // which we don't have in Android WebView (crbug.com/731744).
+    threat_details_in_progress_ =
+        aw_browser_context->GetSafeBrowsingTriggerManager()
+            ->StartCollectingThreatDetails(
+                safe_browsing::SafeBrowsingTriggerType::SECURITY_INTERSTITIAL,
+                web_contents, unsafe_resources[0],
+                aw_browser_context->GetAwURLRequestContext(),
+                /*history_service*/ nullptr,
+                sb_error_ui()->get_error_display_options());
+  }
 }
 
 // static
 void AwSafeBrowsingBlockingPage::ShowBlockingPage(
     AwSafeBrowsingUIManager* ui_manager,
     const UnsafeResource& unsafe_resource) {
   DVLOG(1) << __func__ << " " << unsafe_resource.url.spec();
   WebContents* web_contents = unsafe_resource.web_contents_getter.Run();
 
   if (InterstitialPage::GetInterstitialPage(web_contents) &&
@@ skipping 24 matching lines @@
 
     AwSafeBrowsingBlockingPage* blocking_page = new AwSafeBrowsingBlockingPage(
         ui_manager, web_contents, entry ? entry->GetURL() : GURL(),
         unsafe_resources,
         CreateControllerClient(web_contents, unsafe_resources, ui_manager),
         display_options, errorType);
     blocking_page->Show();
   }
 }
 
+void AwSafeBrowsingBlockingPage::FinishThreatDetails(
+    const base::TimeDelta& delay,
+    bool did_proceed,
+    int num_visits) {
+  // Not all interstitials collect threat details (eg., incognito mode).

[lpz, 2017/06/30 14:01:23]

is this comment accurate (eg: is there incognito in webview)?

[timvolodine, 2017/06/30 14:15:11]

Right, no incognito for webview. I've amended the comment to
"Not all interstitials collect threat details, e.g. when not opted in"

+  if (!threat_details_in_progress_)
+    return;
+
+  // Finish computing threat details. TriggerManager will decide if it is safe
+  // to send the report.
+  AwBrowserContext* aw_browser_context =
+      AwBrowserContext::FromWebContents(web_contents());
+  bool report_sent =
+      aw_browser_context->GetSafeBrowsingTriggerManager()
+          ->FinishCollectingThreatDetails(
+              safe_browsing::SafeBrowsingTriggerType::SECURITY_INTERSTITIAL,
+              web_contents(), delay, did_proceed, num_visits,
+              sb_error_ui()->get_error_display_options());
+
+  if (report_sent) {
+    controller()->metrics_helper()->RecordUserInteraction(
+        security_interstitials::MetricsHelper::EXTENDED_REPORTING_IS_ENABLED);
+  }
+}
+
 }  // namespace android_webview