Add pinned cert interstitial to chrome://interstitials

chrome/browser/ui/webui/interstitials/interstitial_ui.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/ui/webui/interstitials/interstitial_ui.h"
 
 #include "base/atomic_sequence_num.h"
 #include "base/strings/string_number_conversions.h"
 #include "base/strings/string_util.h"
 #include "base/time/time.h"
@@ skipping 119 matching lines @@
   // Random parameters for SSL blocking page.
   int cert_error = net::ERR_CERT_CONTAINS_ERRORS;
   GURL request_url("https://example.com");
   bool overridable = false;
   bool strict_enforcement = false;
   base::Time time_triggered_ = base::Time::NowFromSystemTime();
   std::string url_param;
   if (net::GetValueForKeyInQuery(web_contents->GetURL(),
                                  "url",
                                  &url_param)) {
-    if (GURL(url_param).is_valid())
+    if (GURL(url_param).is_valid()) {
       request_url = GURL(url_param);
+    }
   }
   std::string overridable_param;
   if (net::GetValueForKeyInQuery(web_contents->GetURL(),
                                  "overridable",
                                  &overridable_param)) {
     overridable = overridable_param == "1";
   }
   std::string strict_enforcement_param;
   if (net::GetValueForKeyInQuery(web_contents->GetURL(),
                                  "strict_enforcement",
                                  &strict_enforcement_param)) {
     strict_enforcement = strict_enforcement_param == "1";
   }
+  std::string type_param;
+  if (net::GetValueForKeyInQuery(web_contents->GetURL(), "type", &type_param)) {
+    if (type_param == "pinned_cert") {

[lgarron, 2017/06/27 00:55:59]

"pinned_cert" is still a bit general. How about "pinning_failure" or
"hpkp_failure"?

+      cert_error = net::ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN;
+    }
+  }
   net::SSLInfo ssl_info;
   ssl_info.cert = ssl_info.unverified_cert = CreateFakeCert();
   // This delegate doesn't create an interstitial.
   int options_mask = 0;
   if (overridable)
     options_mask |= security_interstitials::SSLErrorUI::SOFT_OVERRIDE_ENABLED;
   if (strict_enforcement)
     options_mask |= security_interstitials::SSLErrorUI::STRICT_ENFORCEMENT;
   return SSLBlockingPage::Create(
       web_contents, cert_error, ssl_info, request_url, options_mask,
@@ skipping 52 matching lines @@
 
 safe_browsing::SafeBrowsingBlockingPage* CreateSafeBrowsingBlockingPage(
     content::WebContents* web_contents) {
   safe_browsing::SBThreatType threat_type =
       safe_browsing::SB_THREAT_TYPE_URL_MALWARE;
   GURL request_url("http://example.com");
   std::string url_param;
   if (net::GetValueForKeyInQuery(web_contents->GetURL(),
                                  "url",
                                  &url_param)) {
-    if (GURL(url_param).is_valid())
+    if (GURL(url_param).is_valid()) {
       request_url = GURL(url_param);
+    }
   }
   GURL main_frame_url(request_url);
   // TODO(mattm): add flag to change main_frame_url or add dedicated flag to
   // test subresource interstitials.
   std::string type_param;
   if (net::GetValueForKeyInQuery(web_contents->GetURL(),
                                  "type",
                                  &type_param)) {
     // TODO(mattm): add param for SB_THREAT_TYPE_URL_UNWANTED.
     if (type_param == "malware") {
@@ skipping 243 matching lines @@
     } else if (reason_string == "not_signed_in") {
       reason = supervised_user_error_page::NOT_SIGNED_IN;
     }
   }
 
   return supervised_user_error_page::BuildHtml(
       allow_access_requests, profile_image_url, profile_image_url2, custodian,
       custodian_email, second_custodian, second_custodian_email,
       is_child_account, reason, g_browser_process->GetApplicationLocale());
 }