Add custom interstitial for captive portals.

chrome/browser/ssl/ssl_error_handler.cc

Index: chrome/browser/ssl/ssl_error_handler.cc
diff --git a/chrome/browser/ssl/ssl_error_handler.cc b/chrome/browser/ssl/ssl_error_handler.cc
new file mode 100644
index 0000000000000000000000000000000000000000..88328a8ad08430bc9bcc397459ed4694bb46236a
--- /dev/null
+++ b/chrome/browser/ssl/ssl_error_handler.cc
@@ -0,0 +1,183 @@
+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/ssl/ssl_error_handler.h"
+
+#include "base/metrics/histogram.h"
+#include "base/time/time.h"
+#include "chrome/browser/profiles/profile.h"
+#include "chrome/browser/ssl/ssl_blocking_page.h"
+#include "content/public/browser/notification_service.h"
+#include "content/public/browser/notification_source.h"
+#include "content/public/browser/web_contents.h"
+
+#if defined(ENABLE_CAPTIVE_PORTAL_DETECTION)
+#include "chrome/browser/captive_portal/captive_portal_service.h"
+#include "chrome/browser/captive_portal/captive_portal_service_factory.h"
+#include "chrome/browser/captive_portal/captive_portal_tab_helper.h"
+#include "chrome/browser/ssl/captive_portal_blocking_page.h"
+#endif
+
+namespace {
+
+// The delay before displaying the SSL interstitial for cert errors.
+// - If a "captive portal detected" result arrives in this many seconds,
+//   a captive portal interstitial is displayed.
+// - Otherwise, an SSL interstitial is displayed.
+const int kDefaultInterstitialDisplayDelay = 2;

[Bernhard Bauer, 2014/12/18 18:10:06]

Add an "S" or "Seconds" suffix to clarify the unit?

[meacer, 2014/12/19 02:42:24]

Done.

+
+// Events for UMA.
+enum SSLErrorHandlerEvent {
+  HANDLE_ALL,
+  SHOW_CAPTIVE_PORTAL_INTERSTITIAL,
+  SHOW_CAPTIVE_PORTAL_INTERSTITIAL_OVERRIDABLE,
+  SHOW_SSL_INTERSTITIAL,
+  SHOW_SSL_INTERSTITIAL_OVERRIDABLE,
+  SSL_ERROR_HANDLER_EVENT_COUNT
+};
+
+void RecordUMA(SSLErrorHandlerEvent event) {
+  UMA_HISTOGRAM_ENUMERATION("interstitial.ssl_error_handler",
+                            event,
+                            SSL_ERROR_HANDLER_EVENT_COUNT);
+}
+
+}  // namespace
+
+// static
+base::TimeDelta SSLErrorHandler::interstitial_display_delay_ =

[Bernhard Bauer, 2014/12/18 18:10:06]

You could probably put these into the anonymous namespace if they're private and
static.

[meacer, 2014/12/19 02:42:24]

Done.

+    base::TimeDelta::FromSeconds(kDefaultInterstitialDisplayDelay);
+
+// static
+SSLErrorHandler::TimerFiredCallback* SSLErrorHandler::timer_fired_callback_ =
+    NULL;

[Bernhard Bauer, 2014/12/18 18:10:06]

nullptr

[meacer, 2014/12/19 02:42:24]

Done.

+
+SSLErrorHandler::SSLErrorHandler(content::WebContents* web_contents,
+                                 int cert_error,
+                                 const net::SSLInfo& ssl_info,
+                                 const GURL& request_url,
+                                 const int options_mask,
+                                 const base::Callback<void(bool)>& callback)
+    : content::WebContentsObserver(web_contents),
+      cert_error_(cert_error),
+      ssl_info_(ssl_info),
+      request_url_(request_url),
+      options_mask_(options_mask),
+      callback_(callback) {
+#if defined(ENABLE_CAPTIVE_PORTAL_DETECTION)
+  Profile* profile = Profile::FromBrowserContext(
+      web_contents->GetBrowserContext());
+  registrar_.Add(this,
+                 chrome::NOTIFICATION_CAPTIVE_PORTAL_CHECK_RESULT,
+                 content::Source<Profile>(profile));
+#endif
+}
+
+SSLErrorHandler::~SSLErrorHandler() {
+}
+
+void SSLErrorHandler::HandleSSLError(
+    content::WebContents* web_contents,
+    int cert_error,
+    const net::SSLInfo& ssl_info,
+    const GURL& request_url,
+    int options_mask,
+    const base::Callback<void(bool)>& callback) {
+#if defined(ENABLE_CAPTIVE_PORTAL_DETECTION)
+  CaptivePortalTabHelper* captive_portal_tab_helper =
+      CaptivePortalTabHelper::FromWebContents(web_contents);
+  if (captive_portal_tab_helper) {
+    captive_portal_tab_helper->OnSSLCertError(ssl_info);
+  }
+#endif
+  (new SSLErrorHandler(web_contents, cert_error, ssl_info, request_url,
+                       options_mask, callback))->StartHandlingError();
+}
+
+void SSLErrorHandler::StartHandlingError() {
+  RecordUMA(HANDLE_ALL);
+
+#if defined(ENABLE_CAPTIVE_PORTAL_DETECTION)
+  CheckForCaptivePortal();
+  timer_.Start(FROM_HERE, interstitial_display_delay_,
+               base::Bind(&SSLErrorHandler::OnTimerExpired,
+                          base::Unretained(this)));
+  if (timer_fired_callback_ && !timer_fired_callback_->is_null())

[Bernhard Bauer, 2014/12/18 18:10:06]

Couldn't we simply make it an error to set |timer_fired_callback_| to a pointer
to a null callback? :)

[meacer, 2014/12/19 02:42:24]

Added the check to SetInterstitialTimerFiredCallbackForTest.

+    timer_fired_callback_->Run(web_contents());
+  return;
+#endif

[Bernhard Bauer, 2014/12/18 18:10:06]

You could put the ShowSSLInterstitial() call into an #else instead of having
nonreachable code after the return.

[meacer, 2014/12/19 02:42:24]

Hmm, there was some other logic inside the #if and the fallthrough made sense
back then. Done.

+  // Display an SSL interstitial.
+  ShowSSLInterstitial();
+}
+
+void SSLErrorHandler::OnTimerExpired() {
+  ShowSSLInterstitial();
+}
+
+void SSLErrorHandler::CheckForCaptivePortal() {
+#if defined(ENABLE_CAPTIVE_PORTAL_DETECTION)
+  Profile* profile = Profile::FromBrowserContext(
+      web_contents()->GetBrowserContext());
+  CaptivePortalService* captive_portal_service =
+      CaptivePortalServiceFactory::GetForProfile(profile);
+  captive_portal_service->DetectCaptivePortal();
+#else
+  NOTREACHED();
+#endif
+}
+
+void SSLErrorHandler::ShowCaptivePortalInterstitial() {
+#if defined(ENABLE_CAPTIVE_PORTAL_DETECTION)
+  // Show captive portal blocking page. The interstitial owns the blocking page.
+  RecordUMA(SSLBlockingPage::IsOverridable(options_mask_) ?
+            SHOW_CAPTIVE_PORTAL_INTERSTITIAL_OVERRIDABLE :
+            SHOW_CAPTIVE_PORTAL_INTERSTITIAL);
+  (new CaptivePortalBlockingPage(web_contents(), request_url_))->Show();
+  delete this;
+#else
+  NOTREACHED();
+#endif
+}
+
+void SSLErrorHandler::ShowSSLInterstitial() {
+  // Show SSL blocking page. The interstitial owns the blocking page.
+  RecordUMA(SSLBlockingPage::IsOverridable(options_mask_) ?
+            SHOW_SSL_INTERSTITIAL_OVERRIDABLE :
+            SHOW_SSL_INTERSTITIAL);
+  (new SSLBlockingPage(web_contents(), cert_error_, ssl_info_, request_url_,
+                       options_mask_, callback_))->Show();
+  delete this;
+}
+
+void SSLErrorHandler::Observe(
+    int type,
+    const content::NotificationSource& source,
+    const content::NotificationDetails& details) {
+#if defined(ENABLE_CAPTIVE_PORTAL_DETECTION)
+  if (type == chrome::NOTIFICATION_CAPTIVE_PORTAL_CHECK_RESULT) {
+    timer_.Stop();
+    CaptivePortalService::Results* results =
+        content::Details<CaptivePortalService::Results>(details).ptr();
+    if (results->result == captive_portal::RESULT_BEHIND_CAPTIVE_PORTAL)
+      ShowCaptivePortalInterstitial();
+    else
+      ShowSSLInterstitial();
+  }
+#endif
+}
+
+void SSLErrorHandler::DidStartNavigationToPendingEntry(
+    const GURL& url,
+    content::NavigationController::ReloadType reload_type) {
+  delete this;
+}
+
+void SSLErrorHandler::DidStopLoading(
+    content::RenderViewHost* render_view_host) {
+  delete this;
+}
+
+void SSLErrorHandler::WebContentsDestroyed() {
+  delete this;

[Bernhard Bauer, 2014/12/18 18:10:06]

Another idea: If this class's lifetime is tied to the lifetime of the
WebContents anyway, you could make it a WebContentsUserData. That would allow
you to get rid of the self-deletions here (which at least make me a little
queasy).

[meacer, 2014/12/19 02:42:24]

I thought of this before but never did it. Done now. There is still some manual
deletion here in ShowSSLInterstitial and ShowCaptivePortalInterstitial where I
destroy the instance, but other than that it's now a WebContentsUserData and the
tests pass.

+}