Chromium Code Reviews Chromium Code Reviews
Issue 368143002:
Add a chrome://interstitials page. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "chrome/browser/ui/webui/interstitials/interstitial_ui.h" | |
| 6 | |
| 7 #include "base/strings/string_util.h" | |
| 8 #include "chrome/browser/browser_process.h" | |
| 9 #include "chrome/browser/profiles/profile.h" | |
| 10 #include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h" | |
| 11 #include "chrome/browser/safe_browsing/safe_browsing_service.h" | |
| 12 #include "chrome/browser/ssl/ssl_blocking_page.h" | |
| 13 #include "chrome/common/url_constants.h" | |
| 14 #include "content/public/browser/interstitial_page_delegate.h" | |
| 15 #include "content/public/browser/web_contents.h" | |
| 16 #include "content/public/browser/web_ui.h" | |
| 17 #include "content/public/browser/web_ui_controller.h" | |
| 18 #include "content/public/browser/web_ui_data_source.h" | |
| 19 #include "grit/browser_resources.h" | |
| 20 #include "net/base/net_errors.h" | |
| 21 #include "net/base/url_util.h" | |
| 22 #include "net/cert/x509_certificate.h" | |
| 23 #include "net/ssl/ssl_info.h" | |
| 24 | |
| 25 namespace { | |
| 26 | |
| 27 SSLBlockingPage* CreateSSLBlockingPage(content::WebContents* web_contents) { | |
| 28 // Random parameters for SSL blocking page. | |
| 29 int cert_error = net::ERR_CERT_COMMON_NAME_INVALID; | |
| 30 GURL request_url("http://example.com"); | |
| 31 bool overridable = false; | |
| 32 bool strict_enforcement = false; | |
| 33 base::Callback<void(bool)> callback; | |
| 34 for (net::QueryIterator it(web_contents->GetURL()); | |
|
Bernhard Bauer
2014/07/16 10:22:45
Wouldn't it be a little easier to just use net::Ge
meacer
2014/07/16 21:21:40
It's actually longer now, but I think it's more re
| |
| 35 !it.IsAtEnd(); | |
| 36 it.Advance()) { | |
| 37 if (it.GetKey() == "overridable") { | |
| 38 overridable = it.GetValue() == "1"; | |
| 39 } else if (it.GetKey() == "strict_enforcement") { | |
| 40 strict_enforcement = it.GetValue() == "1"; | |
| 41 } else if (it.GetKey() == "url") { | |
| 42 request_url = GURL(it.GetValue()); | |
| 43 } | |
| 44 } | |
| 45 scoped_refptr<net::X509Certificate> cert1( | |
| 46 new net::X509Certificate(request_url.host(), "CA", | |
| 47 base::Time::Max(), base::Time::Max())); | |
| 48 net::SSLInfo ssl_info; | |
| 49 ssl_info.cert = cert1; | |
| 50 // This delegate doesn't create an interstitial. | |
| 51 return new SSLBlockingPage(web_contents, false, cert_error, ssl_info, | |
| 52 request_url, overridable, strict_enforcement, | |
| 53 callback); | |
|
Bernhard Bauer
2014/07/16 10:22:45
Pass in an empty callback here directly?
meacer
2014/07/16 21:21:39
Done.
| |
| 54 } | |
| 55 | |
| 56 SafeBrowsingBlockingPage* CreateSafeBrowsingBlockingPage( | |
| 57 content::WebContents* web_contents) { | |
| 58 SBThreatType threat_type = SB_THREAT_TYPE_URL_MALWARE; | |
| 59 GURL request_url("http://example.com"); | |
| 60 for (net::QueryIterator it(web_contents->GetURL()); | |
| 61 !it.IsAtEnd(); | |
| 62 it.Advance()) { | |
| 63 if (it.GetKey() == "type") { | |
| 64 if (it.GetValue() == "malware") { | |
| 65 threat_type = SB_THREAT_TYPE_URL_MALWARE; | |
| 66 } else if (it.GetValue() == "phishing") { | |
| 67 threat_type = SB_THREAT_TYPE_URL_PHISHING; | |
| 68 } else if (it.GetValue() == "clientside_malware") { | |
| 69 threat_type = SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL; | |
| 70 } else if (it.GetValue() == "clientside_phishing") { | |
| 71 threat_type = SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL; | |
| 72 } | |
| 73 } else if (it.GetKey() == "url") { | |
| 74 request_url = GURL(it.GetValue()); | |
| 75 } | |
| 76 } | |
| 77 SafeBrowsingBlockingPage::UnsafeResource resource; | |
| 78 resource.url = request_url; | |
| 79 resource.threat_type = threat_type; | |
| 80 return SafeBrowsingBlockingPage::CreateBlockingPage( | |
| 81 g_browser_process->safe_browsing_service()->ui_manager(), | |
| 82 web_contents, | |
| 83 resource); | |
| 84 } | |
| 85 | |
| 86 } // namespace | |
| 87 | |
| 88 InterstitialUI::InterstitialUI(content::WebUI* web_ui) | |
| 89 : WebUIController(web_ui) { | |
| 90 Profile* profile = Profile::FromWebUI(web_ui); | |
| 91 scoped_ptr<InterstitialHTMLSource> html_source( | |
| 92 new InterstitialHTMLSource(profile->GetOriginalProfile(), | |
| 93 web_ui->GetWebContents())); | |
| 94 content::URLDataSource::Add(profile, html_source.release()); | |
| 95 } | |
| 96 | |
| 97 InterstitialUI::~InterstitialUI() { | |
| 98 } | |
| 99 | |
| 100 // InterstitialUI::InterstitialHTMLSource | |
| 101 | |
| 102 InterstitialUI::InterstitialHTMLSource::InterstitialHTMLSource( | |
| 103 Profile* profile, | |
| 104 content::WebContents* web_contents) | |
| 105 : profile_(profile), | |
| 106 web_contents_(web_contents) { | |
| 107 } | |
| 108 | |
| 109 InterstitialUI::InterstitialHTMLSource::~InterstitialHTMLSource() { | |
| 110 } | |
| 111 | |
| 112 std::string InterstitialUI::InterstitialHTMLSource::GetMimeType( | |
| 113 const std::string& mime_type) const { | |
| 114 return "text/html"; | |
| 115 } | |
| 116 | |
| 117 std::string InterstitialUI::InterstitialHTMLSource::GetSource() const { | |
| 118 return chrome::kChromeUIInterstitialHost; | |
| 119 } | |
| 120 | |
| 121 bool InterstitialUI::InterstitialHTMLSource::ShouldAddContentSecurityPolicy() | |
| 122 const { | |
| 123 return false; | |
| 124 } | |
| 125 | |
| 126 void InterstitialUI::InterstitialHTMLSource::StartDataRequest( | |
| 127 const std::string& path, | |
| 128 int render_process_id, | |
| 129 int render_frame_id, | |
| 130 const content::URLDataSource::GotDataCallback& callback) { | |
| 131 scoped_ptr<content::InterstitialPageDelegate> interstitial_delegate; | |
| 132 if (StartsWithASCII(path, "ssl", true)) { | |
| 133 interstitial_delegate.reset(CreateSSLBlockingPage(web_contents_)); | |
| 134 } else if (StartsWithASCII(path, "safebrowsing", true)) { | |
| 135 interstitial_delegate.reset(CreateSafeBrowsingBlockingPage(web_contents_)); | |
| 136 } | |
| 137 | |
| 138 std::string html; | |
| 139 if (interstitial_delegate.get()) { | |
| 140 html = interstitial_delegate.get()->GetHTMLContents(); | |
| 141 } else { | |
| 142 html = "<html><head><title>Interstitials</title></head>" | |
| 143 "<body><h2>Choose an interstitial<h2>" | |
| 144 "<h3>SSL</h3>" | |
| 145 "<a href='ssl'>example.com</a><br>" | |
| 146 "<a href='ssl?url=https://google.com'>SSL (google.com)</a><br>" | |
| 147 "<a href='ssl?overridable=1&strict_enforcement=0'>" | |
| 148 " example.com (Overridable)</a>" | |
| 149 "<br><br>" | |
| 150 "<h3>SafeBrowsing</h3>" | |
| 151 "<a href='safebrowsing?type=malware'>Malware</a><br>" | |
| 152 "<a href='safebrowsing?type=clientside_malware'>" | |
| 153 " Client Side Malware</a><br>" | |
| 154 "<a href='safebrowsing?type=phishing'>Phishing</a><br>" | |
| 155 "<a href='safebrowsing?type=clientside_phishing'>" | |
| 156 " Client Side Phishing</a><br>" | |
| 157 "</body></html>"; | |
| 158 } | |
| 159 scoped_refptr<base::RefCountedString> html_bytes = new base::RefCountedString; | |
| 160 html_bytes->data().assign(html.begin(), html.end()); | |
| 161 callback.Run(html_bytes.get()); | |
| 162 } | |
| OLD | NEW |
