| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "chrome/browser/ui/webui/interstitials/interstitial_ui.h" |
| 6 |
| 7 #include "base/strings/string_util.h" |
| 8 #include "chrome/browser/browser_process.h" |
| 9 #include "chrome/browser/profiles/profile.h" |
| 10 #include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h" |
| 11 #include "chrome/browser/safe_browsing/safe_browsing_service.h" |
| 12 #include "chrome/browser/ssl/ssl_blocking_page.h" |
| 13 #include "chrome/common/url_constants.h" |
| 14 #include "content/public/browser/interstitial_page_delegate.h" |
| 15 #include "content/public/browser/web_contents.h" |
| 16 #include "content/public/browser/web_ui.h" |
| 17 #include "content/public/browser/web_ui_controller.h" |
| 18 #include "content/public/browser/web_ui_data_source.h" |
| 19 #include "grit/browser_resources.h" |
| 20 #include "net/base/net_errors.h" |
| 21 #include "net/base/url_util.h" |
| 22 #include "net/cert/x509_certificate.h" |
| 23 #include "net/ssl/ssl_info.h" |
| 24 |
| 25 namespace { |
| 26 |
| 27 class InterstitialHTMLSource : public content::URLDataSource { |
| 28 public: |
| 29 InterstitialHTMLSource(Profile* profile, |
| 30 content::WebContents* web_contents); |
| 31 virtual ~InterstitialHTMLSource(); |
| 32 |
| 33 // content::URLDataSource: |
| 34 virtual std::string GetMimeType( |
| 35 const std::string& mime_type) const OVERRIDE; |
| 36 virtual std::string GetSource() const OVERRIDE; |
| 37 virtual bool ShouldAddContentSecurityPolicy() const OVERRIDE; |
| 38 virtual void StartDataRequest( |
| 39 const std::string& path, |
| 40 int render_process_id, |
| 41 int render_frame_id, |
| 42 const content::URLDataSource::GotDataCallback& callback) OVERRIDE; |
| 43 |
| 44 private: |
| 45 Profile* profile_; |
| 46 content::WebContents* web_contents_; |
| 47 DISALLOW_COPY_AND_ASSIGN(InterstitialHTMLSource); |
| 48 }; |
| 49 |
| 50 SSLBlockingPage* CreateSSLBlockingPage(content::WebContents* web_contents) { |
| 51 // Random parameters for SSL blocking page. |
| 52 int cert_error = net::ERR_CERT_COMMON_NAME_INVALID; |
| 53 GURL request_url("http://example.com"); |
| 54 bool overridable = false; |
| 55 bool strict_enforcement = false; |
| 56 std::string url_param; |
| 57 if (net::GetValueForKeyInQuery(web_contents->GetURL(), |
| 58 "url", |
| 59 &url_param)) { |
| 60 request_url = GURL(url_param); |
| 61 } |
| 62 std::string overridable_param; |
| 63 if (net::GetValueForKeyInQuery(web_contents->GetURL(), |
| 64 "overridable", |
| 65 &overridable_param)) { |
| 66 overridable = overridable_param == "1"; |
| 67 } |
| 68 std::string strict_enforcement_param; |
| 69 if (net::GetValueForKeyInQuery(web_contents->GetURL(), |
| 70 "strict_enforcement", |
| 71 &strict_enforcement_param)) { |
| 72 strict_enforcement = strict_enforcement_param == "1"; |
| 73 } |
| 74 scoped_refptr<net::X509Certificate> cert1( |
| 75 new net::X509Certificate(request_url.host(), "CA", |
| 76 base::Time::Max(), base::Time::Max())); |
| 77 net::SSLInfo ssl_info; |
| 78 ssl_info.cert = cert1; |
| 79 // This delegate doesn't create an interstitial. |
| 80 return SSLBlockingPage::CreateForWebUI(web_contents, cert_error, ssl_info, |
| 81 request_url, overridable, |
| 82 strict_enforcement); |
| 83 } |
| 84 |
| 85 SafeBrowsingBlockingPage* CreateSafeBrowsingBlockingPage( |
| 86 content::WebContents* web_contents) { |
| 87 SBThreatType threat_type = SB_THREAT_TYPE_URL_MALWARE; |
| 88 GURL request_url("http://example.com"); |
| 89 std::string url_param; |
| 90 if (net::GetValueForKeyInQuery(web_contents->GetURL(), |
| 91 "url", |
| 92 &url_param)) { |
| 93 request_url = GURL(url_param); |
| 94 } |
| 95 std::string type_param; |
| 96 if (net::GetValueForKeyInQuery(web_contents->GetURL(), |
| 97 "type", |
| 98 &type_param)) { |
| 99 if (type_param == "malware") { |
| 100 threat_type = SB_THREAT_TYPE_URL_MALWARE; |
| 101 } else if (type_param == "phishing") { |
| 102 threat_type = SB_THREAT_TYPE_URL_PHISHING; |
| 103 } else if (type_param == "clientside_malware") { |
| 104 threat_type = SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL; |
| 105 } else if (type_param == "clientside_phishing") { |
| 106 threat_type = SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL; |
| 107 } |
| 108 } |
| 109 SafeBrowsingBlockingPage::UnsafeResource resource; |
| 110 resource.url = request_url; |
| 111 resource.threat_type = threat_type; |
| 112 return SafeBrowsingBlockingPage::CreateBlockingPage( |
| 113 g_browser_process->safe_browsing_service()->ui_manager(), |
| 114 web_contents, |
| 115 resource); |
| 116 } |
| 117 |
| 118 } // namespace |
| 119 |
| 120 InterstitialUI::InterstitialUI(content::WebUI* web_ui) |
| 121 : WebUIController(web_ui) { |
| 122 Profile* profile = Profile::FromWebUI(web_ui); |
| 123 scoped_ptr<InterstitialHTMLSource> html_source( |
| 124 new InterstitialHTMLSource(profile->GetOriginalProfile(), |
| 125 web_ui->GetWebContents())); |
| 126 content::URLDataSource::Add(profile, html_source.release()); |
| 127 } |
| 128 |
| 129 InterstitialUI::~InterstitialUI() { |
| 130 } |
| 131 |
| 132 // InterstitialHTMLSource |
| 133 |
| 134 InterstitialHTMLSource::InterstitialHTMLSource( |
| 135 Profile* profile, |
| 136 content::WebContents* web_contents) |
| 137 : profile_(profile), |
| 138 web_contents_(web_contents) { |
| 139 } |
| 140 |
| 141 InterstitialHTMLSource::~InterstitialHTMLSource() { |
| 142 } |
| 143 |
| 144 std::string InterstitialHTMLSource::GetMimeType( |
| 145 const std::string& mime_type) const { |
| 146 return "text/html"; |
| 147 } |
| 148 |
| 149 std::string InterstitialHTMLSource::GetSource() const { |
| 150 return chrome::kChromeUIInterstitialHost; |
| 151 } |
| 152 |
| 153 bool InterstitialHTMLSource::ShouldAddContentSecurityPolicy() |
| 154 const { |
| 155 return false; |
| 156 } |
| 157 |
| 158 void InterstitialHTMLSource::StartDataRequest( |
| 159 const std::string& path, |
| 160 int render_process_id, |
| 161 int render_frame_id, |
| 162 const content::URLDataSource::GotDataCallback& callback) { |
| 163 scoped_ptr<content::InterstitialPageDelegate> interstitial_delegate; |
| 164 if (StartsWithASCII(path, "ssl", true)) { |
| 165 interstitial_delegate.reset(CreateSSLBlockingPage(web_contents_)); |
| 166 } else if (StartsWithASCII(path, "safebrowsing", true)) { |
| 167 interstitial_delegate.reset(CreateSafeBrowsingBlockingPage(web_contents_)); |
| 168 } |
| 169 |
| 170 std::string html; |
| 171 if (interstitial_delegate.get()) { |
| 172 html = interstitial_delegate.get()->GetHTMLContents(); |
| 173 } else { |
| 174 html = "<html><head><title>Interstitials</title></head>" |
| 175 "<body><h2>Choose an interstitial<h2>" |
| 176 "<h3>SSL</h3>" |
| 177 "<a href='ssl'>example.com</a><br>" |
| 178 "<a href='ssl?url=https://google.com'>SSL (google.com)</a><br>" |
| 179 "<a href='ssl?overridable=1&strict_enforcement=0'>" |
| 180 " example.com (Overridable)</a>" |
| 181 "<br><br>" |
| 182 "<h3>SafeBrowsing</h3>" |
| 183 "<a href='safebrowsing?type=malware'>Malware</a><br>" |
| 184 "<a href='safebrowsing?type=clientside_malware'>" |
| 185 " Client Side Malware</a><br>" |
| 186 "<a href='safebrowsing?type=phishing'>Phishing</a><br>" |
| 187 "<a href='safebrowsing?type=clientside_phishing'>" |
| 188 " Client Side Phishing</a><br>" |
| 189 "</body></html>"; |
| 190 } |
| 191 scoped_refptr<base::RefCountedString> html_bytes = new base::RefCountedString; |
| 192 html_bytes->data().assign(html.begin(), html.end()); |
| 193 callback.Run(html_bytes.get()); |
| 194 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 368143002:
Add a chrome://interstitials page. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src