chrome/browser/ui/webui/interstitials/interstitial_ui.cc - Issue 368143002: Add a chrome://interstitials page.

Side by Side Diff: chrome/browser/ui/webui/interstitials/interstitial_ui.cc

Issue 368143002: Add a chrome://interstitials page. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Style fixes Created 6 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« chrome/browser/ssl/ssl_blocking_page.cc ('K') | « chrome/browser/ui/webui/interstitials/interstitial_ui.h ('k') | chrome/browser/ui/webui/interstitials/interstitial_ui_browsertest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
(Empty)
	1 // Copyright 2014 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #include "chrome/browser/ui/webui/interstitials/interstitial_ui.h"

	6

	7 #include "base/strings/string_util.h"

	8 #include "chrome/browser/browser_process.h"

	9 #include "chrome/browser/profiles/profile.h"

	10 #include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h"

	11 #include "chrome/browser/safe_browsing/safe_browsing_service.h"

	12 #include "chrome/browser/ssl/ssl_blocking_page.h"

	13 #include "chrome/common/url_constants.h"

	14 #include "content/public/browser/interstitial_page_delegate.h"

	15 #include "content/public/browser/web_contents.h"

	16 #include "content/public/browser/web_ui.h"

	17 #include "content/public/browser/web_ui_controller.h"

	18 #include "content/public/browser/web_ui_data_source.h"

	19 #include "grit/browser_resources.h"

	20 #include "net/base/net_errors.h"

	21 #include "net/base/url_util.h"

	22 #include "net/cert/x509_certificate.h"

	23 #include "net/ssl/ssl_info.h"

	24

	25 namespace {

	26

	27 SSLBlockingPage* CreateSSLBlockingPage(content::WebContents* web_contents) {

	28 // Random parameters for SSL blocking page.

	29 int cert_error = net::ERR_CERT_COMMON_NAME_INVALID;

	30 GURL request_url("http://example.com");

	31 bool overridable = false;

	32 bool strict_enforcement = false;

	33 base::Callback<void(bool)> callback;

	34 for (net::QueryIterator it(web_contents->GetURL());

	35 !it.IsAtEnd();

	36 it.Advance()) {

	37 if (it.GetKey() == "overridable") {

	38 overridable = it.GetValue() == "1";

	39 } else if (it.GetKey() == "strict_enforcement") {

	40 strict_enforcement = it.GetValue() == "1";

	41 } else if (it.GetKey() == "url") {

	42 request_url = GURL(it.GetValue());

	43 }

	44 }

	45 scoped_refptr<net::X509Certificate> cert1(

	46 new net::X509Certificate(request_url.host(), "CA",

	47 base::Time::Max(), base::Time::Max()));

	48 net::SSLInfo ssl_info;

	49 ssl_info.cert = cert1;

	50 // This delegate doesn't create an interstitial.

	51 return new SSLBlockingPage(web_contents, false, cert_error, ssl_info,

	52 request_url, overridable, strict_enforcement,

	53 callback);

	54 }

	55

	56 SafeBrowsingBlockingPage* CreateSafebrowsingBlockingPage(
	felt 2014/07/15 01:35:07 nit: usually spelled as SafeBrowsing (capital 'B') nit: usually spelled as SafeBrowsing (capital 'B') meacer 2014/07/15 19:48:06 Done. Show quoted text On 2014/07/15 01:35:07, felt wrote: > nit: usually spelled as SafeBrowsing (capital 'B') Done.
	57 content::WebContents* web_contents) {

	58 SBThreatType threat_type = SB_THREAT_TYPE_URL_MALWARE;

	59 GURL request_url("http://example.com");

	60 for (net::QueryIterator it(web_contents->GetURL());

	61 !it.IsAtEnd();

	62 it.Advance()) {

	63 if (it.GetKey() == "type") {

	64 if (it.GetValue() == "malware") {

	65 threat_type = SB_THREAT_TYPE_URL_MALWARE;

	66 } else if (it.GetValue() == "phishing") {

	67 threat_type = SB_THREAT_TYPE_URL_PHISHING;

	68 } else if (it.GetValue() == "clientside_malware") {

	69 threat_type = SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL;

	70 } else if (it.GetValue() == "clientside_phishing") {

	71 threat_type = SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL;

	72 }

	73 } else if (it.GetKey() == "url") {

	74 request_url = GURL(it.GetValue());

	75 }

	76 }

	77 SafeBrowsingBlockingPage::UnsafeResource resource;

	78 resource.url = request_url;

	79 resource.threat_type = threat_type;

	80 return SafeBrowsingBlockingPage::CreateBlockingPage(

	81 g_browser_process->safe_browsing_service()->ui_manager(),

	82 web_contents,

	83 resource);

	84 }

	85

	86 } // namespace

	87

	88 InterstitialUI::InterstitialUI(content::WebUI* web_ui)

	89 : WebUIController(web_ui) {

	90 Profile* profile = Profile::FromWebUI(web_ui);

	91 scoped_ptr<InterstitialHTMLSource> html_source(

	92 new InterstitialHTMLSource(profile->GetOriginalProfile(),

	93 web_ui->GetWebContents()));

	94 content::URLDataSource::Add(profile, html_source.release());

	95 }

	96

	97 InterstitialUI::~InterstitialUI() {

	98 }

	99

	100 // InterstitialUI::InterstitialHTMLSource

	101

	102 InterstitialUI::InterstitialHTMLSource::InterstitialHTMLSource(

	103 Profile* profile,

	104 content::WebContents* web_contents)

	105 : profile_(profile),

	106 web_contents_(web_contents) {

	107 }

	108

	109 InterstitialUI::InterstitialHTMLSource::~InterstitialHTMLSource() {

	110 }

	111

	112 std::string InterstitialUI::InterstitialHTMLSource::GetMimeType(

	113 const std::string& mime_type) const {

	114 return "text/html";

	115 }

	116

	117 std::string InterstitialUI::InterstitialHTMLSource::GetSource() const {

	118 return chrome::kChromeUIInterstitialHost;

	119 }

	120

	121 bool InterstitialUI::InterstitialHTMLSource::ShouldAddContentSecurityPolicy()

	122 const {

	123 return false;

	124 }

	125

	126 void InterstitialUI::InterstitialHTMLSource::StartDataRequest(

	127 const std::string& path,

	128 int render_process_id,

	129 int render_frame_id,

	130 const content::URLDataSource::GotDataCallback& callback) {

	131 scoped_ptr<content::InterstitialPageDelegate> interstitial_delegate;

	132 if (StartsWithASCII(path, "ssl", true)) {

	133 interstitial_delegate.reset(CreateSSLBlockingPage(web_contents_));

	134 } else if (StartsWithASCII(path, "safebrowsing", true)) {

	135 interstitial_delegate.reset(CreateSafebrowsingBlockingPage(web_contents_));

	136 }

	137

	138 std::string html;

	139 if (interstitial_delegate.get()) {

	140 html = interstitial_delegate.get()->GetHTMLContents();

	141 } else {

	142 html = "<html><head><title>Interstitials</title></head>"

	143 "<body><h2>Choose an interstitial<h2>"

	144 "<h3>SSL</h3>"

	145 "<a href='ssl'>example.com</a><br>"

	146 "<a href='ssl?url=https://google.com'>SSL (google.com)</a><br>"
	felt 2014/07/15 01:35:07 ahh the passing parameters is pretty slick ahh the passing parameters is pretty slick meacer 2014/07/15 19:48:06 Looking forward to bug reports where people use we Show quoted text On 2014/07/15 01:35:07, felt wrote: > ahh the passing parameters is pretty slick Looking forward to bug reports where people use weird combinations and crash Chrome.
	147 "<a href='ssl?overridable=1&strict_enforcement=0'>"

	148 " example.com (Overridable)</a>"

	149 "<br><br>"

	150 "<h3>SafeBrowsing</h3>"

	151 "<a href='safebrowsing?type=malware'>Malware</a><br>"

	152 "<a href='safebrowsing?type=clientside_malware'>"

	153 " Client Side Malware</a><br>"

	154 "<a href='safebrowsing?type=phishing'>Phishing</a><br>"

	155 "<a href='safebrowsing?type=clientside_phishing'>"

	156 " Client Side Phishing</a><br>"

	157 "</body></html>";

	158 }

	159 scoped_refptr<base::RefCountedString> html_bytes = new base::RefCountedString;

	160 html_bytes->data().assign(html.begin(), html.end());

	161 callback.Run(html_bytes.get());

	162 }

OLD	NEW