Experience sampling insturmentation for SSL and Safe Browsing interstitials

chrome/browser/safe_browsing/safe_browsing_blocking_page.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 //
 // Implementation of the SafeBrowsingBlockingPage class.
 
 #include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h"
 
 #include <string>
 
 #include "base/bind.h"
 #include "base/command_line.h"
 #include "base/i18n/rtl.h"
 #include "base/lazy_instance.h"
 #include "base/metrics/field_trial.h"
 #include "base/metrics/histogram.h"
 #include "base/prefs/pref_service.h"
 #include "base/strings/string_number_conversions.h"
 #include "base/strings/string_piece.h"
 #include "base/strings/stringprintf.h"
 #include "base/strings/utf_string_conversions.h"
 #include "base/time/time.h"
 #include "base/values.h"
 #include "chrome/browser/browser_process.h"
+#include "chrome/browser/extensions/api/experience_sampling_private/experience_sampling.h"
 #include "chrome/browser/history/history_service_factory.h"
 #include "chrome/browser/profiles/profile.h"
 #include "chrome/browser/renderer_preferences_util.h"
 #include "chrome/browser/safe_browsing/malware_details.h"
 #include "chrome/browser/safe_browsing/ui_manager.h"
 #include "chrome/browser/tab_contents/tab_util.h"
 #include "chrome/common/chrome_switches.h"
 #include "chrome/common/pref_names.h"
 #include "chrome/common/url_constants.h"
 #include "components/google/core/browser/google_util.h"
@@ skipping 11 matching lines @@
 #include "ui/base/resource/resource_bundle.h"
 #include "ui/base/webui/jstemplate_builder.h"
 #include "ui/base/webui/web_ui_util.h"
 
 using base::UserMetricsAction;
 using content::BrowserThread;
 using content::InterstitialPage;
 using content::OpenURLParams;
 using content::Referrer;
 using content::WebContents;
+using extensions::ExperienceSamplingEvent;
 
 namespace {
 
 // For malware interstitial pages, we link the problematic URL to Google's
 // diagnostic page.
 #if defined(GOOGLE_CHROME_BUILD)
 const char* const kSbDiagnosticUrl =
     "http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=%s&client=googlechrome";
 #else
 const char* const kSbDiagnosticUrl =
@@ skipping 41 matching lines @@
 const char kTakeMeBackCommand[] = "takeMeBack";
 // Special command that we use when the user navigated away from the
 // page.  E.g., closed the tab or the window.  This is only used by
 // RecordUserReactionTime.
 const char kNavigatedAwayMetaCommand[] = "closed";
 
 // Other constants used to communicate with the JavaScript.
 const char kBoxChecked[] = "boxchecked";
 const char kDisplayCheckBox[] = "displaycheckbox";
 
+// Constants for the Experience Sampling instrumentation.
+const char kEventNameMalware[] = "safebrowsing_interstitial_";
+const char kEventNamePhishing[] = "phishing_interstitial_";
+const char kEventNameMalwareAndPhishing[] =
+    "malware_and_phishing_interstitial_";
+const char kEventNameOther[] = "safebrowsing_other_instertitial_";

[palmer, 2014/07/25 18:05:00]

Typo: Should be "interstitial".

[Chris Thompson, 2014/07/25 18:19:46]

Done.

+
 base::LazyInstance<SafeBrowsingBlockingPage::UnsafeResourceMap>
     g_unsafe_resource_map = LAZY_INSTANCE_INITIALIZER;
 
 // This enum is used for a histogram.  Don't reorder, delete, or insert
 // elements.  New elements should be added before MAX_ACTION only.
 enum DetailedDecision {
   MALWARE_SHOW_NEW_SITE = 0,
   MALWARE_PROCEED_NEW_SITE,
   MALWARE_SHOW_CROSS_SITE,
   MALWARE_PROCEED_CROSS_SITE,
@@ skipping 176 matching lines @@
   // If there's more than one malicious resources, it means the user
   // clicked through the first warning, so we don't prepare additional
   // reports.
   if (unsafe_resources.size() == 1 &&
       unsafe_resources[0].threat_type == SB_THREAT_TYPE_URL_MALWARE &&
       malware_details_.get() == NULL && CanShowMalwareDetailsOption()) {
     malware_details_ = MalwareDetails::NewMalwareDetails(
         ui_manager_, web_contents, unsafe_resources[0]);
   }
 
+  // ExperienceSampling: Set up new sampling event for this interstitial.
+  // This needs to handle all types of warnings this insterstitial can show.

[palmer, 2014/07/25 18:05:00]

Typo again :)

[Chris Thompson, 2014/07/25 18:19:46]

Done.

+  std::string event_name;
+  switch (interstitial_type_) {
+    case TYPE_MALWARE_AND_PHISHING:
+      event_name = kEventNameMalwareAndPhishing;
+      break;
+    case TYPE_MALWARE:
+      event_name = kEventNameMalware;
+      break;
+    case TYPE_PHISHING:
+      event_name = kEventNamePhishing;
+      break;
+    default:
+      event_name = kEventNameOther;
+      break;
+  }
+  sampling_event_.reset(new ExperienceSamplingEvent(
+      event_name,
+      url_,
+      web_contents_->GetLastCommittedURL(),
+      web_contents_->GetBrowserContext()));
+
   interstitial_page_ = InterstitialPage::Create(
       web_contents, IsMainPageLoadBlocked(unsafe_resources), url_, this);
 }
 
 bool SafeBrowsingBlockingPage::CanShowMalwareDetailsOption() {
   return (!web_contents_->GetBrowserContext()->IsOffTheRecord() &&
           web_contents_->GetURL().SchemeIs(url::kHttpScheme));
 }
 
 SafeBrowsingBlockingPage::~SafeBrowsingBlockingPage() {
@@ skipping 23 matching lines @@
     if (threat_type == SB_THREAT_TYPE_URL_MALWARE ||
         threat_type == SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL) {
       url = GURL(kLearnMoreMalwareUrl);
     } else if (threat_type == SB_THREAT_TYPE_URL_PHISHING ||
                threat_type == SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL) {
       url = GURL(kLearnMorePhishingUrl);
     } else {
       NOTREACHED();
     }
 
+    sampling_event_->has_viewed_learn_more = true;
+
     OpenURLParams params(
         url, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_LINK, false);
     web_contents_->OpenURL(params);
     return;
   }
 
   if (command == kLearnMoreCommandV2) {
     // User pressed "Learn more".
     GURL url;
     SBThreatType threat_type = unsafe_resources_[0].threat_type;
     if (threat_type == SB_THREAT_TYPE_URL_MALWARE ||
         threat_type == SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL) {
       url = GURL(kLearnMoreMalwareUrlV2);
     } else if (threat_type == SB_THREAT_TYPE_URL_PHISHING ||
                threat_type == SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL) {
       url = GURL(kLearnMorePhishingUrlV2);
     } else {
       NOTREACHED();
     }
 
+    sampling_event_->has_viewed_learn_more = true;
+
     OpenURLParams params(
         url, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_LINK, false);
     web_contents_->OpenURL(params);
     return;
   }
 
   if (command == kShowPrivacyCommand) {
     // User pressed "Safe Browsing privacy policy".
     GURL url(l10n_util::GetStringUTF8(IDS_SAFE_BROWSING_PRIVACY_POLICY_URL));
     OpenURLParams params(
@@ skipping 93 matching lines @@
         diagnostic_url, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_LINK,
         false);
     web_contents_->OpenURL(params);
     return;
   }
 
   if (command == kExpandedSeeMoreCommand) {
     // User expanded the "see more info" section of the page.  We don't actually
     // do any action based on this, it's just so that RecordUserReactionTime can
     // track it.
+
+    // ExperienceSampling: We track that the user expanded the details.
+    sampling_event_->has_viewed_details = true;
     return;
   }
 
   NOTREACHED() << "Unexpected command: " << command;
 }
 
 void SafeBrowsingBlockingPage::OverrideRendererPrefs(
       content::RendererPreferences* prefs) {
   Profile* profile = Profile::FromBrowserContext(
       web_contents_->GetBrowserContext());
@@ skipping 43 matching lines @@
   SafeBrowsingBlockingPage* blocking_page = NULL;
   if (iter != unsafe_resource_map->end() && !iter->second.empty()) {
     // Build an interstitial for all the unsafe resources notifications.
     // Don't show it now as showing an interstitial while an interstitial is
     // already showing would cause DontProceed() to be invoked.
     blocking_page = factory_->CreateSafeBrowsingPage(ui_manager_, web_contents_,
                                                      iter->second);
     unsafe_resource_map->erase(iter);
   }
 
+  // ExperienceSampling: Notify that user decided to proceed.
+  sampling_event_->CreateUserDecisionEvent(ExperienceSamplingEvent::kProceed);
+
   // Now that this interstitial is gone, we can show the new one.
   if (blocking_page)
     blocking_page->interstitial_page_->Show();
 }
 
 void SafeBrowsingBlockingPage::OnDontProceed() {
   // Calling this method twice will not double-count.
   RecordUserReactionTime(kNavigatedAwayMetaCommand);
   // We could have already called Proceed(), in which case we must not notify
   // the SafeBrowsingUIManager again, as the client has been deleted.
@@ skipping 23 matching lines @@
   // that had a subresource warning.
   int last_committed_index =
       web_contents_->GetController().GetLastCommittedEntryIndex();
   if (navigation_entry_index_to_remove_ != -1 &&
       navigation_entry_index_to_remove_ != last_committed_index &&
       !web_contents_->IsBeingDestroyed()) {
     CHECK(web_contents_->GetController().RemoveEntryAtIndex(
         navigation_entry_index_to_remove_));
     navigation_entry_index_to_remove_ = -1;
   }
+
+  // ExperienceSampling: Notify that user decided to go back.
+  // This also occurs if the user navigates away or closes the tab.
+  sampling_event_->CreateUserDecisionEvent(ExperienceSamplingEvent::kDeny);
 }
 
 void SafeBrowsingBlockingPage::OnGotHistoryCount(bool success,
                                                  int num_visits,
                                                  base::Time first_visit) {
   if (success)
     num_visits_ = num_visits;
 }
 
 void SafeBrowsingBlockingPage::RecordUserAction(BlockingPageEvent event) {
@@ skipping 788 matching lines @@
           IDS_PHISHING_V3_PRIMARY_PARAGRAPH,
           base::UTF8ToUTF16(url_.host())));
   load_time_data->SetString(
       "explanationParagraph",
       l10n_util::GetStringFUTF16(IDS_PHISHING_V3_EXPLANATION_PARAGRAPH,
                                  base::UTF8ToUTF16(url_.host())));
   load_time_data->SetString(
       "finalParagraph",
       l10n_util::GetStringUTF16(IDS_PHISHING_V3_PROCEED_PARAGRAPH));
 }