Improve the SSL error display when the clock is wrong.

chrome/browser/ssl/ssl_blocking_page.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/ssl/ssl_blocking_page.h"
 
 #include "base/build_time.h"
 #include "base/command_line.h"
 #include "base/i18n/rtl.h"
 #include "base/i18n/time_formatting.h"
@@ skipping 557 matching lines @@
   load_time_data.SetString("trialCondition", trial_condition_);
 
   // Shared values for both the overridable and non-overridable versions.
   load_time_data.SetBoolean("ssl", true);
   load_time_data.SetBoolean(
       "overridable", overridable_ && !strict_enforcement_);
   load_time_data.SetString(
       "tabTitle", l10n_util::GetStringUTF16(IDS_SSL_V2_TITLE));
   load_time_data.SetString(
       "heading", l10n_util::GetStringUTF16(IDS_SSL_V2_HEADING));
-  if ((SSLErrorClassification::IsUserClockInThePast(
-      base::Time::NowFromSystemTime()))
+
+  base::Time now = base::Time::NowFromSystemTime();
+  if ((SSLErrorClassification::IsUserClockInThePast(now) ||
+       SSLErrorClassification::IsUserClockInTheFuture(now))
       && (SSLErrorInfo::NetErrorToErrorType(cert_error_) ==
           SSLErrorInfo::CERT_DATE_INVALID)) {
     load_time_data.SetString("primaryParagraph",
                              l10n_util::GetStringFUTF16(
                                  IDS_SSL_CLOCK_ERROR,
                                  url,
-                                 base::TimeFormatShortDate(base::Time::Now())));
+                                 base::TimeFormatShortDate(now)));
+    if (overridable_ && !strict_enforcement_) {
+      load_time_data.SetString(
+          "finalParagraph",
+          l10n_util::GetStringFUTF16(IDS_SSL_OVERRIDABLE_PROCEED_PARAGRAPH,
+                                     url));
+      load_time_data.SetString(
+          "primaryButtonText",
+          l10n_util::GetStringUTF16(IDS_SSL_NONOVERRIDABLE_RELOAD_BUTTON));

[felt, 2014/07/26 01:12:36]

should we use the IDS_SSL_OVERRIDABLE_SAFETY_BUTTON in both cases since, as you
suggest, reloading doesn't help?

+    } else {
+      load_time_data.SetString(
+          "primaryButtonText",
+          l10n_util::GetStringUTF16(IDS_SSL_OVERRIDABLE_SAFETY_BUTTON));
+    }
+
+    base::StringPiece html(
+       ResourceBundle::GetSharedInstance().GetRawDataResource(
+           IRD_SSL_INTERSTITIAL_V2_HTML));
+    webui::UseVersion2 version;
+    return webui::GetI18nTemplateHtml(html, &load_time_data);

[felt, 2014/07/26 01:12:36]

this appears to return without setting a number of parts of the warning,
including the primary paragraph, the open button text, the close button text,
and likely others that I can't spot

[felt, 2014/07/26 01:13:06]

oh wait, the primary paragraph is set... but it looks like some others aren't?

[palmer, 2014/08/07 01:26:15]

I changed it; see what you think now.

   } else {
     load_time_data.SetString(
         "primaryParagraph",
         l10n_util::GetStringFUTF16(IDS_SSL_V2_PRIMARY_PARAGRAPH, url));
   }
   load_time_data.SetString(
      "openDetails",
      l10n_util::GetStringUTF16(IDS_SSL_V2_OPEN_DETAILS_BUTTON));
   load_time_data.SetString(
      "closeDetails",
@@ skipping 214 matching lines @@
     // sure we don't clear the captive portal flag, since the interstitial was
     // potentially caused by the captive portal.
     captive_portal_detected_ = captive_portal_detected_ ||
         (results->result == captive_portal::RESULT_BEHIND_CAPTIVE_PORTAL);
     // Also keep track of non-HTTP portals and error cases.
     captive_portal_no_response_ = captive_portal_no_response_ ||
         (results->result == captive_portal::RESULT_NO_RESPONSE);
   }
 #endif
 }