Chromium Code Reviews Chromium Code Reviews
Issue 450833002:
Add additional UMA stats for remembering certificate decisions. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ssl/ssl_blocking_page.h" | 5 #include "chrome/browser/ssl/ssl_blocking_page.h" |
| 6 | 6 |
| 7 #include "base/build_time.h" | 7 #include "base/build_time.h" |
| 8 #include "base/command_line.h" | 8 #include "base/command_line.h" |
| 9 #include "base/i18n/rtl.h" | 9 #include "base/i18n/rtl.h" |
| 10 #include "base/i18n/time_formatting.h" | 10 #include "base/i18n/time_formatting.h" |
| (...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 65 #endif | 65 #endif |
| 66 | 66 |
| 67 using base::ASCIIToUTF16; | 67 using base::ASCIIToUTF16; |
| 68 using base::TimeTicks; | 68 using base::TimeTicks; |
| 69 using content::InterstitialPage; | 69 using content::InterstitialPage; |
| 70 using content::NavigationController; | 70 using content::NavigationController; |
| 71 using content::NavigationEntry; | 71 using content::NavigationEntry; |
| 72 | 72 |
| 73 namespace { | 73 namespace { |
| 74 | 74 |
| 75 const char kExpirationAndDecisionNonoverridableHistogram[] = | |
| 76 "interstitial.ssl.expiration_and_decision.nonoverridable"; | |
| 77 const char kExpirationAndDecisionOverridableHistogram[] = | |
| 78 "interstitial.ssl.expiration_and_decision.overridable"; | |
| 79 | |
| 75 // Events for UMA. Do not reorder or change! | 80 // Events for UMA. Do not reorder or change! |
| 76 enum SSLBlockingPageEvent { | 81 enum SSLBlockingPageEvent { |
| 77 SHOW_ALL, | 82 SHOW_ALL, |
| 78 SHOW_OVERRIDABLE, | 83 SHOW_OVERRIDABLE, |
| 79 PROCEED_OVERRIDABLE, | 84 PROCEED_OVERRIDABLE, |
| 80 PROCEED_NAME, | 85 PROCEED_NAME, |
| 81 PROCEED_DATE, | 86 PROCEED_DATE, |
| 82 PROCEED_AUTHORITY, | 87 PROCEED_AUTHORITY, |
| 83 DONT_PROCEED_OVERRIDABLE, | 88 DONT_PROCEED_OVERRIDABLE, |
| 84 DONT_PROCEED_NAME, | 89 DONT_PROCEED_NAME, |
| (...skipping 10 matching lines...) Expand all Loading... | |
| 95 CAPTIVE_PORTAL_DETECTION_ENABLED_OVERRIDABLE, | 100 CAPTIVE_PORTAL_DETECTION_ENABLED_OVERRIDABLE, |
| 96 CAPTIVE_PORTAL_PROBE_COMPLETED, | 101 CAPTIVE_PORTAL_PROBE_COMPLETED, |
| 97 CAPTIVE_PORTAL_PROBE_COMPLETED_OVERRIDABLE, | 102 CAPTIVE_PORTAL_PROBE_COMPLETED_OVERRIDABLE, |
| 98 CAPTIVE_PORTAL_NO_RESPONSE, | 103 CAPTIVE_PORTAL_NO_RESPONSE, |
| 99 CAPTIVE_PORTAL_NO_RESPONSE_OVERRIDABLE, | 104 CAPTIVE_PORTAL_NO_RESPONSE_OVERRIDABLE, |
| 100 CAPTIVE_PORTAL_DETECTED, | 105 CAPTIVE_PORTAL_DETECTED, |
| 101 CAPTIVE_PORTAL_DETECTED_OVERRIDABLE, | 106 CAPTIVE_PORTAL_DETECTED_OVERRIDABLE, |
| 102 UNUSED_BLOCKING_PAGE_EVENT, | 107 UNUSED_BLOCKING_PAGE_EVENT, |
| 103 }; | 108 }; |
| 104 | 109 |
| 110 // Events for UMA. Do not reorder or change! | |
| 111 enum SSLExpirationAndDecision { | |
| 112 EXPIRED_AND_PROCEED, | |
| 113 EXPIRED_AND_DO_NOT_PROCEED, | |
| 114 NOT_EXPIRED_AND_PROCEED, | |
| 115 NOT_EXPIRED_AND_DO_NOT_PROCEED, | |
| 116 END_OF_SSL_EXPIRATION_AND_DECISION, | |
| 117 }; | |
| 118 | |
| 105 void RecordSSLBlockingPageEventStats(SSLBlockingPageEvent event) { | 119 void RecordSSLBlockingPageEventStats(SSLBlockingPageEvent event) { |
| 106 UMA_HISTOGRAM_ENUMERATION("interstitial.ssl", | 120 UMA_HISTOGRAM_ENUMERATION("interstitial.ssl", |
| 107 event, | 121 event, |
| 108 UNUSED_BLOCKING_PAGE_EVENT); | 122 UNUSED_BLOCKING_PAGE_EVENT); |
| 109 } | 123 } |
| 110 | 124 |
| 111 void RecordSSLBlockingPageDetailedStats( | 125 void RecordSSLExpirationPageEventState(bool expired_but_previously_allowed, |
| 112 bool proceed, | 126 bool proceed, |
| 113 int cert_error, | 127 bool overridable) { |
| 114 bool overridable, | 128 const char *histogram; |
| 115 bool internal, | 129 if (overridable) |
| 116 int num_visits, | 130 histogram = kExpirationAndDecisionOverridableHistogram; |
| 117 bool captive_portal_detection_enabled, | 131 else |
| 118 bool captive_portal_probe_completed, | 132 histogram = kExpirationAndDecisionNonoverridableHistogram; |
| 119 bool captive_portal_no_response, | 133 |
| 120 bool captive_portal_detected) { | 134 SSLExpirationAndDecision event; |
| 135 if (expired_but_previously_allowed && proceed) | |
| 136 event = EXPIRED_AND_PROCEED; | |
| 137 else if (expired_but_previously_allowed && !proceed) | |
| 138 event = EXPIRED_AND_DO_NOT_PROCEED; | |
| 139 else if (!expired_but_previously_allowed && proceed) | |
| 140 event = NOT_EXPIRED_AND_PROCEED; | |
| 141 else | |
| 142 event = NOT_EXPIRED_AND_DO_NOT_PROCEED; | |
| 143 | |
| 144 UMA_HISTOGRAM_ENUMERATION(histogram, | |
|
felt
2014/08/08 17:55:33
Although this might compile, I don't think it will
jww
2014/08/12 04:51:02
Done.
| |
| 145 event, | |
| 146 END_OF_SSL_EXPIRATION_AND_DECISION); | |
| 147 } | |
| 148 | |
| 149 void RecordSSLBlockingPageDetailedStats(bool proceed, | |
| 150 int cert_error, | |
| 151 bool overridable, | |
| 152 bool internal, | |
| 153 int num_visits, | |
| 154 bool captive_portal_detection_enabled, | |
| 155 bool captive_portal_probe_completed, | |
| 156 bool captive_portal_no_response, | |
| 157 bool captive_portal_detected, | |
| 158 bool expired_but_previously_allowed) { | |
| 121 UMA_HISTOGRAM_ENUMERATION("interstitial.ssl_error_type", | 159 UMA_HISTOGRAM_ENUMERATION("interstitial.ssl_error_type", |
| 122 SSLErrorInfo::NetErrorToErrorType(cert_error), SSLErrorInfo::END_OF_ENUM); | 160 SSLErrorInfo::NetErrorToErrorType(cert_error), SSLErrorInfo::END_OF_ENUM); |
| 161 RecordSSLExpirationPageEventState( | |
| 162 expired_but_previously_allowed, proceed, overridable); | |
| 123 #if defined(ENABLE_CAPTIVE_PORTAL_DETECTION) | 163 #if defined(ENABLE_CAPTIVE_PORTAL_DETECTION) |
| 124 if (captive_portal_detection_enabled) | 164 if (captive_portal_detection_enabled) |
| 125 RecordSSLBlockingPageEventStats( | 165 RecordSSLBlockingPageEventStats( |
| 126 overridable ? | 166 overridable ? |
| 127 CAPTIVE_PORTAL_DETECTION_ENABLED_OVERRIDABLE : | 167 CAPTIVE_PORTAL_DETECTION_ENABLED_OVERRIDABLE : |
| 128 CAPTIVE_PORTAL_DETECTION_ENABLED); | 168 CAPTIVE_PORTAL_DETECTION_ENABLED); |
| 129 if (captive_portal_probe_completed) | 169 if (captive_portal_probe_completed) |
| 130 RecordSSLBlockingPageEventStats( | 170 RecordSSLBlockingPageEventStats( |
| 131 overridable ? | 171 overridable ? |
| 132 CAPTIVE_PORTAL_PROBE_COMPLETED_OVERRIDABLE : | 172 CAPTIVE_PORTAL_PROBE_COMPLETED_OVERRIDABLE : |
| (...skipping 129 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 262 options.allow_new_privs = true; | 302 options.allow_new_privs = true; |
| 263 #endif | 303 #endif |
| 264 base::LaunchProcess(command, options, NULL); | 304 base::LaunchProcess(command, options, NULL); |
| 265 #endif | 305 #endif |
| 266 } | 306 } |
| 267 | 307 |
| 268 } // namespace | 308 } // namespace |
| 269 | 309 |
| 270 // Note that we always create a navigation entry with SSL errors. | 310 // Note that we always create a navigation entry with SSL errors. |
| 271 // No error happening loading a sub-resource triggers an interstitial so far. | 311 // No error happening loading a sub-resource triggers an interstitial so far. |
| 272 SSLBlockingPage::SSLBlockingPage( | 312 SSLBlockingPage::SSLBlockingPage(content::WebContents* web_contents, |
| 273 content::WebContents* web_contents, | 313 int cert_error, |
| 274 int cert_error, | 314 const net::SSLInfo& ssl_info, |
| 275 const net::SSLInfo& ssl_info, | 315 const GURL& request_url, |
| 276 const GURL& request_url, | 316 bool overridable, |
| 277 bool overridable, | 317 bool strict_enforcement, |
| 278 bool strict_enforcement, | 318 bool expired_but_previously_allowed, |
| 279 const base::Callback<void(bool)>& callback) | 319 const base::Callback<void(bool)>& callback) |
| 280 : callback_(callback), | 320 : callback_(callback), |
| 281 web_contents_(web_contents), | 321 web_contents_(web_contents), |
| 282 cert_error_(cert_error), | 322 cert_error_(cert_error), |
| 283 ssl_info_(ssl_info), | 323 ssl_info_(ssl_info), |
| 284 request_url_(request_url), | 324 request_url_(request_url), |
| 285 overridable_(overridable), | 325 overridable_(overridable), |
| 286 strict_enforcement_(strict_enforcement), | 326 strict_enforcement_(strict_enforcement), |
| 287 interstitial_page_(NULL), | 327 interstitial_page_(NULL), |
| 288 internal_(false), | 328 internal_(false), |
| 289 num_visits_(-1), | 329 num_visits_(-1), |
| 290 captive_portal_detection_enabled_(false), | 330 captive_portal_detection_enabled_(false), |
| 291 captive_portal_probe_completed_(false), | 331 captive_portal_probe_completed_(false), |
| 292 captive_portal_no_response_(false), | 332 captive_portal_no_response_(false), |
| 293 captive_portal_detected_(false) { | 333 captive_portal_detected_(false), |
| 334 expired_but_previously_allowed_(expired_but_previously_allowed) { | |
| 294 Profile* profile = Profile::FromBrowserContext( | 335 Profile* profile = Profile::FromBrowserContext( |
| 295 web_contents->GetBrowserContext()); | 336 web_contents->GetBrowserContext()); |
| 296 // For UMA stats. | 337 // For UMA stats. |
| 297 if (net::IsHostnameNonUnique(request_url_.HostNoBrackets())) | 338 if (net::IsHostnameNonUnique(request_url_.HostNoBrackets())) |
| 298 internal_ = true; | 339 internal_ = true; |
| 299 RecordSSLBlockingPageEventStats(SHOW_ALL); | 340 RecordSSLBlockingPageEventStats(SHOW_ALL); |
| 300 if (overridable_ && !strict_enforcement_) { | 341 if (overridable_ && !strict_enforcement_) { |
| 301 RecordSSLBlockingPageEventStats(SHOW_OVERRIDABLE); | 342 RecordSSLBlockingPageEventStats(SHOW_OVERRIDABLE); |
| 302 if (internal_) | 343 if (internal_) |
| 303 RecordSSLBlockingPageEventStats(SHOW_INTERNAL_HOSTNAME); | 344 RecordSSLBlockingPageEventStats(SHOW_INTERNAL_HOSTNAME); |
| (...skipping 30 matching lines...) Expand all Loading... | |
| 334 SSLBlockingPage::~SSLBlockingPage() { | 375 SSLBlockingPage::~SSLBlockingPage() { |
| 335 if (!callback_.is_null()) { | 376 if (!callback_.is_null()) { |
| 336 RecordSSLBlockingPageDetailedStats(false, | 377 RecordSSLBlockingPageDetailedStats(false, |
| 337 cert_error_, | 378 cert_error_, |
| 338 overridable_ && !strict_enforcement_, | 379 overridable_ && !strict_enforcement_, |
| 339 internal_, | 380 internal_, |
| 340 num_visits_, | 381 num_visits_, |
| 341 captive_portal_detection_enabled_, | 382 captive_portal_detection_enabled_, |
| 342 captive_portal_probe_completed_, | 383 captive_portal_probe_completed_, |
| 343 captive_portal_no_response_, | 384 captive_portal_no_response_, |
| 344 captive_portal_detected_); | 385 captive_portal_detected_, |
| 386 expired_but_previously_allowed_); | |
| 345 // The page is closed without the user having chosen what to do, default to | 387 // The page is closed without the user having chosen what to do, default to |
| 346 // deny. | 388 // deny. |
| 347 NotifyDenyCertificate(); | 389 NotifyDenyCertificate(); |
| 348 } | 390 } |
| 349 } | 391 } |
| 350 | 392 |
| 351 void SSLBlockingPage::Show() { | 393 void SSLBlockingPage::Show() { |
| 352 DCHECK(!interstitial_page_); | 394 DCHECK(!interstitial_page_); |
| 353 interstitial_page_ = InterstitialPage::Create( | 395 interstitial_page_ = InterstitialPage::Create( |
| 354 web_contents_, true, request_url_, this); | 396 web_contents_, true, request_url_, this); |
| (...skipping 161 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 516 | 558 |
| 517 void SSLBlockingPage::OnProceed() { | 559 void SSLBlockingPage::OnProceed() { |
| 518 RecordSSLBlockingPageDetailedStats(true, | 560 RecordSSLBlockingPageDetailedStats(true, |
| 519 cert_error_, | 561 cert_error_, |
| 520 overridable_ && !strict_enforcement_, | 562 overridable_ && !strict_enforcement_, |
| 521 internal_, | 563 internal_, |
| 522 num_visits_, | 564 num_visits_, |
| 523 captive_portal_detection_enabled_, | 565 captive_portal_detection_enabled_, |
| 524 captive_portal_probe_completed_, | 566 captive_portal_probe_completed_, |
| 525 captive_portal_no_response_, | 567 captive_portal_no_response_, |
| 526 captive_portal_detected_); | 568 captive_portal_detected_, |
| 569 expired_but_previously_allowed_); | |
| 527 // Accepting the certificate resumes the loading of the page. | 570 // Accepting the certificate resumes the loading of the page. |
| 528 NotifyAllowCertificate(); | 571 NotifyAllowCertificate(); |
| 529 } | 572 } |
| 530 | 573 |
| 531 void SSLBlockingPage::OnDontProceed() { | 574 void SSLBlockingPage::OnDontProceed() { |
| 532 RecordSSLBlockingPageDetailedStats(false, | 575 RecordSSLBlockingPageDetailedStats(false, |
| 533 cert_error_, | 576 cert_error_, |
| 534 overridable_ && !strict_enforcement_, | 577 overridable_ && !strict_enforcement_, |
| 535 internal_, | 578 internal_, |
| 536 num_visits_, | 579 num_visits_, |
| 537 captive_portal_detection_enabled_, | 580 captive_portal_detection_enabled_, |
| 538 captive_portal_probe_completed_, | 581 captive_portal_probe_completed_, |
| 539 captive_portal_no_response_, | 582 captive_portal_no_response_, |
| 540 captive_portal_detected_); | 583 captive_portal_detected_, |
| 584 expired_but_previously_allowed_); | |
| 541 NotifyDenyCertificate(); | 585 NotifyDenyCertificate(); |
| 542 } | 586 } |
| 543 | 587 |
| 544 void SSLBlockingPage::NotifyDenyCertificate() { | 588 void SSLBlockingPage::NotifyDenyCertificate() { |
| 545 // It's possible that callback_ may not exist if the user clicks "Proceed" | 589 // It's possible that callback_ may not exist if the user clicks "Proceed" |
| 546 // followed by pressing the back button before the interstitial is hidden. | 590 // followed by pressing the back button before the interstitial is hidden. |
| 547 // In that case the certificate will still be treated as allowed. | 591 // In that case the certificate will still be treated as allowed. |
| 548 if (callback_.is_null()) | 592 if (callback_.is_null()) |
| 549 return; | 593 return; |
| 550 | 594 |
| (...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 606 // sure we don't clear the captive portal flag, since the interstitial was | 650 // sure we don't clear the captive portal flag, since the interstitial was |
| 607 // potentially caused by the captive portal. | 651 // potentially caused by the captive portal. |
| 608 captive_portal_detected_ = captive_portal_detected_ || | 652 captive_portal_detected_ = captive_portal_detected_ || |
| 609 (results->result == captive_portal::RESULT_BEHIND_CAPTIVE_PORTAL); | 653 (results->result == captive_portal::RESULT_BEHIND_CAPTIVE_PORTAL); |
| 610 // Also keep track of non-HTTP portals and error cases. | 654 // Also keep track of non-HTTP portals and error cases. |
| 611 captive_portal_no_response_ = captive_portal_no_response_ || | 655 captive_portal_no_response_ = captive_portal_no_response_ || |
| 612 (results->result == captive_portal::RESULT_NO_RESPONSE); | 656 (results->result == captive_portal::RESULT_NO_RESPONSE); |
| 613 } | 657 } |
| 614 #endif | 658 #endif |
| 615 } | 659 } |
| OLD | NEW |
