Chromium Code Reviews Chromium Code Reviews
Issue 450833002:
Add additional UMA stats for remembering certificate decisions. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ssl/ssl_blocking_page.h" | 5 #include "chrome/browser/ssl/ssl_blocking_page.h" |
| 6 | 6 |
| 7 #include "base/build_time.h" | 7 #include "base/build_time.h" |
| 8 #include "base/command_line.h" | 8 #include "base/command_line.h" |
| 9 #include "base/i18n/rtl.h" | 9 #include "base/i18n/rtl.h" |
| 10 #include "base/i18n/time_formatting.h" | 10 #include "base/i18n/time_formatting.h" |
| (...skipping 84 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 95 CAPTIVE_PORTAL_DETECTION_ENABLED_OVERRIDABLE, | 95 CAPTIVE_PORTAL_DETECTION_ENABLED_OVERRIDABLE, |
| 96 CAPTIVE_PORTAL_PROBE_COMPLETED, | 96 CAPTIVE_PORTAL_PROBE_COMPLETED, |
| 97 CAPTIVE_PORTAL_PROBE_COMPLETED_OVERRIDABLE, | 97 CAPTIVE_PORTAL_PROBE_COMPLETED_OVERRIDABLE, |
| 98 CAPTIVE_PORTAL_NO_RESPONSE, | 98 CAPTIVE_PORTAL_NO_RESPONSE, |
| 99 CAPTIVE_PORTAL_NO_RESPONSE_OVERRIDABLE, | 99 CAPTIVE_PORTAL_NO_RESPONSE_OVERRIDABLE, |
| 100 CAPTIVE_PORTAL_DETECTED, | 100 CAPTIVE_PORTAL_DETECTED, |
| 101 CAPTIVE_PORTAL_DETECTED_OVERRIDABLE, | 101 CAPTIVE_PORTAL_DETECTED_OVERRIDABLE, |
| 102 UNUSED_BLOCKING_PAGE_EVENT, | 102 UNUSED_BLOCKING_PAGE_EVENT, |
| 103 }; | 103 }; |
| 104 | 104 |
| 105 // Events for UMA. Do not reorder or change! | |
| 106 enum SSLExpirationAndDecision { | |
| 107 EXPIRED_AND_PROCEED, | |
| 108 EXPIRED_AND_DO_NOT_PROCEED, | |
| 109 NOT_EXPIRED_AND_PROCEED, | |
| 110 NOT_EXPIRED_AND_DO_NOT_PROCEED, | |
| 111 END_OF_SSL_EXPIRATION_AND_DECISION, | |
| 112 }; | |
| 113 | |
| 105 void RecordSSLBlockingPageEventStats(SSLBlockingPageEvent event) { | 114 void RecordSSLBlockingPageEventStats(SSLBlockingPageEvent event) { |
| 106 UMA_HISTOGRAM_ENUMERATION("interstitial.ssl", | 115 UMA_HISTOGRAM_ENUMERATION("interstitial.ssl", |
| 107 event, | 116 event, |
| 108 UNUSED_BLOCKING_PAGE_EVENT); | 117 UNUSED_BLOCKING_PAGE_EVENT); |
| 109 } | 118 } |
| 110 | 119 |
| 111 void RecordSSLBlockingPageDetailedStats( | 120 void RecordSSLExpirationPageEventState(bool expired_but_previously_allowed, |
| 112 bool proceed, | 121 bool proceed, |
| 113 int cert_error, | 122 bool overridable) { |
| 114 bool overridable, | 123 SSLExpirationAndDecision event; |
| 115 bool internal, | 124 if (expired_but_previously_allowed && proceed) |
| 116 int num_visits, | 125 event = EXPIRED_AND_PROCEED; |
| 117 bool captive_portal_detection_enabled, | 126 else if (expired_but_previously_allowed && !proceed) |
| 118 bool captive_portal_probe_completed, | 127 event = EXPIRED_AND_DO_NOT_PROCEED; |
| 119 bool captive_portal_no_response, | 128 else if (!expired_but_previously_allowed && proceed) |
| 120 bool captive_portal_detected) { | 129 event = NOT_EXPIRED_AND_PROCEED; |
| 130 else | |
| 131 event = NOT_EXPIRED_AND_DO_NOT_PROCEED; | |
| 132 | |
| 133 if (overridable) | |
|
felt
2014/08/12 04:56:12
style nit: I would expect { } here now that it's a
jww
2014/08/12 13:15:52
Done.
| |
| 134 UMA_HISTOGRAM_ENUMERATION( | |
| 135 "interstitial.ssl.expiration_and_decision.overridable", | |
| 136 event, | |
| 137 END_OF_SSL_EXPIRATION_AND_DECISION); | |
| 138 else | |
| 139 UMA_HISTOGRAM_ENUMERATION( | |
| 140 "interstitial.ssl.expiration_and_decision.nonoverridable", | |
| 141 event, | |
| 142 END_OF_SSL_EXPIRATION_AND_DECISION); | |
| 143 } | |
| 144 | |
| 145 void RecordSSLBlockingPageDetailedStats(bool proceed, | |
| 146 int cert_error, | |
| 147 bool overridable, | |
| 148 bool internal, | |
| 149 int num_visits, | |
| 150 bool captive_portal_detection_enabled, | |
| 151 bool captive_portal_probe_completed, | |
| 152 bool captive_portal_no_response, | |
| 153 bool captive_portal_detected, | |
| 154 bool expired_but_previously_allowed) { | |
| 121 UMA_HISTOGRAM_ENUMERATION("interstitial.ssl_error_type", | 155 UMA_HISTOGRAM_ENUMERATION("interstitial.ssl_error_type", |
| 122 SSLErrorInfo::NetErrorToErrorType(cert_error), SSLErrorInfo::END_OF_ENUM); | 156 SSLErrorInfo::NetErrorToErrorType(cert_error), SSLErrorInfo::END_OF_ENUM); |
| 157 RecordSSLExpirationPageEventState( | |
| 158 expired_but_previously_allowed, proceed, overridable); | |
| 123 #if defined(ENABLE_CAPTIVE_PORTAL_DETECTION) | 159 #if defined(ENABLE_CAPTIVE_PORTAL_DETECTION) |
| 124 if (captive_portal_detection_enabled) | 160 if (captive_portal_detection_enabled) |
| 125 RecordSSLBlockingPageEventStats( | 161 RecordSSLBlockingPageEventStats( |
| 126 overridable ? | 162 overridable ? |
| 127 CAPTIVE_PORTAL_DETECTION_ENABLED_OVERRIDABLE : | 163 CAPTIVE_PORTAL_DETECTION_ENABLED_OVERRIDABLE : |
| 128 CAPTIVE_PORTAL_DETECTION_ENABLED); | 164 CAPTIVE_PORTAL_DETECTION_ENABLED); |
| 129 if (captive_portal_probe_completed) | 165 if (captive_portal_probe_completed) |
| 130 RecordSSLBlockingPageEventStats( | 166 RecordSSLBlockingPageEventStats( |
| 131 overridable ? | 167 overridable ? |
| 132 CAPTIVE_PORTAL_PROBE_COMPLETED_OVERRIDABLE : | 168 CAPTIVE_PORTAL_PROBE_COMPLETED_OVERRIDABLE : |
| (...skipping 129 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 262 options.allow_new_privs = true; | 298 options.allow_new_privs = true; |
| 263 #endif | 299 #endif |
| 264 base::LaunchProcess(command, options, NULL); | 300 base::LaunchProcess(command, options, NULL); |
| 265 #endif | 301 #endif |
| 266 } | 302 } |
| 267 | 303 |
| 268 } // namespace | 304 } // namespace |
| 269 | 305 |
| 270 // Note that we always create a navigation entry with SSL errors. | 306 // Note that we always create a navigation entry with SSL errors. |
| 271 // No error happening loading a sub-resource triggers an interstitial so far. | 307 // No error happening loading a sub-resource triggers an interstitial so far. |
| 272 SSLBlockingPage::SSLBlockingPage( | 308 SSLBlockingPage::SSLBlockingPage(content::WebContents* web_contents, |
| 273 content::WebContents* web_contents, | 309 int cert_error, |
| 274 int cert_error, | 310 const net::SSLInfo& ssl_info, |
| 275 const net::SSLInfo& ssl_info, | 311 const GURL& request_url, |
| 276 const GURL& request_url, | 312 bool overridable, |
| 277 bool overridable, | 313 bool strict_enforcement, |
| 278 bool strict_enforcement, | 314 bool expired_but_previously_allowed, |
| 279 const base::Callback<void(bool)>& callback) | 315 const base::Callback<void(bool)>& callback) |
| 280 : callback_(callback), | 316 : callback_(callback), |
| 281 web_contents_(web_contents), | 317 web_contents_(web_contents), |
| 282 cert_error_(cert_error), | 318 cert_error_(cert_error), |
| 283 ssl_info_(ssl_info), | 319 ssl_info_(ssl_info), |
| 284 request_url_(request_url), | 320 request_url_(request_url), |
| 285 overridable_(overridable), | 321 overridable_(overridable), |
| 286 strict_enforcement_(strict_enforcement), | 322 strict_enforcement_(strict_enforcement), |
| 287 interstitial_page_(NULL), | 323 interstitial_page_(NULL), |
| 288 internal_(false), | 324 internal_(false), |
| 289 num_visits_(-1), | 325 num_visits_(-1), |
| 290 captive_portal_detection_enabled_(false), | 326 captive_portal_detection_enabled_(false), |
| 291 captive_portal_probe_completed_(false), | 327 captive_portal_probe_completed_(false), |
| 292 captive_portal_no_response_(false), | 328 captive_portal_no_response_(false), |
| 293 captive_portal_detected_(false) { | 329 captive_portal_detected_(false), |
| 330 expired_but_previously_allowed_(expired_but_previously_allowed) { | |
| 294 Profile* profile = Profile::FromBrowserContext( | 331 Profile* profile = Profile::FromBrowserContext( |
| 295 web_contents->GetBrowserContext()); | 332 web_contents->GetBrowserContext()); |
| 296 // For UMA stats. | 333 // For UMA stats. |
| 297 if (net::IsHostnameNonUnique(request_url_.HostNoBrackets())) | 334 if (net::IsHostnameNonUnique(request_url_.HostNoBrackets())) |
| 298 internal_ = true; | 335 internal_ = true; |
| 299 RecordSSLBlockingPageEventStats(SHOW_ALL); | 336 RecordSSLBlockingPageEventStats(SHOW_ALL); |
| 300 if (overridable_ && !strict_enforcement_) { | 337 if (overridable_ && !strict_enforcement_) { |
| 301 RecordSSLBlockingPageEventStats(SHOW_OVERRIDABLE); | 338 RecordSSLBlockingPageEventStats(SHOW_OVERRIDABLE); |
| 302 if (internal_) | 339 if (internal_) |
| 303 RecordSSLBlockingPageEventStats(SHOW_INTERNAL_HOSTNAME); | 340 RecordSSLBlockingPageEventStats(SHOW_INTERNAL_HOSTNAME); |
| (...skipping 30 matching lines...) Expand all Loading... | |
| 334 SSLBlockingPage::~SSLBlockingPage() { | 371 SSLBlockingPage::~SSLBlockingPage() { |
| 335 if (!callback_.is_null()) { | 372 if (!callback_.is_null()) { |
| 336 RecordSSLBlockingPageDetailedStats(false, | 373 RecordSSLBlockingPageDetailedStats(false, |
| 337 cert_error_, | 374 cert_error_, |
| 338 overridable_ && !strict_enforcement_, | 375 overridable_ && !strict_enforcement_, |
| 339 internal_, | 376 internal_, |
| 340 num_visits_, | 377 num_visits_, |
| 341 captive_portal_detection_enabled_, | 378 captive_portal_detection_enabled_, |
| 342 captive_portal_probe_completed_, | 379 captive_portal_probe_completed_, |
| 343 captive_portal_no_response_, | 380 captive_portal_no_response_, |
| 344 captive_portal_detected_); | 381 captive_portal_detected_, |
| 382 expired_but_previously_allowed_); | |
| 345 // The page is closed without the user having chosen what to do, default to | 383 // The page is closed without the user having chosen what to do, default to |
| 346 // deny. | 384 // deny. |
| 347 NotifyDenyCertificate(); | 385 NotifyDenyCertificate(); |
| 348 } | 386 } |
| 349 } | 387 } |
| 350 | 388 |
| 351 void SSLBlockingPage::Show() { | 389 void SSLBlockingPage::Show() { |
| 352 DCHECK(!interstitial_page_); | 390 DCHECK(!interstitial_page_); |
| 353 interstitial_page_ = InterstitialPage::Create( | 391 interstitial_page_ = InterstitialPage::Create( |
| 354 web_contents_, true, request_url_, this); | 392 web_contents_, true, request_url_, this); |
| (...skipping 161 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 516 | 554 |
| 517 void SSLBlockingPage::OnProceed() { | 555 void SSLBlockingPage::OnProceed() { |
| 518 RecordSSLBlockingPageDetailedStats(true, | 556 RecordSSLBlockingPageDetailedStats(true, |
| 519 cert_error_, | 557 cert_error_, |
| 520 overridable_ && !strict_enforcement_, | 558 overridable_ && !strict_enforcement_, |
| 521 internal_, | 559 internal_, |
| 522 num_visits_, | 560 num_visits_, |
| 523 captive_portal_detection_enabled_, | 561 captive_portal_detection_enabled_, |
| 524 captive_portal_probe_completed_, | 562 captive_portal_probe_completed_, |
| 525 captive_portal_no_response_, | 563 captive_portal_no_response_, |
| 526 captive_portal_detected_); | 564 captive_portal_detected_, |
| 565 expired_but_previously_allowed_); | |
| 527 // Accepting the certificate resumes the loading of the page. | 566 // Accepting the certificate resumes the loading of the page. |
| 528 NotifyAllowCertificate(); | 567 NotifyAllowCertificate(); |
| 529 } | 568 } |
| 530 | 569 |
| 531 void SSLBlockingPage::OnDontProceed() { | 570 void SSLBlockingPage::OnDontProceed() { |
| 532 RecordSSLBlockingPageDetailedStats(false, | 571 RecordSSLBlockingPageDetailedStats(false, |
| 533 cert_error_, | 572 cert_error_, |
| 534 overridable_ && !strict_enforcement_, | 573 overridable_ && !strict_enforcement_, |
| 535 internal_, | 574 internal_, |
| 536 num_visits_, | 575 num_visits_, |
| 537 captive_portal_detection_enabled_, | 576 captive_portal_detection_enabled_, |
| 538 captive_portal_probe_completed_, | 577 captive_portal_probe_completed_, |
| 539 captive_portal_no_response_, | 578 captive_portal_no_response_, |
| 540 captive_portal_detected_); | 579 captive_portal_detected_, |
| 580 expired_but_previously_allowed_); | |
| 541 NotifyDenyCertificate(); | 581 NotifyDenyCertificate(); |
| 542 } | 582 } |
| 543 | 583 |
| 544 void SSLBlockingPage::NotifyDenyCertificate() { | 584 void SSLBlockingPage::NotifyDenyCertificate() { |
| 545 // It's possible that callback_ may not exist if the user clicks "Proceed" | 585 // It's possible that callback_ may not exist if the user clicks "Proceed" |
| 546 // followed by pressing the back button before the interstitial is hidden. | 586 // followed by pressing the back button before the interstitial is hidden. |
| 547 // In that case the certificate will still be treated as allowed. | 587 // In that case the certificate will still be treated as allowed. |
| 548 if (callback_.is_null()) | 588 if (callback_.is_null()) |
| 549 return; | 589 return; |
| 550 | 590 |
| (...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 606 // sure we don't clear the captive portal flag, since the interstitial was | 646 // sure we don't clear the captive portal flag, since the interstitial was |
| 607 // potentially caused by the captive portal. | 647 // potentially caused by the captive portal. |
| 608 captive_portal_detected_ = captive_portal_detected_ || | 648 captive_portal_detected_ = captive_portal_detected_ || |
| 609 (results->result == captive_portal::RESULT_BEHIND_CAPTIVE_PORTAL); | 649 (results->result == captive_portal::RESULT_BEHIND_CAPTIVE_PORTAL); |
| 610 // Also keep track of non-HTTP portals and error cases. | 650 // Also keep track of non-HTTP portals and error cases. |
| 611 captive_portal_no_response_ = captive_portal_no_response_ || | 651 captive_portal_no_response_ = captive_portal_no_response_ || |
| 612 (results->result == captive_portal::RESULT_NO_RESPONSE); | 652 (results->result == captive_portal::RESULT_NO_RESPONSE); |
| 613 } | 653 } |
| 614 #endif | 654 #endif |
| 615 } | 655 } |
| OLD | NEW |
