Add histograms to record the severity scores for certain SSL errors.

chrome/browser/ssl/ssl_error_classification.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include <vector>
 
 #include "chrome/browser/ssl/ssl_error_classification.h"
 
 #include "base/build_time.h"
 #include "base/metrics/field_trial.h"
@@ skipping 47 matching lines @@
   CAPTIVE_PORTAL_DETECTION_ENABLED_OVERRIDABLE,
   CAPTIVE_PORTAL_PROBE_COMPLETED,
   CAPTIVE_PORTAL_PROBE_COMPLETED_OVERRIDABLE,
   CAPTIVE_PORTAL_NO_RESPONSE,
   CAPTIVE_PORTAL_NO_RESPONSE_OVERRIDABLE,
   CAPTIVE_PORTAL_DETECTED,
   CAPTIVE_PORTAL_DETECTED_OVERRIDABLE,
   UNUSED_CAPTIVE_PORTAL_EVENT,
 };
 
+void RecordSSLInterstitialSeverityScore(float ssl_severity_score,
+                                        int cert_error) {
+  if (SSLErrorInfo::NetErrorToErrorType(cert_error) ==
+      SSLErrorInfo::CERT_DATE_INVALID) {
+    UMA_HISTOGRAM_COUNTS_100("interstitial.ssl.severity_score.date_invalid",

[Ryan Sleevi, 2014/09/11 20:56:25]

UMA_HISTOGRAM_COUNTS_100 creates 50 buckets for 1-100.

What's the actual range for your severity score? Is there any bound? You
multiply by 100, which makes me think you're trying to get a percentage, but
that's not clear (if so, HISTOGRAM_PERCENTAGE offers an alternative that buckets
0-100)

+                             static_cast<int>(ssl_severity_score * 100));
+  }
+  if (SSLErrorInfo::NetErrorToErrorType(cert_error) ==
+      SSLErrorInfo::CERT_COMMON_NAME_INVALID) {

[Ryan Sleevi, 2014/09/11 20:51:07]

These are mutually exclusive conditions, right? Wouldn't an else if be more
appropriate?

[palmer, 2014/09/11 20:58:30]

Done.

+    UMA_HISTOGRAM_COUNTS_100(
+        "interstitial.ssl.severity_score.common_name_invalid",
+        static_cast<int>(ssl_severity_score * 100));
+  }
+}
+
 // Scores/weights which will be constant through all the SSL error types.
 static const float kServerWeight = 0.5f;
 static const float kClientWeight = 0.5f;
 
 void RecordSSLInterstitialCause(bool overridable, SSLInterstitialCause event) {
   if (overridable) {
     UMA_HISTOGRAM_ENUMERATION("interstitial.ssl.cause.overridable", event,
                               UNUSED_INTERSTITIAL_CAUSE_ENTRY);
   } else {
     UMA_HISTOGRAM_ENUMERATION("interstitial.ssl.cause.nonoverridable", event,
@@ skipping 122 matching lines @@
 
   // Server-side characteristics. Check whether the certificate has expired or
   // is not yet valid. If the certificate has expired then factor the time which
   // has passed since expiry.
   if (cert_.HasExpired()) {
     severity_date_score += kServerWeight * kCertificateExpiredWeight *
         CalculateScoreTimePassedSinceExpiry();
   }
   if (current_time_ < cert_.valid_start())
     severity_date_score += kServerWeight * kNotYetValidWeight;
-  // TODO(felt): Record the severity score in a histogram. This will be
-  // in the next CL - just called the function in ssl_blocking_page.cc.
+
+  RecordSSLInterstitialSeverityScore(severity_date_score, cert_error_);
 }
 
 void SSLErrorClassification::InvalidCommonNameSeverityScore() {
   SSLErrorInfo::ErrorType type =
       SSLErrorInfo::NetErrorToErrorType(cert_error_);
   DCHECK(type == SSLErrorInfo::CERT_COMMON_NAME_INVALID);
   float severity_name_score = 0.0f;
 
   static const float kWWWDifferenceWeight = 0.3f;
   static const float kNameUnderAnyNamesWeight = 0.2f;
@@ skipping 17 matching lines @@
     if (AnyNamesUnderName(dns_name_tokens, host_name_tokens))
       severity_name_score += kServerWeight * kAnyNamesUnderNameWeight;
     if (IsCertLikelyFromMultiTenantHosting())
       severity_name_score += kServerWeight * kLikelyMultiTenantHostingWeight;
   }
 
   static const float kEnvironmentWeight = 0.25f;
 
   severity_name_score += kClientWeight * kEnvironmentWeight *
       CalculateScoreEnvironments();
-  // TODO(felt): Record the severity score in a histogram. Same as above
-  // - this will be in the next CL. So just called the function in the
-  // ssl_blocking_page.cc.
+
+  RecordSSLInterstitialSeverityScore(severity_name_score, cert_error_);
 }
 
 void SSLErrorClassification::RecordUMAStatistics(
     bool overridable) const {
   SSLErrorInfo::ErrorType type =
       SSLErrorInfo::NetErrorToErrorType(cert_error_);
   switch (type) {
     case SSLErrorInfo::CERT_DATE_INVALID: {
       if (IsUserClockInThePast(base::Time::NowFromSystemTime()))
         RecordSSLInterstitialCause(overridable, CLOCK_PAST);
@@ skipping 319 matching lines @@
     // sure we don't clear the captive protal flag, since the interstitial was
     // potentially caused by the captive portal.
     captive_portal_detected_ = captive_portal_detected_ ||
         (results->result == captive_portal::RESULT_BEHIND_CAPTIVE_PORTAL);
     // Also keep track of non-HTTP portals and error cases.
     captive_portal_no_response_ = captive_portal_no_response_ ||
         (results->result == captive_portal::RESULT_NO_RESPONSE);
   }
 #endif
 }