Refactor security interstitials, add SecurityInterstitialPage.

chrome/browser/ssl/ssl_blocking_page.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/ssl/ssl_blocking_page.h"
 
 #include "base/build_time.h"
 #include "base/command_line.h"
 #include "base/i18n/rtl.h"
 #include "base/i18n/time_formatting.h"
@@ skipping 27 matching lines @@
 #include "content/public/browser/render_process_host.h"
 #include "content/public/browser/render_view_host.h"
 #include "content/public/browser/web_contents.h"
 #include "content/public/common/renderer_preferences.h"
 #include "content/public/common/ssl_status.h"
 #include "grit/browser_resources.h"
 #include "net/base/hash_value.h"
 #include "net/base/net_errors.h"
 #include "net/base/net_util.h"
 #include "ui/base/l10n/l10n_util.h"
-#include "ui/base/resource/resource_bundle.h"
-#include "ui/base/webui/jstemplate_builder.h"
-#include "ui/base/webui/web_ui_util.h"
 
 #if defined(ENABLE_EXTENSIONS)
 #include "chrome/browser/extensions/api/experience_sampling_private/experience_sampling.h"
 #endif
 
 #if defined(OS_WIN)
 #include "base/base_paths_win.h"
 #include "base/path_service.h"
 #include "base/strings/string16.h"
 #include "base/win/windows_version.h"
@@ skipping 249 matching lines @@
   if (SSLErrorInfo::NetErrorToErrorType(error) !=
           SSLErrorInfo::CERT_DATE_INVALID) {
     return false;
   }
   return SSLErrorClassification::IsUserClockInThePast(now) ||
       SSLErrorClassification::IsUserClockInTheFuture(now);
 }
 
 }  // namespace
 
+// static
+const void* SSLBlockingPage::kTypeForTesting =
+    &SSLBlockingPage::kTypeForTesting;
+
 // Note that we always create a navigation entry with SSL errors.
 // No error happening loading a sub-resource triggers an interstitial so far.
 SSLBlockingPage::SSLBlockingPage(content::WebContents* web_contents,
                                  int cert_error,
                                  const net::SSLInfo& ssl_info,
                                  const GURL& request_url,
                                  int options_mask,
                                  const base::Callback<void(bool)>& callback)
-    : callback_(callback),
-      web_contents_(web_contents),
+    : SecurityInterstitialPage(web_contents, request_url),
+      callback_(callback),
       cert_error_(cert_error),
       ssl_info_(ssl_info),
-      request_url_(request_url),
       overridable_(options_mask & OVERRIDABLE &&
                    !(options_mask & STRICT_ENFORCEMENT)),
       danger_overridable_(true),
       strict_enforcement_((options_mask & STRICT_ENFORCEMENT) != 0),
-      interstitial_page_(NULL),
       internal_(false),
       num_visits_(-1),
       expired_but_previously_allowed_(
           (options_mask & EXPIRED_BUT_PREVIOUSLY_ALLOWED) != 0) {
   Profile* profile = Profile::FromBrowserContext(
       web_contents->GetBrowserContext());
   // For UMA stats.
   if (SSLErrorClassification::IsHostnameNonUniqueOrDotless(
-          request_url_.HostNoBrackets()))
+          request_url.HostNoBrackets()))
     internal_ = true;
   RecordSSLBlockingPageEventStats(SHOW_ALL);
   if (overridable_) {
     RecordSSLBlockingPageEventStats(SHOW_OVERRIDABLE);
     if (internal_)
       RecordSSLBlockingPageEventStats(SHOW_INTERNAL_HOSTNAME);
     HistoryService* history_service = HistoryServiceFactory::GetForProfile(
         profile, Profile::EXPLICIT_ACCESS);
     if (history_service) {
       history_service->GetVisibleVisitCountToHost(
-          request_url_,
+          request_url,
           base::Bind(&SSLBlockingPage::OnGotHistoryCount,
                      base::Unretained(this)),
           &request_tracker_);
     }
   }
 
   ssl_error_classification_.reset(new SSLErrorClassification(
-      web_contents_,
+      web_contents,
       base::Time::NowFromSystemTime(),
-      request_url_,
+      request_url,
       cert_error_,
       *ssl_info_.cert.get()));
   ssl_error_classification_->RecordUMAStatistics(overridable_);
 
 #if defined(ENABLE_CAPTIVE_PORTAL_DETECTION)
   ssl_error_classification_->RecordCaptivePortalUMAStatistics(overridable_);
 #endif
 
 #if defined(ENABLE_EXTENSIONS)
   // ExperienceSampling: Set up new sampling event for this interstitial.
   std::string event_name(kEventNameBase);
   if (overridable_ && !strict_enforcement_)
     event_name.append(kEventOverridable);
   else
     event_name.append(kEventNotOverridable);
   event_name.append(net::ErrorToString(cert_error_));
   sampling_event_.reset(new ExperienceSamplingEvent(
       event_name,
-      request_url_,
-      web_contents_->GetLastCommittedURL(),
-      web_contents_->GetBrowserContext()));
+      request_url,
+      web_contents->GetLastCommittedURL(),
+      web_contents->GetBrowserContext()));
 #endif
 
   // Creating an interstitial without showing (e.g. from chrome://interstitials)
   // it leaks memory, so don't create it here.
 }
 
+bool SSLBlockingPage::ShouldCreateNewNavigation() const {
+  return true;
+}
+
+const void* SSLBlockingPage::GetTypeForTesting() const {
+  return SSLBlockingPage::kTypeForTesting;
+}
+
 SSLBlockingPage::~SSLBlockingPage() {
   // InvalidCommonNameSeverityScore() and InvalidDateSeverityScore() are in the
   // destructor because they depend on knowing whether captive portal detection
   // happened before the user made a decision.
   SSLErrorInfo::ErrorType type =
       SSLErrorInfo::NetErrorToErrorType(cert_error_);
   switch (type) {
     case SSLErrorInfo::CERT_DATE_INVALID:
       ssl_error_classification_->InvalidDateSeverityScore();
       break;
@@ skipping 12 matching lines @@
                                        overridable_,
                                        internal_,
                                        num_visits_,
                                        expired_but_previously_allowed_);
     // The page is closed without the user having chosen what to do, default to
     // deny.
     NotifyDenyCertificate();
   }
 }
 
-void SSLBlockingPage::Show() {
-  DCHECK(!interstitial_page_);
-  interstitial_page_ = InterstitialPage::Create(
-      web_contents_, true, request_url_, this);
-  interstitial_page_->Show();
-}
-
-std::string SSLBlockingPage::GetHTMLContents() {
-  base::DictionaryValue load_time_data;
-  base::string16 url(ASCIIToUTF16(request_url_.host()));
-  if (base::i18n::IsRTL())
-    base::i18n::WrapStringWithLTRFormatting(&url);
-  webui::SetFontAndTextDirection(&load_time_data);
-
-  load_time_data.SetString("type", "SSL");
+void SSLBlockingPage::PopulateInterstitialStrings(
+    base::DictionaryValue* load_time_data) {
+  CHECK(load_time_data);
+  base::string16 url(GetFormattedHostName());
+  // Shared values for both the overridable and non-overridable versions.
+  load_time_data->SetString("type", "SSL");
 
   // Shared UI configuration for all SSL interstitials.
   base::Time now = base::Time::NowFromSystemTime();
   bool bad_clock = IsErrorDueToBadClock(now, cert_error_);
 
-  load_time_data.SetString("errorCode", net::ErrorToString(cert_error_));
-  load_time_data.SetString(
+  load_time_data->SetString("errorCode", net::ErrorToString(cert_error_));
+  load_time_data->SetString(
       "openDetails",
       l10n_util::GetStringUTF16(IDS_SSL_V2_OPEN_DETAILS_BUTTON));
-  load_time_data.SetString(
+  load_time_data->SetString(
       "closeDetails",
       l10n_util::GetStringUTF16(IDS_SSL_V2_CLOSE_DETAILS_BUTTON));
 
   // Conditional UI configuration.
   if (bad_clock) {
-    load_time_data.SetBoolean("bad_clock", true);
-    load_time_data.SetBoolean("overridable", false);
+    load_time_data->SetBoolean("bad_clock", true);
+    load_time_data->SetBoolean("overridable", false);
 
 #if defined(OS_IOS)
-    load_time_data.SetBoolean("hide_primary_button", true);
+    load_time_data->SetBoolean("hide_primary_button", true);
 #else
-    load_time_data.SetBoolean("hide_primary_button", false);
+    load_time_data->SetBoolean("hide_primary_button", false);
 #endif
 
     // We're showing the SSL clock warning to be helpful, but we haven't warned
     // them about the risks. (And there might still be an SSL error after they
     // fix their clock.) Thus, we don't allow the "danger" override in this
     // case.
     danger_overridable_ = false;
 
     int heading_string = SSLErrorClassification::IsUserClockInTheFuture(now) ?
                               IDS_SSL_V2_CLOCK_AHEAD_HEADING :
                               IDS_SSL_V2_CLOCK_BEHIND_HEADING;
 
-    load_time_data.SetString(
+    load_time_data->SetString(
         "tabTitle",
         l10n_util::GetStringUTF16(IDS_SSL_V2_CLOCK_TITLE));
-    load_time_data.SetString(
+    load_time_data->SetString(
         "heading",
         l10n_util::GetStringUTF16(heading_string));
-    load_time_data.SetString("primaryParagraph",
-                             l10n_util::GetStringFUTF16(
-                                 IDS_SSL_V2_CLOCK_PRIMARY_PARAGRAPH ,
-                                 url,
-                                 base::TimeFormatFriendlyDateAndTime(now)));
+    load_time_data->SetString("primaryParagraph",
+                              l10n_util::GetStringFUTF16(
+                                  IDS_SSL_V2_CLOCK_PRIMARY_PARAGRAPH ,
+                                  url,
+                                  base::TimeFormatFriendlyDateAndTime(now)));
 
-    load_time_data.SetString(
+    load_time_data->SetString(
         "primaryButtonText",
         l10n_util::GetStringUTF16(IDS_SSL_V2_CLOCK_UPDATE_DATE_AND_TIME));
-    load_time_data.SetString(
+    load_time_data->SetString(
         "explanationParagraph",
         l10n_util::GetStringUTF16(IDS_SSL_V2_CLOCK_EXPLANATION));
 
     // The interstitial template expects this string, but we're not using it. So
     // we send a blank string for now.
-    load_time_data.SetString("finalParagraph", std::string());
+    load_time_data->SetString("finalParagraph", std::string());
   } else {
-    load_time_data.SetBoolean("bad_clock", false);
+    load_time_data->SetBoolean("bad_clock", false);
 
-    load_time_data.SetString(
+    load_time_data->SetString(
         "tabTitle", l10n_util::GetStringUTF16(IDS_SSL_V2_TITLE));
-    load_time_data.SetString(
+    load_time_data->SetString(
         "heading", l10n_util::GetStringUTF16(IDS_SSL_V2_HEADING));
-    load_time_data.SetString(
+    load_time_data->SetString(
         "primaryParagraph",
         l10n_util::GetStringFUTF16(IDS_SSL_V2_PRIMARY_PARAGRAPH, url));
 
     if (overridable_) {
-      load_time_data.SetBoolean("overridable", true);
+      load_time_data->SetBoolean("overridable", true);
 
       SSLErrorInfo error_info =
           SSLErrorInfo::CreateError(
               SSLErrorInfo::NetErrorToErrorType(cert_error_),
               ssl_info_.cert.get(),
               request_url_);
-      load_time_data.SetString("explanationParagraph", error_info.details());
-      load_time_data.SetString(
+      load_time_data->SetString("explanationParagraph", error_info.details());
+      load_time_data->SetString(
           "primaryButtonText",
           l10n_util::GetStringUTF16(IDS_SSL_OVERRIDABLE_SAFETY_BUTTON));
-      load_time_data.SetString(
+      load_time_data->SetString(
           "finalParagraph",
           l10n_util::GetStringFUTF16(IDS_SSL_OVERRIDABLE_PROCEED_PARAGRAPH,
                                    url));
     } else {
-      load_time_data.SetBoolean("overridable", false);
+      load_time_data->SetBoolean("overridable", false);
 
       SSLErrorInfo::ErrorType type =
           SSLErrorInfo::NetErrorToErrorType(cert_error_);
       if (type == SSLErrorInfo::CERT_INVALID && SSLErrorClassification::
           MaybeWindowsLacksSHA256Support()) {
-        load_time_data.SetString(
+        load_time_data->SetString(
             "explanationParagraph",
             l10n_util::GetStringFUTF16(
                 IDS_SSL_NONOVERRIDABLE_MORE_INVALID_SP3, url));
       } else {
-        load_time_data.SetString("explanationParagraph",
+        load_time_data->SetString("explanationParagraph",
                                  l10n_util::GetStringFUTF16(
                                      IDS_SSL_NONOVERRIDABLE_MORE, url));
       }
-      load_time_data.SetString(
+      load_time_data->SetString(
           "primaryButtonText",
           l10n_util::GetStringUTF16(IDS_SSL_RELOAD));
       // Customize the help link depending on the specific error type.
       // Only mark as HSTS if none of the more specific error types apply,
       // and use INVALID as a fallback if no other string is appropriate.
-      load_time_data.SetInteger("errorType", type);
+      load_time_data->SetInteger("errorType", type);
       int help_string = IDS_SSL_NONOVERRIDABLE_INVALID;
       switch (type) {
         case SSLErrorInfo::CERT_REVOKED:
           help_string = IDS_SSL_NONOVERRIDABLE_REVOKED;
           break;
         case SSLErrorInfo::CERT_PINNED_KEY_MISSING:
           help_string = IDS_SSL_NONOVERRIDABLE_PINNED;
           break;
         case SSLErrorInfo::CERT_INVALID:
           help_string = IDS_SSL_NONOVERRIDABLE_INVALID;
           break;
         default:
           if (strict_enforcement_)
             help_string = IDS_SSL_NONOVERRIDABLE_HSTS;
       }
-      load_time_data.SetString(
+      load_time_data->SetString(
           "finalParagraph", l10n_util::GetStringFUTF16(help_string, url));
     }
   }
 
   // Set debugging information at the bottom of the warning.
-  load_time_data.SetString(
+  load_time_data->SetString(
       "subject", ssl_info_.cert->subject().GetDisplayName());
-  load_time_data.SetString(
+  load_time_data->SetString(
       "issuer", ssl_info_.cert->issuer().GetDisplayName());
-  load_time_data.SetString(
+  load_time_data->SetString(
       "expirationDate",
       base::TimeFormatShortDate(ssl_info_.cert->valid_expiry()));
-  load_time_data.SetString(
+  load_time_data->SetString(
       "currentDate", base::TimeFormatShortDate(now));
   std::vector<std::string> encoded_chain;
   ssl_info_.cert->GetPEMEncodedChain(&encoded_chain);
-  load_time_data.SetString("pem", JoinString(encoded_chain, std::string()));
-
-  base::StringPiece html(
-     ResourceBundle::GetSharedInstance().GetRawDataResource(
-         IDR_SECURITY_INTERSTITIAL_HTML));
-  return webui::GetI18nTemplateHtml(html, &load_time_data);
+  load_time_data->SetString("pem", JoinString(encoded_chain, std::string()));
 }
 
 void SSLBlockingPage::OverrideEntry(NavigationEntry* entry) {
   int cert_id = content::CertStore::GetInstance()->StoreCert(
-      ssl_info_.cert.get(), web_contents_->GetRenderProcessHost()->GetID());
+      ssl_info_.cert.get(), web_contents()->GetRenderProcessHost()->GetID());
   DCHECK(cert_id);
 
   entry->GetSSL().security_style =
       content::SECURITY_STYLE_AUTHENTICATION_BROKEN;
   entry->GetSSL().cert_id = cert_id;
   entry->GetSSL().cert_status = ssl_info_.cert_status;
   entry->GetSSL().security_bits = ssl_info_.security_bits;
 }
 
 // This handles the commands sent from the interstitial JavaScript. They are
 // defined in chrome/browser/resources/ssl/ssl_errors_common.js.
 // DO NOT reorder or change this logic without also changing the JavaScript!
 void SSLBlockingPage::CommandReceived(const std::string& command) {
   int cmd = 0;
   bool retval = base::StringToInt(command, &cmd);
   DCHECK(retval);
   switch (cmd) {
     case CMD_DONT_PROCEED: {
-      interstitial_page_->DontProceed();
+      interstitial_page()->DontProceed();
       break;
     }
     case CMD_PROCEED: {
       if (danger_overridable_) {
-        interstitial_page_->Proceed();
+        interstitial_page()->Proceed();
       }
       break;
     }
     case CMD_MORE: {
       RecordSSLBlockingPageEventStats(MORE);
 #if defined(ENABLE_EXTENSIONS)
       if (sampling_event_.get())
         sampling_event_->set_has_viewed_details(true);
 #endif
       break;
     }
     case CMD_RELOAD: {
       // The interstitial can't refresh itself.
-      web_contents_->GetController().Reload(true);
+      web_contents()->GetController().Reload(true);
       break;
     }
     case CMD_HELP: {
       content::NavigationController::LoadURLParams help_page_params(
           google_util::AppendGoogleLocaleParam(
               GURL(kHelpURL), g_browser_process->GetApplicationLocale()));
 #if defined(ENABLE_EXTENSIONS)
       if (sampling_event_.get())
         sampling_event_->set_has_viewed_learn_more(true);
 #endif
-      web_contents_->GetController().LoadURLWithParams(help_page_params);
+      web_contents()->GetController().LoadURLWithParams(help_page_params);
       break;
     }
     case CMD_CLOCK: {
       LaunchDateAndTimeSettings();
       break;
     }
     default: {
       NOTREACHED();
     }
   }
 }
 
 void SSLBlockingPage::OverrideRendererPrefs(
       content::RendererPreferences* prefs) {
   Profile* profile = Profile::FromBrowserContext(
-      web_contents_->GetBrowserContext());
+      web_contents()->GetBrowserContext());
   renderer_preferences_util::UpdateFromSystemSettings(
-      prefs, profile, web_contents_);
+      prefs, profile, web_contents());
 }
 
 void SSLBlockingPage::OnProceed() {
   RecordSSLBlockingPageDetailedStats(true,
                                      cert_error_,
                                      overridable_,
                                      internal_,
                                      num_visits_,
                                      expired_but_previously_allowed_);
 #if defined(ENABLE_EXTENSIONS)
@@ skipping 55 matching lines @@
   for (; i < 5; i++) {
     strings->SetString(keys[i], std::string());
   }
 }
 
 void SSLBlockingPage::OnGotHistoryCount(bool success,
                                         int num_visits,
                                         base::Time first_visit) {
   num_visits_ = num_visits;
 }