Implementation of the full clock interstitial.

chrome/browser/ssl/ssl_blocking_page.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/ssl/ssl_blocking_page.h"
 
 #include "base/build_time.h"
 #include "base/command_line.h"
 #include "base/i18n/rtl.h"
 #include "base/i18n/time_formatting.h"
@@ skipping 222 matching lines @@
       "'com.android.settings/.Settings$DateTimeSettingsActivity'");
 #elif defined(OS_IOS)
   // iOS does not have a way to launch the date and time settings.
   return;
 #elif defined(OS_LINUX)
   struct ClockCommand {
     const char* pathname;
     const char* argument;
   };
   static const ClockCommand kClockCommands[] = {
+    // Unity
+    { "/usr/bin/unity-control-center", "datetime" },
     // GNOME
     //
     // NOTE: On old Ubuntu, naming control panels doesn't work, so it
     // opens the overview. This will have to be good enough.
     { "/usr/bin/gnome-control-center", "datetime" },
     { "/usr/local/bin/gnome-control-center", "datetime" },
     { "/opt/bin/gnome-control-center", "datetime" },
     // KDE
     { "/usr/bin/kcmshell4", "clock" },
     { "/usr/local/bin/kcmshell4", "clock" },
@@ skipping 111 matching lines @@
   else
     event_name.append(kEventNotOverridable);
   event_name.append(net::ErrorToString(cert_error_));
   sampling_event_.reset(new ExperienceSamplingEvent(
       event_name,
       request_url_,
       web_contents_->GetLastCommittedURL(),
       web_contents_->GetBrowserContext()));
 #endif
 
+  // For now, allow interstitials to be "danger" overridable by default.
+  danger_overridable_ = true;

[felt, 2014/10/23 23:19:03]

you should do this in the init block at the top:

danger_overridable_(true)

+
   // Creating an interstitial without showing (e.g. from chrome://interstitials)
   // it leaks memory, so don't create it here.
 }
 
 SSLBlockingPage::~SSLBlockingPage() {
   // InvalidCommonNameSeverityScore() and InvalidDateSeverityScore() are in the
   // destructor because they depend on knowing whether captive portal detection
   // happened before the user made a decision.
   SSLErrorInfo::ErrorType type =
       SSLErrorInfo::NetErrorToErrorType(cert_error_);
@@ skipping 27 matching lines @@
   interstitial_page_->Show();
 }
 
 std::string SSLBlockingPage::GetHTMLContents() {
   base::DictionaryValue load_time_data;
   base::string16 url(ASCIIToUTF16(request_url_.host()));
   if (base::i18n::IsRTL())
     base::i18n::WrapStringWithLTRFormatting(&url);
   webui::SetFontAndTextDirection(&load_time_data);
 
-  // Shared values for both the overridable and non-overridable versions.
   load_time_data.SetString("type", "SSL");
-  load_time_data.SetBoolean("overridable", overridable_);
-  load_time_data.SetString(
-      "tabTitle", l10n_util::GetStringUTF16(IDS_SSL_V2_TITLE));
-  load_time_data.SetString(
-      "heading", l10n_util::GetStringUTF16(IDS_SSL_V2_HEADING));
 
   base::Time now = base::Time::NowFromSystemTime();
   bool bad_clock = IsErrorDueToBadClock(now, cert_error_);
+
+  load_time_data.SetString("errorCode", net::ErrorToString(cert_error_));
+
   if (bad_clock) {
+    load_time_data.SetBoolean("bad_clock", true);
+    load_time_data.SetBoolean("overridable", false);
+
+    // We're showing the SSL clock warning to be helpful, but we haven't
+    // warned them about the risks. (And there might still be an SSL error
+    // after they fix their clock.)
+    // Thus, we don't allow the "danger" override in this case.
+    danger_overridable_ = false;
+
+    int heading_string = SSLErrorClassification::IsUserClockInTheFuture(now) ?
+                              IDS_SSL_V2_CLOCK_AHEAD_HEADING :
+                              IDS_SSL_V2_CLOCK_BEHIND_HEADING;
+
+    load_time_data.SetString(
+        "tabTitle",
+        l10n_util::GetStringUTF16(IDS_SSL_V2_CLOCK_TITLE));
+    load_time_data.SetString(
+        "heading",
+        l10n_util::GetStringUTF16(heading_string));
     load_time_data.SetString("primaryParagraph",
                              l10n_util::GetStringFUTF16(
-                                 IDS_SSL_CLOCK_ERROR,
+                                 IDS_SSL_V2_CLOCK_PRIMARY_PARAGRAPH ,
                                  url,
-                                 base::TimeFormatShortDate(now)));
+                                 base::TimeFormatFriendlyDateAndTime(now)));
+
+    load_time_data.SetString(
+        "primaryButtonText",
+        l10n_util::GetStringUTF16(IDS_SSL_V2_CLOCK_UPDATE_DATE_AND_TIME));
+    load_time_data.SetString(
+       "openDetails",
+       l10n_util::GetStringUTF16(IDS_SSL_RELOAD));
+
+    // The interstitial template expects these strings,
+    // but we're not using them. So we send blank strings for now.

[palmer, 2014/10/24 00:40:48]

Nit: Wrap/format comment paragraphs, throughout (not just this one).

[lgarron, 2014/10/24 08:00:27]

I'd be happy to format my comments properly, but I don't really understand what
you mean by this. :-(

(I try to wrap comments by picking sensible locations for line breaks. cpplint
and the style guide don't seem to give me more guidance about exactly how to do
it.)

+    load_time_data.SetString("explanationParagraph", std::string());
+    load_time_data.SetString("finalParagraph", std::string());
   } else {
+    load_time_data.SetBoolean("bad_clock", false);
+
+    load_time_data.SetString(
+        "tabTitle", l10n_util::GetStringUTF16(IDS_SSL_V2_TITLE));
+    load_time_data.SetString(
+        "heading", l10n_util::GetStringUTF16(IDS_SSL_V2_HEADING));
     load_time_data.SetString(
         "primaryParagraph",
         l10n_util::GetStringFUTF16(IDS_SSL_V2_PRIMARY_PARAGRAPH, url));
-  }
+    load_time_data.SetString(
+       "openDetails",
+       l10n_util::GetStringUTF16(IDS_SSL_V2_OPEN_DETAILS_BUTTON));
+    load_time_data.SetString(
+       "closeDetails",
+       l10n_util::GetStringUTF16(IDS_SSL_V2_CLOSE_DETAILS_BUTTON));
 
-  load_time_data.SetString(
-     "openDetails",
-     l10n_util::GetStringUTF16(IDS_SSL_V2_OPEN_DETAILS_BUTTON));
-  load_time_data.SetString(
-     "closeDetails",
-     l10n_util::GetStringUTF16(IDS_SSL_V2_CLOSE_DETAILS_BUTTON));
-  load_time_data.SetString("errorCode", net::ErrorToString(cert_error_));
+    if (overridable_) {
+      load_time_data.SetBoolean("overridable", true);
 
-  if (overridable_) {
-    SSLErrorInfo error_info =
-        SSLErrorInfo::CreateError(
-            SSLErrorInfo::NetErrorToErrorType(cert_error_),
-            ssl_info_.cert.get(),
-            request_url_);
-    if (bad_clock) {
-      load_time_data.SetString("explanationParagraph",
-                               l10n_util::GetStringFUTF16(
-                                   IDS_SSL_CLOCK_ERROR_EXPLANATION, url));
+      SSLErrorInfo error_info =
+          SSLErrorInfo::CreateError(
+              SSLErrorInfo::NetErrorToErrorType(cert_error_),
+              ssl_info_.cert.get(),
+              request_url_);
+      load_time_data.SetString("explanationParagraph", error_info.details());
+      load_time_data.SetString(
+          "primaryButtonText",
+          l10n_util::GetStringUTF16(IDS_SSL_OVERRIDABLE_SAFETY_BUTTON));
+      load_time_data.SetString(
+          "finalParagraph",
+          l10n_util::GetStringFUTF16(IDS_SSL_OVERRIDABLE_PROCEED_PARAGRAPH,
+                                   url));
     } else {
-      load_time_data.SetString("explanationParagraph", error_info.details());
+      load_time_data.SetBoolean("overridable", false);
+
+      SSLErrorInfo::ErrorType type =
+          SSLErrorInfo::NetErrorToErrorType(cert_error_);
+      if (type == SSLErrorInfo::CERT_INVALID && SSLErrorClassification::
+          MaybeWindowsLacksSHA256Support()) {
+        load_time_data.SetString(
+            "explanationParagraph",
+            l10n_util::GetStringFUTF16(
+                IDS_SSL_NONOVERRIDABLE_MORE_INVALID_SP3, url));
+      } else {
+        load_time_data.SetString("explanationParagraph",
+                                 l10n_util::GetStringFUTF16(
+                                     IDS_SSL_NONOVERRIDABLE_MORE, url));
+      }
+      load_time_data.SetString(
+          "primaryButtonText",
+          l10n_util::GetStringUTF16(IDS_SSL_RELOAD));
+      // Customize the help link depending on the specific error type.
+      // Only mark as HSTS if none of the more specific error types apply,
+      // and use INVALID as a fallback if no other string is appropriate.
+      load_time_data.SetInteger("errorType", type);
+      int help_string = IDS_SSL_NONOVERRIDABLE_INVALID;
+      switch (type) {
+        case SSLErrorInfo::CERT_REVOKED:
+          help_string = IDS_SSL_NONOVERRIDABLE_REVOKED;
+          break;
+        case SSLErrorInfo::CERT_PINNED_KEY_MISSING:
+          help_string = IDS_SSL_NONOVERRIDABLE_PINNED;
+          break;
+        case SSLErrorInfo::CERT_INVALID:
+          help_string = IDS_SSL_NONOVERRIDABLE_INVALID;
+          break;
+        default:
+          if (strict_enforcement_)
+            help_string = IDS_SSL_NONOVERRIDABLE_HSTS;
+      }
+      load_time_data.SetString(
+          "finalParagraph", l10n_util::GetStringFUTF16(help_string, url));
     }
-    load_time_data.SetString(
-        "primaryButtonText",
-        l10n_util::GetStringUTF16(IDS_SSL_OVERRIDABLE_SAFETY_BUTTON));
-    load_time_data.SetString(
-        "finalParagraph",
-        l10n_util::GetStringFUTF16(IDS_SSL_OVERRIDABLE_PROCEED_PARAGRAPH,
-                                   url));
-  } else {
-    SSLErrorInfo::ErrorType type =
-        SSLErrorInfo::NetErrorToErrorType(cert_error_);
-    if (type == SSLErrorInfo::CERT_INVALID && SSLErrorClassification::
-        MaybeWindowsLacksSHA256Support()) {
-      load_time_data.SetString(
-          "explanationParagraph",
-          l10n_util::GetStringFUTF16(
-              IDS_SSL_NONOVERRIDABLE_MORE_INVALID_SP3, url));
-    } else if (bad_clock) {
-      load_time_data.SetString("explanationParagraph",
-                               l10n_util::GetStringFUTF16(
-                                   IDS_SSL_CLOCK_ERROR_EXPLANATION, url));
-    } else {
-      load_time_data.SetString("explanationParagraph",
-                               l10n_util::GetStringFUTF16(
-                                   IDS_SSL_NONOVERRIDABLE_MORE, url));
-    }
-    load_time_data.SetString(
-        "primaryButtonText",
-        l10n_util::GetStringUTF16(IDS_SSL_NONOVERRIDABLE_RELOAD_BUTTON));
-    // Customize the help link depending on the specific error type.
-    // Only mark as HSTS if none of the more specific error types apply, and use
-    // INVALID as a fallback if no other string is appropriate.
-    load_time_data.SetInteger("errorType", type);
-    int help_string = IDS_SSL_NONOVERRIDABLE_INVALID;
-    switch (type) {
-      case SSLErrorInfo::CERT_REVOKED:
-        help_string = IDS_SSL_NONOVERRIDABLE_REVOKED;
-        break;
-      case SSLErrorInfo::CERT_PINNED_KEY_MISSING:
-        help_string = IDS_SSL_NONOVERRIDABLE_PINNED;
-        break;
-      case SSLErrorInfo::CERT_INVALID:
-        help_string = IDS_SSL_NONOVERRIDABLE_INVALID;
-        break;
-      default:
-        if (strict_enforcement_)
-          help_string = IDS_SSL_NONOVERRIDABLE_HSTS;
-    }
-    load_time_data.SetString(
-        "finalParagraph", l10n_util::GetStringFUTF16(help_string, url));
   }
 
   // Set debugging information at the bottom of the warning.
   load_time_data.SetString(
       "subject", ssl_info_.cert->subject().GetDisplayName());
   load_time_data.SetString(
       "issuer", ssl_info_.cert->issuer().GetDisplayName());
   load_time_data.SetString(
       "expirationDate",
       base::TimeFormatShortDate(ssl_info_.cert->valid_expiry()));
@@ skipping 27 matching lines @@
 void SSLBlockingPage::CommandReceived(const std::string& command) {
   int cmd = 0;
   bool retval = base::StringToInt(command, &cmd);
   DCHECK(retval);
   switch (cmd) {
     case CMD_DONT_PROCEED: {
       interstitial_page_->DontProceed();
       break;
     }
     case CMD_PROCEED: {
-      interstitial_page_->Proceed();
+      if (danger_overridable_) {
+        interstitial_page_->Proceed();
+      }
       break;
     }
     case CMD_MORE: {
       RecordSSLBlockingPageEventStats(MORE);
 #if defined(ENABLE_EXTENSIONS)
       if (sampling_event_.get())
         sampling_event_->set_has_viewed_details(true);
 #endif
       break;
     }
@@ skipping 97 matching lines @@
   for (; i < 5; i++) {
     strings->SetString(keys[i], std::string());
   }
 }
 
 void SSLBlockingPage::OnGotHistoryCount(bool success,
                                         int num_visits,
                                         base::Time first_visit) {
   num_visits_ = num_visits;
 }