Currently, there is a bug in the way we show the csd phishing interstitial.

chrome/browser/safe_browsing/safe_browsing_service.h

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 //
 // The Safe Browsing service is responsible for downloading anti-phishing and
 // anti-malware tables and checking urls against them.
 
 #ifndef CHROME_BROWSER_SAFE_BROWSING_SAFE_BROWSING_SERVICE_H_
 #define CHROME_BROWSER_SAFE_BROWSING_SAFE_BROWSING_SERVICE_H_
 #pragma once
@@ skipping 165 matching lines @@
 
   // Called on the IO thread to cancel a pending check if the result is no
   // longer needed.
   void CancelCheck(Client* client);
 
   // Called on the IO thread to display an interstitial page.
   // |url| is the url of the resource that matches a safe browsing list.
   // If the request contained a chain of redirects, |url| is the last url
   // in the chain, and |original_url| is the first one (the root of the
   // chain). Otherwise, |original_url| = |url|.
-  virtual void DisplayBlockingPage(const GURL& url,
-                                   const GURL& original_url,
-                                   const std::vector<GURL>& redirect_urls,
-                                   ResourceType::Type resource_type,
-                                   UrlCheckResult result,
-                                   Client* client,
-                                   int render_process_host_id,
-                                   int render_view_id);
+  void DisplayBlockingPage(const GURL& url,
+                           const GURL& original_url,
+                           const std::vector<GURL>& redirect_urls,
+                           ResourceType::Type resource_type,
+                           UrlCheckResult result,
+                           Client* client,
+                           int render_process_host_id,
+                           int render_view_id);
+
+  // Same as above but gets invoked on the UI thread.
+  virtual void DoDisplayBlockingPage(const UnsafeResource& resource);
+
+  // Returns true if we already displayed an interstitial for that resource.
+  // Called on the UI thread.
+  bool IsWhitelisted(const UnsafeResource& resource);
 
   // Called on the IO thread when the SafeBrowsingProtocolManager has received
   // the full hash results for prefix hits detected in the database.
   void HandleGetHashResults(
       SafeBrowsingCheck* check,
       const std::vector<SBFullHashResult>& full_hashes,
       bool can_cache);
 
   // Called on the IO thread.
   void HandleChunk(const std::string& list, SBChunkList* chunks);
@@ skipping 154 matching lines @@
 
   // Internal worker function for processing full hashes.
   void OnHandleGetHashResults(SafeBrowsingCheck* check,
                               const std::vector<SBFullHashResult>& full_hashes);
 
   // Run one check against |full_hashes|.  Returns |true| if the check
   // finds a match in |full_hashes|.
   bool HandleOneCheck(SafeBrowsingCheck* check,
                       const std::vector<SBFullHashResult>& full_hashes);
 
-  // Invoked on the UI thread to show the blocking page.
-  void DoDisplayBlockingPage(const UnsafeResource& resource);
-
   // Call protocol manager on IO thread to report hits of unsafe contents.
   void ReportSafeBrowsingHitOnIOThread(const GURL& malicious_url,
                                        const GURL& page_url,
                                        const GURL& referrer_url,
                                        bool is_subresource,
                                        UrlCheckResult threat_type,
                                        const std::string& post_data);
 
   // Checks the download hash on safe_browsing_thread_.
   void CheckDownloadHashOnSBThread(SafeBrowsingCheck* check);
@@ skipping 16 matching lines @@
   void SafeBrowsingCheckDone(SafeBrowsingCheck* check);
 
   // Helper function to set |check| with default values and start a safe
   // browsing check with timeout of |timeout_ms|. |task| will be called upon
   // success, otherwise TimeoutCallback will be called.
   void StartDownloadCheck(SafeBrowsingCheck* check,
                           Client* client,
                           CancelableTask* task,
                           int64 timeout_ms);
 
+  // Adds the given entry to the whitelist.  Called on the UI thread.
+  void UpdateWhitelist(UnsafeResource resource);
+
   // The factory used to instanciate a SafeBrowsingService object.
   // Useful for tests, so they can provide their own implementation of
   // SafeBrowsingService.
   static SafeBrowsingServiceFactory* factory_;
 
   CurrentChecks checks_;
 
   // Used for issuing only one GetHash request for a given prefix.
   GetHashRequests gethash_requests_;
 
   // The persistent database.  We don't use a scoped_ptr because it
   // needs to be destructed on a different thread than this object.
   SafeBrowsingDatabase* database_;
 
   // Lock used to prevent possible data races due to compiler optimizations.
   mutable base::Lock database_lock_;
 
   // Handles interaction with SafeBrowsing servers.
   SafeBrowsingProtocolManager* protocol_manager_;
 
+  // Only access this whitelist from the UI thread.
   std::vector<WhiteListedEntry> white_listed_entries_;
 
   // Whether the service is running. 'enabled_' is used by SafeBrowsingService
   // on the IO thread during normal operations.
   bool enabled_;
 
   // Indicate if download_protection is enabled by command switch
   // so we allow this feature to be exersized.
   bool enable_download_protection_;
 
@@ skipping 35 matching lines @@
 class SafeBrowsingServiceFactory {
  public:
   SafeBrowsingServiceFactory() { }
   virtual ~SafeBrowsingServiceFactory() { }
   virtual SafeBrowsingService* CreateSafeBrowsingService() = 0;
  private:
   DISALLOW_COPY_AND_ASSIGN(SafeBrowsingServiceFactory);
 };
 
 #endif  // CHROME_BROWSER_SAFE_BROWSING_SAFE_BROWSING_SERVICE_H_