Add checkbox for reporting invalid TLS/SSL cert chains

chrome/browser/safe_browsing/safe_browsing_blocking_page.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 //
 // Implementation of the SafeBrowsingBlockingPage class.
 
 #include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h"
 
 #include <string>
 
@@ skipping 50 matching lines @@
 const char kSbDiagnosticUrl[] =
     "http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=%s&client=chromium";
 #endif
 
 // URL for malware and phishing, V2.
 const char kLearnMoreMalwareUrlV2[] =
     "https://www.google.com/transparencyreport/safebrowsing/";
 const char kLearnMorePhishingUrlV2[] =
     "https://www.google.com/transparencyreport/safebrowsing/";
 
-const char kPrivacyLinkHtml[] =
-    "<a id=\"privacy-link\" href=\"\" onclick=\"sendCommand(%d); "
-    "return false;\" onmousedown=\"return false;\">%s</a>";
-
 // After a malware interstitial where the user opted-in to the report
 // but clicked "proceed anyway", we delay the call to
 // MalwareDetails::FinishCollection() by this much time (in
 // milliseconds).
 const int64 kMalwareDetailsProceedDelayMilliSeconds = 3000;
 
-// Other constants used to communicate with the JavaScript.
-const char kBoxChecked[] = "boxchecked";
-const char kDisplayCheckBox[] = "displaycheckbox";
-
 // Constants for the Experience Sampling instrumentation.
 const char kEventNameMalware[] = "safebrowsing_interstitial_";
 const char kEventNameHarmful[] = "harmful_interstitial_";
 const char kEventNamePhishing[] = "phishing_interstitial_";
 const char kEventNameOther[] = "safebrowsing_other_interstitial_";
 
 base::LazyInstance<SafeBrowsingBlockingPage::UnsafeResourceMap>
     g_unsafe_resource_map = LAZY_INSTANCE_INITIALIZER;
 
 }  // namespace
@@ skipping 65 matching lines @@
   DCHECK(phishing || malware || harmful);
   if (malware)
     interstitial_reason_ = SB_REASON_MALWARE;
   else if (harmful)
     interstitial_reason_ = SB_REASON_HARMFUL;
   else
     interstitial_reason_ = SB_REASON_PHISHING;
 
   // This must be done after calculating |interstitial_reason_| above.
   // Use same prefix for UMA as for Rappor.
-  metrics_helper_.reset(new SecurityInterstitialMetricsHelper(
+  set_metrics_helper(new SecurityInterstitialMetricsHelper(
       web_contents, request_url(), GetMetricPrefix(), GetMetricPrefix(),
       SecurityInterstitialMetricsHelper::REPORT_RAPPOR,
       GetSamplingEventName()));
-  metrics_helper_->RecordUserDecision(SecurityInterstitialMetricsHelper::SHOW);
-  metrics_helper_->RecordUserInteraction(
+  metrics_helper()->RecordUserDecision(SecurityInterstitialMetricsHelper::SHOW);
+  metrics_helper()->RecordUserInteraction(
       SecurityInterstitialMetricsHelper::TOTAL_VISITS);
   if (IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled)) {
-    metrics_helper_->RecordUserDecision(
+    metrics_helper()->RecordUserDecision(
         SecurityInterstitialMetricsHelper::PROCEEDING_DISABLED);
   }
 
   if (!is_main_frame_load_blocked_) {
     navigation_entry_index_to_remove_ =
         web_contents->GetController().GetLastCommittedEntryIndex();
   } else {
     navigation_entry_index_to_remove_ = -1;
   }
 
@@ skipping 35 matching lines @@
       SetReportingPreference(true);
       break;
     }
     case CMD_DONT_REPORT: {
       // User disabled SB Extended Reporting via the checkbox.
       SetReportingPreference(false);
       break;
     }
     case CMD_OPEN_HELP_CENTER: {
       // User pressed "Learn more".
-      metrics_helper_->RecordUserInteraction(
+      metrics_helper()->RecordUserInteraction(
           SecurityInterstitialMetricsHelper::SHOW_LEARN_MORE);
       GURL learn_more_url(
           interstitial_reason_ == SB_REASON_PHISHING ?
           kLearnMorePhishingUrlV2 : kLearnMoreMalwareUrlV2);
       learn_more_url = google_util::AppendGoogleLocaleParam(
           learn_more_url, g_browser_process->GetApplicationLocale());
       OpenURLParams params(learn_more_url,
                            Referrer(),
                            CURRENT_TAB,
                            ui::PAGE_TRANSITION_LINK,
                            false);
       web_contents()->OpenURL(params);
       break;
     }
     case CMD_OPEN_REPORTING_PRIVACY: {
       // User pressed on the SB Extended Reporting "privacy policy" link.
-      metrics_helper_->RecordUserInteraction(
-          SecurityInterstitialMetricsHelper::SHOW_PRIVACY_POLICY);
-      GURL privacy_url(
-          l10n_util::GetStringUTF8(IDS_SAFE_BROWSING_PRIVACY_POLICY_URL));
-      privacy_url = google_util::AppendGoogleLocaleParam(
-          privacy_url, g_browser_process->GetApplicationLocale());
-      OpenURLParams params(privacy_url,
-                           Referrer(),
-                           CURRENT_TAB,
-                           ui::PAGE_TRANSITION_LINK,
-                           false);
-      web_contents()->OpenURL(params);
+      OpenExtendedReportingPrivacyPolicy();
       break;
     }
     case CMD_PROCEED: {
       // User pressed on the button to proceed.
       if (!IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled)) {
-        metrics_helper_->RecordUserDecision(
+        metrics_helper()->RecordUserDecision(
             SecurityInterstitialMetricsHelper::PROCEED);
         interstitial_page()->Proceed();
         // |this| has been deleted after Proceed() returns.
         break;
       }
       // If the user can't proceed, fall through to CMD_DONT_PROCEED.
     }
     case CMD_DONT_PROCEED: {
       // User pressed on the button to return to safety.
       // Don't record the user action here because there are other ways of
@@ skipping 18 matching lines @@
             std::string());
       }
       break;
     }
     case CMD_OPEN_DIAGNOSTIC: {
       // User wants to see why this page is blocked.
       // TODO(felt): element_index will always be 0. See crbug.com/464732
       size_t element_index = 0;
       const UnsafeResource& unsafe_resource = unsafe_resources_[element_index];
       std::string bad_url_spec = unsafe_resource.url.spec();
-      metrics_helper_->RecordUserInteraction(
+      metrics_helper()->RecordUserInteraction(
           SecurityInterstitialMetricsHelper::SHOW_DIAGNOSTIC);
       std::string diagnostic =
           base::StringPrintf(kSbDiagnosticUrl,
               net::EscapeQueryParamValue(bad_url_spec, true).c_str());
       GURL diagnostic_url(diagnostic);
       diagnostic_url = google_util::AppendGoogleLocaleParam(
           diagnostic_url, g_browser_process->GetApplicationLocale());
       DCHECK(unsafe_resource.threat_type == SB_THREAT_TYPE_URL_MALWARE ||
              unsafe_resource.threat_type ==
                  SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL ||
              unsafe_resource.threat_type == SB_THREAT_TYPE_URL_UNWANTED);
       OpenURLParams params(
           diagnostic_url, Referrer(), CURRENT_TAB, ui::PAGE_TRANSITION_LINK,
           false);
       web_contents()->OpenURL(params);
       break;
     }
     case CMD_SHOW_MORE_SECTION: {
       // User has opened up the hidden text.
-      metrics_helper_->RecordUserInteraction(
+      metrics_helper()->RecordUserInteraction(
           SecurityInterstitialMetricsHelper::SHOW_ADVANCED);
       break;
     }
   }
 }
 
 void SafeBrowsingBlockingPage::OverrideRendererPrefs(
       content::RendererPreferences* prefs) {
   Profile* profile = Profile::FromBrowserContext(
       web_contents()->GetBrowserContext());
   renderer_preferences_util::UpdateFromSystemSettings(
       prefs, profile, web_contents());
 }
 
-void SafeBrowsingBlockingPage::SetReportingPreference(bool report) {
-  Profile* profile = Profile::FromBrowserContext(
-      web_contents()->GetBrowserContext());
-  PrefService* pref = profile->GetPrefs();
-  pref->SetBoolean(prefs::kSafeBrowsingExtendedReportingEnabled, report);
-  UMA_HISTOGRAM_BOOLEAN("SB2.SetExtendedReportingEnabled", report);
-}
-
 void SafeBrowsingBlockingPage::OnProceed() {
   proceeded_ = true;
   // Send the malware details, if we opted to.
   FinishMalwareDetails(malware_details_proceed_delay_ms_);
 
   NotifySafeBrowsingUIManager(ui_manager_, unsafe_resources_, true);
 
   // Check to see if some new notifications of unsafe resources have been
   // received while we were showing the interstitial.
   UnsafeResourceMap* unsafe_resource_map = GetUnsafeResourcesMap();
@@ skipping 23 matching lines @@
   return is_main_frame_load_blocked_;
 }
 
 void SafeBrowsingBlockingPage::OnDontProceed() {
   // We could have already called Proceed(), in which case we must not notify
   // the SafeBrowsingUIManager again, as the client has been deleted.
   if (proceeded_)
     return;
 
   if (!IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled)) {
-    metrics_helper_->RecordUserDecision(
+    metrics_helper()->RecordUserDecision(
         SecurityInterstitialMetricsHelper::DONT_PROCEED);
   }
 
   // Send the malware details, if we opted to.
   FinishMalwareDetails(0);  // No delay
 
   NotifySafeBrowsingUIManager(ui_manager_, unsafe_resources_, false);
 
   // The user does not want to proceed, clear the queued unsafe resources
   // notifications we received while the interstitial was showing.
@@ skipping 20 matching lines @@
   }
 }
 
 void SafeBrowsingBlockingPage::FinishMalwareDetails(int64 delay_ms) {
   if (malware_details_.get() == NULL)
     return;  // Not all interstitials have malware details (eg phishing).
   DCHECK_EQ(interstitial_reason_, SB_REASON_MALWARE);
 
   const bool enabled =
       IsPrefEnabled(prefs::kSafeBrowsingExtendedReportingEnabled);
-  UMA_HISTOGRAM_BOOLEAN("SB2.ExtendedReportingIsEnabled", enabled);
-  if (enabled) {
-    // Finish the malware details collection, send it over.
-    BrowserThread::PostDelayedTask(
-        BrowserThread::IO, FROM_HERE,
-        base::Bind(&MalwareDetails::FinishCollection, malware_details_.get()),
-        base::TimeDelta::FromMilliseconds(delay_ms));
-  }
-}
+  if (!enabled)
+    return;
 
-bool SafeBrowsingBlockingPage::IsPrefEnabled(const char* pref) {
-  Profile* profile =
-      Profile::FromBrowserContext(web_contents()->GetBrowserContext());
-  return profile->GetPrefs()->GetBoolean(pref);
+  metrics_helper()->RecordUserInteraction(
+      SecurityInterstitialMetricsHelper::EXTENDED_REPORTING_IS_ENABLED);
+  // Finish the malware details collection, send it over.
+  BrowserThread::PostDelayedTask(
+      BrowserThread::IO, FROM_HERE,
+      base::Bind(&MalwareDetails::FinishCollection, malware_details_.get()),
+      base::TimeDelta::FromMilliseconds(delay_ms));
 }
 
 // static
 void SafeBrowsingBlockingPage::NotifySafeBrowsingUIManager(
     SafeBrowsingUIManager* ui_manager,
     const UnsafeResourceList& unsafe_resources,
     bool proceed) {
   BrowserThread::PostTask(
       BrowserThread::IO, FROM_HERE,
       base::Bind(&SafeBrowsingUIManager::OnBlockingPageDone,
@@ skipping 123 matching lines @@
     case SB_REASON_PHISHING:
       PopulatePhishingLoadTimeData(load_time_data);
       break;
   }
 }
 
 void SafeBrowsingBlockingPage::PopulateExtendedReportingOption(
     base::DictionaryValue* load_time_data) {
   // Only show checkbox if !(HTTPS || incognito-mode).
   const bool show = CanShowMalwareDetailsOption();
-  load_time_data->SetBoolean(kDisplayCheckBox, show);
+  load_time_data->SetBoolean(interstitials::kDisplayCheckBox, show);
   if (!show)
     return;
 
   const std::string privacy_link = base::StringPrintf(
-      kPrivacyLinkHtml,
-      CMD_OPEN_REPORTING_PRIVACY,
-      l10n_util::GetStringUTF8(
-          IDS_SAFE_BROWSING_PRIVACY_POLICY_PAGE).c_str());
+      interstitials::kPrivacyLinkHtml, CMD_OPEN_REPORTING_PRIVACY,
+      l10n_util::GetStringUTF8(IDS_SAFE_BROWSING_PRIVACY_POLICY_PAGE).c_str());
   load_time_data->SetString(
-      "optInLink",
+      interstitials::kOptInLink,
       l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_MALWARE_REPORTING_AGREE,
                                  base::UTF8ToUTF16(privacy_link)));
   load_time_data->SetBoolean(
-      kBoxChecked,
+      interstitials::kBoxChecked,
       IsPrefEnabled(prefs::kSafeBrowsingExtendedReportingEnabled));
 }
 
 void SafeBrowsingBlockingPage::PopulateMalwareLoadTimeData(
     base::DictionaryValue* load_time_data) {
   load_time_data->SetBoolean("phishing", false);
   load_time_data->SetString(
       "heading", l10n_util::GetStringUTF16(IDS_MALWARE_V3_HEADING));
   load_time_data->SetString(
       "primaryParagraph",
@@ skipping 53 matching lines @@
   load_time_data->SetString(
       "explanationParagraph",
       l10n_util::GetStringFUTF16(IDS_PHISHING_V3_EXPLANATION_PARAGRAPH,
                                  GetFormattedHostName()));
   load_time_data->SetString(
       "finalParagraph",
       l10n_util::GetStringUTF16(IDS_PHISHING_V3_PROCEED_PARAGRAPH));
 
   PopulateExtendedReportingOption(load_time_data);
 }