Index: chrome/browser/ssl/ssl_blocking_page.cc |
diff --git a/chrome/browser/ssl/ssl_blocking_page.cc b/chrome/browser/ssl/ssl_blocking_page.cc |
index ecf70291056c8b47e64f534c76b29a09aad97083..f23e187867762305407e57e3ead9ecda8f786f78 100644 |
--- a/chrome/browser/ssl/ssl_blocking_page.cc |
+++ b/chrome/browser/ssl/ssl_blocking_page.cc |
@@ -10,6 +10,7 @@ |
#include "base/i18n/time_formatting.h" |
#include "base/metrics/field_trial.h" |
#include "base/metrics/histogram.h" |
+#include "base/prefs/pref_service.h" |
#include "base/process/launch.h" |
#include "base/strings/string_number_conversions.h" |
#include "base/strings/string_piece.h" |
@@ -25,6 +26,7 @@ |
#include "chrome/browser/ssl/ssl_error_classification.h" |
#include "chrome/browser/ssl/ssl_error_info.h" |
#include "chrome/common/chrome_switches.h" |
+#include "chrome/common/pref_names.h" |
#include "chrome/grit/chromium_strings.h" |
#include "chrome/grit/generated_resources.h" |
#include "components/google/core/browser/google_util.h" |
@@ -43,6 +45,9 @@ |
#include "net/base/hash_value.h" |
#include "net/base/net_errors.h" |
#include "net/base/net_util.h" |
+#include "net/url_request/fraudulent_certificate_reporter.h" |
+#include "net/url_request/url_request_context.h" |
+#include "net/url_request/url_request_context_getter.h" |
#include "ui/base/l10n/l10n_util.h" |
#if defined(OS_WIN) |
@@ -430,6 +435,8 @@ void SSLBlockingPage::PopulateInterstitialStrings( |
std::vector<std::string> encoded_chain; |
ssl_info_.cert->GetPEMEncodedChain(&encoded_chain); |
load_time_data->SetString("pem", JoinString(encoded_chain, std::string())); |
+ |
+ PopulateExtendedReportingOption(load_time_data); |
} |
void SSLBlockingPage::OverrideEntry(NavigationEntry* entry) { |
@@ -462,6 +469,14 @@ void SSLBlockingPage::CommandReceived(const std::string& command) { |
} |
break; |
} |
+ case CMD_DO_REPORT: { |
+ SetReportingPreference(true); |
+ break; |
+ } |
+ case CMD_DONT_REPORT: { |
+ SetReportingPreference(false); |
+ break; |
+ } |
case CMD_MORE: { |
metrics_helper_->RecordUserInteraction( |
SecurityInterstitialMetricsHelper::SHOW_ADVANCED); |
@@ -506,6 +521,11 @@ void SSLBlockingPage::OverrideRendererPrefs( |
void SSLBlockingPage::OnProceed() { |
metrics_helper_->RecordUserDecision( |
SecurityInterstitialMetricsHelper::PROCEED); |
+ |
+ // Finish collection information about invalid certificates, if the |
+ // user opted in to. |
+ FinishCertCollection(); |
+ |
RecordSSLExpirationPageEventState( |
expired_but_previously_allowed_, true, overridable_); |
// Accepting the certificate resumes the loading of the page. |
@@ -515,11 +535,43 @@ void SSLBlockingPage::OnProceed() { |
void SSLBlockingPage::OnDontProceed() { |
metrics_helper_->RecordUserDecision( |
SecurityInterstitialMetricsHelper::DONT_PROCEED); |
+ |
+ // Finish collection information about invalid certificates, if the |
+ // user opted in to. |
+ FinishCertCollection(); |
+ |
RecordSSLExpirationPageEventState( |
expired_but_previously_allowed_, false, overridable_); |
NotifyDenyCertificate(); |
} |
+void SSLBlockingPage::FinishCertCollection() { |
+ // Certificates that would be valid expect for the inaccurate client |
+ // clock are not very interesting. |
+ if (interstitial_reason_ == SSL_REASON_BAD_CLOCK) |
+ return; |
+ |
+ if (!base::CommandLine::ForCurrentProcess()->HasSwitch( |
+ switches::kEnableInvalidCertCollection)) |
+ return; |
+ |
+ const bool enabled = |
+ IsPrefEnabled(prefs::kSafeBrowsingExtendedReportingEnabled); |
+ UMA_HISTOGRAM_BOOLEAN("SB2.ExtendedReportingIsEnabled", enabled); |
+ |
+ if (enabled) { |
+ net::URLRequestContext* request_context = web_contents() |
+ ->GetBrowserContext() |
+ ->GetRequestContext() |
+ ->GetURLRequestContext(); |
+ net::FraudulentCertificateReporter* reporter = |
+ request_context->fraudulent_certificate_reporter(); |
+ reporter->SendReport( |
+ net::FraudulentCertificateReporter::REPORT_TYPE_EXTENDED_REPORTING, |
+ request_url().host(), ssl_info_); |
+ } |
+} |
+ |
void SSLBlockingPage::NotifyDenyCertificate() { |
// It's possible that callback_ may not exist if the user clicks "Proceed" |
// followed by pressing the back button before the interstitial is hidden. |
@@ -567,3 +619,32 @@ bool SSLBlockingPage::IsOptionsOverridable(int options_mask) { |
return (options_mask & SSLBlockingPage::OVERRIDABLE) && |
!(options_mask & SSLBlockingPage::STRICT_ENFORCEMENT); |
} |
+ |
+void SSLBlockingPage::PopulateExtendedReportingOption( |
+ base::DictionaryValue* load_time_data) { |
+ // The checkbox should be shown if the error is not due to a bad |
+ // client clock (such a certificate chain is not very |
+ // interesting). Also hide the checkbox for incognito and if the |
+ // command-line switch is not enabled. |
+ const bool show = interstitial_reason_ != SSL_REASON_BAD_CLOCK && |
+ !web_contents()->GetBrowserContext()->IsOffTheRecord() && |
+ base::CommandLine::ForCurrentProcess()->HasSwitch( |
+ switches::kEnableInvalidCertCollection); |
+ |
+ load_time_data->SetBoolean(interstitials::kDisplayCheckBox, show); |
+ if (!show) |
+ return; |
+ |
+ load_time_data->SetBoolean( |
+ interstitials::kBoxChecked, |
+ IsPrefEnabled(prefs::kSafeBrowsingExtendedReportingEnabled)); |
+ |
+ const std::string privacy_link = base::StringPrintf( |
+ interstitials::kPrivacyLinkHtml, |
+ l10n_util::GetStringUTF8(IDS_SAFE_BROWSING_PRIVACY_POLICY_PAGE).c_str()); |
+ |
+ load_time_data->SetString( |
+ "optInLink", |
+ l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_MALWARE_REPORTING_AGREE, |
felt
2015/02/24 01:57:53
note: in a future CL you should probably rename th
estark
2015/02/24 18:47:09
added to my list
|
+ base::UTF8ToUTF16(privacy_link))); |
+} |