Index: chrome/browser/ssl/ssl_blocking_page.cc |
diff --git a/chrome/browser/ssl/ssl_blocking_page.cc b/chrome/browser/ssl/ssl_blocking_page.cc |
index ecf70291056c8b47e64f534c76b29a09aad97083..bcd7598a7379a7e62887d5e351b41c9780280d24 100644 |
--- a/chrome/browser/ssl/ssl_blocking_page.cc |
+++ b/chrome/browser/ssl/ssl_blocking_page.cc |
@@ -10,6 +10,7 @@ |
#include "base/i18n/time_formatting.h" |
#include "base/metrics/field_trial.h" |
#include "base/metrics/histogram.h" |
+#include "base/prefs/pref_service.h" |
#include "base/process/launch.h" |
#include "base/strings/string_number_conversions.h" |
#include "base/strings/string_piece.h" |
@@ -25,9 +26,11 @@ |
#include "chrome/browser/ssl/ssl_error_classification.h" |
#include "chrome/browser/ssl/ssl_error_info.h" |
#include "chrome/common/chrome_switches.h" |
+#include "chrome/common/pref_names.h" |
#include "chrome/grit/chromium_strings.h" |
#include "chrome/grit/generated_resources.h" |
#include "components/google/core/browser/google_util.h" |
+#include "content/public/browser/browser_thread.h" |
#include "content/public/browser/cert_store.h" |
#include "content/public/browser/interstitial_page.h" |
#include "content/public/browser/navigation_controller.h" |
@@ -43,6 +46,9 @@ |
#include "net/base/hash_value.h" |
#include "net/base/net_errors.h" |
#include "net/base/net_util.h" |
+#include "net/url_request/fraudulent_certificate_reporter.h" |
+#include "net/url_request/url_request_context.h" |
+#include "net/url_request/url_request_context_getter.h" |
#include "ui/base/l10n/l10n_util.h" |
#if defined(OS_WIN) |
@@ -64,6 +70,7 @@ |
using base::ASCIIToUTF16; |
using base::TimeTicks; |
+using content::BrowserThread; |
using content::InterstitialPage; |
using content::NavigationController; |
using content::NavigationEntry; |
@@ -430,6 +437,8 @@ void SSLBlockingPage::PopulateInterstitialStrings( |
std::vector<std::string> encoded_chain; |
ssl_info_.cert->GetPEMEncodedChain(&encoded_chain); |
load_time_data->SetString("pem", JoinString(encoded_chain, std::string())); |
+ |
+ PopulateExtendedReportingOption(load_time_data); |
} |
void SSLBlockingPage::OverrideEntry(NavigationEntry* entry) { |
@@ -462,6 +471,14 @@ void SSLBlockingPage::CommandReceived(const std::string& command) { |
} |
break; |
} |
+ case CMD_DO_REPORT: { |
+ SetReportingPreference(true); |
+ break; |
+ } |
+ case CMD_DONT_REPORT: { |
+ SetReportingPreference(false); |
+ break; |
+ } |
case CMD_MORE: { |
metrics_helper_->RecordUserInteraction( |
SecurityInterstitialMetricsHelper::SHOW_ADVANCED); |
@@ -506,6 +523,11 @@ void SSLBlockingPage::OverrideRendererPrefs( |
void SSLBlockingPage::OnProceed() { |
metrics_helper_->RecordUserDecision( |
SecurityInterstitialMetricsHelper::PROCEED); |
+ |
+ // Finish collection information about invalid certificates, if the |
+ // user opted in to. |
+ FinishCertCollection(); |
+ |
RecordSSLExpirationPageEventState( |
expired_but_previously_allowed_, true, overridable_); |
// Accepting the certificate resumes the loading of the page. |
@@ -515,11 +537,47 @@ void SSLBlockingPage::OnProceed() { |
void SSLBlockingPage::OnDontProceed() { |
metrics_helper_->RecordUserDecision( |
SecurityInterstitialMetricsHelper::DONT_PROCEED); |
+ |
+ // Finish collection information about invalid certificates, if the |
+ // user opted in to. |
+ FinishCertCollection(); |
+ |
RecordSSLExpirationPageEventState( |
expired_but_previously_allowed_, false, overridable_); |
NotifyDenyCertificate(); |
} |
+void SSLBlockingPage::FinishCertCollectionInternal( |
Ryan Sleevi
2015/02/27 00:46:33
There's no need for this to be a static class memb
estark
2015/02/27 02:49:36
Done.
|
+ scoped_refptr<net::URLRequestContextGetter> request_context_getter, |
+ const std::string& hostname, |
+ const net::SSLInfo& ssl_info) { |
+ net::FraudulentCertificateReporter* reporter = |
+ request_context_getter->GetURLRequestContext() |
+ ->fraudulent_certificate_reporter(); |
+ reporter->SendReport( |
Ryan Sleevi
2015/02/27 00:46:33
API CONTRACT VIOLATION:
The URLRequestContext all
estark
2015/02/27 02:49:36
Done.
|
+ net::FraudulentCertificateReporter::REPORT_TYPE_EXTENDED_REPORTING, |
+ hostname, ssl_info); |
+} |
+ |
+void SSLBlockingPage::FinishCertCollection() { |
+ if (!base::CommandLine::ForCurrentProcess()->HasSwitch( |
+ switches::kEnableInvalidCertCollection)) |
+ return; |
+ |
+ const bool enabled = |
+ IsPrefEnabled(prefs::kSafeBrowsingExtendedReportingEnabled); |
+ UMA_HISTOGRAM_BOOLEAN("SB2.ExtendedReportingIsEnabled", enabled); |
+ |
+ if (enabled) { |
+ scoped_refptr<net::URLRequestContextGetter> request_context_getter = |
+ web_contents()->GetBrowserContext()->GetRequestContext(); |
+ BrowserThread::PostTask( |
+ BrowserThread::IO, FROM_HERE, |
+ base::Bind(&SSLBlockingPage::FinishCertCollectionInternal, |
+ request_context_getter, request_url().host(), ssl_info_)); |
+ } |
+} |
+ |
void SSLBlockingPage::NotifyDenyCertificate() { |
// It's possible that callback_ may not exist if the user clicks "Proceed" |
// followed by pressing the back button before the interstitial is hidden. |
@@ -567,3 +625,29 @@ bool SSLBlockingPage::IsOptionsOverridable(int options_mask) { |
return (options_mask & SSLBlockingPage::OVERRIDABLE) && |
!(options_mask & SSLBlockingPage::STRICT_ENFORCEMENT); |
} |
+ |
+void SSLBlockingPage::PopulateExtendedReportingOption( |
+ base::DictionaryValue* load_time_data) { |
+ // Only show the checkbox if not off-the-record and if the |
+ // command-line option is set. |
+ const bool show = !web_contents()->GetBrowserContext()->IsOffTheRecord() && |
+ base::CommandLine::ForCurrentProcess()->HasSwitch( |
+ switches::kEnableInvalidCertCollection); |
+ |
+ load_time_data->SetBoolean(interstitials::kDisplayCheckBox, show); |
+ if (!show) |
+ return; |
+ |
+ load_time_data->SetBoolean( |
+ interstitials::kBoxChecked, |
+ IsPrefEnabled(prefs::kSafeBrowsingExtendedReportingEnabled)); |
+ |
+ const std::string privacy_link = base::StringPrintf( |
+ interstitials::kPrivacyLinkHtml, |
+ l10n_util::GetStringUTF8(IDS_SAFE_BROWSING_PRIVACY_POLICY_PAGE).c_str()); |
+ |
+ load_time_data->SetString( |
+ "optInLink", |
+ l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_MALWARE_REPORTING_AGREE, |
+ base::UTF8ToUTF16(privacy_link))); |
+} |