Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(125)

Side by Side Diff: chrome/browser/safe_browsing/safe_browsing_blocking_page.cc

Issue 10855260: Safe Browsing malware interstitial redesign field trial. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: fix compile warning Created 8 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 // 4 //
5 // Implementation of the SafeBrowsingBlockingPage class. 5 // Implementation of the SafeBrowsingBlockingPage class.
6 6
7 #include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h" 7 #include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h"
8 8
9 #include <string> 9 #include <string>
10 10
11 #include "base/bind.h" 11 #include "base/bind.h"
12 #include "base/i18n/rtl.h" 12 #include "base/i18n/rtl.h"
13 #include "base/lazy_instance.h" 13 #include "base/lazy_instance.h"
14 #include "base/metrics/field_trial.h"
14 #include "base/metrics/histogram.h" 15 #include "base/metrics/histogram.h"
15 #include "base/string_number_conversions.h" 16 #include "base/string_number_conversions.h"
16 #include "base/string_piece.h" 17 #include "base/string_piece.h"
17 #include "base/stringprintf.h" 18 #include "base/stringprintf.h"
18 #include "base/time.h" 19 #include "base/time.h"
19 #include "base/utf_string_conversions.h" 20 #include "base/utf_string_conversions.h"
20 #include "base/values.h" 21 #include "base/values.h"
21 #include "chrome/browser/browser_process.h" 22 #include "chrome/browser/browser_process.h"
22 #include "chrome/browser/google/google_util.h" 23 #include "chrome/browser/google/google_util.h"
23 #include "chrome/browser/prefs/pref_service.h" 24 #include "chrome/browser/prefs/pref_service.h"
24 #include "chrome/browser/profiles/profile.h" 25 #include "chrome/browser/profiles/profile.h"
25 #include "chrome/browser/renderer_preferences_util.h" 26 #include "chrome/browser/renderer_preferences_util.h"
26 #include "chrome/browser/safe_browsing/malware_details.h" 27 #include "chrome/browser/safe_browsing/malware_details.h"
27 #include "chrome/browser/safe_browsing/safe_browsing_service.h" 28 #include "chrome/browser/safe_browsing/safe_browsing_service.h"
28 #include "chrome/browser/tab_contents/tab_util.h" 29 #include "chrome/browser/tab_contents/tab_util.h"
29 #include "chrome/browser/ui/webui/ntp/new_tab_ui.h" 30 #include "chrome/browser/ui/webui/ntp/new_tab_ui.h"
30 #include "chrome/common/jstemplate_builder.h" 31 #include "chrome/common/jstemplate_builder.h"
31 #include "chrome/common/pref_names.h" 32 #include "chrome/common/pref_names.h"
32 #include "chrome/common/url_constants.h" 33 #include "chrome/common/url_constants.h"
33 #include "content/public/browser/browser_thread.h" 34 #include "content/public/browser/browser_thread.h"
34 #include "content/public/browser/interstitial_page.h" 35 #include "content/public/browser/interstitial_page.h"
35 #include "content/public/browser/navigation_controller.h" 36 #include "content/public/browser/navigation_controller.h"
36 #include "content/public/browser/user_metrics.h" 37 #include "content/public/browser/user_metrics.h"
37 #include "content/public/browser/web_contents.h" 38 #include "content/public/browser/web_contents.h"
38 #include "grit/browser_resources.h" 39 #include "grit/browser_resources.h"
40 #include "grit/chromium_strings.h"
39 #include "grit/generated_resources.h" 41 #include "grit/generated_resources.h"
40 #include "grit/locale_settings.h" 42 #include "grit/locale_settings.h"
41 #include "net/base/escape.h" 43 #include "net/base/escape.h"
42 #include "ui/base/l10n/l10n_util.h" 44 #include "ui/base/l10n/l10n_util.h"
43 #include "ui/base/layout.h" 45 #include "ui/base/layout.h"
44 #include "ui/base/resource/resource_bundle.h" 46 #include "ui/base/resource/resource_bundle.h"
45 47
46 using content::BrowserThread; 48 using content::BrowserThread;
47 using content::InterstitialPage; 49 using content::InterstitialPage;
48 using content::OpenURLParams; 50 using content::OpenURLParams;
(...skipping 11 matching lines...) Expand all
60 "http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=%s&clie nt=chromium"; 62 "http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=%s&clie nt=chromium";
61 #endif 63 #endif
62 64
63 static const char* const kSbReportPhishingErrorUrl = 65 static const char* const kSbReportPhishingErrorUrl =
64 "http://www.google.com/safebrowsing/report_error/"; 66 "http://www.google.com/safebrowsing/report_error/";
65 67
66 // URL for the "Learn more" link on the multi threat malware blocking page. 68 // URL for the "Learn more" link on the multi threat malware blocking page.
67 static const char* const kLearnMoreMalwareUrl = 69 static const char* const kLearnMoreMalwareUrl =
68 "https://www.google.com/support/bin/answer.py?answer=45449&topic=360" 70 "https://www.google.com/support/bin/answer.py?answer=45449&topic=360"
69 "&sa=X&oi=malwarewarninglink&resnum=1&ct=help"; 71 "&sa=X&oi=malwarewarninglink&resnum=1&ct=help";
72 static const char* const kLearnMoreMalwareUrlV2 =
73 "https://www.google.com/goodtoknow/online-safety/malware/";
70 74
71 // URL for the "Learn more" link on the phishing blocking page. 75 // URL for the "Learn more" link on the phishing blocking page.
72 static const char* const kLearnMorePhishingUrl = 76 static const char* const kLearnMorePhishingUrl =
73 "https://www.google.com/support/bin/answer.py?answer=106318"; 77 "https://www.google.com/support/bin/answer.py?answer=106318";
74 78
75 // URL for the "Safe Browsing Privacy Policies" link on the blocking page.
76 // Note: this page is not yet localized.
77 static const char* const kSbPrivacyPolicyUrl =
78 "http://www.google.com/intl/en_us/privacy/browsing.html";
79
80 static const char* const kSbDiagnosticHtml = 79 static const char* const kSbDiagnosticHtml =
81 "<a href=\"\" onclick=\"sendCommand('showDiagnostic'); return false;\" " 80 "<a href=\"\" onclick=\"sendCommand('showDiagnostic'); return false;\" "
82 "onmousedown=\"return false;\">%s</a>"; 81 "onmousedown=\"return false;\">%s</a>";
83 82
84 static const char* const kPLinkHtml = 83 static const char* const kPLinkHtml =
85 "<a href=\"\" onclick=\"sendCommand('proceed'); return false;\" " 84 "<a href=\"\" onclick=\"sendCommand('proceed'); return false;\" "
86 "onmousedown=\"return false;\">%s</a>"; 85 "onmousedown=\"return false;\">%s</a>";
87 86
88 static const char* const kPrivacyLinkHtml = 87 static const char* const kPrivacyLinkHtml =
89 "<a href=\"\" onclick=\"sendCommand('showPrivacy'); return false;\" " 88 "<a href=\"\" onclick=\"sendCommand('showPrivacy'); return false;\" "
90 "onmousedown=\"return false;\">%s</a>"; 89 "onmousedown=\"return false;\">%s</a>";
91 90
92 // After a malware interstitial where the user opted-in to the report 91 // After a malware interstitial where the user opted-in to the report
93 // but clicked "proceed anyway", we delay the call to 92 // but clicked "proceed anyway", we delay the call to
94 // MalwareDetails::FinishCollection() by this much time (in 93 // MalwareDetails::FinishCollection() by this much time (in
95 // milliseconds). 94 // milliseconds).
96 static const int64 kMalwareDetailsProceedDelayMilliSeconds = 3000; 95 static const int64 kMalwareDetailsProceedDelayMilliSeconds = 3000;
97 96
98 // The commands returned by the page when the user performs an action. 97 // The commands returned by the page when the user performs an action.
99 static const char* const kShowDiagnosticCommand = "showDiagnostic"; 98 static const char* const kShowDiagnosticCommand = "showDiagnostic";
100 static const char* const kReportErrorCommand = "reportError"; 99 static const char* const kReportErrorCommand = "reportError";
101 static const char* const kLearnMoreCommand = "learnMore"; 100 static const char* const kLearnMoreCommand = "learnMore";
101 static const char* const kLearnMoreCommandV2 = "learnMore2";
102 static const char* const kShowPrivacyCommand = "showPrivacy"; 102 static const char* const kShowPrivacyCommand = "showPrivacy";
103 static const char* const kProceedCommand = "proceed"; 103 static const char* const kProceedCommand = "proceed";
104 static const char* const kTakeMeBackCommand = "takeMeBack"; 104 static const char* const kTakeMeBackCommand = "takeMeBack";
105 static const char* const kDoReportCommand = "doReport"; 105 static const char* const kDoReportCommand = "doReport";
106 static const char* const kDontReportCommand = "dontReport"; 106 static const char* const kDontReportCommand = "dontReport";
107 static const char* const kDisplayCheckBox = "displaycheckbox"; 107 static const char* const kDisplayCheckBox = "displaycheckbox";
108 static const char* const kDisplayShowDiagnostic = "displayShowDiagnostic";
108 static const char* const kBoxChecked = "boxchecked"; 109 static const char* const kBoxChecked = "boxchecked";
110 static const char* const kExpandedSeeMore = "expandedSeeMore";
109 // Special command that we use when the user navigated away from the 111 // Special command that we use when the user navigated away from the
110 // page. E.g., closed the tab or the window. This is only used by 112 // page. E.g., closed the tab or the window. This is only used by
111 // RecordUserReactionTime. 113 // RecordUserReactionTime.
112 static const char* const kNavigatedAwayMetaCommand = "closed"; 114 static const char* const kNavigatedAwayMetaCommand = "closed";
113 115
114 // static 116 // static
115 SafeBrowsingBlockingPageFactory* SafeBrowsingBlockingPage::factory_ = NULL; 117 SafeBrowsingBlockingPageFactory* SafeBrowsingBlockingPage::factory_ = NULL;
116 118
117 static base::LazyInstance<SafeBrowsingBlockingPage::UnsafeResourceMap> 119 static base::LazyInstance<SafeBrowsingBlockingPage::UnsafeResourceMap>
118 g_unsafe_resource_map = LAZY_INSTANCE_INITIALIZER; 120 g_unsafe_resource_map = LAZY_INSTANCE_INITIALIZER;
119 121
120 // The default SafeBrowsingBlockingPageFactory. Global, made a singleton so we 122 // The default SafeBrowsingBlockingPageFactory. Global, made a singleton so we
121 // don't leak it. 123 // don't leak it.
122 class SafeBrowsingBlockingPageFactoryImpl 124 class SafeBrowsingBlockingPageFactoryImpl
123 : public SafeBrowsingBlockingPageFactory { 125 : public SafeBrowsingBlockingPageFactory {
124 public: 126 public:
125 SafeBrowsingBlockingPage* CreateSafeBrowsingPage( 127 SafeBrowsingBlockingPage* CreateSafeBrowsingPage(
126 SafeBrowsingService* service, 128 SafeBrowsingService* service,
127 WebContents* web_contents, 129 WebContents* web_contents,
128 const SafeBrowsingBlockingPage::UnsafeResourceList& unsafe_resources) { 130 const SafeBrowsingBlockingPage::UnsafeResourceList& unsafe_resources) {
129 return new SafeBrowsingBlockingPage(service, web_contents, 131 // Only do the trial if the interstitial is for a single malware resource,
130 unsafe_resources); 132 // the other types of interstitials have not been updated to V2 yet.
133 if (unsafe_resources.size() == 1 &&
134 unsafe_resources[0].threat_type == SafeBrowsingService::URL_MALWARE) {
135 if (base::FieldTrialList::FindFullName("SBInterstitial") == "V2") {
136 DVLOG(1) << "In V2 group.";
137 return new SafeBrowsingBlockingPageV2(service, web_contents,
138 unsafe_resources);
139 }
140 DVLOG(1) << "In V1 group.";
141 }
142 return new SafeBrowsingBlockingPageV1(service, web_contents,
143 unsafe_resources);
131 } 144 }
132 145
133 private: 146 private:
134 friend struct base::DefaultLazyInstanceTraits< 147 friend struct base::DefaultLazyInstanceTraits<
135 SafeBrowsingBlockingPageFactoryImpl>; 148 SafeBrowsingBlockingPageFactoryImpl>;
136 149
137 SafeBrowsingBlockingPageFactoryImpl() { } 150 SafeBrowsingBlockingPageFactoryImpl() { }
138 151
139 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingBlockingPageFactoryImpl); 152 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingBlockingPageFactoryImpl);
140 }; 153 };
141 154
142 static base::LazyInstance<SafeBrowsingBlockingPageFactoryImpl> 155 static base::LazyInstance<SafeBrowsingBlockingPageFactoryImpl>
143 g_safe_browsing_blocking_page_factory_impl = LAZY_INSTANCE_INITIALIZER; 156 g_safe_browsing_blocking_page_factory_impl = LAZY_INSTANCE_INITIALIZER;
144 157
145 SafeBrowsingBlockingPage::SafeBrowsingBlockingPage( 158 SafeBrowsingBlockingPage::SafeBrowsingBlockingPage(
146 SafeBrowsingService* sb_service, 159 SafeBrowsingService* sb_service,
147 WebContents* web_contents, 160 WebContents* web_contents,
148 const UnsafeResourceList& unsafe_resources) 161 const UnsafeResourceList& unsafe_resources)
149 : malware_details_proceed_delay_ms_( 162 : malware_details_proceed_delay_ms_(
150 kMalwareDetailsProceedDelayMilliSeconds), 163 kMalwareDetailsProceedDelayMilliSeconds),
151 sb_service_(sb_service), 164 sb_service_(sb_service),
152 report_loop_(NULL), 165 report_loop_(NULL),
153 is_main_frame_load_blocked_(IsMainPageLoadBlocked(unsafe_resources)), 166 is_main_frame_load_blocked_(IsMainPageLoadBlocked(unsafe_resources)),
154 unsafe_resources_(unsafe_resources), 167 unsafe_resources_(unsafe_resources),
155 proceeded_(false), 168 proceeded_(false),
156 web_contents_(web_contents), 169 web_contents_(web_contents),
157 url_(unsafe_resources[0].url) { 170 url_(unsafe_resources[0].url),
171 has_expanded_see_more_section_(false) {
172 bool malware = false;
173 bool phishing = false;
174 for (UnsafeResourceList::const_iterator iter = unsafe_resources_.begin();
175 iter != unsafe_resources_.end(); ++iter) {
176 const SafeBrowsingService::UnsafeResource& resource = *iter;
177 SafeBrowsingService::UrlCheckResult threat_type = resource.threat_type;
178 if (threat_type == SafeBrowsingService::URL_MALWARE) {
179 malware = true;
180 } else {
181 DCHECK(threat_type == SafeBrowsingService::URL_PHISHING ||
182 threat_type == SafeBrowsingService::CLIENT_SIDE_PHISHING_URL);
183 phishing = true;
184 }
185 }
186 DCHECK(phishing || malware);
187 if (malware && phishing)
188 interstitial_type_ = TYPE_MALWARE_AND_PHISHING;
189 else if (malware)
190 interstitial_type_ = TYPE_MALWARE;
191 else
192 interstitial_type_ = TYPE_PHISHING;
158 RecordUserAction(SHOW); 193 RecordUserAction(SHOW);
159 if (!is_main_frame_load_blocked_) { 194 if (!is_main_frame_load_blocked_) {
160 navigation_entry_index_to_remove_ = 195 navigation_entry_index_to_remove_ =
161 web_contents->GetController().GetLastCommittedEntryIndex(); 196 web_contents->GetController().GetLastCommittedEntryIndex();
162 } else { 197 } else {
163 navigation_entry_index_to_remove_ = -1; 198 navigation_entry_index_to_remove_ = -1;
164 } 199 }
165 200
166 // Start computing malware details. They will be sent only 201 // Start computing malware details. They will be sent only
167 // if the user opts-in on the blocking page later. 202 // if the user opts-in on the blocking page later.
(...skipping 13 matching lines...) Expand all
181 } 216 }
182 217
183 bool SafeBrowsingBlockingPage::CanShowMalwareDetailsOption() { 218 bool SafeBrowsingBlockingPage::CanShowMalwareDetailsOption() {
184 return (!web_contents_->GetBrowserContext()->IsOffTheRecord() && 219 return (!web_contents_->GetBrowserContext()->IsOffTheRecord() &&
185 web_contents_->GetURL().SchemeIs(chrome::kHttpScheme)); 220 web_contents_->GetURL().SchemeIs(chrome::kHttpScheme));
186 } 221 }
187 222
188 SafeBrowsingBlockingPage::~SafeBrowsingBlockingPage() { 223 SafeBrowsingBlockingPage::~SafeBrowsingBlockingPage() {
189 } 224 }
190 225
191 std::string SafeBrowsingBlockingPage::GetHTMLContents() {
192 // Load the HTML page and create the template components.
193 DictionaryValue strings;
194 ResourceBundle& rb = ResourceBundle::GetSharedInstance();
195 std::string html;
196
197 if (unsafe_resources_.empty()) {
198 NOTREACHED();
199 return std::string();
200 }
201
202 if (unsafe_resources_.size() > 1) {
203 PopulateMultipleThreatStringDictionary(&strings);
204 html = rb.GetRawDataResource(
205 IDR_SAFE_BROWSING_MULTIPLE_THREAT_BLOCK,
206 ui::SCALE_FACTOR_NONE).as_string();
207 is_malware_interstitial_ = true;
208 } else {
209 SafeBrowsingService::UrlCheckResult threat_type =
210 unsafe_resources_[0].threat_type;
211 if (threat_type == SafeBrowsingService::URL_MALWARE) {
212 PopulateMalwareStringDictionary(&strings);
213 html = rb.GetRawDataResource(
214 IDR_SAFE_BROWSING_MALWARE_BLOCK,
215 ui::SCALE_FACTOR_NONE).as_string();
216 is_malware_interstitial_ = true;
217 } else { // Phishing.
218 DCHECK(threat_type == SafeBrowsingService::URL_PHISHING ||
219 threat_type == SafeBrowsingService::CLIENT_SIDE_PHISHING_URL);
220 PopulatePhishingStringDictionary(&strings);
221 html = rb.GetRawDataResource(
222 IDR_SAFE_BROWSING_PHISHING_BLOCK,
223 ui::SCALE_FACTOR_NONE).as_string();
224 is_malware_interstitial_ = false;
225 }
226 }
227 interstitial_show_time_ = base::TimeTicks::Now();
228 return jstemplate_builder::GetTemplatesHtml(html, &strings, "template_root");
229 }
230
231 void SafeBrowsingBlockingPage::PopulateStringDictionary(
232 DictionaryValue* strings,
233 const string16& title,
234 const string16& headline,
235 const string16& description1,
236 const string16& description2,
237 const string16& description3) {
238 strings->SetString("title", title);
239 strings->SetString("headLine", headline);
240 strings->SetString("description1", description1);
241 strings->SetString("description2", description2);
242 strings->SetString("description3", description3);
243 strings->SetBoolean("proceedDisabled",
244 IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled));
245 }
246
247 void SafeBrowsingBlockingPage::PopulateMultipleThreatStringDictionary(
248 DictionaryValue* strings) {
249 bool malware = false;
250 bool phishing = false;
251
252 string16 malware_label =
253 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_LABEL);
254 string16 malware_link =
255 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_DIAGNOSTIC_PAGE);
256 string16 phishing_label =
257 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_LABEL);
258 string16 phishing_link =
259 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_REPORT_ERROR);
260
261 ListValue* error_strings = new ListValue;
262 for (UnsafeResourceList::const_iterator iter = unsafe_resources_.begin();
263 iter != unsafe_resources_.end(); ++iter) {
264 const SafeBrowsingService::UnsafeResource& resource = *iter;
265 SafeBrowsingService::UrlCheckResult threat_type = resource.threat_type;
266 DictionaryValue* current_error_strings = new DictionaryValue;
267 if (threat_type == SafeBrowsingService::URL_MALWARE) {
268 malware = true;
269 current_error_strings->SetString("type", "malware");
270 current_error_strings->SetString("typeLabel", malware_label);
271 current_error_strings->SetString("errorLink", malware_link);
272 } else {
273 DCHECK(threat_type == SafeBrowsingService::URL_PHISHING ||
274 threat_type == SafeBrowsingService::CLIENT_SIDE_PHISHING_URL);
275 phishing = true;
276 current_error_strings->SetString("type", "phishing");
277 current_error_strings->SetString("typeLabel", phishing_label);
278 current_error_strings->SetString("errorLink", phishing_link);
279 }
280 current_error_strings->SetString("url", resource.url.spec());
281 error_strings->Append(current_error_strings);
282 }
283 strings->Set("errors", error_strings);
284 DCHECK(phishing || malware);
285
286 if (malware && phishing) {
287 PopulateStringDictionary(
288 strings,
289 // Use the malware headline, it is the scariest one.
290 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MULTI_THREAT_TITLE),
291 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_HEADLINE),
292 l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_MULTI_THREAT_DESCRIPTION1,
293 UTF8ToUTF16(web_contents_->GetURL().host())),
294 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MULTI_THREAT_DESCRIPTION2),
295 string16());
296 } else if (malware) {
297 // Just malware.
298 PopulateStringDictionary(
299 strings,
300 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_TITLE),
301 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_HEADLINE),
302 l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_MULTI_MALWARE_DESCRIPTION1,
303 UTF8ToUTF16(web_contents_->GetURL().host())),
304 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MULTI_MALWARE_DESCRIPTION2),
305 l10n_util::GetStringUTF16(
306 IDS_SAFE_BROWSING_MULTI_MALWARE_DESCRIPTION3));
307 } else {
308 // Just phishing.
309 PopulateStringDictionary(
310 strings,
311 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_TITLE),
312 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_HEADLINE),
313 l10n_util::GetStringFUTF16(
314 IDS_SAFE_BROWSING_MULTI_PHISHING_DESCRIPTION1,
315 UTF8ToUTF16(web_contents_->GetURL().host())),
316 string16(),
317 string16());
318 }
319
320 strings->SetString("confirm_text",
321 l10n_util::GetStringUTF16(
322 IDS_SAFE_BROWSING_MULTI_MALWARE_DESCRIPTION_AGREE));
323 strings->SetString("continue_button",
324 l10n_util::GetStringUTF16(
325 IDS_SAFE_BROWSING_MULTI_MALWARE_PROCEED_BUTTON));
326 strings->SetString("back_button",
327 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_BACK_BUTTON));
328 strings->SetString("textdirection", base::i18n::IsRTL() ? "rtl" : "ltr");
329 }
330
331 void SafeBrowsingBlockingPage::PopulateMalwareStringDictionary(
332 DictionaryValue* strings) {
333 std::string diagnostic_link = base::StringPrintf(kSbDiagnosticHtml,
334 l10n_util::GetStringUTF8(
335 IDS_SAFE_BROWSING_MALWARE_DIAGNOSTIC_PAGE).c_str());
336
337 strings->SetString("badURL", url_.host());
338 // Check to see if we're blocking the main page, or a sub-resource on the
339 // main page.
340 string16 description1, description3, description5;
341 if (is_main_frame_load_blocked_) {
342 description1 = l10n_util::GetStringFUTF16(
343 IDS_SAFE_BROWSING_MALWARE_DESCRIPTION1, UTF8ToUTF16(url_.host()));
344 } else {
345 description1 = l10n_util::GetStringFUTF16(
346 IDS_SAFE_BROWSING_MALWARE_DESCRIPTION4,
347 UTF8ToUTF16(web_contents_->GetURL().host()),
348 UTF8ToUTF16(url_.host()));
349 }
350
351 std::string proceed_link = base::StringPrintf(kPLinkHtml,
352 l10n_util::GetStringUTF8(IDS_SAFE_BROWSING_MALWARE_PROCEED_LINK).c_str());
353 description3 =
354 l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_MALWARE_DESCRIPTION3,
355 UTF8ToUTF16(proceed_link));
356
357 PopulateStringDictionary(
358 strings,
359 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_TITLE),
360 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_HEADLINE),
361 description1,
362 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_DESCRIPTION2),
363 description3);
364
365 description5 =
366 l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_MALWARE_DESCRIPTION5,
367 UTF8ToUTF16(url_.host()),
368 UTF8ToUTF16(url_.host()),
369 UTF8ToUTF16(diagnostic_link));
370
371 strings->SetString("description5", description5);
372
373 strings->SetString("back_button",
374 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_BACK_BUTTON));
375 strings->SetString("proceed_link",
376 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_PROCEED_LINK));
377 strings->SetString("textdirection", base::i18n::IsRTL() ? "rtl" : "ltr");
378
379 if (!CanShowMalwareDetailsOption()) {
380 strings->SetBoolean(kDisplayCheckBox, false);
381 } else {
382 // Show the checkbox for sending malware details.
383 strings->SetBoolean(kDisplayCheckBox, true);
384
385 std::string privacy_link = base::StringPrintf(
386 kPrivacyLinkHtml,
387 l10n_util::GetStringUTF8(
388 IDS_SAFE_BROWSING_PRIVACY_POLICY_PAGE).c_str());
389
390 strings->SetString("confirm_text",
391 l10n_util::GetStringFUTF16(
392 IDS_SAFE_BROWSING_MALWARE_REPORTING_AGREE,
393 UTF8ToUTF16(privacy_link)));
394 if (IsPrefEnabled(prefs::kSafeBrowsingReportingEnabled))
395 strings->SetString(kBoxChecked, "yes");
396 else
397 strings->SetString(kBoxChecked, "");
398 }
399 }
400
401 void SafeBrowsingBlockingPage::PopulatePhishingStringDictionary(
402 DictionaryValue* strings) {
403 std::string proceed_link = base::StringPrintf(
404 kPLinkHtml,
405 l10n_util::GetStringUTF8(
406 IDS_SAFE_BROWSING_PHISHING_PROCEED_LINK).c_str());
407 string16 description3 = l10n_util::GetStringFUTF16(
408 IDS_SAFE_BROWSING_PHISHING_DESCRIPTION3,
409 UTF8ToUTF16(proceed_link));
410
411 PopulateStringDictionary(
412 strings,
413 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_TITLE),
414 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_HEADLINE),
415 l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_PHISHING_DESCRIPTION1,
416 UTF8ToUTF16(url_.host())),
417 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_DESCRIPTION2),
418 description3);
419
420 strings->SetString("back_button",
421 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_BACK_BUTTON));
422 strings->SetString("report_error",
423 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_REPORT_ERROR));
424 strings->SetString("textdirection", base::i18n::IsRTL() ? "rtl" : "ltr");
425 }
426
427 void SafeBrowsingBlockingPage::CommandReceived(const std::string& cmd) { 226 void SafeBrowsingBlockingPage::CommandReceived(const std::string& cmd) {
428 std::string command(cmd); // Make a local copy so we can modify it. 227 std::string command(cmd); // Make a local copy so we can modify it.
429 // The Jasonified response has quotes, remove them. 228 // The Jasonified response has quotes, remove them.
430 if (command.length() > 1 && command[0] == '"') { 229 if (command.length() > 1 && command[0] == '"') {
431 command = command.substr(1, command.length() - 2); 230 command = command.substr(1, command.length() - 2);
432 } 231 }
433 RecordUserReactionTime(command); 232 RecordUserReactionTime(command);
434 if (command == kDoReportCommand) { 233 if (command == kDoReportCommand) {
435 SetReportingPreference(true); 234 SetReportingPreference(true);
436 return; 235 return;
(...skipping 17 matching lines...) Expand all
454 } else { 253 } else {
455 NOTREACHED(); 254 NOTREACHED();
456 } 255 }
457 256
458 OpenURLParams params( 257 OpenURLParams params(
459 url, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_LINK, false); 258 url, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_LINK, false);
460 web_contents_->OpenURL(params); 259 web_contents_->OpenURL(params);
461 return; 260 return;
462 } 261 }
463 262
263 if (command == kLearnMoreCommandV2) {
264 // User pressed "Learn more".
265 GURL url;
266 SafeBrowsingService::UrlCheckResult threat_type =
267 unsafe_resources_[0].threat_type;
268 if (threat_type == SafeBrowsingService::URL_MALWARE) {
269 url = google_util::AppendGoogleLocaleParam(GURL(kLearnMoreMalwareUrlV2));
270 } else {
271 NOTREACHED();
272 }
273
274 OpenURLParams params(
275 url, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_LINK, false);
276 web_contents_->OpenURL(params);
277 return;
278 }
279
464 if (command == kShowPrivacyCommand) { 280 if (command == kShowPrivacyCommand) {
465 // User pressed "Safe Browsing privacy policy". 281 // User pressed "Safe Browsing privacy policy".
466 GURL url(kSbPrivacyPolicyUrl); 282 GURL url(l10n_util::GetStringUTF8(IDS_SAFE_BROWSING_PRIVACY_POLICY_URL));
467 OpenURLParams params( 283 OpenURLParams params(
468 url, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_LINK, false); 284 url, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_LINK, false);
469 web_contents_->OpenURL(params); 285 web_contents_->OpenURL(params);
470 return; 286 return;
471 } 287 }
472 288
473 bool proceed_blocked = false; 289 bool proceed_blocked = false;
474 if (command == kProceedCommand) { 290 if (command == kProceedCommand) {
475 if (IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled)) { 291 if (IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled)) {
476 proceed_blocked = true; 292 proceed_blocked = true;
(...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after
553 diagnostic_url = google_util::AppendGoogleLocaleParam(diagnostic_url); 369 diagnostic_url = google_util::AppendGoogleLocaleParam(diagnostic_url);
554 DCHECK(unsafe_resources_[element_index].threat_type == 370 DCHECK(unsafe_resources_[element_index].threat_type ==
555 SafeBrowsingService::URL_MALWARE); 371 SafeBrowsingService::URL_MALWARE);
556 OpenURLParams params( 372 OpenURLParams params(
557 diagnostic_url, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_LINK, 373 diagnostic_url, Referrer(), CURRENT_TAB, content::PAGE_TRANSITION_LINK,
558 false); 374 false);
559 web_contents_->OpenURL(params); 375 web_contents_->OpenURL(params);
560 return; 376 return;
561 } 377 }
562 378
379 if (command == kExpandedSeeMore) {
380 // User expanded the "see more info" section of the page. We don't actually
381 // do any action based on this, it's just so that RecordUserReactionTime can
382 // track it.
383 return;
384 }
385
563 NOTREACHED() << "Unexpected command: " << command; 386 NOTREACHED() << "Unexpected command: " << command;
564 } 387 }
565 388
566 void SafeBrowsingBlockingPage::OverrideRendererPrefs( 389 void SafeBrowsingBlockingPage::OverrideRendererPrefs(
567 content::RendererPreferences* prefs) { 390 content::RendererPreferences* prefs) {
568 Profile* profile = Profile::FromBrowserContext( 391 Profile* profile = Profile::FromBrowserContext(
569 web_contents_->GetBrowserContext()); 392 web_contents_->GetBrowserContext());
570 renderer_preferences_util::UpdateFromSystemSettings(prefs, profile); 393 renderer_preferences_util::UpdateFromSystemSettings(prefs, profile);
571 } 394 }
572 395
(...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after
637 if (navigation_entry_index_to_remove_ != -1 && 460 if (navigation_entry_index_to_remove_ != -1 &&
638 navigation_entry_index_to_remove_ != last_committed_index && 461 navigation_entry_index_to_remove_ != last_committed_index &&
639 !web_contents_->IsBeingDestroyed()) { 462 !web_contents_->IsBeingDestroyed()) {
640 web_contents_->GetController().RemoveEntryAtIndex( 463 web_contents_->GetController().RemoveEntryAtIndex(
641 navigation_entry_index_to_remove_); 464 navigation_entry_index_to_remove_);
642 navigation_entry_index_to_remove_ = -1; 465 navigation_entry_index_to_remove_ = -1;
643 } 466 }
644 } 467 }
645 468
646 void SafeBrowsingBlockingPage::RecordUserAction(BlockingPageEvent event) { 469 void SafeBrowsingBlockingPage::RecordUserAction(BlockingPageEvent event) {
647 // Determine the interstitial type from the blocked resources. 470 // This enum is used for a histogram. Don't reorder, delete, or insert
648 // This is the same logic that is used to actually construct the 471 // elements. New elements should be added before MAX_ACTION only.
649 // page contents; we can look at the title to see which type of 472 enum {
650 // interstitial is being displayed. 473 MALWARE_SHOW = 0,
651 DictionaryValue strings; 474 MALWARE_DONT_PROCEED,
652 PopulateMultipleThreatStringDictionary(&strings); 475 MALWARE_FORCED_DONT_PROCEED,
476 MALWARE_PROCEED,
477 MULTIPLE_SHOW,
478 MULTIPLE_DONT_PROCEED,
479 MULTIPLE_FORCED_DONT_PROCEED,
480 MULTIPLE_PROCEED,
481 PHISHING_SHOW,
482 PHISHING_DONT_PROCEED,
483 PHISHING_FORCED_DONT_PROCEED,
484 PHISHING_PROCEED,
485 MAX_ACTION
486 } histogram_action = MAX_ACTION;
653 487
654 string16 title; 488 switch (event) {
655 bool success = strings.GetString("title", &title); 489 case SHOW:
656 DCHECK(success); 490 switch (interstitial_type_) {
491 case TYPE_MALWARE_AND_PHISHING:
492 histogram_action = MULTIPLE_SHOW;
493 break;
494 case TYPE_MALWARE:
495 histogram_action = MALWARE_SHOW;
496 break;
497 case TYPE_PHISHING:
498 histogram_action = PHISHING_SHOW;
499 break;
500 }
501 break;
502 case PROCEED:
503 switch (interstitial_type_) {
504 case TYPE_MALWARE_AND_PHISHING:
505 histogram_action = MULTIPLE_PROCEED;
506 break;
507 case TYPE_MALWARE:
508 histogram_action = MALWARE_PROCEED;
509 break;
510 case TYPE_PHISHING:
511 histogram_action = PHISHING_PROCEED;
512 break;
513 }
514 break;
515 case DONT_PROCEED:
516 if (IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled)) {
517 switch (interstitial_type_) {
518 case TYPE_MALWARE_AND_PHISHING:
519 histogram_action = MULTIPLE_FORCED_DONT_PROCEED;
520 break;
521 case TYPE_MALWARE:
522 histogram_action = MALWARE_FORCED_DONT_PROCEED;
523 break;
524 case TYPE_PHISHING:
525 histogram_action = PHISHING_FORCED_DONT_PROCEED;
526 break;
527 }
528 } else {
529 switch (interstitial_type_) {
530 case TYPE_MALWARE_AND_PHISHING:
531 histogram_action = MULTIPLE_DONT_PROCEED;
532 break;
533 case TYPE_MALWARE:
534 histogram_action = MALWARE_DONT_PROCEED;
535 break;
536 case TYPE_PHISHING:
537 histogram_action = PHISHING_DONT_PROCEED;
538 break;
539 }
540 }
541 break;
542 default:
543 NOTREACHED() << "Unexpected event: " << event;
544 }
545 if (histogram_action == MAX_ACTION) {
546 NOTREACHED();
547 } else {
548 UMA_HISTOGRAM_ENUMERATION("SB2.InterstitialAction", histogram_action,
549 MAX_ACTION);
550 UMA_HISTOGRAM_ENUMERATION(
551 base::FieldTrial::MakeName("SB2.InterstitialAction", "SBInterstitial"),
552 histogram_action,
553 MAX_ACTION);
554 }
657 555
556 // TODO(mattm): now that we've added the histogram above, should we remove
557 // this old user metric at some future point?
658 std::string action = "SBInterstitial"; 558 std::string action = "SBInterstitial";
659 if (title == 559 switch (interstitial_type_) {
660 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MULTI_THREAT_TITLE)) { 560 case TYPE_MALWARE_AND_PHISHING:
661 action.append("Multiple"); 561 action.append("Multiple");
662 } else if (title == 562 break;
663 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_TITLE)) { 563 case TYPE_MALWARE:
664 action.append("Malware"); 564 action.append("Malware");
665 } else { 565 break;
666 DCHECK_EQ(title, 566 case TYPE_PHISHING:
667 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_TITLE)); 567 action.append("Phishing");
668 action.append("Phishing"); 568 break;
669 } 569 }
670 570
671 switch (event) { 571 switch (event) {
672 case SHOW: 572 case SHOW:
673 action.append("Show"); 573 action.append("Show");
674 break; 574 break;
675 case PROCEED: 575 case PROCEED:
676 action.append("Proceed"); 576 action.append("Proceed");
677 break; 577 break;
678 case DONT_PROCEED: 578 case DONT_PROCEED:
679 if (IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled)) 579 if (IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled))
680 action.append("ForcedDontProceed"); 580 action.append("ForcedDontProceed");
681 else 581 else
682 action.append("DontProceed"); 582 action.append("DontProceed");
683 break; 583 break;
684 default: 584 default:
685 NOTREACHED() << "Unexpected event: " << event; 585 NOTREACHED() << "Unexpected event: " << event;
686 } 586 }
687 587
588 std::string field_trial_action;
589 if (base::FieldTrialList::FindFullName("SBInterstitial") == "V2")
590 field_trial_action = action + "_V2";
591 else
592 field_trial_action = action + "_V1";
593
688 content::RecordComputedAction(action); 594 content::RecordComputedAction(action);
595 content::RecordComputedAction(field_trial_action);
689 } 596 }
690 597
691 void SafeBrowsingBlockingPage::RecordUserReactionTime( 598 void SafeBrowsingBlockingPage::RecordUserReactionTime(
692 const std::string& command) { 599 const std::string& command) {
693 if (interstitial_show_time_.is_null()) 600 if (interstitial_show_time_.is_null())
694 return; // We already reported the user reaction time. 601 return; // We already reported the user reaction time.
695 base::TimeDelta dt = base::TimeTicks::Now() - interstitial_show_time_; 602 base::TimeDelta dt = base::TimeTicks::Now() - interstitial_show_time_;
696 DVLOG(1) << "User reaction time for command:" << command 603 DVLOG(1) << "User reaction time for command:" << command
697 << " on is_malware:" << is_malware_interstitial_ 604 << " on interstitial_type_:" << interstitial_type_
698 << " warning took " << dt.InMilliseconds() << "ms"; 605 << " warning took " << dt.InMilliseconds() << "ms";
699 bool recorded = true; 606 bool recorded = true;
700 if (is_malware_interstitial_) { 607 if (interstitial_type_ == TYPE_MALWARE ||
608 interstitial_type_ == TYPE_MALWARE_AND_PHISHING) {
701 // There are six ways in which the malware interstitial can go 609 // There are six ways in which the malware interstitial can go
702 // away. We handle all of them here but we group two together: closing the 610 // away. We handle all of them here but we group two together: closing the
703 // tag / browser window and clicking on the back button in the browser (not 611 // tag / browser window and clicking on the back button in the browser (not
704 // the big green button) are considered the same action. 612 // the big green button) are considered the same action.
705 if (command == kProceedCommand) { 613 if (command == kProceedCommand) {
706 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimeProceed", dt); 614 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimeProceed", dt);
615 UMA_HISTOGRAM_MEDIUM_TIMES(base::FieldTrial::MakeName(
616 "SB2.MalwareInterstitialTimeProceed", "SBInterstitial"), dt);
707 } else if (command == kTakeMeBackCommand) { 617 } else if (command == kTakeMeBackCommand) {
708 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimeTakeMeBack", dt); 618 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimeTakeMeBack", dt);
619 UMA_HISTOGRAM_MEDIUM_TIMES(base::FieldTrial::MakeName(
620 "SB2.MalwareInterstitialTimeTakeMeBack", "SBInterstitial"), dt);
709 } else if (command == kShowDiagnosticCommand) { 621 } else if (command == kShowDiagnosticCommand) {
710 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimeDiagnostic", dt); 622 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimeDiagnostic", dt);
623 UMA_HISTOGRAM_MEDIUM_TIMES(base::FieldTrial::MakeName(
624 "SB2.MalwareInterstitialTimeDiagnostic", "SBInterstitial"), dt);
711 } else if (command == kShowPrivacyCommand) { 625 } else if (command == kShowPrivacyCommand) {
712 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimePrivacyPolicy", 626 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimePrivacyPolicy",
713 dt); 627 dt);
628 UMA_HISTOGRAM_MEDIUM_TIMES(base::FieldTrial::MakeName(
629 "SB2.MalwareInterstitialTimePrivacyPolicy", "SBInterstitial"), dt);
630 } else if (command == kLearnMoreCommand || command == kLearnMoreCommandV2) {
631 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialLearnMore",
632 dt);
633 UMA_HISTOGRAM_MEDIUM_TIMES(base::FieldTrial::MakeName(
634 "SB2.MalwareInterstitialLearnMore", "SBInterstitial"), dt);
714 } else if (command == kNavigatedAwayMetaCommand) { 635 } else if (command == kNavigatedAwayMetaCommand) {
715 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimeClosed", dt); 636 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimeClosed", dt);
637 UMA_HISTOGRAM_MEDIUM_TIMES(base::FieldTrial::MakeName(
638 "SB2.MalwareInterstitialTimeClosed", "SBInterstitial"), dt);
639 } else if (command == kExpandedSeeMore) {
640 // Only record the expanded histogram once per display of the
641 // interstitial.
642 if (has_expanded_see_more_section_)
643 return;
644 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.MalwareInterstitialTimeExpandedSeeMore",
645 dt);
646 has_expanded_see_more_section_ = true;
647 // Expanding the "See More" section doesn't finish the interstitial, so
648 // don't mark the reaction time as recorded.
649 recorded = false;
716 } else { 650 } else {
717 recorded = false; 651 recorded = false;
718 } 652 }
719 } else { 653 } else {
720 // Same as above but for phishing warnings. 654 // Same as above but for phishing warnings.
721 if (command == kProceedCommand) { 655 if (command == kProceedCommand) {
722 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.PhishingInterstitialTimeProceed", dt); 656 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.PhishingInterstitialTimeProceed", dt);
723 } else if (command == kTakeMeBackCommand) { 657 } else if (command == kTakeMeBackCommand) {
724 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.PhishingInterstitialTimeTakeMeBack", dt); 658 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.PhishingInterstitialTimeTakeMeBack", dt);
725 } else if (command == kShowDiagnosticCommand) { 659 } else if (command == kShowDiagnosticCommand) {
726 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.PhishingInterstitialTimeReportError", dt); 660 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.PhishingInterstitialTimeReportError", dt);
727 } else if (command == kShowPrivacyCommand) { 661 } else if (command == kLearnMoreCommand || command == kLearnMoreCommandV2) {
728 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.PhishingInterstitialTimeLearnMore", dt); 662 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.PhishingInterstitialTimeLearnMore", dt);
729 } else if (command == kNavigatedAwayMetaCommand) { 663 } else if (command == kNavigatedAwayMetaCommand) {
730 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.PhishingInterstitialTimeClosed", dt); 664 UMA_HISTOGRAM_MEDIUM_TIMES("SB2.PhishingInterstitialTimeClosed", dt);
665 } else if (command == kExpandedSeeMore) {
666 // TODO(mattm): Add histogram for this when we implement V2 of the
667 // phishing interstitial.
668 NOTREACHED();
669 recorded = false;
731 } else { 670 } else {
732 recorded = false; 671 recorded = false;
733 } 672 }
734 } 673 }
735 if (recorded) // Making sure we don't double-count reaction times. 674 if (recorded) // Making sure we don't double-count reaction times.
736 interstitial_show_time_ = base::TimeTicks(); // Resets the show time. 675 interstitial_show_time_ = base::TimeTicks(); // Resets the show time.
737 } 676 }
738 677
739 void SafeBrowsingBlockingPage::FinishMalwareDetails(int64 delay_ms) { 678 void SafeBrowsingBlockingPage::FinishMalwareDetails(int64 delay_ms) {
740 if (malware_details_ == NULL) 679 if (malware_details_ == NULL)
(...skipping 28 matching lines...) Expand all
769 // static 708 // static
770 SafeBrowsingBlockingPage::UnsafeResourceMap* 709 SafeBrowsingBlockingPage::UnsafeResourceMap*
771 SafeBrowsingBlockingPage::GetUnsafeResourcesMap() { 710 SafeBrowsingBlockingPage::GetUnsafeResourcesMap() {
772 return g_unsafe_resource_map.Pointer(); 711 return g_unsafe_resource_map.Pointer();
773 } 712 }
774 713
775 // static 714 // static
776 void SafeBrowsingBlockingPage::ShowBlockingPage( 715 void SafeBrowsingBlockingPage::ShowBlockingPage(
777 SafeBrowsingService* sb_service, 716 SafeBrowsingService* sb_service,
778 const SafeBrowsingService::UnsafeResource& unsafe_resource) { 717 const SafeBrowsingService::UnsafeResource& unsafe_resource) {
718 DVLOG(1) << __FUNCTION__ << " " << unsafe_resource.url.spec();
779 WebContents* web_contents = tab_util::GetWebContentsByID( 719 WebContents* web_contents = tab_util::GetWebContentsByID(
780 unsafe_resource.render_process_host_id, unsafe_resource.render_view_id); 720 unsafe_resource.render_process_host_id, unsafe_resource.render_view_id);
781 721
782 InterstitialPage* interstitial = 722 InterstitialPage* interstitial =
783 InterstitialPage::GetInterstitialPage(web_contents); 723 InterstitialPage::GetInterstitialPage(web_contents);
784 if (interstitial && !unsafe_resource.is_subresource) { 724 if (interstitial && !unsafe_resource.is_subresource) {
785 // There is already an interstitial showing and we are about to display a 725 // There is already an interstitial showing and we are about to display a
786 // new one for the main frame. Just hide the current one, it is now 726 // new one for the main frame. Just hide the current one, it is now
787 // irrelevent 727 // irrelevent
788 interstitial->DontProceed(); 728 interstitial->DontProceed();
(...skipping 26 matching lines...) Expand all
815 // Client-side phishing detection interstitials never block the main frame 755 // Client-side phishing detection interstitials never block the main frame
816 // load, since they happen after the page is finished loading. 756 // load, since they happen after the page is finished loading.
817 if (unsafe_resources[0].threat_type == 757 if (unsafe_resources[0].threat_type ==
818 SafeBrowsingService::CLIENT_SIDE_PHISHING_URL) { 758 SafeBrowsingService::CLIENT_SIDE_PHISHING_URL) {
819 return false; 759 return false;
820 } 760 }
821 761
822 // Otherwise, check the threat type. 762 // Otherwise, check the threat type.
823 return unsafe_resources.size() == 1 && !unsafe_resources[0].is_subresource; 763 return unsafe_resources.size() == 1 && !unsafe_resources[0].is_subresource;
824 } 764 }
765
766 SafeBrowsingBlockingPageV1::SafeBrowsingBlockingPageV1(
767 SafeBrowsingService* sb_service,
768 WebContents* web_contents,
769 const UnsafeResourceList& unsafe_resources)
770 : SafeBrowsingBlockingPage(sb_service, web_contents, unsafe_resources) {
771 }
772
773 std::string SafeBrowsingBlockingPageV1::GetHTMLContents() {
774 // Load the HTML page and create the template components.
775 DictionaryValue strings;
776 ResourceBundle& rb = ResourceBundle::GetSharedInstance();
777 std::string html;
778
779 if (unsafe_resources_.empty()) {
780 NOTREACHED();
781 return std::string();
782 }
783
784 if (unsafe_resources_.size() > 1) {
785 PopulateMultipleThreatStringDictionary(&strings);
786 html = rb.GetRawDataResource(
787 IDR_SAFE_BROWSING_MULTIPLE_THREAT_BLOCK,
788 ui::SCALE_FACTOR_NONE).as_string();
789 } else {
790 SafeBrowsingService::UrlCheckResult threat_type =
791 unsafe_resources_[0].threat_type;
792 if (threat_type == SafeBrowsingService::URL_MALWARE) {
793 PopulateMalwareStringDictionary(&strings);
794 html = rb.GetRawDataResource(
795 IDR_SAFE_BROWSING_MALWARE_BLOCK,
796 ui::SCALE_FACTOR_NONE).as_string();
797 } else { // Phishing.
798 DCHECK(threat_type == SafeBrowsingService::URL_PHISHING ||
799 threat_type == SafeBrowsingService::CLIENT_SIDE_PHISHING_URL);
800 PopulatePhishingStringDictionary(&strings);
801 html = rb.GetRawDataResource(
802 IDR_SAFE_BROWSING_PHISHING_BLOCK,
803 ui::SCALE_FACTOR_NONE).as_string();
804 }
805 }
806 interstitial_show_time_ = base::TimeTicks::Now();
807 return jstemplate_builder::GetTemplatesHtml(html, &strings, "template_root");
808 }
809
810 void SafeBrowsingBlockingPageV1::PopulateStringDictionary(
811 DictionaryValue* strings,
812 const string16& title,
813 const string16& headline,
814 const string16& description1,
815 const string16& description2,
816 const string16& description3) {
817 strings->SetString("title", title);
818 strings->SetString("headLine", headline);
819 strings->SetString("description1", description1);
820 strings->SetString("description2", description2);
821 strings->SetString("description3", description3);
822 strings->SetBoolean("proceedDisabled",
823 IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled));
824 }
825
826 void SafeBrowsingBlockingPageV1::PopulateMultipleThreatStringDictionary(
827 DictionaryValue* strings) {
828
829 string16 malware_label =
830 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_LABEL);
831 string16 malware_link =
832 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_DIAGNOSTIC_PAGE);
833 string16 phishing_label =
834 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_LABEL);
835 string16 phishing_link =
836 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_REPORT_ERROR);
837
838 ListValue* error_strings = new ListValue;
839 for (UnsafeResourceList::const_iterator iter = unsafe_resources_.begin();
840 iter != unsafe_resources_.end(); ++iter) {
841 const SafeBrowsingService::UnsafeResource& resource = *iter;
842 SafeBrowsingService::UrlCheckResult threat_type = resource.threat_type;
843 DictionaryValue* current_error_strings = new DictionaryValue;
844 if (threat_type == SafeBrowsingService::URL_MALWARE) {
845 current_error_strings->SetString("type", "malware");
846 current_error_strings->SetString("typeLabel", malware_label);
847 current_error_strings->SetString("errorLink", malware_link);
848 } else {
849 DCHECK(threat_type == SafeBrowsingService::URL_PHISHING ||
850 threat_type == SafeBrowsingService::CLIENT_SIDE_PHISHING_URL);
851 current_error_strings->SetString("type", "phishing");
852 current_error_strings->SetString("typeLabel", phishing_label);
853 current_error_strings->SetString("errorLink", phishing_link);
854 }
855 current_error_strings->SetString("url", resource.url.spec());
856 error_strings->Append(current_error_strings);
857 }
858 strings->Set("errors", error_strings);
859
860 switch (interstitial_type_) {
861 case TYPE_MALWARE_AND_PHISHING:
862 PopulateStringDictionary(
863 strings,
864 // Use the malware headline, it is the scariest one.
865 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MULTI_THREAT_TITLE),
866 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_HEADLINE),
867 l10n_util::GetStringFUTF16(
868 IDS_SAFE_BROWSING_MULTI_THREAT_DESCRIPTION1,
869 UTF8ToUTF16(web_contents_->GetURL().host())),
870 l10n_util::GetStringUTF16(
871 IDS_SAFE_BROWSING_MULTI_THREAT_DESCRIPTION2),
872 string16());
873 break;
874 case TYPE_MALWARE:
875 PopulateStringDictionary(
876 strings,
877 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_TITLE),
878 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_HEADLINE),
879 l10n_util::GetStringFUTF16(
880 IDS_SAFE_BROWSING_MULTI_MALWARE_DESCRIPTION1,
881 UTF8ToUTF16(web_contents_->GetURL().host())),
882 l10n_util::GetStringUTF16(
883 IDS_SAFE_BROWSING_MULTI_MALWARE_DESCRIPTION2),
884 l10n_util::GetStringUTF16(
885 IDS_SAFE_BROWSING_MULTI_MALWARE_DESCRIPTION3));
886 break;
887 case TYPE_PHISHING:
888 PopulateStringDictionary(
889 strings,
890 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_TITLE),
891 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_HEADLINE),
892 l10n_util::GetStringFUTF16(
893 IDS_SAFE_BROWSING_MULTI_PHISHING_DESCRIPTION1,
894 UTF8ToUTF16(web_contents_->GetURL().host())),
895 string16(),
896 string16());
897 break;
898 }
899
900 strings->SetString("confirm_text",
901 l10n_util::GetStringUTF16(
902 IDS_SAFE_BROWSING_MULTI_MALWARE_DESCRIPTION_AGREE));
903 strings->SetString("continue_button",
904 l10n_util::GetStringUTF16(
905 IDS_SAFE_BROWSING_MULTI_MALWARE_PROCEED_BUTTON));
906 strings->SetString("back_button",
907 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_BACK_BUTTON));
908 strings->SetString("textdirection", base::i18n::IsRTL() ? "rtl" : "ltr");
909 }
910
911 void SafeBrowsingBlockingPageV1::PopulateMalwareStringDictionary(
912 DictionaryValue* strings) {
913 std::string diagnostic_link = base::StringPrintf(kSbDiagnosticHtml,
914 l10n_util::GetStringUTF8(
915 IDS_SAFE_BROWSING_MALWARE_DIAGNOSTIC_PAGE).c_str());
916
917 // Check to see if we're blocking the main page, or a sub-resource on the
918 // main page.
919 string16 description1, description3, description5;
920 if (is_main_frame_load_blocked_) {
921 description1 = l10n_util::GetStringFUTF16(
922 IDS_SAFE_BROWSING_MALWARE_DESCRIPTION1, UTF8ToUTF16(url_.host()));
923 } else {
924 description1 = l10n_util::GetStringFUTF16(
925 IDS_SAFE_BROWSING_MALWARE_DESCRIPTION4,
926 UTF8ToUTF16(web_contents_->GetURL().host()),
927 UTF8ToUTF16(url_.host()));
928 }
929
930 std::string proceed_link = base::StringPrintf(kPLinkHtml,
931 l10n_util::GetStringUTF8(IDS_SAFE_BROWSING_MALWARE_PROCEED_LINK).c_str());
932 description3 =
933 l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_MALWARE_DESCRIPTION3,
934 UTF8ToUTF16(proceed_link));
935
936 PopulateStringDictionary(
937 strings,
938 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_TITLE),
939 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_HEADLINE),
940 description1,
941 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_DESCRIPTION2),
942 description3);
943
944 description5 =
945 l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_MALWARE_DESCRIPTION5,
946 UTF8ToUTF16(url_.host()),
947 UTF8ToUTF16(url_.host()),
948 UTF8ToUTF16(diagnostic_link));
949
950 strings->SetString("description5", description5);
951
952 strings->SetString("back_button",
953 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_BACK_BUTTON));
954 strings->SetString("proceed_link",
955 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_PROCEED_LINK));
956 strings->SetString("textdirection", base::i18n::IsRTL() ? "rtl" : "ltr");
957
958 if (!CanShowMalwareDetailsOption()) {
959 strings->SetBoolean(kDisplayCheckBox, false);
960 } else {
961 // Show the checkbox for sending malware details.
962 strings->SetBoolean(kDisplayCheckBox, true);
963
964 std::string privacy_link = base::StringPrintf(
965 kPrivacyLinkHtml,
966 l10n_util::GetStringUTF8(
967 IDS_SAFE_BROWSING_PRIVACY_POLICY_PAGE).c_str());
968
969 strings->SetString("confirm_text",
970 l10n_util::GetStringFUTF16(
971 IDS_SAFE_BROWSING_MALWARE_REPORTING_AGREE,
972 UTF8ToUTF16(privacy_link)));
973 if (IsPrefEnabled(prefs::kSafeBrowsingReportingEnabled))
974 strings->SetString(kBoxChecked, "yes");
975 else
976 strings->SetString(kBoxChecked, "");
977 }
978 }
979
980 void SafeBrowsingBlockingPageV1::PopulatePhishingStringDictionary(
981 DictionaryValue* strings) {
982 std::string proceed_link = base::StringPrintf(
983 kPLinkHtml,
984 l10n_util::GetStringUTF8(
985 IDS_SAFE_BROWSING_PHISHING_PROCEED_LINK).c_str());
986 string16 description3 = l10n_util::GetStringFUTF16(
987 IDS_SAFE_BROWSING_PHISHING_DESCRIPTION3,
988 UTF8ToUTF16(proceed_link));
989
990 PopulateStringDictionary(
991 strings,
992 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_TITLE),
993 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_HEADLINE),
994 l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_PHISHING_DESCRIPTION1,
995 UTF8ToUTF16(url_.host())),
996 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_DESCRIPTION2),
997 description3);
998
999 strings->SetString("back_button",
1000 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_BACK_BUTTON));
1001 strings->SetString("report_error",
1002 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_PHISHING_REPORT_ERROR));
1003 strings->SetString("textdirection", base::i18n::IsRTL() ? "rtl" : "ltr");
1004 }
1005
1006 SafeBrowsingBlockingPageV2::SafeBrowsingBlockingPageV2(
1007 SafeBrowsingService* sb_service,
1008 WebContents* web_contents,
1009 const UnsafeResourceList& unsafe_resources)
1010 : SafeBrowsingBlockingPage(sb_service, web_contents, unsafe_resources) {
1011 }
1012
1013 std::string SafeBrowsingBlockingPageV2::GetHTMLContents() {
1014 // Load the HTML page and create the template components.
1015 DictionaryValue strings;
1016 ResourceBundle& rb = ResourceBundle::GetSharedInstance();
1017 std::string html;
1018
1019 if (unsafe_resources_.empty()) {
1020 NOTREACHED();
1021 return std::string();
1022 }
1023
1024 if (unsafe_resources_.size() > 1) {
1025 NOTREACHED();
1026 } else {
1027 SafeBrowsingService::UrlCheckResult threat_type =
1028 unsafe_resources_[0].threat_type;
1029 if (threat_type == SafeBrowsingService::URL_MALWARE) {
1030 PopulateMalwareStringDictionary(&strings);
1031 html = rb.GetRawDataResource(
1032 IDR_SAFE_BROWSING_MALWARE_BLOCK_V2,
1033 ui::SCALE_FACTOR_NONE).as_string();
1034 } else { // Phishing.
1035 DCHECK(threat_type == SafeBrowsingService::URL_PHISHING ||
1036 threat_type == SafeBrowsingService::CLIENT_SIDE_PHISHING_URL);
1037 NOTREACHED();
1038 }
1039 }
1040 interstitial_show_time_ = base::TimeTicks::Now();
1041 return jstemplate_builder::GetTemplatesHtml(html, &strings, "template-root");
1042 }
1043
1044 void SafeBrowsingBlockingPageV2::PopulateStringDictionary(
1045 DictionaryValue* strings,
1046 const string16& title,
1047 const string16& headline,
1048 const string16& description1,
1049 const string16& description2,
1050 const string16& description3,
1051 const string16& description4) {
1052 strings->SetString("title", title);
1053 strings->SetString("headLine", headline);
1054 strings->SetString("description1", description1);
1055 strings->SetString("description2", description2);
1056 strings->SetString("description3", description3);
1057 strings->SetString("description4", description4);
1058 strings->SetBoolean("proceedDisabled",
1059 IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled));
1060
1061 strings->SetString("textdirection", base::i18n::IsRTL() ? "rtl" : "ltr");
1062 strings->SetString("back_button",
1063 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_BACK_BUTTON));
1064 strings->SetString("seeMore", l10n_util::GetStringUTF16(
1065 IDS_SAFE_BROWSING_MALWARE_V2_SEE_MORE));
1066 strings->SetString("seeLess", l10n_util::GetStringUTF16(
1067 IDS_SAFE_BROWSING_MALWARE_V2_SEE_LESS));
1068 }
1069
1070 void SafeBrowsingBlockingPageV2::PopulateMultipleThreatStringDictionary(
1071 DictionaryValue* strings) {
1072 NOTREACHED();
1073 }
1074
1075 void SafeBrowsingBlockingPageV2::PopulateMalwareStringDictionary(
1076 DictionaryValue* strings) {
1077 std::string diagnostic_link = base::StringPrintf(kSbDiagnosticHtml,
1078 l10n_util::GetStringUTF8(
1079 IDS_SAFE_BROWSING_MALWARE_DIAGNOSTIC_PAGE).c_str());
1080
1081 // Check to see if we're blocking the main page, or a sub-resource on the
1082 // main page.
1083 string16 headline, description1, description2, description3, description4;
1084
1085
1086 if (is_main_frame_load_blocked_) {
1087 headline = l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_V2_HEADLINE);
1088 description1 = l10n_util::GetStringFUTF16(
1089 IDS_SAFE_BROWSING_MALWARE_V2_DESCRIPTION1,
1090 l10n_util::GetStringUTF16(IDS_PRODUCT_NAME),
1091 UTF8ToUTF16(url_.host()));
1092 description2 = l10n_util::GetStringUTF16(
1093 IDS_SAFE_BROWSING_MALWARE_V2_DESCRIPTION2);
1094 description3 = l10n_util::GetStringUTF16(
1095 IDS_SAFE_BROWSING_MALWARE_V2_DESCRIPTION3);
1096 description4 = l10n_util::GetStringUTF16(
1097 IDS_SAFE_BROWSING_MALWARE_V2_DESCRIPTION4);
1098 strings->SetBoolean(kDisplayShowDiagnostic, true);
1099 } else {
1100 headline = l10n_util::GetStringUTF16(
1101 IDS_SAFE_BROWSING_MALWARE_V2_HEADLINE_SUBRESOURCE);
1102 description1 = l10n_util::GetStringFUTF16(
1103 IDS_SAFE_BROWSING_MALWARE_V2_DESCRIPTION1_SUBRESOURCE,
1104 l10n_util::GetStringUTF16(IDS_PRODUCT_NAME),
1105 UTF8ToUTF16(web_contents_->GetURL().host()));
1106 description2 = l10n_util::GetStringUTF16(
1107 IDS_SAFE_BROWSING_MALWARE_V2_DESCRIPTION2_SUBRESOURCE);
1108 description3 = l10n_util::GetStringUTF16(
1109 IDS_SAFE_BROWSING_MALWARE_V2_DESCRIPTION3_SUBRESOURCE);
1110 description4 = l10n_util::GetStringFUTF16(
1111 IDS_SAFE_BROWSING_MALWARE_V2_DESCRIPTION4_SUBRESOURCE,
1112 UTF8ToUTF16(url_.host()));
1113 strings->SetBoolean(kDisplayShowDiagnostic, false);
1114 }
1115
1116 PopulateStringDictionary(
1117 strings,
1118 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_V2_TITLE),
1119 headline,
1120 description1,
1121 description2,
1122 description3,
1123 description4);
1124
1125 if (!CanShowMalwareDetailsOption()) {
1126 strings->SetBoolean(kDisplayCheckBox, false);
1127 } else {
1128 // Show the checkbox for sending malware details.
1129 strings->SetBoolean(kDisplayCheckBox, true);
1130
1131 std::string privacy_link = base::StringPrintf(
1132 kPrivacyLinkHtml,
1133 l10n_util::GetStringUTF8(
1134 IDS_SAFE_BROWSING_PRIVACY_POLICY_PAGE_V2).c_str());
1135
1136 strings->SetString("confirm_text",
1137 l10n_util::GetStringFUTF16(
1138 IDS_SAFE_BROWSING_MALWARE_V2_REPORTING_AGREE,
1139 UTF8ToUTF16(privacy_link)));
1140 if (IsPrefEnabled(prefs::kSafeBrowsingReportingEnabled))
1141 strings->SetString(kBoxChecked, "yes");
1142 else
1143 strings->SetString(kBoxChecked, "");
1144 }
1145
1146 strings->SetString("learnMore",
1147 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_V2_LEARN_MORE));
1148 strings->SetString("details",
1149 l10n_util::GetStringUTF16(IDS_SAFE_BROWSING_MALWARE_V2_DETAILS));
1150 }
1151
1152 void SafeBrowsingBlockingPageV2::PopulatePhishingStringDictionary(
1153 DictionaryValue* strings) {
1154 NOTREACHED();
1155 }
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698