Add domain request detection to incident reporting service.
[chromium-blink-merge.git] / chrome / browser / safe_browsing / safe_browsing_blocking_page.h
bloba42b022537f6dccaef322a87a6f70e247e3119bc
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 //
5 // Classes for managing the SafeBrowsing interstitial pages.
6 //
7 // When a user is about to visit a page the SafeBrowsing system has deemed to
8 // be malicious, either as malware or a phishing page, we show an interstitial
9 // page with some options (go back, continue) to give the user a chance to avoid
10 // the harmful page.
12 // The SafeBrowsingBlockingPage is created by the SafeBrowsingUIManager on the
13 // UI thread when we've determined that a page is malicious. The operation of
14 // the blocking page occurs on the UI thread, where it waits for the user to
15 // make a decision about what to do: either go back or continue on.
17 // The blocking page forwards the result of the user's choice back to the
18 // SafeBrowsingUIManager so that we can cancel the request for the new page,
19 // or allow it to continue.
21 // A web page may contain several resources flagged as malware/phishing. This
22 // results into more than one interstitial being shown. On the first unsafe
23 // resource received we show an interstitial. Any subsequent unsafe resource
24 // notifications while the first interstitial is showing is queued. If the user
25 // decides to proceed in the first interstitial, we display all queued unsafe
26 // resources in a new interstitial.
28 #ifndef CHROME_BROWSER_SAFE_BROWSING_SAFE_BROWSING_BLOCKING_PAGE_H_
29 #define CHROME_BROWSER_SAFE_BROWSING_SAFE_BROWSING_BLOCKING_PAGE_H_
31 #include <map>
32 #include <string>
33 #include <vector>
35 #include "base/gtest_prod_util.h"
36 #include "base/task/cancelable_task_tracker.h"
37 #include "chrome/browser/interstitials/security_interstitial_metrics_helper.h"
38 #include "chrome/browser/interstitials/security_interstitial_page.h"
39 #include "chrome/browser/safe_browsing/ui_manager.h"
40 #include "content/public/browser/interstitial_page_delegate.h"
41 #include "url/gurl.h"
43 class MalwareDetails;
44 class SafeBrowsingBlockingPageFactory;
46 namespace base {
47 class MessageLoop;
50 class SafeBrowsingBlockingPage : public SecurityInterstitialPage {
51 public:
52 typedef SafeBrowsingUIManager::UnsafeResource UnsafeResource;
53 typedef std::vector<UnsafeResource> UnsafeResourceList;
54 typedef std::map<content::WebContents*, UnsafeResourceList> UnsafeResourceMap;
56 // Interstitial type, used in tests.
57 static content::InterstitialPageDelegate::TypeID kTypeForTesting;
59 ~SafeBrowsingBlockingPage() override;
61 // Creates a blocking page. Use ShowBlockingPage if you don't need to access
62 // the blocking page directly.
63 static SafeBrowsingBlockingPage* CreateBlockingPage(
64 SafeBrowsingUIManager* ui_manager,
65 content::WebContents* web_contents,
66 const UnsafeResource& unsafe_resource);
68 // Shows a blocking page warning the user about phishing/malware for a
69 // specific resource.
70 // You can call this method several times, if an interstitial is already
71 // showing, the new one will be queued and displayed if the user decides
72 // to proceed on the currently showing interstitial.
73 static void ShowBlockingPage(
74 SafeBrowsingUIManager* ui_manager, const UnsafeResource& resource);
76 // Makes the passed |factory| the factory used to instantiate
77 // SafeBrowsingBlockingPage objects. Useful for tests.
78 static void RegisterFactory(SafeBrowsingBlockingPageFactory* factory) {
79 factory_ = factory;
82 // InterstitialPageDelegate method:
83 void OnProceed() override;
84 void OnDontProceed() override;
85 void CommandReceived(const std::string& command) override;
86 void OverrideRendererPrefs(content::RendererPreferences* prefs) override;
87 content::InterstitialPageDelegate::TypeID GetTypeForTesting() const override;
89 protected:
90 friend class SafeBrowsingBlockingPageTest;
91 FRIEND_TEST_ALL_PREFIXES(SafeBrowsingBlockingPageTest,
92 ProceedThenDontProceed);
94 void UpdateReportingPref(); // Used for the transition from old to new pref.
96 // Don't instantiate this class directly, use ShowBlockingPage instead.
97 SafeBrowsingBlockingPage(SafeBrowsingUIManager* ui_manager,
98 content::WebContents* web_contents,
99 const UnsafeResourceList& unsafe_resources);
101 // SecurityInterstitialPage methods:
102 bool ShouldCreateNewNavigation() const override;
103 void PopulateInterstitialStrings(
104 base::DictionaryValue* load_time_data) override;
106 // After a malware interstitial where the user opted-in to the
107 // report but clicked "proceed anyway", we delay the call to
108 // MalwareDetails::FinishCollection() by this much time (in
109 // milliseconds), in order to get data from the blocked resource itself.
110 int64 malware_details_proceed_delay_ms_;
112 FRIEND_TEST_ALL_PREFIXES(SafeBrowsingBlockingPageTest,
113 MalwareReportsTransitionDisabled);
114 FRIEND_TEST_ALL_PREFIXES(SafeBrowsingBlockingPageTest,
115 MalwareReportsToggling);
117 // Checks if we should even show the malware details option. For example, we
118 // don't show it in incognito mode.
119 bool CanShowMalwareDetailsOption();
121 // Called when the insterstitial is going away. If there is a
122 // pending malware details object, we look at the user's
123 // preferences, and if the option to send malware details is
124 // enabled, the report is scheduled to be sent on the |ui_manager_|.
125 void FinishMalwareDetails(int64 delay_ms);
127 // A list of SafeBrowsingUIManager::UnsafeResource for a tab that the user
128 // should be warned about. They are queued when displaying more than one
129 // interstitial at a time.
130 static UnsafeResourceMap* GetUnsafeResourcesMap();
132 // Notifies the SafeBrowsingUIManager on the IO thread whether to proceed
133 // or not for the |resources|.
134 static void NotifySafeBrowsingUIManager(
135 SafeBrowsingUIManager* ui_manager,
136 const UnsafeResourceList& resources, bool proceed);
138 // Returns true if the passed |unsafe_resources| is blocking the load of
139 // the main page.
140 static bool IsMainPageLoadBlocked(
141 const UnsafeResourceList& unsafe_resources);
143 friend class SafeBrowsingBlockingPageFactoryImpl;
145 // For reporting back user actions.
146 SafeBrowsingUIManager* ui_manager_;
148 // True if the interstitial is blocking the main page because it is on one
149 // of our lists. False if a subresource is being blocked, or in the case of
150 // client-side detection where the interstitial is shown after page load
151 // finishes.
152 bool is_main_frame_load_blocked_;
154 // The index of a navigation entry that should be removed when DontProceed()
155 // is invoked, -1 if not entry should be removed.
156 int navigation_entry_index_to_remove_;
158 // The list of unsafe resources this page is warning about.
159 UnsafeResourceList unsafe_resources_;
161 // A MalwareDetails object that we start generating when the
162 // blocking page is shown. The object will be sent when the warning
163 // is gone (if the user enables the feature).
164 scoped_refptr<MalwareDetails> malware_details_;
166 bool proceeded_;
168 // Which type of Safe Browsing interstitial this is.
169 enum SBInterstitialReason {
170 SB_REASON_MALWARE,
171 SB_REASON_HARMFUL,
172 SB_REASON_PHISHING,
173 } interstitial_reason_;
175 // The factory used to instantiate SafeBrowsingBlockingPage objects.
176 // Usefull for tests, so they can provide their own implementation of
177 // SafeBrowsingBlockingPage.
178 static SafeBrowsingBlockingPageFactory* factory_;
180 private:
181 // Fills the passed dictionary with the values to be passed to the template
182 // when creating the HTML.
183 void PopulateExtendedReportingOption(base::DictionaryValue* load_time_data);
184 void PopulateMalwareLoadTimeData(base::DictionaryValue* load_time_data);
185 void PopulateHarmfulLoadTimeData(base::DictionaryValue* load_time_data);
186 void PopulatePhishingLoadTimeData(base::DictionaryValue* load_time_data);
188 std::string GetMetricPrefix() const;
189 std::string GetSamplingEventName() const;
191 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingBlockingPage);
194 // Factory for creating SafeBrowsingBlockingPage. Useful for tests.
195 class SafeBrowsingBlockingPageFactory {
196 public:
197 virtual ~SafeBrowsingBlockingPageFactory() { }
199 virtual SafeBrowsingBlockingPage* CreateSafeBrowsingPage(
200 SafeBrowsingUIManager* ui_manager,
201 content::WebContents* web_contents,
202 const SafeBrowsingBlockingPage::UnsafeResourceList& unsafe_resources) = 0;
205 #endif // CHROME_BROWSER_SAFE_BROWSING_SAFE_BROWSING_BLOCKING_PAGE_H_