chrome/browser/ssl/ssl_blocking_page.h

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef CHROME_BROWSER_SSL_SSL_BLOCKING_PAGE_H_
   6 #define CHROME_BROWSER_SSL_SSL_BLOCKING_PAGE_H_
   7
   8 #include <string>
   9 #include <vector>
  10
  11 #include "base/callback.h"
  12 #include "base/strings/string16.h"
  13 #include "base/task/cancelable_task_tracker.h"
  14 #include "base/time/time.h"
  15 #include "chrome/browser/interstitials/security_interstitial_page.h"
  16 #include "chrome/browser/profiles/profile.h"
  17 #include "chrome/browser/ssl/certificate_error_report.h"
  18 #include "chrome/browser/ssl/ssl_cert_reporter.h"
  19 #include "net/ssl/ssl_info.h"
  20 #include "url/gurl.h"
  21
  22 // Constants for the HTTPSErrorReporter Finch experiment
  23 extern const char kHTTPSErrorReporterFinchExperimentName[];
  24 extern const char kHTTPSErrorReporterFinchGroupShowPossiblySend[];
  25 extern const char kHTTPSErrorReporterFinchGroupDontShowDontSend[];
  26 extern const char kHTTPSErrorReporterFinchParamName[];
  27
  28 #if defined(ENABLE_EXTENSIONS)
  29 namespace extensions {
  30 class ExperienceSamplingEvent;
  31 }
  32 #endif
  33
  34 namespace policy {
  35 class PolicyTest_SSLErrorOverridingDisallowed_Test;
  36 }
  37
  38 class SSLErrorClassification;
  39
  40 // This class is responsible for showing/hiding the interstitial page that is
  41 // shown when a certificate error happens.
  42 // It deletes itself when the interstitial page is closed.
  43 class SSLBlockingPage : public SecurityInterstitialPage {
  44  public:
  45   enum SSLBlockingPageOptionsMask {
  46     // Indicates whether or not the user could (assuming perfect knowledge)
  47     // successfully override the error and still get the security guarantees
  48     // of TLS.
  49     OVERRIDABLE = 1 << 0,
  50     // Indicates whether or not the site the user is trying to connect to has
  51     // requested strict enforcement of certificate validation (e.g. with HTTP
  52     // Strict-Transport-Security).
  53     STRICT_ENFORCEMENT = 1 << 1,
  54     // Indicates whether a user decision had been previously made but the
  55     // decision has expired.
  56     EXPIRED_BUT_PREVIOUSLY_ALLOWED = 1 << 2
  57   };
  58
  59   // Interstitial type, used in tests.
  60   static InterstitialPageDelegate::TypeID kTypeForTesting;
  61
  62   ~SSLBlockingPage() override;
  63
  64   // Creates an SSL blocking page. If the blocking page isn't shown, the caller
  65   // is responsible for cleaning up the blocking page, otherwise the
  66   // interstitial takes ownership when shown. |options_mask| must be a bitwise
  67   // mask of SSLBlockingPageOptionsMask values.
  68   SSLBlockingPage(content::WebContents* web_contents,
  69                   int cert_error,
  70                   const net::SSLInfo& ssl_info,
  71                   const GURL& request_url,
  72                   int options_mask,
  73                   const base::Time& time_triggered,
  74                   scoped_ptr<SSLCertReporter> ssl_cert_reporter,
  75                   const base::Callback<void(bool)>& callback);
  76
  77   // InterstitialPageDelegate method:
  78   InterstitialPageDelegate::TypeID GetTypeForTesting() const override;
  79
  80   // Returns true if |options_mask| refers to an overridable SSL error and
  81   // if SSL error overriding is allowed by policy.
  82   static bool IsOverridable(int options_mask, const Profile* const profile);
  83
  84   static bool DoesPolicyAllowDangerOverride(const Profile* const profile);
  85
  86   void SetSSLCertReporterForTesting(
  87       scoped_ptr<SSLCertReporter> ssl_cert_reporter);
  88
  89  protected:
  90   friend class policy::PolicyTest_SSLErrorOverridingDisallowed_Test;
  91
  92   // InterstitialPageDelegate implementation.
  93   void CommandReceived(const std::string& command) override;
  94   void OverrideEntry(content::NavigationEntry* entry) override;
  95   void OverrideRendererPrefs(content::RendererPreferences* prefs) override;
  96   void OnProceed() override;
  97   void OnDontProceed() override;
  98
  99   // SecurityInterstitialPage implementation:
 100   bool ShouldCreateNewNavigation() const override;
 101   void PopulateInterstitialStrings(
 102       base::DictionaryValue* load_time_data) override;
 103
 104   void PopulateExtendedReportingOption(base::DictionaryValue* load_time_data);
 105
 106  private:
 107   void NotifyDenyCertificate();
 108   void NotifyAllowCertificate();
 109
 110   std::string GetUmaHistogramPrefix() const;
 111   std::string GetSamplingEventName() const;
 112
 113   // Send a report about an invalid certificate to the
 114   // server. |user_proceeded| indicates whether the user clicked through
 115   // the interstitial or not, and will be included in the report.
 116   void FinishCertCollection(
 117       CertificateErrorReport::ProceedDecision user_proceeded);
 118
 119   // Check whether a checkbox should be shown on the page that allows
 120   // the user to opt in to Safe Browsing extended reporting.
 121   bool ShouldShowCertificateReporterCheckbox();
 122
 123   // Returns true if an certificate report should be sent for the SSL
 124   // error for this page.
 125   bool ShouldReportCertificateError();
 126
 127   base::Callback<void(bool)> callback_;
 128
 129   const int cert_error_;
 130   const net::SSLInfo ssl_info_;
 131   // There are two ways for the user to override an interstitial:
 132   //
 133   // overridable_) By clicking on "Advanced" and then "Proceed".
 134   //   - This corresponds to "the user can override using the UI".
 135   // danger_overridable_) By typing the word "danger".
 136   //   - This is an undocumented workaround.
 137   //   - This can be set to "false" dynamically to prevent the behaviour.
 138   const bool overridable_;
 139   bool danger_overridable_;
 140   // Has the site requested strict enforcement of certificate errors?
 141   const bool strict_enforcement_;
 142   // Did the user previously allow a bad certificate but the decision has now
 143   // expired?
 144   const bool expired_but_previously_allowed_;
 145   scoped_ptr<SSLErrorClassification> ssl_error_classification_;
 146
 147   // The time at which the interstitial was triggered. The interstitial
 148   // calculates all times relative to this.
 149   const base::Time time_triggered_;
 150
 151   // Handles reports of invalid SSL certificates.
 152   scoped_ptr<SSLCertReporter> ssl_cert_reporter_;
 153
 154   // Which type of interstitial this is.
 155   enum SSLInterstitialReason {
 156     SSL_REASON_SSL,
 157     SSL_REASON_BAD_CLOCK
 158   } interstitial_reason_;
 159
 160   DISALLOW_COPY_AND_ASSIGN(SSLBlockingPage);
 161 };
 162
 163 #endif  // CHROME_BROWSER_SSL_SSL_BLOCKING_PAGE_H_