search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Don't show supervised user as "already on this device" while they're being imported.
[chromium-blink-merge.git] / chrome / browser / ui / webui / interstitials / interstitial_ui.cc
blobf71f025747404ed21965cd4bf4d3ea24f05d87ff
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/browser/ui/webui/interstitials/interstitial_ui.h"
6
7 #include "base/strings/string_number_conversions.h"
8 #include "base/strings/string_util.h"
9 #include "chrome/browser/browser_process.h"
10 #include "chrome/browser/profiles/profile.h"
11 #include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h"
12 #include "chrome/browser/safe_browsing/safe_browsing_service.h"
13 #include "chrome/browser/ssl/ssl_blocking_page.h"
14 #include "chrome/common/url_constants.h"
15 #include "chrome/grit/browser_resources.h"
16 #include "content/public/browser/interstitial_page_delegate.h"
17 #include "content/public/browser/web_contents.h"
18 #include "content/public/browser/web_ui.h"
19 #include "content/public/browser/web_ui_controller.h"
20 #include "content/public/browser/web_ui_data_source.h"
21 #include "net/base/net_errors.h"
22 #include "net/base/url_util.h"
23 #include "net/cert/x509_certificate.h"
24 #include "net/ssl/ssl_info.h"
25 #include "ui/base/resource/resource_bundle.h"
26
27 namespace {
28
29 class InterstitialHTMLSource : public content::URLDataSource {
30 public:
31 explicit InterstitialHTMLSource(content::WebContents* web_contents);
32 ~InterstitialHTMLSource() override;
33
34 // content::URLDataSource:
35 std::string GetMimeType(const std::string& mime_type) const override;
36 std::string GetSource() const override;
37 bool ShouldAddContentSecurityPolicy() const override;
38 void StartDataRequest(
39 const std::string& path,
40 int render_process_id,
41 int render_frame_id,
42 const content::URLDataSource::GotDataCallback& callback) override;
43
44 private:
45 content::WebContents* web_contents_;
46 DISALLOW_COPY_AND_ASSIGN(InterstitialHTMLSource);
47 };
48
49 SSLBlockingPage* CreateSSLBlockingPage(content::WebContents* web_contents) {
50 // Random parameters for SSL blocking page.
51 int cert_error = net::ERR_CERT_CONTAINS_ERRORS;
52 GURL request_url("https://example.com");
53 bool overridable = false;
54 bool strict_enforcement = false;
55 base::Time time_triggered_ = base::Time::NowFromSystemTime();
56 std::string url_param;
57 if (net::GetValueForKeyInQuery(web_contents->GetURL(),
58 "url",
59 &url_param)) {
60 if (GURL(url_param).is_valid())
61 request_url = GURL(url_param);
62 }
63 std::string overridable_param;
64 if (net::GetValueForKeyInQuery(web_contents->GetURL(),
65 "overridable",
66 &overridable_param)) {
67 overridable = overridable_param == "1";
68 }
69 std::string strict_enforcement_param;
70 if (net::GetValueForKeyInQuery(web_contents->GetURL(),
71 "strict_enforcement",
72 &strict_enforcement_param)) {
73 strict_enforcement = strict_enforcement_param == "1";
74 }
75 std::string clock_manipulation_param;
76 if (net::GetValueForKeyInQuery(web_contents->GetURL(), "clock_manipulation",
77 &clock_manipulation_param) == 1) {
78 cert_error = net::ERR_CERT_DATE_INVALID;
79 int time_offset;
80 if (base::StringToInt(clock_manipulation_param, &time_offset)) {
81 time_triggered_ += base::TimeDelta::FromDays(365 * time_offset);
82 } else {
83 time_triggered_ += base::TimeDelta::FromDays(365 * 2);
84 }
85 }
86 net::SSLInfo ssl_info;
87 ssl_info.cert = new net::X509Certificate(
88 request_url.host(), "CA", base::Time::Max(), base::Time::Max());
89 // This delegate doesn't create an interstitial.
90 int options_mask = 0;
91 if (overridable)
92 options_mask |= SSLBlockingPage::OVERRIDABLE;
93 if (strict_enforcement)
94 options_mask |= SSLBlockingPage::STRICT_ENFORCEMENT;
95 return new SSLBlockingPage(web_contents, cert_error, ssl_info, request_url,
96 options_mask, time_triggered_, nullptr,
97 base::Callback<void(bool)>());
98 }
99
100 SafeBrowsingBlockingPage* CreateSafeBrowsingBlockingPage(
101 content::WebContents* web_contents) {
102 SBThreatType threat_type = SB_THREAT_TYPE_URL_MALWARE;
103 GURL request_url("http://example.com");
104 std::string url_param;
105 if (net::GetValueForKeyInQuery(web_contents->GetURL(),
106 "url",
107 &url_param)) {
108 if (GURL(url_param).is_valid())
109 request_url = GURL(url_param);
110 }
111 std::string type_param;
112 if (net::GetValueForKeyInQuery(web_contents->GetURL(),
113 "type",
114 &type_param)) {
115 if (type_param == "malware") {
116 threat_type = SB_THREAT_TYPE_URL_MALWARE;
117 } else if (type_param == "phishing") {
118 threat_type = SB_THREAT_TYPE_URL_PHISHING;
119 } else if (type_param == "clientside_malware") {
120 threat_type = SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL;
121 } else if (type_param == "clientside_phishing") {
122 threat_type = SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL;
123 // Interstitials for client side phishing urls load after the page loads
124 // (see SafeBrowsingBlockingPage::IsMainPageLoadBlocked), so there should
125 // either be a new navigation entry, or there shouldn't be any pending
126 // entries. Clear any pending navigation entries.
127 content::NavigationController* controller =
128 &web_contents->GetController();
129 controller->DiscardNonCommittedEntries();
130 }
131 }
132 SafeBrowsingBlockingPage::UnsafeResource resource;
133 resource.url = request_url;
134 resource.threat_type = threat_type;
135 // Create a blocking page without showing the interstitial.
136 return SafeBrowsingBlockingPage::CreateBlockingPage(
137 g_browser_process->safe_browsing_service()->ui_manager().get(),
138 web_contents,
139 resource);
140 }
141
142 } // namespace
143
144 InterstitialUI::InterstitialUI(content::WebUI* web_ui)
145 : WebUIController(web_ui) {
146 scoped_ptr<InterstitialHTMLSource> html_source(
147 new InterstitialHTMLSource(web_ui->GetWebContents()));
148 Profile* profile = Profile::FromWebUI(web_ui);
149 content::URLDataSource::Add(profile, html_source.release());
150 }
151
152 InterstitialUI::~InterstitialUI() {
153 }
154
155 // InterstitialHTMLSource
156
157 InterstitialHTMLSource::InterstitialHTMLSource(
158 content::WebContents* web_contents)
159 : web_contents_(web_contents) {
160 }
161
162 InterstitialHTMLSource::~InterstitialHTMLSource() {
163 }
164
165 std::string InterstitialHTMLSource::GetMimeType(
166 const std::string& mime_type) const {
167 return "text/html";
168 }
169
170 std::string InterstitialHTMLSource::GetSource() const {
171 return chrome::kChromeUIInterstitialHost;
172 }
173
174 bool InterstitialHTMLSource::ShouldAddContentSecurityPolicy()
175 const {
176 return false;
177 }
178
179 void InterstitialHTMLSource::StartDataRequest(
180 const std::string& path,
181 int render_process_id,
182 int render_frame_id,
183 const content::URLDataSource::GotDataCallback& callback) {
184 scoped_ptr<content::InterstitialPageDelegate> interstitial_delegate;
185 if (StartsWithASCII(path, "ssl", true)) {
186 interstitial_delegate.reset(CreateSSLBlockingPage(web_contents_));
187 } else if (StartsWithASCII(path, "safebrowsing", true)) {
188 interstitial_delegate.reset(CreateSafeBrowsingBlockingPage(web_contents_));
189 }
190
191 std::string html;
192 if (interstitial_delegate.get()) {
193 html = interstitial_delegate.get()->GetHTMLContents();
194 } else {
195 html = ResourceBundle::GetSharedInstance()
196 .GetRawDataResource(IDR_SECURITY_INTERSTITIAL_UI_HTML)
197 .as_string();
198 }
199 scoped_refptr<base::RefCountedString> html_bytes = new base::RefCountedString;
200 html_bytes->data().assign(html.begin(), html.end());
201 callback.Run(html_bytes.get());
202 }