search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Add checkbox for reporting invalid TLS/SSL cert chains
[chromium-blink-merge.git] / chrome / browser / safe_browsing / safe_browsing_blocking_page.cc
blobc04a8bc555ab497f4ddaf257488f5b1b493745f1
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 //
5 // Implementation of the SafeBrowsingBlockingPage class.
6
7 #include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h"
8
9 #include <string>
10
11 #include "base/bind.h"
12 #include "base/command_line.h"
13 #include "base/i18n/rtl.h"
14 #include "base/lazy_instance.h"
15 #include "base/metrics/field_trial.h"
16 #include "base/metrics/histogram.h"
17 #include "base/prefs/pref_service.h"
18 #include "base/strings/string_number_conversions.h"
19 #include "base/strings/string_piece.h"
20 #include "base/strings/stringprintf.h"
21 #include "base/strings/utf_string_conversions.h"
22 #include "base/time/time.h"
23 #include "base/values.h"
24 #include "chrome/browser/browser_process.h"
25 #include "chrome/browser/profiles/profile.h"
26 #include "chrome/browser/renderer_preferences_util.h"
27 #include "chrome/browser/safe_browsing/malware_details.h"
28 #include "chrome/browser/safe_browsing/ui_manager.h"
29 #include "chrome/browser/tab_contents/tab_util.h"
30 #include "chrome/common/chrome_switches.h"
31 #include "chrome/common/pref_names.h"
32 #include "chrome/common/url_constants.h"
33 #include "chrome/grit/generated_resources.h"
34 #include "chrome/grit/locale_settings.h"
35 #include "components/google/core/browser/google_util.h"
36 #include "content/public/browser/browser_thread.h"
37 #include "content/public/browser/interstitial_page.h"
38 #include "content/public/browser/navigation_controller.h"
39 #include "content/public/browser/user_metrics.h"
40 #include "content/public/browser/web_contents.h"
41 #include "content/public/common/renderer_preferences.h"
42 #include "grit/browser_resources.h"
43 #include "net/base/escape.h"
44 #include "ui/base/l10n/l10n_util.h"
45
46 using base::UserMetricsAction;
47 using content::BrowserThread;
48 using content::InterstitialPage;
49 using content::OpenURLParams;
50 using content::Referrer;
51 using content::WebContents;
52
53 namespace {
54
55 // For malware interstitial pages, we link the problematic URL to Google's
56 // diagnostic page.
57 #if defined(GOOGLE_CHROME_BUILD)
58 const char kSbDiagnosticUrl[] =
59 "http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=%s&client=googlechrome";
60 #else
61 const char kSbDiagnosticUrl[] =
62 "http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=%s&client=chromium";
63 #endif
64
65 // URL for malware and phishing, V2.
66 const char kLearnMoreMalwareUrlV2[] =
67 "https://www.google.com/transparencyreport/safebrowsing/";
68 const char kLearnMorePhishingUrlV2[] =
69 "https://www.google.com/transparencyreport/safebrowsing/";
70
71 // After a malware interstitial where the user opted-in to the report
72 // but clicked "proceed anyway", we delay the call to
73 // MalwareDetails::FinishCollection() by this much time (in
74 // milliseconds).
75 const int64 kMalwareDetailsProceedDelayMilliSeconds = 3000;
76
77 // Constants for the Experience Sampling instrumentation.
78 const char kEventNameMalware[] = "safebrowsing_interstitial_";
79 const char kEventNameHarmful[] = "harmful_interstitial_";
80 const char kEventNamePhishing[] = "phishing_interstitial_";
81 const char kEventNameOther[] = "safebrowsing_other_interstitial_";
82
83 base::LazyInstance<SafeBrowsingBlockingPage::UnsafeResourceMap>
84 g_unsafe_resource_map = LAZY_INSTANCE_INITIALIZER;
85
86 } // namespace
87
88 // static
89 SafeBrowsingBlockingPageFactory* SafeBrowsingBlockingPage::factory_ = NULL;
90
91 // The default SafeBrowsingBlockingPageFactory. Global, made a singleton so we
92 // don't leak it.
93 class SafeBrowsingBlockingPageFactoryImpl
94 : public SafeBrowsingBlockingPageFactory {
95 public:
96 SafeBrowsingBlockingPage* CreateSafeBrowsingPage(
97 SafeBrowsingUIManager* ui_manager,
98 WebContents* web_contents,
99 const SafeBrowsingBlockingPage::UnsafeResourceList& unsafe_resources)
100 override {
101 return new SafeBrowsingBlockingPage(ui_manager, web_contents,
102 unsafe_resources);
103 }
104
105 private:
106 friend struct base::DefaultLazyInstanceTraits<
107 SafeBrowsingBlockingPageFactoryImpl>;
108
109 SafeBrowsingBlockingPageFactoryImpl() { }
110
111 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingBlockingPageFactoryImpl);
112 };
113
114 static base::LazyInstance<SafeBrowsingBlockingPageFactoryImpl>
115 g_safe_browsing_blocking_page_factory_impl = LAZY_INSTANCE_INITIALIZER;
116
117 // static
118 content::InterstitialPageDelegate::TypeID
119 SafeBrowsingBlockingPage::kTypeForTesting =
120 &SafeBrowsingBlockingPage::kTypeForTesting;
121
122 SafeBrowsingBlockingPage::SafeBrowsingBlockingPage(
123 SafeBrowsingUIManager* ui_manager,
124 WebContents* web_contents,
125 const UnsafeResourceList& unsafe_resources)
126 : SecurityInterstitialPage(web_contents, unsafe_resources[0].url),
127 malware_details_proceed_delay_ms_(
128 kMalwareDetailsProceedDelayMilliSeconds),
129 ui_manager_(ui_manager),
130 report_loop_(NULL),
131 is_main_frame_load_blocked_(IsMainPageLoadBlocked(unsafe_resources)),
132 unsafe_resources_(unsafe_resources),
133 proceeded_(false) {
134 bool malware = false;
135 bool harmful = false;
136 bool phishing = false;
137 for (UnsafeResourceList::const_iterator iter = unsafe_resources_.begin();
138 iter != unsafe_resources_.end(); ++iter) {
139 const UnsafeResource& resource = *iter;
140 SBThreatType threat_type = resource.threat_type;
141 if (threat_type == SB_THREAT_TYPE_URL_MALWARE ||
142 threat_type == SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL) {
143 malware = true;
144 } else if (threat_type == SB_THREAT_TYPE_URL_UNWANTED) {
145 harmful = true;
146 } else {
147 DCHECK(threat_type == SB_THREAT_TYPE_URL_PHISHING ||
148 threat_type == SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL);
149 phishing = true;
150 }
151 }
152 DCHECK(phishing || malware || harmful);
153 if (malware)
154 interstitial_reason_ = SB_REASON_MALWARE;
155 else if (harmful)
156 interstitial_reason_ = SB_REASON_HARMFUL;
157 else
158 interstitial_reason_ = SB_REASON_PHISHING;
159
160 // This must be done after calculating |interstitial_reason_| above.
161 // Use same prefix for UMA as for Rappor.
162 set_metrics_helper(new SecurityInterstitialMetricsHelper(
163 web_contents, request_url(), GetMetricPrefix(), GetMetricPrefix(),
164 SecurityInterstitialMetricsHelper::REPORT_RAPPOR,
165 GetSamplingEventName()));
166 metrics_helper()->RecordUserDecision(SecurityInterstitialMetricsHelper::SHOW);
167 metrics_helper()->RecordUserInteraction(
168 SecurityInterstitialMetricsHelper::TOTAL_VISITS);
169 if (IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled)) {
170 metrics_helper()->RecordUserDecision(
171 SecurityInterstitialMetricsHelper::PROCEEDING_DISABLED);
172 }
173
174 if (!is_main_frame_load_blocked_) {
175 navigation_entry_index_to_remove_ =
176 web_contents->GetController().GetLastCommittedEntryIndex();
177 } else {
178 navigation_entry_index_to_remove_ = -1;
179 }
180
181 // Start computing malware details. They will be sent only
182 // if the user opts-in on the blocking page later.
183 // If there's more than one malicious resources, it means the user
184 // clicked through the first warning, so we don't prepare additional
185 // reports.
186 if (unsafe_resources.size() == 1 &&
187 unsafe_resources[0].threat_type == SB_THREAT_TYPE_URL_MALWARE &&
188 malware_details_.get() == NULL && CanShowMalwareDetailsOption()) {
189 malware_details_ = MalwareDetails::NewMalwareDetails(
190 ui_manager_, web_contents, unsafe_resources[0]);
191 }
192 }
193
194 bool SafeBrowsingBlockingPage::CanShowMalwareDetailsOption() {
195 return (!web_contents()->GetBrowserContext()->IsOffTheRecord() &&
196 web_contents()->GetURL().SchemeIs(url::kHttpScheme));
197 }
198
199 SafeBrowsingBlockingPage::~SafeBrowsingBlockingPage() {
200 }
201
202 void SafeBrowsingBlockingPage::CommandReceived(const std::string& page_cmd) {
203 if (page_cmd == "\"pageLoadComplete\"") {
204 // content::WaitForRenderFrameReady sends this message when the page
205 // load completes. Ignore it.
206 return;
207 }
208
209 int command = 0;
210 bool retval = base::StringToInt(page_cmd, &command);
211 DCHECK(retval) << page_cmd;
212
213 switch (command) {
214 case CMD_DO_REPORT: {
215 // User enabled SB Extended Reporting via the checkbox.
216 SetReportingPreference(true);
217 break;
218 }
219 case CMD_DONT_REPORT: {
220 // User disabled SB Extended Reporting via the checkbox.
221 SetReportingPreference(false);
222 break;
223 }
224 case CMD_OPEN_HELP_CENTER: {
225 // User pressed "Learn more".
226 metrics_helper()->RecordUserInteraction(
227 SecurityInterstitialMetricsHelper::SHOW_LEARN_MORE);
228 GURL learn_more_url(
229 interstitial_reason_ == SB_REASON_PHISHING ?
230 kLearnMorePhishingUrlV2 : kLearnMoreMalwareUrlV2);
231 learn_more_url = google_util::AppendGoogleLocaleParam(
232 learn_more_url, g_browser_process->GetApplicationLocale());
233 OpenURLParams params(learn_more_url,
234 Referrer(),
235 CURRENT_TAB,
236 ui::PAGE_TRANSITION_LINK,
237 false);
238 web_contents()->OpenURL(params);
239 break;
240 }
241 case CMD_OPEN_REPORTING_PRIVACY: {
242 // User pressed on the SB Extended Reporting "privacy policy" link.
243 OpenExtendedReportingPrivacyPolicy();
244 break;
245 }
246 case CMD_PROCEED: {
247 // User pressed on the button to proceed.
248 if (!IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled)) {
249 metrics_helper()->RecordUserDecision(
250 SecurityInterstitialMetricsHelper::PROCEED);
251 interstitial_page()->Proceed();
252 // |this| has been deleted after Proceed() returns.
253 break;
254 }
255 // If the user can't proceed, fall through to CMD_DONT_PROCEED.
256 }
257 case CMD_DONT_PROCEED: {
258 // User pressed on the button to return to safety.
259 // Don't record the user action here because there are other ways of
260 // triggering DontProceed, like clicking the back button.
261 if (is_main_frame_load_blocked_) {
262 // If the load is blocked, we want to close the interstitial and discard
263 // the pending entry.
264 interstitial_page()->DontProceed();
265 // |this| has been deleted after DontProceed() returns.
266 break;
267 }
268
269 // Otherwise the offending entry has committed, and we need to go back or
270 // to a safe page. We will close the interstitial when that page commits.
271 if (web_contents()->GetController().CanGoBack()) {
272 web_contents()->GetController().GoBack();
273 } else {
274 web_contents()->GetController().LoadURL(
275 GURL(chrome::kChromeUINewTabURL),
276 content::Referrer(),
277 ui::PAGE_TRANSITION_AUTO_TOPLEVEL,
278 std::string());
279 }
280 break;
281 }
282 case CMD_OPEN_DIAGNOSTIC: {
283 // User wants to see why this page is blocked.
284 // TODO(felt): element_index will always be 0. See crbug.com/464732
285 size_t element_index = 0;
286 const UnsafeResource& unsafe_resource = unsafe_resources_[element_index];
287 std::string bad_url_spec = unsafe_resource.url.spec();
288 metrics_helper()->RecordUserInteraction(
289 SecurityInterstitialMetricsHelper::SHOW_DIAGNOSTIC);
290 std::string diagnostic =
291 base::StringPrintf(kSbDiagnosticUrl,
292 net::EscapeQueryParamValue(bad_url_spec, true).c_str());
293 GURL diagnostic_url(diagnostic);
294 diagnostic_url = google_util::AppendGoogleLocaleParam(
295 diagnostic_url, g_browser_process->GetApplicationLocale());
296 DCHECK(unsafe_resource.threat_type == SB_THREAT_TYPE_URL_MALWARE ||
297 unsafe_resource.threat_type ==
298 SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL ||
299 unsafe_resource.threat_type == SB_THREAT_TYPE_URL_UNWANTED);
300 OpenURLParams params(
301 diagnostic_url, Referrer(), CURRENT_TAB, ui::PAGE_TRANSITION_LINK,
302 false);
303 web_contents()->OpenURL(params);
304 break;
305 }
306 case CMD_SHOW_MORE_SECTION: {
307 // User has opened up the hidden text.
308 metrics_helper()->RecordUserInteraction(
309 SecurityInterstitialMetricsHelper::SHOW_ADVANCED);
310 break;
311 }
312 }
313 }
314
315 void SafeBrowsingBlockingPage::OverrideRendererPrefs(
316 content::RendererPreferences* prefs) {
317 Profile* profile = Profile::FromBrowserContext(
318 web_contents()->GetBrowserContext());
319 renderer_preferences_util::UpdateFromSystemSettings(
320 prefs, profile, web_contents());
321 }
322
323 void SafeBrowsingBlockingPage::OnProceed() {
324 proceeded_ = true;
325 // Send the malware details, if we opted to.
326 FinishMalwareDetails(malware_details_proceed_delay_ms_);
327
328 NotifySafeBrowsingUIManager(ui_manager_, unsafe_resources_, true);
329
330 // Check to see if some new notifications of unsafe resources have been
331 // received while we were showing the interstitial.
332 UnsafeResourceMap* unsafe_resource_map = GetUnsafeResourcesMap();
333 UnsafeResourceMap::iterator iter = unsafe_resource_map->find(web_contents());
334 SafeBrowsingBlockingPage* blocking_page = NULL;
335 if (iter != unsafe_resource_map->end() && !iter->second.empty()) {
336 // Build an interstitial for all the unsafe resources notifications.
337 // Don't show it now as showing an interstitial while an interstitial is
338 // already showing would cause DontProceed() to be invoked.
339 blocking_page = factory_->CreateSafeBrowsingPage(ui_manager_,
340 web_contents(),
341 iter->second);
342 unsafe_resource_map->erase(iter);
343 }
344
345 // Now that this interstitial is gone, we can show the new one.
346 if (blocking_page)
347 blocking_page->Show();
348 }
349
350 content::InterstitialPageDelegate::TypeID
351 SafeBrowsingBlockingPage::GetTypeForTesting() const {
352 return SafeBrowsingBlockingPage::kTypeForTesting;
353 }
354
355 bool SafeBrowsingBlockingPage::ShouldCreateNewNavigation() const {
356 return is_main_frame_load_blocked_;
357 }
358
359 void SafeBrowsingBlockingPage::OnDontProceed() {
360 // We could have already called Proceed(), in which case we must not notify
361 // the SafeBrowsingUIManager again, as the client has been deleted.
362 if (proceeded_)
363 return;
364
365 if (!IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled)) {
366 metrics_helper()->RecordUserDecision(
367 SecurityInterstitialMetricsHelper::DONT_PROCEED);
368 }
369
370 // Send the malware details, if we opted to.
371 FinishMalwareDetails(0); // No delay
372
373 NotifySafeBrowsingUIManager(ui_manager_, unsafe_resources_, false);
374
375 // The user does not want to proceed, clear the queued unsafe resources
376 // notifications we received while the interstitial was showing.
377 UnsafeResourceMap* unsafe_resource_map = GetUnsafeResourcesMap();
378 UnsafeResourceMap::iterator iter = unsafe_resource_map->find(web_contents());
379 if (iter != unsafe_resource_map->end() && !iter->second.empty()) {
380 NotifySafeBrowsingUIManager(ui_manager_, iter->second, false);
381 unsafe_resource_map->erase(iter);
382 }
383
384 // We don't remove the navigation entry if the tab is being destroyed as this
385 // would trigger a navigation that would cause trouble as the render view host
386 // for the tab has by then already been destroyed. We also don't delete the
387 // current entry if it has been committed again, which is possible on a page
388 // that had a subresource warning.
389 int last_committed_index =
390 web_contents()->GetController().GetLastCommittedEntryIndex();
391 if (navigation_entry_index_to_remove_ != -1 &&
392 navigation_entry_index_to_remove_ != last_committed_index &&
393 !web_contents()->IsBeingDestroyed()) {
394 CHECK(web_contents()->GetController().RemoveEntryAtIndex(
395 navigation_entry_index_to_remove_));
396 navigation_entry_index_to_remove_ = -1;
397 }
398 }
399
400 void SafeBrowsingBlockingPage::FinishMalwareDetails(int64 delay_ms) {
401 if (malware_details_.get() == NULL)
402 return; // Not all interstitials have malware details (eg phishing).
403 DCHECK_EQ(interstitial_reason_, SB_REASON_MALWARE);
404
405 const bool enabled =
406 IsPrefEnabled(prefs::kSafeBrowsingExtendedReportingEnabled);
407 if (!enabled)
408 return;
409
410 metrics_helper()->RecordUserInteraction(
411 SecurityInterstitialMetricsHelper::EXTENDED_REPORTING_IS_ENABLED);
412 // Finish the malware details collection, send it over.
413 BrowserThread::PostDelayedTask(
414 BrowserThread::IO, FROM_HERE,
415 base::Bind(&MalwareDetails::FinishCollection, malware_details_.get()),
416 base::TimeDelta::FromMilliseconds(delay_ms));
417 }
418
419 // static
420 void SafeBrowsingBlockingPage::NotifySafeBrowsingUIManager(
421 SafeBrowsingUIManager* ui_manager,
422 const UnsafeResourceList& unsafe_resources,
423 bool proceed) {
424 BrowserThread::PostTask(
425 BrowserThread::IO, FROM_HERE,
426 base::Bind(&SafeBrowsingUIManager::OnBlockingPageDone,
427 ui_manager, unsafe_resources, proceed));
428 }
429
430 // static
431 SafeBrowsingBlockingPage::UnsafeResourceMap*
432 SafeBrowsingBlockingPage::GetUnsafeResourcesMap() {
433 return g_unsafe_resource_map.Pointer();
434 }
435
436 // static
437 SafeBrowsingBlockingPage* SafeBrowsingBlockingPage::CreateBlockingPage(
438 SafeBrowsingUIManager* ui_manager,
439 WebContents* web_contents,
440 const UnsafeResource& unsafe_resource) {
441 std::vector<UnsafeResource> resources;
442 resources.push_back(unsafe_resource);
443 // Set up the factory if this has not been done already (tests do that
444 // before this method is called).
445 if (!factory_)
446 factory_ = g_safe_browsing_blocking_page_factory_impl.Pointer();
447 return factory_->CreateSafeBrowsingPage(ui_manager, web_contents, resources);
448 }
449
450 // static
451 void SafeBrowsingBlockingPage::ShowBlockingPage(
452 SafeBrowsingUIManager* ui_manager,
453 const UnsafeResource& unsafe_resource) {
454 DVLOG(1) << __FUNCTION__ << " " << unsafe_resource.url.spec();
455 WebContents* web_contents = tab_util::GetWebContentsByID(
456 unsafe_resource.render_process_host_id, unsafe_resource.render_view_id);
457
458 InterstitialPage* interstitial =
459 InterstitialPage::GetInterstitialPage(web_contents);
460 if (interstitial && !unsafe_resource.is_subresource) {
461 // There is already an interstitial showing and we are about to display a
462 // new one for the main frame. Just hide the current one, it is now
463 // irrelevent
464 interstitial->DontProceed();
465 interstitial = NULL;
466 }
467
468 if (!interstitial) {
469 // There are no interstitial currently showing in that tab, go ahead and
470 // show this interstitial.
471 SafeBrowsingBlockingPage* blocking_page =
472 CreateBlockingPage(ui_manager, web_contents, unsafe_resource);
473 blocking_page->Show();
474 return;
475 }
476
477 // This is an interstitial for a page's resource, let's queue it.
478 UnsafeResourceMap* unsafe_resource_map = GetUnsafeResourcesMap();
479 (*unsafe_resource_map)[web_contents].push_back(unsafe_resource);
480 }
481
482 // static
483 bool SafeBrowsingBlockingPage::IsMainPageLoadBlocked(
484 const UnsafeResourceList& unsafe_resources) {
485 // Client-side phishing detection interstitials never block the main frame
486 // load, since they happen after the page is finished loading.
487 if (unsafe_resources[0].threat_type ==
488 SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL) {
489 return false;
490 }
491
492 // Otherwise, check the threat type.
493 return unsafe_resources.size() == 1 && !unsafe_resources[0].is_subresource;
494 }
495
496 std::string SafeBrowsingBlockingPage::GetMetricPrefix() const {
497 switch (interstitial_reason_) {
498 case SB_REASON_MALWARE:
499 return "malware";
500 case SB_REASON_HARMFUL:
501 return "harmful";
502 case SB_REASON_PHISHING:
503 return "phishing";
504 }
505 NOTREACHED();
506 return std::string();
507 }
508
509 std::string SafeBrowsingBlockingPage::GetSamplingEventName() const {
510 switch (interstitial_reason_) {
511 case SB_REASON_MALWARE:
512 return kEventNameMalware;
513 case SB_REASON_HARMFUL:
514 return kEventNameHarmful;
515 case SB_REASON_PHISHING:
516 return kEventNamePhishing;
517 default:
518 return kEventNameOther;
519 }
520 }
521
522 void SafeBrowsingBlockingPage::PopulateInterstitialStrings(
523 base::DictionaryValue* load_time_data) {
524 CHECK(load_time_data);
525 CHECK(!unsafe_resources_.empty());
526
527 load_time_data->SetString("type", "SAFEBROWSING");
528 load_time_data->SetString(
529 "tabTitle", l10n_util::GetStringUTF16(IDS_SAFEBROWSING_V3_TITLE));
530 load_time_data->SetString(
531 "openDetails",
532 l10n_util::GetStringUTF16(IDS_SAFEBROWSING_V3_OPEN_DETAILS_BUTTON));
533 load_time_data->SetString(
534 "closeDetails",
535 l10n_util::GetStringUTF16(IDS_SAFEBROWSING_V3_CLOSE_DETAILS_BUTTON));
536 load_time_data->SetString(
537 "primaryButtonText",
538 l10n_util::GetStringUTF16(IDS_SAFEBROWSING_OVERRIDABLE_SAFETY_BUTTON));
539 load_time_data->SetBoolean(
540 "overridable",
541 !IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled));
542
543 switch (interstitial_reason_) {
544 case SB_REASON_MALWARE:
545 PopulateMalwareLoadTimeData(load_time_data);
546 break;
547 case SB_REASON_HARMFUL:
548 PopulateHarmfulLoadTimeData(load_time_data);
549 break;
550 case SB_REASON_PHISHING:
551 PopulatePhishingLoadTimeData(load_time_data);
552 break;
553 }
554 }
555
556 void SafeBrowsingBlockingPage::PopulateExtendedReportingOption(
557 base::DictionaryValue* load_time_data) {
558 // Only show checkbox if !(HTTPS || incognito-mode).
559 const bool show = CanShowMalwareDetailsOption();
560 load_time_data->SetBoolean(interstitials::kDisplayCheckBox, show);
561 if (!show)
562 return;
563
564 const std::string privacy_link = base::StringPrintf(
565 interstitials::kPrivacyLinkHtml, CMD_OPEN_REPORTING_PRIVACY,
566 l10n_util::GetStringUTF8(IDS_SAFE_BROWSING_PRIVACY_POLICY_PAGE).c_str());
567 load_time_data->SetString(
568 interstitials::kOptInLink,
569 l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_MALWARE_REPORTING_AGREE,
570 base::UTF8ToUTF16(privacy_link)));
571 load_time_data->SetBoolean(
572 interstitials::kBoxChecked,
573 IsPrefEnabled(prefs::kSafeBrowsingExtendedReportingEnabled));
574 }
575
576 void SafeBrowsingBlockingPage::PopulateMalwareLoadTimeData(
577 base::DictionaryValue* load_time_data) {
578 load_time_data->SetBoolean("phishing", false);
579 load_time_data->SetString(
580 "heading", l10n_util::GetStringUTF16(IDS_MALWARE_V3_HEADING));
581 load_time_data->SetString(
582 "primaryParagraph",
583 l10n_util::GetStringFUTF16(
584 IDS_MALWARE_V3_PRIMARY_PARAGRAPH,
585 GetFormattedHostName()));
586 load_time_data->SetString(
587 "explanationParagraph",
588 is_main_frame_load_blocked_ ?
589 l10n_util::GetStringFUTF16(
590 IDS_MALWARE_V3_EXPLANATION_PARAGRAPH,
591 GetFormattedHostName()) :
592 l10n_util::GetStringFUTF16(
593 IDS_MALWARE_V3_EXPLANATION_PARAGRAPH_SUBRESOURCE,
594 base::UTF8ToUTF16(web_contents()->GetURL().host()),
595 GetFormattedHostName()));
596 load_time_data->SetString(
597 "finalParagraph",
598 l10n_util::GetStringUTF16(IDS_MALWARE_V3_PROCEED_PARAGRAPH));
599
600 PopulateExtendedReportingOption(load_time_data);
601 }
602
603 void SafeBrowsingBlockingPage::PopulateHarmfulLoadTimeData(
604 base::DictionaryValue* load_time_data) {
605 load_time_data->SetBoolean("phishing", false);
606 load_time_data->SetString(
607 "heading", l10n_util::GetStringUTF16(IDS_HARMFUL_V3_HEADING));
608 load_time_data->SetString(
609 "primaryParagraph",
610 l10n_util::GetStringFUTF16(
611 IDS_HARMFUL_V3_PRIMARY_PARAGRAPH,
612 GetFormattedHostName()));
613 load_time_data->SetString(
614 "explanationParagraph",
615 l10n_util::GetStringFUTF16(
616 IDS_HARMFUL_V3_EXPLANATION_PARAGRAPH,
617 GetFormattedHostName()));
618 load_time_data->SetString(
619 "finalParagraph",
620 l10n_util::GetStringUTF16(IDS_HARMFUL_V3_PROCEED_PARAGRAPH));
621
622 PopulateExtendedReportingOption(load_time_data);
623 }
624
625 void SafeBrowsingBlockingPage::PopulatePhishingLoadTimeData(
626 base::DictionaryValue* load_time_data) {
627 load_time_data->SetBoolean("phishing", true);
628 load_time_data->SetString(
629 "heading",
630 l10n_util::GetStringUTF16(IDS_PHISHING_V3_HEADING));
631 load_time_data->SetString(
632 "primaryParagraph",
633 l10n_util::GetStringFUTF16(
634 IDS_PHISHING_V3_PRIMARY_PARAGRAPH,
635 GetFormattedHostName()));
636 load_time_data->SetString(
637 "explanationParagraph",
638 l10n_util::GetStringFUTF16(IDS_PHISHING_V3_EXPLANATION_PARAGRAPH,
639 GetFormattedHostName()));
640 load_time_data->SetString(
641 "finalParagraph",
642 l10n_util::GetStringUTF16(IDS_PHISHING_V3_PROCEED_PARAGRAPH));
643
644 PopulateExtendedReportingOption(load_time_data);
645 }