1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/ssl/captive_portal_blocking_page.h"
7 #include "base/i18n/rtl.h"
8 #include "base/metrics/histogram.h"
9 #include "base/prefs/pref_service.h"
10 #include "base/strings/string_number_conversions.h"
11 #include "base/strings/string_util.h"
12 #include "base/strings/utf_string_conversions.h"
13 #include "base/values.h"
14 #include "chrome/browser/captive_portal/captive_portal_tab_helper.h"
15 #include "chrome/browser/profiles/profile.h"
16 #include "chrome/browser/ssl/cert_report_helper.h"
17 #include "chrome/browser/ssl/ssl_cert_reporter.h"
18 #include "chrome/common/pref_names.h"
19 #include "components/captive_portal/captive_portal_detector.h"
20 #include "components/certificate_reporting/error_reporter.h"
21 #include "components/url_formatter/url_formatter.h"
22 #include "components/wifi/wifi_service.h"
23 #include "content/public/browser/web_contents.h"
24 #include "grit/generated_resources.h"
25 #include "net/base/net_util.h"
26 #include "net/base/network_change_notifier.h"
27 #include "net/base/network_interfaces.h"
28 #include "net/ssl/ssl_info.h"
29 #include "ui/base/l10n/l10n_util.h"
34 enum CaptivePortalBlockingPageEvent
{
37 CAPTIVE_PORTAL_BLOCKING_PAGE_EVENT_COUNT
40 void RecordUMA(CaptivePortalBlockingPageEvent event
) {
41 UMA_HISTOGRAM_ENUMERATION("interstitial.captive_portal", event
,
42 CAPTIVE_PORTAL_BLOCKING_PAGE_EVENT_COUNT
);
48 const void* const CaptivePortalBlockingPage::kTypeForTesting
=
49 &CaptivePortalBlockingPage::kTypeForTesting
;
51 CaptivePortalBlockingPage::CaptivePortalBlockingPage(
52 content::WebContents
* web_contents
,
53 const GURL
& request_url
,
54 const GURL
& login_url
,
55 scoped_ptr
<SSLCertReporter
> ssl_cert_reporter
,
56 const net::SSLInfo
& ssl_info
,
57 const base::Callback
<void(bool)>& callback
)
58 : SecurityInterstitialPage(web_contents
, request_url
),
59 login_url_(login_url
),
61 DCHECK(login_url_
.is_valid());
63 if (ssl_cert_reporter
) {
64 cert_report_helper_
.reset(new CertReportHelper(
65 ssl_cert_reporter
.Pass(), web_contents
, request_url
, ssl_info
,
66 certificate_reporting::ErrorReport::INTERSTITIAL_CAPTIVE_PORTAL
, false,
73 CaptivePortalBlockingPage::~CaptivePortalBlockingPage() {
76 const void* CaptivePortalBlockingPage::GetTypeForTesting() const {
77 return CaptivePortalBlockingPage::kTypeForTesting
;
80 bool CaptivePortalBlockingPage::IsWifiConnection() const {
81 // |net::NetworkChangeNotifier::GetConnectionType| isn't accurate on Linux
82 // and Windows. See https://crbug.com/160537 for details.
83 // TODO(meacer): Add heuristics to get a more accurate connection type on
85 return net::NetworkChangeNotifier::GetConnectionType() ==
86 net::NetworkChangeNotifier::CONNECTION_WIFI
;
89 std::string
CaptivePortalBlockingPage::GetWiFiSSID() const {
90 // On Windows and Mac, |WiFiService| provides an easy to use API to get the
91 // currently associated WiFi access point. |WiFiService| isn't available on
92 // Linux so |net::GetWifiSSID| is used instead.
94 #if defined(OS_WIN) || defined(OS_MACOSX)
95 scoped_ptr
<wifi::WiFiService
> wifi_service(wifi::WiFiService::Create());
96 wifi_service
->Initialize(nullptr);
98 wifi_service
->GetConnectedNetworkSSID(&ssid
, &error
);
100 return std::string();
101 #elif defined(OS_LINUX)
102 ssid
= net::GetWifiSSID();
104 // TODO(meacer): Handle non UTF8 SSIDs.
105 if (!base::IsStringUTF8(ssid
))
106 return std::string();
110 bool CaptivePortalBlockingPage::ShouldCreateNewNavigation() const {
111 // Captive portal interstitials always create new navigation entries, as
112 // opposed to SafeBrowsing subresource interstitials which just block access
113 // to the current page and don't create a new entry.
117 void CaptivePortalBlockingPage::PopulateInterstitialStrings(
118 base::DictionaryValue
* load_time_data
) {
119 load_time_data
->SetString("iconClass", "icon-offline");
120 load_time_data
->SetString("type", "CAPTIVE_PORTAL");
121 load_time_data
->SetBoolean("overridable", false);
123 // |IsWifiConnection| isn't accurate on some platforms, so always try to get
124 // the Wi-Fi SSID even if |IsWifiConnection| is false.
125 std::string wifi_ssid
= GetWiFiSSID();
126 bool is_wifi
= !wifi_ssid
.empty() || IsWifiConnection();
128 load_time_data
->SetString(
130 l10n_util::GetStringUTF16(IDS_CAPTIVE_PORTAL_BUTTON_OPEN_LOGIN_PAGE
));
132 base::string16 tab_title
=
133 l10n_util::GetStringUTF16(is_wifi
? IDS_CAPTIVE_PORTAL_HEADING_WIFI
134 : IDS_CAPTIVE_PORTAL_HEADING_WIRED
);
135 load_time_data
->SetString("tabTitle", tab_title
);
136 load_time_data
->SetString("heading", tab_title
);
138 base::string16 paragraph
;
139 if (login_url_
.spec() == captive_portal::CaptivePortalDetector::kDefaultURL
) {
140 // Captive portal may intercept requests without HTTP redirects, in which
141 // case the login url would be the same as the captive portal detection url.
142 // Don't show the login url in that case.
143 if (wifi_ssid
.empty()) {
144 paragraph
= l10n_util::GetStringUTF16(
145 is_wifi
? IDS_CAPTIVE_PORTAL_PRIMARY_PARAGRAPH_NO_LOGIN_URL_WIFI
146 : IDS_CAPTIVE_PORTAL_PRIMARY_PARAGRAPH_NO_LOGIN_URL_WIRED
);
148 paragraph
= l10n_util::GetStringFUTF16(
149 IDS_CAPTIVE_PORTAL_PRIMARY_PARAGRAPH_NO_LOGIN_URL_WIFI_SSID
,
150 net::EscapeForHTML(base::UTF8ToUTF16(wifi_ssid
)));
153 // Portal redirection was done with HTTP redirects, so show the login URL.
154 // If |languages| is empty, punycode in |login_host| will always be decoded.
155 std::string languages
;
157 Profile::FromBrowserContext(web_contents()->GetBrowserContext());
159 languages
= profile
->GetPrefs()->GetString(prefs::kAcceptLanguages
);
160 base::string16 login_host
=
161 url_formatter::IDNToUnicode(login_url_
.host(), languages
);
162 if (base::i18n::IsRTL())
163 base::i18n::WrapStringWithLTRFormatting(&login_host
);
165 if (wifi_ssid
.empty()) {
166 paragraph
= l10n_util::GetStringFUTF16(
167 is_wifi
? IDS_CAPTIVE_PORTAL_PRIMARY_PARAGRAPH_WIFI
168 : IDS_CAPTIVE_PORTAL_PRIMARY_PARAGRAPH_WIRED
,
171 paragraph
= l10n_util::GetStringFUTF16(
172 IDS_CAPTIVE_PORTAL_PRIMARY_PARAGRAPH_WIFI_SSID
,
173 net::EscapeForHTML(base::UTF8ToUTF16(wifi_ssid
)), login_host
);
176 load_time_data
->SetString("primaryParagraph", paragraph
);
177 // Explicitly specify other expected fields to empty.
178 load_time_data
->SetString("openDetails", base::string16());
179 load_time_data
->SetString("closeDetails", base::string16());
180 load_time_data
->SetString("explanationParagraph", base::string16());
181 load_time_data
->SetString("finalParagraph", base::string16());
183 if (cert_report_helper_
)
184 cert_report_helper_
->PopulateExtendedReportingOption(load_time_data
);
187 void CaptivePortalBlockingPage::CommandReceived(const std::string
& command
) {
188 if (command
== "\"pageLoadComplete\"") {
189 // content::WaitForRenderFrameReady sends this message when the page
190 // load completes. Ignore it.
194 bool command_is_num
= base::StringToInt(command
, &command_num
);
195 DCHECK(command_is_num
) << command
;
196 // Any command other than "open the login page" is ignored.
197 if (command_num
== CMD_OPEN_LOGIN
) {
198 RecordUMA(OPEN_LOGIN_PAGE
);
199 CaptivePortalTabHelper::OpenLoginTabForWebContents(web_contents(), true);
203 void CaptivePortalBlockingPage::OnProceed() {
204 if (cert_report_helper_
) {
205 // Finish collecting information about invalid certificates, if the
207 cert_report_helper_
->FinishCertCollection(
208 certificate_reporting::ErrorReport::USER_PROCEEDED
);
212 void CaptivePortalBlockingPage::OnDontProceed() {
213 if (cert_report_helper_
) {
214 // Finish collecting information about invalid certificates, if the
216 cert_report_helper_
->FinishCertCollection(
217 certificate_reporting::ErrorReport::USER_DID_NOT_PROCEED
);
220 // Need to explicity deny the certificate via the callback, otherwise memory
222 if (!callback_
.is_null()) {
223 callback_
.Run(false);