1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 // Implementation of the SafeBrowsingBlockingPage class.
7 #include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h"
11 #include "base/bind.h"
12 #include "base/command_line.h"
13 #include "base/i18n/rtl.h"
14 #include "base/lazy_instance.h"
15 #include "base/metrics/field_trial.h"
16 #include "base/metrics/histogram.h"
17 #include "base/prefs/pref_service.h"
18 #include "base/strings/string_number_conversions.h"
19 #include "base/strings/string_piece.h"
20 #include "base/strings/stringprintf.h"
21 #include "base/strings/utf_string_conversions.h"
22 #include "base/time/time.h"
23 #include "base/values.h"
24 #include "chrome/browser/browser_process.h"
25 #include "chrome/browser/profiles/profile.h"
26 #include "chrome/browser/renderer_preferences_util.h"
27 #include "chrome/browser/safe_browsing/malware_details.h"
28 #include "chrome/browser/safe_browsing/ui_manager.h"
29 #include "chrome/browser/tab_contents/tab_util.h"
30 #include "chrome/common/chrome_switches.h"
31 #include "chrome/common/pref_names.h"
32 #include "chrome/common/url_constants.h"
33 #include "chrome/grit/generated_resources.h"
34 #include "chrome/grit/locale_settings.h"
35 #include "components/google/core/browser/google_util.h"
36 #include "content/public/browser/browser_thread.h"
37 #include "content/public/browser/interstitial_page.h"
38 #include "content/public/browser/navigation_controller.h"
39 #include "content/public/browser/user_metrics.h"
40 #include "content/public/browser/web_contents.h"
41 #include "content/public/common/renderer_preferences.h"
42 #include "grit/browser_resources.h"
43 #include "net/base/escape.h"
44 #include "ui/base/l10n/l10n_util.h"
46 using base::UserMetricsAction
;
47 using content::BrowserThread
;
48 using content::InterstitialPage
;
49 using content::OpenURLParams
;
50 using content::Referrer
;
51 using content::WebContents
;
55 // For malware interstitial pages, we link the problematic URL to Google's
57 #if defined(GOOGLE_CHROME_BUILD)
58 const char kSbDiagnosticUrl
[] =
59 "https://www.google.com/safebrowsing/diagnostic?site=%s&client=googlechrome";
61 const char kSbDiagnosticUrl
[] =
62 "https://www.google.com/safebrowsing/diagnostic?site=%s&client=chromium";
65 // URL for malware and phishing, V2.
66 const char kLearnMoreMalwareUrlV2
[] =
67 "https://www.google.com/transparencyreport/safebrowsing/";
68 const char kLearnMorePhishingUrlV2
[] =
69 "https://www.google.com/transparencyreport/safebrowsing/";
71 // Constants for the V4 phishing string upgrades.
72 const char kSocialEngineeringTrial
[] = "SafeBrowsingSocialEngineeringStrings";
73 const char kSocialEngineeringEnabled
[] = "Enabled";
75 // After a malware interstitial where the user opted-in to the report
76 // but clicked "proceed anyway", we delay the call to
77 // MalwareDetails::FinishCollection() by this much time (in
79 const int64 kMalwareDetailsProceedDelayMilliSeconds
= 3000;
81 // Constants for the Experience Sampling instrumentation.
82 const char kEventNameMalware
[] = "safebrowsing_interstitial_";
83 const char kEventNameHarmful
[] = "harmful_interstitial_";
84 const char kEventNamePhishing
[] = "phishing_interstitial_";
85 const char kEventNameOther
[] = "safebrowsing_other_interstitial_";
87 // Constants for the V4 phishing string upgrades.
88 const char kReportPhishingErrorUrl
[] =
89 "https://www.google.com/safebrowsing/report_error/";
90 const char kReportPhishingErrorTrial
[] = "SafeBrowsingReportPhishingErrorLink";
91 const char kReportPhishingErrorEnabled
[] = "Enabled";
93 base::LazyInstance
<SafeBrowsingBlockingPage::UnsafeResourceMap
>
94 g_unsafe_resource_map
= LAZY_INSTANCE_INITIALIZER
;
99 SafeBrowsingBlockingPageFactory
* SafeBrowsingBlockingPage::factory_
= NULL
;
101 // The default SafeBrowsingBlockingPageFactory. Global, made a singleton so we
103 class SafeBrowsingBlockingPageFactoryImpl
104 : public SafeBrowsingBlockingPageFactory
{
106 SafeBrowsingBlockingPage
* CreateSafeBrowsingPage(
107 SafeBrowsingUIManager
* ui_manager
,
108 WebContents
* web_contents
,
109 const SafeBrowsingBlockingPage::UnsafeResourceList
& unsafe_resources
)
111 return new SafeBrowsingBlockingPage(ui_manager
, web_contents
,
116 friend struct base::DefaultLazyInstanceTraits
<
117 SafeBrowsingBlockingPageFactoryImpl
>;
119 SafeBrowsingBlockingPageFactoryImpl() { }
121 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingBlockingPageFactoryImpl
);
124 static base::LazyInstance
<SafeBrowsingBlockingPageFactoryImpl
>
125 g_safe_browsing_blocking_page_factory_impl
= LAZY_INSTANCE_INITIALIZER
;
128 content::InterstitialPageDelegate::TypeID
129 SafeBrowsingBlockingPage::kTypeForTesting
=
130 &SafeBrowsingBlockingPage::kTypeForTesting
;
132 SafeBrowsingBlockingPage::SafeBrowsingBlockingPage(
133 SafeBrowsingUIManager
* ui_manager
,
134 WebContents
* web_contents
,
135 const UnsafeResourceList
& unsafe_resources
)
136 : SecurityInterstitialPage(web_contents
, unsafe_resources
[0].url
),
137 malware_details_proceed_delay_ms_(
138 kMalwareDetailsProceedDelayMilliSeconds
),
139 ui_manager_(ui_manager
),
140 is_main_frame_load_blocked_(IsMainPageLoadBlocked(unsafe_resources
)),
141 unsafe_resources_(unsafe_resources
),
143 bool malware
= false;
144 bool harmful
= false;
145 bool phishing
= false;
146 for (UnsafeResourceList::const_iterator iter
= unsafe_resources_
.begin();
147 iter
!= unsafe_resources_
.end(); ++iter
) {
148 const UnsafeResource
& resource
= *iter
;
149 SBThreatType threat_type
= resource
.threat_type
;
150 if (threat_type
== SB_THREAT_TYPE_URL_MALWARE
||
151 threat_type
== SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL
) {
153 } else if (threat_type
== SB_THREAT_TYPE_URL_UNWANTED
) {
156 DCHECK(threat_type
== SB_THREAT_TYPE_URL_PHISHING
||
157 threat_type
== SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL
);
161 DCHECK(phishing
|| malware
|| harmful
);
163 interstitial_reason_
= SB_REASON_MALWARE
;
165 interstitial_reason_
= SB_REASON_HARMFUL
;
167 interstitial_reason_
= SB_REASON_PHISHING
;
169 // This must be done after calculating |interstitial_reason_| above.
170 // Use same prefix for UMA as for Rappor.
171 set_metrics_helper(new SecurityInterstitialMetricsHelper(
172 web_contents
, request_url(), GetMetricPrefix(), GetRapporPrefix(),
173 SecurityInterstitialMetricsHelper::REPORT_RAPPOR_FOR_SAFE_BROWSING
,
174 GetSamplingEventName()));
175 metrics_helper()->RecordUserDecision(SecurityInterstitialMetricsHelper::SHOW
);
176 metrics_helper()->RecordUserInteraction(
177 SecurityInterstitialMetricsHelper::TOTAL_VISITS
);
178 if (IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled
)) {
179 metrics_helper()->RecordUserDecision(
180 SecurityInterstitialMetricsHelper::PROCEEDING_DISABLED
);
183 if (!is_main_frame_load_blocked_
) {
184 navigation_entry_index_to_remove_
=
185 web_contents
->GetController().GetLastCommittedEntryIndex();
187 navigation_entry_index_to_remove_
= -1;
190 // Start computing malware details. They will be sent only
191 // if the user opts-in on the blocking page later.
192 // If there's more than one malicious resources, it means the user
193 // clicked through the first warning, so we don't prepare additional
195 if (unsafe_resources
.size() == 1 &&
196 unsafe_resources
[0].threat_type
== SB_THREAT_TYPE_URL_MALWARE
&&
197 malware_details_
.get() == NULL
&& CanShowMalwareDetailsOption()) {
198 malware_details_
= MalwareDetails::NewMalwareDetails(
199 ui_manager_
, web_contents
, unsafe_resources
[0]);
203 bool SafeBrowsingBlockingPage::CanShowMalwareDetailsOption() {
204 return (!web_contents()->GetBrowserContext()->IsOffTheRecord() &&
205 web_contents()->GetURL().SchemeIs(url::kHttpScheme
) &&
206 IsPrefEnabled(prefs::kSafeBrowsingExtendedReportingOptInAllowed
));
209 SafeBrowsingBlockingPage::~SafeBrowsingBlockingPage() {
212 void SafeBrowsingBlockingPage::CommandReceived(const std::string
& page_cmd
) {
213 if (page_cmd
== "\"pageLoadComplete\"") {
214 // content::WaitForRenderFrameReady sends this message when the page
215 // load completes. Ignore it.
220 bool retval
= base::StringToInt(page_cmd
, &command
);
221 DCHECK(retval
) << page_cmd
;
224 case CMD_DO_REPORT
: {
225 // User enabled SB Extended Reporting via the checkbox.
226 SetReportingPreference(true);
229 case CMD_DONT_REPORT
: {
230 // User disabled SB Extended Reporting via the checkbox.
231 SetReportingPreference(false);
234 case CMD_OPEN_HELP_CENTER
: {
235 // User pressed "Learn more".
236 metrics_helper()->RecordUserInteraction(
237 SecurityInterstitialMetricsHelper::SHOW_LEARN_MORE
);
239 interstitial_reason_
== SB_REASON_PHISHING
?
240 kLearnMorePhishingUrlV2
: kLearnMoreMalwareUrlV2
);
241 learn_more_url
= google_util::AppendGoogleLocaleParam(
242 learn_more_url
, g_browser_process
->GetApplicationLocale());
243 OpenURLParams
params(learn_more_url
,
246 ui::PAGE_TRANSITION_LINK
,
248 web_contents()->OpenURL(params
);
251 case CMD_OPEN_REPORTING_PRIVACY
: {
252 // User pressed on the SB Extended Reporting "privacy policy" link.
253 OpenExtendedReportingPrivacyPolicy();
257 // User pressed on the button to proceed.
258 if (!IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled
)) {
259 metrics_helper()->RecordUserDecision(
260 SecurityInterstitialMetricsHelper::PROCEED
);
261 interstitial_page()->Proceed();
262 // |this| has been deleted after Proceed() returns.
265 // If the user can't proceed, fall through to CMD_DONT_PROCEED.
267 case CMD_DONT_PROCEED
: {
268 // User pressed on the button to return to safety.
269 // Don't record the user action here because there are other ways of
270 // triggering DontProceed, like clicking the back button.
271 if (is_main_frame_load_blocked_
) {
272 // If the load is blocked, we want to close the interstitial and discard
273 // the pending entry.
274 interstitial_page()->DontProceed();
275 // |this| has been deleted after DontProceed() returns.
279 // Otherwise the offending entry has committed, and we need to go back or
280 // to a safe page. We will close the interstitial when that page commits.
281 if (web_contents()->GetController().CanGoBack()) {
282 web_contents()->GetController().GoBack();
284 web_contents()->GetController().LoadURL(
285 GURL(chrome::kChromeUINewTabURL
),
287 ui::PAGE_TRANSITION_AUTO_TOPLEVEL
,
292 case CMD_OPEN_DIAGNOSTIC
: {
293 // User wants to see why this page is blocked.
294 const UnsafeResource
& unsafe_resource
= unsafe_resources_
[0];
295 std::string bad_url_spec
= unsafe_resource
.url
.spec();
296 metrics_helper()->RecordUserInteraction(
297 SecurityInterstitialMetricsHelper::SHOW_DIAGNOSTIC
);
298 std::string diagnostic
=
299 base::StringPrintf(kSbDiagnosticUrl
,
300 net::EscapeQueryParamValue(bad_url_spec
, true).c_str());
301 GURL
diagnostic_url(diagnostic
);
302 diagnostic_url
= google_util::AppendGoogleLocaleParam(
303 diagnostic_url
, g_browser_process
->GetApplicationLocale());
304 DCHECK(unsafe_resource
.threat_type
== SB_THREAT_TYPE_URL_MALWARE
||
305 unsafe_resource
.threat_type
==
306 SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL
||
307 unsafe_resource
.threat_type
== SB_THREAT_TYPE_URL_UNWANTED
);
308 OpenURLParams
params(
309 diagnostic_url
, Referrer(), CURRENT_TAB
, ui::PAGE_TRANSITION_LINK
,
311 web_contents()->OpenURL(params
);
314 case CMD_SHOW_MORE_SECTION
: {
315 // User has opened up the hidden text.
316 metrics_helper()->RecordUserInteraction(
317 SecurityInterstitialMetricsHelper::SHOW_ADVANCED
);
320 case CMD_REPORT_PHISHING_ERROR
: {
321 // User wants to report a phishing error.
322 metrics_helper()->RecordUserInteraction(
323 SecurityInterstitialMetricsHelper::REPORT_PHISHING_ERROR
);
324 GURL
phishing_error_url(kReportPhishingErrorUrl
);
325 phishing_error_url
= google_util::AppendGoogleLocaleParam(
326 phishing_error_url
, g_browser_process
->GetApplicationLocale());
327 OpenURLParams
params(phishing_error_url
, Referrer(), CURRENT_TAB
,
328 ui::PAGE_TRANSITION_LINK
, false);
329 web_contents()->OpenURL(params
);
335 void SafeBrowsingBlockingPage::OverrideRendererPrefs(
336 content::RendererPreferences
* prefs
) {
337 Profile
* profile
= Profile::FromBrowserContext(
338 web_contents()->GetBrowserContext());
339 renderer_preferences_util::UpdateFromSystemSettings(
340 prefs
, profile
, web_contents());
343 void SafeBrowsingBlockingPage::OnProceed() {
345 // Send the malware details, if we opted to.
346 FinishMalwareDetails(malware_details_proceed_delay_ms_
);
348 NotifySafeBrowsingUIManager(ui_manager_
, unsafe_resources_
, true);
350 // Check to see if some new notifications of unsafe resources have been
351 // received while we were showing the interstitial.
352 UnsafeResourceMap
* unsafe_resource_map
= GetUnsafeResourcesMap();
353 UnsafeResourceMap::iterator iter
= unsafe_resource_map
->find(web_contents());
354 SafeBrowsingBlockingPage
* blocking_page
= NULL
;
355 if (iter
!= unsafe_resource_map
->end() && !iter
->second
.empty()) {
356 // Build an interstitial for all the unsafe resources notifications.
357 // Don't show it now as showing an interstitial while an interstitial is
358 // already showing would cause DontProceed() to be invoked.
359 blocking_page
= factory_
->CreateSafeBrowsingPage(ui_manager_
,
362 unsafe_resource_map
->erase(iter
);
365 // Now that this interstitial is gone, we can show the new one.
367 blocking_page
->Show();
370 content::InterstitialPageDelegate::TypeID
371 SafeBrowsingBlockingPage::GetTypeForTesting() const {
372 return SafeBrowsingBlockingPage::kTypeForTesting
;
375 bool SafeBrowsingBlockingPage::ShouldCreateNewNavigation() const {
376 return is_main_frame_load_blocked_
;
379 void SafeBrowsingBlockingPage::OnDontProceed() {
380 // We could have already called Proceed(), in which case we must not notify
381 // the SafeBrowsingUIManager again, as the client has been deleted.
385 if (!IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled
)) {
386 metrics_helper()->RecordUserDecision(
387 SecurityInterstitialMetricsHelper::DONT_PROCEED
);
390 // Send the malware details, if we opted to.
391 FinishMalwareDetails(0); // No delay
393 NotifySafeBrowsingUIManager(ui_manager_
, unsafe_resources_
, false);
395 // The user does not want to proceed, clear the queued unsafe resources
396 // notifications we received while the interstitial was showing.
397 UnsafeResourceMap
* unsafe_resource_map
= GetUnsafeResourcesMap();
398 UnsafeResourceMap::iterator iter
= unsafe_resource_map
->find(web_contents());
399 if (iter
!= unsafe_resource_map
->end() && !iter
->second
.empty()) {
400 NotifySafeBrowsingUIManager(ui_manager_
, iter
->second
, false);
401 unsafe_resource_map
->erase(iter
);
404 // We don't remove the navigation entry if the tab is being destroyed as this
405 // would trigger a navigation that would cause trouble as the render view host
406 // for the tab has by then already been destroyed. We also don't delete the
407 // current entry if it has been committed again, which is possible on a page
408 // that had a subresource warning.
409 int last_committed_index
=
410 web_contents()->GetController().GetLastCommittedEntryIndex();
411 if (navigation_entry_index_to_remove_
!= -1 &&
412 navigation_entry_index_to_remove_
!= last_committed_index
&&
413 !web_contents()->IsBeingDestroyed()) {
414 CHECK(web_contents()->GetController().RemoveEntryAtIndex(
415 navigation_entry_index_to_remove_
));
416 navigation_entry_index_to_remove_
= -1;
420 void SafeBrowsingBlockingPage::FinishMalwareDetails(int64 delay_ms
) {
421 if (malware_details_
.get() == NULL
)
422 return; // Not all interstitials have malware details (eg phishing).
423 DCHECK_EQ(interstitial_reason_
, SB_REASON_MALWARE
);
426 IsPrefEnabled(prefs::kSafeBrowsingExtendedReportingEnabled
) &&
427 IsPrefEnabled(prefs::kSafeBrowsingExtendedReportingOptInAllowed
);
431 metrics_helper()->RecordUserInteraction(
432 SecurityInterstitialMetricsHelper::EXTENDED_REPORTING_IS_ENABLED
);
433 // Finish the malware details collection, send it over.
434 BrowserThread::PostDelayedTask(
435 BrowserThread::IO
, FROM_HERE
,
436 base::Bind(&MalwareDetails::FinishCollection
, malware_details_
.get()),
437 base::TimeDelta::FromMilliseconds(delay_ms
));
441 void SafeBrowsingBlockingPage::NotifySafeBrowsingUIManager(
442 SafeBrowsingUIManager
* ui_manager
,
443 const UnsafeResourceList
& unsafe_resources
,
445 BrowserThread::PostTask(
446 BrowserThread::IO
, FROM_HERE
,
447 base::Bind(&SafeBrowsingUIManager::OnBlockingPageDone
,
448 ui_manager
, unsafe_resources
, proceed
));
452 SafeBrowsingBlockingPage::UnsafeResourceMap
*
453 SafeBrowsingBlockingPage::GetUnsafeResourcesMap() {
454 return g_unsafe_resource_map
.Pointer();
458 SafeBrowsingBlockingPage
* SafeBrowsingBlockingPage::CreateBlockingPage(
459 SafeBrowsingUIManager
* ui_manager
,
460 WebContents
* web_contents
,
461 const UnsafeResource
& unsafe_resource
) {
462 std::vector
<UnsafeResource
> resources
;
463 resources
.push_back(unsafe_resource
);
464 // Set up the factory if this has not been done already (tests do that
465 // before this method is called).
467 factory_
= g_safe_browsing_blocking_page_factory_impl
.Pointer();
468 return factory_
->CreateSafeBrowsingPage(ui_manager
, web_contents
, resources
);
472 void SafeBrowsingBlockingPage::ShowBlockingPage(
473 SafeBrowsingUIManager
* ui_manager
,
474 const UnsafeResource
& unsafe_resource
) {
475 DVLOG(1) << __FUNCTION__
<< " " << unsafe_resource
.url
.spec();
476 WebContents
* web_contents
= tab_util::GetWebContentsByID(
477 unsafe_resource
.render_process_host_id
, unsafe_resource
.render_view_id
);
479 InterstitialPage
* interstitial
=
480 InterstitialPage::GetInterstitialPage(web_contents
);
481 if (interstitial
&& !unsafe_resource
.is_subresource
) {
482 // There is already an interstitial showing and we are about to display a
483 // new one for the main frame. Just hide the current one, it is now
485 interstitial
->DontProceed();
490 // There are no interstitial currently showing in that tab, go ahead and
491 // show this interstitial.
492 SafeBrowsingBlockingPage
* blocking_page
=
493 CreateBlockingPage(ui_manager
, web_contents
, unsafe_resource
);
494 blocking_page
->Show();
498 // This is an interstitial for a page's resource, let's queue it.
499 UnsafeResourceMap
* unsafe_resource_map
= GetUnsafeResourcesMap();
500 (*unsafe_resource_map
)[web_contents
].push_back(unsafe_resource
);
504 bool SafeBrowsingBlockingPage::IsMainPageLoadBlocked(
505 const UnsafeResourceList
& unsafe_resources
) {
506 // Client-side phishing detection interstitials never block the main frame
507 // load, since they happen after the page is finished loading.
508 if (unsafe_resources
[0].threat_type
==
509 SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL
) {
513 // Otherwise, check the threat type.
514 return unsafe_resources
.size() == 1 && !unsafe_resources
[0].is_subresource
;
517 std::string
SafeBrowsingBlockingPage::GetMetricPrefix() const {
518 bool primary_subresource
= unsafe_resources_
[0].is_subresource
;
519 switch (interstitial_reason_
) {
520 case SB_REASON_MALWARE
:
521 return primary_subresource
? "malware_subresource" : "malware";
522 case SB_REASON_HARMFUL
:
523 return primary_subresource
? "harmful_subresource" : "harmful";
524 case SB_REASON_PHISHING
:
525 return primary_subresource
? "phishing_subresource" : "phishing";
528 return std::string();
531 std::string
SafeBrowsingBlockingPage::GetRapporPrefix() const {
532 switch (interstitial_reason_
) {
533 case SB_REASON_MALWARE
:
535 case SB_REASON_HARMFUL
:
537 case SB_REASON_PHISHING
:
541 return std::string();
544 std::string
SafeBrowsingBlockingPage::GetSamplingEventName() const {
545 switch (interstitial_reason_
) {
546 case SB_REASON_MALWARE
:
547 return kEventNameMalware
;
548 case SB_REASON_HARMFUL
:
549 return kEventNameHarmful
;
550 case SB_REASON_PHISHING
:
551 return kEventNamePhishing
;
553 return kEventNameOther
;
557 void SafeBrowsingBlockingPage::PopulateInterstitialStrings(
558 base::DictionaryValue
* load_time_data
) {
559 CHECK(load_time_data
);
560 CHECK(!unsafe_resources_
.empty());
562 load_time_data
->SetString("type", "SAFEBROWSING");
563 load_time_data
->SetString(
564 "tabTitle", l10n_util::GetStringUTF16(IDS_SAFEBROWSING_V3_TITLE
));
565 load_time_data
->SetString(
567 l10n_util::GetStringUTF16(IDS_SAFEBROWSING_V3_OPEN_DETAILS_BUTTON
));
568 load_time_data
->SetString(
570 l10n_util::GetStringUTF16(IDS_SAFEBROWSING_V3_CLOSE_DETAILS_BUTTON
));
571 load_time_data
->SetString(
573 l10n_util::GetStringUTF16(IDS_SAFEBROWSING_OVERRIDABLE_SAFETY_BUTTON
));
574 load_time_data
->SetBoolean(
576 !IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled
));
578 switch (interstitial_reason_
) {
579 case SB_REASON_MALWARE
:
580 PopulateMalwareLoadTimeData(load_time_data
);
582 case SB_REASON_HARMFUL
:
583 PopulateHarmfulLoadTimeData(load_time_data
);
585 case SB_REASON_PHISHING
:
586 PopulatePhishingLoadTimeData(load_time_data
);
591 void SafeBrowsingBlockingPage::PopulateExtendedReportingOption(
592 base::DictionaryValue
* load_time_data
) {
593 // Only show checkbox if !(HTTPS || incognito-mode).
594 const bool show
= CanShowMalwareDetailsOption();
595 load_time_data
->SetBoolean(interstitials::kDisplayCheckBox
, show
);
599 const std::string privacy_link
= base::StringPrintf(
600 interstitials::kPrivacyLinkHtml
, CMD_OPEN_REPORTING_PRIVACY
,
601 l10n_util::GetStringUTF8(IDS_SAFE_BROWSING_PRIVACY_POLICY_PAGE
).c_str());
602 load_time_data
->SetString(
603 interstitials::kOptInLink
,
604 l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_MALWARE_REPORTING_AGREE
,
605 base::UTF8ToUTF16(privacy_link
)));
606 load_time_data
->SetBoolean(
607 interstitials::kBoxChecked
,
608 IsPrefEnabled(prefs::kSafeBrowsingExtendedReportingEnabled
));
611 void SafeBrowsingBlockingPage::PopulateMalwareLoadTimeData(
612 base::DictionaryValue
* load_time_data
) {
613 load_time_data
->SetBoolean("phishing", false);
614 load_time_data
->SetString(
615 "heading", l10n_util::GetStringUTF16(IDS_MALWARE_V3_HEADING
));
616 load_time_data
->SetString(
618 l10n_util::GetStringFUTF16(
619 IDS_MALWARE_V3_PRIMARY_PARAGRAPH
,
620 GetFormattedHostName()));
621 load_time_data
->SetString(
622 "explanationParagraph",
623 is_main_frame_load_blocked_
?
624 l10n_util::GetStringFUTF16(
625 IDS_MALWARE_V3_EXPLANATION_PARAGRAPH
,
626 GetFormattedHostName()) :
627 l10n_util::GetStringFUTF16(
628 IDS_MALWARE_V3_EXPLANATION_PARAGRAPH_SUBRESOURCE
,
629 base::UTF8ToUTF16(web_contents()->GetURL().host()),
630 GetFormattedHostName()));
631 load_time_data
->SetString(
633 l10n_util::GetStringUTF16(IDS_MALWARE_V3_PROCEED_PARAGRAPH
));
635 PopulateExtendedReportingOption(load_time_data
);
638 void SafeBrowsingBlockingPage::PopulateHarmfulLoadTimeData(
639 base::DictionaryValue
* load_time_data
) {
640 load_time_data
->SetBoolean("phishing", false);
641 load_time_data
->SetString(
642 "heading", l10n_util::GetStringUTF16(IDS_HARMFUL_V3_HEADING
));
643 load_time_data
->SetString(
645 l10n_util::GetStringFUTF16(
646 IDS_HARMFUL_V3_PRIMARY_PARAGRAPH
,
647 GetFormattedHostName()));
648 load_time_data
->SetString(
649 "explanationParagraph",
650 l10n_util::GetStringFUTF16(
651 IDS_HARMFUL_V3_EXPLANATION_PARAGRAPH
,
652 GetFormattedHostName()));
653 load_time_data
->SetString(
655 l10n_util::GetStringUTF16(IDS_HARMFUL_V3_PROCEED_PARAGRAPH
));
657 PopulateExtendedReportingOption(load_time_data
);
660 void SafeBrowsingBlockingPage::PopulatePhishingLoadTimeData(
661 base::DictionaryValue
* load_time_data
) {
662 bool use_social_engineering_strings
=
663 base::FieldTrialList::FindFullName(kSocialEngineeringTrial
) ==
664 kSocialEngineeringEnabled
;
665 load_time_data
->SetBoolean("phishing", true);
666 load_time_data
->SetString(
667 "heading", l10n_util::GetStringUTF16(use_social_engineering_strings
668 ? IDS_PHISHING_V4_HEADING
669 : IDS_PHISHING_V3_HEADING
));
670 load_time_data
->SetString(
672 l10n_util::GetStringFUTF16(use_social_engineering_strings
673 ? IDS_PHISHING_V4_PRIMARY_PARAGRAPH
674 : IDS_PHISHING_V3_PRIMARY_PARAGRAPH
,
675 GetFormattedHostName()));
676 load_time_data
->SetString(
677 "explanationParagraph",
678 l10n_util::GetStringFUTF16(IDS_PHISHING_V3_EXPLANATION_PARAGRAPH
,
679 GetFormattedHostName()));
681 if (base::FieldTrialList::FindFullName(kReportPhishingErrorTrial
) ==
682 kReportPhishingErrorEnabled
) {
683 load_time_data
->SetString(
684 "finalParagraph", l10n_util::GetStringUTF16(
685 IDS_PHISHING_V4_PROCEED_AND_REPORT_PARAGRAPH
));
687 load_time_data
->SetString(
689 l10n_util::GetStringUTF16(IDS_PHISHING_V3_PROCEED_PARAGRAPH
));
692 PopulateExtendedReportingOption(load_time_data
);