search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Elim cr-checkbox
[chromium-blink-merge.git] / chrome / browser / safe_browsing / safe_browsing_blocking_page.cc
blobc74fb7a28b4f7f7880b003ca314ad64a86833f5a
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 //
5 // Implementation of the SafeBrowsingBlockingPage class.
6
7 #include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h"
8
9 #include <string>
10
11 #include "base/bind.h"
12 #include "base/command_line.h"
13 #include "base/i18n/rtl.h"
14 #include "base/lazy_instance.h"
15 #include "base/metrics/field_trial.h"
16 #include "base/metrics/histogram.h"
17 #include "base/prefs/pref_service.h"
18 #include "base/strings/string_number_conversions.h"
19 #include "base/strings/string_piece.h"
20 #include "base/strings/stringprintf.h"
21 #include "base/strings/utf_string_conversions.h"
22 #include "base/time/time.h"
23 #include "base/values.h"
24 #include "chrome/browser/browser_process.h"
25 #include "chrome/browser/profiles/profile.h"
26 #include "chrome/browser/renderer_preferences_util.h"
27 #include "chrome/browser/safe_browsing/malware_details.h"
28 #include "chrome/browser/safe_browsing/ui_manager.h"
29 #include "chrome/browser/tab_contents/tab_util.h"
30 #include "chrome/common/chrome_switches.h"
31 #include "chrome/common/pref_names.h"
32 #include "chrome/common/url_constants.h"
33 #include "chrome/grit/generated_resources.h"
34 #include "chrome/grit/locale_settings.h"
35 #include "components/google/core/browser/google_util.h"
36 #include "content/public/browser/browser_thread.h"
37 #include "content/public/browser/interstitial_page.h"
38 #include "content/public/browser/navigation_controller.h"
39 #include "content/public/browser/user_metrics.h"
40 #include "content/public/browser/web_contents.h"
41 #include "content/public/common/renderer_preferences.h"
42 #include "grit/browser_resources.h"
43 #include "net/base/escape.h"
44 #include "ui/base/l10n/l10n_util.h"
45
46 using base::UserMetricsAction;
47 using content::BrowserThread;
48 using content::InterstitialPage;
49 using content::OpenURLParams;
50 using content::Referrer;
51 using content::WebContents;
52
53 namespace {
54
55 // For malware interstitial pages, we link the problematic URL to Google's
56 // diagnostic page.
57 #if defined(GOOGLE_CHROME_BUILD)
58 const char kSbDiagnosticUrl[] =
59 "https://www.google.com/safebrowsing/diagnostic?site=%s&client=googlechrome";
60 #else
61 const char kSbDiagnosticUrl[] =
62 "https://www.google.com/safebrowsing/diagnostic?site=%s&client=chromium";
63 #endif
64
65 // URL for malware and phishing, V2.
66 const char kLearnMoreMalwareUrlV2[] =
67 "https://www.google.com/transparencyreport/safebrowsing/";
68 const char kLearnMorePhishingUrlV2[] =
69 "https://www.google.com/transparencyreport/safebrowsing/";
70
71 // Constants for the V4 phishing string upgrades.
72 const char kSocialEngineeringTrial[] = "SafeBrowsingSocialEngineeringStrings";
73 const char kSocialEngineeringEnabled[] = "Enabled";
74
75 // After a malware interstitial where the user opted-in to the report
76 // but clicked "proceed anyway", we delay the call to
77 // MalwareDetails::FinishCollection() by this much time (in
78 // milliseconds).
79 const int64 kMalwareDetailsProceedDelayMilliSeconds = 3000;
80
81 // Constants for the Experience Sampling instrumentation.
82 const char kEventNameMalware[] = "safebrowsing_interstitial_";
83 const char kEventNameHarmful[] = "harmful_interstitial_";
84 const char kEventNamePhishing[] = "phishing_interstitial_";
85 const char kEventNameOther[] = "safebrowsing_other_interstitial_";
86
87 // Constants for the V4 phishing string upgrades.
88 const char kReportPhishingErrorUrl[] =
89 "https://www.google.com/safebrowsing/report_error/";
90 const char kReportPhishingErrorTrial[] = "SafeBrowsingReportPhishingErrorLink";
91 const char kReportPhishingErrorEnabled[] = "Enabled";
92
93 base::LazyInstance<SafeBrowsingBlockingPage::UnsafeResourceMap>
94 g_unsafe_resource_map = LAZY_INSTANCE_INITIALIZER;
95
96 } // namespace
97
98 // static
99 SafeBrowsingBlockingPageFactory* SafeBrowsingBlockingPage::factory_ = NULL;
100
101 // The default SafeBrowsingBlockingPageFactory. Global, made a singleton so we
102 // don't leak it.
103 class SafeBrowsingBlockingPageFactoryImpl
104 : public SafeBrowsingBlockingPageFactory {
105 public:
106 SafeBrowsingBlockingPage* CreateSafeBrowsingPage(
107 SafeBrowsingUIManager* ui_manager,
108 WebContents* web_contents,
109 const SafeBrowsingBlockingPage::UnsafeResourceList& unsafe_resources)
110 override {
111 return new SafeBrowsingBlockingPage(ui_manager, web_contents,
112 unsafe_resources);
113 }
114
115 private:
116 friend struct base::DefaultLazyInstanceTraits<
117 SafeBrowsingBlockingPageFactoryImpl>;
118
119 SafeBrowsingBlockingPageFactoryImpl() { }
120
121 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingBlockingPageFactoryImpl);
122 };
123
124 static base::LazyInstance<SafeBrowsingBlockingPageFactoryImpl>
125 g_safe_browsing_blocking_page_factory_impl = LAZY_INSTANCE_INITIALIZER;
126
127 // static
128 content::InterstitialPageDelegate::TypeID
129 SafeBrowsingBlockingPage::kTypeForTesting =
130 &SafeBrowsingBlockingPage::kTypeForTesting;
131
132 SafeBrowsingBlockingPage::SafeBrowsingBlockingPage(
133 SafeBrowsingUIManager* ui_manager,
134 WebContents* web_contents,
135 const UnsafeResourceList& unsafe_resources)
136 : SecurityInterstitialPage(web_contents, unsafe_resources[0].url),
137 malware_details_proceed_delay_ms_(
138 kMalwareDetailsProceedDelayMilliSeconds),
139 ui_manager_(ui_manager),
140 is_main_frame_load_blocked_(IsMainPageLoadBlocked(unsafe_resources)),
141 unsafe_resources_(unsafe_resources),
142 proceeded_(false) {
143 bool malware = false;
144 bool harmful = false;
145 bool phishing = false;
146 for (UnsafeResourceList::const_iterator iter = unsafe_resources_.begin();
147 iter != unsafe_resources_.end(); ++iter) {
148 const UnsafeResource& resource = *iter;
149 SBThreatType threat_type = resource.threat_type;
150 if (threat_type == SB_THREAT_TYPE_URL_MALWARE ||
151 threat_type == SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL) {
152 malware = true;
153 } else if (threat_type == SB_THREAT_TYPE_URL_UNWANTED) {
154 harmful = true;
155 } else {
156 DCHECK(threat_type == SB_THREAT_TYPE_URL_PHISHING ||
157 threat_type == SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL);
158 phishing = true;
159 }
160 }
161 DCHECK(phishing || malware || harmful);
162 if (malware)
163 interstitial_reason_ = SB_REASON_MALWARE;
164 else if (harmful)
165 interstitial_reason_ = SB_REASON_HARMFUL;
166 else
167 interstitial_reason_ = SB_REASON_PHISHING;
168
169 // This must be done after calculating |interstitial_reason_| above.
170 security_interstitials::MetricsHelper::ReportDetails reporting_info;
171 reporting_info.metric_prefix = GetMetricPrefix();
172 reporting_info.extra_suffix = GetExtraMetricsSuffix();
173 reporting_info.rappor_prefix = GetRapporPrefix();
174 reporting_info.rappor_report_type = rappor::SAFEBROWSING_RAPPOR_TYPE;
175 set_metrics_helper(new ChromeMetricsHelper(
176 web_contents, request_url(), reporting_info, GetSamplingEventName()));
177 metrics_helper()->RecordUserDecision(
178 security_interstitials::MetricsHelper::SHOW);
179 metrics_helper()->RecordUserInteraction(
180 security_interstitials::MetricsHelper::TOTAL_VISITS);
181 if (IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled)) {
182 metrics_helper()->RecordUserDecision(
183 security_interstitials::MetricsHelper::PROCEEDING_DISABLED);
184 }
185
186 if (!is_main_frame_load_blocked_) {
187 navigation_entry_index_to_remove_ =
188 web_contents->GetController().GetLastCommittedEntryIndex();
189 } else {
190 navigation_entry_index_to_remove_ = -1;
191 }
192
193 // Start computing malware details. They will be sent only
194 // if the user opts-in on the blocking page later.
195 // If there's more than one malicious resources, it means the user
196 // clicked through the first warning, so we don't prepare additional
197 // reports.
198 if (unsafe_resources.size() == 1 &&
199 unsafe_resources[0].threat_type == SB_THREAT_TYPE_URL_MALWARE &&
200 malware_details_.get() == NULL && CanShowMalwareDetailsOption()) {
201 malware_details_ = MalwareDetails::NewMalwareDetails(
202 ui_manager_, web_contents, unsafe_resources[0]);
203 }
204 }
205
206 bool SafeBrowsingBlockingPage::CanShowMalwareDetailsOption() {
207 return (!web_contents()->GetBrowserContext()->IsOffTheRecord() &&
208 web_contents()->GetURL().SchemeIs(url::kHttpScheme) &&
209 IsPrefEnabled(prefs::kSafeBrowsingExtendedReportingOptInAllowed));
210 }
211
212 SafeBrowsingBlockingPage::~SafeBrowsingBlockingPage() {
213 }
214
215 void SafeBrowsingBlockingPage::CommandReceived(const std::string& page_cmd) {
216 if (page_cmd == "\"pageLoadComplete\"") {
217 // content::WaitForRenderFrameReady sends this message when the page
218 // load completes. Ignore it.
219 return;
220 }
221
222 int command = 0;
223 bool retval = base::StringToInt(page_cmd, &command);
224 DCHECK(retval) << page_cmd;
225
226 switch (command) {
227 case CMD_DO_REPORT: {
228 // User enabled SB Extended Reporting via the checkbox.
229 SetReportingPreference(true);
230 break;
231 }
232 case CMD_DONT_REPORT: {
233 // User disabled SB Extended Reporting via the checkbox.
234 SetReportingPreference(false);
235 break;
236 }
237 case CMD_OPEN_HELP_CENTER: {
238 // User pressed "Learn more".
239 metrics_helper()->RecordUserInteraction(
240 security_interstitials::MetricsHelper::SHOW_LEARN_MORE);
241 GURL learn_more_url(
242 interstitial_reason_ == SB_REASON_PHISHING ?
243 kLearnMorePhishingUrlV2 : kLearnMoreMalwareUrlV2);
244 learn_more_url = google_util::AppendGoogleLocaleParam(
245 learn_more_url, g_browser_process->GetApplicationLocale());
246 OpenURLParams params(learn_more_url,
247 Referrer(),
248 CURRENT_TAB,
249 ui::PAGE_TRANSITION_LINK,
250 false);
251 web_contents()->OpenURL(params);
252 break;
253 }
254 case CMD_OPEN_REPORTING_PRIVACY: {
255 // User pressed on the SB Extended Reporting "privacy policy" link.
256 OpenExtendedReportingPrivacyPolicy();
257 break;
258 }
259 case CMD_PROCEED: {
260 // User pressed on the button to proceed.
261 if (!IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled)) {
262 metrics_helper()->RecordUserDecision(
263 security_interstitials::MetricsHelper::PROCEED);
264 interstitial_page()->Proceed();
265 // |this| has been deleted after Proceed() returns.
266 break;
267 }
268 // If the user can't proceed, fall through to CMD_DONT_PROCEED.
269 }
270 case CMD_DONT_PROCEED: {
271 // User pressed on the button to return to safety.
272 // Don't record the user action here because there are other ways of
273 // triggering DontProceed, like clicking the back button.
274 if (is_main_frame_load_blocked_) {
275 // If the load is blocked, we want to close the interstitial and discard
276 // the pending entry.
277 interstitial_page()->DontProceed();
278 // |this| has been deleted after DontProceed() returns.
279 break;
280 }
281
282 // Otherwise the offending entry has committed, and we need to go back or
283 // to a safe page. We will close the interstitial when that page commits.
284 if (web_contents()->GetController().CanGoBack()) {
285 web_contents()->GetController().GoBack();
286 } else {
287 web_contents()->GetController().LoadURL(
288 GURL(chrome::kChromeUINewTabURL),
289 content::Referrer(),
290 ui::PAGE_TRANSITION_AUTO_TOPLEVEL,
291 std::string());
292 }
293 break;
294 }
295 case CMD_OPEN_DIAGNOSTIC: {
296 // User wants to see why this page is blocked.
297 const UnsafeResource& unsafe_resource = unsafe_resources_[0];
298 std::string bad_url_spec = unsafe_resource.url.spec();
299 metrics_helper()->RecordUserInteraction(
300 security_interstitials::MetricsHelper::SHOW_DIAGNOSTIC);
301 std::string diagnostic =
302 base::StringPrintf(kSbDiagnosticUrl,
303 net::EscapeQueryParamValue(bad_url_spec, true).c_str());
304 GURL diagnostic_url(diagnostic);
305 diagnostic_url = google_util::AppendGoogleLocaleParam(
306 diagnostic_url, g_browser_process->GetApplicationLocale());
307 DCHECK(unsafe_resource.threat_type == SB_THREAT_TYPE_URL_MALWARE ||
308 unsafe_resource.threat_type ==
309 SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL ||
310 unsafe_resource.threat_type == SB_THREAT_TYPE_URL_UNWANTED);
311 OpenURLParams params(
312 diagnostic_url, Referrer(), CURRENT_TAB, ui::PAGE_TRANSITION_LINK,
313 false);
314 web_contents()->OpenURL(params);
315 break;
316 }
317 case CMD_SHOW_MORE_SECTION: {
318 // User has opened up the hidden text.
319 metrics_helper()->RecordUserInteraction(
320 security_interstitials::MetricsHelper::SHOW_ADVANCED);
321 break;
322 }
323 case CMD_REPORT_PHISHING_ERROR: {
324 // User wants to report a phishing error.
325 metrics_helper()->RecordUserInteraction(
326 security_interstitials::MetricsHelper::REPORT_PHISHING_ERROR);
327 GURL phishing_error_url(kReportPhishingErrorUrl);
328 phishing_error_url = google_util::AppendGoogleLocaleParam(
329 phishing_error_url, g_browser_process->GetApplicationLocale());
330 OpenURLParams params(phishing_error_url, Referrer(), CURRENT_TAB,
331 ui::PAGE_TRANSITION_LINK, false);
332 web_contents()->OpenURL(params);
333 break;
334 }
335 }
336 }
337
338 void SafeBrowsingBlockingPage::OverrideRendererPrefs(
339 content::RendererPreferences* prefs) {
340 Profile* profile = Profile::FromBrowserContext(
341 web_contents()->GetBrowserContext());
342 renderer_preferences_util::UpdateFromSystemSettings(
343 prefs, profile, web_contents());
344 }
345
346 void SafeBrowsingBlockingPage::OnProceed() {
347 proceeded_ = true;
348 // Send the malware details, if we opted to.
349 FinishMalwareDetails(malware_details_proceed_delay_ms_,
350 true, /* did_proceed */
351 metrics_helper()->NumVisits());
352
353 NotifySafeBrowsingUIManager(ui_manager_, unsafe_resources_, true);
354
355 // Check to see if some new notifications of unsafe resources have been
356 // received while we were showing the interstitial.
357 UnsafeResourceMap* unsafe_resource_map = GetUnsafeResourcesMap();
358 UnsafeResourceMap::iterator iter = unsafe_resource_map->find(web_contents());
359 SafeBrowsingBlockingPage* blocking_page = NULL;
360 if (iter != unsafe_resource_map->end() && !iter->second.empty()) {
361 // Build an interstitial for all the unsafe resources notifications.
362 // Don't show it now as showing an interstitial while an interstitial is
363 // already showing would cause DontProceed() to be invoked.
364 blocking_page = factory_->CreateSafeBrowsingPage(ui_manager_,
365 web_contents(),
366 iter->second);
367 unsafe_resource_map->erase(iter);
368 }
369
370 // Now that this interstitial is gone, we can show the new one.
371 if (blocking_page)
372 blocking_page->Show();
373 }
374
375 content::InterstitialPageDelegate::TypeID
376 SafeBrowsingBlockingPage::GetTypeForTesting() const {
377 return SafeBrowsingBlockingPage::kTypeForTesting;
378 }
379
380 bool SafeBrowsingBlockingPage::ShouldCreateNewNavigation() const {
381 return is_main_frame_load_blocked_;
382 }
383
384 void SafeBrowsingBlockingPage::OnDontProceed() {
385 // We could have already called Proceed(), in which case we must not notify
386 // the SafeBrowsingUIManager again, as the client has been deleted.
387 if (proceeded_)
388 return;
389
390 if (!IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled)) {
391 metrics_helper()->RecordUserDecision(
392 security_interstitials::MetricsHelper::DONT_PROCEED);
393 }
394
395 // Send the malware details, if we opted to.
396 FinishMalwareDetails(0, false /* did_proceed */,
397 metrics_helper()->NumVisits()); // No delay
398
399 NotifySafeBrowsingUIManager(ui_manager_, unsafe_resources_, false);
400
401 // The user does not want to proceed, clear the queued unsafe resources
402 // notifications we received while the interstitial was showing.
403 UnsafeResourceMap* unsafe_resource_map = GetUnsafeResourcesMap();
404 UnsafeResourceMap::iterator iter = unsafe_resource_map->find(web_contents());
405 if (iter != unsafe_resource_map->end() && !iter->second.empty()) {
406 NotifySafeBrowsingUIManager(ui_manager_, iter->second, false);
407 unsafe_resource_map->erase(iter);
408 }
409
410 // We don't remove the navigation entry if the tab is being destroyed as this
411 // would trigger a navigation that would cause trouble as the render view host
412 // for the tab has by then already been destroyed. We also don't delete the
413 // current entry if it has been committed again, which is possible on a page
414 // that had a subresource warning.
415 int last_committed_index =
416 web_contents()->GetController().GetLastCommittedEntryIndex();
417 if (navigation_entry_index_to_remove_ != -1 &&
418 navigation_entry_index_to_remove_ != last_committed_index &&
419 !web_contents()->IsBeingDestroyed()) {
420 CHECK(web_contents()->GetController().RemoveEntryAtIndex(
421 navigation_entry_index_to_remove_));
422 navigation_entry_index_to_remove_ = -1;
423 }
424 }
425
426 void SafeBrowsingBlockingPage::FinishMalwareDetails(int64 delay_ms,
427 bool did_proceed,
428 int num_visits) {
429 if (malware_details_.get() == NULL)
430 return; // Not all interstitials have malware details (eg phishing).
431 DCHECK_EQ(interstitial_reason_, SB_REASON_MALWARE);
432
433 const bool enabled =
434 IsPrefEnabled(prefs::kSafeBrowsingExtendedReportingEnabled) &&
435 IsPrefEnabled(prefs::kSafeBrowsingExtendedReportingOptInAllowed);
436 if (!enabled)
437 return;
438
439 metrics_helper()->RecordUserInteraction(
440 security_interstitials::MetricsHelper::EXTENDED_REPORTING_IS_ENABLED);
441 // Finish the malware details collection, send it over.
442 BrowserThread::PostDelayedTask(
443 BrowserThread::IO, FROM_HERE,
444 base::Bind(&MalwareDetails::FinishCollection, malware_details_.get(),
445 did_proceed, num_visits),
446 base::TimeDelta::FromMilliseconds(delay_ms));
447 }
448
449 // static
450 void SafeBrowsingBlockingPage::NotifySafeBrowsingUIManager(
451 SafeBrowsingUIManager* ui_manager,
452 const UnsafeResourceList& unsafe_resources,
453 bool proceed) {
454 BrowserThread::PostTask(
455 BrowserThread::IO, FROM_HERE,
456 base::Bind(&SafeBrowsingUIManager::OnBlockingPageDone,
457 ui_manager, unsafe_resources, proceed));
458 }
459
460 // static
461 SafeBrowsingBlockingPage::UnsafeResourceMap*
462 SafeBrowsingBlockingPage::GetUnsafeResourcesMap() {
463 return g_unsafe_resource_map.Pointer();
464 }
465
466 // static
467 SafeBrowsingBlockingPage* SafeBrowsingBlockingPage::CreateBlockingPage(
468 SafeBrowsingUIManager* ui_manager,
469 WebContents* web_contents,
470 const UnsafeResource& unsafe_resource) {
471 std::vector<UnsafeResource> resources;
472 resources.push_back(unsafe_resource);
473 // Set up the factory if this has not been done already (tests do that
474 // before this method is called).
475 if (!factory_)
476 factory_ = g_safe_browsing_blocking_page_factory_impl.Pointer();
477 return factory_->CreateSafeBrowsingPage(ui_manager, web_contents, resources);
478 }
479
480 // static
481 void SafeBrowsingBlockingPage::ShowBlockingPage(
482 SafeBrowsingUIManager* ui_manager,
483 const UnsafeResource& unsafe_resource) {
484 DVLOG(1) << __FUNCTION__ << " " << unsafe_resource.url.spec();
485 WebContents* web_contents = tab_util::GetWebContentsByID(
486 unsafe_resource.render_process_host_id, unsafe_resource.render_view_id);
487
488 InterstitialPage* interstitial =
489 InterstitialPage::GetInterstitialPage(web_contents);
490 if (interstitial && !unsafe_resource.is_subresource) {
491 // There is already an interstitial showing and we are about to display a
492 // new one for the main frame. Just hide the current one, it is now
493 // irrelevent
494 interstitial->DontProceed();
495 interstitial = NULL;
496 }
497
498 if (!interstitial) {
499 // There are no interstitial currently showing in that tab, go ahead and
500 // show this interstitial.
501 SafeBrowsingBlockingPage* blocking_page =
502 CreateBlockingPage(ui_manager, web_contents, unsafe_resource);
503 blocking_page->Show();
504 return;
505 }
506
507 // This is an interstitial for a page's resource, let's queue it.
508 UnsafeResourceMap* unsafe_resource_map = GetUnsafeResourcesMap();
509 (*unsafe_resource_map)[web_contents].push_back(unsafe_resource);
510 }
511
512 // static
513 bool SafeBrowsingBlockingPage::IsMainPageLoadBlocked(
514 const UnsafeResourceList& unsafe_resources) {
515 // Client-side phishing detection interstitials never block the main frame
516 // load, since they happen after the page is finished loading.
517 if (unsafe_resources[0].threat_type ==
518 SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL) {
519 return false;
520 }
521
522 // Otherwise, check the threat type.
523 return unsafe_resources.size() == 1 && !unsafe_resources[0].is_subresource;
524 }
525
526 std::string SafeBrowsingBlockingPage::GetMetricPrefix() const {
527 bool primary_subresource = unsafe_resources_[0].is_subresource;
528 switch (interstitial_reason_) {
529 case SB_REASON_MALWARE:
530 return primary_subresource ? "malware_subresource" : "malware";
531 case SB_REASON_HARMFUL:
532 return primary_subresource ? "harmful_subresource" : "harmful";
533 case SB_REASON_PHISHING:
534 return primary_subresource ? "phishing_subresource" : "phishing";
535 }
536 NOTREACHED();
537 return std::string();
538 }
539
540 // We populate a parallel set of metrics to differentiate some threat sources.
541 std::string SafeBrowsingBlockingPage::GetExtraMetricsSuffix() const {
542 switch (unsafe_resources_[0].threat_source) {
543 case SafeBrowsingUIManager::FROM_DATA_SAVER:
544 return "from_data_saver";
545 case SafeBrowsingUIManager::FROM_DEVICE:
546 return "from_device";
547 case SafeBrowsingUIManager::FROM_UNKNOWN:
548 break;
549 }
550 NOTREACHED();
551 return std::string();
552 }
553
554 std::string SafeBrowsingBlockingPage::GetRapporPrefix() const {
555 switch (interstitial_reason_) {
556 case SB_REASON_MALWARE:
557 return "malware";
558 case SB_REASON_HARMFUL:
559 return "harmful";
560 case SB_REASON_PHISHING:
561 return "phishing";
562 }
563 NOTREACHED();
564 return std::string();
565 }
566
567 std::string SafeBrowsingBlockingPage::GetSamplingEventName() const {
568 switch (interstitial_reason_) {
569 case SB_REASON_MALWARE:
570 return kEventNameMalware;
571 case SB_REASON_HARMFUL:
572 return kEventNameHarmful;
573 case SB_REASON_PHISHING:
574 return kEventNamePhishing;
575 default:
576 return kEventNameOther;
577 }
578 }
579
580 void SafeBrowsingBlockingPage::PopulateInterstitialStrings(
581 base::DictionaryValue* load_time_data) {
582 CHECK(load_time_data);
583 CHECK(!unsafe_resources_.empty());
584
585 load_time_data->SetString("type", "SAFEBROWSING");
586 load_time_data->SetString(
587 "tabTitle", l10n_util::GetStringUTF16(IDS_SAFEBROWSING_V3_TITLE));
588 load_time_data->SetString(
589 "openDetails",
590 l10n_util::GetStringUTF16(IDS_SAFEBROWSING_V3_OPEN_DETAILS_BUTTON));
591 load_time_data->SetString(
592 "closeDetails",
593 l10n_util::GetStringUTF16(IDS_SAFEBROWSING_V3_CLOSE_DETAILS_BUTTON));
594 load_time_data->SetString(
595 "primaryButtonText",
596 l10n_util::GetStringUTF16(IDS_SAFEBROWSING_OVERRIDABLE_SAFETY_BUTTON));
597 load_time_data->SetBoolean(
598 "overridable",
599 !IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled));
600
601 switch (interstitial_reason_) {
602 case SB_REASON_MALWARE:
603 PopulateMalwareLoadTimeData(load_time_data);
604 break;
605 case SB_REASON_HARMFUL:
606 PopulateHarmfulLoadTimeData(load_time_data);
607 break;
608 case SB_REASON_PHISHING:
609 PopulatePhishingLoadTimeData(load_time_data);
610 break;
611 }
612 }
613
614 void SafeBrowsingBlockingPage::PopulateExtendedReportingOption(
615 base::DictionaryValue* load_time_data) {
616 // Only show checkbox if !(HTTPS || incognito-mode).
617 const bool show = CanShowMalwareDetailsOption();
618 load_time_data->SetBoolean(interstitials::kDisplayCheckBox, show);
619 if (!show)
620 return;
621
622 const std::string privacy_link = base::StringPrintf(
623 interstitials::kPrivacyLinkHtml, CMD_OPEN_REPORTING_PRIVACY,
624 l10n_util::GetStringUTF8(IDS_SAFE_BROWSING_PRIVACY_POLICY_PAGE).c_str());
625 load_time_data->SetString(
626 interstitials::kOptInLink,
627 l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_MALWARE_REPORTING_AGREE,
628 base::UTF8ToUTF16(privacy_link)));
629 load_time_data->SetBoolean(
630 interstitials::kBoxChecked,
631 IsPrefEnabled(prefs::kSafeBrowsingExtendedReportingEnabled));
632 }
633
634 void SafeBrowsingBlockingPage::PopulateMalwareLoadTimeData(
635 base::DictionaryValue* load_time_data) {
636 load_time_data->SetBoolean("phishing", false);
637 load_time_data->SetString(
638 "heading", l10n_util::GetStringUTF16(IDS_MALWARE_V3_HEADING));
639 load_time_data->SetString(
640 "primaryParagraph",
641 l10n_util::GetStringFUTF16(
642 IDS_MALWARE_V3_PRIMARY_PARAGRAPH,
643 GetFormattedHostName()));
644 load_time_data->SetString(
645 "explanationParagraph",
646 is_main_frame_load_blocked_ ?
647 l10n_util::GetStringFUTF16(
648 IDS_MALWARE_V3_EXPLANATION_PARAGRAPH,
649 GetFormattedHostName()) :
650 l10n_util::GetStringFUTF16(
651 IDS_MALWARE_V3_EXPLANATION_PARAGRAPH_SUBRESOURCE,
652 base::UTF8ToUTF16(web_contents()->GetURL().host()),
653 GetFormattedHostName()));
654 load_time_data->SetString(
655 "finalParagraph",
656 l10n_util::GetStringUTF16(IDS_MALWARE_V3_PROCEED_PARAGRAPH));
657
658 PopulateExtendedReportingOption(load_time_data);
659 }
660
661 void SafeBrowsingBlockingPage::PopulateHarmfulLoadTimeData(
662 base::DictionaryValue* load_time_data) {
663 load_time_data->SetBoolean("phishing", false);
664 load_time_data->SetString(
665 "heading", l10n_util::GetStringUTF16(IDS_HARMFUL_V3_HEADING));
666 load_time_data->SetString(
667 "primaryParagraph",
668 l10n_util::GetStringFUTF16(
669 IDS_HARMFUL_V3_PRIMARY_PARAGRAPH,
670 GetFormattedHostName()));
671 load_time_data->SetString(
672 "explanationParagraph",
673 l10n_util::GetStringFUTF16(
674 IDS_HARMFUL_V3_EXPLANATION_PARAGRAPH,
675 GetFormattedHostName()));
676 load_time_data->SetString(
677 "finalParagraph",
678 l10n_util::GetStringUTF16(IDS_HARMFUL_V3_PROCEED_PARAGRAPH));
679
680 PopulateExtendedReportingOption(load_time_data);
681 }
682
683 void SafeBrowsingBlockingPage::PopulatePhishingLoadTimeData(
684 base::DictionaryValue* load_time_data) {
685 bool use_social_engineering_strings =
686 base::FieldTrialList::FindFullName(kSocialEngineeringTrial) ==
687 kSocialEngineeringEnabled;
688 load_time_data->SetBoolean("phishing", true);
689 load_time_data->SetString(
690 "heading", l10n_util::GetStringUTF16(use_social_engineering_strings
691 ? IDS_PHISHING_V4_HEADING
692 : IDS_PHISHING_V3_HEADING));
693 load_time_data->SetString(
694 "primaryParagraph",
695 l10n_util::GetStringFUTF16(use_social_engineering_strings
696 ? IDS_PHISHING_V4_PRIMARY_PARAGRAPH
697 : IDS_PHISHING_V3_PRIMARY_PARAGRAPH,
698 GetFormattedHostName()));
699 load_time_data->SetString(
700 "explanationParagraph",
701 l10n_util::GetStringFUTF16(IDS_PHISHING_V3_EXPLANATION_PARAGRAPH,
702 GetFormattedHostName()));
703
704 if (base::FieldTrialList::FindFullName(kReportPhishingErrorTrial) ==
705 kReportPhishingErrorEnabled) {
706 load_time_data->SetString(
707 "finalParagraph", l10n_util::GetStringUTF16(
708 IDS_PHISHING_V4_PROCEED_AND_REPORT_PARAGRAPH));
709 } else {
710 load_time_data->SetString(
711 "finalParagraph",
712 l10n_util::GetStringUTF16(IDS_PHISHING_V3_PROCEED_PARAGRAPH));
713 }
714
715 PopulateExtendedReportingOption(load_time_data);
716 }