chrome/browser/resources/security_warnings/interstitial_v2.js

   1 // Copyright 2014 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 // This is the shared code for the new (Chrome 37) security interstitials. It is
   6 // used for both SSL interstitials and Safe Browsing interstitials.
   7
   8 var expandedDetails = false;
   9 var keyPressState = 0;
  10
  11 // Should match SecurityInterstitialCommands in security_interstitial_page.h
  12 var CMD_DONT_PROCEED = 0;
  13 var CMD_PROCEED = 1;
  14 // Ways for user to get more information
  15 var CMD_SHOW_MORE_SECTION = 2;
  16 var CMD_OPEN_HELP_CENTER = 3;
  17 var CMD_OPEN_DIAGNOSTIC = 4;
  18 // Primary button actions
  19 var CMD_RELOAD = 5;
  20 var CMD_OPEN_DATE_SETTINGS = 6;
  21 var CMD_OPEN_LOGIN = 7;
  22 // Safe Browsing Extended Reporting
  23 var CMD_DO_REPORT = 8;
  24 var CMD_DONT_REPORT = 9;
  25 var CMD_OPEN_REPORTING_PRIVACY = 10;
  26 // Report a phishing error.
  27 var CMD_REPORT_PHISHING_ERROR = 11;
  28
  29 /**
  30  * A convenience method for sending commands to the parent page.
  31  * @param {string} cmd  The command to send.
  32  */
  33 function sendCommand(cmd) {
  34   window.domAutomationController.setAutomationId(1);
  35   window.domAutomationController.send(cmd);
  36 }
  37
  38 /**
  39  * This allows errors to be skippped by typing "danger" into the page.
  40  * @param {string} e The key that was just pressed.
  41  */
  42 function handleKeypress(e) {
  43   var BYPASS_SEQUENCE = 'danger';
  44   if (BYPASS_SEQUENCE.charCodeAt(keyPressState) == e.keyCode) {
  45     keyPressState++;
  46     if (keyPressState == BYPASS_SEQUENCE.length) {
  47       sendCommand(CMD_PROCEED);
  48       keyPressState = 0;
  49     }
  50   } else {
  51     keyPressState = 0;
  52   }
  53 }
  54
  55 /**
  56  * This appends a piece of debugging information to the end of the warning.
  57  * When complete, the caller must also make the debugging div
  58  * (error-debugging-info) visible.
  59  * @param {string} title  The name of this debugging field.
  60  * @param {string} value  The value of the debugging field.
  61  */
  62 function appendDebuggingField(title, value) {
  63   // The values input here are not trusted. Never use innerHTML on these
  64   // values!
  65   var spanTitle = document.createElement('span');
  66   spanTitle.classList.add('debugging-title');
  67   spanTitle.innerText = title + ': ';
  68
  69   var spanValue = document.createElement('span');
  70   spanValue.classList.add('debugging-value');
  71   spanValue.innerText = value;
  72
  73   var pElem = document.createElement('p');
  74   pElem.classList.add('debugging-content');
  75   pElem.appendChild(spanTitle);
  76   pElem.appendChild(spanValue);
  77   $('error-debugging-info').appendChild(pElem);
  78 }
  79
  80 function toggleDebuggingInfo() {
  81   $('error-debugging-info').classList.toggle('hidden');
  82 }
  83
  84 function setupEvents() {
  85   var overridable = loadTimeData.getBoolean('overridable');
  86   var interstitialType = loadTimeData.getString('type');
  87   var ssl = interstitialType == 'SSL';
  88   var captivePortal = interstitialType == 'CAPTIVE_PORTAL';
  89   var badClock = ssl && loadTimeData.getBoolean('bad_clock');
  90   var hidePrimaryButton = badClock && loadTimeData.getBoolean(
  91       'hide_primary_button');
  92
  93   if (ssl) {
  94     $('body').classList.add(badClock ? 'bad-clock' : 'ssl');
  95     $('error-code').textContent = loadTimeData.getString('errorCode');
  96     $('error-code').classList.remove('hidden');
  97   } else if (captivePortal) {
  98     $('body').classList.add('captive-portal');
  99   } else {
 100     $('body').classList.add('safe-browsing');
 101   }
 102
 103   if (hidePrimaryButton) {
 104     $('primary-button').classList.add('hidden');
 105   } else {
 106     $('primary-button').addEventListener('click', function() {
 107       switch (interstitialType) {
 108         case 'CAPTIVE_PORTAL':
 109           sendCommand(CMD_OPEN_LOGIN);
 110           break;
 111
 112         case 'SSL':
 113           if (badClock)
 114             sendCommand(CMD_OPEN_DATE_SETTINGS);
 115           else if (overridable)
 116             sendCommand(CMD_DONT_PROCEED);
 117           else
 118             sendCommand(CMD_RELOAD);
 119           break;
 120
 121         case 'SAFEBROWSING':
 122           sendCommand(CMD_DONT_PROCEED);
 123           break;
 124
 125         default:
 126           throw 'Invalid interstitial type';
 127       }
 128     });
 129   }
 130
 131   if (overridable) {
 132     // Captive portal page isn't overridable.
 133     $('proceed-link').addEventListener('click', function(event) {
 134       sendCommand(CMD_PROCEED);
 135     });
 136   } else if (!ssl) {
 137     $('final-paragraph').classList.add('hidden');
 138   }
 139
 140   if (ssl && overridable) {
 141     $('proceed-link').classList.add('small-link');
 142   } else if ($('help-link')) {
 143     // Overridable SSL page doesn't have this link.
 144     $('help-link').addEventListener('click', function(event) {
 145       if (ssl || loadTimeData.getBoolean('phishing'))
 146         sendCommand(CMD_OPEN_HELP_CENTER);
 147       else
 148         sendCommand(CMD_OPEN_DIAGNOSTIC);
 149     });
 150   }
 151
 152   if (captivePortal) {
 153     // Captive portal page doesn't have details button.
 154     $('details-button').classList.add('hidden');
 155   } else {
 156     $('details-button').addEventListener('click', function(event) {
 157       var hiddenDetails = $('details').classList.toggle('hidden');
 158
 159       if (mobileNav) {
 160         // Details appear over the main content on small screens.
 161         $('main-content').classList.toggle('hidden', !hiddenDetails);
 162       } else {
 163         $('main-content').classList.remove('hidden');
 164       }
 165
 166       $('details-button').innerText = hiddenDetails ?
 167           loadTimeData.getString('openDetails') :
 168           loadTimeData.getString('closeDetails');
 169       if (!expandedDetails) {
 170         // Record a histogram entry only the first time that details is opened.
 171         sendCommand(CMD_SHOW_MORE_SECTION);
 172         expandedDetails = true;
 173       }
 174     });
 175   }
 176
 177   // TODO(felt): This should be simplified once the Finch trial is no longer
 178   // needed.
 179   if (interstitialType == 'SAFEBROWSING' &&
 180       loadTimeData.getBoolean('phishing') && $('report-error-link')) {
 181     $('report-error-link').addEventListener('click', function(event) {
 182       sendCommand(CMD_REPORT_PHISHING_ERROR);
 183     });
 184   }
 185
 186   preventDefaultOnPoundLinkClicks();
 187   setupExtendedReportingCheckbox();
 188   setupSSLDebuggingInfo();
 189   document.addEventListener('keypress', handleKeypress);
 190 }
 191
 192 document.addEventListener('DOMContentLoaded', setupEvents);