1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/ssl/bad_clock_blocking_page.h"
8 #include "base/bind_helpers.h"
9 #include "base/build_time.h"
10 #include "base/callback_helpers.h"
11 #include "base/command_line.h"
12 #include "base/i18n/rtl.h"
13 #include "base/i18n/time_formatting.h"
14 #include "base/process/launch.h"
15 #include "base/strings/string_number_conversions.h"
16 #include "base/strings/string_piece.h"
17 #include "base/strings/string_util.h"
18 #include "base/strings/stringprintf.h"
19 #include "base/strings/utf_string_conversions.h"
20 #include "base/time/time.h"
21 #include "base/values.h"
22 #include "chrome/browser/browser_process.h"
23 #include "chrome/browser/interstitials/chrome_metrics_helper.h"
24 #include "chrome/browser/profiles/profile.h"
25 #include "chrome/browser/renderer_preferences_util.h"
26 #include "chrome/browser/ssl/ssl_error_classification.h"
27 #include "chrome/browser/ssl/ssl_error_info.h"
28 #include "chrome/common/pref_names.h"
29 #include "chrome/grit/generated_resources.h"
30 #include "components/google/core/browser/google_util.h"
31 #include "content/public/browser/browser_thread.h"
32 #include "content/public/browser/cert_store.h"
33 #include "content/public/browser/interstitial_page.h"
34 #include "content/public/browser/interstitial_page_delegate.h"
35 #include "content/public/browser/navigation_controller.h"
36 #include "content/public/browser/navigation_entry.h"
37 #include "content/public/browser/render_process_host.h"
38 #include "content/public/browser/render_view_host.h"
39 #include "content/public/browser/web_contents.h"
40 #include "content/public/common/renderer_preferences.h"
41 #include "content/public/common/ssl_status.h"
42 #include "grit/browser_resources.h"
43 #include "grit/components_strings.h"
44 #include "net/base/net_errors.h"
45 #include "net/base/net_util.h"
46 #include "ui/base/l10n/l10n_util.h"
48 #if defined(OS_ANDROID)
49 #include "chrome/browser/android/intent_helper.h"
52 #if defined(OS_CHROMEOS)
53 #include "chrome/browser/profiles/profile_manager.h"
54 #include "chrome/browser/ui/chrome_pages.h"
55 #include "chrome/common/url_constants.h"
59 #include "base/base_paths_win.h"
60 #include "base/path_service.h"
61 #include "base/strings/string16.h"
62 #include "base/win/windows_version.h"
65 using base::ASCIIToUTF16
;
66 using base::TimeTicks
;
67 using content::InterstitialPage
;
68 using content::InterstitialPageDelegate
;
69 using content::NavigationController
;
70 using content::NavigationEntry
;
74 const char kMetricsName
[] = "bad_clock";
76 void LaunchDateAndTimeSettings() {
77 DCHECK_CURRENTLY_ON(content::BrowserThread::FILE);
78 // The code for each OS is completely separate, in order to avoid bugs like
79 // https://crbug.com/430877 .
80 #if defined(OS_ANDROID)
81 chrome::android::OpenDateAndTimeSettings();
83 #elif defined(OS_CHROMEOS)
84 std::string sub_page
=
85 std::string(chrome::kSearchSubPage
) + "#" +
86 l10n_util::GetStringUTF8(IDS_OPTIONS_SETTINGS_SECTION_TITLE_DATETIME
);
87 chrome::ShowSettingsSubPageForProfile(ProfileManager::GetActiveUserProfile(),
91 // iOS does not have a way to launch the date and time settings.
94 #elif defined(OS_LINUX)
99 static const ClockCommand kClockCommands
[] = {
101 {"/usr/bin/unity-control-center", "datetime"},
104 // NOTE: On old Ubuntu, naming control panels doesn't work, so it
105 // opens the overview. This will have to be good enough.
106 {"/usr/bin/gnome-control-center", "datetime"},
107 {"/usr/local/bin/gnome-control-center", "datetime"},
108 {"/opt/bin/gnome-control-center", "datetime"},
110 {"/usr/bin/kcmshell4", "clock"},
111 {"/usr/local/bin/kcmshell4", "clock"},
112 {"/opt/bin/kcmshell4", "clock"},
115 base::CommandLine
command(base::FilePath(""));
116 for (const ClockCommand
& cmd
: kClockCommands
) {
117 base::FilePath
pathname(cmd
.pathname
);
118 if (base::PathExists(pathname
)) {
119 command
.SetProgram(pathname
);
120 command
.AppendArg(cmd
.argument
);
124 if (command
.GetProgram().empty()) {
125 // Alas, there is nothing we can do.
129 base::LaunchOptions options
;
130 options
.wait
= false;
131 options
.allow_new_privs
= true;
132 base::LaunchProcess(command
, options
);
134 #elif defined(OS_MACOSX)
135 base::CommandLine
command(base::FilePath("/usr/bin/open"));
136 command
.AppendArg("/System/Library/PreferencePanes/DateAndTime.prefPane");
138 base::LaunchOptions options
;
139 options
.wait
= false;
140 base::LaunchProcess(command
, options
);
142 #elif defined(OS_WIN)
144 PathService::Get(base::DIR_SYSTEM
, &path
);
145 static const base::char16 kControlPanelExe
[] = L
"control.exe";
146 path
= path
.Append(base::string16(kControlPanelExe
));
147 base::CommandLine
command(path
);
148 command
.AppendArg(std::string("/name"));
149 command
.AppendArg(std::string("Microsoft.DateAndTime"));
151 base::LaunchOptions options
;
152 options
.wait
= false;
153 base::LaunchProcess(command
, options
);
159 // Don't add code here! (See the comment at the beginning of the function.)
165 InterstitialPageDelegate::TypeID
BadClockBlockingPage::kTypeForTesting
=
166 &BadClockBlockingPage::kTypeForTesting
;
168 // Note that we always create a navigation entry with SSL errors.
169 // No error happening loading a sub-resource triggers an interstitial so far.
170 // Creating an interstitial without showing (e.g. from chrome://interstitials)
171 // it leaks memory, so don't create it here.
172 BadClockBlockingPage::BadClockBlockingPage(
173 content::WebContents
* web_contents
,
175 const net::SSLInfo
& ssl_info
,
176 const GURL
& request_url
,
177 const base::Time
& time_triggered
,
178 const base::Callback
<void(bool)>& callback
)
179 : SecurityInterstitialPage(web_contents
, request_url
),
181 cert_error_(cert_error
),
183 time_triggered_(time_triggered
) {
184 security_interstitials::MetricsHelper::ReportDetails reporting_info
;
185 reporting_info
.metric_prefix
= kMetricsName
;
186 set_metrics_helper(new ChromeMetricsHelper(web_contents
, request_url
,
187 reporting_info
, kMetricsName
));
188 metrics_helper()->RecordUserInteraction(
189 security_interstitials::MetricsHelper::TOTAL_VISITS
);
191 // TODO(felt): Separate the clock statistics from the main ssl statistics.
192 scoped_ptr
<SSLErrorClassification
> classifier(
193 new SSLErrorClassification(web_contents
, time_triggered_
, request_url
,
194 cert_error_
, *ssl_info_
.cert
.get()));
195 classifier
->RecordUMAStatistics(false);
198 bool BadClockBlockingPage::ShouldCreateNewNavigation() const {
202 InterstitialPageDelegate::TypeID
BadClockBlockingPage::GetTypeForTesting()
204 return BadClockBlockingPage::kTypeForTesting
;
207 BadClockBlockingPage::~BadClockBlockingPage() {
208 if (!callback_
.is_null()) {
209 // Deny when the page is closed.
210 NotifyDenyCertificate();
214 void BadClockBlockingPage::PopulateInterstitialStrings(
215 base::DictionaryValue
* load_time_data
) {
216 CHECK(load_time_data
);
217 base::string16
url(GetFormattedHostName());
219 // Values that are currently still shared with the SSL interstitial.
220 load_time_data
->SetString("type", "SSL");
221 load_time_data
->SetString("errorCode", net::ErrorToString(cert_error_
));
222 load_time_data
->SetString(
223 "openDetails", l10n_util::GetStringUTF16(IDS_SSL_OPEN_DETAILS_BUTTON
));
224 load_time_data
->SetString(
226 l10n_util::GetStringUTF16(IDS_SSL_CLOSE_DETAILS_BUTTON
));
228 // Strings for the bad clock warning specifically.
229 load_time_data
->SetBoolean("bad_clock", true);
230 load_time_data
->SetBoolean("overridable", false);
232 load_time_data
->SetBoolean("hide_primary_button", true);
234 load_time_data
->SetBoolean("hide_primary_button", false);
238 SSLErrorClassification::IsUserClockInTheFuture(time_triggered_
)
239 ? IDS_CLOCK_ERROR_AHEAD_HEADING
240 : IDS_CLOCK_ERROR_BEHIND_HEADING
;
242 load_time_data
->SetString("tabTitle",
243 l10n_util::GetStringUTF16(IDS_CLOCK_ERROR_TITLE
));
244 load_time_data
->SetString("heading",
245 l10n_util::GetStringUTF16(heading_string
));
246 load_time_data
->SetString(
248 l10n_util::GetStringFUTF16(
249 IDS_CLOCK_ERROR_PRIMARY_PARAGRAPH
, url
,
250 base::TimeFormatFriendlyDateAndTime(time_triggered_
)));
252 load_time_data
->SetString(
254 l10n_util::GetStringUTF16(IDS_CLOCK_ERROR_UPDATE_DATE_AND_TIME
));
255 load_time_data
->SetString(
256 "explanationParagraph",
257 l10n_util::GetStringUTF16(IDS_CLOCK_ERROR_EXPLANATION
));
259 // The interstitial template expects this string, but we're not using it.
260 load_time_data
->SetString("finalParagraph", std::string());
262 // Set debugging information at the bottom of the warning.
263 load_time_data
->SetString("subject",
264 ssl_info_
.cert
->subject().GetDisplayName());
265 load_time_data
->SetString("issuer",
266 ssl_info_
.cert
->issuer().GetDisplayName());
267 load_time_data
->SetString(
269 base::TimeFormatShortDate(ssl_info_
.cert
->valid_expiry()));
270 load_time_data
->SetString("currentDate",
271 base::TimeFormatShortDate(time_triggered_
));
272 std::vector
<std::string
> encoded_chain
;
273 ssl_info_
.cert
->GetPEMEncodedChain(&encoded_chain
);
274 load_time_data
->SetString(
275 "pem", base::JoinString(encoded_chain
, base::StringPiece()));
278 void BadClockBlockingPage::OverrideEntry(NavigationEntry
* entry
) {
279 int cert_id
= content::CertStore::GetInstance()->StoreCert(
280 ssl_info_
.cert
.get(), web_contents()->GetRenderProcessHost()->GetID());
283 entry
->GetSSL().security_style
=
284 content::SECURITY_STYLE_AUTHENTICATION_BROKEN
;
285 entry
->GetSSL().cert_id
= cert_id
;
286 entry
->GetSSL().cert_status
= ssl_info_
.cert_status
;
287 entry
->GetSSL().security_bits
= ssl_info_
.security_bits
;
290 // This handles the commands sent from the interstitial JavaScript.
291 // DO NOT reorder or change this logic without also changing the JavaScript!
292 void BadClockBlockingPage::CommandReceived(const std::string
& command
) {
293 if (command
== "\"pageLoadComplete\"") {
294 // content::WaitForRenderFrameReady sends this message when the page
295 // load completes. Ignore it.
300 bool retval
= base::StringToInt(command
, &cmd
);
303 case CMD_DONT_PROCEED
:
304 interstitial_page()->DontProceed();
307 SetReportingPreference(true);
309 case CMD_DONT_REPORT
:
310 SetReportingPreference(false);
312 case CMD_SHOW_MORE_SECTION
:
313 metrics_helper()->RecordUserInteraction(
314 security_interstitials::MetricsHelper::SHOW_ADVANCED
);
316 case CMD_OPEN_DATE_SETTINGS
:
317 metrics_helper()->RecordUserInteraction(
318 security_interstitials::MetricsHelper::OPEN_TIME_SETTINGS
);
319 content::BrowserThread::PostTask(content::BrowserThread::FILE, FROM_HERE
,
320 base::Bind(&LaunchDateAndTimeSettings
));
322 case CMD_OPEN_REPORTING_PRIVACY
:
323 OpenExtendedReportingPrivacyPolicy();
326 case CMD_OPEN_HELP_CENTER
:
328 case CMD_OPEN_DIAGNOSTIC
:
329 // Not supported for the bad clock interstitial.
330 NOTREACHED() << "Unexpected command: " << command
;
334 void BadClockBlockingPage::OverrideRendererPrefs(
335 content::RendererPreferences
* prefs
) {
337 Profile::FromBrowserContext(web_contents()->GetBrowserContext());
338 renderer_preferences_util::UpdateFromSystemSettings(prefs
, profile
,
342 void BadClockBlockingPage::OnDontProceed() {
343 NotifyDenyCertificate();
346 void BadClockBlockingPage::NotifyDenyCertificate() {
347 // It's possible that callback_ may not exist if the user clicks "Proceed"
348 // followed by pressing the back button before the interstitial is hidden.
349 // In that case the certificate will still be treated as allowed.
350 if (callback_
.is_null())
353 base::ResetAndReturn(&callback_
).Run(false);