search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
ozone: evdev: Sync caps lock LED state to evdev
[chromium-blink-merge.git] / chrome / browser / safe_browsing / safe_browsing_blocking_page.cc
blob67f2cc4dd0b3e7f6a96a07e1f5f7ca75a267bf5f
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 //
5 // Implementation of the SafeBrowsingBlockingPage class.
6
7 #include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h"
8
9 #include <string>
10
11 #include "base/bind.h"
12 #include "base/command_line.h"
13 #include "base/i18n/rtl.h"
14 #include "base/lazy_instance.h"
15 #include "base/metrics/field_trial.h"
16 #include "base/metrics/histogram.h"
17 #include "base/prefs/pref_service.h"
18 #include "base/strings/string_number_conversions.h"
19 #include "base/strings/string_piece.h"
20 #include "base/strings/stringprintf.h"
21 #include "base/strings/utf_string_conversions.h"
22 #include "base/time/time.h"
23 #include "base/values.h"
24 #include "chrome/browser/browser_process.h"
25 #include "chrome/browser/profiles/profile.h"
26 #include "chrome/browser/renderer_preferences_util.h"
27 #include "chrome/browser/safe_browsing/malware_details.h"
28 #include "chrome/browser/safe_browsing/ui_manager.h"
29 #include "chrome/browser/tab_contents/tab_util.h"
30 #include "chrome/common/chrome_switches.h"
31 #include "chrome/common/pref_names.h"
32 #include "chrome/common/url_constants.h"
33 #include "chrome/grit/generated_resources.h"
34 #include "chrome/grit/locale_settings.h"
35 #include "components/google/core/browser/google_util.h"
36 #include "content/public/browser/browser_thread.h"
37 #include "content/public/browser/interstitial_page.h"
38 #include "content/public/browser/navigation_controller.h"
39 #include "content/public/browser/user_metrics.h"
40 #include "content/public/browser/web_contents.h"
41 #include "content/public/common/renderer_preferences.h"
42 #include "grit/browser_resources.h"
43 #include "net/base/escape.h"
44 #include "ui/base/l10n/l10n_util.h"
45
46 using base::UserMetricsAction;
47 using content::BrowserThread;
48 using content::InterstitialPage;
49 using content::OpenURLParams;
50 using content::Referrer;
51 using content::WebContents;
52
53 namespace {
54
55 // For malware interstitial pages, we link the problematic URL to Google's
56 // diagnostic page.
57 #if defined(GOOGLE_CHROME_BUILD)
58 const char kSbDiagnosticUrl[] =
59 "http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=%s&client=googlechrome";
60 #else
61 const char kSbDiagnosticUrl[] =
62 "http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site=%s&client=chromium";
63 #endif
64
65 // URL for malware and phishing, V2.
66 const char kLearnMoreMalwareUrlV2[] =
67 "https://www.google.com/transparencyreport/safebrowsing/";
68 const char kLearnMorePhishingUrlV2[] =
69 "https://www.google.com/transparencyreport/safebrowsing/";
70
71 const char kPrivacyLinkHtml[] =
72 "<a id=\"privacy-link\" href=\"\" onclick=\"sendCommand('showPrivacy'); "
73 "return false;\" onmousedown=\"return false;\">%s</a>";
74
75 // After a malware interstitial where the user opted-in to the report
76 // but clicked "proceed anyway", we delay the call to
77 // MalwareDetails::FinishCollection() by this much time (in
78 // milliseconds).
79 const int64 kMalwareDetailsProceedDelayMilliSeconds = 3000;
80
81 // The commands returned by the page when the user performs an action.
82 const char kDoReportCommand[] = "doReport";
83 const char kDontReportCommand[] = "dontReport";
84 const char kExpandedSeeMoreCommand[] = "expandedSeeMore";
85 const char kLearnMoreCommand[] = "learnMore2";
86 const char kProceedCommand[] = "proceed";
87 const char kShowDiagnosticCommand[] = "showDiagnostic";
88 const char kShowPrivacyCommand[] = "showPrivacy";
89 const char kTakeMeBackCommand[] = "takeMeBack";
90
91 // Other constants used to communicate with the JavaScript.
92 const char kBoxChecked[] = "boxchecked";
93 const char kDisplayCheckBox[] = "displaycheckbox";
94
95 // Constants for the Experience Sampling instrumentation.
96 const char kEventNameMalware[] = "safebrowsing_interstitial_";
97 const char kEventNameHarmful[] = "harmful_interstitial_";
98 const char kEventNamePhishing[] = "phishing_interstitial_";
99 const char kEventNameOther[] = "safebrowsing_other_interstitial_";
100
101 base::LazyInstance<SafeBrowsingBlockingPage::UnsafeResourceMap>
102 g_unsafe_resource_map = LAZY_INSTANCE_INITIALIZER;
103
104 } // namespace
105
106 // static
107 SafeBrowsingBlockingPageFactory* SafeBrowsingBlockingPage::factory_ = NULL;
108
109 // The default SafeBrowsingBlockingPageFactory. Global, made a singleton so we
110 // don't leak it.
111 class SafeBrowsingBlockingPageFactoryImpl
112 : public SafeBrowsingBlockingPageFactory {
113 public:
114 SafeBrowsingBlockingPage* CreateSafeBrowsingPage(
115 SafeBrowsingUIManager* ui_manager,
116 WebContents* web_contents,
117 const SafeBrowsingBlockingPage::UnsafeResourceList& unsafe_resources)
118 override {
119 return new SafeBrowsingBlockingPage(ui_manager, web_contents,
120 unsafe_resources);
121 }
122
123 private:
124 friend struct base::DefaultLazyInstanceTraits<
125 SafeBrowsingBlockingPageFactoryImpl>;
126
127 SafeBrowsingBlockingPageFactoryImpl() { }
128
129 DISALLOW_COPY_AND_ASSIGN(SafeBrowsingBlockingPageFactoryImpl);
130 };
131
132 static base::LazyInstance<SafeBrowsingBlockingPageFactoryImpl>
133 g_safe_browsing_blocking_page_factory_impl = LAZY_INSTANCE_INITIALIZER;
134
135 // static
136 const void* SafeBrowsingBlockingPage::kTypeForTesting =
137 &SafeBrowsingBlockingPage::kTypeForTesting;
138
139 SafeBrowsingBlockingPage::SafeBrowsingBlockingPage(
140 SafeBrowsingUIManager* ui_manager,
141 WebContents* web_contents,
142 const UnsafeResourceList& unsafe_resources)
143 : SecurityInterstitialPage(web_contents, unsafe_resources[0].url),
144 malware_details_proceed_delay_ms_(
145 kMalwareDetailsProceedDelayMilliSeconds),
146 ui_manager_(ui_manager),
147 report_loop_(NULL),
148 is_main_frame_load_blocked_(IsMainPageLoadBlocked(unsafe_resources)),
149 unsafe_resources_(unsafe_resources),
150 proceeded_(false) {
151 bool malware = false;
152 bool harmful = false;
153 bool phishing = false;
154 for (UnsafeResourceList::const_iterator iter = unsafe_resources_.begin();
155 iter != unsafe_resources_.end(); ++iter) {
156 const UnsafeResource& resource = *iter;
157 SBThreatType threat_type = resource.threat_type;
158 if (threat_type == SB_THREAT_TYPE_URL_MALWARE ||
159 threat_type == SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL) {
160 malware = true;
161 } else if (threat_type == SB_THREAT_TYPE_URL_UNWANTED) {
162 harmful = true;
163 } else {
164 DCHECK(threat_type == SB_THREAT_TYPE_URL_PHISHING ||
165 threat_type == SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL);
166 phishing = true;
167 }
168 }
169 DCHECK(phishing || malware || harmful);
170 if (malware)
171 interstitial_reason_ = SB_REASON_MALWARE;
172 else if (harmful)
173 interstitial_reason_ = SB_REASON_HARMFUL;
174 else
175 interstitial_reason_ = SB_REASON_PHISHING;
176
177 // This must be done after calculating |interstitial_reason_| above.
178 // Use same prefix for UMA as for Rappor.
179 metrics_helper_.reset(new SecurityInterstitialMetricsHelper(
180 web_contents, request_url(), GetMetricPrefix(), GetMetricPrefix(),
181 SecurityInterstitialMetricsHelper::REPORT_RAPPOR,
182 GetSamplingEventName()));
183 metrics_helper_->RecordUserDecision(SecurityInterstitialMetricsHelper::SHOW);
184 metrics_helper_->RecordUserInteraction(
185 SecurityInterstitialMetricsHelper::TOTAL_VISITS);
186 if (IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled)) {
187 metrics_helper_->RecordUserDecision(
188 SecurityInterstitialMetricsHelper::PROCEEDING_DISABLED);
189 }
190
191 if (!is_main_frame_load_blocked_) {
192 navigation_entry_index_to_remove_ =
193 web_contents->GetController().GetLastCommittedEntryIndex();
194 } else {
195 navigation_entry_index_to_remove_ = -1;
196 }
197
198 // Start computing malware details. They will be sent only
199 // if the user opts-in on the blocking page later.
200 // If there's more than one malicious resources, it means the user
201 // clicked through the first warning, so we don't prepare additional
202 // reports.
203 if (unsafe_resources.size() == 1 &&
204 unsafe_resources[0].threat_type == SB_THREAT_TYPE_URL_MALWARE &&
205 malware_details_.get() == NULL && CanShowMalwareDetailsOption()) {
206 malware_details_ = MalwareDetails::NewMalwareDetails(
207 ui_manager_, web_contents, unsafe_resources[0]);
208 }
209 }
210
211 bool SafeBrowsingBlockingPage::CanShowMalwareDetailsOption() {
212 return (!web_contents()->GetBrowserContext()->IsOffTheRecord() &&
213 web_contents()->GetURL().SchemeIs(url::kHttpScheme));
214 }
215
216 SafeBrowsingBlockingPage::~SafeBrowsingBlockingPage() {
217 }
218
219 void SafeBrowsingBlockingPage::CommandReceived(const std::string& cmd) {
220 std::string command(cmd); // Make a local copy so we can modify it.
221 // The Jasonified response has quotes, remove them.
222 if (command.length() > 1 && command[0] == '"') {
223 command = command.substr(1, command.length() - 2);
224 }
225
226 if (command == "pageLoadComplete") {
227 // content::WaitForRenderFrameReady sends this message when the page
228 // load completes. Ignore it.
229 return;
230 }
231
232 if (command == kDoReportCommand) {
233 SetReportingPreference(true);
234 return;
235 }
236
237 if (command == kDontReportCommand) {
238 SetReportingPreference(false);
239 return;
240 }
241
242 if (command == kLearnMoreCommand) {
243 // User pressed "Learn more".
244 metrics_helper_->RecordUserInteraction(
245 SecurityInterstitialMetricsHelper::SHOW_LEARN_MORE);
246 GURL learn_more_url(
247 interstitial_reason_ == SB_REASON_PHISHING ?
248 kLearnMorePhishingUrlV2 : kLearnMoreMalwareUrlV2);
249 learn_more_url = google_util::AppendGoogleLocaleParam(
250 learn_more_url, g_browser_process->GetApplicationLocale());
251 OpenURLParams params(learn_more_url,
252 Referrer(),
253 CURRENT_TAB,
254 ui::PAGE_TRANSITION_LINK,
255 false);
256 web_contents()->OpenURL(params);
257 return;
258 }
259
260 if (command == kShowPrivacyCommand) {
261 // User pressed "Safe Browsing privacy policy".
262 metrics_helper_->RecordUserInteraction(
263 SecurityInterstitialMetricsHelper::SHOW_PRIVACY_POLICY);
264 GURL privacy_url(
265 l10n_util::GetStringUTF8(IDS_SAFE_BROWSING_PRIVACY_POLICY_URL));
266 privacy_url = google_util::AppendGoogleLocaleParam(
267 privacy_url, g_browser_process->GetApplicationLocale());
268 OpenURLParams params(privacy_url,
269 Referrer(),
270 CURRENT_TAB,
271 ui::PAGE_TRANSITION_LINK,
272 false);
273 web_contents()->OpenURL(params);
274 return;
275 }
276
277 bool proceed_blocked = false;
278 if (command == kProceedCommand) {
279 if (IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled)) {
280 proceed_blocked = true;
281 } else {
282 metrics_helper_->RecordUserDecision(
283 SecurityInterstitialMetricsHelper::PROCEED);
284 interstitial_page()->Proceed();
285 // |this| has been deleted after Proceed() returns.
286 return;
287 }
288 }
289
290 if (command == kTakeMeBackCommand || proceed_blocked) {
291 // Don't record the user action here because there are other ways of
292 // triggering DontProceed, like clicking the back button.
293 if (is_main_frame_load_blocked_) {
294 // If the load is blocked, we want to close the interstitial and discard
295 // the pending entry.
296 interstitial_page()->DontProceed();
297 // |this| has been deleted after DontProceed() returns.
298 return;
299 }
300
301 // Otherwise the offending entry has committed, and we need to go back or
302 // to a safe page. We will close the interstitial when that page commits.
303 if (web_contents()->GetController().CanGoBack()) {
304 web_contents()->GetController().GoBack();
305 } else {
306 web_contents()->GetController().LoadURL(
307 GURL(chrome::kChromeUINewTabURL),
308 content::Referrer(),
309 ui::PAGE_TRANSITION_AUTO_TOPLEVEL,
310 std::string());
311 }
312 return;
313 }
314
315 // The "report error" and "show diagnostic" commands can have a number
316 // appended to them, which is the index of the element they apply to.
317 size_t element_index = 0;
318 size_t colon_index = command.find(':');
319 if (colon_index != std::string::npos) {
320 DCHECK(colon_index < command.size() - 1);
321 int result_int = 0;
322 bool result = base::StringToInt(base::StringPiece(command.begin() +
323 colon_index + 1,
324 command.end()),
325 &result_int);
326 command = command.substr(0, colon_index);
327 if (result)
328 element_index = static_cast<size_t>(result_int);
329 }
330
331 if (element_index >= unsafe_resources_.size()) {
332 NOTREACHED();
333 return;
334 }
335
336 std::string bad_url_spec = unsafe_resources_[element_index].url.spec();
337 if (command == kShowDiagnosticCommand) {
338 // We're going to take the user to Google's SafeBrowsing diagnostic page.
339 metrics_helper_->RecordUserInteraction(
340 SecurityInterstitialMetricsHelper::SHOW_DIAGNOSTIC);
341 std::string diagnostic =
342 base::StringPrintf(kSbDiagnosticUrl,
343 net::EscapeQueryParamValue(bad_url_spec, true).c_str());
344 GURL diagnostic_url(diagnostic);
345 diagnostic_url = google_util::AppendGoogleLocaleParam(
346 diagnostic_url, g_browser_process->GetApplicationLocale());
347 DCHECK(unsafe_resources_[element_index].threat_type ==
348 SB_THREAT_TYPE_URL_MALWARE ||
349 unsafe_resources_[element_index].threat_type ==
350 SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL ||
351 unsafe_resources_[element_index].threat_type ==
352 SB_THREAT_TYPE_URL_UNWANTED);
353 OpenURLParams params(
354 diagnostic_url, Referrer(), CURRENT_TAB, ui::PAGE_TRANSITION_LINK,
355 false);
356 web_contents()->OpenURL(params);
357 return;
358 }
359
360 if (command == kExpandedSeeMoreCommand) {
361 metrics_helper_->RecordUserInteraction(
362 SecurityInterstitialMetricsHelper::SHOW_ADVANCED);
363 return;
364 }
365
366 NOTREACHED() << "Unexpected command: " << command;
367 }
368
369 void SafeBrowsingBlockingPage::OverrideRendererPrefs(
370 content::RendererPreferences* prefs) {
371 Profile* profile = Profile::FromBrowserContext(
372 web_contents()->GetBrowserContext());
373 renderer_preferences_util::UpdateFromSystemSettings(
374 prefs, profile, web_contents());
375 }
376
377 void SafeBrowsingBlockingPage::SetReportingPreference(bool report) {
378 Profile* profile = Profile::FromBrowserContext(
379 web_contents()->GetBrowserContext());
380 PrefService* pref = profile->GetPrefs();
381 pref->SetBoolean(prefs::kSafeBrowsingExtendedReportingEnabled, report);
382 UMA_HISTOGRAM_BOOLEAN("SB2.SetExtendedReportingEnabled", report);
383 }
384
385 void SafeBrowsingBlockingPage::OnProceed() {
386 proceeded_ = true;
387 // Send the malware details, if we opted to.
388 FinishMalwareDetails(malware_details_proceed_delay_ms_);
389
390 NotifySafeBrowsingUIManager(ui_manager_, unsafe_resources_, true);
391
392 // Check to see if some new notifications of unsafe resources have been
393 // received while we were showing the interstitial.
394 UnsafeResourceMap* unsafe_resource_map = GetUnsafeResourcesMap();
395 UnsafeResourceMap::iterator iter = unsafe_resource_map->find(web_contents());
396 SafeBrowsingBlockingPage* blocking_page = NULL;
397 if (iter != unsafe_resource_map->end() && !iter->second.empty()) {
398 // Build an interstitial for all the unsafe resources notifications.
399 // Don't show it now as showing an interstitial while an interstitial is
400 // already showing would cause DontProceed() to be invoked.
401 blocking_page = factory_->CreateSafeBrowsingPage(ui_manager_,
402 web_contents(),
403 iter->second);
404 unsafe_resource_map->erase(iter);
405 }
406
407 // Now that this interstitial is gone, we can show the new one.
408 if (blocking_page)
409 blocking_page->Show();
410 }
411
412 const void* SafeBrowsingBlockingPage::GetTypeForTesting() const {
413 return SafeBrowsingBlockingPage::kTypeForTesting;
414 }
415
416 bool SafeBrowsingBlockingPage::ShouldCreateNewNavigation() const {
417 return is_main_frame_load_blocked_;
418 }
419
420 void SafeBrowsingBlockingPage::OnDontProceed() {
421 // We could have already called Proceed(), in which case we must not notify
422 // the SafeBrowsingUIManager again, as the client has been deleted.
423 if (proceeded_)
424 return;
425
426 if (!IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled)) {
427 metrics_helper_->RecordUserDecision(
428 SecurityInterstitialMetricsHelper::DONT_PROCEED);
429 }
430
431 // Send the malware details, if we opted to.
432 FinishMalwareDetails(0); // No delay
433
434 NotifySafeBrowsingUIManager(ui_manager_, unsafe_resources_, false);
435
436 // The user does not want to proceed, clear the queued unsafe resources
437 // notifications we received while the interstitial was showing.
438 UnsafeResourceMap* unsafe_resource_map = GetUnsafeResourcesMap();
439 UnsafeResourceMap::iterator iter = unsafe_resource_map->find(web_contents());
440 if (iter != unsafe_resource_map->end() && !iter->second.empty()) {
441 NotifySafeBrowsingUIManager(ui_manager_, iter->second, false);
442 unsafe_resource_map->erase(iter);
443 }
444
445 // We don't remove the navigation entry if the tab is being destroyed as this
446 // would trigger a navigation that would cause trouble as the render view host
447 // for the tab has by then already been destroyed. We also don't delete the
448 // current entry if it has been committed again, which is possible on a page
449 // that had a subresource warning.
450 int last_committed_index =
451 web_contents()->GetController().GetLastCommittedEntryIndex();
452 if (navigation_entry_index_to_remove_ != -1 &&
453 navigation_entry_index_to_remove_ != last_committed_index &&
454 !web_contents()->IsBeingDestroyed()) {
455 CHECK(web_contents()->GetController().RemoveEntryAtIndex(
456 navigation_entry_index_to_remove_));
457 navigation_entry_index_to_remove_ = -1;
458 }
459 }
460
461 void SafeBrowsingBlockingPage::FinishMalwareDetails(int64 delay_ms) {
462 if (malware_details_.get() == NULL)
463 return; // Not all interstitials have malware details (eg phishing).
464 DCHECK_EQ(interstitial_reason_, SB_REASON_MALWARE);
465
466 const bool enabled =
467 IsPrefEnabled(prefs::kSafeBrowsingExtendedReportingEnabled);
468 UMA_HISTOGRAM_BOOLEAN("SB2.ExtendedReportingIsEnabled", enabled);
469 if (enabled) {
470 // Finish the malware details collection, send it over.
471 BrowserThread::PostDelayedTask(
472 BrowserThread::IO, FROM_HERE,
473 base::Bind(&MalwareDetails::FinishCollection, malware_details_.get()),
474 base::TimeDelta::FromMilliseconds(delay_ms));
475 }
476 }
477
478 bool SafeBrowsingBlockingPage::IsPrefEnabled(const char* pref) {
479 Profile* profile =
480 Profile::FromBrowserContext(web_contents()->GetBrowserContext());
481 return profile->GetPrefs()->GetBoolean(pref);
482 }
483
484 // static
485 void SafeBrowsingBlockingPage::NotifySafeBrowsingUIManager(
486 SafeBrowsingUIManager* ui_manager,
487 const UnsafeResourceList& unsafe_resources,
488 bool proceed) {
489 BrowserThread::PostTask(
490 BrowserThread::IO, FROM_HERE,
491 base::Bind(&SafeBrowsingUIManager::OnBlockingPageDone,
492 ui_manager, unsafe_resources, proceed));
493 }
494
495 // static
496 SafeBrowsingBlockingPage::UnsafeResourceMap*
497 SafeBrowsingBlockingPage::GetUnsafeResourcesMap() {
498 return g_unsafe_resource_map.Pointer();
499 }
500
501 // static
502 SafeBrowsingBlockingPage* SafeBrowsingBlockingPage::CreateBlockingPage(
503 SafeBrowsingUIManager* ui_manager,
504 WebContents* web_contents,
505 const UnsafeResource& unsafe_resource) {
506 std::vector<UnsafeResource> resources;
507 resources.push_back(unsafe_resource);
508 // Set up the factory if this has not been done already (tests do that
509 // before this method is called).
510 if (!factory_)
511 factory_ = g_safe_browsing_blocking_page_factory_impl.Pointer();
512 return factory_->CreateSafeBrowsingPage(ui_manager, web_contents, resources);
513 }
514
515 // static
516 void SafeBrowsingBlockingPage::ShowBlockingPage(
517 SafeBrowsingUIManager* ui_manager,
518 const UnsafeResource& unsafe_resource) {
519 DVLOG(1) << __FUNCTION__ << " " << unsafe_resource.url.spec();
520 WebContents* web_contents = tab_util::GetWebContentsByID(
521 unsafe_resource.render_process_host_id, unsafe_resource.render_view_id);
522
523 InterstitialPage* interstitial =
524 InterstitialPage::GetInterstitialPage(web_contents);
525 if (interstitial && !unsafe_resource.is_subresource) {
526 // There is already an interstitial showing and we are about to display a
527 // new one for the main frame. Just hide the current one, it is now
528 // irrelevent
529 interstitial->DontProceed();
530 interstitial = NULL;
531 }
532
533 if (!interstitial) {
534 // There are no interstitial currently showing in that tab, go ahead and
535 // show this interstitial.
536 SafeBrowsingBlockingPage* blocking_page =
537 CreateBlockingPage(ui_manager, web_contents, unsafe_resource);
538 blocking_page->Show();
539 return;
540 }
541
542 // This is an interstitial for a page's resource, let's queue it.
543 UnsafeResourceMap* unsafe_resource_map = GetUnsafeResourcesMap();
544 (*unsafe_resource_map)[web_contents].push_back(unsafe_resource);
545 }
546
547 // static
548 bool SafeBrowsingBlockingPage::IsMainPageLoadBlocked(
549 const UnsafeResourceList& unsafe_resources) {
550 // Client-side phishing detection interstitials never block the main frame
551 // load, since they happen after the page is finished loading.
552 if (unsafe_resources[0].threat_type ==
553 SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL) {
554 return false;
555 }
556
557 // Otherwise, check the threat type.
558 return unsafe_resources.size() == 1 && !unsafe_resources[0].is_subresource;
559 }
560
561 std::string SafeBrowsingBlockingPage::GetMetricPrefix() const {
562 switch (interstitial_reason_) {
563 case SB_REASON_MALWARE:
564 return "malware";
565 case SB_REASON_HARMFUL:
566 return "harmful";
567 case SB_REASON_PHISHING:
568 return "phishing";
569 }
570 NOTREACHED();
571 return std::string();
572 }
573
574 std::string SafeBrowsingBlockingPage::GetSamplingEventName() const {
575 switch (interstitial_reason_) {
576 case SB_REASON_MALWARE:
577 return kEventNameMalware;
578 case SB_REASON_HARMFUL:
579 return kEventNameHarmful;
580 case SB_REASON_PHISHING:
581 return kEventNamePhishing;
582 default:
583 return kEventNameOther;
584 }
585 }
586
587 void SafeBrowsingBlockingPage::PopulateInterstitialStrings(
588 base::DictionaryValue* load_time_data) {
589 CHECK(load_time_data);
590 CHECK(!unsafe_resources_.empty());
591
592 load_time_data->SetString("type", "SAFEBROWSING");
593 load_time_data->SetString(
594 "tabTitle", l10n_util::GetStringUTF16(IDS_SAFEBROWSING_V3_TITLE));
595 load_time_data->SetString(
596 "openDetails",
597 l10n_util::GetStringUTF16(IDS_SAFEBROWSING_V3_OPEN_DETAILS_BUTTON));
598 load_time_data->SetString(
599 "closeDetails",
600 l10n_util::GetStringUTF16(IDS_SAFEBROWSING_V3_CLOSE_DETAILS_BUTTON));
601 load_time_data->SetString(
602 "primaryButtonText",
603 l10n_util::GetStringUTF16(IDS_SAFEBROWSING_OVERRIDABLE_SAFETY_BUTTON));
604 load_time_data->SetBoolean(
605 "overridable",
606 !IsPrefEnabled(prefs::kSafeBrowsingProceedAnywayDisabled));
607
608 switch (interstitial_reason_) {
609 case SB_REASON_MALWARE:
610 PopulateMalwareLoadTimeData(load_time_data);
611 break;
612 case SB_REASON_HARMFUL:
613 PopulateHarmfulLoadTimeData(load_time_data);
614 break;
615 case SB_REASON_PHISHING:
616 PopulatePhishingLoadTimeData(load_time_data);
617 break;
618 }
619 }
620
621 void SafeBrowsingBlockingPage::PopulateExtendedReportingOption(
622 base::DictionaryValue* load_time_data) {
623 // Only show checkbox if !(HTTPS || incognito-mode).
624 const bool show = CanShowMalwareDetailsOption();
625 load_time_data->SetBoolean(kDisplayCheckBox, show);
626 if (!show)
627 return;
628
629 const std::string privacy_link = base::StringPrintf(
630 kPrivacyLinkHtml,
631 l10n_util::GetStringUTF8(
632 IDS_SAFE_BROWSING_PRIVACY_POLICY_PAGE).c_str());
633 load_time_data->SetString(
634 "optInLink",
635 l10n_util::GetStringFUTF16(IDS_SAFE_BROWSING_MALWARE_REPORTING_AGREE,
636 base::UTF8ToUTF16(privacy_link)));
637 load_time_data->SetBoolean(
638 kBoxChecked,
639 IsPrefEnabled(prefs::kSafeBrowsingExtendedReportingEnabled));
640 }
641
642 void SafeBrowsingBlockingPage::PopulateMalwareLoadTimeData(
643 base::DictionaryValue* load_time_data) {
644 load_time_data->SetBoolean("phishing", false);
645 load_time_data->SetString(
646 "heading", l10n_util::GetStringUTF16(IDS_MALWARE_V3_HEADING));
647 load_time_data->SetString(
648 "primaryParagraph",
649 l10n_util::GetStringFUTF16(
650 IDS_MALWARE_V3_PRIMARY_PARAGRAPH,
651 GetFormattedHostName()));
652 load_time_data->SetString(
653 "explanationParagraph",
654 is_main_frame_load_blocked_ ?
655 l10n_util::GetStringFUTF16(
656 IDS_MALWARE_V3_EXPLANATION_PARAGRAPH,
657 GetFormattedHostName()) :
658 l10n_util::GetStringFUTF16(
659 IDS_MALWARE_V3_EXPLANATION_PARAGRAPH_SUBRESOURCE,
660 base::UTF8ToUTF16(web_contents()->GetURL().host()),
661 GetFormattedHostName()));
662 load_time_data->SetString(
663 "finalParagraph",
664 l10n_util::GetStringUTF16(IDS_MALWARE_V3_PROCEED_PARAGRAPH));
665
666 PopulateExtendedReportingOption(load_time_data);
667 }
668
669 void SafeBrowsingBlockingPage::PopulateHarmfulLoadTimeData(
670 base::DictionaryValue* load_time_data) {
671 load_time_data->SetBoolean("phishing", false);
672 load_time_data->SetString(
673 "heading", l10n_util::GetStringUTF16(IDS_HARMFUL_V3_HEADING));
674 load_time_data->SetString(
675 "primaryParagraph",
676 l10n_util::GetStringFUTF16(
677 IDS_HARMFUL_V3_PRIMARY_PARAGRAPH,
678 GetFormattedHostName()));
679 load_time_data->SetString(
680 "explanationParagraph",
681 l10n_util::GetStringFUTF16(
682 IDS_HARMFUL_V3_EXPLANATION_PARAGRAPH,
683 GetFormattedHostName()));
684 load_time_data->SetString(
685 "finalParagraph",
686 l10n_util::GetStringUTF16(IDS_HARMFUL_V3_PROCEED_PARAGRAPH));
687
688 PopulateExtendedReportingOption(load_time_data);
689 }
690
691 void SafeBrowsingBlockingPage::PopulatePhishingLoadTimeData(
692 base::DictionaryValue* load_time_data) {
693 load_time_data->SetBoolean("phishing", true);
694 load_time_data->SetString(
695 "heading",
696 l10n_util::GetStringUTF16(IDS_PHISHING_V3_HEADING));
697 load_time_data->SetString(
698 "primaryParagraph",
699 l10n_util::GetStringFUTF16(
700 IDS_PHISHING_V3_PRIMARY_PARAGRAPH,
701 GetFormattedHostName()));
702 load_time_data->SetString(
703 "explanationParagraph",
704 l10n_util::GetStringFUTF16(IDS_PHISHING_V3_EXPLANATION_PARAGRAPH,
705 GetFormattedHostName()));
706 load_time_data->SetString(
707 "finalParagraph",
708 l10n_util::GetStringUTF16(IDS_PHISHING_V3_PROCEED_PARAGRAPH));
709
710 PopulateExtendedReportingOption(load_time_data);
711 }