Google Git
Sign in
android / platform / external / chromium_org / bc179a535de588dfc930c0e5a283b0aad77e7f70 / . / chrome / browser / ui / webui / interstitials / interstitial_ui.cc
blob: 22c98e0217d85e57c8ab96022142bb5017180fcb [file] [log] [blame]
// Copyright 2014 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/browser/ui/webui/interstitials/interstitial_ui.h"
#include "base/strings/string_util.h"
#include "chrome/browser/browser_process.h"
#include "chrome/browser/profiles/profile.h"
#include "chrome/browser/safe_browsing/safe_browsing_blocking_page.h"
#include "chrome/browser/safe_browsing/safe_browsing_service.h"
#include "chrome/browser/ssl/ssl_blocking_page.h"
#include "chrome/common/url_constants.h"
#include "content/public/browser/interstitial_page_delegate.h"
#include "content/public/browser/web_contents.h"
#include "content/public/browser/web_ui.h"
#include "content/public/browser/web_ui_controller.h"
#include "content/public/browser/web_ui_data_source.h"
#include "net/base/net_errors.h"
#include "net/base/url_util.h"
#include "net/cert/x509_certificate.h"
#include "net/ssl/ssl_info.h"
namespace {
class InterstitialHTMLSource : public content::URLDataSource {
public:
InterstitialHTMLSource(Profile* profile,
content::WebContents* web_contents);
virtual ~InterstitialHTMLSource();
// content::URLDataSource:
virtual std::string GetMimeType(const std::string& mime_type) const OVERRIDE;
virtual std::string GetSource() const OVERRIDE;
virtual bool ShouldAddContentSecurityPolicy() const OVERRIDE;
virtual void StartDataRequest(
const std::string& path,
int render_process_id,
int render_frame_id,
const content::URLDataSource::GotDataCallback& callback) OVERRIDE;
private:
Profile* profile_;
content::WebContents* web_contents_;
DISALLOW_COPY_AND_ASSIGN(InterstitialHTMLSource);
};
SSLBlockingPage* CreateSSLBlockingPage(content::WebContents* web_contents) {
// Random parameters for SSL blocking page.
int cert_error = net::ERR_CERT_CONTAINS_ERRORS;
GURL request_url("https://example.com");
bool overridable = false;
bool strict_enforcement = false;
std::string url_param;
if (net::GetValueForKeyInQuery(web_contents->GetURL(),
"url",
&url_param)) {
if (GURL(url_param).is_valid())
request_url = GURL(url_param);
}
std::string overridable_param;
if (net::GetValueForKeyInQuery(web_contents->GetURL(),
"overridable",
&overridable_param)) {
overridable = overridable_param == "1";
}
std::string strict_enforcement_param;
if (net::GetValueForKeyInQuery(web_contents->GetURL(),
"strict_enforcement",
&strict_enforcement_param)) {
strict_enforcement = strict_enforcement_param == "1";
}
net::SSLInfo ssl_info;
ssl_info.cert = new net::X509Certificate(
request_url.host(), "CA", base::Time::Max(), base::Time::Max());
// This delegate doesn't create an interstitial.
int options_mask = 0;
if (overridable)
options_mask = SSLBlockingPage::OVERRIDABLE;
if (strict_enforcement)
options_mask = SSLBlockingPage::STRICT_ENFORCEMENT;
return new SSLBlockingPage(web_contents,
cert_error,
ssl_info,
request_url,
options_mask,
base::Callback<void(bool)>());
}
SafeBrowsingBlockingPage* CreateSafeBrowsingBlockingPage(
content::WebContents* web_contents) {
SBThreatType threat_type = SB_THREAT_TYPE_URL_MALWARE;
GURL request_url("http://example.com");
std::string url_param;
if (net::GetValueForKeyInQuery(web_contents->GetURL(),
"url",
&url_param)) {
if (GURL(url_param).is_valid())
request_url = GURL(url_param);
}
std::string type_param;
if (net::GetValueForKeyInQuery(web_contents->GetURL(),
"type",
&type_param)) {
if (type_param == "malware") {
threat_type = SB_THREAT_TYPE_URL_MALWARE;
} else if (type_param == "phishing") {
threat_type = SB_THREAT_TYPE_URL_PHISHING;
} else if (type_param == "clientside_malware") {
threat_type = SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL;
} else if (type_param == "clientside_phishing") {
threat_type = SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL;
// Interstitials for client side phishing urls load after the page loads
// (see SafeBrowsingBlockingPage::IsMainPageLoadBlocked), so there should
// either be a new navigation entry, or there shouldn't be any pending
// entries. Clear any pending navigation entries.
content::NavigationController* controller =
&web_contents->GetController();
controller->DiscardNonCommittedEntries();
}
}
SafeBrowsingBlockingPage::UnsafeResource resource;
resource.url = request_url;
resource.threat_type = threat_type;
// Create a blocking page without showing the interstitial.
return SafeBrowsingBlockingPage::CreateBlockingPage(
g_browser_process->safe_browsing_service()->ui_manager(),
web_contents,
resource);
}
} // namespace
InterstitialUI::InterstitialUI(content::WebUI* web_ui)
: WebUIController(web_ui) {
Profile* profile = Profile::FromWebUI(web_ui);
scoped_ptr<InterstitialHTMLSource> html_source(
new InterstitialHTMLSource(profile->GetOriginalProfile(),
web_ui->GetWebContents()));
content::URLDataSource::Add(profile, html_source.release());
}
InterstitialUI::~InterstitialUI() {
}
// InterstitialHTMLSource
InterstitialHTMLSource::InterstitialHTMLSource(
Profile* profile,
content::WebContents* web_contents)
: profile_(profile),
web_contents_(web_contents) {
}
InterstitialHTMLSource::~InterstitialHTMLSource() {
}
std::string InterstitialHTMLSource::GetMimeType(
const std::string& mime_type) const {
return "text/html";
}
std::string InterstitialHTMLSource::GetSource() const {
return chrome::kChromeUIInterstitialHost;
}
bool InterstitialHTMLSource::ShouldAddContentSecurityPolicy()
const {
return false;
}
void InterstitialHTMLSource::StartDataRequest(
const std::string& path,
int render_process_id,
int render_frame_id,
const content::URLDataSource::GotDataCallback& callback) {
scoped_ptr<content::InterstitialPageDelegate> interstitial_delegate;
if (StartsWithASCII(path, "ssl", true)) {
interstitial_delegate.reset(CreateSSLBlockingPage(web_contents_));
} else if (StartsWithASCII(path, "safebrowsing", true)) {
interstitial_delegate.reset(CreateSafeBrowsingBlockingPage(web_contents_));
}
std::string html;
if (interstitial_delegate.get()) {
html = interstitial_delegate.get()->GetHTMLContents();
} else {
html = "<html><head><title>Interstitials</title></head>"
"<body><h2>Choose an interstitial<h2>"
"<h3>SSL</h3>"
"<a href='ssl'>example.com</a><br>"
"<a href='ssl?url=https://google.com'>SSL (google.com)</a><br>"
"<a href='ssl?overridable=1&strict_enforcement=0'>"
" example.com (Overridable)</a>"
"<br><br>"
"<h3>SafeBrowsing</h3>"
"<a href='safebrowsing?type=malware'>Malware</a><br>"
"<a href='safebrowsing?type=phishing'>Phishing</a><br>"
"<a href='safebrowsing?type=clientside_malware'>"
" Client Side Malware</a><br>"
"<a href='safebrowsing?type=clientside_phishing'>"
" Client Side Phishing</a><br>"
"</body></html>";
}
scoped_refptr<base::RefCountedString> html_bytes = new base::RefCountedString;
html_bytes->data().assign(html.begin(), html.end());
callback.Run(html_bytes.get());
}