Re-use security_state::ShouldDowngradeNeutralStyling in Android code

Bug: 1008219
Change-Id: I88472d3884c9c9e8495662c366347fd2f775c3d0
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1927373
Commit-Queue: Livvie Lin <livvielin@chromium.org>
Reviewed-by: Michael Thiessen <mthiesse@chromium.org>
Cr-Commit-Position: refs/heads/master@{#717760}

chrome/android/java/src/org/chromium/chrome/browser/flags/FeatureUtilities.java

@@ -121,7 +121,6 @@ public class FeatureUtilities {
         cacheSwapPixelFormatToFixConvertFromTranslucentEnabled();
         cacheReachedCodeProfilerTrialGroup();
         cacheStartSurfaceEnabled();
-        cacheMarkHttpAsDangerWarningEnabled();
 
         if (isHighEndPhone()) cacheGridTabSwitcherEnabled();
         if (isHighEndPhone()) cacheTabGroupsAndroidEnabled();
@@ -556,36 +555,6 @@ public class FeatureUtilities {
                 ChromeFeatureList.SWAP_PIXEL_FORMAT_TO_FIX_CONVERT_FROM_TRANSLUCENT);
     }
 
-    /**
-     * Cache the value of the flag of whether to use the grey triangle security indicator on
-     * insecure pages.
-     */
-    public static void cacheMarkHttpAsDangerWarningEnabled() {
-        String featureParam = "danger-warning";
-        String enabledFeature = ChromeFeatureList.getFieldTrialParamByFeature(
-                ChromeFeatureList.MARK_HTTP_AS, "treatment");
-        SharedPreferencesManager.getInstance().writeBoolean(
-                ChromePreferenceKeys.MARK_HTTP_AS_DANGER_WARNING_KEY,
-                enabledFeature.equals(featureParam));
-    }
-
-    /**
-     * @return Whether a grey triangle icon should be used in the omnibox instead of the info icon
-     *         on insecure pages.
-     */
-    public static boolean isMarkHttpAsDangerWarningEnabled() {
-        return isFlagEnabled(ChromePreferenceKeys.MARK_HTTP_AS_DANGER_WARNING_KEY, false);
-    }
-
-    /**
-     * Toggles whether experiment for marking insecure connections with a grey triangle
-     * icon is enabled for testing. Should be reset back to null after the test has finished.
-     */
-    @VisibleForTesting
-    public static void setMarkHttpAsDangerWarningEnabledForTesting(@Nullable Boolean isEnabled) {
-        sFlags.put(ChromePreferenceKeys.MARK_HTTP_AS_DANGER_WARNING_KEY, isEnabled);
-    }
-
     /**
      * Caches the trial group of the reached code profiler feature to be using on next startup.
      */

chrome/android/java/src/org/chromium/chrome/browser/ssl/SecurityStateModel.java

@@ -26,24 +26,24 @@ public class SecurityStateModel {
     }
 
     /**
-     * Returns true for a valid URL from a secure origin, e.g., http://localhost,
-     * file:///home/user/test.html, https://bobpay.com.
+     * Returns true for a valid URL with a cryptographic scheme, e.g., HTTPS, WSS.
      *
      * @param url The URL to check.
-     * @return Whether the origin of the URL is secure.
+     * @return Whether the scheme of the URL is cryptographic.
      */
-    public static boolean isOriginSecure(String url) {
-        return SecurityStateModelJni.get().isOriginSecure(url);
+    public static boolean isSchemeCryptographic(String url) {
+        return SecurityStateModelJni.get().isSchemeCryptographic(url);
     }
 
     /**
-     * Returns true for a valid URL with a cryptographic scheme, e.g., HTTPS, WSS.
+     * Returns whether to use a danger icon instead of an info icon in the URL bar.
      *
+     * @param securityLevel The ConnectionSecurityLevel of the page.
      * @param url The URL to check.
-     * @return Whether the scheme of the URL is cryptographic.
+     * @return Whether to downgrade the info icon to a danger triangle.
      */
-    public static boolean isSchemeCryptographic(String url) {
-        return SecurityStateModelJni.get().isSchemeCryptographic(url);
+    public static boolean shouldDowngradeNeutralStyling(int securityLevel, String url) {
+        return SecurityStateModelJni.get().shouldDowngradeNeutralStyling(securityLevel, url);
     }
 
     private SecurityStateModel() {}
@@ -51,7 +51,7 @@ public class SecurityStateModel {
     @NativeMethods
     interface Natives {
         int getSecurityLevelForWebContents(WebContents webContents);
-        boolean isOriginSecure(String url);
         boolean isSchemeCryptographic(String url);
+        boolean shouldDowngradeNeutralStyling(int securityLevel, String url);
     }
 }

chrome/android/java/src/org/chromium/chrome/browser/toolbar/LocationBarModel.java

@@ -20,7 +20,6 @@ import org.chromium.chrome.browser.ChromeFeatureList;
 import org.chromium.chrome.browser.ChromeTabbedActivity;
 import org.chromium.chrome.browser.compositor.layouts.OverviewModeBehavior;
 import org.chromium.chrome.browser.dom_distiller.DomDistillerTabUtils;
-import org.chromium.chrome.browser.flags.FeatureUtilities;
 import org.chromium.chrome.browser.native_page.NativePageFactory;
 import org.chromium.chrome.browser.ntp.NewTabPage;
 import org.chromium.chrome.browser.offlinepages.OfflinePageUtils;
@@ -390,7 +389,6 @@ public class LocationBarModel implements ToolbarDataProvider, ToolbarCommonPrope
             return R.drawable.ic_offline_pin_24dp;
         }
 
-        boolean featureIsEnabled = FeatureUtilities.isMarkHttpAsDangerWarningEnabled();
         String url = getCurrentUrl();
 
         switch (securityLevel) {
@@ -399,8 +397,9 @@ public class LocationBarModel implements ToolbarDataProvider, ToolbarCommonPrope
                 // is NONE, but the security indicator should be shown on all devices.
                 if (mNativeLocationBarModelAndroid != 0
                         && SecurityStateModel.isSchemeCryptographic(url)) {
-                    return featureIsEnabled ? R.drawable.omnibox_not_secure_warning
-                                            : R.drawable.omnibox_info;
+                    return SecurityStateModel.shouldDowngradeNeutralStyling(securityLevel, url)
+                            ? R.drawable.omnibox_not_secure_warning
+                            : R.drawable.omnibox_info;
                 }
                 return isSmallDevice
                                 && (!SearchEngineLogoUtils.shouldShowSearchEngineLogo(isIncognito())
@@ -411,7 +410,7 @@ public class LocationBarModel implements ToolbarDataProvider, ToolbarCommonPrope
                 if (mNativeLocationBarModelAndroid == 0) {
                     return R.drawable.omnibox_info;
                 }
-                if (featureIsEnabled && !SecurityStateModel.isOriginSecure(url)) {
+                if (SecurityStateModel.shouldDowngradeNeutralStyling(securityLevel, url)) {
                     return R.drawable.omnibox_not_secure_warning;
                 }
                 return R.drawable.omnibox_info;

chrome/android/junit/src/org/chromium/chrome/browser/toolbar/ToolbarSecurityIconTest.java

@@ -26,7 +26,6 @@ import org.robolectric.annotation.Resetter;
 import org.chromium.base.test.BaseRobolectricTestRunner;
 import org.chromium.base.test.util.JniMocker;
 import org.chromium.chrome.R;
-import org.chromium.chrome.browser.flags.FeatureUtilities;
 import org.chromium.chrome.browser.omnibox.LocationBarLayout;
 import org.chromium.chrome.browser.ssl.SecurityStateModel;
 import org.chromium.chrome.browser.tab.Tab;
@@ -63,12 +62,12 @@ public final class ToolbarSecurityIconTest {
     @Implements(SecurityStateModel.class)
     static class ShadowSecurityStateModel {
         private static boolean sSchemeIsCryptographic;
-        private static boolean sOriginIsSecure;
+        private static boolean sShouldDowngrade;
 
         @Resetter
         public static void reset() {
             sSchemeIsCryptographic = false;
-            sOriginIsSecure = false;
+            sShouldDowngrade = false;
         }
 
         @Implementation
@@ -77,16 +76,16 @@ public final class ToolbarSecurityIconTest {
         }
 
         @Implementation
-        public static boolean isOriginSecure(String url) {
-            return sOriginIsSecure;
+        public static boolean shouldDowngradeNeutralStyling(int securityLevel, String url) {
+            return sShouldDowngrade;
         }
 
         public static void setSchemeIsCryptographic(boolean schemeIsCryptographicValue) {
             sSchemeIsCryptographic = schemeIsCryptographicValue;
         }
 
-        public static void setOriginIsSecure(boolean originIsSecureValue) {
-            sOriginIsSecure = originIsSecureValue;
+        public static void setShouldDowngradeNeutralStyling(boolean shouldDowngradeValue) {
+            sShouldDowngrade = shouldDowngradeValue;
         }
     }
 
@@ -103,7 +102,6 @@ public final class ToolbarSecurityIconTest {
     @After
     public void tearDown() {
         ShadowSecurityStateModel.reset();
-        FeatureUtilities.setMarkHttpAsDangerWarningEnabledForTesting(null);
     }
 
     @Test
@@ -212,8 +210,6 @@ public final class ToolbarSecurityIconTest {
 
     @Test
     public void testGetSecurityIconResourceForMarkHttpAsDangerWarning() {
-        FeatureUtilities.setMarkHttpAsDangerWarningEnabledForTesting(true);
-
         assertEquals(0,
                 mLocationBarModel.getSecurityIconResource(ConnectionSecurityLevel.NONE,
                         IS_SMALL_DEVICE, !IS_OFFLINE_PAGE, !IS_PREVIEW));
@@ -221,8 +217,9 @@ public final class ToolbarSecurityIconTest {
                 mLocationBarModel.getSecurityIconResource(ConnectionSecurityLevel.NONE,
                         !IS_SMALL_DEVICE, !IS_OFFLINE_PAGE, !IS_PREVIEW));
 
-        // Tests passive mixed content.
+        // Tests passive mixed content, which should be downgraded.
         ShadowSecurityStateModel.setSchemeIsCryptographic(true);
+        ShadowSecurityStateModel.setShouldDowngradeNeutralStyling(true);
         assertEquals(R.drawable.omnibox_not_secure_warning,
                 mLocationBarModel.getSecurityIconResource(ConnectionSecurityLevel.NONE,
                         IS_SMALL_DEVICE, !IS_OFFLINE_PAGE, !IS_PREVIEW));
@@ -230,8 +227,9 @@ public final class ToolbarSecurityIconTest {
                 mLocationBarModel.getSecurityIconResource(ConnectionSecurityLevel.NONE,
                         !IS_SMALL_DEVICE, !IS_OFFLINE_PAGE, !IS_PREVIEW));
 
-        // Tests non-secure connection (e.g. HTTP).
+        // Tests non-secure connection (e.g. HTTP), which should be downgraded.
         ShadowSecurityStateModel.setSchemeIsCryptographic(false);
+        ShadowSecurityStateModel.setShouldDowngradeNeutralStyling(true);
         assertEquals(R.drawable.omnibox_not_secure_warning,
                 mLocationBarModel.getSecurityIconResource(ConnectionSecurityLevel.WARNING,
                         IS_SMALL_DEVICE, !IS_OFFLINE_PAGE, !IS_PREVIEW));
@@ -239,8 +237,8 @@ public final class ToolbarSecurityIconTest {
                 mLocationBarModel.getSecurityIconResource(ConnectionSecurityLevel.WARNING,
                         !IS_SMALL_DEVICE, !IS_OFFLINE_PAGE, !IS_PREVIEW));
 
-        // Tests non-cryptographic secure origins.
-        ShadowSecurityStateModel.setOriginIsSecure(true);
+        // Tests non-cryptographic secure origins, which should not be downgraded.
+        ShadowSecurityStateModel.setShouldDowngradeNeutralStyling(false);
         assertEquals(R.drawable.omnibox_info,
                 mLocationBarModel.getSecurityIconResource(ConnectionSecurityLevel.WARNING,
                         IS_SMALL_DEVICE, !IS_OFFLINE_PAGE, !IS_PREVIEW));

chrome/browser/preferences/android/java/src/org/chromium/chrome/browser/preferences/ChromePreferenceKeys.java

@@ -305,12 +305,6 @@ public final class ChromePreferenceKeys {
      */
     public static final String START_SURFACE_ENABLED_KEY = "start_surface_enabled";
 
-    /**
-     * Whether or not grey triangle icon on non-secure connections feature is enabled.
-     * Default value is false.
-     */
-    public static final String MARK_HTTP_AS_DANGER_WARNING_KEY = "mark_http_as_danger_warning";
-
     /**
      * Whether or not the grid tab switcher is enabled.
      * Default value is false.
@@ -420,7 +414,6 @@ public final class ChromePreferenceKeys {
                 NIGHT_MODE_CCT_AVAILABLE_KEY,
                 COMMAND_LINE_ON_NON_ROOTED_ENABLED_KEY,
                 START_SURFACE_ENABLED_KEY,
-                MARK_HTTP_AS_DANGER_WARNING_KEY,
                 GRID_TAB_SWITCHER_ENABLED_KEY,
                 TAB_GROUPS_ANDROID_ENABLED_KEY,
                 PRIORITIZE_BOOTSTRAP_TASKS_KEY,
@@ -530,7 +523,6 @@ public final class ChromePreferenceKeys {
                 NIGHT_MODE_CCT_AVAILABLE_KEY,
                 COMMAND_LINE_ON_NON_ROOTED_ENABLED_KEY,
                 START_SURFACE_ENABLED_KEY,
-                MARK_HTTP_AS_DANGER_WARNING_KEY,
                 GRID_TAB_SWITCHER_ENABLED_KEY,
                 TAB_GROUPS_ANDROID_ENABLED_KEY,
                 PRIORITIZE_BOOTSTRAP_TASKS_KEY,

chrome/browser/ssl/security_state_model_android.cc

@@ -30,17 +30,21 @@ jint JNI_SecurityStateModel_GetSecurityLevelForWebContents(
 }
 
 // static
-jboolean JNI_SecurityStateModel_IsOriginSecure(
+jboolean JNI_SecurityStateModel_IsSchemeCryptographic(
     JNIEnv* env,
     const JavaParamRef<jstring>& jurl) {
   GURL url(ConvertJavaStringToUTF16(env, jurl));
-  return url.is_valid() && content::IsOriginSecure(url);
+  return url.is_valid() && url.SchemeIsCryptographic();
 }
 
 // static
-jboolean JNI_SecurityStateModel_IsSchemeCryptographic(
+jboolean JNI_SecurityStateModel_ShouldDowngradeNeutralStyling(
     JNIEnv* env,
+    jint jsecurity_level,
     const JavaParamRef<jstring>& jurl) {
   GURL url(ConvertJavaStringToUTF16(env, jurl));
-  return url.is_valid() && url.SchemeIsCryptographic();
+  auto security_level =
+      static_cast<security_state::SecurityLevel>(jsecurity_level);
+  return security_state::ShouldDowngradeNeutralStyling(
+      security_level, url, base::BindRepeating(&content::IsOriginSecure));
 }