Commit 5d594660 authored by meacer's avatar meacer Committed by Commit Bot

Update the interstital and WebUI for known MITM certificates

This CL does the following:
- Removes sub headers in the WebUI page ("What this means" and "Why this
  is happening").
- Removes the last section in WebUI (the text under "Why this is
  happening") and replaces the text under "What this means" with the
  final UX strings.
- Reuses the strings in the interstitial and the Web UI.
- Removes the "Learn more" link from the interstitial since it now has
  the same text as the WebUI.

Screenshots:
Interstitial: https://drive.google.com/open?id=1ivy8IypDgqnzGGdgAknQFwvlIYO5myb8
WebUI: https://drive.google.com/open?id=1tVDk0_pK2zcAEanTiNi626OoRIzyQ-iB

Bug: 1014711
Change-Id: I3977c393bd4370f977e14b8a37a0836c8ea97457
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1952028Reviewed-by: default avatarMustafa Emre Acer <meacer@chromium.org>
Reviewed-by: default avatarEmily Stark <estark@chromium.org>
Commit-Queue: Mustafa Emre Acer <meacer@chromium.org>
Auto-Submit: Mustafa Emre Acer <meacer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#721866}
parent 370ed535
......@@ -149,13 +149,6 @@ IN_PROC_BROWSER_TEST_F(CRLSetBrowserTest, TestCRLSetBlockedInterception) {
GetActiveWebContents(),
net::CERT_STATUS_KNOWN_INTERCEPTION_BLOCKED | net::CERT_STATUS_REVOKED,
AuthState::SHOWING_INTERSTITIAL);
// Simulate clicking the learn more link.
ASSERT_TRUE(content::ExecuteScript(
GetActiveWebContents(),
"window.certificateErrorPageController.openHelpCenter();"));
EXPECT_EQ(GetActiveWebContents()->GetVisibleURL().ref(),
base::NumberToString(net::ERR_CERT_KNOWN_INTERCEPTION_BLOCKED));
} else {
ssl_test_util::CheckAuthenticatedState(GetActiveWebContents(),
AuthState::NONE);
......
......@@ -15,9 +15,8 @@ using KnownInterceptionDisclosureUITest = InProcessBrowserTest;
// Tests that the chrome://connection-monitoring-detected WebUI page shows the
// expected title and strings.
IN_PROC_BROWSER_TEST_F(KnownInterceptionDisclosureUITest, PageDisplaysStrings) {
constexpr char kPageTitle[] = "Monitoring Detected";
constexpr char kBodyText[] =
"has detected that your connection is being monitored";
constexpr char kTabTitle[] = "Monitoring Detected";
constexpr char kBodyText[] = "Your activity on the web";
ui_test_utils::NavigateToURL(
browser(),
......@@ -26,7 +25,7 @@ IN_PROC_BROWSER_TEST_F(KnownInterceptionDisclosureUITest, PageDisplaysStrings) {
content::WebContents* contents =
browser()->tab_strip_model()->GetActiveWebContents();
EXPECT_EQ(base::ASCIIToUTF16(kPageTitle), contents->GetTitle());
EXPECT_EQ(base::ASCIIToUTF16(kTabTitle), contents->GetTitle());
EXPECT_GE(ui_test_utils::FindInPage(contents, base::ASCIIToUTF16(kBodyText),
true, true, nullptr, nullptr),
1);
......
......@@ -24,18 +24,9 @@ KnownInterceptionDisclosureUI::KnownInterceptionDisclosureUI(
kChromeUIConnectionMonitoringDetectedHost);
html_source->AddLocalizedString("title", IDS_KNOWN_INTERCEPTION_TITLE);
html_source->AddLocalizedString("pageSubtitle",
IDS_KNOWN_INTERCEPTION_SUBTITLE);
html_source->AddLocalizedString("pageDescription",
IDS_KNOWN_INTERCEPTION_DESCRIPTION);
html_source->AddLocalizedString("pageMeaningSubheading",
IDS_KNOWN_INTERCEPTION_MEANING_SUBHEADING);
html_source->AddLocalizedString("pageMeaningDescription",
IDS_KNOWN_INTERCEPTION_MEANING_DESCRIPTION);
html_source->AddLocalizedString("pageCauseSubheading",
IDS_KNOWN_INTERCEPTION_CAUSE_SUBHEADING);
html_source->AddLocalizedString("pageCauseDescription",
IDS_KNOWN_INTERCEPTION_CAUSE_DESCRIPTION);
html_source->AddLocalizedString("pageHeader", IDS_KNOWN_INTERCEPTION_HEADER);
html_source->AddLocalizedString("pageBody1", IDS_KNOWN_INTERCEPTION_BODY1);
html_source->AddLocalizedString("pageBody2", IDS_KNOWN_INTERCEPTION_BODY2);
html_source->AddResourcePath("interstitial_core.css",
IDR_SECURITY_INTERSTITIAL_CORE_CSS);
......
......@@ -12,12 +12,9 @@
<body>
<div class="interstitial-wrapper">
<div class="icon"></div>
<h1>$i18n{pageSubtitle}</h1>
<div class="subtitle">$i18n{pageDescription}</div>
<h2>$i18n{pageMeaningSubheading}</h2>
<div class="subtitle">$i18n{pageMeaningDescription}</div>
<h2>$i18n{pageCauseSubheading}</h2>
<div class="subtitle">$i18n{pageCauseDescription}</div>
<h1>$i18n{pageHeader}</h1>
<p>$i18n{pageBody1}</p>
<p>$i18n{pageBody2}</p>
</div>
</body>
</html>
......@@ -14,13 +14,6 @@
#include "net/base/escape.h"
#include "ui/base/l10n/l10n_util.h"
namespace {
// Path to the relevant help center page.
const char kHelpPath[] = "answer/6098869";
} // namespace
namespace security_interstitials {
BlockedInterceptionUI::BlockedInterceptionUI(const GURL& request_url,
......@@ -77,12 +70,13 @@ void BlockedInterceptionUI::PopulateStringsForHTML(
l10n_util::GetStringUTF16(IDS_SSL_OVERRIDABLE_SAFETY_BUTTON));
load_time_data->SetString("finalParagraph", std::string());
// Reuse the strings from the WebUI page.
load_time_data->SetString(
"primaryParagraph",
l10n_util::GetStringUTF16(IDS_BLOCKED_INTERCEPTION_PRIMARY_PARAGRAPH));
l10n_util::GetStringUTF16(IDS_KNOWN_INTERCEPTION_BODY1));
load_time_data->SetString(
"explanationParagraph",
l10n_util::GetStringUTF16(IDS_BLOCKED_INTERCEPTION_EXPLANATION));
l10n_util::GetStringUTF16(IDS_KNOWN_INTERCEPTION_BODY2));
load_time_data->SetString(
"finalParagraph", l10n_util::GetStringFUTF16(
......@@ -114,26 +108,7 @@ void BlockedInterceptionUI::HandleCommand(SecurityInterstitialCommand command) {
case CMD_OPEN_WHITEPAPER:
controller_->OpenExtendedReportingWhitepaper(true);
break;
case CMD_OPEN_HELP_CENTER: {
controller_->metrics_helper()->RecordUserInteraction(
security_interstitials::MetricsHelper::SHOW_LEARN_MORE);
// Add cert error code as a ref to support URL, this is used to expand the
// right section if the user is redirected to chrome://connection-help.
GURL::Replacements replacements;
// This has to be stored in a separate variable, otherwise asan throws a
// use-after-scope error
std::string cert_error_string =
base::UTF16ToUTF8(base::FormatNumber(cert_error_));
replacements.SetRefStr(cert_error_string);
// If |support_url_| is invalid, use the default help center url.
controller_->OpenUrlInNewForegroundTab(
controller_->GetBaseHelpCenterUrl()
.Resolve(kHelpPath)
.ReplaceComponents(replacements));
break;
}
case CMD_OPEN_HELP_CENTER:
case CMD_DONT_PROCEED:
case CMD_RELOAD:
case CMD_OPEN_DATE_SETTINGS:
......
......@@ -68,22 +68,6 @@
Your activity on <ph name="HOSTNAME">$1<ex>example.com</ex></ph> is being monitored
</message>
<message name="IDS_BLOCKED_INTERCEPTION_PRIMARY_PARAGRAPH" desc="Main paragraph of the known interception interstitial. A user visits a website, a known interception certificate intercepts their connection, and they are shown this error. Page title and additional description of the error are shown above.">
Anything you type, any pages you view, or any other activity on the web is being watched, and content on sites may be changed without your knowledge.
<ph name="BEGIN_LEARN_MORE_LINK">&lt;a href="#" id="learn-more-link"&gt;</ph>Learn more<ph name="END_LEARN_MORE_LINK">&lt;/a&gt;</ph>
</message>
<if expr="_google_chrome">
<message name="IDS_BLOCKED_INTERCEPTION_EXPLANATION" desc="Part of an extended description hidden behind an 'Advanced' button on an error page. A user visits a website, a known interception certificate intercepts their connection, and they are shown this error. Page title and additional description of the error are shown above.">
The certificate for this connection is not trusted by Google Chrome, because it is known to be used for network interception and monitoring.
</message>
</if>
<if expr="not _google_chrome">
<message name="IDS_BLOCKED_INTERCEPTION_EXPLANATION" desc="Part of an extended description hidden behind an 'Advanced' button on an error page. A user visits a website, a known interception certificate intercepts their connection, and they are shown this error. Page title and additional description of the error are shown above.">
The certificate for this connection is not trusted by Chromium, because it is known to be used for network interception and monitoring.
</message>
</if>
<!-- Lookalike URL warning -->
<message name="IDS_LOOKALIKE_URL_TITLE" desc="Tab title. Context: the requested URL might be trying to trick the user since it looks like a more popular URL. This interstitial points the user to the safe site instead.">
Safety warning
......@@ -486,67 +470,42 @@
</message>
<!-- Known interception disclosure WebUI strings -->
<if expr="not is_ios">
<!-- Title of the page -->
<message name="IDS_KNOWN_INTERCEPTION_TITLE" desc="Title of network interception disclosure page.">
Monitoring Detected
</message>
<!-- Title of the tab -->
<message name="IDS_KNOWN_INTERCEPTION_TITLE" desc="Title of network interception disclosure page.">
Monitoring Detected
</message>
<!-- Main message title and description -->
<if expr="_google_chrome">
<message name="IDS_KNOWN_INTERCEPTION_SUBTITLE" desc="Title of chrome://connection-monitoring-detected/ page, shows when Chrome has detected known network monitoring activity">
Chrome has detected that your connection is being monitored
</message>
</if>
<if expr="not _google_chrome">
<message name="IDS_KNOWN_INTERCEPTION_SUBTITLE" desc="Title of chrome://connection-monitoring-detected/ page, shows when Chromium has detected known network monitoring activity">
Chromium has detected that your connection is being monitored
</message>
</if>
<message name="IDS_KNOWN_INTERCEPTION_DESCRIPTION" desc="Summary text for chrome://connection-monitoring-detected/ page">
Your activity on the web and any information you enter is being watched, and content may be changed without your knowledge.
</message>
<!-- Main message title -->
<message name="IDS_KNOWN_INTERCEPTION_HEADER" desc="Title of chrome://connection-monitoring-detected/ page, shows when Chrome has detected known network monitoring activity">
Your activity on the web is being monitored
</message>
<!-- Subsection on what this warning means -->
<message name="IDS_KNOWN_INTERCEPTION_MEANING_SUBHEADING" desc="Title for the subsection explaining the risks">
What this means
</message>
<message name="IDS_KNOWN_INTERCEPTION_MEANING_DESCRIPTION" desc="Description for the subsection explaining the risks">
The network monitor can pretend to be the sites you visit, and can see your activity and any information you enter (for example, passwords, messages, or credit cards). You should take care when doing anything sensitive online, as it will be visible to the network monitor, and the network monitor can change the content on the pages you visit. This includes activity in other browsers and programs that access the Internet.
</message>
<message name="IDS_KNOWN_INTERCEPTION_BODY1" desc="First body text for the chrome://connection-monitoring-detected/ page">
Anything you type, any pages you view, or any other activity on the web is being watched. Content on sites may be changed without your knowledge.
</message>
<!-- Subsection on why we're showing the UI -->
<message name="IDS_KNOWN_INTERCEPTION_CAUSE_SUBHEADING" desc="Title for the subsection explaining why the warning is shown">
Why this is happening
<if expr="_google_chrome">
<message name="IDS_KNOWN_INTERCEPTION_BODY2" desc="Second body text for the chrome://connection-monitoring-detected/ page with more details">
This problem happens because of a certificate you or someone else installed on your device. The certificate is known to be used to monitor and intercept networks, and is not trusted by Chrome. While some legitimate cases for monitoring do exist, like on a school or company network, Chrome wants to make sure you're aware it's happening, even if you can't stop it. Monitoring may happen in any browser or application that accesses the web.
</message>
</if>
<if expr="not _google_chrome">
<message name="IDS_KNOWN_INTERCEPTION_BODY2" desc="Second body text for the chrome://connection-monitoring-detected/ page with more details">
This problem happens because of a certificate you or someone else installed on your device. The certificate is known to be used to monitor and intercept networks, and is not trusted by Chromium. While some legitimate cases for monitoring do exist, like on a school or company network, Chromium wants to make sure you're aware it's happening, even if you can't stop it. Monitoring may happen in any browser or application that accesses the web.
</message>
<if expr="_google_chrome">
<message name="IDS_KNOWN_INTERCEPTION_CAUSE_DESCRIPTION" desc="Description for the subsection explaining why the warning is shown">
The certificate for this connection is not trusted by Chrome, because it is known to be used for network interception and monitoring. You may be seeing this error because of a certificate you installed on your device. When making secure connections, Chrome trusts certificates that have been locally installed on a user's computer or mobile device. This allows users to run tools to inspect and debug their connections during website development, or for corporate environments to intercept and monitor internal traffic. For cases where this is being abused to intercept traffic on the public Internet, Chrome shows a warning.
</message>
</if>
<if expr="not _google_chrome">
<message name="IDS_KNOWN_INTERCEPTION_CAUSE_DESCRIPTION" desc="Description for the subsection explaining why the warning is shown">
The certificate for this connection is not trusted by Chromium, because it is known to be used for network interception and monitoring. You may be seeing this error because of a certificate you installed on your device. When making secure connections, Chromium trusts certificates that have been locally installed on a user's computer or mobile device. This allows users to run tools to inspect and debug their connections during website development, or for corporate environments to intercept and monitor internal traffic. For cases where this is being abused to intercept traffic on the public Internet, Chromium shows a warning.
</message>
</if>
</if>
<!-- Known interception disclosure infobar strings -->
<if expr="_google_chrome">
<message name="IDS_KNOWN_INTERCEPTION_INFOBAR_HEADING" desc="Text of the heading used to alert the user that Chrome has detected that their network connnection is being intercepted.">
Chrome has detected that your connection is being monitored.
</message>
<if expr="is_android">
<message name="IDS_KNOWN_INTERCEPTION_INFOBAR_HEADING" desc="Text of the heading used to alert the user that Chrome has detected that their network connnection is being intercepted.">
Your activity on the web is being monitored
</message>
<if expr="is_android">
<if expr="_google_chrome">
<message name="IDS_KNOWN_INTERCEPTION_INFOBAR_DESCRIPTION" desc="Short description used to explain why the warning is shown, for the Android infobar.">
The certificate presented for this connection is not trusted by Chrome, because it is known to be used for network interception and monitoring.
</message>
</if>
</if>
<if expr="not _google_chrome">
<message name="IDS_KNOWN_INTERCEPTION_INFOBAR_HEADING" desc="Text of the heading used to alert the user that Chromium has detected that their network connnection is being intercepted.">
Chromium has detected that your connection is being monitored.
</message>
<if expr="is_android">
<if expr="not _google_chrome">
<message name="IDS_KNOWN_INTERCEPTION_INFOBAR_DESCRIPTION" desc="Short description used to explain why the warning is shown, for the Android infobar.">
The certificate for this connection is not trusted by Chromium, because it is known to be used for network interception and monitoring.
</message>
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment