SafeBrowsing: implement quiet Billing interstitial

This implements the Quiet Billing interstitial and adds the approved
strings from http://crbug.com/887186 and adds the interstitial to the
debug WebUI page (chrome://interstitials).

WebView support will come in a follow-up CL.

Bug: 887186
Test: browser_tests --gtest_filter=InterstitialUITest.BillingInterstitialQuiet
Test: Manual - observe chrome://interstitials page
Change-Id: I4ff9811d925bdde81bf1349ac714c2533ad563bb
Reviewed-on: https://chromium-review.googlesource.com/1256021Reviewed-by: Carlos IL <carlosil@chromium.org>
Commit-Queue: Nate Fischer <ntfschr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#595642}

chrome/browser/ui/webui/interstitials/interstitial_ui.cc

@@ -330,6 +330,8 @@ TestSafeBrowsingBlockingPageQuiet* CreateSafeBrowsingQuietBlockingPage(
       threat_type = safe_browsing::SB_THREAT_TYPE_URL_PHISHING;
     } else if (type_param == "unwanted") {
       threat_type = safe_browsing::SB_THREAT_TYPE_URL_UNWANTED;
+    } else if (type_param == "billing") {
+      threat_type = safe_browsing::SB_THREAT_TYPE_BILLING;
     } else if (type_param == "giant") {
       threat_type = safe_browsing::SB_THREAT_TYPE_URL_MALWARE;
       is_giant_webview = true;

chrome/browser/ui/webui/interstitials/interstitial_ui_browsertest.cc

@@ -124,6 +124,12 @@ IN_PROC_BROWSER_TEST_F(InterstitialUITest, UnwantedSoftwareInterstitialQuiet) {
       "Security error");
 }
 
+IN_PROC_BROWSER_TEST_F(InterstitialUITest, BillingInterstitialQuiet) {
+  TestInterstitial(
+      GURL("chrome://interstitials/quietsafebrowsing?type=billing"),
+      "Security error");
+}
+
 IN_PROC_BROWSER_TEST_F(InterstitialUITest, ClientsideMalwareInterstitial) {
   TestInterstitial(
       GURL("chrome://interstitials/safebrowsing?type=clientside_malware"),

components/security_interstitials/core/browser/resources/list_of_interstitials.html

@@ -89,6 +89,9 @@
     <li>
       <a href="quietsafebrowsing?type=unwanted">Malicious Unwanted Software</a>
     </li>
+    <li>
+      <a href="quietsafebrowsing?type=billing">Billing</a>
+    </li>
     <li>
       <a href="quietsafebrowsing?type=giant">Giant</a>
     </li>

components/security_interstitials/core/safe_browsing_quiet_error_ui.cc

@@ -71,8 +71,7 @@ void SafeBrowsingQuietErrorUI::PopulateStringsForHtml(
       PopulatePhishingLoadTimeData(load_time_data);
       break;
     case BaseSafeBrowsingErrorUI::SB_REASON_BILLING:
-      // This is not currently handled in WebView.
-      NOTREACHED();
+      PopulateBillingLoadTimeData(load_time_data);
       break;
   }
 
@@ -148,6 +147,16 @@ void SafeBrowsingQuietErrorUI::PopulatePhishingLoadTimeData(
       l10n_util::GetStringUTF16(IDS_PHISHING_WEBVIEW_EXPLANATION_PARAGRAPH));
 }
 
+void SafeBrowsingQuietErrorUI::PopulateBillingLoadTimeData(
+    base::DictionaryValue* load_time_data) {
+  load_time_data->SetBoolean("phishing", false);
+  load_time_data->SetString(
+      "heading", l10n_util::GetStringUTF16(IDS_BILLING_WEBVIEW_HEADING));
+  load_time_data->SetString(
+      "explanationParagraph",
+      l10n_util::GetStringUTF16(IDS_BILLING_WEBVIEW_EXPLANATION_PARAGRAPH));
+}
+
 int SafeBrowsingQuietErrorUI::GetHTMLTemplateId() const {
   return IDR_SECURITY_INTERSTITIAL_QUIET_HTML;
 }

components/security_interstitials/core/safe_browsing_quiet_error_ui.h

@@ -50,6 +50,7 @@ class SafeBrowsingQuietErrorUI
   void PopulateMalwareLoadTimeData(base::DictionaryValue* load_time_data);
   void PopulateHarmfulLoadTimeData(base::DictionaryValue* load_time_data);
   void PopulatePhishingLoadTimeData(base::DictionaryValue* load_time_data);
+  void PopulateBillingLoadTimeData(base::DictionaryValue* load_time_data);
 
   bool is_giant_webview_;
 

components/security_interstitials_strings.grdp

@@ -311,6 +311,12 @@
   <message name="IDS_HARMFUL_WEBVIEW_EXPLANATION_PARAGRAPH" desc="The explanation of why Safe Browsing has blocked the page. Allows the user to proceed using a link.">
     This content might try to install deceptive apps that pretend to be something else or collect data that may be used to track you. <ph name="BEGIN_LINK">&lt;a href="#" id="proceed-link"&gt;</ph>Show anyway<ph name="END_LINK">&lt;/a&gt;</ph>
   </message>
+  <message name="IDS_BILLING_WEBVIEW_HEADING" desc="Title of a security warning. Shown when the user wants to visit a site that may trick them into signing up for a recurring charge to their mobile phone plan. 'Potential' indicates likelihood. 'charges' refers to financial charges to user's mobile phone plan.">
+    Potential charges ahead.
+  </message>
+  <message name="IDS_BILLING_WEBVIEW_EXPLANATION_PARAGRAPH" desc="Body of a security warning. Shown when the user wants to visit a site that may trick them into signing up for a recurring charge to their mobile phone plan. 'charges' refers to financial charges to user's mobile phone plan. 'not obvious' means the site may, for example, include a pricing disclosure in hard-to-see text.">
+    These charges could be one-time or recurring and may not be obvious. <ph name="BEGIN_LINK">&lt;a href="#" id="proceed-link"&gt;</ph>Show anyway<ph name="END_LINK">&lt;/a&gt;</ph>
+  </message>
 
   <message name="IDS_CONNECTION_HELP_SHOW_MORE" desc="The button label to expand sections for the chrome://connection-help site. Paired with IDS_CONNECTION_HELP_SHOW_LESS">
     Show More