Implementation of SB committed interstitials for webview

The code in this CL does not include handling user interaction with the
interstitials, so they will be displayed, but will not react to
commands. Bindings for commands will be added in a follow up CL.

Bug: 1016581
Change-Id: I7817205e6f48b0380e8e15a3faa9b8d134028624
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1872945Reviewed-by: Daniel Rubery <drubery@chromium.org>
Reviewed-by: Changwan Ryu <changwan@chromium.org>
Reviewed-by: Nate Fischer <ntfschr@chromium.org>
Commit-Queue: Carlos IL <carlosil@chromium.org>
Cr-Commit-Position: refs/heads/master@{#710461}

android_webview/browser/BUILD.gn

@@ -163,6 +163,8 @@ source_set("browser") {
     "renderer_host/aw_render_view_host_ext.h",
     "safe_browsing/aw_safe_browsing_blocking_page.cc",
     "safe_browsing/aw_safe_browsing_blocking_page.h",
+    "safe_browsing/aw_safe_browsing_navigation_throttle.cc",
+    "safe_browsing/aw_safe_browsing_navigation_throttle.h",
     "safe_browsing/aw_safe_browsing_ui_manager.cc",
     "safe_browsing/aw_safe_browsing_ui_manager.h",
     "safe_browsing/aw_safe_browsing_whitelist_manager.cc",

android_webview/browser/aw_content_browser_client.cc

@@ -30,6 +30,7 @@
 #include "android_webview/browser/network_service/aw_proxying_restricted_cookie_manager.h"
 #include "android_webview/browser/network_service/aw_proxying_url_loader_factory.h"
 #include "android_webview/browser/network_service/aw_url_loader_throttle.h"
+#include "android_webview/browser/safe_browsing/aw_safe_browsing_navigation_throttle.h"
 #include "android_webview/browser/safe_browsing/aw_url_checker_delegate_impl.h"
 #include "android_webview/browser/tracing/aw_tracing_delegate.h"
 #include "android_webview/common/aw_content_client.h"
@@ -676,6 +677,11 @@ AwContentBrowserClient::CreateThrottlesForNavigation(
     throttles.push_back(std::make_unique<PolicyBlacklistNavigationThrottle>(
         navigation_handle, AwBrowserContext::FromWebContents(
                                navigation_handle->GetWebContents())));
+    if (base::FeatureList::IsEnabled(
+            safe_browsing::kCommittedSBInterstitials)) {
+      throttles.push_back(std::make_unique<AwSafeBrowsingNavigationThrottle>(
+          navigation_handle));
+    }
   }
   return throttles;
 }

android_webview/browser/safe_browsing/aw_safe_browsing_blocking_page.cc

@@ -10,9 +10,11 @@
 #include "android_webview/browser/aw_browser_context.h"
 #include "android_webview/browser/aw_browser_process.h"
 #include "android_webview/browser/safe_browsing/aw_safe_browsing_ui_manager.h"
+#include "base/feature_list.h"
 #include "base/metrics/histogram_macros.h"
 #include "components/prefs/pref_service.h"
 #include "components/safe_browsing/browser/threat_details.h"
+#include "components/safe_browsing/features.h"
 #include "components/safe_browsing/triggers/trigger_manager.h"
 #include "components/security_interstitials/content/security_interstitial_controller_client.h"
 #include "components/security_interstitials/content/unsafe_resource.h"
@@ -93,38 +95,52 @@ void AwSafeBrowsingBlockingPage::ShowBlockingPage(
     // There is no interstitial currently showing, or we are about to display a
     // new one for the main frame. If there is already an interstitial, showing
     // the new one will automatically hide the old one.
-    content::NavigationEntry* entry =
-        unsafe_resource.GetNavigationEntryForResource();
-    const UnsafeResourceList unsafe_resources{unsafe_resource};
-    AwBrowserContext* browser_context =
-        AwBrowserContext::FromWebContents(web_contents);
-    PrefService* pref_service = browser_context->GetPrefService();
-    BaseSafeBrowsingErrorUI::SBErrorDisplayOptions display_options =
-        BaseSafeBrowsingErrorUI::SBErrorDisplayOptions(
-            IsMainPageLoadBlocked(unsafe_resources),
-            safe_browsing::IsExtendedReportingOptInAllowed(*pref_service),
-            browser_context->IsOffTheRecord(),
-            safe_browsing::IsExtendedReportingEnabled(*pref_service),
-            safe_browsing::IsExtendedReportingPolicyManaged(*pref_service),
-            pref_service->GetBoolean(
-                ::prefs::kSafeBrowsingProceedAnywayDisabled),
-            false,                    // should_open_links_in_new_tab
-            false,                    // always_show_back_to_safety
-            "cpn_safe_browsing_wv");  // help_center_article_link
-
-    ErrorUiType errorType =
-        static_cast<ErrorUiType>(ui_manager->GetErrorUiType(unsafe_resource));
-
-    AwSafeBrowsingBlockingPage* blocking_page = new AwSafeBrowsingBlockingPage(
-        ui_manager, web_contents, entry ? entry->GetURL() : GURL(),
-        unsafe_resources,
-        CreateControllerClient(web_contents, unsafe_resources, ui_manager,
-                               pref_service),
-        display_options, errorType);
+    AwSafeBrowsingBlockingPage* blocking_page = CreateBlockingPage(
+        ui_manager, unsafe_resource.web_contents_getter.Run(), GURL(),
+        unsafe_resource);
     blocking_page->Show();
   }
 }
 
+AwSafeBrowsingBlockingPage* AwSafeBrowsingBlockingPage::CreateBlockingPage(
+    AwSafeBrowsingUIManager* ui_manager,
+    content::WebContents* web_contents,
+    const GURL& main_frame_url,
+    const UnsafeResource& unsafe_resource) {
+  const UnsafeResourceList unsafe_resources{unsafe_resource};
+  AwBrowserContext* browser_context =
+      AwBrowserContext::FromWebContents(web_contents);
+  PrefService* pref_service = browser_context->GetPrefService();
+  BaseSafeBrowsingErrorUI::SBErrorDisplayOptions display_options =
+      BaseSafeBrowsingErrorUI::SBErrorDisplayOptions(
+          IsMainPageLoadBlocked(unsafe_resources),
+          safe_browsing::IsExtendedReportingOptInAllowed(*pref_service),
+          browser_context->IsOffTheRecord(),
+          safe_browsing::IsExtendedReportingEnabled(*pref_service),
+          safe_browsing::IsExtendedReportingPolicyManaged(*pref_service),
+          pref_service->GetBoolean(::prefs::kSafeBrowsingProceedAnywayDisabled),
+          false,                    // should_open_links_in_new_tab
+          false,                    // always_show_back_to_safety
+          "cpn_safe_browsing_wv");  // help_center_article_link
+
+  ErrorUiType errorType =
+      static_cast<ErrorUiType>(ui_manager->GetErrorUiType(web_contents));
+
+  // TODO(carlosil): This logic is necessary to support committed and non
+  // committed interstitials, it can be cleaned up when removing non-committed
+  // interstitials.
+  content::NavigationEntry* entry =
+      unsafe_resource.GetNavigationEntryForResource();
+  GURL url =
+      (main_frame_url.is_empty() && entry) ? entry->GetURL() : main_frame_url;
+
+  return new AwSafeBrowsingBlockingPage(
+      ui_manager, web_contents, url, unsafe_resources,
+      CreateControllerClient(web_contents, unsafe_resources, ui_manager,
+                             pref_service),
+      display_options, errorType);
+}
+
 void AwSafeBrowsingBlockingPage::FinishThreatDetails(
     const base::TimeDelta& delay,
     bool did_proceed,

android_webview/browser/safe_browsing/aw_safe_browsing_blocking_page.h

@@ -14,6 +14,10 @@ namespace security_interstitials {
 struct UnsafeResource;
 }  // namespace security_interstitials
 
+namespace content {
+class WebContents;
+}  // namespace content
+
 namespace android_webview {
 
 class AwSafeBrowsingUIManager;
@@ -25,6 +29,12 @@ class AwSafeBrowsingBlockingPage : public safe_browsing::BaseBlockingPage {
   static void ShowBlockingPage(AwSafeBrowsingUIManager* ui_manager,
                                const UnsafeResource& unsafe_resource);
 
+  static AwSafeBrowsingBlockingPage* CreateBlockingPage(
+      AwSafeBrowsingUIManager* ui_manager,
+      content::WebContents* web_contents,
+      const GURL& main_frame_url,
+      const UnsafeResource& unsafe_resource);
+
  protected:
   // Used to specify which BaseSafeBrowsingErrorUI to instantiate, and
   // parameters they require.

android_webview/browser/safe_browsing/aw_safe_browsing_navigation_throttle.cc

+// Copyright 2019 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "android_webview/browser/safe_browsing/aw_safe_browsing_navigation_throttle.h"
+
+#include "android_webview/browser/aw_browser_process.h"
+#include "android_webview/browser/safe_browsing/aw_safe_browsing_blocking_page.h"
+#include "android_webview/browser/safe_browsing/aw_safe_browsing_ui_manager.h"
+#include "base/memory/ptr_util.h"
+#include "components/security_interstitials/content/security_interstitial_tab_helper.h"
+#include "components/security_interstitials/content/unsafe_resource.h"
+#include "content/public/browser/navigation_handle.h"
+
+namespace android_webview {
+
+AwSafeBrowsingNavigationThrottle::AwSafeBrowsingNavigationThrottle(
+    content::NavigationHandle* handle)
+    : content::NavigationThrottle(handle) {}
+
+const char* AwSafeBrowsingNavigationThrottle::GetNameForLogging() {
+  return "AwSafeBrowsingNavigationThrottle";
+}
+
+content::NavigationThrottle::ThrottleCheckResult
+AwSafeBrowsingNavigationThrottle::WillFailRequest() {
+  AwSafeBrowsingUIManager* manager =
+      AwBrowserProcess::GetInstance()->GetSafeBrowsingUIManager();
+  if (manager) {
+    security_interstitials::UnsafeResource resource;
+    content::NavigationHandle* handle = navigation_handle();
+    if (manager->PopUnsafeResourceForURL(handle->GetURL(), &resource)) {
+      AwSafeBrowsingBlockingPage* blocking_page =
+          AwSafeBrowsingBlockingPage::CreateBlockingPage(
+              manager, handle->GetWebContents(), handle->GetURL(), resource);
+      std::string error_page_content = blocking_page->GetHTMLContents();
+      security_interstitials::SecurityInterstitialTabHelper::
+          AssociateBlockingPage(handle->GetWebContents(),
+                                handle->GetNavigationId(),
+                                base::WrapUnique(blocking_page));
+      return content::NavigationThrottle::ThrottleCheckResult(
+          CANCEL, net::ERR_BLOCKED_BY_CLIENT, error_page_content);
+    }
+  }
+  return content::NavigationThrottle::PROCEED;
+}
+
+}  // namespace android_webview

android_webview/browser/safe_browsing/aw_safe_browsing_navigation_throttle.h

+// Copyright 2019 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef ANDROID_WEBVIEW_BROWSER_SAFE_BROWSING_AW_SAFE_BROWSING_NAVIGATION_THROTTLE_H_
+#define ANDROID_WEBVIEW_BROWSER_SAFE_BROWSING_AW_SAFE_BROWSING_NAVIGATION_THROTTLE_H_
+
+#include "content/public/browser/navigation_throttle.h"
+
+namespace content {
+class NavigationHandle;
+}  // namespace content
+
+namespace android_webview {
+class AwSafeBrowsingNavigationThrottle : public content::NavigationThrottle {
+ public:
+  explicit AwSafeBrowsingNavigationThrottle(content::NavigationHandle* handle);
+  ~AwSafeBrowsingNavigationThrottle() override {}
+  const char* GetNameForLogging() override;
+
+  content::NavigationThrottle::ThrottleCheckResult WillFailRequest() override;
+};
+}  // namespace android_webview
+
+#endif  // ANDROID_WEBVIEW_BROWSER_SAFE_BROWSING_AW_SAFE_BROWSING_NAVIGATION_THROTTLE_H_

android_webview/browser/safe_browsing/aw_safe_browsing_ui_manager.cc

@@ -24,6 +24,8 @@
 #include "components/safe_browsing/ping_manager.h"
 #include "content/public/browser/browser_task_traits.h"
 #include "content/public/browser/browser_thread.h"
+#include "content/public/browser/navigation_controller.h"
+#include "content/public/browser/navigation_entry.h"
 #include "services/network/public/mojom/network_service.mojom.h"
 
 using content::BrowserThread;
@@ -108,8 +110,7 @@ AwSafeBrowsingUIManager::GetURLLoaderFactoryOnIOThread() {
 }
 
 int AwSafeBrowsingUIManager::GetErrorUiType(
-    const UnsafeResource& resource) const {
-  WebContents* web_contents = resource.web_contents_getter.Run();
+    content::WebContents* web_contents) const {
   UIManagerClient* client = UIManagerClient::FromWebContents(web_contents);
   DCHECK(client);
   return client->GetErrorUiType();
@@ -133,6 +134,17 @@ void AwSafeBrowsingUIManager::SendSerializedThreatDetails(
   }
 }
 
+safe_browsing::BaseBlockingPage*
+AwSafeBrowsingUIManager::CreateBlockingPageForSubresource(
+    content::WebContents* contents,
+    const GURL& blocked_url,
+    const UnsafeResource& unsafe_resource) {
+  AwSafeBrowsingBlockingPage* blocking_page =
+      AwSafeBrowsingBlockingPage::CreateBlockingPage(
+          this, contents, blocked_url, unsafe_resource);
+  return blocking_page;
+}
+
 void AwSafeBrowsingUIManager::CreateURLLoaderFactoryForIO(
     mojo::PendingReceiver<network::mojom::URLLoaderFactory> receiver) {
   DCHECK_CURRENTLY_ON(BrowserThread::UI);

android_webview/browser/safe_browsing/aw_safe_browsing_ui_manager.h

@@ -9,6 +9,7 @@
 #include <string>
 
 #include "components/safe_browsing/base_ui_manager.h"
+#include "components/security_interstitials/content/unsafe_resource.h"
 #include "content/public/browser/web_contents.h"
 #include "mojo/public/cpp/bindings/pending_receiver.h"
 #include "mojo/public/cpp/bindings/remote.h"
@@ -19,6 +20,7 @@ class SharedURLLoaderFactory;
 }
 
 namespace safe_browsing {
+class BaseBlockingPage;
 class PingManager;
 class SafeBrowsingNetworkContext;
 }  // namespace safe_browsing
@@ -45,7 +47,7 @@ class AwSafeBrowsingUIManager : public safe_browsing::BaseUIManager {
   AwSafeBrowsingUIManager();
 
   // Gets the correct ErrorUiType for the web contents
-  int GetErrorUiType(const UnsafeResource& resource) const;
+  int GetErrorUiType(content::WebContents* web_contents) const;
 
   // BaseUIManager methods:
   void DisplayBlockingPage(const UnsafeResource& resource) override;
@@ -65,6 +67,11 @@ class AwSafeBrowsingUIManager : public safe_browsing::BaseUIManager {
   void ShowBlockingPageForResource(const UnsafeResource& resource) override;
 
  private:
+  safe_browsing::BaseBlockingPage* CreateBlockingPageForSubresource(
+      content::WebContents* contents,
+      const GURL& blocked_url,
+      const UnsafeResource& unsafe_resource) override;
+
   // Called on the UI thread to create a URLLoaderFactory interface ptr for
   // the IO thread.
   void CreateURLLoaderFactoryForIO(

chrome/browser/safe_browsing/ui_manager.cc

@@ -6,7 +6,6 @@
 
 #include "base/bind.h"
 #include "base/callback.h"
-#include "base/feature_list.h"
 #include "base/macros.h"
 #include "base/metrics/histogram_macros.h"
 #include "base/threading/thread.h"
@@ -25,7 +24,6 @@
 #include "components/prefs/pref_service.h"
 #include "components/safe_browsing/browser/threat_details.h"
 #include "components/safe_browsing/common/safe_browsing_prefs.h"
-#include "components/safe_browsing/features.h"
 #include "components/safe_browsing/ping_manager.h"
 #include "components/security_interstitials/content/security_interstitial_tab_helper.h"
 #include "content/public/browser/browser_thread.h"
@@ -108,10 +106,6 @@ void SafeBrowsingUIManager::ShowBlockingPageForResource(
   SafeBrowsingBlockingPage::ShowBlockingPage(this, resource);
 }
 
-bool SafeBrowsingUIManager::SafeBrowsingInterstitialsAreCommittedNavigations() {
-  return base::FeatureList::IsEnabled(kCommittedSBInterstitials);
-}
-
 // static
 bool SafeBrowsingUIManager::ShouldSendHitReport(const HitReport& hit_report,
                                                 WebContents* web_contents) {

chrome/browser/safe_browsing/ui_manager.h

@@ -107,9 +107,6 @@ class SafeBrowsingUIManager : public BaseUIManager {
   // Calls SafeBrowsingBlockingPage::ShowBlockingPage().
   void ShowBlockingPageForResource(const UnsafeResource& resource) override;
 
-  // Returns true if SB committed interstitials are enabled.
-  bool SafeBrowsingInterstitialsAreCommittedNavigations() override;
-
   // Helper method to ensure hit reports are only sent when the user has
   // opted in to extended reporting and is not currently in incognito mode.
   static bool ShouldSendHitReport(const HitReport& hit_report,

components/safe_browsing/base_ui_manager.cc

@@ -8,10 +8,12 @@
 
 #include "base/bind.h"
 #include "base/callback.h"
+#include "base/feature_list.h"
 #include "base/i18n/rtl.h"
 #include "base/memory/ptr_util.h"
 #include "base/supports_user_data.h"
 #include "components/safe_browsing/base_blocking_page.h"
+#include "components/safe_browsing/features.h"
 #include "content/public/browser/browser_thread.h"
 #include "content/public/browser/navigation_entry.h"
 #include "content/public/browser/web_contents.h"
@@ -288,7 +290,7 @@ void BaseUIManager::ShowBlockingPageForResource(
 }
 
 bool BaseUIManager::SafeBrowsingInterstitialsAreCommittedNavigations() {
-  return false;
+  return base::FeatureList::IsEnabled(kCommittedSBInterstitials);
 }
 
 BaseBlockingPage* BaseUIManager::CreateBlockingPageForSubresource(

components/safe_browsing/base_ui_manager.h

@@ -145,9 +145,8 @@ class BaseUIManager
 
  private:
   // When true, we immediately cancel navigations that have been blocked by Safe
-  // Browsing, otherwise we call show on the interstitial. Currently this is
-  // only enabled for main frame navigations.
-  virtual bool SafeBrowsingInterstitialsAreCommittedNavigations();
+  // Browsing, otherwise we call show on the interstitial.
+  bool SafeBrowsingInterstitialsAreCommittedNavigations();
 
   friend class base::RefCountedThreadSafe<BaseUIManager>;