Show the recurrent error message on the interstitial

When an error message has recurred several times, show a message on the interstitial. Note: the message isn't styled yet; the feature is off by default so I'll do the styling (and translation screenshot) in a follow-up CL. Bug: 839969 Cq-Include-Trybots: master.tryserver.chromium.mac:ios-simulator-cronet;master.tryserver.chromium.mac:ios-simulator-full-configs Change-Id: I94a31ff16eaf9e8ef82134f372852f03b19e28df Reviewed-on: https://chromium-review.googlesource.com/1049119 Commit-Queue: Emily Stark <estark@chromium.org> Reviewed-by: Christopher Thompson <cthomp@chromium.org> Cr-Commit-Position: refs/heads/master@{#557190}

Show the recurrent error message on the interstitial
When an error message has recurred several times, show a message on the interstitial. Note: the message isn't styled yet; the feature is off by default so I'll do the styling (and translation screenshot) in a follow-up CL. Bug: 839969 Cq-Include-Trybots: master.tryserver.chromium.mac:ios-simulator-cronet;master.tryserver.chromium.mac:ios-simulator-full-configs Change-Id: I94a31ff16eaf9e8ef82134f372852f03b19e28df Reviewed-on: https://chromium-review.googlesource.com/1049119 Commit-Queue: Emily Stark <estark@chromium.org> Reviewed-by: Christopher Thompson <cthomp@chromium.org> Cr-Commit-Position: refs/heads/master@{#557190}
9e58df46 · Emily Stark · Commit Bot · e079f156 · 9e58df46 · 9e58df46
Commit 9e58df46 authored May 09, 2018 by Emily Stark Committed by Commit Bot May 09, 2018
22 changed files
--- a/chrome/browser/ssl/bad_clock_blocking_page.cc
+++ b/chrome/browser/ssl/bad_clock_blocking_page.cc
@@ -79,6 +79,7 @@ BadClockBlockingPage::BadClockBlockingPage(
          std::make_unique<SSLErrorControllerClient>(
              web_contents,
              ssl_info,
+              cert_error,
              request_url,
              CreateBadClockMetricsHelper(web_contents, request_url))),
      callback_(callback),

--- a/chrome/browser/ssl/captive_portal_blocking_page.cc
+++ b/chrome/browser/ssl/captive_portal_blocking_page.cc
@@ -72,6 +72,7 @@ CaptivePortalBlockingPage::CaptivePortalBlockingPage(
    const GURL& login_url,
    std::unique_ptr<SSLCertReporter> ssl_cert_reporter,
    const net::SSLInfo& ssl_info,
+    int cert_error,
    const base::Callback<void(content::CertificateRequestResultType)>& callback)
    : SSLBlockingPageBase(
          web_contents,
@@ -84,6 +85,7 @@ CaptivePortalBlockingPage::CaptivePortalBlockingPage(
          std::make_unique<SSLErrorControllerClient>(
              web_contents,
              ssl_info,
+              cert_error,
              request_url,
              CreateCaptivePortalMetricsHelper(web_contents, request_url))),
      login_url_(login_url),
@@ -205,6 +207,8 @@ void CaptivePortalBlockingPage::PopulateInterstitialStrings(
  load_time_data->SetString("closeDetails", base::string16());
  load_time_data->SetString("explanationParagraph", base::string16());
  load_time_data->SetString("finalParagraph", base::string16());
+  load_time_data->SetString("recurrentErrorParagraph", base::string16());
+  load_time_data->SetBoolean("show_recurrent_error_paragraph", false);
  if (cert_report_helper())
    cert_report_helper()->PopulateExtendedReportingOption(load_time_data);

--- a/chrome/browser/ssl/captive_portal_blocking_page.h
+++ b/chrome/browser/ssl/captive_portal_blocking_page.h
@@ -45,6 +45,7 @@ class CaptivePortalBlockingPage : public SSLBlockingPageBase {
      const GURL& login_url,
      std::unique_ptr<SSLCertReporter> ssl_cert_reporter,
      const net::SSLInfo& ssl_info,
+      int cert_error,
      const base::Callback<void(content::CertificateRequestResultType)>&
          callback);
  ~CaptivePortalBlockingPage() override;

--- a/chrome/browser/ssl/captive_portal_blocking_page_browsertest.cc
+++ b/chrome/browser/ssl/captive_portal_blocking_page_browsertest.cc
@@ -81,6 +81,7 @@ class CaptivePortalBlockingPageForTesting : public CaptivePortalBlockingPage {
                                  login_url,
                                  std::move(ssl_cert_reporter),
                                  ssl_info,
+                                  net::ERR_CERT_COMMON_NAME_INVALID,
                                  callback),
        is_wifi_(is_wifi),
        wifi_ssid_(wifi_ssid) {}

--- a/chrome/browser/ssl/mitm_software_blocking_page.cc
+++ b/chrome/browser/ssl/mitm_software_blocking_page.cc
@@ -79,6 +79,7 @@ MITMSoftwareBlockingPage::MITMSoftwareBlockingPage(
          std::make_unique<SSLErrorControllerClient>(
              web_contents,
              ssl_info,
+              cert_error,
              request_url,
              CreateMitmSoftwareMetricsHelper(web_contents, request_url))),
      callback_(callback),

--- a/chrome/browser/ssl/ssl_blocking_page.cc
+++ b/chrome/browser/ssl/ssl_blocking_page.cc
@@ -147,6 +147,7 @@ SSLBlockingPage::SSLBlockingPage(
                          std::make_unique<SSLErrorControllerClient>(
                              web_contents,
                              ssl_info,
+                              cert_error,
                              request_url,
                              std::move(metrics_helper))),
      callback_(callback),

--- a/chrome/browser/ssl/ssl_browsertest.cc
+++ b/chrome/browser/ssl/ssl_browsertest.cc
@@ -409,6 +409,30 @@ void WaitForInterstitial(content::WebContents* tab) {
  }
 }
+void ExpectInterstitialElementHidden(content::WebContents* tab,
+                                     const std::string& element_id,
+                                     bool expect_hidden) {
+  if (!AreCommittedInterstitialsEnabled()) {
+    ASSERT_TRUE(tab->GetInterstitialPage());
+  }
+  content::RenderFrameHost* frame =
+      AreCommittedInterstitialsEnabled()
+          ? tab->GetMainFrame()
+          : tab->GetInterstitialPage()->GetMainFrame();
+  // Send CMD_TEXT_FOUND to indicate that the 'hidden' class is found, and
+  // CMD_TEXT_NOT_FOUND if not.
+  std::string command = base::StringPrintf(
+      "window.domAutomationController.send($('%s').classList.contains('hidden')"
+      " ? %d : %d);",
+      element_id.c_str(), security_interstitials::CMD_TEXT_FOUND,
+      security_interstitials::CMD_TEXT_NOT_FOUND);
+  int result = 0;
+  EXPECT_TRUE(content::ExecuteScriptAndExtractInt(frame, command, &result));
+  EXPECT_EQ(expect_hidden ? security_interstitials::CMD_TEXT_FOUND
+                          : security_interstitials::CMD_TEXT_NOT_FOUND,
+            result);
+}
 void ExpectInterstitialHeading(content::WebContents* tab,
                               const std::string& expected_heading) {
  if (!AreCommittedInterstitialsEnabled()) {
@@ -7488,6 +7512,60 @@ IN_PROC_BROWSER_TEST_F(SSLUIDynamicInterstitialTest,
  }
 }
+class RecurrentInterstitialBrowserTest
+    : public CertVerifierBrowserTest,
+      public testing::WithParamInterface<bool> {
+ public:
+  RecurrentInterstitialBrowserTest() : CertVerifierBrowserTest() {}
+  void SetUpCommandLine(base::CommandLine* command_line) override {
+    CertVerifierBrowserTest::SetUpCommandLine(command_line);
+    if (GetParam()) {
+      command_line->AppendSwitch(switches::kCommittedInterstitials);
+    }
+    feature_list_.InitAndEnableFeatureWithParameters(
+        kRecurrentInterstitialFeature, {{"threshold", "2"}});
+  }
+  void SetUpOnMainThread() override {
+    CertVerifierBrowserTest::SetUpOnMainThread();
+    host_resolver()->AddRule("*", "127.0.0.1");
+  }
+  void TearDownOnMainThread() override {
+    content::BrowserThread::PostTask(content::BrowserThread::IO, FROM_HERE,
+                                     base::BindOnce(&CleanUpOnIOThread));
+    CertVerifierBrowserTest::TearDownOnMainThread();
+  }
+ private:
+  base::test::ScopedFeatureList feature_list_;
+};
+INSTANTIATE_TEST_CASE_P(,
+                        RecurrentInterstitialBrowserTest,
+                        ::testing::Values(false, true));
+// Tests that a message is added to the interstitial when an error code recurs
+// multiple times.
+IN_PROC_BROWSER_TEST_P(RecurrentInterstitialBrowserTest,
+                       RecurrentInterstitial) {
+  net::EmbeddedTestServer https_server(net::EmbeddedTestServer::TYPE_HTTPS);
+  ASSERT_TRUE(https_server.Start());
+  mock_cert_verifier()->set_default_result(
+      net::ERR_CERTIFICATE_TRANSPARENCY_REQUIRED);
+  ui_test_utils::NavigateToURL(browser(), https_server.GetURL("/"));
+  WebContents* tab = browser()->tab_strip_model()->GetActiveWebContents();
+  WaitForInterstitial(tab);
+  ExpectInterstitialElementHidden(tab, "recurrent-error-message",
+                                  true /* expect_hidden */);
+  ui_test_utils::NavigateToURL(browser(), https_server.GetURL("/"));
+  WaitForInterstitial(tab);
+  ExpectInterstitialElementHidden(tab, "recurrent-error-message",
+                                  false /* expect_hidden */);
+}
 // TODO(jcampan): more tests to do below.
 // Visit a page over https that contains a frame with a redirect.

--- a/chrome/browser/ssl/ssl_error_controller_client.cc
+++ b/chrome/browser/ssl/ssl_error_controller_client.cc
@@ -14,6 +14,7 @@
 #include "chrome/browser/interstitials/chrome_metrics_helper.h"
 #include "chrome/browser/profiles/profile.h"
 #include "chrome/browser/ssl/chrome_ssl_host_state_delegate.h"
+#include "chrome/browser/ssl/chrome_ssl_host_state_delegate_factory.h"
 #include "chrome/common/chrome_switches.h"
 #include "chrome/common/pref_names.h"
 #include "chrome/common/url_constants.h"
@@ -133,6 +134,7 @@ bool AreCommittedInterstitialsEnabled() {
 SSLErrorControllerClient::SSLErrorControllerClient(
    content::WebContents* web_contents,
    const net::SSLInfo& ssl_info,
+    int cert_error,
    const GURL& request_url,
    std::unique_ptr<security_interstitials::MetricsHelper> metrics_helper)
    : SecurityInterstitialControllerClient(
@@ -143,7 +145,8 @@ SSLErrorControllerClient::SSLErrorControllerClient(
          g_browser_process->GetApplicationLocale(),
          GURL(chrome::kChromeUINewTabURL)),
      ssl_info_(ssl_info),
-      request_url_(request_url) {}
+      request_url_(request_url),
+      cert_error_(cert_error) {}
 SSLErrorControllerClient::~SSLErrorControllerClient() {}
@@ -204,3 +207,10 @@ void SSLErrorControllerClient::LaunchDateAndTimeSettings() {
                           base::BindOnce(&LaunchDateAndTimeSettingsImpl));
 #endif
 }
+bool SSLErrorControllerClient::HasSeenRecurrentError() {
+  ChromeSSLHostStateDelegate* state =
+      ChromeSSLHostStateDelegateFactory::GetForProfile(
+          Profile::FromBrowserContext(web_contents_->GetBrowserContext()));
+  return state->HasSeenRecurrentErrors(cert_error_);
+}
--- a/chrome/browser/ssl/ssl_error_controller_client.h
+++ b/chrome/browser/ssl/ssl_error_controller_client.h
@@ -20,6 +20,7 @@ class SSLErrorControllerClient
  SSLErrorControllerClient(
      content::WebContents* web_contents,
      const net::SSLInfo& ssl_info,
+      int cert_error,
      const GURL& request_url,
      std::unique_ptr<security_interstitials::MetricsHelper> metrics_helper);
  ~SSLErrorControllerClient() override;
@@ -29,10 +30,12 @@ class SSLErrorControllerClient
  void Proceed() override;
  bool CanLaunchDateAndTimeSettings() override;
  void LaunchDateAndTimeSettings() override;
+  bool HasSeenRecurrentError() override;
 private:
  const net::SSLInfo ssl_info_;
  const GURL request_url_;
+  const int cert_error_;
  DISALLOW_COPY_AND_ASSIGN(SSLErrorControllerClient);
 };

--- a/chrome/browser/ssl/ssl_error_handler.cc
+++ b/chrome/browser/ssl/ssl_error_handler.cc
@@ -532,7 +532,7 @@ void SSLErrorHandlerDelegateImpl::ShowCaptivePortalInterstitial(
  // Show captive portal blocking page. The interstitial owns the blocking page.
  OnBlockingPageReady(new CaptivePortalBlockingPage(
      web_contents_, request_url_, landing_url, std::move(ssl_cert_reporter_),
-      ssl_info_, decision_callback_));
+      ssl_info_, cert_error_, decision_callback_));
 }
 void SSLErrorHandlerDelegateImpl::ShowMITMSoftwareInterstitial(

--- a/chrome/browser/ui/webui/interstitials/interstitial_ui.cc
+++ b/chrome/browser/ui/webui/interstitials/interstitial_ui.cc
@@ -114,6 +114,7 @@ class CaptivePortalBlockingPageWithNetInfo : public CaptivePortalBlockingPage {
                                  login_url,
                                  nullptr,
                                  ssl_info,
+                                  net::ERR_CERT_COMMON_NAME_INVALID,
                                  callback),
        is_wifi_(is_wifi),
        wifi_ssid_(wifi_ssid) {}

--- a/components/security_interstitials/core/browser/resources/interstitial_large.html
+++ b/components/security_interstitials/core/browser/resources/interstitial_large.html
@@ -32,6 +32,9 @@
          <div id="error-debugging-info" class="hidden"></div>
        </div>
      </div>
+      <div id="recurrent-error-message">
+        <p>$i18nRaw{recurrentErrorParagraph}</p>
+      </div>
      <div id="extended-reporting-opt-in" class="hidden">
        <label>
          <div class="checkboxes">

--- a/components/security_interstitials/core/browser/resources/interstitial_large.js
+++ b/components/security_interstitials/core/browser/resources/interstitial_large.js
@@ -69,6 +69,8 @@ function setupEvents() {
  var captivePortal = interstitialType == 'CAPTIVE_PORTAL';
  var badClock = ssl && loadTimeData.getBoolean('bad_clock');
  var hidePrimaryButton = loadTimeData.getBoolean('hide_primary_button');
+  var showRecurrentErrorParagraph = loadTimeData.getBoolean(
+    'show_recurrent_error_paragraph');
  if (ssl) {
    $('body').classList.add(badClock ? 'bad-clock' : 'ssl');
@@ -126,6 +128,10 @@ function setupEvents() {
    $('proceed-link').classList.add('small-link');
  }
+  if (!ssl || !showRecurrentErrorParagraph) {
+    $('recurrent-error-message').classList.add(HIDDEN_CLASS);
+  }
  if ($('diagnostic-link')) {
    $('diagnostic-link').addEventListener('click', function(event) {
      sendCommand(SecurityInterstitialCommandId.CMD_OPEN_DIAGNOSTIC);

--- a/components/security_interstitials/core/common_string_util.cc
+++ b/components/security_interstitials/core/common_string_util.cc
@@ -31,6 +31,10 @@ void PopulateSSLLayoutStrings(int cert_error,
      "openDetails", l10n_util::GetStringUTF16(IDS_SSL_OPEN_DETAILS_BUTTON));
  load_time_data->SetString(
      "closeDetails", l10n_util::GetStringUTF16(IDS_SSL_CLOSE_DETAILS_BUTTON));
+  // Not used by most interstitials; can be overridden by individual
+  // interstitials as needed.
+  load_time_data->SetString("recurrentErrorParagraph", "");
+  load_time_data->SetBoolean("show_recurrent_error_paragraph", false);
 }
 void PopulateSSLDebuggingStrings(const net::SSLInfo ssl_info,

--- a/components/security_interstitials/core/controller_client.cc
+++ b/components/security_interstitials/core/controller_client.cc
@@ -68,6 +68,10 @@ void ControllerClient::OpenURL(bool open_links_in_new_tab, const GURL& url) {
  }
 }
+bool ControllerClient::HasSeenRecurrentError() {
+  return false;
+}
 GURL ControllerClient::GetBaseHelpCenterUrl() const {
  return help_center_url_;
 }

--- a/components/security_interstitials/core/controller_client.h
+++ b/components/security_interstitials/core/controller_client.h
@@ -100,6 +100,10 @@ class ControllerClient {
  virtual const std::string& GetApplicationLocale() const = 0;
+  // Returns true if the error page should display a message to account for the
+  // fact that the user has seen the same error multiple times.
+  virtual bool HasSeenRecurrentError();
  GURL GetBaseHelpCenterUrl() const;
  void SetBaseHelpCenterUrlForTesting(const GURL& test_url);

--- a/components/security_interstitials/core/safe_browsing_loud_error_ui.cc
+++ b/components/security_interstitials/core/safe_browsing_loud_error_ui.cc
@@ -105,6 +105,10 @@ void SafeBrowsingLoudErrorUI::PopulateStringsForHtml(
      break;
  }
+  // Not used by this interstitial.
+  load_time_data->SetString("recurrentErrorParagraph", base::string16());
+  load_time_data->SetBoolean("show_recurrent_error_paragraph", false);
  PopulateExtendedReportingOption(load_time_data);
 }

--- a/components/security_interstitials/core/safe_browsing_quiet_error_ui.cc
+++ b/components/security_interstitials/core/safe_browsing_quiet_error_ui.cc
@@ -81,6 +81,10 @@ void SafeBrowsingQuietErrorUI::PopulateStringsForHtml(
  } else {
    NOTREACHED();
  }
+  // Not used by this interstitial.
+  load_time_data->SetString("recurrentErrorParagraph", base::string16());
+  load_time_data->SetBoolean("show_recurrent_error_paragraph", false);
 }
 void SafeBrowsingQuietErrorUI::SetGiantWebViewForTesting(

--- a/components/security_interstitials/core/ssl_error_ui.cc
+++ b/components/security_interstitials/core/ssl_error_ui.cc
@@ -81,6 +81,11 @@ void SSLErrorUI::PopulateStringsForHTML(base::DictionaryValue* load_time_data) {
      l10n_util::GetStringFUTF16(
          IDS_SSL_V2_PRIMARY_PARAGRAPH,
          common_string_util::GetFormattedHostName(request_url_)));
+  load_time_data->SetString(
+      "recurrentErrorParagraph",
+      l10n_util::GetStringUTF16(IDS_SSL_V2_RECURRENT_ERROR_PARAGRAPH));
+  load_time_data->SetBoolean("show_recurrent_error_paragraph",
+                             controller_->HasSeenRecurrentError());
  if (soft_override_enabled_)
    PopulateOverridableStrings(load_time_data);

--- a/components/security_interstitials/core/superfish_error_ui.cc
+++ b/components/security_interstitials/core/superfish_error_ui.cc
@@ -59,6 +59,8 @@ void SuperfishErrorUI::PopulateStringsForHTML(
  load_time_data->SetString("finalParagraph", std::string());
  load_time_data->SetString("openDetails", base::string16());
  load_time_data->SetString("closeDetails", base::string16());
+  load_time_data->SetString("recurrentErrorParagraph", base::string16());
+  load_time_data->SetBoolean("show_recurrent_error_paragraph", false);
 }
 void SuperfishErrorUI::HandleCommand(SecurityInterstitialCommand command) {

--- a/components/security_interstitials_strings.grdp
+++ b/components/security_interstitials_strings.grdp
@@ -115,6 +115,9 @@
  <message name="IDS_SSL_V2_PRIMARY_PARAGRAPH" desc="The primary explanatory paragraph for the SSL interstitial.">
    Attackers might be trying to steal your information from <ph name="BEGIN_BOLD">&lt;strong&gt;</ph><ph name="SITE">$1<ex>google.com</ex></ph><ph name="END_BOLD">&lt;/strong&gt;</ph> (for example, passwords, messages, or credit cards). <ph name="BEGIN_LEARN_MORE_LINK">&lt;a href="#" id="learn-more-link"&gt;</ph>Learn more<ph name="END_LEARN_MORE_LINK">&lt;/a&gt;</ph>
  </message>
+  <message name="IDS_SSL_V2_RECURRENT_ERROR_PARAGRAPH" desc="A paragraph for an SSL interstitial that the user has seen multiple times in a browsing session.">
+    Warnings may be common while websites update their security. This should improve soon.
+  </message>
  <!-- SSL error page: Superfish-specific -->
  <if expr="_google_chrome">

--- a/ios/chrome/browser/ssl/ios_captive_portal_blocking_page.mm
+++ b/ios/chrome/browser/ssl/ios_captive_portal_blocking_page.mm
@@ -77,6 +77,8 @@ void IOSCaptivePortalBlockingPage::PopulateInterstitialStrings(
  load_time_data->SetString("closeDetails", base::string16());
  load_time_data->SetString("explanationParagraph", base::string16());
  load_time_data->SetString("finalParagraph", base::string16());
+  load_time_data->SetString("recurrentErrorParagraph", base::string16());
+  load_time_data->SetBoolean("show_recurrent_error_paragraph", false);
 }
 void IOSCaptivePortalBlockingPage::AfterShow() {}