Add mixed forms interstitial for weblayer

Bug: 1118208
Change-Id: Ice40f115737480b0f45f9188164e3ce39a421ef5
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2363720
Commit-Queue: Carlos IL <carlosil@chromium.org>
Reviewed-by: Tim Volodine <timvolodine@chromium.org>
Cr-Commit-Position: refs/heads/master@{#799820}

components/security_interstitials/content/insecure_form_navigation_throttle.cc

@@ -74,7 +74,7 @@ InsecureFormNavigationThrottle::MaybeCreateNavigationThrottle(
     std::unique_ptr<SecurityBlockingPageFactory> blocking_page_factory,
     PrefService* prefs) {
   if (!base::FeatureList::IsEnabled(kInsecureFormSubmissionInterstitial) ||
-      !prefs->GetBoolean(prefs::kMixedFormsWarningsEnabled))
+      (prefs && !prefs->GetBoolean(prefs::kMixedFormsWarningsEnabled)))
     return nullptr;
   return std::make_unique<InsecureFormNavigationThrottle>(
       navigation_handle, std::move(blocking_page_factory));

weblayer/BUILD.gn

@@ -194,6 +194,8 @@ source_set("weblayer_lib_base") {
     "browser/i18n_util.h",
     "browser/infobar_container_android.cc",
     "browser/infobar_container_android.h",
+    "browser/insecure_form_controller_client.cc",
+    "browser/insecure_form_controller_client.h",
     "browser/javascript_tab_modal_dialog_manager_delegate_android.cc",
     "browser/javascript_tab_modal_dialog_manager_delegate_android.h",
     "browser/js_communication/web_message_host_factory_wrapper.cc",

weblayer/browser/content_browser_client_impl.cc

@@ -31,6 +31,7 @@
 #include "components/prefs/scoped_user_pref_update.h"
 #include "components/prerender/browser/prerender_manager.h"
 #include "components/prerender/common/prerender_url_loader_throttle.h"
+#include "components/security_interstitials/content/insecure_form_navigation_throttle.h"
 #include "components/security_interstitials/content/ssl_cert_reporter.h"
 #include "components/security_interstitials/content/ssl_error_handler.h"
 #include "components/security_interstitials/content/ssl_error_navigation_throttle.h"
@@ -655,6 +656,15 @@ ContentBrowserClientImpl::CreateThrottlesForNavigation(
       handle, std::make_unique<SSLCertReporterImpl>(),
       base::BindOnce(&HandleSSLErrorWrapper), base::BindOnce(&IsInHostedApp)));
 
+  std::unique_ptr<security_interstitials::InsecureFormNavigationThrottle>
+      insecure_form_throttle = security_interstitials::
+          InsecureFormNavigationThrottle::MaybeCreateNavigationThrottle(
+              handle, std::make_unique<WebLayerSecurityBlockingPageFactory>(),
+              nullptr);
+  if (insecure_form_throttle) {
+    throttles.push_back(std::move(insecure_form_throttle));
+  }
+
 #if defined(OS_ANDROID)
   if (handle->IsInMainFrame()) {
     if (base::FeatureList::IsEnabled(features::kWebLayerSafeBrowsing) &&

weblayer/browser/insecure_form_controller_client.cc

+// Copyright 2020 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "weblayer/browser/insecure_form_controller_client.h"
+
+#include "content/public/browser/web_contents.h"
+#include "weblayer/browser/i18n_util.h"
+
+namespace weblayer {
+
+// static
+std::unique_ptr<security_interstitials::MetricsHelper>
+InsecureFormControllerClient::GetMetricsHelper(const GURL& url) {
+  security_interstitials::MetricsHelper::ReportDetails settings;
+  settings.metric_prefix = "insecure_form";
+  return std::make_unique<security_interstitials::MetricsHelper>(url, settings,
+                                                                 nullptr);
+}
+
+InsecureFormControllerClient::InsecureFormControllerClient(
+    content::WebContents* web_contents,
+    const GURL& form_target_url)
+    : SecurityInterstitialControllerClient(
+          web_contents,
+          GetMetricsHelper(form_target_url),
+          nullptr, /* prefs */
+          i18n::GetApplicationLocale(),
+          GURL("about:blank") /* default_safe_page */),
+      web_contents_(web_contents) {}
+
+InsecureFormControllerClient::~InsecureFormControllerClient() = default;
+
+void InsecureFormControllerClient::GoBack() {
+  SecurityInterstitialControllerClient::GoBackAfterNavigationCommitted();
+}
+
+void InsecureFormControllerClient::Proceed() {
+  // TODO(crbug.com/1093955): The simple reload logic means the interstitial is
+  // bypassed with any reload (e.g. F5), ideally this shouldn't be the case.
+
+  // We don't check for repost on the proceed reload since the interstitial
+  // explains this will submit the form.
+  web_contents_->GetController().Reload(content::ReloadType::NORMAL, false);
+}
+
+}  // namespace weblayer

weblayer/browser/insecure_form_controller_client.h

+// Copyright 2020 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef WEBLAYER_BROWSER_INSECURE_FORM_CONTROLLER_CLIENT_H_
+#define WEBLAYER_BROWSER_INSECURE_FORM_CONTROLLER_CLIENT_H_
+
+#include "components/security_interstitials/content/security_interstitial_controller_client.h"
+#include "components/security_interstitials/core/metrics_helper.h"
+
+namespace content {
+class WebContents;
+}
+
+namespace weblayer {
+
+// A stripped-down version of the class by the same name in
+// //chrome/browser/ssl, which provides basic functionality for interacting with
+// the insecure form interstitial.
+class InsecureFormControllerClient
+    : public security_interstitials::SecurityInterstitialControllerClient {
+ public:
+  static std::unique_ptr<security_interstitials::MetricsHelper>
+  GetMetricsHelper(const GURL& url);
+
+  InsecureFormControllerClient(content::WebContents* web_contents,
+                               const GURL& form_target_url);
+  InsecureFormControllerClient(const InsecureFormControllerClient&) = delete;
+  InsecureFormControllerClient& operator=(const InsecureFormControllerClient&) =
+      delete;
+  ~InsecureFormControllerClient() override;
+
+  // security_interstitials::SecurityInterstitialControllerClient:
+  void GoBack() override;
+  void Proceed() override;
+
+ private:
+  content::WebContents* web_contents_;
+};
+
+}  // namespace weblayer
+
+#endif  // WEBLAYER_BROWSER_INSECURE_FORM_CONTROLLER_CLIENT_H_

weblayer/browser/ssl_browsertest.cc

@@ -8,9 +8,12 @@
 #include "base/macros.h"
 #include "base/optional.h"
 #include "base/scoped_observer.h"
+#include "base/test/scoped_feature_list.h"
 #include "build/build_config.h"
 #include "components/network_time/network_time_tracker.h"
+#include "components/security_interstitials/content/insecure_form_blocking_page.h"
 #include "components/security_interstitials/content/ssl_error_handler.h"
+#include "components/security_interstitials/core/features.h"
 #include "net/test/embedded_test_server/embedded_test_server.h"
 #include "weblayer/browser/browser_process.h"
 #include "weblayer/browser/weblayer_security_blocking_page_factory.h"
@@ -386,4 +389,65 @@ IN_PROC_BROWSER_TEST_F(SSLBrowserTest, ErrorPageNotCalledForMismatch) {
   EXPECT_FALSE(error_page_delegate.was_get_error_page_content_called());
 }
 
+class SSLBrowserTestWithInsecureFormsWarningEnabled : public SSLBrowserTest {
+ public:
+  SSLBrowserTestWithInsecureFormsWarningEnabled() {
+    feature_list_.InitAndEnableFeature(
+        security_interstitials::kInsecureFormSubmissionInterstitial);
+  }
+
+ private:
+  base::test::ScopedFeatureList feature_list_;
+};
+
+// Visits a page that displays an insecure form, submits the form, and checks an
+// interstitial is shown.
+IN_PROC_BROWSER_TEST_F(SSLBrowserTestWithInsecureFormsWarningEnabled,
+                       TestDisplaysInsecureFormSubmissionWarning) {
+  GURL insecure_form_url = https_server_->GetURL("/insecure_form.html");
+  GURL form_target_url = GURL("http://does-not-exist.test/form_target.html?");
+  NavigateAndWaitForCompletion(insecure_form_url, shell());
+
+  // Submit the form and wait for the interstitial to load.
+  TestNavigationObserver navigation_observer(
+      form_target_url, TestNavigationObserver::NavigationEvent::kFailure,
+      shell());
+  ExecuteScript(shell(), "submitForm();", false /*use_separate_isolate*/);
+  navigation_observer.Wait();
+
+  // Check the correct interstitial loaded.
+  EXPECT_TRUE(IsShowingInsecureFormInterstitial(shell()->tab()));
+}
+
+class SSLBrowserTestWithInsecureFormsWarningDisabled : public SSLBrowserTest {
+ public:
+  SSLBrowserTestWithInsecureFormsWarningDisabled() {
+    feature_list_.InitAndDisableFeature(
+        security_interstitials::kInsecureFormSubmissionInterstitial);
+  }
+
+ private:
+  base::test::ScopedFeatureList feature_list_;
+};
+
+// Visits a page that displays an insecure form, submits the form, and checks no
+// interstitial is displayed with the feature off.
+IN_PROC_BROWSER_TEST_F(SSLBrowserTestWithInsecureFormsWarningDisabled,
+                       TestNoInsecureFormWarning) {
+  GURL insecure_form_url = https_server_->GetURL("/insecure_form.html");
+  GURL form_target_url = GURL("http://does-not-exist.test/form_target.html?");
+  NavigateAndWaitForCompletion(insecure_form_url, shell());
+
+  // Submit the form and wait for the form target to load. We wait for a
+  // failure since the target url is not served.
+  TestNavigationObserver navigation_observer(
+      form_target_url, TestNavigationObserver::NavigationEvent::kFailure,
+      shell());
+  ExecuteScript(shell(), "submitForm();", false /*use_separate_isolate*/);
+  navigation_observer.Wait();
+
+  // Check no interstitial loaded.
+  EXPECT_FALSE(IsShowingSecurityInterstitial(shell()->tab()));
+}
+
 }  // namespace weblayer

weblayer/browser/weblayer_security_blocking_page_factory.cc

@@ -6,10 +6,12 @@
 
 #include "components/captive_portal/core/buildflags.h"
 #include "components/security_interstitials/content/content_metrics_helper.h"
+#include "components/security_interstitials/content/insecure_form_blocking_page.h"
 #include "components/security_interstitials/content/ssl_blocking_page.h"
 #include "components/security_interstitials/core/metrics_helper.h"
 #include "content/public/browser/web_contents.h"
 #include "weblayer/browser/captive_portal_service_factory.h"
+#include "weblayer/browser/insecure_form_controller_client.h"
 #include "weblayer/browser/ssl_error_controller_client.h"
 
 #if defined(OS_ANDROID)
@@ -201,10 +203,12 @@ std::unique_ptr<security_interstitials::InsecureFormBlockingPage>
 WebLayerSecurityBlockingPageFactory::CreateInsecureFormBlockingPage(
     content::WebContents* web_contents,
     const GURL& request_url) {
-  // TODO(crbug.com/1093102): Insecure form warnings are not yet implemented in
-  // Weblayer.
-  NOTREACHED();
-  return nullptr;
+  std::unique_ptr<InsecureFormControllerClient> client =
+      std::make_unique<InsecureFormControllerClient>(web_contents, request_url);
+  auto page =
+      std::make_unique<security_interstitials::InsecureFormBlockingPage>(
+          web_contents, request_url, std::move(client));
+  return page;
 }
 
 #if defined(OS_ANDROID)

weblayer/grit_strings_allowlist.txt

@@ -94,6 +94,11 @@ IDS_GEOLOCATION_INFOBAR_TEXT
 IDS_HTTP_POST_WARNING
 IDS_HTTP_POST_WARNING_RESEND
 IDS_HTTP_POST_WARNING_TITLE
+IDS_INSECURE_FORM_TITLE
+IDS_INSECURE_FORM_HEADING
+IDS_INSECURE_FORM_PRIMARY_PARAGRAPH
+IDS_INSECURE_FORM_SUBMIT_BUTTON
+IDS_INSECURE_FORM_BACK_BUTTON
 IDS_JAVASCRIPT_MESSAGEBOX_TITLE
 IDS_JAVASCRIPT_MESSAGEBOX_TITLE_IFRAME
 IDS_JAVASCRIPT_MESSAGEBOX_TITLE_NONSTANDARD_URL
@@ -216,6 +221,7 @@ IDS_PROTECTED_MEDIA_IDENTIFIER_PER_ORIGIN_PROVISIONING_INFOBAR_TEXT
 IDS_REQUEST_LARGE_QUOTA_INFOBAR_TEXT
 IDS_REQUEST_QUOTA_INFOBAR_TEXT
 IDS_REQUEST_QUOTA_PERMISSION_FRAGMENT
+IDS_SAFE_BROWSING_SCOUT_REPORTING_AGREE
 IDS_SMS_INFOBAR_BUTTON_OK
 IDS_SMS_INFOBAR_STATUS_SMS_RECEIVED
 IDS_SMS_INFOBAR_TITLE

weblayer/test/data/insecure_form.html

+<html>
+<head><title>Page that displays an insecure form</title>
+<script>
+ function submitForm() {
+   form = document.getElementById("insecureForm");
+   form.submit();
+ }
+</script>
+</head>
+<body>
+This page contains a form which targets a non-secure URL,
+causing insecure content (when this page is loaded over https).<br>
+<form id="insecureForm" action="http://does-not-exist.test/form_target.html">
+<input type="submit" />
+</form>
+
+</body>
+</html>

weblayer/test/interstitial_utils.cc

@@ -6,6 +6,7 @@
 
 #include "components/security_interstitials/content/bad_clock_blocking_page.h"
 #include "components/security_interstitials/content/captive_portal_blocking_page.h"
+#include "components/security_interstitials/content/insecure_form_blocking_page.h"
 #include "components/security_interstitials/content/security_interstitial_page.h"
 #include "components/security_interstitials/content/security_interstitial_tab_helper.h"
 #include "components/security_interstitials/content/ssl_blocking_page.h"
@@ -64,4 +65,9 @@ bool IsShowingBadClockInterstitial(Tab* tab) {
                                      BadClockBlockingPage::kTypeForTesting);
 }
 
+bool IsShowingInsecureFormInterstitial(Tab* tab) {
+  return IsShowingInterstitialOfType(
+      tab, security_interstitials::InsecureFormBlockingPage::kTypeForTesting);
+}
+
 }  // namespace weblayer

weblayer/test/interstitial_utils.h

@@ -27,6 +27,10 @@ bool IsShowingCaptivePortalInterstitial(Tab* tab);
 // Returns true iff a bad clock interstitial is currently displaying in |tab|.
 bool IsShowingBadClockInterstitial(Tab* tab);
 
+// Returns true iff an insecure form interstitial is currently displaying in
+// |tab|.
+bool IsShowingInsecureFormInterstitial(Tab* tab);
+
 }  // namespace weblayer
 
 #endif  // WEBLAYER_TEST_INTERSTITIAL_UTILS_H_