[Origin Policy] De-scare the Origin policy interstitial.

The current origin policy interstitial uses the all-red super danger interstitials style, and the text messages indicate an imemdiate security threat (which could be true, but it might also be a simple mis-configuration). This changes this to an SSL-error-like interstitial design, and a more neutral language. Bug: 971598, 751996 Change-Id: I31dba2ae7646eb1e2ee747ab93c9854516ffeddb Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1795604Reviewed-by: Carlos IL <carlosil@chromium.org> Commit-Queue: Daniel Vogelheim <vogelheim@chromium.org> Cr-Commit-Position: refs/heads/master@{#695591}

[Origin Policy] De-scare the Origin policy interstitial.
The current origin policy interstitial uses the all-red super danger interstitials style, and the text messages indicate an imemdiate security threat (which could be true, but it might also be a simple mis-configuration). This changes this to an SSL-error-like interstitial design, and a more neutral language. Bug: 971598, 751996 Change-Id: I31dba2ae7646eb1e2ee747ab93c9854516ffeddb Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1795604Reviewed-by: Carlos IL <carlosil@chromium.org> Commit-Queue: Daniel Vogelheim <vogelheim@chromium.org> Cr-Commit-Position: refs/heads/master@{#695591}
c609a396 · Daniel Vogelheim · Commit Bot · c09f9d1d · c609a396 · c609a396
Commit c609a396 authored Sep 11, 2019 by Daniel Vogelheim Committed by Commit Bot Sep 11, 2019
3 changed files
--- a/chrome/browser/ui/webui/interstitials/interstitial_ui_browsertest.cc
+++ b/chrome/browser/ui/webui/interstitials/interstitial_ui_browsertest.cc
@@ -183,7 +183,7 @@ IN_PROC_BROWSER_TEST_F(InterstitialUITest, CaptivePortalInterstitialWifi) {
 IN_PROC_BROWSER_TEST_F(InterstitialUITest, OriginPolicyErrorInterstitial) {
  TestInterstitial(GURL("chrome://interstitials/origin_policy"),
                   "Origin Policy Error",
-                   base::ASCIIToUTF16("has requested that a security policy"));
+                   base::ASCIIToUTF16("has requested that an origin policy"));
 }
 // Tests that back button works after opening an interstitial from

--- a/components/security_interstitials/core/browser/resources/interstitial_large.js
+++ b/components/security_interstitials/core/browser/resources/interstitial_large.js
@@ -71,6 +71,7 @@ function setupEvents() {
  var lookalike = interstitialType == 'LOOKALIKE';
  var billing = interstitialType == 'SAFEBROWSING' &&
                    loadTimeData.getBoolean('billing');
+  var originPolicy = interstitialType == "ORIGIN_POLICY";
  var hidePrimaryButton = loadTimeData.getBoolean('hide_primary_button');
  var showRecurrentErrorParagraph = loadTimeData.getBoolean(
    'show_recurrent_error_paragraph');
@@ -80,7 +81,7 @@ function setupEvents() {
    $('body').classList.add('dark-mode-available');
  }
-  if (ssl) {
+  if (ssl || originPolicy) {
    $('body').classList.add(badClock ? 'bad-clock' : 'ssl');
    $('error-code').textContent = loadTimeData.getString('errorCode');
    $('error-code').classList.remove(HIDDEN_CLASS);

--- a/components/security_interstitials_strings.grdp
+++ b/components/security_interstitials_strings.grdp
@@ -408,13 +408,12 @@
  </message>
  <message name="IDS_ORIGIN_POLICY_HEADING"
    desc="The large heading at the top of the Origin Policy Error Interstitial">
-    Blocked according to <ph name="ORIGIN">$2</ph>'s security policy.
+    Blocked according to <ph name="ORIGIN">$2</ph>'s origin policy.
  </message>
  <message name="IDS_ORIGIN_POLICY_INFO"
    desc="The primary explanatory paragraph for the Origin Policy Error interstitial.">
-    The site <ph name="ORIGIN">$2</ph> has requested that a security policy
+    The site <ph name="ORIGIN">$2</ph> has requested that an origin policy
-    will apply to all its request, and this policy presently deems the site
+    will apply to all its request, but this policy cannot presently be applied.
-    unsafe.
  </message>
  <message name="IDS_ORIGIN_POLICY_INFO2" desc="The second paragrpah of the text of the Origin Policy Error Interstitial. (Presently intentionally left blank.)" />
  <message name="IDS_ORIGIN_POLICY_BUTTON"
@@ -427,25 +426,29 @@
  </message>
  <message name="IDS_ORIGIN_POLICY_EXPLANATION_CANNOT_LOAD" desc="The text of the Origin Policy Error Interstitial that will be displayed when the user presses the 'Advanced' button for additional information, for the case where the policy could not be loaded.">
    The server you are going to, <ph name="ORIGIN">$2</ph>, has requested that
-    a security policy will be applied to all requests to it. But it has now
+    an origin policy will be applied to all requests to it. But it has now
    failed to deliver a policy, which prevents the browser from fulfilling
-    your request for <ph name="SITE">$1</ph>.
+    your request for <ph name="SITE">$1</ph>. Origin policies can be used by
+    site operators to configure security and other properties for a site.
  </message>
  <message name="IDS_ORIGIN_POLICY_EXPLANATION_SHOULD_NOT_REDIRECT" desc="The text of the Origin Policy Error Interstitial that will be displayed when the user presses the 'Advanced' button for additional information, for the case where the policy request was met with a 'redirect' response.">
    The server you are going to, <ph name="ORIGIN">$2</ph>, has requested that
-    a security policy will be applied to all requests to it. But instead of
+    an origin policy will be applied to all requests to it. But instead of
    delivering a policy it has redirected the browser elsewhere, which prevents
-    the browser from fulfilling your request for <ph name="SITE">$1</ph>.
+    the browser from fulfilling your request for <ph name="SITE">$1</ph>. Origin
+    policies can be used by site operators to configure security and other
+    properties for a site.
  </message>
  <message name="IDS_ORIGIN_POLICY_EXPLANATION_OTHER" desc="The text of the Origin Policy Error Interstitial that will be displayed when the user presses the 'Advanced' button for additional information, for cases other than redirect or load error.">
    The server you are going to, <ph name="ORIGIN">$2</ph>, has requested that
-    a security policy will be applied to all requests to it. But it has now
+    an origin policy will be applied to all requests to it. But it has now
-    delivered an invalid policy, which prevents the browser from
+    delivered an invalid policy, which means the browser cannot fullfil your
-    fulfilling your request for <ph name="SITE">$1</ph>.
+    request for <ph name="SITE">$1</ph>. Origin policies can be used by
+    site operators to configure security and other properties for a site.
  </message>
  <message name="IDS_ORIGIN_POLICY_FINAL_PARAGRAPH"
    desc="The text of the Origin Policy Error Interstitial that a user can click to proceed to the site, despite the error.">
-    <ph name="BEGIN_LINK">&lt;a href="#" id="proceed-link"&gt;</ph>Proceed to <ph name="SITE">$1<ex>example.com</ex></ph> (unsafe)<ph name="END_LINK">&lt;/a&gt;</ph>
+    <ph name="BEGIN_LINK">&lt;a href="#" id="proceed-link"&gt;</ph>Proceed to <ph name="SITE">$1<ex>example.com</ex></ph><ph name="END_LINK">&lt;/a&gt;</ph>
  </message>
  <message name="IDS_ORIGIN_POLICY_CLOSE" desc="The text of the Origin Policy Error Interstitial that will hide the 'advanced' section again.">
    Hide advanced