1 // Copyright 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/ui/toolbar/toolbar_model_impl.h"
7 #include "base/command_line.h"
8 #include "base/metrics/field_trial.h"
9 #include "base/prefs/pref_service.h"
10 #include "base/strings/utf_string_conversions.h"
11 #include "base/time/time.h"
12 #include "chrome/browser/autocomplete/autocomplete_classifier.h"
13 #include "chrome/browser/autocomplete/autocomplete_classifier_factory.h"
14 #include "chrome/browser/autocomplete/chrome_autocomplete_scheme_classifier.h"
15 #include "chrome/browser/profiles/profile.h"
16 #include "chrome/browser/search/search.h"
17 #include "chrome/browser/ssl/ssl_error_info.h"
18 #include "chrome/browser/ui/toolbar/toolbar_model_delegate.h"
19 #include "chrome/common/chrome_constants.h"
20 #include "chrome/common/chrome_switches.h"
21 #include "chrome/common/pref_names.h"
22 #include "chrome/common/url_constants.h"
23 #include "chrome/grit/generated_resources.h"
24 #include "components/google/core/browser/google_util.h"
25 #include "components/omnibox/autocomplete_input.h"
26 #include "components/omnibox/autocomplete_match.h"
27 #include "content/public/browser/cert_store.h"
28 #include "content/public/browser/navigation_controller.h"
29 #include "content/public/browser/navigation_entry.h"
30 #include "content/public/browser/web_contents.h"
31 #include "content/public/browser/web_ui.h"
32 #include "content/public/common/content_constants.h"
33 #include "content/public/common/ssl_status.h"
34 #include "grit/components_scaled_resources.h"
35 #include "grit/theme_resources.h"
36 #include "net/base/net_util.h"
37 #include "net/cert/cert_status_flags.h"
38 #include "net/cert/x509_certificate.h"
39 #include "ui/base/l10n/l10n_util.h"
41 #if defined(OS_CHROMEOS)
42 #include "chrome/browser/chromeos/policy/policy_cert_service.h"
43 #include "chrome/browser/chromeos/policy/policy_cert_service_factory.h"
46 using content::NavigationController;
47 using content::NavigationEntry;
48 using content::SSLStatus;
49 using content::WebContents;
53 // Converts a SHA-1 field trial group into the appropriate SecurityLevel.
54 bool GetSecurityLevelForFieldTrialGroup(const std::string& group,
55 ToolbarModel::SecurityLevel* level) {
57 *level = ToolbarModel::SECURITY_ERROR;
58 else if (group == "Warning")
59 *level = ToolbarModel::SECURITY_WARNING;
60 else if (group == "HTTP")
61 *level = ToolbarModel::NONE;
69 ToolbarModelImpl::ToolbarModelImpl(ToolbarModelDelegate* delegate)
70 : delegate_(delegate) {
73 ToolbarModelImpl::~ToolbarModelImpl() {
77 ToolbarModel::SecurityLevel ToolbarModelImpl::GetSecurityLevelForWebContents(
78 content::WebContents* web_contents) {
82 NavigationEntry* entry = web_contents->GetController().GetVisibleEntry();
86 const SSLStatus& ssl = entry->GetSSL();
87 switch (ssl.security_style) {
88 case content::SECURITY_STYLE_UNKNOWN:
89 case content::SECURITY_STYLE_UNAUTHENTICATED:
92 case content::SECURITY_STYLE_AUTHENTICATION_BROKEN:
93 return SECURITY_ERROR;
95 case content::SECURITY_STYLE_AUTHENTICATED: {
96 #if defined(OS_CHROMEOS)
97 policy::PolicyCertService* service =
98 policy::PolicyCertServiceFactory::GetForProfile(
99 Profile::FromBrowserContext(web_contents->GetBrowserContext()));
100 if (service && service->UsedPolicyCertificates())
101 return SECURITY_POLICY_WARNING;
103 if (!!(ssl.content_status & SSLStatus::DISPLAYED_INSECURE_CONTENT))
104 return SECURITY_WARNING;
105 scoped_refptr<net::X509Certificate> cert;
106 if (content::CertStore::GetInstance()->RetrieveCert(ssl.cert_id, &cert) &&
107 (ssl.cert_status & net::CERT_STATUS_SHA1_SIGNATURE_PRESENT)) {
108 // The internal representation of the dates for UI treatment of SHA-1.
109 // See http://crbug.com/401365 for details
110 static const int64_t kJanuary2017 = INT64_C(13127702400000000);
111 static const int64_t kJune2016 = INT64_C(13109213000000000);
112 static const int64_t kJanuary2016 = INT64_C(13096080000000000);
114 ToolbarModel::SecurityLevel security_level = NONE;
115 // Gated behind a field trial, so that it is possible to adjust the
116 // UI treatment (to be more or less severe, as necessary) over the
117 // course of multiple releases.
118 // See http://crbug.com/401365 for the timeline, with the end state
119 // being that > kJanuary2017 = Error, and > kJanuary2016 =
120 // Warning, and kJune2016 disappearing entirely.
121 if (cert->valid_expiry() >=
122 base::Time::FromInternalValue(kJanuary2017) &&
123 GetSecurityLevelForFieldTrialGroup(
124 base::FieldTrialList::FindFullName("SHA1ToolbarUIJanuary2017"),
126 return security_level;
128 if (cert->valid_expiry() >= base::Time::FromInternalValue(kJune2016) &&
129 GetSecurityLevelForFieldTrialGroup(
130 base::FieldTrialList::FindFullName("SHA1ToolbarUIJune2016"),
132 return security_level;
134 if (cert->valid_expiry() >=
135 base::Time::FromInternalValue(kJanuary2016) &&
136 GetSecurityLevelForFieldTrialGroup(
137 base::FieldTrialList::FindFullName("SHA1ToolbarUIJanuary2016"),
139 return security_level;
142 if (net::IsCertStatusError(ssl.cert_status)) {
143 DCHECK(net::IsCertStatusMinorError(ssl.cert_status));
144 return SECURITY_WARNING;
146 if ((ssl.cert_status & net::CERT_STATUS_IS_EV) && cert.get())
156 // ToolbarModelImpl Implementation.
157 base::string16 ToolbarModelImpl::GetText() const {
158 base::string16 search_terms(GetSearchTerms(false));
159 if (!search_terms.empty())
162 if (WouldOmitURLDueToOriginChip())
163 return base::string16();
165 return GetFormattedURL(NULL);
168 base::string16 ToolbarModelImpl::GetFormattedURL(size_t* prefix_end) const {
169 std::string languages; // Empty if we don't have a |navigation_controller|.
170 Profile* profile = GetProfile();
172 languages = profile->GetPrefs()->GetString(prefs::kAcceptLanguages);
175 if (url.spec().length() > content::kMaxURLDisplayChars)
176 url = url.IsStandard() ? url.GetOrigin() : GURL(url.scheme() + ":");
177 // Note that we can't unescape spaces here, because if the user copies this
178 // and pastes it into another program, that program may think the URL ends at
180 return AutocompleteInput::FormattedStringWithEquivalentMeaning(
181 url, net::FormatUrl(url, languages, net::kFormatUrlOmitAll,
182 net::UnescapeRule::NORMAL, NULL, prefix_end, NULL),
183 ChromeAutocompleteSchemeClassifier(profile));
186 base::string16 ToolbarModelImpl::GetCorpusNameForMobile() const {
187 if (!WouldPerformSearchTermReplacement(false))
188 return base::string16();
190 // If there is a query in the url fragment look for the corpus name there,
191 // otherwise look for the corpus name in the query parameters.
192 const std::string& query_str(google_util::HasGoogleSearchQueryParam(
193 url.ref()) ? url.ref() : url.query());
194 url::Component query(0, query_str.length()), key, value;
195 const char kChipKey[] = "sboxchip";
196 while (url::ExtractQueryKeyValue(query_str.c_str(), &query, &key, &value)) {
197 if (key.is_nonempty() && query_str.substr(key.begin, key.len) == kChipKey) {
198 return net::UnescapeAndDecodeUTF8URLComponent(
199 query_str.substr(value.begin, value.len),
200 net::UnescapeRule::NORMAL);
203 return base::string16();
206 GURL ToolbarModelImpl::GetURL() const {
207 const NavigationController* navigation_controller = GetNavigationController();
208 if (navigation_controller) {
209 const NavigationEntry* entry = navigation_controller->GetVisibleEntry();
211 return ShouldDisplayURL() ? entry->GetVirtualURL() : GURL();
214 return GURL(url::kAboutBlankURL);
217 bool ToolbarModelImpl::WouldPerformSearchTermReplacement(
218 bool ignore_editing) const {
219 return !GetSearchTerms(ignore_editing).empty();
222 ToolbarModel::SecurityLevel ToolbarModelImpl::GetSecurityLevel(
223 bool ignore_editing) const {
224 // When editing, assume no security style.
225 return (input_in_progress() && !ignore_editing) ?
226 NONE : GetSecurityLevelForWebContents(delegate_->GetActiveWebContents());
229 int ToolbarModelImpl::GetIcon() const {
230 if (WouldPerformSearchTermReplacement(false)) {
231 // The secured version of the search icon is necessary if neither the search
232 // button nor origin chip are present to indicate the security state.
233 return (chrome::GetDisplaySearchButtonConditions() ==
234 chrome::DISPLAY_SEARCH_BUTTON_NEVER) &&
235 !chrome::ShouldDisplayOriginChip() ?
236 IDR_OMNIBOX_SEARCH_SECURED : IDR_OMNIBOX_SEARCH;
239 return GetIconForSecurityLevel(GetSecurityLevel(false));
242 int ToolbarModelImpl::GetIconForSecurityLevel(SecurityLevel level) const {
243 static int icon_ids[NUM_SECURITY_LEVELS] = {
244 IDR_LOCATION_BAR_HTTP,
245 IDR_OMNIBOX_HTTPS_VALID,
246 IDR_OMNIBOX_HTTPS_VALID,
247 IDR_OMNIBOX_HTTPS_WARNING,
248 IDR_OMNIBOX_HTTPS_POLICY_WARNING,
249 IDR_OMNIBOX_HTTPS_INVALID,
251 DCHECK(arraysize(icon_ids) == NUM_SECURITY_LEVELS);
252 return icon_ids[level];
255 base::string16 ToolbarModelImpl::GetEVCertName() const {
256 if (GetSecurityLevel(false) != EV_SECURE)
257 return base::string16();
259 // Note: Navigation controller and active entry are guaranteed non-NULL or
260 // the security level would be NONE.
261 scoped_refptr<net::X509Certificate> cert;
262 content::CertStore::GetInstance()->RetrieveCert(
263 GetNavigationController()->GetVisibleEntry()->GetSSL().cert_id, &cert);
265 // EV are required to have an organization name and country.
266 DCHECK(!cert->subject().organization_names.empty());
267 DCHECK(!cert->subject().country_name.empty());
268 return l10n_util::GetStringFUTF16(
269 IDS_SECURE_CONNECTION_EV,
270 base::UTF8ToUTF16(cert->subject().organization_names[0]),
271 base::UTF8ToUTF16(cert->subject().country_name));
274 bool ToolbarModelImpl::ShouldDisplayURL() const {
275 // Note: The order here is important.
276 // - The WebUI test must come before the extension scheme test because there
277 // can be WebUIs that have extension schemes (e.g. the bookmark manager). In
278 // that case, we should prefer what the WebUI instance says.
279 // - The view-source test must come before the NTP test because of the case
280 // of view-source:chrome://newtab, which should display its URL despite what
281 // chrome://newtab says.
282 NavigationController* controller = GetNavigationController();
283 NavigationEntry* entry = controller ? controller->GetVisibleEntry() : NULL;
285 if (entry->IsViewSourceMode() ||
286 entry->GetPageType() == content::PAGE_TYPE_INTERSTITIAL) {
290 GURL url = entry->GetURL();
291 GURL virtual_url = entry->GetVirtualURL();
292 if (url.SchemeIs(content::kChromeUIScheme) ||
293 virtual_url.SchemeIs(content::kChromeUIScheme)) {
294 if (!url.SchemeIs(content::kChromeUIScheme))
296 return url.host() != chrome::kChromeUINewTabHost;
300 return !chrome::IsInstantNTP(delegate_->GetActiveWebContents());
303 bool ToolbarModelImpl::WouldOmitURLDueToOriginChip() const {
304 const char kInterstitialShownKey[] = "interstitial_shown";
306 // When users type URLs and hit enter, continue to show those URLs until
307 // the navigation commits or an interstitial is shown, because having the
308 // omnibox clear immediately feels like the input was ignored.
309 NavigationController* navigation_controller = GetNavigationController();
310 if (navigation_controller) {
311 NavigationEntry* pending_entry = navigation_controller->GetPendingEntry();
313 const NavigationEntry* visible_entry =
314 navigation_controller->GetVisibleEntry();
315 base::string16 unused;
316 // Keep track that we've shown the origin chip on an interstitial so it
317 // can be shown even after the interstitial was dismissed, to avoid
318 // showing the chip, removing it and then showing it again.
320 visible_entry->GetPageType() == content::PAGE_TYPE_INTERSTITIAL &&
321 !pending_entry->GetExtraData(kInterstitialShownKey, &unused))
322 pending_entry->SetExtraData(kInterstitialShownKey, base::string16());
323 const ui::PageTransition transition_type =
324 pending_entry->GetTransitionType();
325 if ((transition_type & ui::PAGE_TRANSITION_TYPED) != 0 &&
326 !pending_entry->GetExtraData(kInterstitialShownKey, &unused))
331 if (!delegate_->InTabbedBrowser() || !ShouldDisplayURL() ||
332 !url_replacement_enabled())
335 if (chrome::ShouldDisplayOriginChip())
338 const chrome::OriginChipCondition chip_condition =
339 chrome::GetOriginChipCondition();
340 return (chip_condition == chrome::ORIGIN_CHIP_ALWAYS) ||
341 ((chip_condition == chrome::ORIGIN_CHIP_ON_SRP) &&
342 WouldPerformSearchTermReplacement(false));
345 NavigationController* ToolbarModelImpl::GetNavigationController() const {
346 // This |current_tab| can be NULL during the initialization of the
347 // toolbar during window creation (i.e. before any tabs have been added
349 WebContents* current_tab = delegate_->GetActiveWebContents();
350 return current_tab ? ¤t_tab->GetController() : NULL;
353 Profile* ToolbarModelImpl::GetProfile() const {
354 NavigationController* navigation_controller = GetNavigationController();
355 return navigation_controller ?
356 Profile::FromBrowserContext(navigation_controller->GetBrowserContext()) :
360 base::string16 ToolbarModelImpl::GetSearchTerms(bool ignore_editing) const {
361 if (!url_replacement_enabled() || (input_in_progress() && !ignore_editing))
362 return base::string16();
364 const WebContents* web_contents = delegate_->GetActiveWebContents();
365 base::string16 search_terms(chrome::GetSearchTerms(web_contents));
366 if (search_terms.empty()) {
367 // We mainly do this to enforce the subsequent DCHECK.
368 return base::string16();
371 // If the page is still loading and the security style is unknown, consider
372 // the page secure. Without this, after the user hit enter on some search
373 // terms, the omnibox would change to displaying the loading URL before
374 // changing back to the search terms once they could be extracted, thus
375 // causing annoying flicker.
376 DCHECK(web_contents);
377 const NavigationController& nav_controller = web_contents->GetController();
378 const NavigationEntry* entry = nav_controller.GetVisibleEntry();
379 if ((entry != nav_controller.GetLastCommittedEntry()) &&
380 (entry->GetSSL().security_style == content::SECURITY_STYLE_UNKNOWN))
383 // If the URL is using a Google base URL specified via the command line, we
384 // bypass the security check below.
386 google_util::StartsWithCommandLineGoogleBaseURL(entry->GetVirtualURL()))
389 // Otherwise, extract search terms for HTTPS pages that do not have a security
391 ToolbarModel::SecurityLevel security_level = GetSecurityLevel(ignore_editing);
392 return ((security_level == NONE) || (security_level == SECURITY_ERROR)) ?
393 base::string16() : search_terms;