src/chrome/browser/ui/toolbar/toolbar_model_impl.cc

   1 // Copyright 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "chrome/browser/ui/toolbar/toolbar_model_impl.h"
   6
   7 #include "base/command_line.h"
   8 #include "base/metrics/field_trial.h"
   9 #include "base/prefs/pref_service.h"
  10 #include "base/strings/utf_string_conversions.h"
  11 #include "base/time/time.h"
  12 #include "chrome/browser/autocomplete/autocomplete_classifier.h"
  13 #include "chrome/browser/autocomplete/autocomplete_classifier_factory.h"
  14 #include "chrome/browser/autocomplete/chrome_autocomplete_scheme_classifier.h"
  15 #include "chrome/browser/profiles/profile.h"
  16 #include "chrome/browser/search/search.h"
  17 #include "chrome/browser/ssl/ssl_error_info.h"
  18 #include "chrome/browser/ui/toolbar/toolbar_model_delegate.h"
  19 #include "chrome/common/chrome_constants.h"
  20 #include "chrome/common/chrome_switches.h"
  21 #include "chrome/common/pref_names.h"
  22 #include "chrome/common/url_constants.h"
  23 #include "chrome/grit/generated_resources.h"
  24 #include "components/google/core/browser/google_util.h"
  25 #include "components/omnibox/autocomplete_input.h"
  26 #include "components/omnibox/autocomplete_match.h"
  27 #include "content/public/browser/cert_store.h"
  28 #include "content/public/browser/navigation_controller.h"
  29 #include "content/public/browser/navigation_entry.h"
  30 #include "content/public/browser/web_contents.h"
  31 #include "content/public/browser/web_ui.h"
  32 #include "content/public/common/content_constants.h"
  33 #include "content/public/common/ssl_status.h"
  34 #include "grit/components_scaled_resources.h"
  35 #include "grit/theme_resources.h"
  36 #include "net/base/net_util.h"
  37 #include "net/cert/cert_status_flags.h"
  38 #include "net/cert/x509_certificate.h"
  39 #include "net/ssl/ssl_connection_status_flags.h"
  40 #include "ui/base/l10n/l10n_util.h"
  41
  42 #if defined(OS_CHROMEOS)
  43 #include "chrome/browser/chromeos/policy/policy_cert_service.h"
  44 #include "chrome/browser/chromeos/policy/policy_cert_service_factory.h"
  45 #endif
  46
  47 using content::NavigationController;
  48 using content::NavigationEntry;
  49 using content::SSLStatus;
  50 using content::WebContents;
  51
  52 namespace {
  53
  54 // Converts a SHA-1 field trial group into the appropriate SecurityLevel.
  55 bool GetSecurityLevelForFieldTrialGroup(const std::string& group,
  56                                         ToolbarModel::SecurityLevel* level) {
  57   if (group == "Error")
  58     *level = ToolbarModel::SECURITY_ERROR;
  59   else if (group == "Warning")
  60     *level = ToolbarModel::SECURITY_WARNING;
  61   else if (group == "HTTP")
  62     *level = ToolbarModel::NONE;
  63   else
  64     return false;
  65   return true;
  66 }
  67
  68 }  // namespace
  69
  70 ToolbarModelImpl::ToolbarModelImpl(ToolbarModelDelegate* delegate)
  71     : delegate_(delegate) {
  72 }
  73
  74 ToolbarModelImpl::~ToolbarModelImpl() {
  75 }
  76
  77 // static
  78 ToolbarModel::SecurityLevel ToolbarModelImpl::GetSecurityLevelForWebContents(
  79       content::WebContents* web_contents) {
  80   if (!web_contents)
  81     return NONE;
  82
  83   NavigationEntry* entry = web_contents->GetController().GetVisibleEntry();
  84   if (!entry)
  85     return NONE;
  86
  87   const SSLStatus& ssl = entry->GetSSL();
  88   switch (ssl.security_style) {
  89     case content::SECURITY_STYLE_UNKNOWN:
  90     case content::SECURITY_STYLE_UNAUTHENTICATED:
  91       return NONE;
  92
  93     case content::SECURITY_STYLE_AUTHENTICATION_BROKEN:
  94       return SECURITY_ERROR;
  95
  96     case content::SECURITY_STYLE_AUTHENTICATED: {
  97 #if defined(OS_CHROMEOS)
  98       policy::PolicyCertService* service =
  99           policy::PolicyCertServiceFactory::GetForProfile(
 100               Profile::FromBrowserContext(web_contents->GetBrowserContext()));
 101       if (service && service->UsedPolicyCertificates())
 102         return SECURITY_POLICY_WARNING;
 103 #endif
 104       if (!!(ssl.content_status & SSLStatus::DISPLAYED_INSECURE_CONTENT))
 105         return SECURITY_WARNING;
 106       scoped_refptr<net::X509Certificate> cert;
 107       if (content::CertStore::GetInstance()->RetrieveCert(ssl.cert_id, &cert) &&
 108           (ssl.cert_status & net::CERT_STATUS_SHA1_SIGNATURE_PRESENT)) {
 109         // The internal representation of the dates for UI treatment of SHA-1.
 110         // See http://crbug.com/401365 for details
 111         static const int64_t kJanuary2017 = INT64_C(13127702400000000);
 112         static const int64_t kJune2016 = INT64_C(13109213000000000);
 113         static const int64_t kJanuary2016 = INT64_C(13096080000000000);
 114
 115         ToolbarModel::SecurityLevel security_level = NONE;
 116         // Gated behind a field trial, so that it is possible to adjust the
 117         // UI treatment (to be more or less severe, as necessary) over the
 118         // course of multiple releases.
 119         // See http://crbug.com/401365 for the timeline, with the end state
 120         // being that > kJanuary2017 = Error, and > kJanuary2016 =
 121         // Warning, and kJune2016 disappearing entirely.
 122         if (cert->valid_expiry() >=
 123                 base::Time::FromInternalValue(kJanuary2017) &&
 124             GetSecurityLevelForFieldTrialGroup(
 125                 base::FieldTrialList::FindFullName("SHA1ToolbarUIJanuary2017"),
 126                 &security_level)) {
 127           return security_level;
 128         }
 129         if (cert->valid_expiry() >= base::Time::FromInternalValue(kJune2016) &&
 130             GetSecurityLevelForFieldTrialGroup(
 131                 base::FieldTrialList::FindFullName("SHA1ToolbarUIJune2016"),
 132                 &security_level)) {
 133           return security_level;
 134         }
 135         if (cert->valid_expiry() >=
 136                 base::Time::FromInternalValue(kJanuary2016) &&
 137             GetSecurityLevelForFieldTrialGroup(
 138                 base::FieldTrialList::FindFullName("SHA1ToolbarUIJanuary2016"),
 139                 &security_level)) {
 140           return security_level;
 141         }
 142       }
 143       if (net::IsCertStatusError(ssl.cert_status)) {
 144         DCHECK(net::IsCertStatusMinorError(ssl.cert_status));
 145         return SECURITY_WARNING;
 146       }
 147       if (net::SSLConnectionStatusToVersion(ssl.connection_status) ==
 148           net::SSL_CONNECTION_VERSION_SSL3) {
 149         // SSLv3 will be removed in the future.
 150         return SECURITY_WARNING;
 151       }
 152       if ((ssl.cert_status & net::CERT_STATUS_IS_EV) && cert.get())
 153         return EV_SECURE;
 154       return SECURE;
 155     }
 156     default:
 157       NOTREACHED();
 158       return NONE;
 159   }
 160 }
 161
 162 // ToolbarModelImpl Implementation.
 163 base::string16 ToolbarModelImpl::GetText() const {
 164   base::string16 search_terms(GetSearchTerms(false));
 165   if (!search_terms.empty())
 166     return search_terms;
 167
 168   if (WouldOmitURLDueToOriginChip())
 169     return base::string16();
 170
 171   return GetFormattedURL(NULL);
 172 }
 173
 174 base::string16 ToolbarModelImpl::GetFormattedURL(size_t* prefix_end) const {
 175   std::string languages;  // Empty if we don't have a |navigation_controller|.
 176   Profile* profile = GetProfile();
 177   if (profile)
 178     languages = profile->GetPrefs()->GetString(prefs::kAcceptLanguages);
 179
 180   GURL url(GetURL());
 181   if (url.spec().length() > content::kMaxURLDisplayChars)
 182     url = url.IsStandard() ? url.GetOrigin() : GURL(url.scheme() + ":");
 183   // Note that we can't unescape spaces here, because if the user copies this
 184   // and pastes it into another program, that program may think the URL ends at
 185   // the space.
 186   return AutocompleteInput::FormattedStringWithEquivalentMeaning(
 187       url, net::FormatUrl(url, languages, net::kFormatUrlOmitAll,
 188                           net::UnescapeRule::NORMAL, NULL, prefix_end, NULL),
 189       ChromeAutocompleteSchemeClassifier(profile));
 190 }
 191
 192 base::string16 ToolbarModelImpl::GetCorpusNameForMobile() const {
 193   if (!WouldPerformSearchTermReplacement(false))
 194     return base::string16();
 195   GURL url(GetURL());
 196   // If there is a query in the url fragment look for the corpus name there,
 197   // otherwise look for the corpus name in the query parameters.
 198   const std::string& query_str(google_util::HasGoogleSearchQueryParam(
 199       url.ref()) ? url.ref() : url.query());
 200   url::Component query(0, query_str.length()), key, value;
 201   const char kChipKey[] = "sboxchip";
 202   while (url::ExtractQueryKeyValue(query_str.c_str(), &query, &key, &value)) {
 203     if (key.is_nonempty() && query_str.substr(key.begin, key.len) == kChipKey) {
 204       return net::UnescapeAndDecodeUTF8URLComponent(
 205           query_str.substr(value.begin, value.len),
 206           net::UnescapeRule::NORMAL);
 207     }
 208   }
 209   return base::string16();
 210 }
 211
 212 GURL ToolbarModelImpl::GetURL() const {
 213   const NavigationController* navigation_controller = GetNavigationController();
 214   if (navigation_controller) {
 215     const NavigationEntry* entry = navigation_controller->GetVisibleEntry();
 216     if (entry)
 217       return ShouldDisplayURL() ? entry->GetVirtualURL() : GURL();
 218   }
 219
 220   return GURL(url::kAboutBlankURL);
 221 }
 222
 223 bool ToolbarModelImpl::WouldPerformSearchTermReplacement(
 224     bool ignore_editing) const {
 225   return !GetSearchTerms(ignore_editing).empty();
 226 }
 227
 228 ToolbarModel::SecurityLevel ToolbarModelImpl::GetSecurityLevel(
 229     bool ignore_editing) const {
 230   // When editing, assume no security style.
 231   return (input_in_progress() && !ignore_editing) ?
 232       NONE : GetSecurityLevelForWebContents(delegate_->GetActiveWebContents());
 233 }
 234
 235 int ToolbarModelImpl::GetIcon() const {
 236   if (WouldPerformSearchTermReplacement(false)) {
 237     // The secured version of the search icon is necessary if neither the search
 238     // button nor origin chip are present to indicate the security state.
 239     return (chrome::GetDisplaySearchButtonConditions() ==
 240         chrome::DISPLAY_SEARCH_BUTTON_NEVER) &&
 241         !chrome::ShouldDisplayOriginChip() ?
 242             IDR_OMNIBOX_SEARCH_SECURED : IDR_OMNIBOX_SEARCH;
 243   }
 244
 245   return GetIconForSecurityLevel(GetSecurityLevel(false));
 246 }
 247
 248 int ToolbarModelImpl::GetIconForSecurityLevel(SecurityLevel level) const {
 249   static int icon_ids[NUM_SECURITY_LEVELS] = {
 250     IDR_LOCATION_BAR_HTTP,
 251     IDR_OMNIBOX_HTTPS_VALID,
 252     IDR_OMNIBOX_HTTPS_VALID,
 253     IDR_OMNIBOX_HTTPS_WARNING,
 254     IDR_OMNIBOX_HTTPS_POLICY_WARNING,
 255     IDR_OMNIBOX_HTTPS_INVALID,
 256   };
 257   DCHECK(arraysize(icon_ids) == NUM_SECURITY_LEVELS);
 258   return icon_ids[level];
 259 }
 260
 261 base::string16 ToolbarModelImpl::GetEVCertName() const {
 262   if (GetSecurityLevel(false) != EV_SECURE)
 263     return base::string16();
 264
 265   // Note: Navigation controller and active entry are guaranteed non-NULL or
 266   // the security level would be NONE.
 267   scoped_refptr<net::X509Certificate> cert;
 268   content::CertStore::GetInstance()->RetrieveCert(
 269       GetNavigationController()->GetVisibleEntry()->GetSSL().cert_id, &cert);
 270
 271   // EV are required to have an organization name and country.
 272   DCHECK(!cert->subject().organization_names.empty());
 273   DCHECK(!cert->subject().country_name.empty());
 274   return l10n_util::GetStringFUTF16(
 275       IDS_SECURE_CONNECTION_EV,
 276       base::UTF8ToUTF16(cert->subject().organization_names[0]),
 277       base::UTF8ToUTF16(cert->subject().country_name));
 278 }
 279
 280 bool ToolbarModelImpl::ShouldDisplayURL() const {
 281   // Note: The order here is important.
 282   // - The WebUI test must come before the extension scheme test because there
 283   //   can be WebUIs that have extension schemes (e.g. the bookmark manager). In
 284   //   that case, we should prefer what the WebUI instance says.
 285   // - The view-source test must come before the NTP test because of the case
 286   //   of view-source:chrome://newtab, which should display its URL despite what
 287   //   chrome://newtab says.
 288   NavigationController* controller = GetNavigationController();
 289   NavigationEntry* entry = controller ? controller->GetVisibleEntry() : NULL;
 290   if (entry) {
 291     if (entry->IsViewSourceMode() ||
 292         entry->GetPageType() == content::PAGE_TYPE_INTERSTITIAL) {
 293       return true;
 294     }
 295
 296     GURL url = entry->GetURL();
 297     GURL virtual_url = entry->GetVirtualURL();
 298     if (url.SchemeIs(content::kChromeUIScheme) ||
 299         virtual_url.SchemeIs(content::kChromeUIScheme)) {
 300       if (!url.SchemeIs(content::kChromeUIScheme))
 301         url = virtual_url;
 302       return url.host() != chrome::kChromeUINewTabHost;
 303     }
 304   }
 305
 306   return !chrome::IsInstantNTP(delegate_->GetActiveWebContents());
 307 }
 308
 309 bool ToolbarModelImpl::WouldOmitURLDueToOriginChip() const {
 310   const char kInterstitialShownKey[] = "interstitial_shown";
 311
 312   // When users type URLs and hit enter, continue to show those URLs until
 313   // the navigation commits or an interstitial is shown, because having the
 314   // omnibox clear immediately feels like the input was ignored.
 315   NavigationController* navigation_controller = GetNavigationController();
 316   if (navigation_controller) {
 317     NavigationEntry* pending_entry = navigation_controller->GetPendingEntry();
 318     if (pending_entry) {
 319       const NavigationEntry* visible_entry =
 320           navigation_controller->GetVisibleEntry();
 321       base::string16 unused;
 322       // Keep track that we've shown the origin chip on an interstitial so it
 323       // can be shown even after the interstitial was dismissed, to avoid
 324       // showing the chip, removing it and then showing it again.
 325       if (visible_entry &&
 326           visible_entry->GetPageType() == content::PAGE_TYPE_INTERSTITIAL &&
 327           !pending_entry->GetExtraData(kInterstitialShownKey, &unused))
 328         pending_entry->SetExtraData(kInterstitialShownKey, base::string16());
 329       const ui::PageTransition transition_type =
 330           pending_entry->GetTransitionType();
 331       if ((transition_type & ui::PAGE_TRANSITION_TYPED) != 0 &&
 332           !pending_entry->GetExtraData(kInterstitialShownKey, &unused))
 333         return false;
 334     }
 335   }
 336
 337   if (!delegate_->InTabbedBrowser() || !ShouldDisplayURL() ||
 338       !url_replacement_enabled())
 339     return false;
 340
 341   if (chrome::ShouldDisplayOriginChip())
 342     return true;
 343
 344   const chrome::OriginChipCondition chip_condition =
 345       chrome::GetOriginChipCondition();
 346   return (chip_condition == chrome::ORIGIN_CHIP_ALWAYS) ||
 347       ((chip_condition == chrome::ORIGIN_CHIP_ON_SRP) &&
 348        WouldPerformSearchTermReplacement(false));
 349 }
 350
 351 NavigationController* ToolbarModelImpl::GetNavigationController() const {
 352   // This |current_tab| can be NULL during the initialization of the
 353   // toolbar during window creation (i.e. before any tabs have been added
 354   // to the window).
 355   WebContents* current_tab = delegate_->GetActiveWebContents();
 356   return current_tab ? &current_tab->GetController() : NULL;
 357 }
 358
 359 Profile* ToolbarModelImpl::GetProfile() const {
 360   NavigationController* navigation_controller = GetNavigationController();
 361   return navigation_controller ?
 362       Profile::FromBrowserContext(navigation_controller->GetBrowserContext()) :
 363       NULL;
 364 }
 365
 366 base::string16 ToolbarModelImpl::GetSearchTerms(bool ignore_editing) const {
 367   if (!url_replacement_enabled() || (input_in_progress() && !ignore_editing))
 368     return base::string16();
 369
 370   const WebContents* web_contents = delegate_->GetActiveWebContents();
 371   base::string16 search_terms(chrome::GetSearchTerms(web_contents));
 372   if (search_terms.empty()) {
 373     // We mainly do this to enforce the subsequent DCHECK.
 374     return base::string16();
 375   }
 376
 377   // If the page is still loading and the security style is unknown, consider
 378   // the page secure.  Without this, after the user hit enter on some search
 379   // terms, the omnibox would change to displaying the loading URL before
 380   // changing back to the search terms once they could be extracted, thus
 381   // causing annoying flicker.
 382   DCHECK(web_contents);
 383   const NavigationController& nav_controller = web_contents->GetController();
 384   const NavigationEntry* entry = nav_controller.GetVisibleEntry();
 385   if ((entry != nav_controller.GetLastCommittedEntry()) &&
 386       (entry->GetSSL().security_style == content::SECURITY_STYLE_UNKNOWN))
 387     return search_terms;
 388
 389   // If the URL is using a Google base URL specified via the command line, we
 390   // bypass the security check below.
 391   if (entry &&
 392       google_util::StartsWithCommandLineGoogleBaseURL(entry->GetVirtualURL()))
 393     return search_terms;
 394
 395   // Otherwise, extract search terms for HTTPS pages that do not have a security
 396   // error.
 397   ToolbarModel::SecurityLevel security_level = GetSecurityLevel(ignore_editing);
 398   return ((security_level == NONE) || (security_level == SECURITY_ERROR)) ?
 399       base::string16() : search_terms;
 400 }