This CL makes the safe browsing interstitial page support multiple unsafe resources in one page.

We had a bug when an interstitial was showing and another unsafe resource was detected. We would show another interstitial on top of the original one, causing the DontProceed method to be invoked several times. That would cause us to remove more than once an entry from the navigation controller and cause crashers.

With this new CL, if an interstitial shows and a new resource is flagged as bad, the SafeBrowsingBlockingPage will queue that notification. If the user decides to proceed through the interstitial, we'll create another interstitial warning about all the unsafe resources we have received so far.

This CL also contains a fix for a crasher that would happen when closing a tab with a safe browsing interstitial.

BUG=5916,6207,6306
TEST=Test all actions in the interstitial you get when opening pages with the followin scenarios:
- Main page is malware
- Main page is fishing
- Main page is OK contains resources (images,iframes...) which are malware
- Main page is OK contains resources (images,iframes...) which are phishing
- Main page is OK contains resources (images,iframes...) some of them phishing, some of then malware.
Note that when there are more than one bad resource, it is normal to see a 1st interstitial, then another one listing all the other bad resources.
(ex of malware site http://ianfette.org, phishing site http://cvisit.tripod.com)
Review URL: http://codereview.chromium.org/18346

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@8578 0039d316-1c4b-4281-b951-d872f2087c98

4 files changed, 153 insertions, 7 deletions

diff --git a/chrome/browser/resources/browser_resources.vcproj b/chrome/browser/resources/browser_resources.vcproj
index 94d94ee..0a51fd9 100644
--- a/chrome/browser/resources/browser_resources.vcproj
+++ b/chrome/browser/resources/browser_resources.vcproj
@@ -96,6 +96,10 @@
 			>
 		</File>
 		<File
+			RelativePath=".\safe_browsing_multiple_threat_block.html"
+			>
+		</File>
+		<File
 			RelativePath=".\safe_browsing_phishing_block.html"
 			>
 		</File>
diff --git a/chrome/browser/resources/safe_browsing_malware_block.html b/chrome/browser/resources/safe_browsing_malware_block.html
index f05a27e..304374f 100644
--- a/chrome/browser/resources/safe_browsing_malware_block.html
+++ b/chrome/browser/resources/safe_browsing_malware_block.html
@@ -87,12 +87,12 @@ input {
       <div class="title" jscontent="headLine"></div>
       <div class="main" jseval="this.innerHTML = $this.description1;"></div>
       <div class="main" jseval="this.innerHTML = $this.description2;"></div>
-      <div class="main"><a href="" jscontent="description3" onclick="sendCommand(2); return false;" onmousedown="return false;"></a></div>
+      <div class="main"><a href="" jscontent="description3" onclick="sendCommand('learnMore'); return false;" onmousedown="return false;"></a></div>
       <div class="main">
         <form class="submission">
           <input name="checky" type="checkbox" onclick="agreed(this.form)">&nbsp;<span jscontent="confirm_text"></span>
-          <input type="button" name="continue_button" jsvalues="value:continue_button" disabled="true" onclick="sendCommand(1)"><br>
-          <input type="button" name="back_button" jsvalues="value:back_button" onclick="sendCommand(0)">
+          <input type="button" name="continue_button" jsvalues="value:continue_button" disabled="true" onclick="sendCommand('proceed')"><br>
+          <input type="button" name="back_button" jsvalues="value:back_button" onclick="sendCommand('takeMeBack')">
         </form>
       </div>
     </div>
diff --git a/chrome/browser/resources/safe_browsing_multiple_threat_block.html b/chrome/browser/resources/safe_browsing_multiple_threat_block.html
new file mode 100644
index 0000000..0926320
--- /dev/null
+++ b/chrome/browser/resources/safe_browsing_multiple_threat_block.html
@@ -0,0 +1,142 @@
+<html id="template_root">
+
+<head>
+<title jscontent="title"></title>
+<style type="text/css">
+body {
+  background-color:#500;
+  font-family:arial;
+  margin:0px;
+}
+.background {
+  position:absolute;
+  width:100%;
+  height:100%;
+}
+.cell {
+  padding:40px;
+}
+.box {
+  width:80%;
+  background-color:white;
+  color:black;
+  font-size:10pt;
+  line-height:16pt;
+  text-align:left;
+  padding:20px;
+  position:relative;
+  -webkit-box-shadow:3px 3px 8px #200;
+  -webkit-border-radius:5px;
+}
+html[dir='rtl'] .box {
+  text-align:right;
+}
+
+.icon {
+  position:absolute;
+}
+.title {
+  margin:0px 87px 0px;
+  font-size:18pt;
+  margin-bottom:6pt;
+  font-weight:bold;
+  color:#660000;
+}
+.main {
+  margin:0px 90px 0px;
+}
+.submission {
+  margin:15px 5px 15px 0px;
+  padding:0px;
+}
+input {
+  margin:0px;
+}
+.proceedbutton {
+}
+.helpbutton {
+  float:right;
+}
+.example {
+  margin: 30px 90px 0px;
+  border-top:1px solid #ccc;
+  padding-top:6px;
+}
+.moreinfotitle {
+  margin-left:5px;
+  margin-right:5px;
+}
+
+.errorlist {
+  background-color:white;
+  color:black;
+  font-size:10pt;
+  line-height:16pt;
+  text-align:left;
+}
+</style>
+
+<script>
+function agreed(form) {
+  form.continue_button.disabled = !form.continue_button.disabled;
+}
+
+function sendCommand(command) {
+  window.domAutomationController.setAutomationId(1);
+  window.domAutomationController.send(command);
+}
+
+function showDiagnostic(errorID) {
+  sendCommand("showDiagnostic:" + errorID);
+}
+
+function reportError(errorID) {
+  sendCommand("reportError:" + errorID);
+}
+
+function learnMore() {
+  sendCommand("learnMore");
+}
+
+function proceed() {
+  sendCommand("proceed");
+}
+
+function takeMeBack() {
+  sendCommand("takeMeBack");
+}
+</script>
+</head>
+
+<body oncontextmenu="return false;">
+<div class="background"><img src="../security/resources/ssl_roadblock_background.png" width="100%" height="100%" alt="background" onmousedown="return false;"/></div>
+<table width="100%" cellspacing="0" cellpadding="0">
+  <td class="cell" valign="middle" align="center">
+    <div class="box">
+      <div class="icon"><img src="phishing_icon.png" alt="Malware Icon" onmousedown="return false;"/></div>
+      <div class="title" jscontent="headLine"></div>
+      <div class="main" jseval="this.innerHTML = $this.description1;"></div>
+      <div class="main" jscontent="description2"></div>
+      <div class="main">
+        <table cellpadding="5" jsvalues="$counter:{value: 0}">
+          <tr jsselect="errors" class="errorlist">
+            <td jscontent="typeLabel"></td>
+            <td jscontent="url"></td>
+            <td><a href="" onclick="var id= this.getAttribute('chromiumID'); this.getAttribute('chromiumIsMalware') ? showDiagnostic(id) : reportError(id); return false;" jscontent="errorLink" jsvalues="chromiumID:$counter.value;chromiumIsMalware:type=='malware'" jseval="$counter.value++"></a></td>
+          </tr>
+        </table>
+      </div>
+
+      <div class="main"><a href="" jscontent="description3" onclick="learnMore(); return false;" onmousedown="return false;"></a></div>
+      <div class="main">
+        <form class="submission">
+          <input name="checky" type="checkbox" onclick="agreed(this.form)">&nbsp;<span jscontent="confirm_text"></span>
+          <input type="button" name="continue_button" jsvalues="value:continue_button" disabled="true" onclick="proceed();"><br>
+          <input type="button" name="back_button" jsvalues="value:back_button" onclick="takeMeBack()">
+        </form>
+      </div>
+    </div>
+  </td>
+</table>
+</body>
+</html>
diff --git a/chrome/browser/resources/safe_browsing_phishing_block.html b/chrome/browser/resources/safe_browsing_phishing_block.html
index aec7acf..0269b07 100644
--- a/chrome/browser/resources/safe_browsing_phishing_block.html
+++ b/chrome/browser/resources/safe_browsing_phishing_block.html
@@ -88,14 +88,14 @@ html[dir='rtl'] .helpbutton {
       <div class="icon"><img src="phishing_icon.png" alt="Phishing Warning Icon" onmousedown="return false;"/></div>
       <div class="title" jscontent="headLine"></div>
       <div class="main" jseval="this.innerHTML = $this.description1;"></div>
-      <div class="main"><a href="" jscontent="description2" onclick="sendCommand(2); return false;" onmousedown="return false;"></a></div>
+      <div class="main"><a href="" jscontent="description2" onclick="sendCommand('learnMore'); return false;" onmousedown="return false;"></a></div>
       <div class="main">
         <form class="submission">
-          <input type="button" name="continue_button" jsvalues="value:continue_button" onclick="sendCommand(1)">
-          <input type="button" name="back_button" jsvalues="value:back_button" onclick="sendCommand(0)">
+          <input type="button" name="continue_button" jsvalues="value:continue_button" onclick="sendCommand('proceed')">
+          <input type="button" name="back_button" jsvalues="value:back_button" onclick="sendCommand('takeMeBack')">
         </form>
       </div>
-      <div class="main"><a href="" onclick="sendCommand(3); return false;" onmousedown="return false;" jscontent="report_error"></a></div>
+      <div class="main"><a href="" onclick="sendCommand('reportError'); return false;" onmousedown="return false;" jscontent="report_error"></a></div>
     </div>
   </td>
 </table>