Use the same code to handle both overridable and fatal

certificate errors.  The only difference is that the SSL
interstial page for fatal certificate errors has only one
button ("Back").

Copy ssl_roadpage.html to ssl_error.html, remove the
"proceed" button, and rename the "exit" button to "back".

The local variable |html| in SSLBlockingPage::GetHTMLContents
should not be declared as static.

Remove SSLPolicy::ShowErrorPage and
RenderViewHost::LoadAlternateHTMLString.

R=abarth,jcivelli
BUG=41360
TEST=Type https://test-ssev.verisign.com:2443/test-SSEV-revoked-verisign.html
in the location bar and hit Enter. The location bar should display that URL
with a broken certificate error status, and the Back button on the SSL
interstitial page should work.
Review URL: http://codereview.chromium.org/1613016

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@45060 0039d316-1c4b-4281-b951-d872f2087c98

4 files changed, 37 insertions, 82 deletions

diff --git a/chrome/browser/ssl/ssl_blocking_page.cc b/chrome/browser/ssl/ssl_blocking_page.cc
index 904c083..aa3df31 100644
--- a/chrome/browser/ssl/ssl_blocking_page.cc
+++ b/chrome/browser/ssl/ssl_blocking_page.cc
@@ -45,11 +45,13 @@ void RecordSSLBlockingPageStats(SSLBlockingPageEvent event) {
 // Note that we always create a navigation entry with SSL errors.
 // No error happening loading a sub-resource triggers an interstitial so far.
 SSLBlockingPage::SSLBlockingPage(SSLCertErrorHandler* handler,
-                                 Delegate* delegate)
+                                 Delegate* delegate,
+                                 bool overridable)
     : InterstitialPage(handler->GetTabContents(), true, handler->request_url()),
       handler_(handler),
       delegate_(delegate),
-      delegate_has_been_notified_(false) {
+      delegate_has_been_notified_(false),
+      overridable_(overridable) {
   RecordSSLBlockingPageStats(SHOW);
 }
 
@@ -65,8 +67,6 @@ std::string SSLBlockingPage::GetHTMLContents() {
   // Let's build the html error page.
   DictionaryValue strings;
   SSLErrorInfo error_info = delegate_->GetSSLErrorInfo(handler_);
-  strings.SetString(L"title",
-                    l10n_util::GetString(IDS_SSL_BLOCKING_PAGE_TITLE));
   strings.SetString(L"headLine", error_info.title());
   strings.SetString(L"description", error_info.details());
 
@@ -74,16 +74,25 @@ std::string SSLBlockingPage::GetHTMLContents() {
                     l10n_util::GetString(IDS_CERT_ERROR_EXTRA_INFO_TITLE));
   SetExtraInfo(&strings, error_info.extra_information());
 
-  strings.SetString(L"proceed",
-                    l10n_util::GetString(IDS_SSL_BLOCKING_PAGE_PROCEED));
-  strings.SetString(L"exit",
-                    l10n_util::GetString(IDS_SSL_BLOCKING_PAGE_EXIT));
+  int resource_id;
+  if (overridable_) {
+    resource_id = IDR_SSL_ROAD_BLOCK_HTML;
+    strings.SetString(L"title",
+                      l10n_util::GetString(IDS_SSL_BLOCKING_PAGE_TITLE));
+    strings.SetString(L"proceed",
+                      l10n_util::GetString(IDS_SSL_BLOCKING_PAGE_PROCEED));
+    strings.SetString(L"exit",
+                      l10n_util::GetString(IDS_SSL_BLOCKING_PAGE_EXIT));
+  } else {
+    resource_id = IDR_SSL_ERROR_HTML;
+    strings.SetString(L"title", l10n_util::GetString(IDS_SSL_ERROR_PAGE_TITLE));
+    strings.SetString(L"back", l10n_util::GetString(IDS_SSL_ERROR_PAGE_BACK));
+  }
 
   strings.SetString(L"textdirection", base::i18n::IsRTL() ? L"rtl" : L"ltr");
 
-  static const base::StringPiece html(
-      ResourceBundle::GetSharedInstance().GetRawDataResource(
-          IDR_SSL_ROAD_BLOCK_HTML));
+  base::StringPiece html(
+      ResourceBundle::GetSharedInstance().GetRawDataResource(resource_id));
 
   return jstemplate_builder::GetI18nTemplateHtml(html, &strings);
 }
diff --git a/chrome/browser/ssl/ssl_blocking_page.h b/chrome/browser/ssl/ssl_blocking_page.h
index 8ef9b28..dd282ad 100644
--- a/chrome/browser/ssl/ssl_blocking_page.h
+++ b/chrome/browser/ssl/ssl_blocking_page.h
@@ -33,7 +33,8 @@ class SSLBlockingPage : public InterstitialPage {
     virtual void OnAllowCertificate(SSLCertErrorHandler* handler) = 0;
   };
 
-  SSLBlockingPage(SSLCertErrorHandler* handler, Delegate* delegate);
+  SSLBlockingPage(SSLCertErrorHandler* handler, Delegate* delegate,
+                  bool overridable);
   virtual ~SSLBlockingPage();
 
   // A method that sets strings in the specified dictionary from the passed
@@ -66,6 +67,9 @@ class SSLBlockingPage : public InterstitialPage {
   // A flag to indicate if we've notified |delegate_| of the user's decision.
   bool delegate_has_been_notified_;
 
+  // Can the user override the certificate error?
+  bool overridable_;
+
 
   DISALLOW_COPY_AND_ASSIGN(SSLBlockingPage);
 };
diff --git a/chrome/browser/ssl/ssl_policy.cc b/chrome/browser/ssl/ssl_policy.cc
index 5f15772..7f3ad87 100644
--- a/chrome/browser/ssl/ssl_policy.cc
+++ b/chrome/browser/ssl/ssl_policy.cc
@@ -60,7 +60,7 @@ void SSLPolicy::OnCertError(SSLCertErrorHandler* handler) {
     case net::ERR_CERT_DATE_INVALID:
     case net::ERR_CERT_AUTHORITY_INVALID:
     case net::ERR_CERT_WEAK_SIGNATURE_ALGORITHM:
-      OnOverridableCertError(handler);
+      OnCertErrorInternal(handler, true);
       break;
     case net::ERR_CERT_NO_REVOCATION_MECHANISM:
       // Ignore this error.
@@ -74,7 +74,7 @@ void SSLPolicy::OnCertError(SSLCertErrorHandler* handler) {
     case net::ERR_CERT_CONTAINS_ERRORS:
     case net::ERR_CERT_REVOKED:
     case net::ERR_CERT_INVALID:
-      OnFatalCertError(handler);
+      OnCertErrorInternal(handler, false);
       break;
     default:
       NOTREACHED();
@@ -184,7 +184,8 @@ void SSLPolicy::OnAllowCertificate(SSLCertErrorHandler* handler) {
 ////////////////////////////////////////////////////////////////////////////////
 // Certificate Error Routines
 
-void SSLPolicy::OnOverridableCertError(SSLCertErrorHandler* handler) {
+void SSLPolicy::OnCertErrorInternal(SSLCertErrorHandler* handler,
+                                    bool overridable) {
   if (handler->resource_type() != ResourceType::MAIN_FRAME) {
     // A sub-resource has a certificate error.  The user doesn't really
     // have a context for making the right decision, so block the
@@ -193,64 +194,11 @@ void SSLPolicy::OnOverridableCertError(SSLCertErrorHandler* handler) {
     handler->DenyRequest();
     return;
   }
-  // We need to ask the user to approve this certificate.
-  SSLBlockingPage* blocking_page = new SSLBlockingPage(handler, this);
+  SSLBlockingPage* blocking_page = new SSLBlockingPage(handler, this,
+                                                       overridable);
   blocking_page->Show();
 }
 
-void SSLPolicy::OnFatalCertError(SSLCertErrorHandler* handler) {
-  if (handler->resource_type() != ResourceType::MAIN_FRAME) {
-    handler->DenyRequest();
-    return;
-  }
-  handler->CancelRequest();
-  ShowErrorPage(handler);
-  // No need to degrade our security indicators because we didn't continue.
-}
-
-void SSLPolicy::ShowErrorPage(SSLCertErrorHandler* handler) {
-  SSLErrorInfo error_info = GetSSLErrorInfo(handler);
-
-  // Let's build the html error page.
-  DictionaryValue strings;
-  strings.SetString(L"title", l10n_util::GetString(IDS_SSL_ERROR_PAGE_TITLE));
-  strings.SetString(L"headLine", error_info.title());
-  strings.SetString(L"description", error_info.details());
-  strings.SetString(L"moreInfoTitle",
-                    l10n_util::GetString(IDS_CERT_ERROR_EXTRA_INFO_TITLE));
-  SSLBlockingPage::SetExtraInfo(&strings, error_info.extra_information());
-
-  strings.SetString(L"back", l10n_util::GetString(IDS_SSL_ERROR_PAGE_BACK));
-
-  strings.SetString(L"textdirection", base::i18n::IsRTL() ? L"rtl" : L"ltr");
-
-  static const base::StringPiece html(
-      ResourceBundle::GetSharedInstance().GetRawDataResource(
-          IDR_SSL_ERROR_HTML));
-
-  std::string html_text(jstemplate_builder::GetI18nTemplateHtml(html,
-                                                                &strings));
-
-  TabContents* tab  = handler->GetTabContents();
-  int cert_id = CertStore::GetSharedInstance()->StoreCert(
-      handler->ssl_info().cert,
-      tab->render_view_host()->process()->id());
-  std::string security_info =
-      SSLManager::SerializeSecurityInfo(cert_id,
-                                        handler->ssl_info().cert_status,
-                                        handler->ssl_info().security_bits);
-  tab->render_view_host()->LoadAlternateHTMLString(html_text,
-                                                   true,
-                                                   handler->request_url(),
-                                                   security_info);
-
-  // TODO(jcampan): we may want to set the navigation entry type to
-  // PageType::ERROR_PAGE.  The navigation entry is not available at this point,
-  // it is created when the renderer receives a DidNavigate (triggered by the
-  // LoadAlternateHTMLString above). We'd probably need to pass the page type
-  // along with the security_info.
-}
-
 void SSLPolicy::InitializeEntryIfNeeded(NavigationEntry* entry) {
   if (entry->ssl().security_style() != SECURITY_STYLE_UNKNOWN)
     return;
diff --git a/chrome/browser/ssl/ssl_policy.h b/chrome/browser/ssl/ssl_policy.h
index 5a4b822..bd30df5 100644
--- a/chrome/browser/ssl/ssl_policy.h
+++ b/chrome/browser/ssl/ssl_policy.h
@@ -47,18 +47,12 @@ class SSLPolicy : public SSLBlockingPage::Delegate {
   virtual void OnAllowCertificate(SSLCertErrorHandler* handler);
 
  private:
-  // Helper method for derived classes handling certificate errors that can be
-  // overridden by the user.
-  // Show a blocking page and let the user continue or cancel the request.
-  void OnOverridableCertError(SSLCertErrorHandler* handler);
-
-  // Helper method for derived classes handling fatal certificate errors.
-  // Cancel the request and show an error page.
-  void OnFatalCertError(SSLCertErrorHandler* handler);
-
-  // Show an error page for this certificate error.  This error page does not
-  // give the user the opportunity to ingore the error.
-  void ShowErrorPage(SSLCertErrorHandler* handler);
+  // Helper method for derived classes handling certificate errors.
+  // If the error can be overridden by the user, pass overriable=true, which
+  // shows a blocking page and lets the user continue or cancel the request.
+  // For fatal certificate errors, pass overridable=false, which show an error
+  // page.
+  void OnCertErrorInternal(SSLCertErrorHandler* handler, bool overridable);
 
   // If the security style of |entry| has not been initialized, then initialize
   // it with the default style for its URL.