[WebLayer] Bring up basic support for SSL error interstitials

* Basic support: a generic SSL interstitial is used for all SSL
  error types

* Interaction: the user can interact with the page (proceed or
  back out). As with WebView, decisions are not saved across
  sessions.

* Minimal impact: much code that we would like to refactor and
  share is instead copied for now to minimize changes outside
  of //weblayer.

This builds on the work of blundell@chromium.org at
https://chromium-review.googlesource.com/c/chromium/src/+/1872091

Testing is facilitated by badssl.com.

Binary-Size: Increase is due to translations and so cannot be avoided.
Change-Id: I68edba70ee8e0ca1078be13d9ab8bc0d96c0321c
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1885227
Reviewed-by: John Abd-El-Malek <jam@chromium.org>
Reviewed-by: Mustafa Emre Acer <meacer@chromium.org>
Commit-Queue: Evan Stade <estade@chromium.org>
Cr-Commit-Position: refs/heads/master@{#711516}

android_webview/BUILD.gn

@@ -314,17 +314,33 @@ grit("generate_components_resources") {
   ]
 }
 
+action("concatenate_strings_whitelists") {
+  script = "//mojo/public/tools/bindings/concatenate-files.py"
+  inputs = [
+    "//android_webview/ui/grit_strings_whitelist.txt",
+    "//weblayer/grit_strings_whitelist.txt",
+  ]
+  outputs = [
+    "$target_gen_dir/grit_strings_whitelist.txt",
+  ]
+
+  args =
+      rebase_path(inputs, root_build_dir) + rebase_path(outputs, root_build_dir)
+}
+
 grit("generate_components_strings") {
   source = "../components/components_strings.grd"
 
+  deps = [
+    ":concatenate_strings_whitelists",
+  ]
+
   # components_strings contains strings from all components. WebView
   # will never display most of them, so we try to limit the included
   # strings. This whitelist trims about 50% more than the compile-based
   # whitelist generated by :system_webview_pak_whitelist.
-  whitelist = rebase_path("ui/grit_strings_whitelist.txt", root_build_dir)
-  inputs = [
-    "//android_webview/ui/grit_strings_whitelist.txt",
-  ]
+  whitelist =
+      rebase_path("$target_gen_dir/grit_strings_whitelist.txt", root_build_dir)
   grit_flags = [
     "-w",
     whitelist,

android_webview/ui/grit_strings_whitelist.txt

@@ -61,4 +61,3 @@ IDS_AUTOFILL_FIELD_LABEL_PREFECTURE
 IDS_AUTOFILL_FIELD_LABEL_PROVINCE
 IDS_AUTOFILL_FIELD_LABEL_ZIP_CODE
 IDS_AUTOFILL_FIELD_LABEL_POSTAL_CODE
-

weblayer/BUILD.gn

@@ -53,6 +53,12 @@ jumbo_static_library("weblayer_lib") {
     "browser/navigation_impl.h",
     "browser/profile_impl.cc",
     "browser/profile_impl.h",
+    "browser/ssl_blocking_page.cc",
+    "browser/ssl_blocking_page.h",
+    "browser/ssl_error_handler.cc",
+    "browser/ssl_error_handler.h",
+    "browser/ssl_host_state_delegate_impl.cc",
+    "browser/ssl_host_state_delegate_impl.h",
     "browser/weblayer_content_browser_overlay_manifest.cc",
     "browser/weblayer_content_browser_overlay_manifest.h",
     "browser/webui/web_ui_controller_factory.cc",
@@ -74,6 +80,10 @@ jumbo_static_library("weblayer_lib") {
     "public/navigation_controller.h",
     "public/navigation_observer.h",
     "public/profile.h",
+    "renderer/content_renderer_client_impl.cc",
+    "renderer/content_renderer_client_impl.h",
+    "renderer/ssl_error_helper.cc",
+    "renderer/ssl_error_helper.h",
     "utility/content_utility_client_impl.cc",
     "utility/content_utility_client_impl.h",
   ]
@@ -107,13 +117,18 @@ jumbo_static_library("weblayer_lib") {
     "//cc",
     "//components/crash/content/app",
     "//components/crash/content/browser",
+    "//components/resources",
+    "//components/security_interstitials/content:security_interstitial_page",
+    "//components/security_interstitials/content/renderer:security_interstitial_page_controller",
+    "//components/security_interstitials/core",
     "//content:resources",
     "//content/app/resources",
     "//content/public/app:both",
     "//content/public/browser",
     "//content/public/child",
     "//content/public/common",
     "//content/public/common:service_names",
+    "//content/public/renderer",
     "//content/public/utility",
     "//net",
     "//net:net_resources",

weblayer/app/content_main_delegate_impl.cc

@@ -23,6 +23,7 @@
 #include "weblayer/browser/content_browser_client_impl.h"
 #include "weblayer/common/content_client_impl.h"
 #include "weblayer/common/weblayer_paths.h"
+#include "weblayer/renderer/content_renderer_client_impl.h"
 #include "weblayer/utility/content_utility_client_impl.h"
 
 #if defined(OS_ANDROID)
@@ -246,6 +247,12 @@ ContentMainDelegateImpl::CreateContentBrowserClient() {
   return browser_client_.get();
 }
 
+content::ContentRendererClient*
+ContentMainDelegateImpl::CreateContentRendererClient() {
+  renderer_client_ = std::make_unique<ContentRendererClientImpl>();
+  return renderer_client_.get();
+}
+
 content::ContentUtilityClient*
 ContentMainDelegateImpl::CreateContentUtilityClient() {
   utility_client_ = std::make_unique<ContentUtilityClientImpl>();

weblayer/app/content_main_delegate_impl.h

@@ -16,6 +16,7 @@
 namespace weblayer {
 class ContentClientImpl;
 class ContentBrowserClientImpl;
+class ContentRendererClientImpl;
 class ContentUtilityClientImpl;
 
 class ContentMainDelegateImpl : public content::ContentMainDelegate {
@@ -30,13 +31,15 @@ class ContentMainDelegateImpl : public content::ContentMainDelegate {
       const std::string& process_type,
       const content::MainFunctionParams& main_function_params) override;
   content::ContentBrowserClient* CreateContentBrowserClient() override;
+  content::ContentRendererClient* CreateContentRendererClient() override;
   content::ContentUtilityClient* CreateContentUtilityClient() override;
 
  private:
   void InitializeResourceBundle();
 
   MainParams params_;
   std::unique_ptr<ContentBrowserClientImpl> browser_client_;
+  std::unique_ptr<ContentRendererClientImpl> renderer_client_;
   std::unique_ptr<ContentUtilityClientImpl> utility_client_;
   std::unique_ptr<ContentClientImpl> content_client_;
 

weblayer/browser/DEPS

@@ -3,6 +3,7 @@ include_rules = [
   "+components/crash/content/browser",
   "+components/embedder_support",
   "+components/safe_browsing",
+  "+components/security_interstitials",
   "+content/public",
   "+mojo/public",
   "+net",

weblayer/browser/browser_controller_impl.cc

@@ -8,6 +8,7 @@
 #include "base/logging.h"
 #include "content/public/browser/file_select_listener.h"
 #include "content/public/browser/interstitial_page.h"
+#include "content/public/browser/navigation_controller.h"
 #include "content/public/browser/render_view_host.h"
 #include "content/public/browser/web_contents.h"
 #include "content/public/common/browser_controls_state.h"
@@ -191,6 +192,19 @@ void BrowserControllerImpl::ExecuteScript(
 
 #endif
 
+content::WebContents* BrowserControllerImpl::OpenURLFromTab(
+    content::WebContents* source,
+    const content::OpenURLParams& params) {
+  if (params.disposition != WindowOpenDisposition::CURRENT_TAB) {
+    NOTIMPLEMENTED();
+    return nullptr;
+  }
+
+  source->GetController().LoadURLWithParams(
+      content::NavigationController::LoadURLParams(params));
+  return source;
+}
+
 void BrowserControllerImpl::DidNavigateMainFramePostCommit(
     content::WebContents* web_contents) {
   for (auto& observer : observers_)

weblayer/browser/browser_controller_impl.h

@@ -81,6 +81,9 @@ class BrowserControllerImpl : public BrowserController,
 #endif
 
   // content::WebContentsDelegate:
+  content::WebContents* OpenURLFromTab(
+      content::WebContents* source,
+      const content::OpenURLParams& params) override;
   void DidNavigateMainFramePostCommit(
       content::WebContents* web_contents) override;
   content::ColorChooser* OpenColorChooser(

weblayer/browser/content_browser_client_impl.cc

@@ -12,8 +12,11 @@
 #include "base/path_service.h"
 #include "base/stl_util.h"
 #include "build/build_config.h"
+#include "components/security_interstitials/content/ssl_cert_reporter.h"
+#include "components/security_interstitials/content/ssl_error_navigation_throttle.h"
 #include "content/public/browser/browser_context.h"
 #include "content/public/browser/devtools_manager_delegate.h"
+#include "content/public/browser/navigation_throttle.h"
 #include "content/public/browser/network_service_instance.h"
 #include "content/public/common/service_names.mojom.h"
 #include "content/public/common/user_agent.h"
@@ -27,6 +30,7 @@
 #include "url/origin.h"
 #include "weblayer/browser/browser_controller_impl.h"
 #include "weblayer/browser/browser_main_parts_impl.h"
+#include "weblayer/browser/ssl_error_handler.h"
 #include "weblayer/browser/weblayer_content_browser_overlay_manifest.h"
 #include "weblayer/common/features.h"
 #include "weblayer/public/fullscreen_delegate.h"
@@ -60,6 +64,16 @@ bool IsSafebrowsingSupported() {
   return false;
 }
 
+bool IsInHostedApp(content::WebContents* web_contents) {
+  return false;
+}
+
+class SSLCertReporterImpl : public SSLCertReporter {
+ public:
+  void ReportInvalidCertificateChain(
+      const std::string& serialized_report) override {}
+};
+
 }  // namespace
 
 namespace weblayer {
@@ -189,6 +203,16 @@ ContentBrowserClientImpl::CreateURLLoaderThrottles(
   return result;
 }
 
+std::vector<std::unique_ptr<content::NavigationThrottle>>
+ContentBrowserClientImpl::CreateThrottlesForNavigation(
+    content::NavigationHandle* handle) {
+  std::vector<std::unique_ptr<content::NavigationThrottle>> throttles;
+  throttles.push_back(std::make_unique<SSLErrorNavigationThrottle>(
+      handle, std::make_unique<SSLCertReporterImpl>(),
+      base::Bind(&HandleSSLError), base::Bind(&IsInHostedApp)));
+  return throttles;
+}
+
 #if defined(OS_LINUX) || defined(OS_ANDROID)
 void ContentBrowserClientImpl::GetAdditionalMappedFilesForChildProcess(
     const base::CommandLine& command_line,

weblayer/browser/content_browser_client_impl.h

@@ -51,6 +51,8 @@ class ContentBrowserClientImpl : public content::ContentBrowserClient {
       const base::RepeatingCallback<content::WebContents*()>& wc_getter,
       content::NavigationUIData* navigation_ui_data,
       int frame_tree_node_id) override;
+  std::vector<std::unique_ptr<content::NavigationThrottle>>
+  CreateThrottlesForNavigation(content::NavigationHandle* handle) override;
 
 #if defined(OS_LINUX) || defined(OS_ANDROID)
   void GetAdditionalMappedFilesForChildProcess(

weblayer/browser/profile_impl.cc

@@ -4,14 +4,15 @@
 
 #include "weblayer/browser/profile_impl.h"
 
-#include "base/callback.h"
 #include "base/bind.h"
+#include "base/callback.h"
 #include "build/build_config.h"
 #include "content/public/browser/browser_context.h"
 #include "content/public/browser/browsing_data_remover.h"
 #include "content/public/browser/download_manager_delegate.h"
 #include "content/public/browser/resource_context.h"
 #include "weblayer/browser/browser_controller_impl.h"
+#include "weblayer/browser/ssl_host_state_delegate_impl.h"
 #include "weblayer/public/download_delegate.h"
 
 #if defined(OS_ANDROID)
@@ -120,7 +121,7 @@ class ProfileImpl::BrowserContextImpl : public content::BrowserContext {
   }
 
   content::SSLHostStateDelegate* GetSSLHostStateDelegate() override {
-    return nullptr;
+    return &ssl_host_state_delegate_;
   }
 
   content::PermissionControllerDelegate* GetPermissionControllerDelegate()
@@ -154,6 +155,7 @@ class ProfileImpl::BrowserContextImpl : public content::BrowserContext {
   base::FilePath path_;
   std::unique_ptr<ResourceContextImpl> resource_context_;
   DownloadManagerDelegateImpl download_delegate_;
+  SSLHostStateDelegateImpl ssl_host_state_delegate_;
 
   DISALLOW_COPY_AND_ASSIGN(BrowserContextImpl);
 };