Disable 'Save as HTML-only' on supervised accounts
When trying to access a blocked webpage, the child user can press
Ctrl+S and save the error page (the one with the "Ask your Parent"
message).
If the child chooses to save the page as HTML-only (.html), the
downloaded source code is the one from the blocked page. The child
can then open the page locally and see the blocked content.
As a workaround, we are temporarily disabling the HTML-only download
of the blocked page for supervised users. They can still save the
page as MHTML, which works as expected.
AFTER THIS CL
Normal user (unaffected):
https://screenshot.googleplex.com/kipKMUOKA6r
Supervised user (normal page):
https://screenshot.googleplex.com/r3hQ6E1edx3
Supervised user (blocked page):
https://screenshot.googleplex.com/Jqba7rhiOf2
Bug: 928323
Change-Id: I7a82cfb9194a14070910716848228ddb1faeedff
Reviewed-on: https://chromium-review.googlesource.com/c/1460876
Commit-Queue: Felipe Cerqueira <[email protected]>
Reviewed-by: Carlos IL <[email protected]>
Reviewed-by: Michael Giuffrida <[email protected]>
Reviewed-by: Min Qin <[email protected]>
Cr-Commit-Position: refs/heads/master@{#633691}diff --git a/chrome/browser/download/save_package_file_picker.cc b/chrome/browser/download/save_package_file_picker.cc
index 56036db..9033233 100644
--- a/chrome/browser/download/save_package_file_picker.cc
+++ b/chrome/browser/download/save_package_file_picker.cc
@@ -19,11 +19,13 @@
#include "chrome/browser/platform_util.h"
#include "chrome/browser/profiles/profile.h"
#include "chrome/browser/ui/chrome_select_file_policy.h"
+#include "chrome/common/chrome_features.h"
#include "chrome/common/chrome_switches.h"
#include "chrome/grit/generated_resources.h"
#include "components/prefs/pref_member.h"
#include "components/prefs/pref_service.h"
#include "content/public/browser/download_manager.h"
+#include "content/public/browser/navigation_entry.h"
#include "content/public/browser/render_frame_host.h"
#include "content/public/browser/render_process_host.h"
#include "content/public/browser/save_page_type.h"
@@ -116,8 +118,41 @@
}
#endif
+// Checks whether this is a blocked page (e.g., when a child user is accessing
+// a mature site).
+// Recall that the blocked page is an interstitial. In the past, old
+// (non-committed) interstitials couldn't be easily identified, while the
+// committed ones can only be matched by page title. To prevent future bugs due
+// to changing the page title, we make a conservative choice here and only
+// check for PAGE_TYPE_ERROR. The result is that we may include a few other
+// error pages (failed DNS lookups, SSL errors, etc), which shouldn't affect
+// functionality.
+bool IsErrorPage(content::WebContents* web_contents) {
+ if (base::FeatureList::IsEnabled(
+ features::kSupervisedUserCommittedInterstitials)) {
+ if (web_contents->GetController().GetActiveEntry() == NULL)
+ return false;
+ return web_contents->GetController()
+ .GetLastCommittedEntry()
+ ->GetPageType() == content::PAGE_TYPE_ERROR;
+ }
+ // Fallback if someone ever disables committed interstitials.
+ return web_contents->ShowingInterstitialPage();
+}
+
} // anonymous namespace
+// TODO(crbug/928323): REMOVE DIRTY HACK
+// To prevent access to blocked websites, we are temporarily disabling the
+// HTML-only download of error pages for supervised users only.
+// Note that MHTML is still available, so the save functionality is preserved.
+bool SavePackageFilePicker::ShouldSaveAsOnlyHTML(
+ content::WebContents* web_contents) const {
+ Profile* profile =
+ Profile::FromBrowserContext(web_contents->GetBrowserContext());
+ return !profile->IsSupervised() || !IsErrorPage(web_contents);
+}
+
bool SavePackageFilePicker::ShouldSaveAsMHTML() const {
#if !defined(OS_CHROMEOS)
if (!base::CommandLine::ForCurrentProcess()->HasSwitch(
@@ -163,8 +198,10 @@
}
}
- AddHtmlOnlyFileTypeInfo(&file_type_info, extra_extension);
- save_types_.push_back(content::SAVE_PAGE_TYPE_AS_ONLY_HTML);
+ if (ShouldSaveAsOnlyHTML(web_contents)) {
+ AddHtmlOnlyFileTypeInfo(&file_type_info, extra_extension);
+ save_types_.push_back(content::SAVE_PAGE_TYPE_AS_ONLY_HTML);
+ }
if (ShouldSaveAsMHTML()) {
AddSingleFileFileTypeInfo(&file_type_info);
diff --git a/chrome/browser/download/save_package_file_picker.h b/chrome/browser/download/save_package_file_picker.h
index 628089e..90e898c7 100644
--- a/chrome/browser/download/save_package_file_picker.h
+++ b/chrome/browser/download/save_package_file_picker.h
@@ -38,6 +38,7 @@
void* unused_params) override;
void FileSelectionCanceled(void* unused_params) override;
+ bool ShouldSaveAsOnlyHTML(content::WebContents* web_contents) const;
bool ShouldSaveAsMHTML() const;
// Used to look up the renderer process for this request to get the context.
