New issue
Advanced search Search tips

Issue 687823 link

Starred by 1 user
Status: Fixed
Owner:
est...@chromium.org
Closed: Feb 2017
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Android , Windows , Chrome , Mac
Pri: 1
Type: Bug



Sign in to add a comment

Add UMA metrics for Form-Not-Secure

Project Member Reported by est...@chromium.org, Feb 2 2017 
We want to measure such things as:
- how frequently the Form-Not-Secure warning is shown
- how often the user clicks "Learn more"
- how often the form is submitted after the user sees the warning
Project Member

Comment 1 by bugdroid1@chromium.org, Feb 3 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/b56160fa32a999a2b88a7987ca84efe277defe5a

commit b56160fa32a999a2b88a7987ca84efe277defe5a
Author: estark <estark@chromium.org>
Date: Fri Feb 03 03:42:19 2017

Add counters for clicking on Form-Not-Secure warnings

This will measure how often the Form-Not-Secure warnings ("Login not secure" or
"Payment not secure" in the autofill dropdown) are clicked on to
show more information about the warning.

BUG= 687823 
CQ_INCLUDE_TRYBOTS=master.tryserver.blink:linux_trusty_blink_rel

Review-Url: https://codereview.chromium.org/2665313002
Cr-Commit-Position: refs/heads/master@{#447909}

[modify] https://crrev.com/b56160fa32a999a2b88a7987ca84efe277defe5a/components/autofill/core/browser/autofill_external_delegate.cc
[modify] https://crrev.com/b56160fa32a999a2b88a7987ca84efe277defe5a/components/autofill/core/browser/autofill_metrics.cc
[modify] https://crrev.com/b56160fa32a999a2b88a7987ca84efe277defe5a/components/autofill/core/browser/autofill_metrics.h
[modify] https://crrev.com/b56160fa32a999a2b88a7987ca84efe277defe5a/components/autofill/core/browser/autofill_metrics_unittest.cc
[modify] https://crrev.com/b56160fa32a999a2b88a7987ca84efe277defe5a/components/password_manager/core/browser/password_autofill_manager.cc
[modify] https://crrev.com/b56160fa32a999a2b88a7987ca84efe277defe5a/components/password_manager/core/browser/password_autofill_manager_unittest.cc
[modify] https://crrev.com/b56160fa32a999a2b88a7987ca84efe277defe5a/components/password_manager/core/browser/password_manager_metrics_util.cc
[modify] https://crrev.com/b56160fa32a999a2b88a7987ca84efe277defe5a/components/password_manager/core/browser/password_manager_metrics_util.h
[modify] https://crrev.com/b56160fa32a999a2b88a7987ca84efe277defe5a/tools/metrics/actions/actions.xml
Project Member

Comment 2 by bugdroid1@chromium.org, Feb 3 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/ce9ab459b6cce4f6d327b83ef49a8684a8839b9b

commit ce9ab459b6cce4f6d327b83ef49a8684a8839b9b
Author: estark <estark@chromium.org>
Date: Fri Feb 03 07:43:29 2017

Record UMA histogram when Form-Not-Secure warning is shown

This records a histogram, at most once per main-frame navigation, when "Login
not secure" is shown in a password form. This will allow us to measure the
frequency of the warning (e.g. the number of times the warning is shown per
million navigations.)

BUG= 687823 

Review-Url: https://codereview.chromium.org/2670733002
Cr-Commit-Position: refs/heads/master@{#447960}

[modify] https://crrev.com/ce9ab459b6cce4f6d327b83ef49a8684a8839b9b/components/password_manager/core/browser/password_autofill_manager.cc
[modify] https://crrev.com/ce9ab459b6cce4f6d327b83ef49a8684a8839b9b/components/password_manager/core/browser/password_autofill_manager.h
[modify] https://crrev.com/ce9ab459b6cce4f6d327b83ef49a8684a8839b9b/components/password_manager/core/browser/password_autofill_manager_unittest.cc
[modify] https://crrev.com/ce9ab459b6cce4f6d327b83ef49a8684a8839b9b/components/password_manager/core/browser/password_manager_metrics_util.cc
[modify] https://crrev.com/ce9ab459b6cce4f6d327b83ef49a8684a8839b9b/components/password_manager/core/browser/password_manager_metrics_util.h
[modify] https://crrev.com/ce9ab459b6cce4f6d327b83ef49a8684a8839b9b/tools/metrics/histograms/histograms.xml

Comment 3 by est...@chromium.org, Feb 6 2017

Labels: Merge-Request-57
Verified the commits in comments 1 and 2 on canary.
Project Member

Comment 4 by sheriffbot@chromium.org, Feb 6 2017

Labels: -Merge-Request-57 Hotlist-Merge-Approved Merge-Approved-57
Your change meets the bar and is auto-approved for M57. Please go ahead and merge the CL to branch 2987 manually. Please contact milestone owner if you have questions.
Owners: amineer@(clank), cmasso@(bling), ketakid@(cros), govind@(desktop)

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Comment 5 by gov...@chromium.org, Feb 6 2017 

Please merge your change to M57 branch 2987 before 5:00 PM PT, Monday (02/06/) so we can pick it up for next Beta release. Thank you.
Project Member

Comment 6 by bugdroid1@chromium.org, Feb 6 2017

Labels: -merge-approved-57 merge-merged-2987
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/b9f68cde8a6c8d0a34121a3f871d929d4fbf7c6f

commit b9f68cde8a6c8d0a34121a3f871d929d4fbf7c6f
Author: Emily Stark <estark@google.com>
Date: Mon Feb 06 19:12:51 2017

Add counters for clicking on Form-Not-Secure warnings

This will measure how often the Form-Not-Secure warnings ("Login not secure" or
"Payment not secure" in the autofill dropdown) are clicked on to
show more information about the warning.

BUG= 687823 
CQ_INCLUDE_TRYBOTS=master.tryserver.blink:linux_trusty_blink_rel

Review-Url: https://codereview.chromium.org/2665313002
Cr-Commit-Position: refs/heads/master@{#447909}
(cherry picked from commit b56160fa32a999a2b88a7987ca84efe277defe5a)

Review-Url: https://codereview.chromium.org/2671403003 .
Cr-Commit-Position: refs/branch-heads/2987@{#339}
Cr-Branched-From: ad51088c0e8776e8dcd963dbe752c4035ba6dab6-refs/heads/master@{#444943}

[modify] https://crrev.com/b9f68cde8a6c8d0a34121a3f871d929d4fbf7c6f/components/autofill/core/browser/autofill_external_delegate.cc
[modify] https://crrev.com/b9f68cde8a6c8d0a34121a3f871d929d4fbf7c6f/components/autofill/core/browser/autofill_metrics.cc
[modify] https://crrev.com/b9f68cde8a6c8d0a34121a3f871d929d4fbf7c6f/components/autofill/core/browser/autofill_metrics.h
[modify] https://crrev.com/b9f68cde8a6c8d0a34121a3f871d929d4fbf7c6f/components/autofill/core/browser/autofill_metrics_unittest.cc
[modify] https://crrev.com/b9f68cde8a6c8d0a34121a3f871d929d4fbf7c6f/components/password_manager/core/browser/password_autofill_manager.cc
[modify] https://crrev.com/b9f68cde8a6c8d0a34121a3f871d929d4fbf7c6f/components/password_manager/core/browser/password_autofill_manager_unittest.cc
[modify] https://crrev.com/b9f68cde8a6c8d0a34121a3f871d929d4fbf7c6f/components/password_manager/core/browser/password_manager_metrics_util.cc
[modify] https://crrev.com/b9f68cde8a6c8d0a34121a3f871d929d4fbf7c6f/components/password_manager/core/browser/password_manager_metrics_util.h
[modify] https://crrev.com/b9f68cde8a6c8d0a34121a3f871d929d4fbf7c6f/tools/metrics/actions/actions.xml
Project Member

Comment 7 by bugdroid1@chromium.org, Feb 6 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/15c16d7dd4f47fe47b20e4626fc05084cf533218

commit 15c16d7dd4f47fe47b20e4626fc05084cf533218
Author: Emily Stark <estark@google.com>
Date: Mon Feb 06 19:15:40 2017

Record UMA histogram when Form-Not-Secure warning is shown

This records a histogram, at most once per main-frame navigation, when "Login
not secure" is shown in a password form. This will allow us to measure the
frequency of the warning (e.g. the number of times the warning is shown per
million navigations.)

BUG= 687823 

Review-Url: https://codereview.chromium.org/2670733002
Cr-Commit-Position: refs/heads/master@{#447960}
(cherry picked from commit ce9ab459b6cce4f6d327b83ef49a8684a8839b9b)

Review-Url: https://codereview.chromium.org/2678113002 .
Cr-Commit-Position: refs/branch-heads/2987@{#340}
Cr-Branched-From: ad51088c0e8776e8dcd963dbe752c4035ba6dab6-refs/heads/master@{#444943}

[modify] https://crrev.com/15c16d7dd4f47fe47b20e4626fc05084cf533218/components/password_manager/core/browser/password_autofill_manager.cc
[modify] https://crrev.com/15c16d7dd4f47fe47b20e4626fc05084cf533218/components/password_manager/core/browser/password_autofill_manager.h
[modify] https://crrev.com/15c16d7dd4f47fe47b20e4626fc05084cf533218/components/password_manager/core/browser/password_autofill_manager_unittest.cc
[modify] https://crrev.com/15c16d7dd4f47fe47b20e4626fc05084cf533218/components/password_manager/core/browser/password_manager_metrics_util.cc
[modify] https://crrev.com/15c16d7dd4f47fe47b20e4626fc05084cf533218/components/password_manager/core/browser/password_manager_metrics_util.h
[modify] https://crrev.com/15c16d7dd4f47fe47b20e4626fc05084cf533218/tools/metrics/histograms/histograms.xml
Project Member

Comment 8 by bugdroid1@chromium.org, Feb 9 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/57464d6c82bea1c759874da3101135e1ae1494eb

commit 57464d6c82bea1c759874da3101135e1ae1494eb
Author: estark <estark@chromium.org>
Date: Thu Feb 09 20:50:02 2017

Record Autofill form events specially for nonsecure pages

The Form-Not-Secure experiment shows special "Payment not secure" warnings for
credit card forms on HTTP pages. This CL records credit card autofill form
events in a special histogram broken out for nonsecure pages, to measure the
impact of these "Payment not secure" warnings on form interactions.

To do so, the FormEventLogger needs to know whether the main frame URL is
secure, at a point at which it doesn't have access to a form origin URL. iOS is
the only platform on which IsContextSecure used the form_origin parameter, and
there was an existing TODO to fix that (https://crbug.com/505388). So this CL
removes the form_origin parameter from IsContextSecure, fixes the iOS TODO, and
uses the resulting IsContextSecure method to record nonsecure form metrics.

BUG= 677291 , 687823 ,505388

Review-Url: https://codereview.chromium.org/2672623005
Cr-Commit-Position: refs/heads/master@{#449402}

[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/android_webview/native/aw_autofill_client.cc
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/android_webview/native/aw_autofill_client.h
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/chrome/browser/ui/autofill/chrome_autofill_client.cc
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/chrome/browser/ui/autofill/chrome_autofill_client.h
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/components/autofill/core/browser/autofill_assistant.cc
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/components/autofill/core/browser/autofill_client.h
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/components/autofill/core/browser/autofill_manager.cc
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/components/autofill/core/browser/autofill_manager_unittest.cc
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/components/autofill/core/browser/autofill_metrics.cc
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/components/autofill/core/browser/autofill_metrics.h
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/components/autofill/core/browser/autofill_metrics_unittest.cc
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/components/autofill/core/browser/test_autofill_client.cc
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/components/autofill/core/browser/test_autofill_client.h
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/components/password_manager/core/browser/password_autofill_manager.cc
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/ios/chrome/browser/autofill/autofill_controller.mm
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/ios/chrome/browser/ui/autofill/BUILD.gn
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/ios/chrome/browser/ui/autofill/autofill_client_ios.h
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/ios/chrome/browser/ui/autofill/autofill_client_ios.mm
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/tools/metrics/histograms/histograms.xml
Project Member

Comment 9 by bugdroid1@chromium.org, Feb 9 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/57464d6c82bea1c759874da3101135e1ae1494eb

commit 57464d6c82bea1c759874da3101135e1ae1494eb
Author: estark <estark@chromium.org>
Date: Thu Feb 09 20:50:02 2017

Record Autofill form events specially for nonsecure pages

The Form-Not-Secure experiment shows special "Payment not secure" warnings for
credit card forms on HTTP pages. This CL records credit card autofill form
events in a special histogram broken out for nonsecure pages, to measure the
impact of these "Payment not secure" warnings on form interactions.

To do so, the FormEventLogger needs to know whether the main frame URL is
secure, at a point at which it doesn't have access to a form origin URL. iOS is
the only platform on which IsContextSecure used the form_origin parameter, and
there was an existing TODO to fix that (https://crbug.com/505388). So this CL
removes the form_origin parameter from IsContextSecure, fixes the iOS TODO, and
uses the resulting IsContextSecure method to record nonsecure form metrics.

BUG= 677291 , 687823 ,505388

Review-Url: https://codereview.chromium.org/2672623005
Cr-Commit-Position: refs/heads/master@{#449402}

[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/android_webview/native/aw_autofill_client.cc
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/android_webview/native/aw_autofill_client.h
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/chrome/browser/ui/autofill/chrome_autofill_client.cc
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/chrome/browser/ui/autofill/chrome_autofill_client.h
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/components/autofill/core/browser/autofill_assistant.cc
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/components/autofill/core/browser/autofill_client.h
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/components/autofill/core/browser/autofill_manager.cc
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/components/autofill/core/browser/autofill_manager_unittest.cc
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/components/autofill/core/browser/autofill_metrics.cc
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/components/autofill/core/browser/autofill_metrics.h
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/components/autofill/core/browser/autofill_metrics_unittest.cc
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/components/autofill/core/browser/test_autofill_client.cc
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/components/autofill/core/browser/test_autofill_client.h
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/components/password_manager/core/browser/password_autofill_manager.cc
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/ios/chrome/browser/autofill/autofill_controller.mm
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/ios/chrome/browser/ui/autofill/BUILD.gn
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/ios/chrome/browser/ui/autofill/autofill_client_ios.h
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/ios/chrome/browser/ui/autofill/autofill_client_ios.mm
[modify] https://crrev.com/57464d6c82bea1c759874da3101135e1ae1494eb/tools/metrics/histograms/histograms.xml

Comment 10 by est...@chromium.org, Feb 10 2017

Labels: Merge-Request-57
Status: Fixed (was: Started)
Requesting one more merge for the commit in comment 9.
Project Member

Comment 11 by sheriffbot@chromium.org, Feb 10 2017

Labels: -Merge-Request-57 Merge-Approved-57
Your change meets the bar and is auto-approved for M57. Please go ahead and merge the CL to branch 2987 manually. Please contact milestone owner if you have questions.
Owners: amineer@(clank), cmasso@(bling), ketakid@(cros), govind@(desktop)

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Comment 12 by mummare...@chromium.org, Feb 10 2017 

Please merge your change to M57 branch 2987 before 5:00 PM PT, Monady 02/13 so we can take it in for next week beta release. Thank you.
Project Member

Comment 13 by bugdroid1@chromium.org, Feb 10 2017

Labels: -merge-approved-57
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/6a75ce0ed0fc234ac83451d91d96e77e01a9e84c

commit 6a75ce0ed0fc234ac83451d91d96e77e01a9e84c
Author: Emily Stark <estark@google.com>
Date: Fri Feb 10 19:33:27 2017

Record Autofill form events specially for nonsecure pages

The Form-Not-Secure experiment shows special "Payment not secure" warnings for
credit card forms on HTTP pages. This CL records credit card autofill form
events in a special histogram broken out for nonsecure pages, to measure the
impact of these "Payment not secure" warnings on form interactions.

To do so, the FormEventLogger needs to know whether the main frame URL is
secure, at a point at which it doesn't have access to a form origin URL. iOS is
the only platform on which IsContextSecure used the form_origin parameter, and
there was an existing TODO to fix that (https://crbug.com/505388). So this CL
removes the form_origin parameter from IsContextSecure, fixes the iOS TODO, and
uses the resulting IsContextSecure method to record nonsecure form metrics.

BUG= 677291 , 687823 ,505388

Review-Url: https://codereview.chromium.org/2672623005
Cr-Commit-Position: refs/heads/master@{#449402}
(cherry picked from commit 57464d6c82bea1c759874da3101135e1ae1494eb)

Review-Url: https://codereview.chromium.org/2688053003 .
Cr-Commit-Position: refs/branch-heads/2987@{#445}
Cr-Branched-From: ad51088c0e8776e8dcd963dbe752c4035ba6dab6-refs/heads/master@{#444943}

[modify] https://crrev.com/6a75ce0ed0fc234ac83451d91d96e77e01a9e84c/android_webview/native/aw_autofill_client.cc
[modify] https://crrev.com/6a75ce0ed0fc234ac83451d91d96e77e01a9e84c/android_webview/native/aw_autofill_client.h
[modify] https://crrev.com/6a75ce0ed0fc234ac83451d91d96e77e01a9e84c/chrome/browser/ui/autofill/chrome_autofill_client.cc
[modify] https://crrev.com/6a75ce0ed0fc234ac83451d91d96e77e01a9e84c/chrome/browser/ui/autofill/chrome_autofill_client.h
[modify] https://crrev.com/6a75ce0ed0fc234ac83451d91d96e77e01a9e84c/components/autofill/core/browser/autofill_assistant.cc
[modify] https://crrev.com/6a75ce0ed0fc234ac83451d91d96e77e01a9e84c/components/autofill/core/browser/autofill_client.h
[modify] https://crrev.com/6a75ce0ed0fc234ac83451d91d96e77e01a9e84c/components/autofill/core/browser/autofill_manager.cc
[modify] https://crrev.com/6a75ce0ed0fc234ac83451d91d96e77e01a9e84c/components/autofill/core/browser/autofill_metrics.cc
[modify] https://crrev.com/6a75ce0ed0fc234ac83451d91d96e77e01a9e84c/components/autofill/core/browser/autofill_metrics.h
[modify] https://crrev.com/6a75ce0ed0fc234ac83451d91d96e77e01a9e84c/components/autofill/core/browser/autofill_metrics_unittest.cc
[modify] https://crrev.com/6a75ce0ed0fc234ac83451d91d96e77e01a9e84c/components/autofill/core/browser/test_autofill_client.cc
[modify] https://crrev.com/6a75ce0ed0fc234ac83451d91d96e77e01a9e84c/components/autofill/core/browser/test_autofill_client.h
[modify] https://crrev.com/6a75ce0ed0fc234ac83451d91d96e77e01a9e84c/components/password_manager/core/browser/password_autofill_manager.cc
[modify] https://crrev.com/6a75ce0ed0fc234ac83451d91d96e77e01a9e84c/ios/chrome/browser/autofill/autofill_controller.mm
[modify] https://crrev.com/6a75ce0ed0fc234ac83451d91d96e77e01a9e84c/ios/chrome/browser/ui/autofill/BUILD.gn
[modify] https://crrev.com/6a75ce0ed0fc234ac83451d91d96e77e01a9e84c/ios/chrome/browser/ui/autofill/autofill_client_ios.h
[modify] https://crrev.com/6a75ce0ed0fc234ac83451d91d96e77e01a9e84c/ios/chrome/browser/ui/autofill/autofill_client_ios.mm
[modify] https://crrev.com/6a75ce0ed0fc234ac83451d91d96e77e01a9e84c/tools/metrics/histograms/histograms.xml
Project Member

Comment 14 by bugdroid1@chromium.org, Jun 1 2018 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/72562a8dd4be068065f33a73a99dea4cd45ea819

commit 72562a8dd4be068065f33a73a99dea4cd45ea819
Author: Vaclav Brozek <vabr@chromium.org>
Date: Fri Jun 01 11:43:00 2018

Remove unused did_show_form_not_secure_warning_

In PasswordAutofillManager, the field did_show_form_not_secure_warning_
is never read from. This CL removes that field.

Bug:  687823 
Change-Id: I3e5362f6486e7abee674865594515b02593cd8d4
Reviewed-on: https://chromium-review.googlesource.com/1082394
Reviewed-by: Maxim Kolosovskiy <kolos@chromium.org>
Commit-Queue: Vaclav Brozek <vabr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#563595}
[modify] https://crrev.com/72562a8dd4be068065f33a73a99dea4cd45ea819/components/password_manager/core/browser/password_autofill_manager.cc
[modify] https://crrev.com/72562a8dd4be068065f33a73a99dea4cd45ea819/components/password_manager/core/browser/password_autofill_manager.h

Sign in to add a comment