New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 736375 link

Starred by 2 users

Issue metadata

Status: Fixed
Owner:
Closed: Jul 2017
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Feature
Team-Security-UX



Sign in to add a comment

Collect Telemetry on HTTPS page loads where Certificate goes missing

Project Member Reported by elawrence@chromium.org, Jun 23 2017

Issue description

We've occasionally seen bugs like  Issue 727892  where HTTPS page loads "lose" the Certificate such that the page appears to be non-secure.

We should track the prevalence of this problem via UMA and, if it is as rare/unexpected as we assume, we should add a DumpWithoutCrashing call so that any remaining instances can be investigated. If it's more common than expected, we should spend more time actively investigating.
 
UMA-LogWhenCertificateMissing.png.png
52.5 KB View Download

Comment 1 by nasko@chromium.org, Jun 30 2017

Since we know it happens, UMA is not very useful, at least initially, since it only tells you that it happened, which we already know is true, but it does not say how. DumpWithoutCrashing will give us the context on how it happens and should be the first step. Whether we remove it later on is a different question, but I feel SSL state is important enough to have a permanent DWC stay in the code to help us understand when and how it gets in that state.

Comment 2 by jam@chromium.org, Jul 10 2017

From my experience as the author of so many of these bugs, the dump is often not helpful. i.e. it shows where this happens, but it doesn't show how which is the hard part.
Project Member

Comment 3 by bugdroid1@chromium.org, Jul 10 2017

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/969cdd94ea8e0434c090f723abca705485c533e6

commit 969cdd94ea8e0434c090f723abca705485c533e6
Author: John Abd-El-Malek <jam@chromium.org>
Date: Mon Jul 10 22:18:16 2017

Add histogram of how often an https URL commits without a certificate.

BUG= 736375 

Change-Id: I109fab5e41a40ba0d6f5f478c31070d7ef4ea9df
Reviewed-on: https://chromium-review.googlesource.com/565196
Commit-Queue: John Abd-El-Malek <jam@chromium.org>
Reviewed-by: Alexei Svitkine <asvitkine@chromium.org>
Reviewed-by: Eric Lawrence <elawrence@chromium.org>
Cr-Commit-Position: refs/heads/master@{#485418}
[modify] https://crrev.com/969cdd94ea8e0434c090f723abca705485c533e6/content/browser/frame_host/navigation_controller_impl.cc
[modify] https://crrev.com/969cdd94ea8e0434c090f723abca705485c533e6/tools/metrics/histograms/histograms.xml

Comment 4 by jam@chromium.org, Jul 11 2017

Cc: nasko@chromium.org est...@chromium.org
does anyone think this should be merged to M60?
Cc: elawrence@chromium.org
Owner: jam@chromium.org
Status: Fixed (was: Assigned)
Thanks for fixing this, jam@!

More data is always good (and the CertMissing% we're seeing from the first half day of 61 Canary is higher than we'd hoped). 

That said, I understand that the bar for merges has gone up quite a bit in M60, so I'm not sure if the merge would be accepted?
Project Member

Comment 6 by bugdroid1@chromium.org, Jul 12 2017

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/9cd697e09f700f73a45680ea445bdd8075794472

commit 9cd697e09f700f73a45680ea445bdd8075794472
Author: John Abd-El-Malek <jam@chromium.org>
Date: Wed Jul 12 21:53:14 2017

Add more logging to figure out which navigation codepaths lose the SSL certificate.

BUG= 736375 

Change-Id: I73c225fed86f536074f6886d22f9a65e43fcde3e
Reviewed-on: https://chromium-review.googlesource.com/567495
Commit-Queue: John Abd-El-Malek <jam@chromium.org>
Reviewed-by: Ilya Sherman <isherman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#486111}
[modify] https://crrev.com/9cd697e09f700f73a45680ea445bdd8075794472/content/browser/frame_host/navigation_controller_impl.cc
[modify] https://crrev.com/9cd697e09f700f73a45680ea445bdd8075794472/tools/metrics/histograms/histograms.xml

Project Member

Comment 7 by bugdroid1@chromium.org, Jul 18 2017

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/7ba40786c7640752a1d2cdb0d1e769565af66f0d

commit 7ba40786c7640752a1d2cdb0d1e769565af66f0d
Author: John Abd-El-Malek <jam@chromium.org>
Date: Tue Jul 18 00:46:11 2017

Add a missing entry to a histogram enum.

I missed this in r486111

BUG= 736375 

Change-Id: I26b4381945063f7216bab29412bfe0df1c3d95a9
Reviewed-on: https://chromium-review.googlesource.com/575393
Commit-Queue: John Abd-El-Malek <jam@chromium.org>
Commit-Queue: Ilya Sherman <isherman@chromium.org>
Reviewed-by: Ilya Sherman <isherman@chromium.org>
Cr-Commit-Position: refs/heads/master@{#487321}
[modify] https://crrev.com/7ba40786c7640752a1d2cdb0d1e769565af66f0d/tools/metrics/histograms/histograms.xml

Comment 8 by jam@chromium.org, Jul 21 2017

@elawrence @estark: should i just paste here the data from the last week and then remove the histograms? Or do you want to keep them checked in?
I don't know of any reason to remove the breakout histograms until we drive the overall "Missing SSL Status" count to zero and it stays there for a while.

Sign in to add a comment