Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(98)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/ssl/ssl_host_state.cc

Issue 3536019: Fix 58162: Mixed Content False Positive for intranet hostname certificates... (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: '' Created 10 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/browser/page_info_model.cc ('k') | chrome/browser/ssl/ssl_policy.cc » ('j') | net/base/net_error_list.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/ssl/ssl_host_state.h" 5 #include "chrome/browser/ssl/ssl_host_state.h"
6 6
7 #include "base/logging.h" 7 #include "base/logging.h"
8 8
9 namespace {
10
11 static const char kDot = '.';
12
13 static bool IsIntranetHost(const std::string& host) {
14 const size_t dot = host.find(kDot);
15 return dot == std::string::npos || dot == host.length() - 1;
16 }
17
18 } // namespace
19
20 SSLHostState::SSLHostState() { 9 SSLHostState::SSLHostState() {
21 } 10 }
22 11
23 SSLHostState::~SSLHostState() { 12 SSLHostState::~SSLHostState() {
24 } 13 }
25 14
26 void SSLHostState::HostRanInsecureContent(const std::string& host, int pid) { 15 void SSLHostState::HostRanInsecureContent(const std::string& host, int pid) {
27 DCHECK(CalledOnValidThread()); 16 DCHECK(CalledOnValidThread());
28 ran_insecure_content_hosts_.insert(BrokenHostEntry(host, pid)); 17 ran_insecure_content_hosts_.insert(BrokenHostEntry(host, pid));
29 } 18 }
30 19
31 bool SSLHostState::DidHostRunInsecureContent(const std::string& host, 20 bool SSLHostState::DidHostRunInsecureContent(const std::string& host,
32 int pid) const { 21 int pid) const {
33 DCHECK(CalledOnValidThread()); 22 DCHECK(CalledOnValidThread());
34
35 // CAs issue certificates for intranet hosts to everyone. Therefore, we
36 // always treat intranet hosts as having run insecure content.
37 if (IsIntranetHost(host))
38 return true;
39
40 return !!ran_insecure_content_hosts_.count(BrokenHostEntry(host, pid)); 23 return !!ran_insecure_content_hosts_.count(BrokenHostEntry(host, pid));
41 } 24 }
42 25
43 void SSLHostState::DenyCertForHost(net::X509Certificate* cert, 26 void SSLHostState::DenyCertForHost(net::X509Certificate* cert,
44 const std::string& host) { 27 const std::string& host) {
45 DCHECK(CalledOnValidThread()); 28 DCHECK(CalledOnValidThread());
46 29
47 cert_policy_for_host_[host].Deny(cert); 30 cert_policy_for_host_[host].Deny(cert);
48 } 31 }
49 32
50 void SSLHostState::AllowCertForHost(net::X509Certificate* cert, 33 void SSLHostState::AllowCertForHost(net::X509Certificate* cert,
51 const std::string& host) { 34 const std::string& host) {
52 DCHECK(CalledOnValidThread()); 35 DCHECK(CalledOnValidThread());
53 36
54 cert_policy_for_host_[host].Allow(cert); 37 cert_policy_for_host_[host].Allow(cert);
55 } 38 }
56 39
57 net::CertPolicy::Judgment SSLHostState::QueryPolicy( 40 net::CertPolicy::Judgment SSLHostState::QueryPolicy(
58 net::X509Certificate* cert, const std::string& host) { 41 net::X509Certificate* cert, const std::string& host) {
59 DCHECK(CalledOnValidThread()); 42 DCHECK(CalledOnValidThread());
60 43
61 return cert_policy_for_host_[host].Check(cert); 44 return cert_policy_for_host_[host].Check(cert);
62 } 45 }
OLDNEW
« no previous file with comments | « chrome/browser/page_info_model.cc ('k') | chrome/browser/ssl/ssl_policy.cc » ('j') | net/base/net_error_list.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698