| OLD | NEW |
| 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ssl/ssl_host_state.h" | 5 #include "chrome/browser/ssl/ssl_host_state.h" |
| 6 | 6 |
| 7 #include "base/logging.h" | 7 #include "base/logging.h" |
| 8 | 8 |
| 9 namespace { |
| 10 |
| 11 static const char kDot = '.'; |
| 12 |
| 13 static bool IsIntranetHost(const std::string& host) { |
| 14 const size_t dot = host.find(kDot); |
| 15 return dot == std::string::npos || dot == host.length() - 1; |
| 16 } |
| 17 |
| 18 } // namespace |
| 19 |
| 9 SSLHostState::SSLHostState() { | 20 SSLHostState::SSLHostState() { |
| 10 } | 21 } |
| 11 | 22 |
| 12 SSLHostState::~SSLHostState() { | 23 SSLHostState::~SSLHostState() { |
| 13 } | 24 } |
| 14 | 25 |
| 26 void SSLHostState::MarkHostAsBroken(const std::string& host) { |
| 27 DCHECK(CalledOnValidThread()); |
| 28 |
| 29 broken_hosts_.insert(host); |
| 30 } |
| 31 |
| 32 bool SSLHostState::DidMarkHostAsBroken(const std::string& host) { |
| 33 DCHECK(CalledOnValidThread()); |
| 34 |
| 35 // CAs issue certificate for intranet hosts to everyone. Therefore, we always |
| 36 // treat intranet hosts as broken. |
| 37 if (IsIntranetHost(host)) |
| 38 return true; |
| 39 |
| 40 return (broken_hosts_.find(host) != broken_hosts_.end()); |
| 41 } |
| 42 |
| 15 void SSLHostState::DenyCertForHost(net::X509Certificate* cert, | 43 void SSLHostState::DenyCertForHost(net::X509Certificate* cert, |
| 16 const std::string& host) { | 44 const std::string& host) { |
| 17 DCHECK(CalledOnValidThread()); | 45 DCHECK(CalledOnValidThread()); |
| 18 | 46 |
| 19 // Remember that we don't like this cert for this host. | 47 // Remember that we don't like this cert for this host. |
| 20 cert_policy_for_host_[host].Deny(cert); | 48 cert_policy_for_host_[host].Deny(cert); |
| 21 } | 49 } |
| 22 | 50 |
| 23 void SSLHostState::AllowCertForHost(net::X509Certificate* cert, | 51 void SSLHostState::AllowCertForHost(net::X509Certificate* cert, |
| 24 const std::string& host) { | 52 const std::string& host) { |
| 25 DCHECK(CalledOnValidThread()); | 53 DCHECK(CalledOnValidThread()); |
| 26 | 54 |
| 27 // Remember that we do like this cert for this host. | 55 // Remember that we do like this cert for this host. |
| 28 cert_policy_for_host_[host].Allow(cert); | 56 cert_policy_for_host_[host].Allow(cert); |
| 29 } | 57 } |
| 30 | 58 |
| 59 bool SSLHostState::DidAllowCertForHost(const std::string& host) { |
| 60 DCHECK(CalledOnValidThread()); |
| 61 |
| 62 std::map<std::string, net::X509Certificate::Policy>::const_iterator iter = |
| 63 cert_policy_for_host_.find(host); |
| 64 |
| 65 if (iter == cert_policy_for_host_.end()) |
| 66 return false; |
| 67 |
| 68 return iter->second.HasAllowedCert(); |
| 69 } |
| 70 |
| 31 net::X509Certificate::Policy::Judgment SSLHostState::QueryPolicy( | 71 net::X509Certificate::Policy::Judgment SSLHostState::QueryPolicy( |
| 32 net::X509Certificate* cert, const std::string& host) { | 72 net::X509Certificate* cert, const std::string& host) { |
| 33 DCHECK(CalledOnValidThread()); | 73 DCHECK(CalledOnValidThread()); |
| 34 | 74 |
| 35 return cert_policy_for_host_[host].Check(cert); | 75 return cert_policy_for_host_[host].Check(cert); |
| 36 } | 76 } |
| 37 | 77 |
| 38 bool SSLHostState::CanShowInsecureContent(const GURL& url) { | 78 void SSLHostState::AllowMixedContentForHost(const std::string& host) { |
| 39 DCHECK(CalledOnValidThread()); | 79 DCHECK(CalledOnValidThread()); |
| 40 | 80 |
| 41 return (can_show_insecure_content_for_host_.find(url.host()) != | 81 allow_mixed_content_for_host_.insert(host); |
| 42 can_show_insecure_content_for_host_.end()); | |
| 43 } | 82 } |
| 44 | 83 |
| 45 void SSLHostState::AllowShowInsecureContentForURL(const GURL& url) { | 84 bool SSLHostState::DidAllowMixedContentForHost(const std::string& host) { |
| 46 DCHECK(CalledOnValidThread()); | 85 DCHECK(CalledOnValidThread()); |
| 47 | 86 |
| 48 can_show_insecure_content_for_host_.insert(url.host()); | 87 return (allow_mixed_content_for_host_.find(host) != |
| 88 allow_mixed_content_for_host_.end()); |
| 49 } | 89 } |
| OLD | NEW |