Chromium Code Reviews| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ssl/ssl_manager.h" | 5 #include "chrome/browser/ssl/ssl_manager.h" |
| 6 | 6 |
| 7 #include "base/message_loop.h" | 7 #include "base/message_loop.h" |
| 8 #include "base/string_util.h" | 8 #include "base/string_util.h" |
| 9 #include "chrome/browser/browser_process.h" | 9 #include "chrome/browser/browser_process.h" |
| 10 #include "chrome/browser/load_from_memory_cache_details.h" | 10 #include "chrome/browser/load_from_memory_cache_details.h" |
| (...skipping 103 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 114 registrar_.Add(this, NotificationType::NAV_ENTRY_COMMITTED, | 114 registrar_.Add(this, NotificationType::NAV_ENTRY_COMMITTED, |
| 115 Source<NavigationController>(controller_)); | 115 Source<NavigationController>(controller_)); |
| 116 registrar_.Add(this, NotificationType::FAIL_PROVISIONAL_LOAD_WITH_ERROR, | 116 registrar_.Add(this, NotificationType::FAIL_PROVISIONAL_LOAD_WITH_ERROR, |
| 117 Source<NavigationController>(controller_)); | 117 Source<NavigationController>(controller_)); |
| 118 registrar_.Add(this, NotificationType::RESOURCE_RESPONSE_STARTED, | 118 registrar_.Add(this, NotificationType::RESOURCE_RESPONSE_STARTED, |
| 119 Source<NavigationController>(controller_)); | 119 Source<NavigationController>(controller_)); |
| 120 registrar_.Add(this, NotificationType::RESOURCE_RECEIVED_REDIRECT, | 120 registrar_.Add(this, NotificationType::RESOURCE_RECEIVED_REDIRECT, |
| 121 Source<NavigationController>(controller_)); | 121 Source<NavigationController>(controller_)); |
| 122 registrar_.Add(this, NotificationType::LOAD_FROM_MEMORY_CACHE, | 122 registrar_.Add(this, NotificationType::LOAD_FROM_MEMORY_CACHE, |
| 123 Source<NavigationController>(controller_)); | 123 Source<NavigationController>(controller_)); |
| 124 registrar_.Add(this, NotificationType::SSL_INTERNAL_STATE_CHANGED, | |
| 125 NotificationService::AllSources()); | |
| 124 } | 126 } |
| 125 | 127 |
| 126 SSLManager::~SSLManager() { | 128 SSLManager::~SSLManager() { |
| 127 } | 129 } |
| 128 | 130 |
| 129 // Delegate API method. | 131 // Delegate API method. |
| 130 void SSLManager::ShowMessage(const std::wstring& msg) { | 132 void SSLManager::ShowMessage(const std::wstring& msg) { |
| 131 ShowMessageWithLink(msg, std::wstring(), NULL); | 133 ShowMessageWithLink(msg, std::wstring(), NULL); |
| 132 } | 134 } |
| 133 | 135 |
| (...skipping 20 matching lines...) Expand all Loading... | |
| 154 return; | 156 return; |
| 155 | 157 |
| 156 if (controller_->active_contents()) { | 158 if (controller_->active_contents()) { |
| 157 controller_->active_contents()->AddInfoBar( | 159 controller_->active_contents()->AddInfoBar( |
| 158 new SSLInfoBarDelegate(controller_->active_contents(), msg, link_text, | 160 new SSLInfoBarDelegate(controller_->active_contents(), msg, link_text, |
| 159 task)); | 161 task)); |
| 160 } | 162 } |
| 161 } | 163 } |
| 162 | 164 |
| 163 // Delegate API method. | 165 // Delegate API method. |
| 164 bool SSLManager::SetMaxSecurityStyle(SecurityStyle style) { | |
| 165 NavigationEntry* entry = controller_->GetActiveEntry(); | |
| 166 if (!entry) { | |
| 167 NOTREACHED(); | |
| 168 return false; | |
| 169 } | |
| 170 | |
| 171 if (entry->ssl().security_style() > style) { | |
| 172 entry->ssl().set_security_style(style); | |
| 173 return true; | |
| 174 } | |
| 175 return false; | |
| 176 } | |
| 177 | |
| 178 // Delegate API method. | |
| 179 void SSLManager::AddMessageToConsole(const std::wstring& msg, | 166 void SSLManager::AddMessageToConsole(const std::wstring& msg, |
| 180 ConsoleMessageLevel level) { | 167 ConsoleMessageLevel level) { |
| 181 TabContents* tab_contents = controller_->GetTabContents(TAB_CONTENTS_WEB); | 168 TabContents* tab_contents = controller_->GetTabContents(TAB_CONTENTS_WEB); |
| 182 if (!tab_contents) | 169 if (!tab_contents) |
| 183 return; | 170 return; |
| 184 WebContents* web_contents = tab_contents->AsWebContents(); | 171 WebContents* web_contents = tab_contents->AsWebContents(); |
| 185 if (!web_contents) | 172 if (!web_contents) |
| 186 return; | 173 return; |
| 187 | 174 |
| 188 web_contents->render_view_host()->AddMessageToConsole( | 175 web_contents->render_view_host()->AddMessageToConsole( |
| 189 std::wstring(), msg, level); | 176 std::wstring(), msg, level); |
| 190 } | 177 } |
| 191 | 178 |
| 192 // Delegate API method. | 179 // Delegate API method. |
| 180 void SSLManager::MarkHostAsBroken(const std::string& host) { | |
| 181 ssl_host_state_->MarkHostAsBroken(host); | |
| 182 DispatchSSLInternalStateChanged(); | |
| 183 } | |
| 184 | |
| 185 // Delegate API method. | |
| 186 bool SSLManager::DidMarkHostAsBroken(const std::string& host) const { | |
| 187 return ssl_host_state_->DidMarkHostAsBroken(host); | |
| 188 } | |
| 189 | |
| 190 // Delegate API method. | |
| 193 void SSLManager::DenyCertForHost(net::X509Certificate* cert, | 191 void SSLManager::DenyCertForHost(net::X509Certificate* cert, |
| 194 const std::string& host) { | 192 const std::string& host) { |
| 195 // Remember that we don't like this cert for this host. | 193 // Remember that we don't like this cert for this host. |
| 196 ssl_host_state_->DenyCertForHost(cert, host); | 194 ssl_host_state_->DenyCertForHost(cert, host); |
| 195 DispatchSSLInternalStateChanged(); | |
| 197 } | 196 } |
| 198 | 197 |
| 199 // Delegate API method. | 198 // Delegate API method. |
| 200 void SSLManager::AllowCertForHost(net::X509Certificate* cert, | 199 void SSLManager::AllowCertForHost(net::X509Certificate* cert, |
| 201 const std::string& host) { | 200 const std::string& host) { |
| 202 ssl_host_state_->AllowCertForHost(cert, host); | 201 ssl_host_state_->AllowCertForHost(cert, host); |
| 202 DispatchSSLInternalStateChanged(); | |
| 203 } | 203 } |
| 204 | 204 |
| 205 // Delegate API method. | 205 // Delegate API method. |
| 206 net::X509Certificate::Policy::Judgment SSLManager::QueryPolicy( | 206 net::X509Certificate::Policy::Judgment SSLManager::QueryPolicy( |
| 207 net::X509Certificate* cert, const std::string& host) { | 207 net::X509Certificate* cert, const std::string& host) { |
| 208 return ssl_host_state_->QueryPolicy(cert, host); | 208 return ssl_host_state_->QueryPolicy(cert, host); |
| 209 } | 209 } |
| 210 | 210 |
| 211 bool SSLManager::CanShowInsecureContent(const GURL& url) { | 211 // Delegate API method. |
| 212 return ssl_host_state_->CanShowInsecureContent(url); | 212 void SSLManager::AllowMixedContentForHost(const std::string& host) { |
| 213 ssl_host_state_->AllowMixedContentForHost(host); | |
| 214 DispatchSSLInternalStateChanged(); | |
| 213 } | 215 } |
| 214 | 216 |
| 215 void SSLManager::AllowShowInsecureContentForURL(const GURL& url) { | 217 // Delegate API method. |
| 216 ssl_host_state_->AllowShowInsecureContentForURL(url); | 218 bool SSLManager::DidAllowMixedContentForHost(const std::string& host) const { |
| 219 return ssl_host_state_->DidAllowMixedContentForHost(host); | |
| 217 } | 220 } |
| 218 | 221 |
| 219 bool SSLManager::ProcessedSSLErrorFromRequest() const { | 222 bool SSLManager::ProcessedSSLErrorFromRequest() const { |
| 220 NavigationEntry* entry = controller_->GetActiveEntry(); | 223 NavigationEntry* entry = controller_->GetActiveEntry(); |
| 221 if (!entry) { | 224 if (!entry) { |
| 222 NOTREACHED(); | 225 NOTREACHED(); |
| 223 return false; | 226 return false; |
| 224 } | 227 } |
| 225 | 228 |
| 226 return net::IsCertStatusError(entry->ssl().cert_status()); | 229 return net::IsCertStatusError(entry->ssl().cert_status()); |
| 227 } | 230 } |
| 228 | 231 |
| 229 //////////////////////////////////////////////////////////////////////////////// | 232 //////////////////////////////////////////////////////////////////////////////// |
| 230 // ErrorHandler | 233 // ErrorHandler |
| 231 | 234 |
| 232 SSLManager::ErrorHandler::ErrorHandler(ResourceDispatcherHost* rdh, | 235 SSLManager::ErrorHandler::ErrorHandler(ResourceDispatcherHost* rdh, |
| 233 URLRequest* request, | 236 URLRequest* request, |
| 237 ResourceType::Type resource_type, | |
| 238 const std::string& frame_origin, | |
| 239 const std::string& main_frame_origin, | |
| 234 MessageLoop* ui_loop) | 240 MessageLoop* ui_loop) |
| 235 : ui_loop_(ui_loop), | 241 : ui_loop_(ui_loop), |
| 236 io_loop_(MessageLoop::current()), | 242 io_loop_(MessageLoop::current()), |
| 237 manager_(NULL), | 243 manager_(NULL), |
| 238 request_id_(0, 0), | 244 request_id_(0, 0), |
| 239 resource_dispatcher_host_(rdh), | 245 resource_dispatcher_host_(rdh), |
| 240 request_url_(request->url()), | 246 request_url_(request->url()), |
| 247 resource_type_(resource_type), | |
| 248 frame_origin_(frame_origin), | |
| 249 main_frame_origin_(main_frame_origin), | |
| 241 request_has_been_notified_(false) { | 250 request_has_been_notified_(false) { |
| 242 DCHECK(MessageLoop::current() != ui_loop); | 251 DCHECK(MessageLoop::current() != ui_loop); |
| 243 | 252 |
| 244 ResourceDispatcherHost::ExtraRequestInfo* info = | 253 ResourceDispatcherHost::ExtraRequestInfo* info = |
| 245 ResourceDispatcherHost::ExtraInfoForRequest(request); | 254 ResourceDispatcherHost::ExtraInfoForRequest(request); |
| 246 request_id_.process_id = info->process_id; | 255 request_id_.process_id = info->process_id; |
| 247 request_id_.request_id = info->request_id; | 256 request_id_.request_id = info->request_id; |
| 248 | 257 |
| 249 if (!tab_util::GetTabContentsID(request, | 258 if (!tab_util::GetTabContentsID(request, |
| 250 &render_process_host_id_, | 259 &render_process_host_id_, |
| (...skipping 170 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 421 } | 430 } |
| 422 | 431 |
| 423 | 432 |
| 424 //////////////////////////////////////////////////////////////////////////////// | 433 //////////////////////////////////////////////////////////////////////////////// |
| 425 // CertError | 434 // CertError |
| 426 | 435 |
| 427 SSLManager::CertError::CertError( | 436 SSLManager::CertError::CertError( |
| 428 ResourceDispatcherHost* rdh, | 437 ResourceDispatcherHost* rdh, |
| 429 URLRequest* request, | 438 URLRequest* request, |
| 430 ResourceType::Type resource_type, | 439 ResourceType::Type resource_type, |
| 440 const std::string& frame_origin, | |
| 441 const std::string& main_frame_origin, | |
| 431 int cert_error, | 442 int cert_error, |
| 432 net::X509Certificate* cert, | 443 net::X509Certificate* cert, |
| 433 MessageLoop* ui_loop) | 444 MessageLoop* ui_loop) |
| 434 : ErrorHandler(rdh, request, ui_loop), | 445 : ErrorHandler(rdh, request, resource_type, frame_origin, |
| 435 cert_error_(cert_error), | 446 main_frame_origin, ui_loop), |
| 436 resource_type_(resource_type) { | 447 cert_error_(cert_error) { |
| 437 DCHECK(request == resource_dispatcher_host_->GetURLRequest(request_id_)); | 448 DCHECK(request == resource_dispatcher_host_->GetURLRequest(request_id_)); |
| 438 | 449 |
| 439 // We cannot use the request->ssl_info(), it's not been initialized yet, so | 450 // We cannot use the request->ssl_info(), it's not been initialized yet, so |
| 440 // we have to set the fields manually. | 451 // we have to set the fields manually. |
| 441 ssl_info_.cert = cert; | 452 ssl_info_.cert = cert; |
| 442 ssl_info_.SetCertError(cert_error); | 453 ssl_info_.SetCertError(cert_error); |
| 443 } | 454 } |
| 444 | 455 |
| 445 // static | 456 // static |
| 446 void SSLManager::OnSSLCertificateError(ResourceDispatcherHost* rdh, | 457 void SSLManager::OnSSLCertificateError(ResourceDispatcherHost* rdh, |
| 447 URLRequest* request, | 458 URLRequest* request, |
| 448 int cert_error, | 459 int cert_error, |
| 449 net::X509Certificate* cert, | 460 net::X509Certificate* cert, |
| 450 MessageLoop* ui_loop) { | 461 MessageLoop* ui_loop) { |
| 451 DLOG(INFO) << "OnSSLCertificateError() cert_error: " << cert_error << | 462 DLOG(INFO) << "OnSSLCertificateError() cert_error: " << cert_error << |
| 452 " url: " << request->url().spec(); | 463 " url: " << request->url().spec(); |
| 453 | 464 |
| 454 ResourceDispatcherHost::ExtraRequestInfo* info = | 465 ResourceDispatcherHost::ExtraRequestInfo* info = |
| 455 ResourceDispatcherHost::ExtraInfoForRequest(request); | 466 ResourceDispatcherHost::ExtraInfoForRequest(request); |
| 456 DCHECK(info); | 467 DCHECK(info); |
| 457 | 468 |
| 458 // A certificate error occurred. Construct a CertError object and hand it | 469 // A certificate error occurred. Construct a CertError object and hand it |
| 459 // over to the UI thread for processing. | 470 // over to the UI thread for processing. |
| 460 ui_loop->PostTask(FROM_HERE, | 471 ui_loop->PostTask(FROM_HERE, |
| 461 NewRunnableMethod(new CertError(rdh, request, info->resource_type, | 472 NewRunnableMethod(new CertError(rdh, |
| 462 cert_error, cert, ui_loop), | 473 request, |
| 474 info->resource_type, | |
| 475 info->frame_origin, | |
| 476 info->main_frame_origin, | |
| 477 cert_error, | |
| 478 cert, | |
| 479 ui_loop), | |
| 463 &CertError::Dispatch)); | 480 &CertError::Dispatch)); |
| 464 } | 481 } |
| 465 | 482 |
| 466 // static | 483 // static |
| 467 void SSLManager::OnMixedContentRequest(ResourceDispatcherHost* rdh, | 484 bool SSLManager::ShouldDelayRequest(ResourceDispatcherHost* rdh, |
| 468 URLRequest* request, | 485 URLRequest* request, |
| 469 MessageLoop* ui_loop) { | 486 MessageLoop* ui_loop) { |
| 487 ResourceDispatcherHost::ExtraRequestInfo* info = | |
| 488 ResourceDispatcherHost::ExtraInfoForRequest(request); | |
| 489 DCHECK(info); | |
| 490 | |
| 491 // We cheat here and talk to the SSLPolicy on the IO channel because we need | |
| 492 // to respond synchronously to avoid delaying all network requests... | |
| 493 SSLPolicy::IsMixedContent(request->url(), | |
|
jcampan
2009/03/16 18:43:54
Don't you want to return false if IsMixedContent r
abarth-chromium
2009/03/16 21:34:21
Yes. :)
| |
| 494 info->resource_type, | |
| 495 info->frame_origin); | |
| 496 | |
| 497 | |
| 470 ui_loop->PostTask(FROM_HERE, | 498 ui_loop->PostTask(FROM_HERE, |
| 471 NewRunnableMethod(new MixedContentHandler(rdh, request, ui_loop), | 499 NewRunnableMethod(new MixedContentHandler(rdh, request, |
| 500 info->resource_type, | |
| 501 info->frame_origin, | |
| 502 info->main_frame_origin, | |
| 503 ui_loop), | |
| 472 &MixedContentHandler::Dispatch)); | 504 &MixedContentHandler::Dispatch)); |
| 505 return true; | |
| 473 } | 506 } |
| 474 | 507 |
| 475 void SSLManager::OnCertError(CertError* error) { | 508 void SSLManager::OnCertError(CertError* error) { |
| 476 // Ask our delegate to deal with the error. | 509 delegate()->OnCertError(error); |
| 477 NavigationEntry* entry = controller_->GetActiveEntry(); | |
| 478 // We might not have a navigation entry in some cases (e.g. when a | |
| 479 // HTTPS page opens a popup with no URL and then populate it with | |
| 480 // document.write()). See bug http://crbug.com/3845. | |
| 481 if (!entry) | |
| 482 return; | |
| 483 | |
| 484 delegate()->OnCertError(entry->url(), error); | |
| 485 } | 510 } |
| 486 | 511 |
| 487 void SSLManager::OnMixedContent(MixedContentHandler* mixed_content) { | 512 void SSLManager::OnMixedContent(MixedContentHandler* mixed_content) { |
| 488 // Ask our delegate to deal with the mixed content. | 513 delegate()->OnMixedContent(mixed_content); |
| 489 NavigationEntry* entry = controller_->GetActiveEntry(); | |
| 490 // We might not have a navigation entry in some cases (e.g. when a | |
| 491 // HTTPS page opens a popup with no URL and then populate it with | |
| 492 // document.write()). See bug http://crbug.com/3845. | |
| 493 if (!entry) | |
| 494 return; | |
| 495 | |
| 496 delegate()->OnMixedContent(controller_, entry->url(), mixed_content); | |
| 497 } | 514 } |
| 498 | 515 |
| 499 void SSLManager::Observe(NotificationType type, | 516 void SSLManager::Observe(NotificationType type, |
| 500 const NotificationSource& source, | 517 const NotificationSource& source, |
| 501 const NotificationDetails& details) { | 518 const NotificationDetails& details) { |
| 502 // We should only be getting notifications from our controller. | |
| 503 DCHECK(source == Source<NavigationController>(controller_)); | |
| 504 | |
| 505 // Dispatch by type. | 519 // Dispatch by type. |
| 506 switch (type.value) { | 520 switch (type.value) { |
| 507 case NotificationType::NAV_ENTRY_COMMITTED: | 521 case NotificationType::NAV_ENTRY_COMMITTED: |
| 508 DidCommitProvisionalLoad(details); | 522 DidCommitProvisionalLoad(details); |
| 509 break; | 523 break; |
| 510 case NotificationType::FAIL_PROVISIONAL_LOAD_WITH_ERROR: | 524 case NotificationType::FAIL_PROVISIONAL_LOAD_WITH_ERROR: |
| 511 DidFailProvisionalLoadWithError( | 525 DidFailProvisionalLoadWithError( |
| 512 Details<ProvisionalLoadDetails>(details).ptr()); | 526 Details<ProvisionalLoadDetails>(details).ptr()); |
| 513 break; | 527 break; |
| 514 case NotificationType::RESOURCE_RESPONSE_STARTED: | 528 case NotificationType::RESOURCE_RESPONSE_STARTED: |
| 515 DidStartResourceResponse(Details<ResourceRequestDetails>(details).ptr()); | 529 DidStartResourceResponse(Details<ResourceRequestDetails>(details).ptr()); |
| 516 break; | 530 break; |
| 517 case NotificationType::RESOURCE_RECEIVED_REDIRECT: | 531 case NotificationType::RESOURCE_RECEIVED_REDIRECT: |
| 518 DidReceiveResourceRedirect( | 532 DidReceiveResourceRedirect( |
| 519 Details<ResourceRedirectDetails>(details).ptr()); | 533 Details<ResourceRedirectDetails>(details).ptr()); |
| 520 break; | 534 break; |
| 521 case NotificationType::LOAD_FROM_MEMORY_CACHE: | 535 case NotificationType::LOAD_FROM_MEMORY_CACHE: |
| 522 DidLoadFromMemoryCache( | 536 DidLoadFromMemoryCache( |
| 523 Details<LoadFromMemoryCacheDetails>(details).ptr()); | 537 Details<LoadFromMemoryCacheDetails>(details).ptr()); |
| 524 break; | 538 break; |
| 539 case NotificationType::SSL_INTERNAL_STATE_CHANGED: | |
| 540 DidChangeSSLInternalState(); | |
| 541 break; | |
| 525 default: | 542 default: |
| 526 NOTREACHED() << "The SSLManager received an unexpected notification."; | 543 NOTREACHED() << "The SSLManager received an unexpected notification."; |
| 527 } | 544 } |
| 528 } | 545 } |
| 529 | 546 |
| 530 void SSLManager::InitializeEntryIfNeeded(NavigationEntry* entry) { | 547 void SSLManager::DispatchSSLInternalStateChanged() { |
| 548 NotificationService::current()->Notify( | |
| 549 NotificationType::SSL_INTERNAL_STATE_CHANGED, | |
| 550 Source<NavigationController>(controller_), | |
| 551 NotificationService::NoDetails()); | |
| 552 } | |
| 553 | |
| 554 void SSLManager::DispatchSSLVisibleStateChanged() { | |
| 555 NotificationService::current()->Notify( | |
| 556 NotificationType::SSL_VISIBLE_STATE_CHANGED, | |
| 557 Source<NavigationController>(controller_), | |
| 558 NotificationService::NoDetails()); | |
| 559 } | |
| 560 | |
| 561 void SSLManager::UpdateEntry(NavigationEntry* entry) { | |
| 531 DCHECK(entry); | 562 DCHECK(entry); |
| 532 | 563 |
| 533 // If the security style of the entry is SECURITY_STYLE_UNKNOWN, then it is a | 564 NavigationEntry::SSLStatus original_status = entry->ssl(); // Copy! |
| 534 // fresh entry and should get the default style. | 565 |
| 535 if (entry->ssl().security_style() == SECURITY_STYLE_UNKNOWN) { | 566 delegate()->UpdateEntry(this, entry); |
| 536 entry->ssl().set_security_style( | 567 |
| 537 delegate()->GetDefaultStyle(entry->url())); | 568 if (original_status.security_style() != entry->ssl().security_style() || |
| 538 } | 569 original_status.has_mixed_content() != entry->ssl().has_mixed_content() || |
| 570 original_status.has_unsafe_content() != entry->ssl().has_unsafe_content()) | |
| 571 DispatchSSLVisibleStateChanged(); | |
| 539 } | 572 } |
| 540 | 573 |
| 541 void SSLManager::NavigationStateChanged() { | 574 void SSLManager::NavigationStateChanged() { |
| 542 NavigationEntry* active_entry = controller_->GetActiveEntry(); | 575 NavigationEntry* entry = controller_->GetActiveEntry(); |
| 543 if (!active_entry) | 576 if (!entry) |
| 544 return; // Nothing showing yet. | 577 return; // Nothing showing yet. |
| 545 | 578 |
| 546 // This might be a new entry we've never seen before. | 579 // This might be a new entry we've never seen before. |
| 547 InitializeEntryIfNeeded(active_entry); | 580 UpdateEntry(entry); |
| 548 } | 581 } |
| 549 | 582 |
| 550 void SSLManager::DidLoadFromMemoryCache(LoadFromMemoryCacheDetails* details) { | 583 void SSLManager::DidLoadFromMemoryCache(LoadFromMemoryCacheDetails* details) { |
| 551 DCHECK(details); | 584 DCHECK(details); |
| 552 | 585 |
| 553 // Simulate loading this resource through the usual path. | |
| 554 // Note that we specify SUB_RESOURCE as the resource type as WebCore only | 586 // Note that we specify SUB_RESOURCE as the resource type as WebCore only |
| 555 // caches sub-resources. | 587 // caches sub-resources. |
| 556 delegate()->OnRequestStarted(this, details->url(), | 588 scoped_refptr<RequestInfo> info = new RequestInfo( |
| 557 ResourceType::SUB_RESOURCE, | 589 this, |
| 558 details->ssl_cert_id(), | 590 details->url(), |
| 559 details->ssl_cert_status()); | 591 ResourceType::SUB_RESOURCE, |
| 592 details->frame_origin(), | |
| 593 details->main_frame_origin(), | |
| 594 details->ssl_cert_id(), | |
| 595 details->ssl_cert_status()); | |
| 596 | |
| 597 // Simulate loading this resource through the usual path. | |
| 598 delegate()->OnRequestStarted(info.get()); | |
| 599 } | |
| 600 | |
| 601 void SSLManager::DidChangeSSLInternalState() { | |
| 602 NavigationEntry* entry = controller_->GetActiveEntry(); | |
| 603 if (!entry) | |
| 604 return; // Nothing showing yet. | |
| 605 | |
| 606 // We might have to update the current entry if our SSL state changes. | |
| 607 UpdateEntry(entry); | |
| 560 } | 608 } |
| 561 | 609 |
| 562 void SSLManager::DidCommitProvisionalLoad( | 610 void SSLManager::DidCommitProvisionalLoad( |
| 563 const NotificationDetails& in_details) { | 611 const NotificationDetails& in_details) { |
| 564 NavigationController::LoadCommittedDetails* details = | 612 NavigationController::LoadCommittedDetails* details = |
| 565 Details<NavigationController::LoadCommittedDetails>(in_details).ptr(); | 613 Details<NavigationController::LoadCommittedDetails>(in_details).ptr(); |
| 566 | 614 |
| 567 // Ignore in-page navigations, they should not change the security style or | 615 // Ignore in-page navigations, they should not change the security style or |
| 568 // the info-bars. | 616 // the info-bars. |
| 569 if (details->is_in_page) | 617 if (details->is_in_page) |
| 570 return; | 618 return; |
| 571 | 619 |
| 572 // Decode the security details. | 620 // Decode the security details. |
| 573 int ssl_cert_id, ssl_cert_status, ssl_security_bits; | 621 int ssl_cert_id, ssl_cert_status, ssl_security_bits; |
| 574 DeserializeSecurityInfo(details->serialized_security_info, | 622 DeserializeSecurityInfo(details->serialized_security_info, |
| 575 &ssl_cert_id, &ssl_cert_status, &ssl_security_bits); | 623 &ssl_cert_id, &ssl_cert_status, &ssl_security_bits); |
| 576 | 624 |
| 577 bool changed = false; | 625 bool entry_changed = false; |
| 578 if (details->is_main_frame) { | 626 if (details->is_main_frame) { |
| 579 // Update the SSL states of the pending entry. | 627 // Update the SSL states of the pending entry. |
| 580 NavigationEntry* entry = controller_->GetActiveEntry(); | 628 NavigationEntry* entry = controller_->GetActiveEntry(); |
| 581 if (entry) { | 629 if (entry) { |
| 582 // We may not have an entry if this is a navigation to an initial blank | 630 // We may not have an entry if this is a navigation to an initial blank |
| 583 // page. Reset the SSL information and add the new data we have. | 631 // page. Reset the SSL information and add the new data we have. |
| 584 entry->ssl() = NavigationEntry::SSLStatus(); | 632 entry->ssl() = NavigationEntry::SSLStatus(); |
| 585 InitializeEntryIfNeeded(entry); // For security_style. | 633 UpdateEntry(entry); // For security_style. |
| 586 entry->ssl().set_cert_id(ssl_cert_id); | 634 entry->ssl().set_cert_id(ssl_cert_id); |
| 587 entry->ssl().set_cert_status(ssl_cert_status); | 635 entry->ssl().set_cert_status(ssl_cert_status); |
| 588 entry->ssl().set_security_bits(ssl_security_bits); | 636 entry->ssl().set_security_bits(ssl_security_bits); |
| 589 changed = true; | 637 entry_changed = true; |
| 590 } | 638 } |
| 591 | 639 |
| 592 ShowPendingMessages(); | 640 ShowPendingMessages(); |
| 593 } | 641 } |
| 594 | 642 |
| 595 // An HTTPS response may not have a certificate for some reason. When that | 643 // An HTTPS response may not have a certificate for some reason. When that |
| 596 // happens, use the unauthenticated (HTTP) rather than the authentication | 644 // happens, use the unauthenticated (HTTP) rather than the authentication |
| 597 // broken security style so that we can detect this error condition. | 645 // broken security style so that we can detect this error condition. |
| 598 if (net::IsCertStatusError(ssl_cert_status) && | 646 if (net::IsCertStatusError(ssl_cert_status) && |
| 599 !details->is_content_filtered) { | 647 !details->is_content_filtered) { |
| 600 changed |= SetMaxSecurityStyle(SECURITY_STYLE_AUTHENTICATION_BROKEN); | 648 // TODO(abarth): This is wrong. It's the SSLPolicy's job to set the max |
| 649 // security style. | |
| 650 //SetMaxSecurityStyle(SECURITY_STYLE_AUTHENTICATION_BROKEN); | |
| 601 if (!details->is_main_frame && | 651 if (!details->is_main_frame && |
| 602 !details->entry->ssl().has_unsafe_content()) { | 652 !details->entry->ssl().has_unsafe_content()) { |
| 603 details->entry->ssl().set_has_unsafe_content(); | 653 details->entry->ssl().set_has_unsafe_content(); |
| 604 changed = true; | 654 entry_changed = true; |
| 605 } | 655 } |
| 606 } else if (details->entry->url().SchemeIsSecure() && !ssl_cert_id) { | 656 } else if (details->entry->url().SchemeIsSecure() && !ssl_cert_id) { |
| 607 if (details->is_main_frame) { | 657 if (details->is_main_frame) { |
| 608 changed |= SetMaxSecurityStyle(SECURITY_STYLE_UNAUTHENTICATED); | 658 // TODO(abarth): This is wrong. It's the SSLPolicy's job to set the max |
| 659 // security style. | |
| 660 //SetMaxSecurityStyle(SECURITY_STYLE_UNAUTHENTICATED); | |
| 609 } else { | 661 } else { |
| 610 // If the frame has been blocked we keep our security style as | 662 // If the frame has been blocked we keep our security style as |
| 611 // authenticated in that case as nothing insecure is actually showing or | 663 // authenticated in that case as nothing insecure is actually showing or |
| 612 // loaded. | 664 // loaded. |
| 613 if (!details->is_content_filtered && | 665 if (!details->is_content_filtered && |
| 614 !details->entry->ssl().has_mixed_content()) { | 666 !details->entry->ssl().has_mixed_content()) { |
| 615 details->entry->ssl().set_has_mixed_content(); | 667 details->entry->ssl().set_has_mixed_content(); |
| 616 changed = true; | 668 entry_changed = true; |
| 617 } | 669 } |
| 618 } | 670 } |
| 619 } | 671 } |
| 620 | 672 |
| 621 if (changed) { | 673 if (entry_changed) |
| 622 // Only send the notification when something actually changed. | 674 DispatchSSLVisibleStateChanged(); |
| 623 NotificationService::current()->Notify( | |
| 624 NotificationType::SSL_STATE_CHANGED, | |
| 625 Source<NavigationController>(controller_), | |
| 626 NotificationService::NoDetails()); | |
| 627 } | |
| 628 } | 675 } |
| 629 | 676 |
| 630 void SSLManager::DidFailProvisionalLoadWithError( | 677 void SSLManager::DidFailProvisionalLoadWithError( |
| 631 ProvisionalLoadDetails* details) { | 678 ProvisionalLoadDetails* details) { |
| 632 DCHECK(details); | 679 DCHECK(details); |
| 633 | 680 |
| 634 // Ignore in-page navigations. | 681 // Ignore in-page navigations. |
| 635 if (details->in_page_navigation()) | 682 if (details->in_page_navigation()) |
| 636 return; | 683 return; |
| 637 | 684 |
| 638 if (details->main_frame()) | 685 if (details->main_frame()) |
| 639 ClearPendingMessages(); | 686 ClearPendingMessages(); |
| 640 } | 687 } |
| 641 | 688 |
| 642 void SSLManager::DidStartResourceResponse(ResourceRequestDetails* details) { | 689 void SSLManager::DidStartResourceResponse(ResourceRequestDetails* details) { |
| 643 DCHECK(details); | 690 DCHECK(details); |
| 644 | 691 |
| 692 scoped_refptr<RequestInfo> info = new RequestInfo( | |
| 693 this, | |
| 694 details->url(), | |
| 695 details->resource_type(), | |
| 696 details->frame_origin(), | |
| 697 details->main_frame_origin(), | |
| 698 details->ssl_cert_id(), | |
| 699 details->ssl_cert_status()); | |
| 700 | |
| 645 // Notify our delegate that we started a resource request. Ideally, the | 701 // Notify our delegate that we started a resource request. Ideally, the |
| 646 // delegate should have the ability to cancel the request, but we can't do | 702 // delegate should have the ability to cancel the request, but we can't do |
| 647 // that yet. | 703 // that yet. |
| 648 delegate()->OnRequestStarted(this, details->url(), | 704 delegate()->OnRequestStarted(info.get()); |
| 649 details->resource_type(), | |
| 650 details->ssl_cert_id() , | |
| 651 details->ssl_cert_status()); | |
| 652 } | 705 } |
| 653 | 706 |
| 654 void SSLManager::DidReceiveResourceRedirect(ResourceRedirectDetails* details) { | 707 void SSLManager::DidReceiveResourceRedirect(ResourceRedirectDetails* details) { |
| 655 // TODO(jcampan): when we receive a redirect for a sub-resource, we may want | 708 // TODO(jcampan): when we receive a redirect for a sub-resource, we may want |
| 656 // to clear any mixed/unsafe content error that it may have triggered. | 709 // to clear any mixed/unsafe content error that it may have triggered. |
| 710 // Really??? I'm not sure that's right. -- abarth (3/14/2009) | |
| 657 } | 711 } |
| 658 | 712 |
| 659 void SSLManager::ShowPendingMessages() { | 713 void SSLManager::ShowPendingMessages() { |
| 660 std::vector<SSLMessageInfo>::const_iterator iter; | 714 std::vector<SSLMessageInfo>::const_iterator iter; |
| 661 for (iter = pending_messages_.begin(); | 715 for (iter = pending_messages_.begin(); |
| 662 iter != pending_messages_.end(); ++iter) { | 716 iter != pending_messages_.end(); ++iter) { |
| 663 ShowMessageWithLink(iter->message, iter->link_text, iter->action); | 717 ShowMessageWithLink(iter->message, iter->link_text, iter->action); |
| 664 } | 718 } |
| 665 ClearPendingMessages(); | 719 ClearPendingMessages(); |
| 666 } | 720 } |
| (...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 723 } | 777 } |
| 724 | 778 |
| 725 if (ca_name) { | 779 if (ca_name) { |
| 726 // TODO(wtc): should we show the root CA's name instead? | 780 // TODO(wtc): should we show the root CA's name instead? |
| 727 *ca_name = l10n_util::GetStringF( | 781 *ca_name = l10n_util::GetStringF( |
| 728 IDS_SECURE_CONNECTION_EV_CA, | 782 IDS_SECURE_CONNECTION_EV_CA, |
| 729 UTF8ToWide(cert.issuer().organization_names[0])); | 783 UTF8ToWide(cert.issuer().organization_names[0])); |
| 730 } | 784 } |
| 731 return true; | 785 return true; |
| 732 } | 786 } |
| OLD | NEW |