Chromium Code Reviews| Index: chrome/browser/ssl/ssl_policy.cc |
| =================================================================== |
| --- chrome/browser/ssl/ssl_policy.cc (revision 11701) |
| +++ chrome/browser/ssl/ssl_policy.cc (working copy) |
| @@ -4,7 +4,6 @@ |
| #include "chrome/browser/ssl/ssl_policy.h" |
| -#include "base/singleton.h" |
| #include "base/string_piece.h" |
| #include "base/string_util.h" |
| #include "chrome/browser/cert_store.h" |
| @@ -38,37 +37,33 @@ |
| // Wrap all these helper classes in an anonymous namespace. |
| namespace { |
| -static const char kDot = '.'; |
| - |
| -class ShowUnsafeContentTask : public Task { |
| +class ShowMixedContentTask : public Task { |
| public: |
| - ShowUnsafeContentTask(const GURL& main_frame_url, |
| - SSLManager::ErrorHandler* error_handler); |
| - virtual ~ShowUnsafeContentTask(); |
| + ShowMixedContentTask(SSLPolicy* ssl_policy, |
| + SSLManager::MixedContentHandler* handler); |
| + virtual ~ShowMixedContentTask(); |
| virtual void Run(); |
| private: |
| - scoped_refptr<SSLManager::ErrorHandler> error_handler_; |
| - GURL main_frame_url_; |
| + scoped_refptr<SSLManager::MixedContentHandler> handler_; |
| - DISALLOW_EVIL_CONSTRUCTORS(ShowUnsafeContentTask); |
| + SSLPolicy* ssl_policy_; |
| + |
| + DISALLOW_COPY_AND_ASSIGN(ShowMixedContentTask); |
| }; |
| -ShowUnsafeContentTask::ShowUnsafeContentTask( |
| - const GURL& main_frame_url, |
| - SSLManager::ErrorHandler* error_handler) |
| - : error_handler_(error_handler), |
| - main_frame_url_(main_frame_url) { |
| +ShowMixedContentTask::ShowMixedContentTask( |
| + SSLPolicy* ssl_policy, SSLManager::MixedContentHandler* handler) |
| + : ssl_policy_(ssl_policy), handler_(handler) { |
| } |
| -ShowUnsafeContentTask::~ShowUnsafeContentTask() { |
| +ShowMixedContentTask::~ShowMixedContentTask() { |
| } |
| -void ShowUnsafeContentTask::Run() { |
| - error_handler_->manager()->AllowShowInsecureContentForURL(main_frame_url_); |
| - // Reload the page. |
| - error_handler_->GetWebContents()->controller()->Reload(true); |
| +void ShowMixedContentTask::Run() { |
| + ssl_policy_->AllowMixedContent(handler_); |
| + handler_->GetWebContents()->controller()->Reload(true); |
| } |
| static void ShowErrorPage(SSLPolicy* policy, SSLManager::CertError* error) { |
| @@ -116,332 +111,161 @@ |
| blocking_page->Show(); |
| } |
| -#if 0 |
| -// See TODO(jcampan) below. |
| -static bool IsIntranetHost(const std::string& host) { |
| - const size_t dot = host.find(kDot); |
| - return dot == std::string::npos || dot == host.length() - 1; |
| -} |
| -#endif |
| +static void InitializeEntryIfNeeded(NavigationEntry* entry) { |
| + if (entry->ssl().security_style() != SECURITY_STYLE_UNKNOWN) |
| + return; |
| -class CommonNameInvalidPolicy : public SSLPolicy { |
| - public: |
| - static SSLPolicy* GetInstance() { |
| - return Singleton<CommonNameInvalidPolicy>::get(); |
| - } |
| + SecurityStyle security_style = entry->url().SchemeIsSecure() ? |
| + SECURITY_STYLE_AUTHENTICATED : SECURITY_STYLE_UNAUTHENTICATED; |
|
jcampan
2009/03/16 18:43:54
Nit: indent 4 spaces
abarth-chromium
2009/03/16 21:34:21
Fixed.
|
| - void OnCertError(const GURL& main_frame_url, |
| - SSLManager::CertError* error) { |
| - OnOverridableCertError(main_frame_url, error); |
| - } |
| -}; |
| + entry->ssl().set_security_style(security_style); |
| +} |
| -class DateInvalidPolicy : public SSLPolicy { |
| - public: |
| - static SSLPolicy* GetInstance() { |
| - return Singleton<DateInvalidPolicy>::get(); |
| - } |
| +static void AddMixedContentWarningToConsole( |
| + SSLManager::MixedContentHandler* handler) { |
| + const std::wstring& msg = l10n_util::GetStringF( |
| + IDS_MIXED_CONTENT_LOG_MESSAGE, |
| + UTF8ToWide(handler->frame_origin()), |
| + UTF8ToWide(handler->request_url().spec())); |
| + handler->manager()->AddMessageToConsole(msg, MESSAGE_LEVEL_WARNING); |
| +} |
| - void OnCertError(const GURL& main_frame_url, |
| - SSLManager::CertError* error) { |
| - OnOverridableCertError(main_frame_url, error); |
| - } |
| -}; |
| +static bool HasSafeScheme(const GURL& url) { |
| + return (url.SchemeIsSecure() || |
| + url.SchemeIs(chrome::kDataScheme) || |
| + url.SchemeIs(chrome::kJavaScriptScheme) || |
| + url.SchemeIs(chrome::kAboutScheme)); |
| +} |
| -class AuthorityInvalidPolicy : public SSLPolicy { |
| - public: |
| - static SSLPolicy* GetInstance() { |
| - return Singleton<AuthorityInvalidPolicy>::get(); |
| - } |
| +} // namespace |
| - void OnCertError(const GURL& main_frame_url, |
| - SSLManager::CertError* error) { |
| - OnOverridableCertError(main_frame_url, error); |
| - } |
| -}; |
| +SSLPolicy::SSLPolicy() { |
| +} |
| -class ContainsErrorsPolicy : public SSLPolicy { |
| - public: |
| - static SSLPolicy* GetInstance() { |
| - return Singleton<ContainsErrorsPolicy>::get(); |
| - } |
| +SSLPolicy* SSLPolicy::GetDefaultPolicy() { |
| + return Singleton<SSLPolicy>::get(); |
| +} |
| - void OnCertError(const GURL& main_frame_url, |
| - SSLManager::CertError* error) { |
| - OnFatalCertError(main_frame_url, error); |
| - } |
| -}; |
| +void SSLPolicy::OnCertError(SSLManager::CertError* error) { |
| + // First we check if we know the policy for this error. |
| + net::X509Certificate::Policy::Judgment judgment = |
| + error->manager()->QueryPolicy(error->ssl_info().cert, |
| + error->request_url().host()); |
| -class NoRevocationMechanismPolicy : public SSLPolicy { |
| - public: |
| - static SSLPolicy* GetInstance() { |
| - return Singleton<NoRevocationMechanismPolicy>::get(); |
| - } |
| - |
| - void OnCertError(const GURL& main_frame_url, |
| - SSLManager::CertError* error) { |
| - // Silently ignore this error. |
| + if (judgment == net::X509Certificate::Policy::ALLOWED) { |
| error->ContinueRequest(); |
| + return; |
| } |
| -}; |
| -class UnableToCheckRevocationPolicy : public SSLPolicy { |
| - public: |
| - static SSLPolicy* GetInstance() { |
| - return Singleton<UnableToCheckRevocationPolicy>::get(); |
| - } |
| + // The judgment is either DENIED or UNKNOWN. |
| + // For now we handle the DENIED as the UNKNOWN, which means a blocking |
| + // page is shown to the user every time he comes back to the page. |
| - void OnCertError(const GURL& main_frame_url, |
| - SSLManager::CertError* error) { |
| - // We ignore this error and display an info-bar. |
| - error->ContinueRequest(); |
| - error->manager()->ShowMessage(l10n_util::GetString( |
| - IDS_CERT_ERROR_UNABLE_TO_CHECK_REVOCATION_INFO_BAR)); |
| - } |
| -}; |
| - |
| -class RevokedPolicy : public SSLPolicy { |
| - public: |
| - static SSLPolicy* GetInstance() { |
| - return Singleton<RevokedPolicy>::get(); |
| - } |
| - |
| - void OnCertError(const GURL& main_frame_url, |
| - SSLManager::CertError* error) { |
| - OnFatalCertError(main_frame_url, error); |
| - } |
| -}; |
| - |
| -class InvalidPolicy : public SSLPolicy { |
| - public: |
| - static SSLPolicy* GetInstance() { |
| - return Singleton<InvalidPolicy>::get(); |
| - } |
| - |
| - void OnCertError(const GURL& main_frame_url, |
| - SSLManager::CertError* error) { |
| - OnFatalCertError(main_frame_url, error); |
| - } |
| -}; |
| - |
| -class DefaultPolicy : public SSLPolicy { |
| - public: |
| - DefaultPolicy() { |
| - // Load our helper classes to handle various cert errors. |
| - DCHECK(SubPolicyIndex(net::ERR_CERT_COMMON_NAME_INVALID) == 0); |
| - sub_policies_[0] = CommonNameInvalidPolicy::GetInstance(); |
| - DCHECK(SubPolicyIndex(net::ERR_CERT_DATE_INVALID) == 1); |
| - sub_policies_[1] = DateInvalidPolicy::GetInstance(); |
| - DCHECK(SubPolicyIndex(net::ERR_CERT_AUTHORITY_INVALID) == 2); |
| - sub_policies_[2] = AuthorityInvalidPolicy::GetInstance(); |
| - DCHECK(SubPolicyIndex(net::ERR_CERT_CONTAINS_ERRORS) == 3); |
| - sub_policies_[3] = ContainsErrorsPolicy::GetInstance(); |
| - DCHECK(SubPolicyIndex(net::ERR_CERT_NO_REVOCATION_MECHANISM) == 4); |
| - sub_policies_[4] = NoRevocationMechanismPolicy::GetInstance(); |
| - DCHECK(SubPolicyIndex(net::ERR_CERT_UNABLE_TO_CHECK_REVOCATION) == 5); |
| - sub_policies_[5] = UnableToCheckRevocationPolicy::GetInstance(); |
| - DCHECK(SubPolicyIndex(net::ERR_CERT_REVOKED) == 6); |
| - sub_policies_[6] = RevokedPolicy::GetInstance(); |
| - DCHECK(SubPolicyIndex(net::ERR_CERT_INVALID) == 7); |
| - sub_policies_[7] = InvalidPolicy::GetInstance(); |
| - DCHECK(SubPolicyIndex(net::ERR_CERT_END) == 8); |
| - } |
| - |
| - void OnCertError(const GURL& main_frame_url, |
| - SSLManager::CertError* error) { |
| - size_t index = SubPolicyIndex(error->cert_error()); |
| - if (index < 0 || index >= arraysize(sub_policies_)) { |
| + switch(error->cert_error()) { |
| + case net::ERR_CERT_COMMON_NAME_INVALID: |
| + case net::ERR_CERT_DATE_INVALID: |
| + case net::ERR_CERT_AUTHORITY_INVALID: |
| + OnOverridableCertError(error); |
| + break; |
| + case net::ERR_CERT_NO_REVOCATION_MECHANISM: |
| + // Ignore this error. |
| + error->ContinueRequest(); |
| + break; |
| + case net::ERR_CERT_UNABLE_TO_CHECK_REVOCATION: |
| + // We ignore this error and display an infobar. |
| + error->ContinueRequest(); |
| + error->manager()->ShowMessage(l10n_util::GetString( |
| + IDS_CERT_ERROR_UNABLE_TO_CHECK_REVOCATION_INFO_BAR)); |
| + break; |
| + case net::ERR_CERT_CONTAINS_ERRORS: |
| + case net::ERR_CERT_REVOKED: |
| + case net::ERR_CERT_INVALID: |
| + OnFatalCertError(error); |
| + break; |
| + default: |
| NOTREACHED(); |
| error->CancelRequest(); |
| - return; |
| - } |
| - |
| - // First we check if we know the policy for this error. |
| - net::X509Certificate::Policy::Judgment judgment = |
| - error->manager()->QueryPolicy(error->ssl_info().cert, |
| - error->request_url().host()); |
| - |
| - switch (judgment) { |
| - case net::X509Certificate::Policy::ALLOWED: |
| - // We've been told to allow this certificate. |
| - if (error->manager()->SetMaxSecurityStyle( |
| - SECURITY_STYLE_AUTHENTICATION_BROKEN)) { |
| - NotificationService::current()->Notify( |
| - NotificationType::SSL_STATE_CHANGED, |
| - Source<NavigationController>(error->manager()->controller()), |
| - Details<NavigationEntry>( |
| - error->manager()->controller()->GetActiveEntry())); |
| - } |
| - error->ContinueRequest(); |
| - break; |
| - case net::X509Certificate::Policy::DENIED: |
| - // For now we handle the DENIED as the UNKNOWN, which means a blocking |
| - // page is shown to the user every time he comes back to the page. |
| - case net::X509Certificate::Policy::UNKNOWN: |
| - // We don't know how to handle this error. Ask our sub-policies. |
| - sub_policies_[index]->OnCertError(main_frame_url, error); |
| - break; |
| - default: |
| - NOTREACHED(); |
| - } |
| + break; |
| } |
| +} |
| - void OnMixedContent(NavigationController* navigation_controller, |
| - const GURL& main_frame_url, |
| - SSLManager::MixedContentHandler* mixed_content_handler) { |
| - PrefService* prefs = navigation_controller->profile()->GetPrefs(); |
| - FilterPolicy::Type filter_policy = FilterPolicy::DONT_FILTER; |
| - if (!mixed_content_handler->manager()-> |
| - CanShowInsecureContent(main_frame_url)) { |
| - filter_policy = FilterPolicy::FromInt( |
| - prefs->GetInteger(prefs::kMixedContentFiltering)); |
| - } |
| - if (filter_policy != FilterPolicy::DONT_FILTER) { |
| - mixed_content_handler->manager()->ShowMessageWithLink( |
| - l10n_util::GetString(IDS_SSL_INFO_BAR_FILTERED_CONTENT), |
| - l10n_util::GetString(IDS_SSL_INFO_BAR_SHOW_CONTENT), |
| - new ShowUnsafeContentTask(main_frame_url, mixed_content_handler)); |
| - } |
| - mixed_content_handler->StartRequest(filter_policy); |
| +void SSLPolicy::OnMixedContent(SSLManager::MixedContentHandler* handler) { |
| + // Get the user's mixed content preference. |
| + PrefService* prefs = handler->GetWebContents()->profile()->GetPrefs(); |
| + FilterPolicy::Type filter_policy = |
| + FilterPolicy::FromInt(prefs->GetInteger(prefs::kMixedContentFiltering)); |
| - NavigationEntry* entry = navigation_controller->GetLastCommittedEntry(); |
| - DCHECK(entry); |
| - // Even though we are loading the mixed-content resource, it will not be |
| - // included in the page when we set the policy to FILTER_ALL or |
| - // FILTER_ALL_EXCEPT_IMAGES (only images and they are stamped with warning |
| - // icons), so we don't set the mixed-content mode in these cases. |
| - if (filter_policy == FilterPolicy::DONT_FILTER) |
| - entry->ssl().set_has_mixed_content(); |
| + // If the user have added an exception, doctor the |filter_policy|. |
| + if (!handler->manager()->DidAllowMixedContentForHost( |
| + GURL(handler->main_frame_origin()).host())) |
| + filter_policy = FilterPolicy::DONT_FILTER; |
| - // Print a message indicating the mixed-contents resource in the console. |
| - const std::wstring& msg = l10n_util::GetStringF( |
| - IDS_MIXED_CONTENT_LOG_MESSAGE, |
| - UTF8ToWide(entry->url().spec()), |
| - UTF8ToWide(mixed_content_handler->request_url().spec())); |
| - mixed_content_handler->manager()-> |
| - AddMessageToConsole(msg, MESSAGE_LEVEL_WARNING); |
| - |
| - NotificationService::current()->Notify( |
| - NotificationType::SSL_STATE_CHANGED, |
| - Source<NavigationController>(navigation_controller), |
| - Details<NavigationEntry>(entry)); |
| + if (filter_policy != FilterPolicy::DONT_FILTER) { |
| + // Give the user a chance to see unfiltered content. |
| + handler->manager()->ShowMessageWithLink( |
| + l10n_util::GetString(IDS_SSL_INFO_BAR_FILTERED_CONTENT), |
| + l10n_util::GetString(IDS_SSL_INFO_BAR_SHOW_CONTENT), |
| + new ShowMixedContentTask(this, handler)); |
| } |
| - |
| - void OnDenyCertificate(SSLManager::CertError* error) { |
| - size_t index = SubPolicyIndex(error->cert_error()); |
| - if (index < 0 || index >= arraysize(sub_policies_)) { |
| - NOTREACHED(); |
| - return; |
| - } |
| - sub_policies_[index]->OnDenyCertificate(error); |
| - } |
| - |
| - void OnAllowCertificate(SSLManager::CertError* error) { |
| - size_t index = SubPolicyIndex(error->cert_error()); |
| - if (index < 0 || index >= arraysize(sub_policies_)) { |
| - NOTREACHED(); |
| - return; |
| - } |
| - sub_policies_[index]->OnAllowCertificate(error); |
| - } |
| - |
| - private: |
| - // Returns the index of the sub-policy for |cert_error| in the |
| - // sub_policies_ array. |
| - int SubPolicyIndex(int cert_error) { |
| - // Certificate errors are negative integers from net::ERR_CERT_BEGIN |
| - // (inclusive) to net::ERR_CERT_END (exclusive) in *decreasing* order. |
| - return net::ERR_CERT_BEGIN - cert_error; |
| - } |
| - SSLPolicy* sub_policies_[net::ERR_CERT_BEGIN - net::ERR_CERT_END]; |
| -}; |
| - |
| -} // namespace |
| - |
| -SSLPolicy* SSLPolicy::GetDefaultPolicy() { |
| - // Lazily initialize our default policy instance. |
| - static SSLPolicy* default_policy = new DefaultPolicy(); |
| - return default_policy; |
| + handler->StartRequest(filter_policy); |
| + AddMixedContentWarningToConsole(handler); |
| } |
| -SSLPolicy::SSLPolicy() { |
| -} |
| +void SSLPolicy::OnRequestStarted(SSLManager::RequestInfo* info) { |
| + if (IsMixedContent(info->url(), info->resource_type(), info->frame_origin())) |
| + UpdateStateForMixedContent(info); |
| -void SSLPolicy::OnCertError(const GURL& main_frame_url, |
| - SSLManager::CertError* error) { |
| - // Default to secure behavior. |
| - error->CancelRequest(); |
| + if (net::IsCertStatusError(info->ssl_cert_status())) |
| + UpdateStateForUnsafeContent(info); |
| } |
| -void SSLPolicy::OnRequestStarted(SSLManager* manager, const GURL& url, |
| - ResourceType::Type resource_type, |
| - int ssl_cert_id, int ssl_cert_status) { |
| - // These schemes never leave the browser and don't require a warning. |
| - if (url.SchemeIs(chrome::kDataScheme) || |
| - url.SchemeIs(chrome::kJavaScriptScheme) || |
| - url.SchemeIs(chrome::kAboutScheme)) |
| - return; |
| +void SSLPolicy::UpdateEntry(SSLManager* manager, NavigationEntry* entry) { |
| + DCHECK(entry); |
| - NavigationEntry* entry = manager->controller()->GetActiveEntry(); |
| - if (!entry) { |
| - // We may not have an entry for cases such as the inspector. |
| - return; |
| - } |
| + InitializeEntryIfNeeded(entry); |
| - NavigationEntry::SSLStatus& ssl = entry->ssl(); |
| - bool changed = false; |
| - if (!entry->url().SchemeIsSecure() || // Current page is not secure. |
| - resource_type == ResourceType::MAIN_FRAME || // Main frame load. |
| - net::IsCertStatusError(ssl.cert_status())) { // There is already |
| - // an error for the main page, don't report sub-resources as unsafe |
| - // content. |
| - // No mixed/unsafe content check necessary. |
| + if (!entry->url().SchemeIsSecure()) |
| return; |
| - } |
| - if (url.SchemeIsSecure()) { |
| - // Check for insecure content (anything served over intranet is considered |
| - // insecure). |
| + const std::string& host = entry->url().host(); |
| + if (manager->DidMarkHostAsBroken(host)) |
| + entry->ssl().set_security_style(SECURITY_STYLE_AUTHENTICATION_BROKEN); |
| +} |
| - // TODO(jcampan): bug #1178228 Disabling the broken style for intranet |
| - // hosts for beta as it is missing error strings (and cert status). |
| - // if (IsIntranetHost(url.host()) || |
| - // net::IsCertStatusError(ssl_cert_status)) { |
| - if (net::IsCertStatusError(ssl_cert_status)) { |
| - // The resource is unsafe. |
| - if (!ssl.has_unsafe_content()) { |
| - changed = true; |
| - ssl.set_has_unsafe_content(); |
| - manager->SetMaxSecurityStyle(SECURITY_STYLE_AUTHENTICATION_BROKEN); |
| - } |
| - } |
| - } |
| +// static |
| +bool SSLPolicy::IsMixedContent(const GURL& url, |
| + ResourceType::Type resource_type, |
| + const std::string& frame_origin) { |
| + //////////////////////////////////////////////////////////////////////////// |
| + // WARNING: This function is called from both the IO and UI threads. Do // |
| + // not touch any non-thread-safe objects! You have been warned. // |
| + //////////////////////////////////////////////////////////////////////////// |
| - if (changed) { |
| - // Only send the notification when something actually changed. |
| - NotificationService::current()->Notify( |
| - NotificationType::SSL_STATE_CHANGED, |
| - Source<NavigationController>(manager->controller()), |
| - NotificationService::NoDetails()); |
| - } |
| -} |
| + // We can't possibly have mixed content when loading the main frame. |
| + if (resource_type == ResourceType::MAIN_FRAME) |
| + return false; |
| -SecurityStyle SSLPolicy::GetDefaultStyle(const GURL& url) { |
| - // Show the secure style for HTTPS. |
| - if (url.SchemeIsSecure()) { |
| - // TODO(jcampan): bug #1178228 Disabling the broken style for intranet |
| - // hosts for beta as it is missing error strings (and cert status). |
| - // CAs issue certs for intranet hosts to anyone. |
| - // if (IsIntranetHost(url.host())) |
| - // return SECURITY_STYLE_AUTHENTICATION_BROKEN; |
| + // If the frame doing the loading is already insecure, then we must have |
| + // already dealt with whatever mixed content might be going on. |
| + if (!GURL(frame_origin).SchemeIsSecure()) |
| + return false; |
| - return SECURITY_STYLE_AUTHENTICATED; |
| - } |
| + // We aren't worried about mixed content if we're loading an HTTPS, about, |
| + // or data URL. |
| + if (HasSafeScheme(url)) |
| + return false; |
| - // Otherwise, show the unauthenticated style. |
| - return SECURITY_STYLE_UNAUTHENTICATED; |
| + return true; |
| } |
| +void SSLPolicy::AllowMixedContent(SSLManager::MixedContentHandler* handler) { |
| + std::string main_frame_host = GURL(handler->main_frame_origin()).host(); |
| + handler->manager()->AllowMixedContentForHost(main_frame_host); |
| +} |
| + |
| +//////////////////////////////////////////////////////////////////////////////// |
| +// SSLBlockingPage::Delegate methods |
| + |
| SSLErrorInfo SSLPolicy::GetSSLErrorInfo(SSLManager::CertError* error) { |
| return SSLErrorInfo::CreateError( |
| SSLErrorInfo::NetErrorToErrorType(error->cert_error()), |
| @@ -449,26 +273,21 @@ |
| } |
| void SSLPolicy::OnDenyCertificate(SSLManager::CertError* error) { |
| - // Default behavior for rejecting a certificate. |
| error->CancelRequest(); |
| error->manager()->DenyCertForHost(error->ssl_info().cert, |
| error->request_url().host()); |
| } |
| void SSLPolicy::OnAllowCertificate(SSLManager::CertError* error) { |
| - // Default behavior for accepting a certificate. |
| - // Note that we should not call SetMaxSecurityStyle here, because the active |
| - // NavigationEntry has just been deleted (in HideInterstitialPage) and the |
| - // new NavigationEntry will not be set until DidNavigate. This is ok, |
| - // because the new NavigationEntry will have its max security style set |
| - // within DidNavigate. |
| error->ContinueRequest(); |
| error->manager()->AllowCertForHost(error->ssl_info().cert, |
| error->request_url().host()); |
| } |
| -void SSLPolicy::OnOverridableCertError(const GURL& main_frame_url, |
| - SSLManager::CertError* error) { |
| +//////////////////////////////////////////////////////////////////////////////// |
| +// Certificate Error Routines |
| + |
| +void SSLPolicy::OnOverridableCertError(SSLManager::CertError* error) { |
| if (error->resource_type() != ResourceType::MAIN_FRAME) { |
| // A sub-resource has a certificate error. The user doesn't really |
| // have a context for making the right decision, so block the |
| @@ -481,13 +300,51 @@ |
| ShowBlockingPage(this, error); |
| } |
| -void SSLPolicy::OnFatalCertError(const GURL& main_frame_url, |
| - SSLManager::CertError* error) { |
| +void SSLPolicy::OnFatalCertError(SSLManager::CertError* error) { |
| if (error->resource_type() != ResourceType::MAIN_FRAME) { |
| error->DenyRequest(); |
| return; |
| } |
| error->CancelRequest(); |
| ShowErrorPage(this, error); |
| - // No need to degrade our security indicators because we didn't continue. |
| } |
| + |
| +//////////////////////////////////////////////////////////////////////////////// |
| +// State Updating |
| + |
| +void SSLPolicy::MarkOriginAsBroken(SSLManager* manager, |
| + const std::string& origin) { |
| + GURL parsed_origin(origin); |
| + |
| + // In particular, the origin "null" will be parsed as invalid. |
| + if (!parsed_origin.is_valid() || !parsed_origin.SchemeIsSecure()) |
| + return; |
| + |
| + manager->MarkHostAsBroken(parsed_origin.host()); |
| +} |
| + |
| +void SSLPolicy::UpdateStateForMixedContent(SSLManager::RequestInfo* info) { |
| + // The frame's origin now contains mixed content and therefore is broken. |
| + MarkOriginAsBroken(info->manager(), info->frame_origin()); |
| + |
| + // The user approved a mixed content exception for the main frame's origin. |
| + // That makes the main frame's origin broken too. |
| + MarkOriginAsBroken(info->manager(), info->main_frame_origin()); |
| +} |
| + |
| +void SSLPolicy::UpdateStateForUnsafeContent(SSLManager::RequestInfo* info) { |
| + // This request as a broken cert, which means its host is broken. |
| + info->manager()->MarkHostAsBroken(info->url().host()); |
| + |
| + if (info->resource_type() != ResourceType::MAIN_FRAME || |
| + info->resource_type() != ResourceType::SUB_FRAME) { |
| + // If we're loading some sort of resource into the frame, that frame is now |
| + // unsafe. |
| + MarkOriginAsBroken(info->manager(), info->frame_origin()); |
| + } |
| + |
| + if (info->resource_type() != ResourceType::MAIN_FRAME) { |
| + // We make the main frame unsafe even if we load an unsafe sub frame. |
| + MarkOriginAsBroken(info->manager(), info->main_frame_origin()); |
| + } |
| +} |