Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(6308)

Unified Diff: chrome/browser/ssl/ssl_policy.h

Issue 46094: Fix our handling of mixed SSL / non-SSL content.... (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: '' Created 11 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: chrome/browser/ssl/ssl_policy.h
===================================================================
--- chrome/browser/ssl/ssl_policy.h (revision 11701)
+++ chrome/browser/ssl/ssl_policy.h (working copy)
@@ -5,6 +5,7 @@
#ifndef CHROME_BROWSER_SSL_POLICY_H__
#define CHROME_BROWSER_SSL_POLICY_H__
+#include "base/singleton.h"
#include "chrome/browser/ssl/ssl_blocking_page.h"
#include "chrome/browser/ssl/ssl_manager.h"
@@ -16,53 +17,48 @@
public SSLBlockingPage::Delegate {
public:
// Factory method to get the default policy.
- //
- // SSLPolicy is not meant to be instantiated itself. Only subclasses should
- // be instantiated. The default policy has more complex behavior than a
- // direct instance of SSLPolicy.
static SSLPolicy* GetDefaultPolicy();
// SSLManager::Delegate methods.
- virtual void OnCertError(const GURL& main_frame_url,
- SSLManager::CertError* error);
- virtual void OnMixedContent(
- NavigationController* navigation_controller,
- const GURL& main_frame_url,
- SSLManager::MixedContentHandler* mixed_content_handler) {
- // So far only the default policy is expected to receive mixed-content
- // calls.
- NOTREACHED();
- }
+ virtual void OnCertError(SSLManager::CertError* error);
+ virtual void OnMixedContent(SSLManager::MixedContentHandler* handler);
+ virtual void OnRequestStarted(SSLManager::RequestInfo* info);
+ virtual void UpdateEntry(SSLManager* manager, NavigationEntry* entry);
- virtual void OnRequestStarted(SSLManager* manager,
- const GURL& url,
- ResourceType::Type resource_type,
- int ssl_cert_id,
- int ssl_cert_status);
- virtual SecurityStyle GetDefaultStyle(const GURL& url);
+ // This method is static because it is called from both the UI and the IO
+ // threads.
+ static bool IsMixedContent(const GURL& url,
+ ResourceType::Type resource_type,
+ const std::string& frame_origin);
// SSLBlockingPage::Delegate methods.
virtual SSLErrorInfo GetSSLErrorInfo(SSLManager::CertError* error);
virtual void OnDenyCertificate(SSLManager::CertError* error);
virtual void OnAllowCertificate(SSLManager::CertError* error);
+ void AllowMixedContent(SSLManager::MixedContentHandler* handler);
+
protected:
- // Allow our subclasses to construct us.
+ // Construct via |GetDefaultPolicy|.
SSLPolicy();
+ friend struct DefaultSingletonTraits<SSLPolicy>;
// Helper method for derived classes handling certificate errors that can be
// overridden by the user.
// Show a blocking page and let the user continue or cancel the request.
- void OnOverridableCertError(const GURL& main_frame_url,
- SSLManager::CertError* error);
+ void OnOverridableCertError(SSLManager::CertError* error);
// Helper method for derived classes handling fatal certificate errors.
// Cancel the request and show an error page.
- void OnFatalCertError(const GURL& main_frame_url,
- SSLManager::CertError* error);
+ void OnFatalCertError(SSLManager::CertError* error);
+ // Helper method for dealing with origin strings.
+ void MarkOriginAsBroken(SSLManager* manager, const std::string& origin);
+ void UpdateStateForMixedContent(SSLManager::RequestInfo* info);
+ void UpdateStateForUnsafeContent(SSLManager::RequestInfo* info);
+
private:
- DISALLOW_EVIL_CONSTRUCTORS(SSLPolicy);
+ DISALLOW_COPY_AND_ASSIGN(SSLPolicy);
};
#endif // CHROME_BROWSER_SSL_POLICY_H__

Powered by Google App Engine
This is Rietveld 408576698