Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(353)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/ssl/ssl_policy.cc

Issue 48059: SSLPolicy Fix: Step 5.... (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 11 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/browser/ssl/ssl_manager.cc ('k') | chrome/common/notification_type.h » ('j') | chrome/common/notification_type.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/ssl/ssl_policy.h" 5 #include "chrome/browser/ssl/ssl_policy.h"
6 6
7 #include "base/singleton.h" 7 #include "base/singleton.h"
8 #include "base/string_piece.h" 8 #include "base/string_piece.h"
9 #include "base/string_util.h" 9 #include "base/string_util.h"
10 #include "chrome/browser/cert_store.h" 10 #include "chrome/browser/cert_store.h"
(...skipping 249 matching lines...) Expand 10 before | Expand all | Expand 10 after
260 net::X509Certificate::Policy::Judgment judgment = 260 net::X509Certificate::Policy::Judgment judgment =
261 error->manager()->QueryPolicy(error->ssl_info().cert, 261 error->manager()->QueryPolicy(error->ssl_info().cert,
262 error->request_url().host()); 262 error->request_url().host());
263 263
264 switch (judgment) { 264 switch (judgment) {
265 case net::X509Certificate::Policy::ALLOWED: 265 case net::X509Certificate::Policy::ALLOWED:
266 // We've been told to allow this certificate. 266 // We've been told to allow this certificate.
267 if (error->manager()->SetMaxSecurityStyle( 267 if (error->manager()->SetMaxSecurityStyle(
268 SECURITY_STYLE_AUTHENTICATION_BROKEN)) { 268 SECURITY_STYLE_AUTHENTICATION_BROKEN)) {
269 NotificationService::current()->Notify( 269 NotificationService::current()->Notify(
270 NotificationType::SSL_STATE_CHANGED, 270 NotificationType::SSL_VISIBLE_STATE_CHANGED,
271 Source<NavigationController>(error->manager()->controller()), 271 Source<NavigationController>(error->manager()->controller()),
272 Details<NavigationEntry>( 272 Details<NavigationEntry>(
273 error->manager()->controller()->GetActiveEntry())); 273 error->manager()->controller()->GetActiveEntry()));
274 } 274 }
275 error->ContinueRequest(); 275 error->ContinueRequest();
276 break; 276 break;
277 case net::X509Certificate::Policy::DENIED: 277 case net::X509Certificate::Policy::DENIED:
278 // For now we handle the DENIED as the UNKNOWN, which means a blocking 278 // For now we handle the DENIED as the UNKNOWN, which means a blocking
279 // page is shown to the user every time he comes back to the page. 279 // page is shown to the user every time he comes back to the page.
280 case net::X509Certificate::Policy::UNKNOWN: 280 case net::X509Certificate::Policy::UNKNOWN:
(...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after
315 315
316 // Print a message indicating the mixed-contents resource in the console. 316 // Print a message indicating the mixed-contents resource in the console.
317 const std::wstring& msg = l10n_util::GetStringF( 317 const std::wstring& msg = l10n_util::GetStringF(
318 IDS_MIXED_CONTENT_LOG_MESSAGE, 318 IDS_MIXED_CONTENT_LOG_MESSAGE,
319 UTF8ToWide(entry->url().spec()), 319 UTF8ToWide(entry->url().spec()),
320 UTF8ToWide(mixed_content_handler->request_url().spec())); 320 UTF8ToWide(mixed_content_handler->request_url().spec()));
321 mixed_content_handler->manager()-> 321 mixed_content_handler->manager()->
322 AddMessageToConsole(msg, MESSAGE_LEVEL_WARNING); 322 AddMessageToConsole(msg, MESSAGE_LEVEL_WARNING);
323 323
324 NotificationService::current()->Notify( 324 NotificationService::current()->Notify(
325 NotificationType::SSL_STATE_CHANGED, 325 NotificationType::SSL_VISIBLE_STATE_CHANGED,
326 Source<NavigationController>(navigation_controller), 326 Source<NavigationController>(navigation_controller),
327 Details<NavigationEntry>(entry)); 327 Details<NavigationEntry>(entry));
328 } 328 }
329 329
330 void OnDenyCertificate(SSLManager::CertError* error) { 330 void OnDenyCertificate(SSLManager::CertError* error) {
331 size_t index = SubPolicyIndex(error->cert_error()); 331 size_t index = SubPolicyIndex(error->cert_error());
332 if (index < 0 || index >= arraysize(sub_policies_)) { 332 if (index < 0 || index >= arraysize(sub_policies_)) {
333 NOTREACHED(); 333 NOTREACHED();
334 return; 334 return;
335 } 335 }
(...skipping 77 matching lines...) Expand 10 before | Expand all | Expand 10 after
413 changed = true; 413 changed = true;
414 ssl.set_has_unsafe_content(); 414 ssl.set_has_unsafe_content();
415 manager->SetMaxSecurityStyle(SECURITY_STYLE_AUTHENTICATION_BROKEN); 415 manager->SetMaxSecurityStyle(SECURITY_STYLE_AUTHENTICATION_BROKEN);
416 } 416 }
417 } 417 }
418 } 418 }
419 419
420 if (changed) { 420 if (changed) {
421 // Only send the notification when something actually changed. 421 // Only send the notification when something actually changed.
422 NotificationService::current()->Notify( 422 NotificationService::current()->Notify(
423 NotificationType::SSL_STATE_CHANGED, 423 NotificationType::SSL_VISIBLE_STATE_CHANGED,
424 Source<NavigationController>(manager->controller()), 424 Source<NavigationController>(manager->controller()),
425 NotificationService::NoDetails()); 425 NotificationService::NoDetails());
426 } 426 }
427 } 427 }
428 428
429 SecurityStyle SSLPolicy::GetDefaultStyle(const GURL& url) { 429 SecurityStyle SSLPolicy::GetDefaultStyle(const GURL& url) {
430 // Show the secure style for HTTPS. 430 // Show the secure style for HTTPS.
431 if (url.SchemeIsSecure()) { 431 if (url.SchemeIsSecure()) {
432 // TODO(jcampan): bug #1178228 Disabling the broken style for intranet 432 // TODO(jcampan): bug #1178228 Disabling the broken style for intranet
433 // hosts for beta as it is missing error strings (and cert status). 433 // hosts for beta as it is missing error strings (and cert status).
(...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after
502 void SSLPolicy::OnFatalCertError(const GURL& main_frame_url, 502 void SSLPolicy::OnFatalCertError(const GURL& main_frame_url,
503 SSLManager::CertError* error) { 503 SSLManager::CertError* error) {
504 if (error->resource_type() != ResourceType::MAIN_FRAME) { 504 if (error->resource_type() != ResourceType::MAIN_FRAME) {
505 error->DenyRequest(); 505 error->DenyRequest();
506 return; 506 return;
507 } 507 }
508 error->CancelRequest(); 508 error->CancelRequest();
509 ShowErrorPage(this, error); 509 ShowErrorPage(this, error);
510 // No need to degrade our security indicators because we didn't continue. 510 // No need to degrade our security indicators because we didn't continue.
511 } 511 }
OLDNEW
« no previous file with comments | « chrome/browser/ssl/ssl_manager.cc ('k') | chrome/common/notification_type.h » ('j') | chrome/common/notification_type.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698