SSLPolicy Fix: Step 8....

chrome/browser/ssl/ssl_manager.cc

 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/ssl/ssl_manager.h"
 
 #include "base/message_loop.h"
 #include "base/string_util.h"
 #include "chrome/browser/browser_process.h"
 #include "chrome/browser/load_from_memory_cache_details.h"
 #include "chrome/browser/renderer_host/render_view_host.h"
 #include "chrome/browser/renderer_host/resource_request_details.h"
 #include "chrome/browser/ssl/ssl_error_info.h"
 #include "chrome/browser/ssl/ssl_host_state.h"
+#include "chrome/browser/ssl/ssl_policy.h"
 #include "chrome/browser/tab_contents/navigation_controller.h"
 #include "chrome/browser/tab_contents/navigation_entry.h"
 #include "chrome/browser/tab_contents/provisional_load_details.h"
 #include "chrome/browser/tab_contents/tab_util.h"
 #include "chrome/browser/tab_contents/web_contents.h"
-#include "chrome/browser/ssl/ssl_policy.h"
 #include "chrome/common/l10n_util.h"
 #include "chrome/common/notification_service.h"
 #include "chrome/common/pref_names.h"
 #include "chrome/common/pref_service.h"
 #include "chrome/common/resource_bundle.h"
 #include "grit/generated_resources.h"
 #include "grit/theme_resources.h"
 #include "net/base/cert_status_flags.h"
 #include "net/base/net_errors.h"
 #include "net/url_request/url_request.h"
@@ skipping 82 matching lines @@
   registrar_.Add(this, NotificationType::NAV_ENTRY_COMMITTED,
                  Source<NavigationController>(controller_));
   registrar_.Add(this, NotificationType::FAIL_PROVISIONAL_LOAD_WITH_ERROR,
                  Source<NavigationController>(controller_));
   registrar_.Add(this, NotificationType::RESOURCE_RESPONSE_STARTED,
                  Source<NavigationController>(controller_));
   registrar_.Add(this, NotificationType::RESOURCE_RECEIVED_REDIRECT,
                  Source<NavigationController>(controller_));
   registrar_.Add(this, NotificationType::LOAD_FROM_MEMORY_CACHE,
                  Source<NavigationController>(controller_));
+  registrar_.Add(this, NotificationType::SSL_INTERNAL_STATE_CHANGED,
+                 NotificationService::AllSources());
 }
 
 SSLManager::~SSLManager() {
 }
 
 // Delegate API method.
 void SSLManager::ShowMessage(const std::wstring& msg) {
   ShowMessageWithLink(msg, std::wstring(), NULL);
 }
 
@@ skipping 49 matching lines @@
     return;
   WebContents* web_contents = tab_contents->AsWebContents();
   if (!web_contents)
     return;
 
   web_contents->render_view_host()->AddMessageToConsole(
       std::wstring(), msg, level);
 }
 
 // Delegate API method.
+void SSLManager::MarkHostAsBroken(const std::string& host) {
+  ssl_host_state_->MarkHostAsBroken(host);
+  DispatchSSLInternalStateChanged();
+}
+
+// Delegate API method.
+bool SSLManager::DidMarkHostAsBroken(const std::string& host) const {
+  return ssl_host_state_->DidMarkHostAsBroken(host);
+}
+
+// Delegate API method.
 void SSLManager::DenyCertForHost(net::X509Certificate* cert,
                                  const std::string& host) {
   // Remember that we don't like this cert for this host.
   ssl_host_state_->DenyCertForHost(cert, host);
+  DispatchSSLInternalStateChanged();
 }
 
 // Delegate API method.
 void SSLManager::AllowCertForHost(net::X509Certificate* cert,
                                   const std::string& host) {
   ssl_host_state_->AllowCertForHost(cert, host);
+  DispatchSSLInternalStateChanged();
 }
 
 // Delegate API method.
 net::X509Certificate::Policy::Judgment SSLManager::QueryPolicy(
     net::X509Certificate* cert, const std::string& host) {
   return ssl_host_state_->QueryPolicy(cert, host);
 }
 
-bool SSLManager::CanShowInsecureContent(const GURL& url) {
-  return ssl_host_state_->DidAllowMixedContentForHost(url.host());
+// Delegate API method.
+void SSLManager::AllowMixedContentForHost(const std::string& host) {
+  ssl_host_state_->AllowMixedContentForHost(host);
+  DispatchSSLInternalStateChanged();
 }
 
-void SSLManager::AllowShowInsecureContentForURL(const GURL& url) {
-  ssl_host_state_->AllowMixedContentForHost(url.host());
+// Delegate API method.
+bool SSLManager::DidAllowMixedContentForHost(const std::string& host) const {
+  return ssl_host_state_->DidAllowMixedContentForHost(host);
 }
 
 bool SSLManager::ProcessedSSLErrorFromRequest() const {
   NavigationEntry* entry = controller_->GetActiveEntry();
   if (!entry) {
     NOTREACHED();
     return false;
   }
 
   return net::IsCertStatusError(entry->ssl().cert_status());
 }
 
 ////////////////////////////////////////////////////////////////////////////////
 // ErrorHandler
 
 SSLManager::ErrorHandler::ErrorHandler(ResourceDispatcherHost* rdh,
                                        URLRequest* request,
+                                       ResourceType::Type resource_type,
+                                       const std::string& frame_origin,
+                                       const std::string& main_frame_origin,
                                        MessageLoop* ui_loop)
     : ui_loop_(ui_loop),
       io_loop_(MessageLoop::current()),
       manager_(NULL),
       request_id_(0, 0),
       resource_dispatcher_host_(rdh),
       request_url_(request->url()),
+      resource_type_(resource_type),
+      frame_origin_(frame_origin),
+      main_frame_origin_(main_frame_origin),
       request_has_been_notified_(false) {
   DCHECK(MessageLoop::current() != ui_loop);
 
   ResourceDispatcherHost::ExtraRequestInfo* info =
       ResourceDispatcherHost::ExtraInfoForRequest(request);
   request_id_.process_id = info->process_id;
   request_id_.request_id = info->request_id;
 
   if (!tab_util::GetTabContentsID(request,
                                   &render_process_host_id_,
@@ skipping 170 matching lines @@
 }
 
 
 ////////////////////////////////////////////////////////////////////////////////
 // CertError
 
 SSLManager::CertError::CertError(
     ResourceDispatcherHost* rdh,
     URLRequest* request,
     ResourceType::Type resource_type,
+    const std::string& frame_origin,
+    const std::string& main_frame_origin,
     int cert_error,
     net::X509Certificate* cert,
     MessageLoop* ui_loop)
-    : ErrorHandler(rdh, request, ui_loop),
-      cert_error_(cert_error),
-      resource_type_(resource_type) {
+    : ErrorHandler(rdh, request, resource_type, frame_origin,
+                   main_frame_origin, ui_loop),
+      cert_error_(cert_error) {
   DCHECK(request == resource_dispatcher_host_->GetURLRequest(request_id_));
 
   // We cannot use the request->ssl_info(), it's not been initialized yet, so
   // we have to set the fields manually.
   ssl_info_.cert = cert;
   ssl_info_.SetCertError(cert_error);
 }
 
 // static
 void SSLManager::OnSSLCertificateError(ResourceDispatcherHost* rdh,
                                        URLRequest* request,
                                        int cert_error,
                                        net::X509Certificate* cert,
                                        MessageLoop* ui_loop) {
   DLOG(INFO) << "OnSSLCertificateError() cert_error: " << cert_error <<
                 " url: " << request->url().spec();
 
   ResourceDispatcherHost::ExtraRequestInfo* info =
       ResourceDispatcherHost::ExtraInfoForRequest(request);
   DCHECK(info);
 
   // A certificate error occurred.  Construct a CertError object and hand it
   // over to the UI thread for processing.
   ui_loop->PostTask(FROM_HERE,
-      NewRunnableMethod(new CertError(rdh, request, info->resource_type,
-                                      cert_error, cert, ui_loop),
+      NewRunnableMethod(new CertError(rdh,
+                                      request,
+                                      info->resource_type,
+                                      info->frame_origin,
+                                      info->main_frame_origin,
+                                      cert_error,
+                                      cert,
+                                      ui_loop),
                         &CertError::Dispatch));
 }
 
 // static
 bool SSLManager::ShouldStartRequest(ResourceDispatcherHost* rdh,
                                     URLRequest* request,
                                     MessageLoop* ui_loop) {
   ResourceDispatcherHost::ExtraRequestInfo* info =
       ResourceDispatcherHost::ExtraInfoForRequest(request);
   DCHECK(info);
 
   // We cheat here and talk to the SSLPolicy on the IO thread because we need
   // to respond synchronously to avoid delaying all network requests...
   if (!SSLPolicy::IsMixedContent(request->url(),
                                  info->resource_type,
                                  info->main_frame_origin))
     return true;
 
 
   ui_loop->PostTask(FROM_HERE,
-      NewRunnableMethod(new MixedContentHandler(rdh, request, ui_loop),
+      NewRunnableMethod(new MixedContentHandler(rdh, request,
+                                                info->resource_type,
+                                                info->frame_origin,
+                                                info->main_frame_origin,
+                                                ui_loop),
                         &MixedContentHandler::Dispatch));
   return false;
 }
 
 void SSLManager::OnCertError(CertError* error) {
-  // Ask our delegate to deal with the error.
-  NavigationEntry* entry = controller_->GetActiveEntry();
-  // We might not have a navigation entry in some cases (e.g. when a
-  // HTTPS page opens a popup with no URL and then populate it with
-  // document.write()). See bug http://crbug.com/3845.
-  if (!entry)
-    return;
-
-  delegate()->OnCertError(entry->url(), error);
+  delegate()->OnCertError(error);
 }
 
-void SSLManager::OnMixedContent(MixedContentHandler* mixed_content) {
-  // Ask our delegate to deal with the mixed content.
-  NavigationEntry* entry = controller_->GetActiveEntry();
-  // We might not have a navigation entry in some cases (e.g. when a
-  // HTTPS page opens a popup with no URL and then populate it with
-  // document.write()). See bug http://crbug.com/3845.
-  if (!entry)
-    return;
-
-  delegate()->OnMixedContent(controller_, entry->url(), mixed_content);
+void SSLManager::OnMixedContent(MixedContentHandler* handler) {
+  delegate()->OnMixedContent(handler);
 }
 
 void SSLManager::Observe(NotificationType type,
                          const NotificationSource& source,
                          const NotificationDetails& details) {
   // We should only be getting notifications from our controller.
   DCHECK(source == Source<NavigationController>(controller_));
 
   // Dispatch by type.
   switch (type.value) {
     case NotificationType::NAV_ENTRY_COMMITTED:
       DidCommitProvisionalLoad(details);
       break;
     case NotificationType::FAIL_PROVISIONAL_LOAD_WITH_ERROR:
       DidFailProvisionalLoadWithError(
           Details<ProvisionalLoadDetails>(details).ptr());
       break;
     case NotificationType::RESOURCE_RESPONSE_STARTED:
       DidStartResourceResponse(Details<ResourceRequestDetails>(details).ptr());
       break;
     case NotificationType::RESOURCE_RECEIVED_REDIRECT:
       DidReceiveResourceRedirect(
           Details<ResourceRedirectDetails>(details).ptr());
       break;
     case NotificationType::LOAD_FROM_MEMORY_CACHE:
       DidLoadFromMemoryCache(
           Details<LoadFromMemoryCacheDetails>(details).ptr());
       break;
+    case NotificationType::SSL_INTERNAL_STATE_CHANGED:
+      DidChangeSSLInternalState();
+      break;
     default:
       NOTREACHED() << "The SSLManager received an unexpected notification.";
   }
 }
 
+void SSLManager::DispatchSSLInternalStateChanged() {
+  NotificationService::current()->Notify(
+      NotificationType::SSL_INTERNAL_STATE_CHANGED,
+      Source<NavigationController>(controller_),
+      NotificationService::NoDetails());
+}
+
+void SSLManager::DispatchSSLVisibleStateChanged() {
+  NotificationService::current()->Notify(
+      NotificationType::SSL_VISIBLE_STATE_CHANGED,
+      Source<NavigationController>(controller_),
+      NotificationService::NoDetails());
+}
+
 void SSLManager::InitializeEntryIfNeeded(NavigationEntry* entry) {
   DCHECK(entry);
 
   // If the security style of the entry is SECURITY_STYLE_UNKNOWN, then it is a
   // fresh entry and should get the default style.
   if (entry->ssl().security_style() == SECURITY_STYLE_UNKNOWN) {
     entry->ssl().set_security_style(
         delegate()->GetDefaultStyle(entry->url()));
   }
 }
 
 void SSLManager::NavigationStateChanged() {
   NavigationEntry* active_entry = controller_->GetActiveEntry();
   if (!active_entry)
     return;  // Nothing showing yet.
 
   // This might be a new entry we've never seen before.
   InitializeEntryIfNeeded(active_entry);
 }
 
 void SSLManager::DidLoadFromMemoryCache(LoadFromMemoryCacheDetails* details) {
   DCHECK(details);
 
   // Simulate loading this resource through the usual path.
   // Note that we specify SUB_RESOURCE as the resource type as WebCore only
   // caches sub-resources.
-  delegate()->OnRequestStarted(this, details->url(),
-                               ResourceType::SUB_RESOURCE,
-                               details->ssl_cert_id(),
-                               details->ssl_cert_status());
+  scoped_refptr<RequestInfo> info = new RequestInfo(
+      this,
+      details->url(),
+      ResourceType::SUB_RESOURCE,
+      details->frame_origin(),
+      details->main_frame_origin(),
+      details->ssl_cert_id(),
+      details->ssl_cert_status());
+
+  // Simulate loading this resource through the usual path.
+  delegate()->OnRequestStarted(info.get());
 }
 
 void SSLManager::DidCommitProvisionalLoad(
     const NotificationDetails& in_details) {
   NavigationController::LoadCommittedDetails* details =
       Details<NavigationController::LoadCommittedDetails>(in_details).ptr();
 
   // Ignore in-page navigations, they should not change the security style or
   // the info-bars.
   if (details->is_in_page)
@@ skipping 65 matching lines @@
   if (details->in_page_navigation())
     return;
 
   if (details->main_frame())
     ClearPendingMessages();
 }
 
 void SSLManager::DidStartResourceResponse(ResourceRequestDetails* details) {
   DCHECK(details);
 
+  scoped_refptr<RequestInfo> info = new RequestInfo(
+      this,
+      details->url(),
+      details->resource_type(),
+      details->frame_origin(),
+      details->main_frame_origin(),
+      details->ssl_cert_id(),
+      details->ssl_cert_status());
+
   // Notify our delegate that we started a resource request.  Ideally, the
   // delegate should have the ability to cancel the request, but we can't do
   // that yet.
-  delegate()->OnRequestStarted(this, details->url(),
-                               details->resource_type(),
-                               details->ssl_cert_id() ,
-                               details->ssl_cert_status());
+  delegate()->OnRequestStarted(info.get());
 }
 
 void SSLManager::DidReceiveResourceRedirect(ResourceRedirectDetails* details) {
-  // TODO(jcampan): when we receive a redirect for a sub-resource, we may want
-  // to clear any mixed/unsafe content error that it may have triggered.
+  // TODO(abarth): Make sure our redirect behavior is correct.  If we ever see
+  //               a non-HTTPS resource in the redirect chain, we want to
+  //               trigger mixed content, even if the redirect chain goes back
+  //               to HTTPS.  This is because the network attacker can redirect
+  //               the HTTP request to https://attacker.com/payload.js.
 }
 
 void SSLManager::ShowPendingMessages() {
   std::vector<SSLMessageInfo>::const_iterator iter;
   for (iter = pending_messages_.begin();
        iter != pending_messages_.end(); ++iter) {
     ShowMessageWithLink(iter->message, iter->link_text, iter->action);
   }
   ClearPendingMessages();
 }
 
+void SSLManager::DidChangeSSLInternalState() {
+  // TODO(abarth): We'll need to do something here in the next step.
+}
+
 void SSLManager::ClearPendingMessages() {
   pending_messages_.clear();
 }
 
 // static
 std::string SSLManager::SerializeSecurityInfo(int cert_id,
                                               int cert_status,
                                               int security_bits) {
   Pickle pickle;
   pickle.WriteInt(cert_id);
@@ skipping 45 matching lines @@
   }
 
   if (ca_name) {
     // TODO(wtc): should we show the root CA's name instead?
     *ca_name = l10n_util::GetStringF(
         IDS_SECURE_CONNECTION_EV_CA,
         UTF8ToWide(cert.issuer().organization_names[0]));
   }
   return true;
 }