Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(101)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/ssl/ssl_host_state.h

Issue 7111013: Move most of the core SSL code from chrome to content. The UI code that's specific to Chrome (i.... (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/
Patch Set: '' Created 9 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/browser/ssl/ssl_error_handler.cc ('k') | chrome/browser/ssl/ssl_host_state.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #ifndef CHROME_BROWSER_SSL_SSL_HOST_STATE_H_
6 #define CHROME_BROWSER_SSL_SSL_HOST_STATE_H_
7 #pragma once
8
9 #include <string>
10 #include <map>
11 #include <set>
12
13 #include "base/basictypes.h"
14 #include "base/threading/non_thread_safe.h"
15 #include "googleurl/src/gurl.h"
16 #include "net/base/x509_certificate.h"
17
18 // SSLHostState
19 //
20 // The SSLHostState encapulates the host-specific state for SSL errors. For
21 // example, SSLHostState remembers whether the user has whitelisted a
22 // particular broken cert for use with particular host. We separate this state
23 // from the SSLManager because this state is shared across many navigation
24 // controllers.
25
26 class SSLHostState : public base::NonThreadSafe {
27 public:
28 SSLHostState();
29 ~SSLHostState();
30
31 // Records that a host has run insecure content.
32 void HostRanInsecureContent(const std::string& host, int pid);
33
34 // Returns whether the specified host ran insecure content.
35 bool DidHostRunInsecureContent(const std::string& host, int pid) const;
36
37 // Records that |cert| is permitted to be used for |host| in the future.
38 void DenyCertForHost(net::X509Certificate* cert, const std::string& host);
39
40 // Records that |cert| is not permitted to be used for |host| in the future.
41 void AllowCertForHost(net::X509Certificate* cert, const std::string& host);
42
43 // Queries whether |cert| is allowed or denied for |host|.
44 net::CertPolicy::Judgment QueryPolicy(
45 net::X509Certificate* cert, const std::string& host);
46
47 private:
48 // A BrokenHostEntry is a pair of (host, process_id) that indicates the host
49 // contains insecure content in that renderer process.
50 typedef std::pair<std::string, int> BrokenHostEntry;
51
52 // Hosts which have been contaminated with insecure content in the
53 // specified process. Note that insecure content can travel between
54 // same-origin frames in one processs but cannot jump between processes.
55 std::set<BrokenHostEntry> ran_insecure_content_hosts_;
56
57 // Certificate policies for each host.
58 std::map<std::string, net::CertPolicy> cert_policy_for_host_;
59
60 DISALLOW_COPY_AND_ASSIGN(SSLHostState);
61 };
62
63 #endif // CHROME_BROWSER_SSL_SSL_HOST_STATE_H_
OLDNEW
« no previous file with comments | « chrome/browser/ssl/ssl_error_handler.cc ('k') | chrome/browser/ssl/ssl_host_state.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698