Chromium Code Reviews Chromium Code Reviews
Issue 1058003004:
Forget SSL error exceptions when good certs seen for regular requests. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/ssl/ssl_policy.h" | 5 #include "content/browser/ssl/ssl_policy.h" |
| 6 | 6 |
| 7 #include "base/base_switches.h" | 7 #include "base/base_switches.h" |
| 8 #include "base/bind.h" | 8 #include "base/bind.h" |
| 9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
| 10 #include "base/memory/singleton.h" | 10 #include "base/memory/singleton.h" |
| (...skipping 92 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 103 | 103 |
| 104 backend_->HostRanInsecureContent(GURL(security_origin).host(), | 104 backend_->HostRanInsecureContent(GURL(security_origin).host(), |
| 105 site_instance->GetProcess()->GetID()); | 105 site_instance->GetProcess()->GetID()); |
| 106 } | 106 } |
| 107 | 107 |
| 108 void SSLPolicy::OnRequestStarted(SSLRequestInfo* info) { | 108 void SSLPolicy::OnRequestStarted(SSLRequestInfo* info) { |
| 109 // TODO(abarth): This mechanism is wrong. What we should be doing is sending | 109 // TODO(abarth): This mechanism is wrong. What we should be doing is sending |
| 110 // this information back through WebKit and out some FrameLoaderClient | 110 // this information back through WebKit and out some FrameLoaderClient |
| 111 // methods. | 111 // methods. |
| 112 | 112 |
| 113 if (net::IsCertStatusError(info->ssl_cert_status())) | 113 if (net::IsCertStatusError(info->ssl_cert_status())) { |
| 114 backend_->HostRanInsecureContent(info->url().host(), info->child_id()); | 114 backend_->HostRanInsecureContent(info->url().host(), info->child_id()); |
| 115 } else { | |
| 116 // If there's no certificate error, a good certificate has been seen, so | |
| 117 // clear out any exceptions that were made by the user for bad certificates. | |
| 118 backend_->RevokeUserAllowExceptions(info->url().host()); | |
|
felt
2015/04/09 21:05:07
Can you record how often this happens w/ UMA?
jww
2015/04/16 23:59:07
Hm, this is going to happen every time a good cert
| |
| 119 } | |
| 115 } | 120 } |
| 116 | 121 |
| 117 void SSLPolicy::UpdateEntry(NavigationEntryImpl* entry, | 122 void SSLPolicy::UpdateEntry(NavigationEntryImpl* entry, |
| 118 WebContentsImpl* web_contents) { | 123 WebContentsImpl* web_contents) { |
| 119 DCHECK(entry); | 124 DCHECK(entry); |
| 120 | 125 |
| 121 InitializeEntryIfNeeded(entry); | 126 InitializeEntryIfNeeded(entry); |
| 122 | 127 |
| 123 if (!entry->GetURL().SchemeIsSecure()) | 128 if (!entry->GetURL().SchemeIsSecure()) |
| 124 return; | 129 return; |
| (...skipping 107 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 232 SECURITY_STYLE_AUTHENTICATED : SECURITY_STYLE_UNAUTHENTICATED; | 237 SECURITY_STYLE_AUTHENTICATED : SECURITY_STYLE_UNAUTHENTICATED; |
| 233 } | 238 } |
| 234 | 239 |
| 235 void SSLPolicy::OriginRanInsecureContent(const std::string& origin, int pid) { | 240 void SSLPolicy::OriginRanInsecureContent(const std::string& origin, int pid) { |
| 236 GURL parsed_origin(origin); | 241 GURL parsed_origin(origin); |
| 237 if (parsed_origin.SchemeIsSecure()) | 242 if (parsed_origin.SchemeIsSecure()) |
| 238 backend_->HostRanInsecureContent(parsed_origin.host(), pid); | 243 backend_->HostRanInsecureContent(parsed_origin.host(), pid); |
| 239 } | 244 } |
| 240 | 245 |
| 241 } // namespace content | 246 } // namespace content |
| OLD | NEW |
