Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(355)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: android_webview/browser/aw_ssl_host_state_delegate.h

Issue 1058003004: Forget SSL error exceptions when good certs seen for regular requests. (Closed) Base URL: https://chromium.googlesource.com/chromium/src@master
Patch Set: Yet Another Webview Fix (should be the last, I swear) Created 5 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | android_webview/browser/aw_ssl_host_state_delegate.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2014 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef ANDROID_WEBVIEW_BROWSER_AW_SSL_HOST_STATE_DELEGATE_H_ 5 #ifndef ANDROID_WEBVIEW_BROWSER_AW_SSL_HOST_STATE_DELEGATE_H_
6 #define ANDROID_WEBVIEW_BROWSER_AW_SSL_HOST_STATE_DELEGATE_H_ 6 #define ANDROID_WEBVIEW_BROWSER_AW_SSL_HOST_STATE_DELEGATE_H_
7 7
8 #include <map> 8 #include <map>
9 #include <string> 9 #include <string>
10 10
(...skipping 12 matching lines...) Expand all
23 ~CertPolicy(); 23 ~CertPolicy();
24 // Returns true if the user has decided to proceed through the ssl error 24 // Returns true if the user has decided to proceed through the ssl error
25 // before. For a certificate to be allowed, it must not have any 25 // before. For a certificate to be allowed, it must not have any
26 // *additional* errors from when it was allowed. 26 // *additional* errors from when it was allowed.
27 bool Check(const net::X509Certificate& cert, net::CertStatus error) const; 27 bool Check(const net::X509Certificate& cert, net::CertStatus error) const;
28 28
29 // Causes the policy to allow this certificate for a given |error|. And 29 // Causes the policy to allow this certificate for a given |error|. And
30 // remember the user's choice. 30 // remember the user's choice.
31 void Allow(const net::X509Certificate& cert, net::CertStatus error); 31 void Allow(const net::X509Certificate& cert, net::CertStatus error);
32 32
33 // Returns true if and only if there exists a user allow exception for some
34 // certificate.
35 bool HasAllowException() const { return allowed_.size() > 0; }
36
33 private: 37 private:
34 // The set of fingerprints of allowed certificates. 38 // The set of fingerprints of allowed certificates.
35 std::map<net::SHA256HashValue, net::CertStatus, net::SHA256HashValueLessThan> 39 std::map<net::SHA256HashValue, net::CertStatus, net::SHA256HashValueLessThan>
36 allowed_; 40 allowed_;
37 }; 41 };
38 42
39 } // namespace internal 43 } // namespace internal
40 44
41 class AwSSLHostStateDelegate : public content::SSLHostStateDelegate { 45 class AwSSLHostStateDelegate : public content::SSLHostStateDelegate {
42 public: 46 public:
(...skipping 15 matching lines...) Expand all
58 net::CertStatus error, 62 net::CertStatus error,
59 bool* expired_previous_decision) override; 63 bool* expired_previous_decision) override;
60 64
61 // Records that a host has run insecure content. 65 // Records that a host has run insecure content.
62 void HostRanInsecureContent(const std::string& host, int pid) override; 66 void HostRanInsecureContent(const std::string& host, int pid) override;
63 67
64 // Returns whether the specified host ran insecure content. 68 // Returns whether the specified host ran insecure content.
65 bool DidHostRunInsecureContent(const std::string& host, 69 bool DidHostRunInsecureContent(const std::string& host,
66 int pid) const override; 70 int pid) const override;
67 71
72 // Revokes all SSL certificate error allow exceptions made by the user for
73 // |host|.
74 void RevokeUserAllowExceptions(const std::string& host) override;
75
76 // Returns whether the user has allowed a certificate error exception for
77 // |host|. This does not mean that *all* certificate errors are allowed, just
78 // that there exists an exception. To see if a particular certificate and
79 // error combination exception is allowed, use QueryPolicy().
80 bool HasAllowException(const std::string& host) const override;
81
68 private: 82 private:
69 // Certificate policies for each host. 83 // Certificate policies for each host.
70 std::map<std::string, internal::CertPolicy> cert_policy_for_host_; 84 std::map<std::string, internal::CertPolicy> cert_policy_for_host_;
71 85
72 DISALLOW_COPY_AND_ASSIGN(AwSSLHostStateDelegate); 86 DISALLOW_COPY_AND_ASSIGN(AwSSLHostStateDelegate);
73 }; 87 };
74 88
75 } // namespace android_webview 89 } // namespace android_webview
76 90
77 #endif // ANDROID_WEBVIEW_BROWSER_AW_SSL_HOST_STATE_DELEGATE_H_ 91 #endif // ANDROID_WEBVIEW_BROWSER_AW_SSL_HOST_STATE_DELEGATE_H_
OLDNEW
« no previous file with comments | « no previous file | android_webview/browser/aw_ssl_host_state_delegate.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698