content/browser/ssl/ssl_policy.cc - Issue 1058003004: Forget SSL error exceptions when good certs seen for regular requests.

Side by Side Diff: content/browser/ssl/ssl_policy.cc

Issue 1058003004: Forget SSL error exceptions when good certs seen for regular requests. (Closed) Base URL: https://chromium.googlesource.com/chromium/src@master

Patch Set: Tests related to unsafe resources w/user exceptions Created 5 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "content/browser/ssl/ssl_policy.h"	5 #include "content/browser/ssl/ssl_policy.h"

6	6

7 #include "base/base_switches.h"	7 #include "base/base_switches.h"

8 #include "base/bind.h"	8 #include "base/bind.h"

9 #include "base/command_line.h"	9 #include "base/command_line.h"

10 #include "base/memory/singleton.h"	10 #include "base/memory/singleton.h"

	11 #include "base/metrics/histogram.h"
	Mark P 2015/04/17 16:20:36 histogram_macros is more appropriate histogram_macros is more appropriate jww 2015/04/17 18:14:33 Done. Show quoted text On 2015/04/17 16:20:36, Mark P wrote: > histogram_macros is more appropriate Done.
11 #include "base/strings/string_piece.h"	12 #include "base/strings/string_piece.h"

12 #include "base/strings/string_util.h"	13 #include "base/strings/string_util.h"

13 #include "content/browser/frame_host/navigation_entry_impl.h"	14 #include "content/browser/frame_host/navigation_entry_impl.h"

14 #include "content/browser/renderer_host/render_process_host_impl.h"	15 #include "content/browser/renderer_host/render_process_host_impl.h"

15 #include "content/browser/renderer_host/render_view_host_impl.h"	16 #include "content/browser/renderer_host/render_view_host_impl.h"

16 #include "content/browser/site_instance_impl.h"	17 #include "content/browser/site_instance_impl.h"

17 #include "content/browser/ssl/ssl_cert_error_handler.h"	18 #include "content/browser/ssl/ssl_cert_error_handler.h"

18 #include "content/browser/ssl/ssl_request_info.h"	19 #include "content/browser/ssl/ssl_request_info.h"

19 #include "content/browser/web_contents/web_contents_impl.h"	20 #include "content/browser/web_contents/web_contents_impl.h"

20 #include "content/public/browser/content_browser_client.h"	21 #include "content/public/browser/content_browser_client.h"

(...skipping 77 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
98 return;	99 return;

99	100

100 SiteInstance* site_instance = entry->site_instance();	101 SiteInstance* site_instance = entry->site_instance();

101 if (!site_instance)	102 if (!site_instance)

102 return;	103 return;

103	104

104 backend_->HostRanInsecureContent(GURL(security_origin).host(),	105 backend_->HostRanInsecureContent(GURL(security_origin).host(),

105 site_instance->GetProcess()->GetID());	106 site_instance->GetProcess()->GetID());

106 }	107 }

107	108

	109 enum SSLGoodCertSeenEvent {
	Mark P 2015/04/17 16:20:36 1. This is an odd place for this enum. This is st 1. This is an odd place for this enum. This is style-acceptable? 2. Please put the useful standard warning label about enums that a recorded in UMA (don't deleted or reorder or renumber; add new entry only at end) 3. Please explicitly do =0, =1, etc. jww 2015/04/17 18:14:33 You're right, it probably should be at the top in Show quoted text On 2015/04/17 16:20:36, Mark P wrote: > 1. This is an odd place for this enum. This is style-acceptable? You're right, it probably should be at the top in an anonymous namespace. Done. Show quoted text > 2. Please put the useful standard warning label about enums that a recorded in > UMA (don't deleted or reorder or renumber; add new entry only at end) Done. Show quoted text > 3. Please explicitly do =0, =1, etc. Done.
	110 NO_PREVIOUS_EXCEPTION,

	111 HAD_PREVIOUS_EXCEPTION,

	112 END_OF_SSL_GOOD_CERT_SEEN_EVENT

	113 };

	114

108 void SSLPolicy::OnRequestStarted(SSLRequestInfo* info) {	115 void SSLPolicy::OnRequestStarted(SSLRequestInfo* info) {

109 // TODO(abarth): This mechanism is wrong. What we should be doing is sending	116 // TODO(abarth): This mechanism is wrong. What we should be doing is sending

110 // this information back through WebKit and out some FrameLoaderClient	117 // this information back through WebKit and out some FrameLoaderClient

111 // methods.	118 // methods.

112	119

113 if (net::IsCertStatusError(info->ssl_cert_status()))	120 if (net::IsCertStatusError(info->ssl_cert_status())) {

114 backend_->HostRanInsecureContent(info->url().host(), info->child_id());	121 backend_->HostRanInsecureContent(info->url().host(), info->child_id());

	122 } else {

	123 SSLGoodCertSeenEvent event = NO_PREVIOUS_EXCEPTION;

	124 if (backend_->HasAllowException(info->url().host()))

	125 event = HAD_PREVIOUS_EXCEPTION;

	126 UMA_HISTOGRAM_ENUMERATION("interstitial.ssl.good_cert_seen", event,
	Mark P 2015/04/17 16:20:36 This sounds more like a BOOLEAN histogram. Why ar This sounds more like a BOOLEAN histogram. Why are you using an enum here? Do you have the expectation that it needs to expand in the future? If so, how? jww 2015/04/17 18:14:33 In the past, when I've had boolean uma measurement Show quoted text On 2015/04/17 16:20:36, Mark P wrote: > This sounds more like a BOOLEAN histogram. Why are you using an enum here? Do > you have the expectation that it needs to expand in the future? If so, how? In the past, when I've had boolean uma measurements, I've been asked to make an enum anyway for clarity in the reporting (see SSLCertificateDecisionsDidRevoke for example: https://code.google.com/p/chromium/codesearch#chromium/src/chrome/browser/ui/...). Personally, I like that approach as well, but if you feel strongly that it should be a straight boolean instead, let me know. Mark P 2015/04/17 20:26:19 Acknowledged. Show quoted text On 2015/04/17 18:14:33, jww wrote: > On 2015/04/17 16:20:36, Mark P wrote: > > This sounds more like a BOOLEAN histogram. Why are you using an enum here? > Do > > you have the expectation that it needs to expand in the future? If so, how? > > In the past, when I've had boolean uma measurements, I've been asked to make an > enum anyway for clarity in the reporting (see SSLCertificateDecisionsDidRevoke > for example: > https://code.google.com/p/chromium/codesearch#chromium/src/chrome/browser/ui/...). > > Personally, I like that approach as well, but if you feel strongly that it > should be a straight boolean instead, let me know. Acknowledged.
	127 END_OF_SSL_GOOD_CERT_SEEN_EVENT);

	128

	129 // If there's no certificate error, a good certificate has been seen, so

	130 // clear out any exceptions that were made by the user for bad certificates.

	131 backend_->RevokeUserAllowExceptions(info->url().host());

	132 }

115 }	133 }

116	134

117 void SSLPolicy::UpdateEntry(NavigationEntryImpl* entry,	135 void SSLPolicy::UpdateEntry(NavigationEntryImpl* entry,

118 WebContentsImpl* web_contents) {	136 WebContentsImpl* web_contents) {

119 DCHECK(entry);	137 DCHECK(entry);

120	138

121 InitializeEntryIfNeeded(entry);	139 InitializeEntryIfNeeded(entry);

122	140

123 if (!entry->GetURL().SchemeIsSecure())	141 if (!entry->GetURL().SchemeIsSecure())

124 return;	142 return;

(...skipping 107 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
232 SECURITY_STYLE_AUTHENTICATED : SECURITY_STYLE_UNAUTHENTICATED;	250 SECURITY_STYLE_AUTHENTICATED : SECURITY_STYLE_UNAUTHENTICATED;

233 }	251 }

234	252

235 void SSLPolicy::OriginRanInsecureContent(const std::string& origin, int pid) {	253 void SSLPolicy::OriginRanInsecureContent(const std::string& origin, int pid) {

236 GURL parsed_origin(origin);	254 GURL parsed_origin(origin);

237 if (parsed_origin.SchemeIsSecure())	255 if (parsed_origin.SchemeIsSecure())

238 backend_->HostRanInsecureContent(parsed_origin.host(), pid);	256 backend_->HostRanInsecureContent(parsed_origin.host(), pid);

239 }	257 }

240	258

241 } // namespace content	259 } // namespace content

OLD	NEW

« no previous file with comments | « chrome/browser/ssl/ssl_browser_tests.cc ('k') | content/browser/ssl/ssl_policy_backend.h » ('j') | tools/metrics/histograms/histograms.xml » ('J')