chrome/browser/ssl/security_level_policy.h - Issue 1123943002: Move SecurityLevel into a class of its own

Side by Side Diff: chrome/browser/ssl/security_level_policy.h

Issue 1123943002: Move SecurityLevel into a class of its own (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: more android build fixes Created 5 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « chrome/android/javatests/src/org/chromium/chrome/browser/omnibox/OmniboxUrlEmphasizerTest.java ('k') | chrome/browser/ssl/security_level_policy.cc » ('j') | chrome/browser/ssl/security_level_policy.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
(Empty)
	1 // Copyright 2015 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #ifndef CHROME_BROWSER_SSL_SECURITY_LEVEL_POLICY_H_

	6 #define CHROME_BROWSER_SSL_SECURITY_LEVEL_POLICY_H_

	7

	8 namespace content {

	9 class WebContents;

	10 } // namespace content

	11

	12 // This class is responsible for computing the security level of a page.

	13 class SecurityLevelPolicy {
	felt 2015/05/07 20:10:18 While this is being moved anyway: What do you thi While this is being moved anyway: What do you think about renaming this ConnectionSecurityLevelPolicy, or something else that makes it clear that this refers specifically to the HTTP[S] status? "SecurityLevelPolicy" doesn't reflect whether a page has been flagged as phishing or malware, which is also "Security". Peter Kasting 2015/05/07 21:35:37 Another possibility would be to eliminate the wrap Show quoted text On 2015/05/07 20:10:18, felt wrote: > While this is being moved anyway: > > What do you think about renaming this ConnectionSecurityLevelPolicy, or > something else that makes it clear that this refers specifically to the HTTP[S] > status? "SecurityLevelPolicy" doesn't reflect whether a page has been flagged as > phishing or malware, which is also "Security". Another possibility would be to eliminate the wrapping class here and then rename the enum ConnectionSecurityLevel, leaving it in the global scope. (I don't love globals, but I also don't love using classes just to be pseudo-namespaces.) estark 2015/05/08 04:54:32 I think I'd like to leave it as a class, if that's Show quoted text On 2015/05/07 21:35:37, Peter Kasting wrote: > On 2015/05/07 20:10:18, felt wrote: > > While this is being moved anyway: > > > > What do you think about renaming this ConnectionSecurityLevelPolicy, or > > something else that makes it clear that this refers specifically to the > HTTP[S] > > status? "SecurityLevelPolicy" doesn't reflect whether a page has been flagged > as > > phishing or malware, which is also "Security". > > Another possibility would be to eliminate the wrapping class here and then > rename the enum ConnectionSecurityLevel, leaving it in the global scope. (I > don't love globals, but I also don't love using classes just to be > pseudo-namespaces.) I think I'd like to leave it as a class, if that's alright. My thinking is that the next step in this project is to add a method here called \|ExplainSecurityLevel\|. At that point it might make sense to make it a real instantiable class. (i.e. you can construct a \|SecurityLevelPolicy\| object by passing a \|WebContents\| to the constructor, and then you can call \|GetSecurityLevel\| and \|ExplainSecurityLevel\| on the object, and it will probably make sense to factor out some logic into private methods). Or I could go ahead and make it instantiable now in anticipation of the next step, if that would be preferable. I'm planning on renaming the class to ConnectionSecurityPolicy since ConnectionSecurityLevelPolicy seems just a tad too long to me. Peter Kasting* 2015/05/08 06:38:00 Leaving as a class is OK given your plans. I woul Show quoted text On 2015/05/08 04:54:32, estark wrote: > On 2015/05/07 21:35:37, Peter Kasting wrote: > > On 2015/05/07 20:10:18, felt wrote: > > > While this is being moved anyway: > > > > > > What do you think about renaming this ConnectionSecurityLevelPolicy, or > > > something else that makes it clear that this refers specifically to the > > HTTP[S] > > > status? "SecurityLevelPolicy" doesn't reflect whether a page has been > flagged > > as > > > phishing or malware, which is also "Security". > > > > Another possibility would be to eliminate the wrapping class here and then > > rename the enum ConnectionSecurityLevel, leaving it in the global scope. (I > > don't love globals, but I also don't love using classes just to be > > pseudo-namespaces.) > > I think I'd like to leave it as a class, if that's alright. My thinking is that > the next step in this project is to add a method here called > \|ExplainSecurityLevel\|. At that point it might make sense to make it a real > instantiable class. (i.e. you can construct a \|SecurityLevelPolicy\| object by > passing a \|WebContents\| to the constructor, and then you can call > \|GetSecurityLevel\| and \|ExplainSecurityLevel\| on the object, and it will > probably make sense to factor out some logic into private methods). Or I could > go ahead and make it instantiable now in anticipation of the next step, if that > would be preferable. Leaving as a class is OK given your plans. I wouldn't make it instantiable yet, let's wait and do that when there are consumers that want that. Show quoted text > I'm planning on renaming the class to ConnectionSecurityPolicy since > ConnectionSecurityLevelPolicy seems just a tad too long to me. I'm not really sure where the "policy" part of the name comes from anyway. This class isn't about setting or enforcing security policies, but simply describing the existing security level. If anything maybe the class should be ConnectionSecurityUtils or something. estark* 2015/05/08 14:16:00 I was thinking of "SHA1 signature in chain => page Show quoted text On 2015/05/08 06:38:00, Peter Kasting wrote: > On 2015/05/08 04:54:32, estark wrote: > > On 2015/05/07 21:35:37, Peter Kasting wrote: > > > On 2015/05/07 20:10:18, felt wrote: > > > > While this is being moved anyway: > > > > > > > > What do you think about renaming this ConnectionSecurityLevelPolicy, or > > > > something else that makes it clear that this refers specifically to the > > > HTTP[S] > > > > status? "SecurityLevelPolicy" doesn't reflect whether a page has been > > flagged > > > as > > > > phishing or malware, which is also "Security". > > > > > > Another possibility would be to eliminate the wrapping class here and then > > > rename the enum ConnectionSecurityLevel, leaving it in the global scope. (I > > > don't love globals, but I also don't love using classes just to be > > > pseudo-namespaces.) > > > > I think I'd like to leave it as a class, if that's alright. My thinking is > that > > the next step in this project is to add a method here called > > \|ExplainSecurityLevel\|. At that point it might make sense to make it a real > > instantiable class. (i.e. you can construct a \|SecurityLevelPolicy\| object by > > passing a \|WebContents\| to the constructor, and then you can call > > \|GetSecurityLevel\| and \|ExplainSecurityLevel\| on the object, and it will > > probably make sense to factor out some logic into private methods). Or I could > > go ahead and make it instantiable now in anticipation of the next step, if > that > > would be preferable. > > Leaving as a class is OK given your plans. I wouldn't make it instantiable yet, > let's wait and do that when there are consumers that want that. > > > I'm planning on renaming the class to ConnectionSecurityPolicy since > > ConnectionSecurityLevelPolicy seems just a tad too long to me. > > I'm not really sure where the "policy" part of the name comes from anyway. This > class isn't about setting or enforcing security policies, but simply describing > the existing security level. If anything maybe the class should be > ConnectionSecurityUtils or something. I was thinking of "SHA1 signature in chain => page should be treated as having a degraded security status" as a policy of sorts, but I'm not too attached to it, especially if "policy" is likely to be confusing to other people. I'm fine with ConnectionSecurityUtils, or maybe ConnectionSecurityHelper? estark* 2015/05/09 02:29:08 Renamed to ConnectionSecurityHelper. Show quoted text On 2015/05/08 14:16:00, estark wrote: > On 2015/05/08 06:38:00, Peter Kasting wrote: > > On 2015/05/08 04:54:32, estark wrote: > > > On 2015/05/07 21:35:37, Peter Kasting wrote: > > > > On 2015/05/07 20:10:18, felt wrote: > > > > > While this is being moved anyway: > > > > > > > > > > What do you think about renaming this ConnectionSecurityLevelPolicy, or > > > > > something else that makes it clear that this refers specifically to the > > > > HTTP[S] > > > > > status? "SecurityLevelPolicy" doesn't reflect whether a page has been > > > flagged > > > > as > > > > > phishing or malware, which is also "Security". > > > > > > > > Another possibility would be to eliminate the wrapping class here and then > > > > rename the enum ConnectionSecurityLevel, leaving it in the global scope. > (I > > > > don't love globals, but I also don't love using classes just to be > > > > pseudo-namespaces.) > > > > > > I think I'd like to leave it as a class, if that's alright. My thinking is > > that > > > the next step in this project is to add a method here called > > > \|ExplainSecurityLevel\|. At that point it might make sense to make it a real > > > instantiable class. (i.e. you can construct a \|SecurityLevelPolicy\| object > by > > > passing a \|WebContents*\| to the constructor, and then you can call > > > \|GetSecurityLevel\| and \|ExplainSecurityLevel\| on the object, and it will > > > probably make sense to factor out some logic into private methods). Or I > could > > > go ahead and make it instantiable now in anticipation of the next step, if > > that > > > would be preferable. > > > > Leaving as a class is OK given your plans. I wouldn't make it instantiable > yet, > > let's wait and do that when there are consumers that want that. > > > > > I'm planning on renaming the class to ConnectionSecurityPolicy since > > > ConnectionSecurityLevelPolicy seems just a tad too long to me. > > > > I'm not really sure where the "policy" part of the name comes from anyway. > This > > class isn't about setting or enforcing security policies, but simply > describing > > the existing security level. If anything maybe the class should be > > ConnectionSecurityUtils or something. > > I was thinking of "SHA1 signature in chain => page should be treated as having a > degraded security status" as a policy of sorts, but I'm not too attached to it, > especially if "policy" is likely to be confusing to other people. I'm fine with > ConnectionSecurityUtils, or maybe ConnectionSecurityHelper? Renamed to ConnectionSecurityHelper.
	14 public:

	15 // TODO(wtc): unify ToolbarModel::SecurityLevel with SecurityStyle. We
	Peter Kasting 2015/05/07 21:35:37 This CL would probably be a good time to either im This CL would probably be a good time to either implement this TODO, or decide that it makes no sense and remove it.
	16 // don't need two sets of security UI levels. SECURITY_STYLE_AUTHENTICATED

	17 // needs to be refined into three levels: warning, standard, and EV.

	18 //

	19 // A Java counterpart will be generated for this enum.

	20 // GENERATED_JAVA_ENUM_PACKAGE: org.chromium.chrome.browser.ssl

	21 // GENERATED_JAVA_CLASS_NAME_OVERRIDE: SecurityLevelPolicySecurityLevel

	22 enum SecurityLevel {

	23 // HTTP/no URL/user is editing

	24 NONE = 0,

	25

	26 // HTTPS with valid EV cert

	27 EV_SECURE = 1,

	28

	29 // HTTPS (non-EV)

	30 SECURE = 2,

	31

	32 // HTTPS, but unable to check certificate revocation status or with insecure

	33 // content on the page

	34 SECURITY_WARNING = 3,

	35

	36 // HTTPS, but the certificate verification chain is anchored on a

	37 // certificate that was installed by the system administrator

	38 SECURITY_POLICY_WARNING = 4,

	39

	40 // Attempted HTTPS and failed, page not authenticated

	41 SECURITY_ERROR = 5,

	42

	43 NUM_SECURITY_LEVELS = 6,

	44 };

	45

	46 static SecurityLevel GetSecurityLevelForWebContents(

	47 content::WebContents* web_contents);

	48

	49 private:

	50 SecurityLevelPolicy();
	Peter Kasting 2015/05/07 21:35:37 Use DISALLOW_IMPLICIT_CONSTRUCTORS here. Use DISALLOW_IMPLICIT_CONSTRUCTORS here. estark 2015/05/09 02:29:08 Done. Show quoted text On 2015/05/07 21:35:37, Peter Kasting wrote: > Use DISALLOW_IMPLICIT_CONSTRUCTORS here. Done.
	51 ~SecurityLevelPolicy();

	52 };

	53

	54 #endif // CHROME_BROWSER_SSL_SECURITY_LEVEL_POLICY_H_

OLD	NEW