Index: chrome/browser/ssl/security_level_policy.h |
diff --git a/chrome/browser/ssl/security_level_policy.h b/chrome/browser/ssl/security_level_policy.h |
new file mode 100644 |
index 0000000000000000000000000000000000000000..9d823bf7c68f1e9645dcde1ba8042d04459b0ea3 |
--- /dev/null |
+++ b/chrome/browser/ssl/security_level_policy.h |
@@ -0,0 +1,54 @@ |
+// Copyright 2015 The Chromium Authors. All rights reserved. |
+// Use of this source code is governed by a BSD-style license that can be |
+// found in the LICENSE file. |
+ |
+#ifndef CHROME_BROWSER_SSL_SECURITY_LEVEL_POLICY_H_ |
+#define CHROME_BROWSER_SSL_SECURITY_LEVEL_POLICY_H_ |
+ |
+namespace content { |
+class WebContents; |
+} // namespace content |
+ |
+// This class is responsible for computing the security level of a page. |
+class SecurityLevelPolicy { |
felt
2015/05/07 20:10:18
While this is being moved anyway:
What do you thi
Peter Kasting
2015/05/07 21:35:37
Another possibility would be to eliminate the wrap
estark
2015/05/08 04:54:32
I think I'd like to leave it as a class, if that's
Peter Kasting
2015/05/08 06:38:00
Leaving as a class is OK given your plans. I woul
estark
2015/05/08 14:16:00
I was thinking of "SHA1 signature in chain => page
estark
2015/05/09 02:29:08
Renamed to ConnectionSecurityHelper.
|
+ public: |
+ // TODO(wtc): unify ToolbarModel::SecurityLevel with SecurityStyle. We |
Peter Kasting
2015/05/07 21:35:37
This CL would probably be a good time to either im
|
+ // don't need two sets of security UI levels. SECURITY_STYLE_AUTHENTICATED |
+ // needs to be refined into three levels: warning, standard, and EV. |
+ // |
+ // A Java counterpart will be generated for this enum. |
+ // GENERATED_JAVA_ENUM_PACKAGE: org.chromium.chrome.browser.ssl |
+ // GENERATED_JAVA_CLASS_NAME_OVERRIDE: SecurityLevelPolicySecurityLevel |
+ enum SecurityLevel { |
+ // HTTP/no URL/user is editing |
+ NONE = 0, |
+ |
+ // HTTPS with valid EV cert |
+ EV_SECURE = 1, |
+ |
+ // HTTPS (non-EV) |
+ SECURE = 2, |
+ |
+ // HTTPS, but unable to check certificate revocation status or with insecure |
+ // content on the page |
+ SECURITY_WARNING = 3, |
+ |
+ // HTTPS, but the certificate verification chain is anchored on a |
+ // certificate that was installed by the system administrator |
+ SECURITY_POLICY_WARNING = 4, |
+ |
+ // Attempted HTTPS and failed, page not authenticated |
+ SECURITY_ERROR = 5, |
+ |
+ NUM_SECURITY_LEVELS = 6, |
+ }; |
+ |
+ static SecurityLevel GetSecurityLevelForWebContents( |
+ content::WebContents* web_contents); |
+ |
+ private: |
+ SecurityLevelPolicy(); |
Peter Kasting
2015/05/07 21:35:37
Use DISALLOW_IMPLICIT_CONSTRUCTORS here.
estark
2015/05/09 02:29:08
Done.
|
+ ~SecurityLevelPolicy(); |
+}; |
+ |
+#endif // CHROME_BROWSER_SSL_SECURITY_LEVEL_POLICY_H_ |