OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/ssl/ssl_manager.h" | 5 #include "content/browser/ssl/ssl_manager.h" |
6 | 6 |
7 #include "base/bind.h" | 7 #include "base/bind.h" |
8 #include "base/utf_string_conversions.h" | 8 #include "base/utf_string_conversions.h" |
9 #include "content/browser/loader/resource_dispatcher_host_impl.h" | 9 #include "content/browser/loader/resource_dispatcher_host_impl.h" |
10 #include "content/browser/loader/resource_request_info_impl.h" | 10 #include "content/browser/loader/resource_request_info_impl.h" |
(...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
53 new SSLCertErrorHandler(delegate, | 53 new SSLCertErrorHandler(delegate, |
54 id, | 54 id, |
55 resource_type, | 55 resource_type, |
56 url, | 56 url, |
57 render_process_id, | 57 render_process_id, |
58 render_view_id, | 58 render_view_id, |
59 ssl_info, | 59 ssl_info, |
60 fatal))); | 60 fatal))); |
61 } | 61 } |
62 | 62 |
63 // static | |
64 void SSLManager::NotifySSLInternalStateChanged( | |
65 NavigationControllerImpl* controller) { | |
66 NotificationService::current()->Notify( | |
67 NOTIFICATION_SSL_INTERNAL_STATE_CHANGED, | |
68 Source<BrowserContext>(controller->GetBrowserContext()), | |
69 NotificationService::NoDetails()); | |
70 } | |
71 | |
72 SSLManager::SSLManager(NavigationControllerImpl* controller) | 63 SSLManager::SSLManager(NavigationControllerImpl* controller) |
73 : backend_(controller), | 64 : backend_(controller), |
74 policy_(new SSLPolicy(&backend_)), | 65 policy_(new SSLPolicy(&backend_)), |
75 controller_(controller) { | 66 controller_(controller) { |
76 DCHECK(controller_); | 67 DCHECK(controller_); |
77 | 68 |
78 // Subscribe to various notifications. | 69 // Subscribe to various notifications. |
79 registrar_.Add( | 70 registrar_.Add( |
80 this, NOTIFICATION_RESOURCE_RESPONSE_STARTED, | 71 this, NOTIFICATION_RESOURCE_RESPONSE_STARTED, |
81 Source<WebContents>(controller_->web_contents())); | 72 Source<WebContents>(controller_->web_contents())); |
82 registrar_.Add( | 73 registrar_.Add( |
83 this, NOTIFICATION_RESOURCE_RECEIVED_REDIRECT, | 74 this, NOTIFICATION_RESOURCE_RECEIVED_REDIRECT, |
84 Source<WebContents>(controller_->web_contents())); | 75 Source<WebContents>(controller_->web_contents())); |
85 registrar_.Add( | 76 registrar_.Add( |
86 this, NOTIFICATION_LOAD_FROM_MEMORY_CACHE, | 77 this, NOTIFICATION_LOAD_FROM_MEMORY_CACHE, |
87 Source<NavigationController>(controller_)); | 78 Source<NavigationController>(controller_)); |
88 registrar_.Add( | |
89 this, NOTIFICATION_SSL_INTERNAL_STATE_CHANGED, | |
90 Source<BrowserContext>( | |
91 controller_->GetBrowserContext())); | |
92 } | 79 } |
93 | 80 |
94 SSLManager::~SSLManager() { | 81 SSLManager::~SSLManager() { |
95 } | 82 } |
96 | 83 |
97 void SSLManager::DidCommitProvisionalLoad( | 84 void SSLManager::DidCommitProvisionalLoad( |
98 const NotificationDetails& in_details) { | 85 const NotificationDetails& in_details) { |
99 LoadCommittedDetails* details = | 86 LoadCommittedDetails* details = |
100 Details<LoadCommittedDetails>(in_details).ptr(); | 87 Details<LoadCommittedDetails>(in_details).ptr(); |
101 | 88 |
(...skipping 19 matching lines...) Expand all Loading... |
121 entry->GetSSL().cert_id = ssl_cert_id; | 108 entry->GetSSL().cert_id = ssl_cert_id; |
122 entry->GetSSL().cert_status = ssl_cert_status; | 109 entry->GetSSL().cert_status = ssl_cert_status; |
123 entry->GetSSL().security_bits = ssl_security_bits; | 110 entry->GetSSL().security_bits = ssl_security_bits; |
124 entry->GetSSL().connection_status = ssl_connection_status; | 111 entry->GetSSL().connection_status = ssl_connection_status; |
125 } | 112 } |
126 } | 113 } |
127 | 114 |
128 UpdateEntry(entry); | 115 UpdateEntry(entry); |
129 } | 116 } |
130 | 117 |
| 118 void SSLManager::DidDisplayInsecureContent() { |
| 119 UpdateEntry( |
| 120 NavigationEntryImpl::FromNavigationEntry(controller_->GetActiveEntry())); |
| 121 } |
| 122 |
131 void SSLManager::DidRunInsecureContent(const std::string& security_origin) { | 123 void SSLManager::DidRunInsecureContent(const std::string& security_origin) { |
132 policy()->DidRunInsecureContent( | 124 NavigationEntryImpl* navigation_entry = |
133 NavigationEntryImpl::FromNavigationEntry(controller_->GetActiveEntry()), | 125 NavigationEntryImpl::FromNavigationEntry(controller_->GetActiveEntry()); |
134 security_origin); | 126 policy()->DidRunInsecureContent(navigation_entry, security_origin); |
| 127 UpdateEntry(navigation_entry); |
| 128 } |
| 129 |
| 130 void SSLManager::UpdateEntry(NavigationEntryImpl* entry) { |
| 131 // We don't always have a navigation entry to update, for example in the |
| 132 // case of the Web Inspector. |
| 133 if (!entry) |
| 134 return; |
| 135 |
| 136 SSLStatus original_ssl_status = entry->GetSSL(); // Copy! |
| 137 |
| 138 policy()->UpdateEntry(entry, controller_->web_contents()); |
| 139 |
| 140 if (!entry->GetSSL().Equals(original_ssl_status)) |
| 141 controller_->web_contents()->NotifyVisibleSSLStateChanged(); |
135 } | 142 } |
136 | 143 |
137 void SSLManager::Observe(int type, | 144 void SSLManager::Observe(int type, |
138 const NotificationSource& source, | 145 const NotificationSource& source, |
139 const NotificationDetails& details) { | 146 const NotificationDetails& details) { |
140 // Dispatch by type. | 147 // Dispatch by type. |
141 switch (type) { | 148 switch (type) { |
142 case NOTIFICATION_RESOURCE_RESPONSE_STARTED: | 149 case NOTIFICATION_RESOURCE_RESPONSE_STARTED: |
143 DidStartResourceResponse( | 150 DidStartResourceResponse( |
144 Details<ResourceRequestDetails>(details).ptr()); | 151 Details<ResourceRequestDetails>(details).ptr()); |
145 break; | 152 break; |
146 case NOTIFICATION_RESOURCE_RECEIVED_REDIRECT: | 153 case NOTIFICATION_RESOURCE_RECEIVED_REDIRECT: |
147 DidReceiveResourceRedirect( | 154 DidReceiveResourceRedirect( |
148 Details<ResourceRedirectDetails>(details).ptr()); | 155 Details<ResourceRedirectDetails>(details).ptr()); |
149 break; | 156 break; |
150 case NOTIFICATION_LOAD_FROM_MEMORY_CACHE: | 157 case NOTIFICATION_LOAD_FROM_MEMORY_CACHE: |
151 DidLoadFromMemoryCache( | 158 DidLoadFromMemoryCache( |
152 Details<LoadFromMemoryCacheDetails>(details).ptr()); | 159 Details<LoadFromMemoryCacheDetails>(details).ptr()); |
153 break; | 160 break; |
154 case NOTIFICATION_SSL_INTERNAL_STATE_CHANGED: | |
155 DidChangeSSLInternalState(); | |
156 break; | |
157 default: | 161 default: |
158 NOTREACHED() << "The SSLManager received an unexpected notification."; | 162 NOTREACHED() << "The SSLManager received an unexpected notification."; |
159 } | 163 } |
160 } | 164 } |
161 | 165 |
162 void SSLManager::DidLoadFromMemoryCache(LoadFromMemoryCacheDetails* details) { | 166 void SSLManager::DidLoadFromMemoryCache(LoadFromMemoryCacheDetails* details) { |
163 // Simulate loading this resource through the usual path. | 167 // Simulate loading this resource through the usual path. |
164 // Note that we specify SUB_RESOURCE as the resource type as WebCore only | 168 // Note that we specify SUB_RESOURCE as the resource type as WebCore only |
165 // caches sub-resources. | 169 // caches sub-resources. |
166 // This resource must have been loaded with no filtering because filtered | 170 // This resource must have been loaded with no filtering because filtered |
(...skipping 24 matching lines...) Expand all Loading... |
191 } | 195 } |
192 | 196 |
193 void SSLManager::DidReceiveResourceRedirect(ResourceRedirectDetails* details) { | 197 void SSLManager::DidReceiveResourceRedirect(ResourceRedirectDetails* details) { |
194 // TODO(abarth): Make sure our redirect behavior is correct. If we ever see a | 198 // TODO(abarth): Make sure our redirect behavior is correct. If we ever see a |
195 // non-HTTPS resource in the redirect chain, we want to trigger | 199 // non-HTTPS resource in the redirect chain, we want to trigger |
196 // insecure content, even if the redirect chain goes back to | 200 // insecure content, even if the redirect chain goes back to |
197 // HTTPS. This is because the network attacker can redirect the | 201 // HTTPS. This is because the network attacker can redirect the |
198 // HTTP request to https://attacker.com/payload.js. | 202 // HTTP request to https://attacker.com/payload.js. |
199 } | 203 } |
200 | 204 |
201 void SSLManager::DidChangeSSLInternalState() { | |
202 UpdateEntry( | |
203 NavigationEntryImpl::FromNavigationEntry(controller_->GetActiveEntry())); | |
204 } | |
205 | |
206 void SSLManager::UpdateEntry(NavigationEntryImpl* entry) { | |
207 // We don't always have a navigation entry to update, for example in the | |
208 // case of the Web Inspector. | |
209 if (!entry) | |
210 return; | |
211 | |
212 SSLStatus original_ssl_status = entry->GetSSL(); // Copy! | |
213 | |
214 policy()->UpdateEntry(entry, controller_->web_contents()); | |
215 | |
216 if (!entry->GetSSL().Equals(original_ssl_status)) { | |
217 NotificationService::current()->Notify( | |
218 NOTIFICATION_SSL_VISIBLE_STATE_CHANGED, | |
219 Source<NavigationController>(controller_), | |
220 NotificationService::NoDetails()); | |
221 } | |
222 } | |
223 | |
224 } // namespace content | 205 } // namespace content |
OLD | NEW |