Refactor connection_security into SecurityStateModel

chrome/android/java/src/org/chromium/chrome/browser/WebsiteSettingsPopup.java

Index: chrome/android/java/src/org/chromium/chrome/browser/WebsiteSettingsPopup.java
diff --git a/chrome/android/java/src/org/chromium/chrome/browser/WebsiteSettingsPopup.java b/chrome/android/java/src/org/chromium/chrome/browser/WebsiteSettingsPopup.java
index 81c1fc003480dea968fed3e80c9e2ccd148d9d0e..5db229f7395d6cc753f39be449ec12e23de13a0e 100644
--- a/chrome/android/java/src/org/chromium/chrome/browser/WebsiteSettingsPopup.java
+++ b/chrome/android/java/src/org/chromium/chrome/browser/WebsiteSettingsPopup.java
@@ -53,9 +53,8 @@ import org.chromium.chrome.browser.preferences.Preferences;
 import org.chromium.chrome.browser.preferences.PreferencesLauncher;
 import org.chromium.chrome.browser.preferences.website.SingleWebsitePreferences;
 import org.chromium.chrome.browser.profiles.Profile;
-import org.chromium.chrome.browser.ssl.ConnectionSecurity;
 import org.chromium.chrome.browser.ssl.ConnectionSecurityLevel;
-import org.chromium.chrome.browser.toolbar.ToolbarModel;
+import org.chromium.chrome.browser.ssl.SecurityStateModel;
 import org.chromium.content.browser.ContentViewCore;
 import org.chromium.content_public.browser.WebContents;
 import org.chromium.content_public.browser.WebContentsObserver;
@@ -268,6 +267,9 @@ public class WebsiteSettingsPopup implements OnClickListener, OnItemSelectedList
     // Whether the security level of the page was deprecated due to SHA-1.
     private boolean mDeprecatedSHA1Present;
 
+    // Whether the security level of the page was deprecated due to passive mixed content.

[palmer, 2015/09/01 17:39:40]

"downgraded", not "deprecated"

[estark, 2015/09/02 16:27:20]

Done.

+    private boolean mPassiveMixedContentPresent;
+
     // Whether to use the read-only permissions list.
     private boolean mIsReadOnlyDialog;
 
@@ -421,8 +423,9 @@ public class WebsiteSettingsPopup implements OnClickListener, OnItemSelectedList
             mParsedUrl = null;
             mIsInternalPage = false;
         }
-        mSecurityLevel = ConnectionSecurity.getSecurityLevelForWebContents(mWebContents);
-        mDeprecatedSHA1Present = ToolbarModel.isDeprecatedSHA1Present(mWebContents);
+        mSecurityLevel = SecurityStateModel.getSecurityLevelForWebContents(mWebContents);
+        mDeprecatedSHA1Present = SecurityStateModel.isDeprecatedSHA1Present(mWebContents);
+        mPassiveMixedContentPresent = SecurityStateModel.isPassiveMixedContentPresent(mWebContents);

[palmer, 2015/09/01 17:39:40]

I suppose I'll find out when I read more, but: How is active mixed content
handled?

[estark, 2015/09/02 16:27:20]

I think I haven't yet seen anywhere that Android UI does anything special with
active mixed content (i.e. treats it differently than broken-https). Is it
possible that there is no active mixed content shield on Android, and thus the
presence of active mixed content is impossible?

 
         SpannableStringBuilder urlBuilder = new SpannableStringBuilder(mFullUrl);
         OmniboxUrlEmphasizer.emphasizeUrl(urlBuilder, mContext.getResources(), mProfile,
@@ -505,9 +508,6 @@ public class WebsiteSettingsPopup implements OnClickListener, OnItemSelectedList
             case ConnectionSecurityLevel.SECURE:
             case ConnectionSecurityLevel.EV_SECURE:
                 return R.string.page_info_connection_https;
-            case ConnectionSecurityLevel.SECURITY_WARNING:
-            case ConnectionSecurityLevel.SECURITY_POLICY_WARNING:
-                return R.string.page_info_connection_mixed;
             default:
                 assert false : "Invalid security level specified: " + securityLevel;
                 return R.string.page_info_connection_http;
@@ -531,7 +531,12 @@ public class WebsiteSettingsPopup implements OnClickListener, OnItemSelectedList
         if (mDeprecatedSHA1Present) {
             messageBuilder.append(
                     mContext.getResources().getString(R.string.page_info_connection_sha1));
-        } else if (mSecurityLevel != ConnectionSecurityLevel.SECURITY_ERROR) {
+        } else if (mPassiveMixedContentPresent) {
+            messageBuilder.append(
+                    mContext.getResources().getString(R.string.page_info_connection_mixed));
+        } else if (mSecurityLevel != ConnectionSecurityLevel.SECURITY_ERROR
+                && mSecurityLevel != ConnectionSecurityLevel.SECURITY_WARNING
+                && mSecurityLevel != ConnectionSecurityLevel.SECURITY_POLICY_WARNING) {
             messageBuilder.append(mContext.getResources().getString(
                     getConnectionMessageId(mSecurityLevel, mIsInternalPage)));
         } else {