third_party/WebKit/Source/devtools/front_end/security/SecurityPanel.js - Issue 1383503003: [DevTools] Show a explanation when all resources in the page have been requested securely (no-mixed… - Code Review

Chromium Code Reviews

chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out

(637)

My Issues | Starred Open | Closed | All

Side by Side Diff: third_party/WebKit/Source/devtools/front_end/security/SecurityPanel.js

Issue 1383503003: [DevTools] Show a explanation when all resources in the page have been requested securely (no-mixed… (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Updated owners + lint Created 5 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « third_party/WebKit/LayoutTests/http/tests/inspector/security/security-all-resources-secure-expected.txt ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright 2015 The Chromium Authors. All rights reserved.	1 // Copyright 2015 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 /**	5 /**

6 * @constructor	6 * @constructor

7 * @extends {WebInspector.PanelWithSidebar}	7 * @extends {WebInspector.PanelWithSidebar}

8 * @implements {WebInspector.TargetManager.Observer}	8 * @implements {WebInspector.TargetManager.Observer}

9 */	9 */

10 WebInspector.SecurityPanel = function()	10 WebInspector.SecurityPanel = function()

(...skipping 521 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
532 if (!this._schemeIsCryptographic)	532 if (!this._schemeIsCryptographic)

533 return;	533 return;

534	534

535 if (this._mixedContentStatus && (this._mixedContentStatus.ranInsecureCon tent \|\| this._mixedContentStatus.displayedInsecureContent)) {	535 if (this._mixedContentStatus && (this._mixedContentStatus.ranInsecureCon tent \|\| this._mixedContentStatus.displayedInsecureContent)) {

536 if (this._mixedContentStatus.ranInsecureContent)	536 if (this._mixedContentStatus.ranInsecureContent)

537 this._addMixedContentExplanation(this._mixedContentStatus.ranIns ecureContentStyle, WebInspector.UIString("Active Mixed Content"), WebInspector.U IString("You have recently allowed insecure content (such as scripts or iframes) to run on this site."), WebInspector.NetworkLogView.MixedContentFilterValues.Bl ockOverridden, showBlockOverriddenMixedContentInNetworkPanel);	537 this._addMixedContentExplanation(this._mixedContentStatus.ranIns ecureContentStyle, WebInspector.UIString("Active Mixed Content"), WebInspector.U IString("You have recently allowed insecure content (such as scripts or iframes) to run on this site."), WebInspector.NetworkLogView.MixedContentFilterValues.Bl ockOverridden, showBlockOverriddenMixedContentInNetworkPanel);

538 if (this._mixedContentStatus.displayedInsecureContent)	538 if (this._mixedContentStatus.displayedInsecureContent)

539 this._addMixedContentExplanation(this._mixedContentStatus.displa yedInsecureContentStyle, WebInspector.UIString("Mixed Content"), WebInspector.UI String("The site includes HTTP resources."), WebInspector.NetworkLogView.MixedCo ntentFilterValues.Displayed, showDisplayedMixedContentInNetworkPanel);	539 this._addMixedContentExplanation(this._mixedContentStatus.displa yedInsecureContentStyle, WebInspector.UIString("Mixed Content"), WebInspector.UI String("The site includes HTTP resources."), WebInspector.NetworkLogView.MixedCo ntentFilterValues.Displayed, showDisplayedMixedContentInNetworkPanel);

540 }	540 }

541	541

	542 if (this._mixedContentStatus && (!this._mixedContentStatus.displayedInse cureContent && !this._mixedContentStatus.ranInsecureContent)) {

	543 this._addMixedContentExplanation(SecurityAgent.SecurityState.Secur e, WebInspector.UIString("Secure Resources"), WebInspector.UIString("All resourc es on this page are served securely."));
	lgarron 2015/10/09 00:16:31 I'm a bit split on this. On the one hand, this pat I'm a bit split on this. On the one hand, this patch complicates _addMixedContentExplanation in order to allow it to handle this case as if it were just: this._addExplanation(/** @type {!SecurityAgent.SecurityStateExplanation} / ({ "securityState": SecurityAgent.SecurityState.Secure, "summary": WebInspector.UIString("Secure Resources"), "description": WebInspector.UIString("All resources on this page are served securely.") })); On the other hand, calling _addMixedContentExplanation for all mixed content states makes sense if we want to do something special for mixed content explanations (e.g. styling). On the third hand, we don't do that kind of styling right now, and I don't feel we need to set up our code to guard for it. On the fourth hand, now that it's written, it doesn't hurt. So what I'm saying is that I guess I'm okay with it. :-P dgozman* 2015/10/09 03:52:54 I think it's better to use \|_addExplanation\| here. Show quoted text On 2015/10/09 00:16:31, lgarron wrote: > I'm a bit split on this. On the one hand, this patch complicates > _addMixedContentExplanation in order to allow it to handle this case as if it > were just: > > > this._addExplanation(/** @type > {!SecurityAgent.SecurityStateExplanation} */ ({ > "securityState": SecurityAgent.SecurityState.Secure, > "summary": WebInspector.UIString("Secure Resources"), > "description": WebInspector.UIString("All resources on this page > are served securely.") > })); > > On the other hand, calling _addMixedContentExplanation for all mixed content > states makes sense if we want to do something special for mixed content > explanations (e.g. styling). On the third hand, we don't do that kind of styling > right now, and I don't feel we need to set up our code to guard for it. > On the fourth hand, now that it's written, it doesn't hurt. > > So what I'm saying is that I guess I'm okay with it. :-P I think it's better to use \|_addExplanation\| here.
	544 }

	545

542 if (this._panel.filterRequestCount(WebInspector.NetworkLogView.MixedCont entFilterValues.Blocked) > 0)	546 if (this._panel.filterRequestCount(WebInspector.NetworkLogView.MixedCont entFilterValues.Blocked) > 0)

543 this._addMixedContentExplanation(SecurityAgent.SecurityState.Info, W ebInspector.UIString("Blocked mixed content"), WebInspector.UIString("Your page requested insecure resources that were blocked."), WebInspector.NetworkLogView.M ixedContentFilterValues.Blocked, showBlockedMixedContentInNetworkPanel);	547 this._addMixedContentExplanation(SecurityAgent.SecurityState.Info, W ebInspector.UIString("Blocked mixed content"), WebInspector.UIString("Your page requested insecure resources that were blocked."), WebInspector.NetworkLogView.M ixedContentFilterValues.Blocked, showBlockedMixedContentInNetworkPanel);

544	548

545 /**	549 /**

546 * @param {!Event} e	550 * @param {!Event} e

547 */	551 */

548 function showDisplayedMixedContentInNetworkPanel(e)	552 function showDisplayedMixedContentInNetworkPanel(e)

549 {	553 {

550 e.consume();	554 e.consume();

551 WebInspector.NetworkPanel.revealAndFilter(WebInspector.NetworkLogVie w.FilterType.MixedContent, WebInspector.NetworkLogView.MixedContentFilterValues. Displayed);	555 WebInspector.NetworkPanel.revealAndFilter(WebInspector.NetworkLogVie w.FilterType.MixedContent, WebInspector.NetworkLogView.MixedContentFilterValues. Displayed);

(...skipping 15 matching lines...) Expand all Loading...
567 {	571 {

568 e.consume();	572 e.consume();

569 WebInspector.NetworkPanel.revealAndFilter(WebInspector.NetworkLogVie w.FilterType.MixedContent, WebInspector.NetworkLogView.MixedContentFilterValues. Blocked);	573 WebInspector.NetworkPanel.revealAndFilter(WebInspector.NetworkLogVie w.FilterType.MixedContent, WebInspector.NetworkLogView.MixedContentFilterValues. Blocked);

570 }	574 }

571 },	575 },

572	576

573 /**	577 /**

574 * @param {!SecurityAgent.SecurityState} securityState	578 * @param {!SecurityAgent.SecurityState} securityState

575 * @param {string} summary	579 * @param {string} summary

576 * @param {string} description	580 * @param {string} description

577 * @param {!WebInspector.NetworkLogView.MixedContentFilterValues} filterKey	581 * @param {!WebInspector.NetworkLogView.MixedContentFilterValues=} filterKey

578 * @param {!Function} networkFilterFn	582 * @param {!Function=} networkFilterFn

579 */	583 */

580 _addMixedContentExplanation: function(securityState, summary, description, f ilterKey, networkFilterFn)	584 _addMixedContentExplanation: function(securityState, summary, description, f ilterKey, networkFilterFn)

581 {	585 {

582 var mixedContentExplanation = /** @type {!SecurityAgent.SecurityStateExp lanation} */ ({	586 var mixedContentExplanation = /** @type {!SecurityAgent.SecurityStateExp lanation} */ ({

583 "securityState": securityState,	587 "securityState": securityState,

584 "summary": summary,	588 "summary": summary,

585 "description": description	589 "description": description

586 });	590 });

587	591

	592 var explanation = this._addExplanation(mixedContentExplanation);

	593

	594 if (!filterKey \|\| !networkFilterFn) { return; }
	dgozman 2015/10/09 03:52:54 nit: drop {} and place return on next line. nit: drop {} and place return on next line.
	595

588 var filterRequestCount = this._panel.filterRequestCount(filterKey);	596 var filterRequestCount = this._panel.filterRequestCount(filterKey);

589 var requestsAnchor = this._addExplanation(mixedContentExplanation).creat eChild("div", "security-mixed-content link");	597 var requestsAnchor = explanation.createChild("div", "security-mixed-cont ent link");

590 if (filterRequestCount > 0) {	598 if (filterRequestCount > 0) {

591 requestsAnchor.textContent = WebInspector.UIString("View %d request% s in Network Panel", filterRequestCount, (filterRequestCount > 1 ? "s" : ""));	599 requestsAnchor.textContent = WebInspector.UIString("View %d request% s in Network Panel", filterRequestCount, (filterRequestCount > 1 ? "s" : ""));

592 } else {	600 } else {

593 // Network instrumentation might not have been enabled for the page load, so the security panel does not necessarily know a count of individual mixe d requests at this point. Point the user at the Network Panel which prompts them to refresh.	601 // Network instrumentation might not have been enabled for the page load, so the security panel does not necessarily know a count of individual mixe d requests at this point. Point the user at the Network Panel which prompts them to refresh.

594 requestsAnchor.textContent = WebInspector.UIString("View requests in Network Panel");	602 requestsAnchor.textContent = WebInspector.UIString("View requests in Network Panel");

595 }	603 }

596 requestsAnchor.href = "";	604 requestsAnchor.href = "";

597 requestsAnchor.addEventListener("click", networkFilterFn);	605 requestsAnchor.addEventListener("click", networkFilterFn);

598 },	606 },

599	607

(...skipping 165 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
765 row.createChild("div").textContent = WebInspector.UIString(key);	773 row.createChild("div").textContent = WebInspector.UIString(key);

766	774

767 var valueDiv = row.createChild("div");	775 var valueDiv = row.createChild("div");

768 if (value instanceof HTMLDivElement) {	776 if (value instanceof HTMLDivElement) {

769 valueDiv.appendChild(value);	777 valueDiv.appendChild(value);

770 } else {	778 } else {

771 valueDiv.textContent = value;	779 valueDiv.textContent = value;

772 }	780 }

773 }	781 }

774 }	782 }

OLD	NEW

« no previous file with comments | « third_party/WebKit/LayoutTests/http/tests/inspector/security/security-all-resources-secure-expected.txt ('k') | no next file » | no next file with comments »

Powered by Google App Engine

This is Rietveld 408576698