Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(119)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/ssl/ssl_policy.cc

Issue 1415923015: Downgrade lock icon for broken-HTTPS subresources (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: remove console message; see comment to mike Created 5 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « content/browser/ssl/ssl_policy.h ('k') | content/browser/web_contents/web_contents_impl.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/browser/ssl/ssl_policy.h" 5 #include "content/browser/ssl/ssl_policy.h"
6 6
7 #include "base/base_switches.h" 7 #include "base/base_switches.h"
8 #include "base/bind.h" 8 #include "base/bind.h"
9 #include "base/command_line.h" 9 #include "base/command_line.h"
10 #include "base/memory/singleton.h" 10 #include "base/memory/singleton.h"
(...skipping 87 matching lines...) Expand 10 before | Expand all | Expand 10 after
98 OnCertErrorInternal(handler, options_mask); 98 OnCertErrorInternal(handler, options_mask);
99 break; 99 break;
100 default: 100 default:
101 NOTREACHED(); 101 NOTREACHED();
102 handler->CancelRequest(); 102 handler->CancelRequest();
103 break; 103 break;
104 } 104 }
105 } 105 }
106 106
107 void SSLPolicy::DidRunInsecureContent(NavigationEntryImpl* entry, 107 void SSLPolicy::DidRunInsecureContent(NavigationEntryImpl* entry,
108 const std::string& security_origin) { 108 const GURL& security_origin) {
109 if (!entry) 109 if (!entry)
110 return; 110 return;
111 111
112 SiteInstance* site_instance = entry->site_instance(); 112 SiteInstance* site_instance = entry->site_instance();
113 if (!site_instance) 113 if (!site_instance)
114 return; 114 return;
115 115
116 backend_->HostRanInsecureContent(GURL(security_origin).host(), 116 backend_->HostRanInsecureContent(security_origin.host(),
117 site_instance->GetProcess()->GetID()); 117 site_instance->GetProcess()->GetID());
118 } 118 }
119 119
120 void SSLPolicy::OnRequestStarted(SSLRequestInfo* info) { 120 void SSLPolicy::OnRequestStarted(SSLRequestInfo* info) {
121 // TODO(abarth): This mechanism is wrong. What we should be doing is sending 121 if (info->ssl_cert_id() && info->url().SchemeIsCryptographic() &&
122 // this information back through WebKit and out some FrameLoaderClient 122 !net::IsCertStatusError(info->ssl_cert_status())) {
123 // methods. 123 // If the scheme is https: or wss: *and* the security info for the
124 124 // cert has been set (i.e. the cert id is not 0) and the cert did
125 if (net::IsCertStatusError(info->ssl_cert_status())) { 125 // not have any errors, revoke any previous decisions that
126 backend_->HostRanInsecureContent(info->url().host(), info->child_id());
127 } else if (info->ssl_cert_id() && info->url().SchemeIsCryptographic()) {
128 // If the scheme is https: or wss: *and* the security info for the cert has
129 // been set (i.e. the cert id is not 0), revoke any previous decisions that
130 // have occurred. If the cert info has not been set, do nothing since it 126 // have occurred. If the cert info has not been set, do nothing since it
131 // isn't known if the connection was actually a valid connection or if it 127 // isn't known if the connection was actually a valid connection or if it
132 // had a cert error. 128 // had a cert error.
133 SSLGoodCertSeenEvent event = NO_PREVIOUS_EXCEPTION; 129 SSLGoodCertSeenEvent event = NO_PREVIOUS_EXCEPTION;
134 if (backend_->HasAllowException(info->url().host())) { 130 if (backend_->HasAllowException(info->url().host())) {
135 // If there's no certificate error, a good certificate has been seen, so 131 // If there's no certificate error, a good certificate has been seen, so
136 // clear out any exceptions that were made by the user for bad 132 // clear out any exceptions that were made by the user for bad
137 // certificates. 133 // certificates.
138 backend_->RevokeUserAllowExceptions(info->url().host()); 134 backend_->RevokeUserAllowExceptions(info->url().host());
139 event = HAD_PREVIOUS_EXCEPTION; 135 event = HAD_PREVIOUS_EXCEPTION;
(...skipping 127 matching lines...) Expand 10 before | Expand all | Expand 10 after
267 entry->GetURL(), entry->GetSSL().cert_id, entry->GetSSL().cert_status); 263 entry->GetURL(), entry->GetSSL().cert_id, entry->GetSSL().cert_status);
268 } 264 }
269 265
270 void SSLPolicy::OriginRanInsecureContent(const std::string& origin, int pid) { 266 void SSLPolicy::OriginRanInsecureContent(const std::string& origin, int pid) {
271 GURL parsed_origin(origin); 267 GURL parsed_origin(origin);
272 if (parsed_origin.SchemeIsCryptographic()) 268 if (parsed_origin.SchemeIsCryptographic())
273 backend_->HostRanInsecureContent(parsed_origin.host(), pid); 269 backend_->HostRanInsecureContent(parsed_origin.host(), pid);
274 } 270 }
275 271
276 } // namespace content 272 } // namespace content
OLDNEW
« no previous file with comments | « content/browser/ssl/ssl_policy.h ('k') | content/browser/web_contents/web_contents_impl.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698