Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(845)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/renderer/render_frame_impl.cc

Issue 1415923015: Downgrade lock icon for broken-HTTPS subresources (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: remove console message; see comment to mike Created 5 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « content/renderer/render_frame_impl.h ('k') | third_party/WebKit/Source/core/loader/EmptyClients.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/renderer/render_frame_impl.cc
diff --git a/content/renderer/render_frame_impl.cc b/content/renderer/render_frame_impl.cc
index 2193a457d7d48faac17ea61efab94d46ea73e986..fa752c07a0653530585c0a653ca81ebe5bd2364d 100644
--- a/content/renderer/render_frame_impl.cc
+++ b/content/renderer/render_frame_impl.cc
@@ -45,6 +45,7 @@
#include "content/common/savable_subframe.h"
#include "content/common/service_worker/service_worker_types.h"
#include "content/common/site_isolation_policy.h"
+#include "content/common/ssl_status_serialization.h"
#include "content/common/swapped_out_messages.h"
#include "content/common/view_messages.h"
#include "content/public/common/bindings_policy.h"
@@ -541,6 +542,38 @@ RenderFrameImpl::CreateRenderFrameImplFunction g_create_render_frame_impl =
void OnGotContentHandlerID(uint32_t content_handler_id) {}
+bool IsContentWithCertificateErrorsRelevantToUI(
+ const blink::WebURL& url,
+ const blink::WebCString& security_info,
+ const blink::WebURL& main_resource_url,
+ const blink::WebCString& main_resource_security_info) {
+ content::SSLStatus ssl_status;
+ content::SSLStatus main_resource_ssl_status;
+ CHECK(DeserializeSecurityInfo(security_info, &ssl_status));
+ CHECK(DeserializeSecurityInfo(main_resource_security_info,
+ &main_resource_ssl_status));
+
+ if (!GURL(main_resource_url).SchemeIsCryptographic())
+ return false;
+
+ // Do not handle subresource certificate errors if they are the same
+ // as errors that occured during the main page load. This compares
+ // most, but not all, fields of SSLStatus. For example, this check
+ // does not compare |content_status| because the navigation entry
+ // might have mixed content but also have the exact same SSL
+ // connection properties as the subresource, thereby making the
+ // subresource errors duplicative.
+ return (!url::Origin(GURL(url))
+ .IsSameOriginWith(url::Origin(GURL(main_resource_url))) ||
+ main_resource_ssl_status.security_style !=
+ ssl_status.security_style ||
+ main_resource_ssl_status.cert_id != ssl_status.cert_id ||
+ main_resource_ssl_status.cert_status != ssl_status.cert_status ||
+ main_resource_ssl_status.security_bits != ssl_status.security_bits ||
+ main_resource_ssl_status.connection_status !=
+ ssl_status.connection_status);
+}
+
} // namespace
// static
@@ -3626,12 +3659,38 @@ void RenderFrameImpl::didRunInsecureContent(
const blink::WebSecurityOrigin& origin,
const blink::WebURL& target) {
Send(new FrameHostMsg_DidRunInsecureContent(
- routing_id_, origin.toString().utf8(), target));
+ routing_id_, GURL(origin.toString().utf8()), target));
GetContentClient()->renderer()->RecordRapporURL(
"ContentSettings.MixedScript.RanMixedScript",
GURL(origin.toString().utf8()));
}
+void RenderFrameImpl::didDisplayContentWithCertificateErrors(
+ const blink::WebURL& url,
+ const blink::WebCString& security_info,
+ const blink::WebURL& main_resource_url,
+ const blink::WebCString& main_resource_security_info) {
+ if (!IsContentWithCertificateErrorsRelevantToUI(
+ url, security_info, main_resource_url, main_resource_security_info)) {
+ return;
+ }
+ Send(new FrameHostMsg_DidDisplayContentWithCertificateErrors(routing_id_, url,
+ security_info));
+}
+
+void RenderFrameImpl::didRunContentWithCertificateErrors(
+ const blink::WebURL& url,
+ const blink::WebCString& security_info,
+ const blink::WebURL& main_resource_url,
+ const blink::WebCString& main_resource_security_info) {
+ if (!IsContentWithCertificateErrorsRelevantToUI(
+ url, security_info, main_resource_url, main_resource_security_info)) {
+ return;
+ }
+ Send(new FrameHostMsg_DidRunContentWithCertificateErrors(
+ routing_id_, GURL(main_resource_url).GetOrigin(), url, security_info));
+}
+
void RenderFrameImpl::didChangePerformanceTiming() {
FOR_EACH_OBSERVER(RenderFrameObserver,
observers_,
« no previous file with comments | « content/renderer/render_frame_impl.h ('k') | third_party/WebKit/Source/core/loader/EmptyClients.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698