Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(28)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/ssl/ssl_policy.cc

Issue 1497423002: Revert of Downgrade lock icon for broken-HTTPS subresources (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: fix conflict Created 5 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « content/browser/ssl/ssl_policy.h ('k') | content/browser/web_contents/web_contents_impl.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/browser/ssl/ssl_policy.h" 5 #include "content/browser/ssl/ssl_policy.h"
6 6
7 #include "base/base_switches.h" 7 #include "base/base_switches.h"
8 #include "base/bind.h" 8 #include "base/bind.h"
9 #include "base/command_line.h" 9 #include "base/command_line.h"
10 #include "base/memory/singleton.h" 10 #include "base/memory/singleton.h"
(...skipping 87 matching lines...) Expand 10 before | Expand all | Expand 10 after
98 OnCertErrorInternal(handler, options_mask); 98 OnCertErrorInternal(handler, options_mask);
99 break; 99 break;
100 default: 100 default:
101 NOTREACHED(); 101 NOTREACHED();
102 handler->CancelRequest(); 102 handler->CancelRequest();
103 break; 103 break;
104 } 104 }
105 } 105 }
106 106
107 void SSLPolicy::DidRunInsecureContent(NavigationEntryImpl* entry, 107 void SSLPolicy::DidRunInsecureContent(NavigationEntryImpl* entry,
108 const GURL& security_origin) { 108 const std::string& security_origin) {
109 if (!entry) 109 if (!entry)
110 return; 110 return;
111 111
112 SiteInstance* site_instance = entry->site_instance(); 112 SiteInstance* site_instance = entry->site_instance();
113 if (!site_instance) 113 if (!site_instance)
114 return; 114 return;
115 115
116 backend_->HostRanInsecureContent(security_origin.host(), 116 backend_->HostRanInsecureContent(GURL(security_origin).host(),
117 site_instance->GetProcess()->GetID()); 117 site_instance->GetProcess()->GetID());
118 } 118 }
119 119
120 void SSLPolicy::OnRequestStarted(SSLRequestInfo* info) { 120 void SSLPolicy::OnRequestStarted(SSLRequestInfo* info) {
121 if (info->ssl_cert_id() && info->url().SchemeIsCryptographic() && 121 // TODO(abarth): This mechanism is wrong. What we should be doing is sending
122 !net::IsCertStatusError(info->ssl_cert_status())) { 122 // this information back through WebKit and out some FrameLoaderClient
123 // If the scheme is https: or wss: *and* the security info for the 123 // methods.
124 // cert has been set (i.e. the cert id is not 0) and the cert did 124
125 // not have any errors, revoke any previous decisions that 125 if (net::IsCertStatusError(info->ssl_cert_status())) {
126 backend_->HostRanInsecureContent(info->url().host(), info->child_id());
127 } else if (info->ssl_cert_id() && info->url().SchemeIsCryptographic()) {
128 // If the scheme is https: or wss: *and* the security info for the cert has
129 // been set (i.e. the cert id is not 0), revoke any previous decisions that
126 // have occurred. If the cert info has not been set, do nothing since it 130 // have occurred. If the cert info has not been set, do nothing since it
127 // isn't known if the connection was actually a valid connection or if it 131 // isn't known if the connection was actually a valid connection or if it
128 // had a cert error. 132 // had a cert error.
129 SSLGoodCertSeenEvent event = NO_PREVIOUS_EXCEPTION; 133 SSLGoodCertSeenEvent event = NO_PREVIOUS_EXCEPTION;
130 if (backend_->HasAllowException(info->url().host())) { 134 if (backend_->HasAllowException(info->url().host())) {
131 // If there's no certificate error, a good certificate has been seen, so 135 // If there's no certificate error, a good certificate has been seen, so
132 // clear out any exceptions that were made by the user for bad 136 // clear out any exceptions that were made by the user for bad
133 // certificates. 137 // certificates.
134 backend_->RevokeUserAllowExceptions(info->url().host()); 138 backend_->RevokeUserAllowExceptions(info->url().host());
135 event = HAD_PREVIOUS_EXCEPTION; 139 event = HAD_PREVIOUS_EXCEPTION;
(...skipping 121 matching lines...) Expand 10 before | Expand all | Expand 10 after
257 entry->GetURL(), entry->GetSSL().cert_id, entry->GetSSL().cert_status); 261 entry->GetURL(), entry->GetSSL().cert_id, entry->GetSSL().cert_status);
258 } 262 }
259 263
260 void SSLPolicy::OriginRanInsecureContent(const std::string& origin, int pid) { 264 void SSLPolicy::OriginRanInsecureContent(const std::string& origin, int pid) {
261 GURL parsed_origin(origin); 265 GURL parsed_origin(origin);
262 if (parsed_origin.SchemeIsCryptographic()) 266 if (parsed_origin.SchemeIsCryptographic())
263 backend_->HostRanInsecureContent(parsed_origin.host(), pid); 267 backend_->HostRanInsecureContent(parsed_origin.host(), pid);
264 } 268 }
265 269
266 } // namespace content 270 } // namespace content
OLDNEW
« no previous file with comments | « content/browser/ssl/ssl_policy.h ('k') | content/browser/web_contents/web_contents_impl.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698