| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" | 5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/metrics/field_trial.h" | 8 #include "base/metrics/field_trial.h" |
| 9 #include "base/metrics/histogram_macros.h" | 9 #include "base/metrics/histogram_macros.h" |
| 10 #include "chrome/browser/chromeos/policy/policy_cert_service.h" | 10 #include "chrome/browser/chromeos/policy/policy_cert_service.h" |
| 11 #include "chrome/browser/chromeos/policy/policy_cert_service_factory.h" | 11 #include "chrome/browser/chromeos/policy/policy_cert_service_factory.h" |
| 12 #include "chrome/browser/profiles/profile.h" | 12 #include "chrome/browser/profiles/profile.h" |
| 13 #include "content/public/browser/cert_store.h" | 13 #include "content/public/browser/cert_store.h" |
| 14 #include "content/public/browser/navigation_entry.h" | 14 #include "content/public/browser/navigation_entry.h" |
| 15 #include "content/public/browser/web_contents.h" | 15 #include "content/public/browser/web_contents.h" |
| 16 #include "content/public/common/origin_util.h" | 16 #include "content/public/common/origin_util.h" |
| 17 #include "content/public/common/ssl_status.h" | 17 #include "content/public/common/ssl_status.h" |
| 18 #include "net/cert/x509_certificate.h" | 18 #include "net/cert/x509_certificate.h" |
| 19 | 19 |
| 20 DEFINE_WEB_CONTENTS_USER_DATA_KEY(ChromeSecurityStateModelClient); | 20 DEFINE_WEB_CONTENTS_USER_DATA_KEY(ChromeSecurityStateModelClient); |
| 21 | 21 |
| 22 namespace { | 22 namespace { |
| 23 | 23 |
| 24 // Converts a content::SecurityStyle (an indicator of a request's | 24 // Converts a content::SecurityStyle (an indicator of a request's |
| 25 // overall security level computed by //content) into a | 25 // overall security level computed by //content) into a |
| 26 // SecurityStateModel::SecurityLevel (a finer-grained SecurityStateModel | 26 // SecurityStateModel::SecurityLevel (a finer-grained SecurityStateModel |
| 27 // concept that can express all of SecurityStateModel's policies that | 27 // concept that can express all of SecurityStateModel's policies that |
| 28 // //content doesn't necessarily know about). | 28 // //content doesn't necessarily know about). |
| 29 SecurityStateModel::SecurityLevel GetSecurityLevelForSecurityStyle( | 29 security_state::SecurityStateModel::SecurityLevel |
| 30 content::SecurityStyle style) { | 30 GetSecurityLevelForSecurityStyle(content::SecurityStyle style) { |
| 31 switch (style) { | 31 switch (style) { |
| 32 case content::SECURITY_STYLE_UNKNOWN: | 32 case content::SECURITY_STYLE_UNKNOWN: |
| 33 NOTREACHED(); | 33 NOTREACHED(); |
| 34 return SecurityStateModel::NONE; | 34 return security_state::SecurityStateModel::NONE; |
| 35 case content::SECURITY_STYLE_UNAUTHENTICATED: | 35 case content::SECURITY_STYLE_UNAUTHENTICATED: |
| 36 return SecurityStateModel::NONE; | 36 return security_state::SecurityStateModel::NONE; |
| 37 case content::SECURITY_STYLE_AUTHENTICATION_BROKEN: | 37 case content::SECURITY_STYLE_AUTHENTICATION_BROKEN: |
| 38 return SecurityStateModel::SECURITY_ERROR; | 38 return security_state::SecurityStateModel::SECURITY_ERROR; |
| 39 case content::SECURITY_STYLE_WARNING: | 39 case content::SECURITY_STYLE_WARNING: |
| 40 // content currently doesn't use this style. | 40 // content currently doesn't use this style. |
| 41 NOTREACHED(); | 41 NOTREACHED(); |
| 42 return SecurityStateModel::SECURITY_WARNING; | 42 return security_state::SecurityStateModel::SECURITY_WARNING; |
| 43 case content::SECURITY_STYLE_AUTHENTICATED: | 43 case content::SECURITY_STYLE_AUTHENTICATED: |
| 44 return SecurityStateModel::SECURE; | 44 return security_state::SecurityStateModel::SECURE; |
| 45 } | 45 } |
| 46 return SecurityStateModel::NONE; | 46 return security_state::SecurityStateModel::NONE; |
| 47 } | 47 } |
| 48 | 48 |
| 49 } // namespace | 49 } // namespace |
| 50 | 50 |
| 51 ChromeSecurityStateModelClient::ChromeSecurityStateModelClient( | 51 ChromeSecurityStateModelClient::ChromeSecurityStateModelClient( |
| 52 content::WebContents* web_contents) | 52 content::WebContents* web_contents) |
| 53 : web_contents_(web_contents), | 53 : web_contents_(web_contents), |
| 54 security_state_model_(new SecurityStateModel()) { | 54 security_state_model_(new security_state::SecurityStateModel()) { |
| 55 security_state_model_->SetClient(this); | 55 security_state_model_->SetClient(this); |
| 56 } | 56 } |
| 57 | 57 |
| 58 ChromeSecurityStateModelClient::~ChromeSecurityStateModelClient() {} | 58 ChromeSecurityStateModelClient::~ChromeSecurityStateModelClient() {} |
| 59 | 59 |
| 60 const SecurityStateModel::SecurityInfo& | 60 const security_state::SecurityStateModel::SecurityInfo& |
| 61 ChromeSecurityStateModelClient::GetSecurityInfo() const { | 61 ChromeSecurityStateModelClient::GetSecurityInfo() const { |
| 62 return security_state_model_->GetSecurityInfo(); | 62 return security_state_model_->GetSecurityInfo(); |
| 63 } | 63 } |
| 64 | 64 |
| 65 bool ChromeSecurityStateModelClient::RetrieveCert( | 65 bool ChromeSecurityStateModelClient::RetrieveCert( |
| 66 scoped_refptr<net::X509Certificate>* cert) { | 66 scoped_refptr<net::X509Certificate>* cert) { |
| 67 content::NavigationEntry* entry = | 67 content::NavigationEntry* entry = |
| 68 web_contents_->GetController().GetVisibleEntry(); | 68 web_contents_->GetController().GetVisibleEntry(); |
| 69 if (!entry) | 69 if (!entry) |
| 70 return false; | 70 return false; |
| (...skipping 10 matching lines...) Expand all Loading... |
| 81 return true; | 81 return true; |
| 82 #endif | 82 #endif |
| 83 return false; | 83 return false; |
| 84 } | 84 } |
| 85 | 85 |
| 86 bool ChromeSecurityStateModelClient::IsOriginSecure(const GURL& url) { | 86 bool ChromeSecurityStateModelClient::IsOriginSecure(const GURL& url) { |
| 87 return content::IsOriginSecure(url); | 87 return content::IsOriginSecure(url); |
| 88 } | 88 } |
| 89 | 89 |
| 90 void ChromeSecurityStateModelClient::GetVisibleSecurityState( | 90 void ChromeSecurityStateModelClient::GetVisibleSecurityState( |
| 91 SecurityStateModel::VisibleSecurityState* state) { | 91 security_state::SecurityStateModel::VisibleSecurityState* state) { |
| 92 content::NavigationEntry* entry = | 92 content::NavigationEntry* entry = |
| 93 web_contents_->GetController().GetVisibleEntry(); | 93 web_contents_->GetController().GetVisibleEntry(); |
| 94 if (!entry || | 94 if (!entry || |
| 95 entry->GetSSL().security_style == content::SECURITY_STYLE_UNKNOWN) { | 95 entry->GetSSL().security_style == content::SECURITY_STYLE_UNKNOWN) { |
| 96 *state = SecurityStateModel::VisibleSecurityState(); | 96 *state = security_state::SecurityStateModel::VisibleSecurityState(); |
| 97 return; | 97 return; |
| 98 } | 98 } |
| 99 | 99 |
| 100 state->initialized = true; | 100 state->initialized = true; |
| 101 state->url = entry->GetURL(); | 101 state->url = entry->GetURL(); |
| 102 const content::SSLStatus& ssl = entry->GetSSL(); | 102 const content::SSLStatus& ssl = entry->GetSSL(); |
| 103 state->initial_security_level = | 103 state->initial_security_level = |
| 104 GetSecurityLevelForSecurityStyle(ssl.security_style); | 104 GetSecurityLevelForSecurityStyle(ssl.security_style); |
| 105 state->cert_id = ssl.cert_id; | 105 state->cert_id = ssl.cert_id; |
| 106 state->cert_status = ssl.cert_status; | 106 state->cert_status = ssl.cert_status; |
| 107 state->connection_status = ssl.connection_status; | 107 state->connection_status = ssl.connection_status; |
| 108 state->security_bits = ssl.security_bits; | 108 state->security_bits = ssl.security_bits; |
| 109 state->sct_verify_statuses.clear(); | 109 state->sct_verify_statuses.clear(); |
| 110 for (const auto& sct : ssl.signed_certificate_timestamp_ids) | 110 for (const auto& sct : ssl.signed_certificate_timestamp_ids) |
| 111 state->sct_verify_statuses.push_back(sct.status); | 111 state->sct_verify_statuses.push_back(sct.status); |
| 112 state->displayed_mixed_content = | 112 state->displayed_mixed_content = |
| 113 (ssl.content_status & content::SSLStatus::DISPLAYED_INSECURE_CONTENT) | 113 (ssl.content_status & content::SSLStatus::DISPLAYED_INSECURE_CONTENT) |
| 114 ? true | 114 ? true |
| 115 : false; | 115 : false; |
| 116 state->ran_mixed_content = | 116 state->ran_mixed_content = |
| 117 (ssl.content_status & content::SSLStatus::RAN_INSECURE_CONTENT) ? true | 117 (ssl.content_status & content::SSLStatus::RAN_INSECURE_CONTENT) ? true |
| 118 : false; | 118 : false; |
| 119 } | 119 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1539043002:
Pull SecurityStateModel out into a component (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master