| Index: content/child/web_url_loader_impl.cc
|
| diff --git a/content/child/web_url_loader_impl.cc b/content/child/web_url_loader_impl.cc
|
| index 41daeb0975151871e7c97f6044ec1b382bf124c8..a71dbbaee682b287be0ff38c3faac1e9b27876a0 100644
|
| --- a/content/child/web_url_loader_impl.cc
|
| +++ b/content/child/web_url_loader_impl.cc
|
| @@ -1,4 +1,4 @@
|
| -// Copyright 2014 The Chromium Authors. All rights reserved.
|
| +// Copyright 2014 The Chromium Authors. All rights reserved.
|
| // Use of this source code is governed by a BSD-style license that can be
|
| // found in the LICENSE file.
|
|
|
| @@ -17,6 +17,7 @@
|
| #include "base/logging.h"
|
| #include "base/memory/ptr_util.h"
|
| #include "base/single_thread_task_runner.h"
|
| +#include "base/strings/string_number_conversions.h"
|
| #include "base/strings/string_util.h"
|
| #include "base/time/time.h"
|
| #include "build/build_config.h"
|
| @@ -38,13 +39,12 @@
|
| #include "content/public/child/fixed_received_data.h"
|
| #include "content/public/child/request_peer.h"
|
| #include "content/public/common/browser_side_navigation_policy.h"
|
| -#include "content/public/common/signed_certificate_timestamp_id_and_status.h"
|
| #include "content/public/common/ssl_status.h"
|
| #include "net/base/data_url.h"
|
| #include "net/base/filename_util.h"
|
| #include "net/base/net_errors.h"
|
| #include "net/cert/cert_status_flags.h"
|
| -#include "net/cert/sct_status_flags.h"
|
| +#include "net/cert/ct_sct_to_string.h"
|
| #include "net/http/http_response_headers.h"
|
| #include "net/http/http_util.h"
|
| #include "net/ssl/ssl_cipher_suite_names.h"
|
| @@ -187,7 +187,7 @@ int GetInfoFromDataURL(const GURL& url,
|
| }
|
|
|
| void SetSecurityStyleAndDetails(const GURL& url,
|
| - const std::string& security_info,
|
| + const ResourceResponseInfo& info,
|
| WebURLResponse* response,
|
| bool report_security_info) {
|
| if (!report_security_info) {
|
| @@ -201,6 +201,7 @@ void SetSecurityStyleAndDetails(const GURL& url,
|
|
|
| // There are cases where an HTTPS request can come in without security
|
| // info attached (such as a redirect response).
|
| + const std::string& security_info = info.security_info;
|
| if (security_info.empty()) {
|
| response->setSecurityStyle(WebURLResponse::SecurityStyleUnknown);
|
| return;
|
| @@ -254,37 +255,45 @@ void SetSecurityStyleAndDetails(const GURL& url,
|
|
|
| response->setSecurityStyle(securityStyle);
|
|
|
| - SignedCertificateTimestampIDStatusList sct_list =
|
| - ssl_status.signed_certificate_timestamp_ids;
|
| -
|
| - size_t num_unknown_scts = 0;
|
| - size_t num_invalid_scts = 0;
|
| - size_t num_valid_scts = 0;
|
| -
|
| - SignedCertificateTimestampIDStatusList::iterator iter;
|
| - for (iter = sct_list.begin(); iter < sct_list.end(); ++iter) {
|
| - switch (iter->status) {
|
| - case net::ct::SCT_STATUS_LOG_UNKNOWN:
|
| - num_unknown_scts++;
|
| - break;
|
| - case net::ct::SCT_STATUS_INVALID:
|
| - num_invalid_scts++;
|
| - break;
|
| - case net::ct::SCT_STATUS_OK:
|
| - num_valid_scts++;
|
| - break;
|
| - case net::ct::SCT_STATUS_NONE:
|
| - case net::ct::SCT_STATUS_MAX:
|
| - // These enum values do not represent SCTs that are taken into account
|
| - // for CT compliance calculations, so we ignore them.
|
| - break;
|
| - }
|
| + size_t num_unknown_scts = ssl_status.num_unknown_scts;
|
| + size_t num_invalid_scts = ssl_status.num_invalid_scts;
|
| + size_t num_valid_scts = ssl_status.num_valid_scts;
|
| +
|
| + blink::WebURLResponse::SignedCertificateTimestampList sctList;
|
| +
|
| + for (const auto& sct_and_status : info.signed_certificate_timestamps) {
|
| + // Extract SCT's details.
|
| + blink::WebURLResponse::SignedCertificateTimestamp sct(
|
| + WebString::fromUTF8(net::ct::StatusToString(sct_and_status.status)),
|
| + WebString::fromUTF8(net::ct::OriginToString(sct_and_status.sct->origin)),
|
| + WebString::fromUTF8(
|
| + net::ct::VersionToString(sct_and_status.sct->version)),
|
| + WebString::fromUTF8(sct_and_status.sct->log_description),
|
| + WebString::fromUTF8(
|
| + base::HexEncode(
|
| + reinterpret_cast<const unsigned char*>(
|
| + sct_and_status.sct->log_id.data()),
|
| + sct_and_status.sct->log_id.length())),
|
| + sct_and_status.sct->timestamp.ToJavaTime(),
|
| + WebString::fromUTF8(
|
| + net::ct::HashAlgorithmToString(
|
| + sct_and_status.sct->signature.hash_algorithm)),
|
| + WebString::fromUTF8(
|
| + net::ct::SignatureAlgorithmToString(
|
| + sct_and_status.sct->signature.signature_algorithm)),
|
| + WebString::fromUTF8(
|
| + base::HexEncode(
|
| + reinterpret_cast<const unsigned char*>(
|
| + sct_and_status.sct->signature.signature_data.data()),
|
| + sct_and_status.sct->signature.signature_data.length())));
|
| + sctList.push_back(sct);
|
| }
|
|
|
| blink::WebURLResponse::WebSecurityDetails webSecurityDetails(
|
| WebString::fromUTF8(protocol), WebString::fromUTF8(key_exchange),
|
| WebString::fromUTF8(cipher), WebString::fromUTF8(mac),
|
| - ssl_status.cert_id, num_unknown_scts, num_invalid_scts, num_valid_scts);
|
| + ssl_status.cert_id, num_unknown_scts, num_invalid_scts, num_valid_scts,
|
| + sctList);
|
|
|
| response->setSecurityDetails(webSecurityDetails);
|
| }
|
| @@ -950,8 +959,7 @@ void WebURLLoaderImpl::PopulateURLResponse(const GURL& url,
|
| ? blink::WebString::fromUTF8(info.cache_storage_cache_name)
|
| : blink::WebString());
|
|
|
| - SetSecurityStyleAndDetails(url, info.security_info, response,
|
| - report_security_info);
|
| + SetSecurityStyleAndDetails(url, info, response, report_security_info);
|
|
|
| WebURLResponseExtraDataImpl* extra_data =
|
| new WebURLResponseExtraDataImpl(info.npn_negotiated_protocol);
|
|
|
Chromium Code Reviews
Issue 1772603002:
Addition of Certificate Transparency details to Security panel of DevTools (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master