Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(250)

Unified Diff: content/browser/ssl/ssl_policy.cc

Issue 184483002: Set insecure content status also when there are other security issues. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Review follow up: remove bool arguments, introduce enums. Created 6 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/ssl/ssl_browser_tests.cc ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/browser/ssl/ssl_policy.cc
diff --git a/content/browser/ssl/ssl_policy.cc b/content/browser/ssl/ssl_policy.cc
index 1127f8da7398ec0dba5687a9e144f9b997e194f7..731645505b424d219ea6a54eec4203b56228d37c 100644
--- a/content/browser/ssl/ssl_policy.cc
+++ b/content/browser/ssl/ssl_policy.cc
@@ -110,6 +110,9 @@ void SSLPolicy::UpdateEntry(NavigationEntryImpl* entry,
if (!entry->GetURL().SchemeIsSecure())
return;
+ if (!web_contents->DisplayedInsecureContent())
+ entry->GetSSL().content_status &= ~SSLStatus::DISPLAYED_INSECURE_CONTENT;
+
// An HTTPS response may not have a certificate for some reason. When that
// happens, use the unauthenticated (HTTP) rather than the authentication
// broken security style so that we can detect this error condition.
@@ -118,6 +121,9 @@ void SSLPolicy::UpdateEntry(NavigationEntryImpl* entry,
return;
}
+ if (web_contents->DisplayedInsecureContent())
+ entry->GetSSL().content_status |= SSLStatus::DISPLAYED_INSECURE_CONTENT;
+
if (net::IsCertStatusError(entry->GetSSL().cert_status)) {
// Minor errors don't lower the security style to
// SECURITY_STYLE_AUTHENTICATION_BROKEN.
@@ -140,11 +146,6 @@ void SSLPolicy::UpdateEntry(NavigationEntryImpl* entry,
entry->GetSSL().content_status |= SSLStatus::RAN_INSECURE_CONTENT;
return;
}
-
- if (web_contents->DisplayedInsecureContent())
- entry->GetSSL().content_status |= SSLStatus::DISPLAYED_INSECURE_CONTENT;
- else
- entry->GetSSL().content_status &= ~SSLStatus::DISPLAYED_INSECURE_CONTENT;
}
void SSLPolicy::OnAllowCertificate(scoped_refptr<SSLCertErrorHandler> handler,
« no previous file with comments | « chrome/browser/ssl/ssl_browser_tests.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698