| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/renderer/chrome_render_frame_observer.h" | 5 #include "chrome/renderer/chrome_render_frame_observer.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 #include <string.h> |
| 8 | 9 |
| 9 #include <limits> | 10 #include <limits> |
| 10 #include <string> | 11 #include <string> |
| 11 #include <vector> | 12 #include <vector> |
| 12 | 13 |
| 13 #include "base/command_line.h" | 14 #include "base/command_line.h" |
| 14 #include "base/metrics/histogram.h" | 15 #include "base/metrics/histogram.h" |
| 15 #include "base/strings/string_number_conversions.h" | 16 #include "base/strings/string_number_conversions.h" |
| 16 #include "base/strings/utf_string_conversions.h" | 17 #include "base/strings/utf_string_conversions.h" |
| 17 #include "build/build_config.h" | 18 #include "build/build_config.h" |
| 18 #include "chrome/common/chrome_isolated_world_ids.h" | 19 #include "chrome/common/chrome_isolated_world_ids.h" |
| 19 #include "chrome/common/chrome_switches.h" | 20 #include "chrome/common/chrome_switches.h" |
| 20 #include "chrome/common/crash_keys.h" | 21 #include "chrome/common/crash_keys.h" |
| 21 #include "chrome/common/prerender_messages.h" | 22 #include "chrome/common/prerender_messages.h" |
| 22 #include "chrome/common/render_messages.h" | 23 #include "chrome/common/render_messages.h" |
| 23 #include "chrome/renderer/prerender/prerender_helper.h" | 24 #include "chrome/renderer/prerender/prerender_helper.h" |
| 24 #include "chrome/renderer/safe_browsing/phishing_classifier_delegate.h" | 25 #include "chrome/renderer/safe_browsing/phishing_classifier_delegate.h" |
| 25 #include "components/translate/content/renderer/translate_helper.h" | 26 #include "components/translate/content/renderer/translate_helper.h" |
| 26 #include "content/public/common/ssl_status.h" | 27 #include "content/public/common/ssl_status.h" |
| 27 #include "content/public/renderer/render_frame.h" | 28 #include "content/public/renderer/render_frame.h" |
| 28 #include "content/public/renderer/render_view.h" | 29 #include "content/public/renderer/render_view.h" |
| 29 #include "extensions/common/constants.h" | 30 #include "extensions/common/constants.h" |
| 30 #include "net/base/url_util.h" | 31 #include "net/base/url_util.h" |
| 32 #include "net/ssl/ssl_cipher_suite_names.h" |
| 33 #include "net/ssl/ssl_connection_status_flags.h" |
| 31 #include "skia/ext/image_operations.h" | 34 #include "skia/ext/image_operations.h" |
| 32 #include "third_party/WebKit/public/platform/WebImage.h" | 35 #include "third_party/WebKit/public/platform/WebImage.h" |
| 33 #include "third_party/WebKit/public/platform/modules/app_banner/WebAppBannerProm
ptReply.h" | 36 #include "third_party/WebKit/public/platform/modules/app_banner/WebAppBannerProm
ptReply.h" |
| 34 #include "third_party/WebKit/public/web/WebDataSource.h" | 37 #include "third_party/WebKit/public/web/WebDataSource.h" |
| 35 #include "third_party/WebKit/public/web/WebDocument.h" | 38 #include "third_party/WebKit/public/web/WebDocument.h" |
| 36 #include "third_party/WebKit/public/web/WebElement.h" | 39 #include "third_party/WebKit/public/web/WebElement.h" |
| 37 #include "third_party/WebKit/public/web/WebFrameContentDumper.h" | 40 #include "third_party/WebKit/public/web/WebFrameContentDumper.h" |
| 38 #include "third_party/WebKit/public/web/WebLocalFrame.h" | 41 #include "third_party/WebKit/public/web/WebLocalFrame.h" |
| 39 #include "third_party/WebKit/public/web/WebNode.h" | 42 #include "third_party/WebKit/public/web/WebNode.h" |
| 40 #include "third_party/WebKit/public/web/WebSecurityPolicy.h" | 43 #include "third_party/WebKit/public/web/WebSecurityPolicy.h" |
| (...skipping 199 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 240 | 243 |
| 241 void ChromeRenderFrameObserver::DidFinishDocumentLoad() { | 244 void ChromeRenderFrameObserver::DidFinishDocumentLoad() { |
| 242 // If the navigation is to a localhost URL (and the flag is set to | 245 // If the navigation is to a localhost URL (and the flag is set to |
| 243 // allow localhost SSL misconfigurations), print a warning to the | 246 // allow localhost SSL misconfigurations), print a warning to the |
| 244 // console telling the developer to check their SSL configuration | 247 // console telling the developer to check their SSL configuration |
| 245 // before going to production. | 248 // before going to production. |
| 246 bool allow_localhost = base::CommandLine::ForCurrentProcess()->HasSwitch( | 249 bool allow_localhost = base::CommandLine::ForCurrentProcess()->HasSwitch( |
| 247 switches::kAllowInsecureLocalhost); | 250 switches::kAllowInsecureLocalhost); |
| 248 WebDataSource* ds = render_frame()->GetWebFrame()->dataSource(); | 251 WebDataSource* ds = render_frame()->GetWebFrame()->dataSource(); |
| 249 | 252 |
| 253 SSLStatus ssl_status = render_frame()->GetRenderView()->GetSSLStatusOfFrame( |
| 254 render_frame()->GetWebFrame()); |
| 255 |
| 250 if (allow_localhost) { | 256 if (allow_localhost) { |
| 251 SSLStatus ssl_status = render_frame()->GetRenderView()->GetSSLStatusOfFrame( | |
| 252 render_frame()->GetWebFrame()); | |
| 253 bool is_cert_error = net::IsCertStatusError(ssl_status.cert_status) && | 257 bool is_cert_error = net::IsCertStatusError(ssl_status.cert_status) && |
| 254 !net::IsCertStatusMinorError(ssl_status.cert_status); | 258 !net::IsCertStatusMinorError(ssl_status.cert_status); |
| 255 bool is_localhost = net::IsLocalhost(GURL(ds->request().url()).host()); | 259 bool is_localhost = net::IsLocalhost(GURL(ds->request().url()).host()); |
| 256 | 260 |
| 257 if (is_cert_error && is_localhost) { | 261 if (is_cert_error && is_localhost) { |
| 258 render_frame()->GetWebFrame()->addMessageToConsole( | 262 render_frame()->GetWebFrame()->addMessageToConsole( |
| 259 blink::WebConsoleMessage( | 263 blink::WebConsoleMessage( |
| 260 blink::WebConsoleMessage::LevelWarning, | 264 blink::WebConsoleMessage::LevelWarning, |
| 261 base::ASCIIToUTF16( | 265 base::ASCIIToUTF16( |
| 262 "This site does not have a valid SSL " | 266 "This site does not have a valid SSL " |
| 263 "certificate! Without SSL, your site's and " | 267 "certificate! Without SSL, your site's and " |
| 264 "visitors' data is vulnerable to theft and " | 268 "visitors' data is vulnerable to theft and " |
| 265 "tampering. Get a valid SSL certificate before" | 269 "tampering. Get a valid SSL certificate before" |
| 266 " releasing your website to the public."))); | 270 " releasing your website to the public."))); |
| 267 } | 271 } |
| 268 } | 272 } |
| 273 |
| 274 // DHE is deprecated and will be removed in M52. See https://crbug.com/598109. |
| 275 // TODO(davidben): Remove this logic when DHE is removed. |
| 276 uint16_t cipher_suite = |
| 277 net::SSLConnectionStatusToCipherSuite(ssl_status.connection_status); |
| 278 const char* key_exchange; |
| 279 const char* unused; |
| 280 bool is_aead_unused; |
| 281 net::SSLCipherSuiteToStrings(&key_exchange, &unused, &unused, &is_aead_unused, |
| 282 cipher_suite); |
| 283 if (strcmp(key_exchange, "DHE_RSA") == 0) { |
| 284 render_frame()->GetWebFrame()->addMessageToConsole(blink::WebConsoleMessage( |
| 285 blink::WebConsoleMessage::LevelWarning, |
| 286 base::ASCIIToUTF16("This site requires a DHE-based SSL cipher suite. " |
| 287 "These are deprecated and will be removed in M52, " |
| 288 "around July 2016. See " |
| 289 "https://www.chromestatus.com/feature/" |
| 290 "5752033759985664 for more details."))); |
| 291 } |
| 269 } | 292 } |
| 270 | 293 |
| 271 void ChromeRenderFrameObserver::OnAppBannerPromptRequest( | 294 void ChromeRenderFrameObserver::OnAppBannerPromptRequest( |
| 272 int request_id, | 295 int request_id, |
| 273 const std::string& platform) { | 296 const std::string& platform) { |
| 274 // App banner prompt requests are handled in the general chrome render frame | 297 // App banner prompt requests are handled in the general chrome render frame |
| 275 // observer, not the AppBannerClient, as the AppBannerClient is created lazily | 298 // observer, not the AppBannerClient, as the AppBannerClient is created lazily |
| 276 // by blink and may not exist when the request is sent. | 299 // by blink and may not exist when the request is sent. |
| 277 blink::WebAppBannerPromptReply reply = blink::WebAppBannerPromptReply::None; | 300 blink::WebAppBannerPromptReply reply = blink::WebAppBannerPromptReply::None; |
| 278 blink::WebString web_platform(base::UTF8ToUTF16(platform)); | 301 blink::WebString web_platform(base::UTF8ToUTF16(platform)); |
| (...skipping 109 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 388 case blink::WebMeaningfulLayout::FinishedParsing: | 411 case blink::WebMeaningfulLayout::FinishedParsing: |
| 389 CapturePageText(PRELIMINARY_CAPTURE); | 412 CapturePageText(PRELIMINARY_CAPTURE); |
| 390 break; | 413 break; |
| 391 case blink::WebMeaningfulLayout::FinishedLoading: | 414 case blink::WebMeaningfulLayout::FinishedLoading: |
| 392 CapturePageText(FINAL_CAPTURE); | 415 CapturePageText(FINAL_CAPTURE); |
| 393 break; | 416 break; |
| 394 default: | 417 default: |
| 395 break; | 418 break; |
| 396 } | 419 } |
| 397 } | 420 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1851203002:
Add a deprecation warning for DHE. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master