| Index: chrome/renderer/chrome_render_frame_observer.cc
|
| diff --git a/chrome/renderer/chrome_render_frame_observer.cc b/chrome/renderer/chrome_render_frame_observer.cc
|
| index af2eb5ae0fb5f266497c4996ced4a81a7ebb6d6d..edb9afcb58bb3548efa1d51ae9b912b536c0755c 100644
|
| --- a/chrome/renderer/chrome_render_frame_observer.cc
|
| +++ b/chrome/renderer/chrome_render_frame_observer.cc
|
| @@ -5,6 +5,7 @@
|
| #include "chrome/renderer/chrome_render_frame_observer.h"
|
|
|
| #include <stddef.h>
|
| +#include <string.h>
|
|
|
| #include <limits>
|
| #include <string>
|
| @@ -28,6 +29,8 @@
|
| #include "content/public/renderer/render_view.h"
|
| #include "extensions/common/constants.h"
|
| #include "net/base/url_util.h"
|
| +#include "net/ssl/ssl_cipher_suite_names.h"
|
| +#include "net/ssl/ssl_connection_status_flags.h"
|
| #include "skia/ext/image_operations.h"
|
| #include "third_party/WebKit/public/platform/WebImage.h"
|
| #include "third_party/WebKit/public/platform/modules/app_banner/WebAppBannerPromptReply.h"
|
| @@ -247,9 +250,10 @@ void ChromeRenderFrameObserver::DidFinishDocumentLoad() {
|
| switches::kAllowInsecureLocalhost);
|
| WebDataSource* ds = render_frame()->GetWebFrame()->dataSource();
|
|
|
| + SSLStatus ssl_status = render_frame()->GetRenderView()->GetSSLStatusOfFrame(
|
| + render_frame()->GetWebFrame());
|
| +
|
| if (allow_localhost) {
|
| - SSLStatus ssl_status = render_frame()->GetRenderView()->GetSSLStatusOfFrame(
|
| - render_frame()->GetWebFrame());
|
| bool is_cert_error = net::IsCertStatusError(ssl_status.cert_status) &&
|
| !net::IsCertStatusMinorError(ssl_status.cert_status);
|
| bool is_localhost = net::IsLocalhost(GURL(ds->request().url()).host());
|
| @@ -266,6 +270,25 @@ void ChromeRenderFrameObserver::DidFinishDocumentLoad() {
|
| " releasing your website to the public.")));
|
| }
|
| }
|
| +
|
| + // DHE is deprecated and will be removed in M52. See https://crbug.com/598109.
|
| + // TODO(davidben): Remove this logic when DHE is removed.
|
| + uint16_t cipher_suite =
|
| + net::SSLConnectionStatusToCipherSuite(ssl_status.connection_status);
|
| + const char* key_exchange;
|
| + const char* unused;
|
| + bool is_aead_unused;
|
| + net::SSLCipherSuiteToStrings(&key_exchange, &unused, &unused, &is_aead_unused,
|
| + cipher_suite);
|
| + if (strcmp(key_exchange, "DHE_RSA") == 0) {
|
| + render_frame()->GetWebFrame()->addMessageToConsole(blink::WebConsoleMessage(
|
| + blink::WebConsoleMessage::LevelWarning,
|
| + base::ASCIIToUTF16("This site requires a DHE-based SSL cipher suite. "
|
| + "These are deprecated and will be removed in M52, "
|
| + "around July 2016. See "
|
| + "https://www.chromestatus.com/feature/"
|
| + "5752033759985664 for more details.")));
|
| + }
|
| }
|
|
|
| void ChromeRenderFrameObserver::OnAppBannerPromptRequest(
|
|
|
Chromium Code Reviews
Issue 1851203002:
Add a deprecation warning for DHE. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master