OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/web_contents/web_contents_impl.h" | 5 #include "content/browser/web_contents/web_contents_impl.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 | 8 |
9 #include <cmath> | 9 #include <cmath> |
10 #include <utility> | 10 #include <utility> |
(...skipping 3532 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
3543 : partition->GetURLRequestContext()); | 3543 : partition->GetURLRequestContext()); |
3544 BrowserThread::PostTask( | 3544 BrowserThread::PostTask( |
3545 BrowserThread::IO, FROM_HERE, | 3545 BrowserThread::IO, FROM_HERE, |
3546 base::Bind(&NotifyCacheOnIO, request_context, url, http_method)); | 3546 base::Bind(&NotifyCacheOnIO, request_context, url, http_method)); |
3547 } | 3547 } |
3548 } | 3548 } |
3549 | 3549 |
3550 void WebContentsImpl::OnDidDisplayInsecureContent(RenderFrameHostImpl* source) { | 3550 void WebContentsImpl::OnDidDisplayInsecureContent(RenderFrameHostImpl* source) { |
3551 // Any frame can trigger display of insecure content, so we don't check | 3551 // Any frame can trigger display of insecure content, so we don't check |
3552 // |source| here. | 3552 // |source| here. |
3553 DidDisplayInsecureContent(); | |
3554 } | |
3555 | |
3556 void WebContentsImpl::DidDisplayInsecureContent() { | |
3553 controller_.ssl_manager()->DidDisplayMixedContent(); | 3557 controller_.ssl_manager()->DidDisplayMixedContent(); |
3554 } | 3558 } |
3555 | 3559 |
3556 void WebContentsImpl::OnDidRunInsecureContent(RenderFrameHostImpl* source, | 3560 void WebContentsImpl::OnDidRunInsecureContent(RenderFrameHostImpl* source, |
3557 const GURL& security_origin, | 3561 const GURL& security_origin, |
3558 const GURL& target_url) { | 3562 const GURL& target_url) { |
3559 // TODO(nick, estark): Should we call FilterURL using |source|'s process on | 3563 // TODO(nick, estark): Should we call FilterURL using |source|'s process on |
3560 // these parameters? |target_url| seems unused, except for a log message. And | 3564 // these parameters? |target_url| seems unused, except for a log message. And |
3561 // |security_origin| might be replaceable with the origin of the main frame. | 3565 // |security_origin| might be replaceable with the origin of the main frame. |
3566 DidRunInsecureContent(security_origin, target_url); | |
3567 } | |
3568 | |
3569 void WebContentsImpl::DidRunInsecureContent(const GURL& security_origin, | |
3570 const GURL& target_url) { | |
nasko
2017/02/10 01:08:21
Huh, we pass target_url just for logging?!
carlosk
2017/02/11 01:40:22
Yes but a) this is the current behavior and b) see
| |
3562 LOG(WARNING) << security_origin << " ran insecure content from " | 3571 LOG(WARNING) << security_origin << " ran insecure content from " |
3563 << target_url.possibly_invalid_spec(); | 3572 << target_url.possibly_invalid_spec(); |
3564 RecordAction(base::UserMetricsAction("SSL.RanInsecureContent")); | 3573 RecordAction(base::UserMetricsAction("SSL.RanInsecureContent")); |
3565 if (base::EndsWith(security_origin.spec(), kDotGoogleDotCom, | 3574 if (base::EndsWith(security_origin.spec(), kDotGoogleDotCom, |
3566 base::CompareCase::INSENSITIVE_ASCII)) | 3575 base::CompareCase::INSENSITIVE_ASCII)) |
3567 RecordAction(base::UserMetricsAction("SSL.RanInsecureContentGoogle")); | 3576 RecordAction(base::UserMetricsAction("SSL.RanInsecureContentGoogle")); |
3568 controller_.ssl_manager()->DidRunMixedContent(security_origin); | 3577 controller_.ssl_manager()->DidRunMixedContent(security_origin); |
3569 } | 3578 } |
3570 | 3579 |
3580 void WebContentsImpl::PassiveInsecureContentFound(const GURL& resource_url) { | |
3581 GetDelegate()->PassiveInsecureContentFound(resource_url); | |
3582 } | |
3583 | |
3584 bool WebContentsImpl::ShouldAllowRunningInsecureContent( | |
3585 WebContents* web_contents, | |
3586 bool allowed_per_prefs, | |
3587 const url::Origin& origin, | |
3588 const GURL& resource_url) { | |
3589 return GetDelegate()->ShouldAllowRunningInsecureContent( | |
3590 web_contents, allowed_per_prefs, origin, resource_url); | |
3591 } | |
3592 | |
3571 void WebContentsImpl::OnDidDisplayContentWithCertificateErrors( | 3593 void WebContentsImpl::OnDidDisplayContentWithCertificateErrors( |
3572 RenderFrameHostImpl* source, | 3594 RenderFrameHostImpl* source, |
3573 const GURL& url) { | 3595 const GURL& url) { |
3574 // TODO(nick): |url| is unused; get rid of it. | 3596 // TODO(nick): |url| is unused; get rid of it. |
3575 controller_.ssl_manager()->DidDisplayContentWithCertErrors(); | 3597 controller_.ssl_manager()->DidDisplayContentWithCertErrors(); |
3576 } | 3598 } |
3577 | 3599 |
3578 void WebContentsImpl::OnDidRunContentWithCertificateErrors( | 3600 void WebContentsImpl::OnDidRunContentWithCertificateErrors( |
3579 RenderFrameHostImpl* source, | 3601 RenderFrameHostImpl* source, |
3580 const GURL& url) { | 3602 const GURL& url) { |
(...skipping 1826 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
5407 GetMainFrame()->AddMessageToConsole( | 5429 GetMainFrame()->AddMessageToConsole( |
5408 content::CONSOLE_MESSAGE_LEVEL_WARNING, | 5430 content::CONSOLE_MESSAGE_LEVEL_WARNING, |
5409 base::StringPrintf("This site does not have a valid SSL " | 5431 base::StringPrintf("This site does not have a valid SSL " |
5410 "certificate! Without SSL, your site's and " | 5432 "certificate! Without SSL, your site's and " |
5411 "visitors' data is vulnerable to theft and " | 5433 "visitors' data is vulnerable to theft and " |
5412 "tampering. Get a valid SSL certificate before" | 5434 "tampering. Get a valid SSL certificate before" |
5413 " releasing your website to the public.")); | 5435 " releasing your website to the public.")); |
5414 } | 5436 } |
5415 | 5437 |
5416 } // namespace content | 5438 } // namespace content |
OLD | NEW |