OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/web_contents/web_contents_impl.h" | 5 #include "content/browser/web_contents/web_contents_impl.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 | 8 |
9 #include <cmath> | 9 #include <cmath> |
10 #include <utility> | 10 #include <utility> |
(...skipping 3537 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3548 : partition->GetURLRequestContext()); | 3548 : partition->GetURLRequestContext()); |
3549 BrowserThread::PostTask( | 3549 BrowserThread::PostTask( |
3550 BrowserThread::IO, FROM_HERE, | 3550 BrowserThread::IO, FROM_HERE, |
3551 base::Bind(&NotifyCacheOnIO, request_context, url, http_method)); | 3551 base::Bind(&NotifyCacheOnIO, request_context, url, http_method)); |
3552 } | 3552 } |
3553 } | 3553 } |
3554 | 3554 |
3555 void WebContentsImpl::OnDidDisplayInsecureContent(RenderFrameHostImpl* source) { | 3555 void WebContentsImpl::OnDidDisplayInsecureContent(RenderFrameHostImpl* source) { |
3556 // Any frame can trigger display of insecure content, so we don't check | 3556 // Any frame can trigger display of insecure content, so we don't check |
3557 // |source| here. | 3557 // |source| here. |
| 3558 DidDisplayInsecureContent(); |
| 3559 } |
| 3560 |
| 3561 void WebContentsImpl::DidDisplayInsecureContent() { |
3558 controller_.ssl_manager()->DidDisplayMixedContent(); | 3562 controller_.ssl_manager()->DidDisplayMixedContent(); |
3559 } | 3563 } |
3560 | 3564 |
3561 void WebContentsImpl::OnDidRunInsecureContent(RenderFrameHostImpl* source, | 3565 void WebContentsImpl::OnDidRunInsecureContent(RenderFrameHostImpl* source, |
3562 const GURL& security_origin, | 3566 const GURL& security_origin, |
3563 const GURL& target_url) { | 3567 const GURL& target_url) { |
3564 // TODO(nick, estark): Should we call FilterURL using |source|'s process on | 3568 // TODO(nick, estark): Should we call FilterURL using |source|'s process on |
3565 // these parameters? |target_url| seems unused, except for a log message. And | 3569 // these parameters? |target_url| seems unused, except for a log message. And |
3566 // |security_origin| might be replaceable with the origin of the main frame. | 3570 // |security_origin| might be replaceable with the origin of the main frame. |
| 3571 DidRunInsecureContent(security_origin, target_url); |
| 3572 } |
| 3573 |
| 3574 void WebContentsImpl::DidRunInsecureContent(const GURL& security_origin, |
| 3575 const GURL& target_url) { |
3567 LOG(WARNING) << security_origin << " ran insecure content from " | 3576 LOG(WARNING) << security_origin << " ran insecure content from " |
3568 << target_url.possibly_invalid_spec(); | 3577 << target_url.possibly_invalid_spec(); |
3569 RecordAction(base::UserMetricsAction("SSL.RanInsecureContent")); | 3578 RecordAction(base::UserMetricsAction("SSL.RanInsecureContent")); |
3570 if (base::EndsWith(security_origin.spec(), kDotGoogleDotCom, | 3579 if (base::EndsWith(security_origin.spec(), kDotGoogleDotCom, |
3571 base::CompareCase::INSENSITIVE_ASCII)) | 3580 base::CompareCase::INSENSITIVE_ASCII)) |
3572 RecordAction(base::UserMetricsAction("SSL.RanInsecureContentGoogle")); | 3581 RecordAction(base::UserMetricsAction("SSL.RanInsecureContentGoogle")); |
3573 controller_.ssl_manager()->DidRunMixedContent(security_origin); | 3582 controller_.ssl_manager()->DidRunMixedContent(security_origin); |
3574 } | 3583 } |
3575 | 3584 |
| 3585 void WebContentsImpl::PassiveInsecureContentFound(const GURL& resource_url) { |
| 3586 GetDelegate()->PassiveInsecureContentFound(resource_url); |
| 3587 } |
| 3588 |
| 3589 bool WebContentsImpl::ShouldAllowRunningInsecureContent( |
| 3590 WebContents* web_contents, |
| 3591 bool allowed_per_prefs, |
| 3592 const url::Origin& origin, |
| 3593 const GURL& resource_url) { |
| 3594 return GetDelegate()->ShouldAllowRunningInsecureContent( |
| 3595 web_contents, allowed_per_prefs, origin, resource_url); |
| 3596 } |
| 3597 |
3576 void WebContentsImpl::OnDidDisplayContentWithCertificateErrors( | 3598 void WebContentsImpl::OnDidDisplayContentWithCertificateErrors( |
3577 RenderFrameHostImpl* source, | 3599 RenderFrameHostImpl* source, |
3578 const GURL& url) { | 3600 const GURL& url) { |
3579 // TODO(nick): |url| is unused; get rid of it. | 3601 // TODO(nick): |url| is unused; get rid of it. |
3580 controller_.ssl_manager()->DidDisplayContentWithCertErrors(); | 3602 controller_.ssl_manager()->DidDisplayContentWithCertErrors(); |
3581 } | 3603 } |
3582 | 3604 |
3583 void WebContentsImpl::OnDidRunContentWithCertificateErrors( | 3605 void WebContentsImpl::OnDidRunContentWithCertificateErrors( |
3584 RenderFrameHostImpl* source, | 3606 RenderFrameHostImpl* source, |
3585 const GURL& url) { | 3607 const GURL& url) { |
(...skipping 1825 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
5411 GetMainFrame()->AddMessageToConsole( | 5433 GetMainFrame()->AddMessageToConsole( |
5412 content::CONSOLE_MESSAGE_LEVEL_WARNING, | 5434 content::CONSOLE_MESSAGE_LEVEL_WARNING, |
5413 base::StringPrintf("This site does not have a valid SSL " | 5435 base::StringPrintf("This site does not have a valid SSL " |
5414 "certificate! Without SSL, your site's and " | 5436 "certificate! Without SSL, your site's and " |
5415 "visitors' data is vulnerable to theft and " | 5437 "visitors' data is vulnerable to theft and " |
5416 "tampering. Get a valid SSL certificate before" | 5438 "tampering. Get a valid SSL certificate before" |
5417 " releasing your website to the public.")); | 5439 " releasing your website to the public.")); |
5418 } | 5440 } |
5419 | 5441 |
5420 } // namespace content | 5442 } // namespace content |
OLD | NEW |