Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(89)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/WebKit/Source/core/loader/MixedContentChecker.h

Issue 1905033002: PlzNavigate: Move navigation-level mixed content checks to the browser. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@console-security-message
Patch Set: MixedContent::ContextType comes from the renderer; lessen Blink public code; fixed build. Created 3 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« content/browser/frame_host/mixed_content_navigation_throttle.cc ('K') | « third_party/WebKit/LayoutTests/FlagExpectations/enable-browser-side-navigation ('k') | third_party/WebKit/Source/core/loader/MixedContentChecker.cpp » ('j') | third_party/WebKit/public/platform/WebMixedContent.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2012 Google Inc. All rights reserved. 2 * Copyright (C) 2012 Google Inc. All rights reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions are 5 * modification, are permitted provided that the following conditions are
6 * met: 6 * met:
7 * 7 *
8 * * Redistributions of source code must retain the above copyright 8 * * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer. 9 * notice, this list of conditions and the following disclaimer.
10 * * Redistributions in binary form must reproduce the above 10 * * Redistributions in binary form must reproduce the above
(...skipping 29 matching lines...) Expand all
40 #include "wtf/text/WTFString.h" 40 #include "wtf/text/WTFString.h"
41 41
42 namespace blink { 42 namespace blink {
43 43
44 class Frame; 44 class Frame;
45 class LocalFrame; 45 class LocalFrame;
46 class KURL; 46 class KURL;
47 class ResourceResponse; 47 class ResourceResponse;
48 class SecurityOrigin; 48 class SecurityOrigin;
49 49
50 // Checks all sub-resource loads for mixed-content. Frame-level loads are
51 // checked at the browser by MixedContentNavigationThrottle. Changes to this
52 // class might need to be reflected on its browser counterpart.
53 //
54 // Current mixed content draft that drives this implementation:
55 // https://w3c.github.io/webappsec-mixed-content/
50 class CORE_EXPORT MixedContentChecker final { 56 class CORE_EXPORT MixedContentChecker final {
51 WTF_MAKE_NONCOPYABLE(MixedContentChecker); 57 WTF_MAKE_NONCOPYABLE(MixedContentChecker);
52 DISALLOW_NEW(); 58 DISALLOW_NEW();
53 59
54 public: 60 public:
55 enum ReportingStatus { SendReport, SuppressReport }; 61 enum ReportingStatus { SendReport, SuppressReport };
56 static bool shouldBlockFetch(LocalFrame*, 62 static bool shouldBlockFetch(LocalFrame*,
57 WebURLRequest::RequestContext, 63 WebURLRequest::RequestContext,
58 WebURLRequest::FrameType, 64 WebURLRequest::FrameType,
59 ResourceRequest::RedirectStatus, 65 ResourceRequest::RedirectStatus,
(...skipping 27 matching lines...) Expand all
87 // Returns the frame that should be considered the effective frame 93 // Returns the frame that should be considered the effective frame
88 // for a mixed content check for the given frame type. 94 // for a mixed content check for the given frame type.
89 static Frame* effectiveFrameForFrameType(LocalFrame*, 95 static Frame* effectiveFrameForFrameType(LocalFrame*,
90 WebURLRequest::FrameType); 96 WebURLRequest::FrameType);
91 97
92 static void handleCertificateError(LocalFrame*, 98 static void handleCertificateError(LocalFrame*,
93 const ResourceResponse&, 99 const ResourceResponse&,
94 WebURLRequest::FrameType, 100 WebURLRequest::FrameType,
95 WebURLRequest::RequestContext); 101 WebURLRequest::RequestContext);
96 102
103 // Log to the frame console about found mixed content and report it to the CSP
104 // policy.
105 static void mixedContentFoundByTheBrowser(LocalFrame*,
106 const KURL& mainResourceUrl,
107 const KURL& mixedContentUrl,
108 WebURLRequest::RequestContext,
109 bool wasAllowed,
110 bool hadRedirect);
111
97 private: 112 private:
98 FRIEND_TEST_ALL_PREFIXES(MixedContentCheckerTest, HandleCertificateError); 113 FRIEND_TEST_ALL_PREFIXES(MixedContentCheckerTest, HandleCertificateError);
99 114
100 static Frame* inWhichFrameIsContentMixed(Frame*, 115 static Frame* inWhichFrameIsContentMixed(Frame*,
101 WebURLRequest::FrameType, 116 WebURLRequest::FrameType,
102 const KURL&); 117 const KURL&);
103 118
104 static void logToConsoleAboutFetch(LocalFrame*, 119 static void logToConsoleAboutFetch(LocalFrame*,
105 const KURL&, 120 const KURL&,
106 const KURL&, 121 const KURL&,
107 WebURLRequest::RequestContext, 122 WebURLRequest::RequestContext,
108 bool allowed); 123 bool allowed);
109 static void logToConsoleAboutWebSocket(LocalFrame*, 124 static void logToConsoleAboutWebSocket(LocalFrame*,
110 const KURL&, 125 const KURL&,
111 const KURL&, 126 const KURL&,
112 bool allowed); 127 bool allowed);
113 static void count(Frame*, WebURLRequest::RequestContext); 128 static void count(Frame*, WebURLRequest::RequestContext);
114 }; 129 };
115 130
116 } // namespace blink 131 } // namespace blink
117 132
118 #endif // MixedContentChecker_h 133 #endif // MixedContentChecker_h
OLDNEW
« content/browser/frame_host/mixed_content_navigation_throttle.cc ('K') | « third_party/WebKit/LayoutTests/FlagExpectations/enable-browser-side-navigation ('k') | third_party/WebKit/Source/core/loader/MixedContentChecker.cpp » ('j') | third_party/WebKit/public/platform/WebMixedContent.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698