| OLD | NEW |
|---|
| (Empty) | |
| 1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- |
| 2 * |
| 3 * ***** BEGIN LICENSE BLOCK ***** |
| 4 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
| 5 * |
| 6 * The contents of this file are subject to the Mozilla Public License Version |
| 7 * 1.1 (the "License"); you may not use this file except in compliance with |
| 8 * the License. You may obtain a copy of the License at |
| 9 * http://www.mozilla.org/MPL/ |
| 10 * |
| 11 * Software distributed under the License is distributed on an "AS IS" basis, |
| 12 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License |
| 13 * for the specific language governing rights and limitations under the |
| 14 * License. |
| 15 * |
| 16 * The Original Code is mozilla.org code. |
| 17 * |
| 18 * The Initial Developer of the Original Code is |
| 19 * Netscape Communications Corporation. |
| 20 * Portions created by the Initial Developer are Copyright (C) 1998 |
| 21 * the Initial Developer. All Rights Reserved. |
| 22 * |
| 23 * Contributor(s): |
| 24 * Javier Delgadillo <javi@netscape.com> |
| 25 * |
| 26 * Alternatively, the contents of this file may be used under the terms of |
| 27 * either the GNU General Public License Version 2 or later (the "GPL"), or |
| 28 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), |
| 29 * in which case the provisions of the GPL or the LGPL are applicable instead |
| 30 * of those above. If you wish to allow use of your version of this file only |
| 31 * under the terms of either the GPL or the LGPL, and not to allow others to |
| 32 * use your version of this file under the terms of the MPL, indicate your |
| 33 * decision by deleting the provisions above and replace them with the notice |
| 34 * and other provisions required by the GPL or the LGPL. If you do not delete |
| 35 * the provisions above, a recipient may use your version of this file under |
| 36 * the terms of any one of the MPL, the GPL or the LGPL. |
| 37 * |
| 38 * ***** END LICENSE BLOCK ***** */ |
| 39 |
| 40 #include "nsISupports.idl" |
| 41 |
| 42 interface nsIX509Cert; |
| 43 interface nsIInterfaceRequestor; |
| 44 |
| 45 /** |
| 46 * Functions that display warnings for problems with web site trust. |
| 47 * |
| 48 * @status FROZEN |
| 49 */ |
| 50 [scriptable, uuid(86960956-edb0-11d4-998b-00b0d02354a0)] |
| 51 interface nsIBadCertListener : nsISupports { |
| 52 |
| 53 /** |
| 54 * No decision was made by the user, whether to trust a cert. |
| 55 */ |
| 56 const short UNINIT_ADD_FLAG = -1; |
| 57 |
| 58 /** |
| 59 * The user decided to add trust to a certificate temporarily |
| 60 * for the current application session only. |
| 61 */ |
| 62 const short ADD_TRUSTED_FOR_SESSION = 1; |
| 63 |
| 64 /** |
| 65 * The user decided to add trust to a certificate permanently. |
| 66 */ |
| 67 const short ADD_TRUSTED_PERMANENTLY = 2; |
| 68 |
| 69 /** |
| 70 * Inform the user there are problems with the trust of a certificate, |
| 71 * and request a decision from the user. |
| 72 * The UI should offer the user a way to look at the certificate in detail. |
| 73 * The following is a sample UI message to be shown to the user: |
| 74 * |
| 75 * Unable to verify the identity of %S as a trusted site. |
| 76 * Possible reasons for this error: |
| 77 * - Your browser does not recognize the Certificate Authority |
| 78 * that issued the site's certificate. |
| 79 * - The site's certificate is incomplete due to a |
| 80 * server misconfiguration. |
| 81 * - You are connected to a site pretending to be %S, |
| 82 * possibly to obtain your confidential information. |
| 83 * Please notify the site's webmaster about this problem. |
| 84 * Before accepting this certificate, you should examine this site's |
| 85 * certificate carefully. Are you willing to to accept this certificate |
| 86 * for the purpose of identifying the Web site %S? |
| 87 * o Accept this certificate permanently |
| 88 * x Accept this certificate temporarily for this session |
| 89 * o Do not accept this certificate and do not connect to this Web site |
| 90 * |
| 91 * @param socketInfo A network communication context that can be used to obta
in more information |
| 92 * about the active connection. |
| 93 * @param cert The certificate that is not trusted and that is having the pro
blem. |
| 94 * @param certAddType The user's trust decision. See constants defined above. |
| 95 * |
| 96 * @return true if the user decided to connect anyway, false if the user deci
ded to not connect |
| 97 */ |
| 98 boolean confirmUnknownIssuer(in nsIInterfaceRequestor socketInfo, |
| 99 in nsIX509Cert cert, |
| 100 out short certAddType); |
| 101 |
| 102 /** |
| 103 * Inform the user there are problems with the trust of a certificate, |
| 104 * and request a decision from the user. |
| 105 * The hostname mentioned in the server's certificate is not the hostname |
| 106 * that was used as a destination address for the current connection. |
| 107 * |
| 108 * @param socketInfo A network communication context that can be used to obta
in more information |
| 109 * about the active connection. |
| 110 * @param targetURL The URL that was used to open the current connection. |
| 111 * @param cert The certificate that was presented by the server. |
| 112 * |
| 113 * @return true if the user decided to connect anyway, false if the user deci
ded to not connect |
| 114 */ |
| 115 boolean confirmMismatchDomain(in nsIInterfaceRequestor socketInfo, |
| 116 in AUTF8String targetURL, |
| 117 in nsIX509Cert cert); |
| 118 |
| 119 /** |
| 120 * Inform the user there are problems with the trust of a certificate, |
| 121 * and request a decision from the user. |
| 122 * The certificate presented by the server is no longer valid because |
| 123 * the validity period has expired. |
| 124 * |
| 125 * @param socketInfo A network communication context that can be used to obta
in more information |
| 126 * about the active connection. |
| 127 * @param cert The certificate that was presented by the server. |
| 128 * |
| 129 * @return true if the user decided to connect anyway, false if the user deci
ded to not connect |
| 130 */ |
| 131 boolean confirmCertExpired(in nsIInterfaceRequestor socketInfo, |
| 132 in nsIX509Cert cert); |
| 133 |
| 134 /** |
| 135 * Inform the user there are problems with the trust of a certificate, |
| 136 * and request a decision from the user. |
| 137 * The Certificate Authority (CA) that issued the server's certificate has is
sued a |
| 138 * Certificate Revocation List (CRL). |
| 139 * However, the application does not have a current version of the CA's CRL. |
| 140 * Due to the application configuration, the application disallows the connec
tion |
| 141 * to the remote site. |
| 142 * |
| 143 * @param socketInfo A network communication context that can be used to obta
in more information |
| 144 * about the active connection. |
| 145 * @param targetURL The URL that was used to open the current connection. |
| 146 * @param cert The certificate that was presented by the server. |
| 147 */ |
| 148 void notifyCrlNextupdate(in nsIInterfaceRequestor socketInfo, |
| 149 in AUTF8String targetURL, in nsIX509Cert cert); |
| 150 |
| 151 }; |
| 152 |
| 153 %{C++ |
| 154 #define NS_BADCERTLISTENER_CONTRACTID "@mozilla.org/nsBadCertListener;1" |
| 155 %} |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 20346:
Version 1.8 of gecko-sdk. Downloaded from here:... (Closed)
Base URL: svn://chrome-svn/chrome/trunk/deps/third_party/