| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/ssl/ssl_policy.h" | 5 #include "content/browser/ssl/ssl_policy.h" |
| 6 | 6 |
| 7 #include "base/base_switches.h" | 7 #include "base/base_switches.h" |
| 8 #include "base/bind.h" | 8 #include "base/bind.h" |
| 9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
| 10 #include "base/memory/singleton.h" | 10 #include "base/memory/singleton.h" |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 47 // For now we handle the DENIED as the UNKNOWN, which means a blocking | 47 // For now we handle the DENIED as the UNKNOWN, which means a blocking |
| 48 // page is shown to the user every time he comes back to the page. | 48 // page is shown to the user every time he comes back to the page. |
| 49 | 49 |
| 50 switch (handler->cert_error()) { | 50 switch (handler->cert_error()) { |
| 51 case net::ERR_CERT_COMMON_NAME_INVALID: | 51 case net::ERR_CERT_COMMON_NAME_INVALID: |
| 52 case net::ERR_CERT_DATE_INVALID: | 52 case net::ERR_CERT_DATE_INVALID: |
| 53 case net::ERR_CERT_AUTHORITY_INVALID: | 53 case net::ERR_CERT_AUTHORITY_INVALID: |
| 54 case net::ERR_CERT_WEAK_SIGNATURE_ALGORITHM: | 54 case net::ERR_CERT_WEAK_SIGNATURE_ALGORITHM: |
| 55 case net::ERR_CERT_WEAK_KEY: | 55 case net::ERR_CERT_WEAK_KEY: |
| 56 case net::ERR_CERT_NAME_CONSTRAINT_VIOLATION: | 56 case net::ERR_CERT_NAME_CONSTRAINT_VIOLATION: |
| 57 case net::ERR_CERT_TOO_LONG_VALIDITY: |
| 57 OnCertErrorInternal(handler, !handler->fatal(), handler->fatal()); | 58 OnCertErrorInternal(handler, !handler->fatal(), handler->fatal()); |
| 58 break; | 59 break; |
| 59 case net::ERR_CERT_NO_REVOCATION_MECHANISM: | 60 case net::ERR_CERT_NO_REVOCATION_MECHANISM: |
| 60 // Ignore this error. | 61 // Ignore this error. |
| 61 handler->ContinueRequest(); | 62 handler->ContinueRequest(); |
| 62 break; | 63 break; |
| 63 case net::ERR_CERT_UNABLE_TO_CHECK_REVOCATION: | 64 case net::ERR_CERT_UNABLE_TO_CHECK_REVOCATION: |
| 64 // We ignore this error but will show a warning status in the location | 65 // We ignore this error but will show a warning status in the location |
| 65 // bar. | 66 // bar. |
| 66 handler->ContinueRequest(); | 67 handler->ContinueRequest(); |
| (...skipping 152 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 219 SECURITY_STYLE_AUTHENTICATED : SECURITY_STYLE_UNAUTHENTICATED; | 220 SECURITY_STYLE_AUTHENTICATED : SECURITY_STYLE_UNAUTHENTICATED; |
| 220 } | 221 } |
| 221 | 222 |
| 222 void SSLPolicy::OriginRanInsecureContent(const std::string& origin, int pid) { | 223 void SSLPolicy::OriginRanInsecureContent(const std::string& origin, int pid) { |
| 223 GURL parsed_origin(origin); | 224 GURL parsed_origin(origin); |
| 224 if (parsed_origin.SchemeIsSecure()) | 225 if (parsed_origin.SchemeIsSecure()) |
| 225 backend_->HostRanInsecureContent(parsed_origin.host(), pid); | 226 backend_->HostRanInsecureContent(parsed_origin.host(), pid); |
| 226 } | 227 } |
| 227 | 228 |
| 228 } // namespace content | 229 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 20628006:
Reject certificates that are valid for too long. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src