OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" | 5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" |
6 | 6 |
7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
8 #include "base/metrics/field_trial.h" | 8 #include "base/metrics/field_trial.h" |
9 #include "base/metrics/histogram_macros.h" | 9 #include "base/metrics/histogram_macros.h" |
10 #include "base/strings/utf_string_conversions.h" | 10 #include "base/strings/utf_string_conversions.h" |
(...skipping 96 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
107 // the page is loaded over HTTP, because the security style merely | 107 // the page is loaded over HTTP, because the security style merely |
108 // represents how the embedder wishes to display the security state of | 108 // represents how the embedder wishes to display the security state of |
109 // the page, and the embedder can choose to display HTTPS page as HTTP | 109 // the page, and the embedder can choose to display HTTPS page as HTTP |
110 // if it wants to (for example, displaying deprecated crypto | 110 // if it wants to (for example, displaying deprecated crypto |
111 // algorithms with the same UI treatment as HTTP pages). | 111 // algorithms with the same UI treatment as HTTP pages). |
112 security_style_explanations->scheme_is_cryptographic = | 112 security_style_explanations->scheme_is_cryptographic = |
113 security_info.scheme_is_cryptographic; | 113 security_info.scheme_is_cryptographic; |
114 if (!security_info.scheme_is_cryptographic) { | 114 if (!security_info.scheme_is_cryptographic) { |
115 return security_style; | 115 return security_style; |
116 } | 116 } |
| 117 security_style_explanations->pkp_bypassed = security_info.pkp_bypassed; |
117 | 118 |
118 if (security_info.sha1_deprecation_status == | 119 if (security_info.sha1_deprecation_status == |
119 SecurityStateModel::DEPRECATED_SHA1_MAJOR) { | 120 SecurityStateModel::DEPRECATED_SHA1_MAJOR) { |
120 security_style_explanations->broken_explanations.push_back( | 121 security_style_explanations->broken_explanations.push_back( |
121 content::SecurityStyleExplanation( | 122 content::SecurityStyleExplanation( |
122 l10n_util::GetStringUTF8(IDS_MAJOR_SHA1), | 123 l10n_util::GetStringUTF8(IDS_MAJOR_SHA1), |
123 l10n_util::GetStringUTF8(IDS_MAJOR_SHA1_DESCRIPTION), | 124 l10n_util::GetStringUTF8(IDS_MAJOR_SHA1_DESCRIPTION), |
124 security_info.cert_id)); | 125 security_info.cert_id)); |
125 } else if (security_info.sha1_deprecation_status == | 126 } else if (security_info.sha1_deprecation_status == |
126 SecurityStateModel::DEPRECATED_SHA1_MINOR) { | 127 SecurityStateModel::DEPRECATED_SHA1_MINOR) { |
(...skipping 98 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
225 | 226 |
226 state->initialized = true; | 227 state->initialized = true; |
227 state->url = entry->GetURL(); | 228 state->url = entry->GetURL(); |
228 const content::SSLStatus& ssl = entry->GetSSL(); | 229 const content::SSLStatus& ssl = entry->GetSSL(); |
229 state->initial_security_level = | 230 state->initial_security_level = |
230 GetSecurityLevelForSecurityStyle(ssl.security_style); | 231 GetSecurityLevelForSecurityStyle(ssl.security_style); |
231 state->cert_id = ssl.cert_id; | 232 state->cert_id = ssl.cert_id; |
232 state->cert_status = ssl.cert_status; | 233 state->cert_status = ssl.cert_status; |
233 state->connection_status = ssl.connection_status; | 234 state->connection_status = ssl.connection_status; |
234 state->security_bits = ssl.security_bits; | 235 state->security_bits = ssl.security_bits; |
| 236 state->pkp_bypassed = ssl.pkp_bypassed; |
235 state->sct_verify_statuses.clear(); | 237 state->sct_verify_statuses.clear(); |
236 state->sct_verify_statuses.insert(state->sct_verify_statuses.end(), | 238 state->sct_verify_statuses.insert(state->sct_verify_statuses.end(), |
237 ssl.num_unknown_scts, | 239 ssl.num_unknown_scts, |
238 net::ct::SCT_STATUS_LOG_UNKNOWN); | 240 net::ct::SCT_STATUS_LOG_UNKNOWN); |
239 state->sct_verify_statuses.insert(state->sct_verify_statuses.end(), | 241 state->sct_verify_statuses.insert(state->sct_verify_statuses.end(), |
240 ssl.num_invalid_scts, | 242 ssl.num_invalid_scts, |
241 net::ct::SCT_STATUS_INVALID); | 243 net::ct::SCT_STATUS_INVALID); |
242 state->sct_verify_statuses.insert(state->sct_verify_statuses.end(), | 244 state->sct_verify_statuses.insert(state->sct_verify_statuses.end(), |
243 ssl.num_valid_scts, net::ct::SCT_STATUS_OK); | 245 ssl.num_valid_scts, net::ct::SCT_STATUS_OK); |
244 state->displayed_mixed_content = | 246 state->displayed_mixed_content = |
245 (ssl.content_status & content::SSLStatus::DISPLAYED_INSECURE_CONTENT) | 247 (ssl.content_status & content::SSLStatus::DISPLAYED_INSECURE_CONTENT) |
246 ? true | 248 ? true |
247 : false; | 249 : false; |
248 state->ran_mixed_content = | 250 state->ran_mixed_content = |
249 (ssl.content_status & content::SSLStatus::RAN_INSECURE_CONTENT) ? true | 251 (ssl.content_status & content::SSLStatus::RAN_INSECURE_CONTENT) ? true |
250 : false; | 252 : false; |
251 } | 253 } |
OLD | NEW |