chrome/browser/ssl/ssl_host_state.cc - Issue 2067003: Track "display" and "run" separately for mixed content, and make the latter d...

Side by Side Diff: chrome/browser/ssl/ssl_host_state.cc

Issue 2067003: Track "display" and "run" separately for mixed content, and make the latter d... (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/

Patch Set: '' Created 10 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "chrome/browser/ssl/ssl_host_state.h"	5 #include "chrome/browser/ssl/ssl_host_state.h"

6	6

7 #include "base/logging.h"	7 #include "base/logging.h"

8	8

9 namespace {	9 namespace {

10	10

11 static const char kDot = '.';	11 static const char kDot = '.';

12	12

13 static bool IsIntranetHost(const std::string& host) {	13 static bool IsIntranetHost(const std::string& host) {

14 const size_t dot = host.find(kDot);	14 const size_t dot = host.find(kDot);

15 return dot == std::string::npos \|\| dot == host.length() - 1;	15 return dot == std::string::npos \|\| dot == host.length() - 1;

16 }	16 }

17	17

18 } // namespace	18 } // namespace

19	19

20 SSLHostState::SSLHostState() {	20 SSLHostState::SSLHostState() {

21 }	21 }

22	22

23 SSLHostState::~SSLHostState() {	23 SSLHostState::~SSLHostState() {

24 }	24 }

25	25

26 void SSLHostState::MarkHostAsBroken(const std::string& host, int pid) {	26 void SSLHostState::HostRanInsecureContent(const std::string& host, int pid) {

	27 DCHECK(CalledOnValidThread());

	28 ran_insecure_content_hosts_.insert(BrokenHostEntry(host, pid));

	29 }

	30

	31 bool SSLHostState::DidHostRunInsecureContent(const std::string& host,

	32 int pid) const {

27 DCHECK(CalledOnValidThread());	33 DCHECK(CalledOnValidThread());

28	34

29 broken_hosts_.insert(BrokenHostEntry(host, pid));	35 // CAs issue certificates for intranet hosts to everyone. Therefore, we

30 }	36 // always treat intranet hosts as having run insecure content.

31

32 bool SSLHostState::DidMarkHostAsBroken(const std::string& host, int pid) {

33 DCHECK(CalledOnValidThread());

34

35 // CAs issue certificate for intranet hosts to everyone. Therefore, we always

36 // treat intranet hosts as broken.

37 if (IsIntranetHost(host))	37 if (IsIntranetHost(host))

38 return true;	38 return true;

39	39

40 return (broken_hosts_.find(	40 return !!ran_insecure_content_hosts_.count(BrokenHostEntry(host, pid));
	abarth-chromium 2010/05/14 22:29:39 Any reason you changed this from find to count? Any reason you changed this from find to count? Peter Kasting 2010/05/14 22:33:11 Only that it's shorter (one line instead of two). Show quoted text On 2010/05/14 22:29:39, abarth wrote: > Any reason you changed this from find to count? Only that it's shorter (one line instead of two).
41 BrokenHostEntry(host, pid)) != broken_hosts_.end());

42 }	41 }

43	42

44 void SSLHostState::DenyCertForHost(net::X509Certificate* cert,	43 void SSLHostState::DenyCertForHost(net::X509Certificate* cert,

45 const std::string& host) {	44 const std::string& host) {

46 DCHECK(CalledOnValidThread());	45 DCHECK(CalledOnValidThread());

47	46

48 cert_policy_for_host_[host].Deny(cert);	47 cert_policy_for_host_[host].Deny(cert);

49 }	48 }

50	49

51 void SSLHostState::AllowCertForHost(net::X509Certificate* cert,	50 void SSLHostState::AllowCertForHost(net::X509Certificate* cert,

52 const std::string& host) {	51 const std::string& host) {

53 DCHECK(CalledOnValidThread());	52 DCHECK(CalledOnValidThread());

54	53

55 cert_policy_for_host_[host].Allow(cert);	54 cert_policy_for_host_[host].Allow(cert);

56 }	55 }

57	56

58 net::X509Certificate::Policy::Judgment SSLHostState::QueryPolicy(	57 net::X509Certificate::Policy::Judgment SSLHostState::QueryPolicy(

59 net::X509Certificate* cert, const std::string& host) {	58 net::X509Certificate* cert, const std::string& host) {

60 DCHECK(CalledOnValidThread());	59 DCHECK(CalledOnValidThread());

61	60

62 return cert_policy_for_host_[host].Check(cert);	61 return cert_policy_for_host_[host].Check(cert);

63 }	62 }

OLD	NEW

« no previous file with comments | « chrome/browser/ssl/ssl_host_state.h ('k') | chrome/browser/ssl/ssl_host_state_unittest.cc » ('j') | chrome/browser/ssl/ssl_policy.cc » ('J')