Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(3311)

Unified Diff: chrome/browser/ssl/ssl_manager.cc

Issue 2067003: Track "display" and "run" separately for mixed content, and make the latter d... (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/
Patch Set: '' Created 10 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: chrome/browser/ssl/ssl_manager.cc
===================================================================
--- chrome/browser/ssl/ssl_manager.cc (revision 47175)
+++ chrome/browser/ssl/ssl_manager.cc (working copy)
@@ -28,6 +28,86 @@
FilterPolicy::DONT_FILTER);
}
+// static
+void SSLManager::OnSSLCertificateError(ResourceDispatcherHost* rdh,
+ URLRequest* request,
+ int cert_error,
+ net::X509Certificate* cert) {
+ DLOG(INFO) << "OnSSLCertificateError() cert_error: " << cert_error <<
+ " url: " << request->url().spec();
+
+ ResourceDispatcherHostRequestInfo* info =
+ ResourceDispatcherHost::InfoForRequest(request);
+ DCHECK(info);
+
+ // A certificate error occurred. Construct a SSLCertErrorHandler object and
+ // hand it over to the UI thread for processing.
+ ChromeThread::PostTask(
+ ChromeThread::UI, FROM_HERE,
+ NewRunnableMethod(new SSLCertErrorHandler(rdh,
+ request,
+ info->resource_type(),
+ info->frame_origin(),
+ info->main_frame_origin(),
+ cert_error,
+ cert),
+ &SSLCertErrorHandler::Dispatch));
+}
+
+// static
+void SSLManager::NotifySSLInternalStateChanged() {
+ NotificationService::current()->Notify(
+ NotificationType::SSL_INTERNAL_STATE_CHANGED,
+ NotificationService::AllSources(),
+ NotificationService::NoDetails());
+}
+
+// static
+std::string SSLManager::SerializeSecurityInfo(int cert_id,
+ int cert_status,
+ int security_bits) {
+ Pickle pickle;
+ pickle.WriteInt(cert_id);
+ pickle.WriteInt(cert_status);
+ pickle.WriteInt(security_bits);
+ return std::string(static_cast<const char*>(pickle.data()), pickle.size());
+}
+
+// static
+bool SSLManager::DeserializeSecurityInfo(const std::string& state,
+ int* cert_id,
+ int* cert_status,
+ int* security_bits) {
+ DCHECK(cert_id && cert_status && security_bits);
+ if (state.empty()) {
+ // No SSL used.
+ *cert_id = 0;
+ *cert_status = 0;
+ *security_bits = -1;
+ return false;
+ }
+
+ Pickle pickle(state.data(), static_cast<int>(state.size()));
+ void * iter = NULL;
+ return pickle.ReadInt(&iter, cert_id) &&
+ pickle.ReadInt(&iter, cert_status) &&
+ pickle.ReadInt(&iter, security_bits);
+}
+
+// static
+std::wstring SSLManager::GetEVCertName(const net::X509Certificate& cert) {
+ // EV are required to have an organization name and country.
+ if (cert.subject().organization_names.empty() ||
+ cert.subject().country_name.empty()) {
+ NOTREACHED();
+ return std::wstring();
+ }
+
+ return l10n_util::GetStringF(IDS_SECURE_CONNECTION_EV,
+ UTF8ToWide(cert.subject().organization_names[0]),
+ UTF8ToWide(cert.subject().country_name));
+}
+
SSLManager::SSLManager(NavigationController* controller)
: backend_(controller),
policy_(new SSLPolicy(&backend_)),
@@ -50,51 +130,50 @@
SSLManager::~SSLManager() {
}
-bool SSLManager::ProcessedSSLErrorFromRequest() const {
+void SSLManager::DidCommitProvisionalLoad(
+ const NotificationDetails& in_details) {
+ NavigationController::LoadCommittedDetails* details =
+ Details<NavigationController::LoadCommittedDetails>(in_details).ptr();
+
NavigationEntry* entry = controller_->GetActiveEntry();
- if (!entry) {
- NOTREACHED();
- return false;
- }
- return net::IsCertStatusError(entry->ssl().cert_status());
-}
+ if (details->is_main_frame) {
+ if (entry) {
+ // Decode the security details.
+ int ssl_cert_id, ssl_cert_status, ssl_security_bits;
+ DeserializeSecurityInfo(details->serialized_security_info,
+ &ssl_cert_id,
+ &ssl_cert_status,
+ &ssl_security_bits);
-// static
-void SSLManager::OnSSLCertificateError(ResourceDispatcherHost* rdh,
- URLRequest* request,
- int cert_error,
- net::X509Certificate* cert) {
- DLOG(INFO) << "OnSSLCertificateError() cert_error: " << cert_error <<
- " url: " << request->url().spec();
+ // We may not have an entry if this is a navigation to an initial blank
+ // page. Reset the SSL information and add the new data we have.
+ entry->ssl() = NavigationEntry::SSLStatus();
+ entry->ssl().set_cert_id(ssl_cert_id);
+ entry->ssl().set_cert_status(ssl_cert_status);
+ entry->ssl().set_security_bits(ssl_security_bits);
+ }
+ backend_.ShowPendingMessages();
+ }
- ResourceDispatcherHostRequestInfo* info =
- ResourceDispatcherHost::InfoForRequest(request);
- DCHECK(info);
-
- // A certificate error occurred. Construct a SSLCertErrorHandler object and
- // hand it over to the UI thread for processing.
- ChromeThread::PostTask(
- ChromeThread::UI, FROM_HERE,
- NewRunnableMethod(new SSLCertErrorHandler(rdh,
- request,
- info->resource_type(),
- info->frame_origin(),
- info->main_frame_origin(),
- cert_error,
- cert),
- &SSLCertErrorHandler::Dispatch));
+ UpdateEntry(entry);
}
-void SSLManager::DidDisplayInsecureContent() {
- policy()->DidDisplayInsecureContent(controller_->GetActiveEntry());
-}
-
void SSLManager::DidRunInsecureContent(const std::string& security_origin) {
policy()->DidRunInsecureContent(controller_->GetActiveEntry(),
security_origin);
}
+bool SSLManager::ProcessedSSLErrorFromRequest() const {
+ NavigationEntry* entry = controller_->GetActiveEntry();
+ if (!entry) {
+ NOTREACHED();
+ return false;
+ }
+
+ return net::IsCertStatusError(entry->ssl().cert_status());
+}
+
void SSLManager::Observe(NotificationType type,
const NotificationSource& source,
const NotificationDetails& details) {
@@ -123,27 +202,6 @@
}
}
-void SSLManager::DispatchSSLVisibleStateChanged() {
- NotificationService::current()->Notify(
- NotificationType::SSL_VISIBLE_STATE_CHANGED,
- Source<NavigationController>(controller_),
- NotificationService::NoDetails());
-}
-
-void SSLManager::UpdateEntry(NavigationEntry* entry) {
- // We don't always have a navigation entry to update, for example in the
- // case of the Web Inspector.
- if (!entry)
- return;
-
- NavigationEntry::SSLStatus original_ssl_status = entry->ssl(); // Copy!
-
- policy()->UpdateEntry(entry);
-
- if (!entry->ssl().Equals(original_ssl_status))
- DispatchSSLVisibleStateChanged();
-}
-
void SSLManager::DidLoadFromMemoryCache(LoadFromMemoryCacheDetails* details) {
DCHECK(details);
@@ -166,35 +224,6 @@
policy()->OnRequestStarted(info.get());
}
-void SSLManager::DidCommitProvisionalLoad(
- const NotificationDetails& in_details) {
- NavigationController::LoadCommittedDetails* details =
- Details<NavigationController::LoadCommittedDetails>(in_details).ptr();
-
- NavigationEntry* entry = controller_->GetActiveEntry();
-
- if (details->is_main_frame) {
- if (entry) {
- // Decode the security details.
- int ssl_cert_id, ssl_cert_status, ssl_security_bits;
- DeserializeSecurityInfo(details->serialized_security_info,
- &ssl_cert_id,
- &ssl_cert_status,
- &ssl_security_bits);
-
- // We may not have an entry if this is a navigation to an initial blank
- // page. Reset the SSL information and add the new data we have.
- entry->ssl() = NavigationEntry::SSLStatus();
- entry->ssl().set_cert_id(ssl_cert_id);
- entry->ssl().set_cert_status(ssl_cert_status);
- entry->ssl().set_security_bits(ssl_security_bits);
- }
- backend_.ShowPendingMessages();
- }
-
- UpdateEntry(entry);
-}
-
void SSLManager::DidFailProvisionalLoadWithError(
ProvisionalLoadDetails* details) {
DCHECK(details);
@@ -238,48 +267,20 @@
UpdateEntry(controller_->GetActiveEntry());
}
-// static
-std::string SSLManager::SerializeSecurityInfo(int cert_id,
- int cert_status,
- int security_bits) {
- Pickle pickle;
- pickle.WriteInt(cert_id);
- pickle.WriteInt(cert_status);
- pickle.WriteInt(security_bits);
- return std::string(static_cast<const char*>(pickle.data()), pickle.size());
-}
+void SSLManager::UpdateEntry(NavigationEntry* entry) {
+ // We don't always have a navigation entry to update, for example in the
+ // case of the Web Inspector.
+ if (!entry)
+ return;
-// static
-bool SSLManager::DeserializeSecurityInfo(const std::string& state,
- int* cert_id,
- int* cert_status,
- int* security_bits) {
- DCHECK(cert_id && cert_status && security_bits);
- if (state.empty()) {
- // No SSL used.
- *cert_id = 0;
- *cert_status = 0;
- *security_bits = -1;
- return false;
- }
+ NavigationEntry::SSLStatus original_ssl_status = entry->ssl(); // Copy!
- Pickle pickle(state.data(), static_cast<int>(state.size()));
- void * iter = NULL;
- return pickle.ReadInt(&iter, cert_id) &&
- pickle.ReadInt(&iter, cert_status) &&
- pickle.ReadInt(&iter, security_bits);
-}
+ policy()->UpdateEntry(entry, controller_->tab_contents());
-// static
-std::wstring SSLManager::GetEVCertName(const net::X509Certificate& cert) {
- // EV are required to have an organization name and country.
- if (cert.subject().organization_names.empty() ||
- cert.subject().country_name.empty()) {
- NOTREACHED();
- return std::wstring();
+ if (!entry->ssl().Equals(original_ssl_status)) {
+ NotificationService::current()->Notify(
+ NotificationType::SSL_VISIBLE_STATE_CHANGED,
+ Source<NavigationController>(controller_),
+ NotificationService::NoDetails());
}
-
- return l10n_util::GetStringF(IDS_SECURE_CONNECTION_EV,
- UTF8ToWide(cert.subject().organization_names[0]),
- UTF8ToWide(cert.subject().country_name));
}

Powered by Google App Engine
This is Rietveld 408576698