| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" | 5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/metrics/field_trial.h" | 8 #include "base/metrics/field_trial.h" |
| 9 #include "base/metrics/histogram_macros.h" | 9 #include "base/metrics/histogram_macros.h" |
| 10 #include "base/strings/utf_string_conversions.h" | 10 #include "base/strings/utf_string_conversions.h" |
| (...skipping 96 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 107 // the page is loaded over HTTP, because the security style merely | 107 // the page is loaded over HTTP, because the security style merely |
| 108 // represents how the embedder wishes to display the security state of | 108 // represents how the embedder wishes to display the security state of |
| 109 // the page, and the embedder can choose to display HTTPS page as HTTP | 109 // the page, and the embedder can choose to display HTTPS page as HTTP |
| 110 // if it wants to (for example, displaying deprecated crypto | 110 // if it wants to (for example, displaying deprecated crypto |
| 111 // algorithms with the same UI treatment as HTTP pages). | 111 // algorithms with the same UI treatment as HTTP pages). |
| 112 security_style_explanations->scheme_is_cryptographic = | 112 security_style_explanations->scheme_is_cryptographic = |
| 113 security_info.scheme_is_cryptographic; | 113 security_info.scheme_is_cryptographic; |
| 114 if (!security_info.scheme_is_cryptographic) { | 114 if (!security_info.scheme_is_cryptographic) { |
| 115 return security_style; | 115 return security_style; |
| 116 } | 116 } |
| 117 security_style_explanations->pkp_bypassed = security_info.pkp_bypassed; | |
| 118 | 117 |
| 119 if (security_info.sha1_deprecation_status == | 118 if (security_info.sha1_deprecation_status == |
| 120 SecurityStateModel::DEPRECATED_SHA1_MAJOR) { | 119 SecurityStateModel::DEPRECATED_SHA1_MAJOR) { |
| 121 security_style_explanations->broken_explanations.push_back( | 120 security_style_explanations->broken_explanations.push_back( |
| 122 content::SecurityStyleExplanation( | 121 content::SecurityStyleExplanation( |
| 123 l10n_util::GetStringUTF8(IDS_MAJOR_SHA1), | 122 l10n_util::GetStringUTF8(IDS_MAJOR_SHA1), |
| 124 l10n_util::GetStringUTF8(IDS_MAJOR_SHA1_DESCRIPTION), | 123 l10n_util::GetStringUTF8(IDS_MAJOR_SHA1_DESCRIPTION), |
| 125 security_info.cert_id)); | 124 security_info.cert_id)); |
| 126 } else if (security_info.sha1_deprecation_status == | 125 } else if (security_info.sha1_deprecation_status == |
| 127 SecurityStateModel::DEPRECATED_SHA1_MINOR) { | 126 SecurityStateModel::DEPRECATED_SHA1_MINOR) { |
| (...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 174 } | 173 } |
| 175 | 174 |
| 176 if (security_info.is_secure_protocol_and_ciphersuite) { | 175 if (security_info.is_secure_protocol_and_ciphersuite) { |
| 177 security_style_explanations->secure_explanations.push_back( | 176 security_style_explanations->secure_explanations.push_back( |
| 178 content::SecurityStyleExplanation( | 177 content::SecurityStyleExplanation( |
| 179 l10n_util::GetStringUTF8(IDS_SECURE_PROTOCOL_AND_CIPHERSUITE), | 178 l10n_util::GetStringUTF8(IDS_SECURE_PROTOCOL_AND_CIPHERSUITE), |
| 180 l10n_util::GetStringUTF8( | 179 l10n_util::GetStringUTF8( |
| 181 IDS_SECURE_PROTOCOL_AND_CIPHERSUITE_DESCRIPTION))); | 180 IDS_SECURE_PROTOCOL_AND_CIPHERSUITE_DESCRIPTION))); |
| 182 } | 181 } |
| 183 | 182 |
| 183 security_style_explanations->pkp_bypassed = security_info.pkp_bypassed; |
| 184 if (security_info.pkp_bypassed) { |
| 185 security_style_explanations->info_explanations.push_back( |
| 186 content::SecurityStyleExplanation( |
| 187 "Public-Key Pinning Bypassed", |
| 188 "Public-key pinning was bypassed by a local root certificate.")); |
| 189 } |
| 190 |
| 184 return security_style; | 191 return security_style; |
| 185 } | 192 } |
| 186 | 193 |
| 187 const SecurityStateModel::SecurityInfo& | 194 const SecurityStateModel::SecurityInfo& |
| 188 ChromeSecurityStateModelClient::GetSecurityInfo() const { | 195 ChromeSecurityStateModelClient::GetSecurityInfo() const { |
| 189 return security_state_model_->GetSecurityInfo(); | 196 return security_state_model_->GetSecurityInfo(); |
| 190 } | 197 } |
| 191 | 198 |
| 192 bool ChromeSecurityStateModelClient::RetrieveCert( | 199 bool ChromeSecurityStateModelClient::RetrieveCert( |
| 193 scoped_refptr<net::X509Certificate>* cert) { | 200 scoped_refptr<net::X509Certificate>* cert) { |
| (...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 244 state->sct_verify_statuses.insert(state->sct_verify_statuses.end(), | 251 state->sct_verify_statuses.insert(state->sct_verify_statuses.end(), |
| 245 ssl.num_valid_scts, net::ct::SCT_STATUS_OK); | 252 ssl.num_valid_scts, net::ct::SCT_STATUS_OK); |
| 246 state->displayed_mixed_content = | 253 state->displayed_mixed_content = |
| 247 (ssl.content_status & content::SSLStatus::DISPLAYED_INSECURE_CONTENT) | 254 (ssl.content_status & content::SSLStatus::DISPLAYED_INSECURE_CONTENT) |
| 248 ? true | 255 ? true |
| 249 : false; | 256 : false; |
| 250 state->ran_mixed_content = | 257 state->ran_mixed_content = |
| 251 (ssl.content_status & content::SSLStatus::RAN_INSECURE_CONTENT) ? true | 258 (ssl.content_status & content::SSLStatus::RAN_INSECURE_CONTENT) ? true |
| 252 : false; | 259 : false; |
| 253 } | 260 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2118583003:
Display when PKP is bypassed in devtools (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master