OLD | NEW |
---|---|
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 /** | 5 /** |
6 * @constructor | 6 * @constructor |
7 * @extends {WebInspector.PanelWithSidebar} | 7 * @extends {WebInspector.PanelWithSidebar} |
8 * @implements {WebInspector.TargetManager.Observer} | 8 * @implements {WebInspector.TargetManager.Observer} |
9 */ | 9 */ |
10 WebInspector.SecurityPanel = function() | 10 WebInspector.SecurityPanel = function() |
(...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
58 setDisplayedInsecureContentStyle: function(securityState) | 58 setDisplayedInsecureContentStyle: function(securityState) |
59 { | 59 { |
60 this._displayedInsecureContentStyle = securityState; | 60 this._displayedInsecureContentStyle = securityState; |
61 }, | 61 }, |
62 | 62 |
63 /** | 63 /** |
64 * @param {!SecurityAgent.SecurityState} newSecurityState | 64 * @param {!SecurityAgent.SecurityState} newSecurityState |
65 * @param {!Array<!SecurityAgent.SecurityStateExplanation>} explanations | 65 * @param {!Array<!SecurityAgent.SecurityStateExplanation>} explanations |
66 * @param {?SecurityAgent.MixedContentStatus} mixedContentStatus | 66 * @param {?SecurityAgent.MixedContentStatus} mixedContentStatus |
67 * @param {boolean} schemeIsCryptographic | 67 * @param {boolean} schemeIsCryptographic |
68 * @param {boolean} pkpBypassed | |
68 */ | 69 */ |
69 _updateSecurityState: function(newSecurityState, explanations, mixedContentS tatus, schemeIsCryptographic) | 70 _updateSecurityState: function(newSecurityState, mixedContentStatus, schemeI sCryptographic, pkpBypassed, explanations) |
70 { | 71 { |
71 this._sidebarMainViewElement.setSecurityState(newSecurityState); | 72 this._sidebarMainViewElement.setSecurityState(newSecurityState); |
72 this._mainView.updateSecurityState(newSecurityState, explanations, mixed ContentStatus, schemeIsCryptographic); | 73 this._mainView.updateSecurityState(newSecurityState, mixedContentStatus, schemeIsCryptographic, pkpBypassed, explanations); |
73 }, | 74 }, |
74 | 75 |
75 /** | 76 /** |
76 * @param {!WebInspector.Event} event | 77 * @param {!WebInspector.Event} event |
77 */ | 78 */ |
78 _onSecurityStateChanged: function(event) | 79 _onSecurityStateChanged: function(event) |
79 { | 80 { |
80 var data = /** @type {!WebInspector.PageSecurityState} */ (event.data); | 81 var data = /** @type {!WebInspector.PageSecurityState} */ (event.data); |
81 var securityState = /** @type {!SecurityAgent.SecurityState} */ (data.se curityState); | 82 var securityState = /** @type {!SecurityAgent.SecurityState} */ (data.se curityState); |
82 var explanations = /** @type {!Array<!SecurityAgent.SecurityStateExplana tion>} */ (data.explanations); | |
83 var mixedContentStatus = /** @type {?SecurityAgent.MixedContentStatus} * / (data.mixedContentStatus); | 83 var mixedContentStatus = /** @type {?SecurityAgent.MixedContentStatus} * / (data.mixedContentStatus); |
84 var schemeIsCryptographic = /** @type {boolean} */ (data.schemeIsCryptog raphic); | 84 var schemeIsCryptographic = /** @type {boolean} */ (data.schemeIsCryptog raphic); |
85 this._updateSecurityState(securityState, explanations, mixedContentStatu s, schemeIsCryptographic); | 85 var pkpBypassed = /** @type {boolean} */ (data.pkpBypassed); |
86 var explanations = /** @type {!Array<!SecurityAgent.SecurityStateExplana tion>} */ (data.explanations); | |
87 this._updateSecurityState(securityState, mixedContentStatus, schemeIsCry ptographic, pkpBypassed, explanations); | |
86 }, | 88 }, |
87 | 89 |
88 selectAndSwitchToMainView: function() | 90 selectAndSwitchToMainView: function() |
89 { | 91 { |
90 // The sidebar element will trigger displaying the main view. Rather tha n making a redundant call to display the main view, we rely on this. | 92 // The sidebar element will trigger displaying the main view. Rather tha n making a redundant call to display the main view, we rely on this. |
91 this._sidebarMainViewElement.select(); | 93 this._sidebarMainViewElement.select(); |
92 }, | 94 }, |
93 /** | 95 /** |
94 * @param {!WebInspector.SecurityPanel.Origin} origin | 96 * @param {!WebInspector.SecurityPanel.Origin} origin |
95 */ | 97 */ |
(...skipping 491 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
587 | 589 |
588 if (explanation.certificateId) { | 590 if (explanation.certificateId) { |
589 text.appendChild(WebInspector.SecurityPanel.createCertificateViewerB utton(WebInspector.UIString("View certificate"), explanation.certificateId)); | 591 text.appendChild(WebInspector.SecurityPanel.createCertificateViewerB utton(WebInspector.UIString("View certificate"), explanation.certificateId)); |
590 } | 592 } |
591 | 593 |
592 return text; | 594 return text; |
593 }, | 595 }, |
594 | 596 |
595 /** | 597 /** |
596 * @param {!SecurityAgent.SecurityState} newSecurityState | 598 * @param {!SecurityAgent.SecurityState} newSecurityState |
597 * @param {!Array<!SecurityAgent.SecurityStateExplanation>} explanations | |
598 * @param {?SecurityAgent.MixedContentStatus} mixedContentStatus | 599 * @param {?SecurityAgent.MixedContentStatus} mixedContentStatus |
599 * @param {boolean} schemeIsCryptographic | 600 * @param {boolean} schemeIsCryptographic |
601 * @param {boolean} pkpBypassed | |
602 * @param {!Array<!SecurityAgent.SecurityStateExplanation>} explanations | |
600 */ | 603 */ |
601 updateSecurityState: function(newSecurityState, explanations, mixedContentSt atus, schemeIsCryptographic) | 604 updateSecurityState: function(newSecurityState, mixedContentStatus, schemeIs Cryptographic, pkpBypassed, explanations) |
602 { | 605 { |
603 // Remove old state. | 606 // Remove old state. |
604 // It's safe to call this even when this._securityState is undefined. | 607 // It's safe to call this even when this._securityState is undefined. |
605 this._summarySection.classList.remove("security-summary-" + this._securi tyState); | 608 this._summarySection.classList.remove("security-summary-" + this._securi tyState); |
606 | 609 |
607 // Add new state. | 610 // Add new state. |
608 this._securityState = newSecurityState; | 611 this._securityState = newSecurityState; |
609 this._summarySection.classList.add("security-summary-" + this._securityS tate); | 612 this._summarySection.classList.add("security-summary-" + this._securityS tate); |
610 var summaryExplanationStrings = { | 613 var summaryExplanationStrings = { |
611 "unknown": WebInspector.UIString("The security of this page is unkn own."), | 614 "unknown": WebInspector.UIString("The security of this page is unkn own."), |
612 "insecure": WebInspector.UIString("This page is insecure (broken HTT PS)."), | 615 "insecure": WebInspector.UIString("This page is insecure (broken HTT PS)."), |
613 "neutral": WebInspector.UIString("This page is not secure."), | 616 "neutral": WebInspector.UIString("This page is not secure."), |
614 "secure": WebInspector.UIString("This page is secure (valid HTTPS) .") | 617 "secure": WebInspector.UIString("This page is secure (valid HTTPS) .") |
615 } | 618 } |
616 this._summaryText.textContent = summaryExplanationStrings[this._security State]; | 619 this._summaryText.textContent = summaryExplanationStrings[this._security State]; |
617 | 620 |
618 this._explanations = explanations, | 621 this._explanations = explanations, |
619 this._mixedContentStatus = mixedContentStatus; | 622 this._mixedContentStatus = mixedContentStatus; |
620 this._schemeIsCryptographic = schemeIsCryptographic; | 623 this._schemeIsCryptographic = schemeIsCryptographic; |
624 this._pkpBypassed = pkpBypassed; | |
621 | 625 |
622 this._panel.setRanInsecureContentStyle(mixedContentStatus.ranInsecureCon tentStyle); | 626 this._panel.setRanInsecureContentStyle(mixedContentStatus.ranInsecureCon tentStyle); |
623 this._panel.setDisplayedInsecureContentStyle(mixedContentStatus.displaye dInsecureContentStyle); | 627 this._panel.setDisplayedInsecureContentStyle(mixedContentStatus.displaye dInsecureContentStyle); |
624 | 628 |
625 this.refreshExplanations(); | 629 this.refreshExplanations(); |
626 }, | 630 }, |
627 | 631 |
628 refreshExplanations: function() | 632 refreshExplanations: function() |
629 { | 633 { |
630 this._securityExplanations.removeChildren(); | 634 this._securityExplanations.removeChildren(); |
631 for (var explanation of this._explanations) | 635 for (var explanation of this._explanations) |
632 this._addExplanation(explanation); | 636 this._addExplanation(explanation); |
633 | 637 |
634 this._addMixedContentExplanations(); | 638 this._addMixedContentExplanations(); |
639 this._addPKPBypassExplanations(); | |
635 }, | 640 }, |
636 | 641 |
642 _addPKPBypassExplanations: function() | |
643 { | |
644 if (!this._pkpBypassed) | |
645 return; | |
646 | |
647 this._addExplanation(/** @type {!SecurityAgent.SecurityStateExplanation} */ ({ | |
648 "securityState": SecurityAgent.SecurityState.Info, | |
649 "summary": WebInspector.UIString("Public-Key Pinning"), | |
lgarron
2016/07/06 22:19:43
Could you change this to "Public-Key Pinning Bypas
dadrian
2016/07/07 00:59:06
Done.
| |
650 "description": WebInspector.UIString("Public-key pinning was bypasse d by a local root certificate.") | |
651 })); | |
652 }, | |
653 | |
637 _addMixedContentExplanations: function() | 654 _addMixedContentExplanations: function() |
638 { | 655 { |
639 if (!this._schemeIsCryptographic) | 656 if (!this._schemeIsCryptographic) |
640 return; | 657 return; |
641 | 658 |
642 if (this._mixedContentStatus && (this._mixedContentStatus.ranInsecureCon tent || this._mixedContentStatus.displayedInsecureContent)) { | 659 if (this._mixedContentStatus && (this._mixedContentStatus.ranInsecureCon tent || this._mixedContentStatus.displayedInsecureContent)) { |
643 if (this._mixedContentStatus.ranInsecureContent) | 660 if (this._mixedContentStatus.ranInsecureContent) |
644 this._addMixedContentExplanation(this._mixedContentStatus.ranIns ecureContentStyle, WebInspector.UIString("Active Mixed Content"), WebInspector.U IString("You have recently allowed insecure content (such as scripts or iframes) to run on this site."), WebInspector.NetworkLogView.MixedContentFilterValues.Bl ockOverridden, showBlockOverriddenMixedContentInNetworkPanel); | 661 this._addMixedContentExplanation(this._mixedContentStatus.ranIns ecureContentStyle, WebInspector.UIString("Active Mixed Content"), WebInspector.U IString("You have recently allowed insecure content (such as scripts or iframes) to run on this site."), WebInspector.NetworkLogView.MixedContentFilterValues.Bl ockOverridden, showBlockOverriddenMixedContentInNetworkPanel); |
645 if (this._mixedContentStatus.displayedInsecureContent) | 662 if (this._mixedContentStatus.displayedInsecureContent) |
646 this._addMixedContentExplanation(this._mixedContentStatus.displa yedInsecureContentStyle, WebInspector.UIString("Mixed Content"), WebInspector.UI String("The site includes HTTP resources."), WebInspector.NetworkLogView.MixedCo ntentFilterValues.Displayed, showDisplayedMixedContentInNetworkPanel); | 663 this._addMixedContentExplanation(this._mixedContentStatus.displa yedInsecureContentStyle, WebInspector.UIString("Mixed Content"), WebInspector.UI String("The site includes HTTP resources."), WebInspector.NetworkLogView.MixedCo ntentFilterValues.Displayed, showDisplayedMixedContentInNetworkPanel); |
(...skipping 342 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
989 row.createChild("div").textContent = key; | 1006 row.createChild("div").textContent = key; |
990 | 1007 |
991 var valueDiv = row.createChild("div"); | 1008 var valueDiv = row.createChild("div"); |
992 if (typeof value === "string") { | 1009 if (typeof value === "string") { |
993 valueDiv.textContent = value; | 1010 valueDiv.textContent = value; |
994 } else { | 1011 } else { |
995 valueDiv.appendChild(value); | 1012 valueDiv.appendChild(value); |
996 } | 1013 } |
997 } | 1014 } |
998 } | 1015 } |
OLD | NEW |