Chromium Code Reviews Chromium Code Reviews
Issue 2118583003:
Display when PKP is bypassed in devtools (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CONTENT_PUBLIC_BROWSER_SECURITY_STYLE_EXPLANATIONS_H_ | 5 #ifndef CONTENT_PUBLIC_BROWSER_SECURITY_STYLE_EXPLANATIONS_H_ |
| 6 #define CONTENT_PUBLIC_BROWSER_SECURITY_STYLE_EXPLANATIONS_H_ | 6 #define CONTENT_PUBLIC_BROWSER_SECURITY_STYLE_EXPLANATIONS_H_ |
| 7 | 7 |
| 8 #include <vector> | 8 #include <vector> |
| 9 | 9 |
| 10 #include "content/common/content_export.h" | 10 #include "content/common/content_export.h" |
| 11 #include "content/public/browser/security_style_explanation.h" | 11 #include "content/public/browser/security_style_explanation.h" |
| 12 #include "content/public/common/security_style.h" | 12 #include "content/public/common/security_style.h" |
| 13 | 13 |
| 14 namespace content { | 14 namespace content { |
| 15 | 15 |
| 16 // SecurityStyleExplanations contains information about why a particular | 16 // SecurityStyleExplanations contains information about why a particular |
| 17 // SecurityStyle was chosen for a page. This information includes the | 17 // SecurityStyle was chosen for a page. This information includes the |
| 18 // mixed content status of the page and whether the page was loaded over | 18 // mixed content status of the page and whether the page was loaded over |
| 19 // a cryptographically secure transport. Additionally, | 19 // a cryptographically secure transport. Additionally, |
| 20 // SecurityStyleExplanations contains human-readable | 20 // SecurityStyleExplanations contains human-readable |
| 21 // SecurityStyleExplanation objects that the embedder can use to | 21 // SecurityStyleExplanation objects that the embedder can use to |
| 22 // describe embedder-specific security policies. Each | 22 // describe embedder-specific security policies. Each |
| 23 // SecurityStyleExplanation is a single security property of a page (for | 23 // SecurityStyleExplanation is a single security property of a page (for |
| 24 // example, an expired certificate, a valid certificate, or the presence | 24 // example, an expired certificate, a valid certificate, or the presence |
| 25 // of a deprecated crypto algorithm). A single site may have multiple | 25 // of a deprecated crypto algorithm). A single site may have multiple |
| 26 // different explanations of "secure", "warning", and "broken" severity | 26 // different explanations of "secure", "warning", and "broken" severity |
|
Charlie Reis
2016/07/07 17:06:32
Please list "info" here as well.
dadrian
2016/07/07 17:33:03
Done.
| |
| 27 // levels. | 27 // levels. |
| 28 struct SecurityStyleExplanations { | 28 struct SecurityStyleExplanations { |
| 29 CONTENT_EXPORT SecurityStyleExplanations(); | 29 CONTENT_EXPORT SecurityStyleExplanations(); |
| 30 CONTENT_EXPORT ~SecurityStyleExplanations(); | 30 CONTENT_EXPORT ~SecurityStyleExplanations(); |
| 31 | 31 |
| 32 // True if the page ran insecure content such as scripts. | 32 // True if the page ran insecure content such as scripts. |
| 33 bool ran_insecure_content; | 33 bool ran_insecure_content; |
| 34 // True if the page displayed insecure content such as images. | 34 // True if the page displayed insecure content such as images. |
| 35 bool displayed_insecure_content; | 35 bool displayed_insecure_content; |
| 36 | 36 |
| 37 // The SecurityStyle assigned to a page that runs or displays insecure | 37 // The SecurityStyle assigned to a page that runs or displays insecure |
| 38 // content, respectively. These values are used to convey the effect | 38 // content, respectively. These values are used to convey the effect |
| 39 // that mixed content has on the overall SecurityStyle of the page; | 39 // that mixed content has on the overall SecurityStyle of the page; |
| 40 // for example, a |displayed_insecure_content_style| value of | 40 // for example, a |displayed_insecure_content_style| value of |
| 41 // SECURITY_STYLE_UNAUTHENTICATED indicates that the page's overall | 41 // SECURITY_STYLE_UNAUTHENTICATED indicates that the page's overall |
| 42 // SecurityStyle will be downgraded to UNAUTHENTICATED as a result of | 42 // SecurityStyle will be downgraded to UNAUTHENTICATED as a result of |
| 43 // displaying insecure content. | 43 // displaying insecure content. |
| 44 SecurityStyle ran_insecure_content_style; | 44 SecurityStyle ran_insecure_content_style; |
| 45 SecurityStyle displayed_insecure_content_style; | 45 SecurityStyle displayed_insecure_content_style; |
| 46 | 46 |
| 47 bool scheme_is_cryptographic; | 47 bool scheme_is_cryptographic; |
| 48 | 48 |
| 49 // True if PKP was bypassed due to a local trust anchor. | 49 // True if PKP was bypassed due to a local trust anchor. |
| 50 bool pkp_bypassed; | 50 bool pkp_bypassed; |
| 51 | 51 |
| 52 std::vector<SecurityStyleExplanation> secure_explanations; | 52 std::vector<SecurityStyleExplanation> secure_explanations; |
|
Charlie Reis
2016/07/07 17:06:32
Can you put a comment on this block saying somethi
dadrian
2016/07/07 17:33:03
Done.
| |
| 53 std::vector<SecurityStyleExplanation> unauthenticated_explanations; | 53 std::vector<SecurityStyleExplanation> unauthenticated_explanations; |
| 54 std::vector<SecurityStyleExplanation> broken_explanations; | 54 std::vector<SecurityStyleExplanation> broken_explanations; |
| 55 std::vector<SecurityStyleExplanation> info_explanations; | |
| 55 }; | 56 }; |
| 56 | 57 |
| 57 } // namespace content | 58 } // namespace content |
| 58 | 59 |
| 59 #endif // CONTENT_PUBLIC_BROWSER_SECURITY_STYLE_EXPLANATION_H_ | 60 #endif // CONTENT_PUBLIC_BROWSER_SECURITY_STYLE_EXPLANATION_H_ |
| OLD | NEW |
