Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(336)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: third_party/WebKit/Source/devtools/front_end/security/SecurityPanel.js

Issue 2118583003: Display when PKP is bypassed in devtools (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« third_party/WebKit/LayoutTests/http/tests/inspector/security/security-pkp-bypassed-expected.txt ('K') | « third_party/WebKit/Source/devtools/front_end/security/SecurityModel.js ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: third_party/WebKit/Source/devtools/front_end/security/SecurityPanel.js
diff --git a/third_party/WebKit/Source/devtools/front_end/security/SecurityPanel.js b/third_party/WebKit/Source/devtools/front_end/security/SecurityPanel.js
index 63927d4d4080cb57572d6265fb4114e38034ef87..dc0e2d077564916cc8623efbdaaf4c3f53e1adca 100644
--- a/third_party/WebKit/Source/devtools/front_end/security/SecurityPanel.js
+++ b/third_party/WebKit/Source/devtools/front_end/security/SecurityPanel.js
@@ -65,11 +65,12 @@ WebInspector.SecurityPanel.prototype = {
* @param {!Array<!SecurityAgent.SecurityStateExplanation>} explanations
* @param {?SecurityAgent.MixedContentStatus} mixedContentStatus
* @param {boolean} schemeIsCryptographic
+ * @param {boolean} pkpBypassed
*/
- _updateSecurityState: function(newSecurityState, explanations, mixedContentStatus, schemeIsCryptographic)
+ _updateSecurityState: function(newSecurityState, explanations, mixedContentStatus, schemeIsCryptographic, pkpBypassed)
{
this._sidebarMainViewElement.setSecurityState(newSecurityState);
- this._mainView.updateSecurityState(newSecurityState, explanations, mixedContentStatus, schemeIsCryptographic);
+ this._mainView.updateSecurityState(newSecurityState, explanations, mixedContentStatus, schemeIsCryptographic, pkpBypassed);
},
/**
@@ -82,7 +83,8 @@ WebInspector.SecurityPanel.prototype = {
var explanations = /** @type {!Array<!SecurityAgent.SecurityStateExplanation>} */ (data.explanations);
var mixedContentStatus = /** @type {?SecurityAgent.MixedContentStatus} */ (data.mixedContentStatus);
var schemeIsCryptographic = /** @type {boolean} */ (data.schemeIsCryptographic);
- this._updateSecurityState(securityState, explanations, mixedContentStatus, schemeIsCryptographic);
+ var pkpBypassed = /** @type {boolean} */ (data.pkpBypassed);
+ this._updateSecurityState(securityState, explanations, mixedContentStatus, schemeIsCryptographic, pkpBypassed);
},
selectAndSwitchToMainView: function()
@@ -597,8 +599,9 @@ WebInspector.SecurityMainView.prototype = {
* @param {!Array<!SecurityAgent.SecurityStateExplanation>} explanations
* @param {?SecurityAgent.MixedContentStatus} mixedContentStatus
* @param {boolean} schemeIsCryptographic
+ * @param {boolean} pkpBypassed
*/
- updateSecurityState: function(newSecurityState, explanations, mixedContentStatus, schemeIsCryptographic)
+ updateSecurityState: function(newSecurityState, explanations, mixedContentStatus, schemeIsCryptographic, pkpBypassed)
{
// Remove old state.
// It's safe to call this even when this._securityState is undefined.
@@ -613,11 +616,13 @@ WebInspector.SecurityMainView.prototype = {
"neutral": WebInspector.UIString("This page is not secure."),
"secure": WebInspector.UIString("This page is secure (valid HTTPS).")
}
+ var pkpBypassedExplanation = WebInspector.UIString("Public-key pinning was bypassed by a local root certificate.");
lgarron 2016/07/01 01:33:39 Unused? (It seems to be hardcoded separately below
dadrian 2016/07/01 01:58:45 Whoops, Done.
this._summaryText.textContent = summaryExplanationStrings[this._securityState];
this._explanations = explanations,
this._mixedContentStatus = mixedContentStatus;
this._schemeIsCryptographic = schemeIsCryptographic;
+ this._pkpBypassed = pkpBypassed;
this._panel.setRanInsecureContentStyle(mixedContentStatus.ranInsecureContentStyle);
this._panel.setDisplayedInsecureContentStyle(mixedContentStatus.displayedInsecureContentStyle);
@@ -632,8 +637,21 @@ WebInspector.SecurityMainView.prototype = {
this._addExplanation(explanation);
this._addMixedContentExplanations();
+ this._addPKPBypassExplanations();
},
+ _addPKPBypassExplanations: function()
+ {
+ if (!this._pkpBypassed)
+ return;
+
+ this._addExplanation(/** @type {!SecurityAgent.SecurityStateExplanation} */ ({
+ "securityState": SecurityAgent.SecurityState.Info,
+ "summary": WebInspector.UIString("Public-Key Pinning"),
+ "description": WebInspector.UIString("Public-key pinning was bypassed by a local root certificate.")
+ }));
+ },
+
_addMixedContentExplanations: function()
{
if (!this._schemeIsCryptographic)
« third_party/WebKit/LayoutTests/http/tests/inspector/security/security-pkp-bypassed-expected.txt ('K') | « third_party/WebKit/Source/devtools/front_end/security/SecurityModel.js ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698