| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CONTENT_BROWSER_SSL_SSL_POLICY_H_ | 5 #ifndef CONTENT_BROWSER_SSL_SSL_POLICY_H_ |
| 6 #define CONTENT_BROWSER_SSL_SSL_POLICY_H_ | 6 #define CONTENT_BROWSER_SSL_SSL_POLICY_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/macros.h" | 10 #include "base/macros.h" |
| (...skipping 15 matching lines...) Expand all Loading... |
| 26 // | 26 // |
| 27 // This class is responsible for making the security decisions that concern the | 27 // This class is responsible for making the security decisions that concern the |
| 28 // SSL trust indicators. It relies on the SSLPolicyBackend to actually enact | 28 // SSL trust indicators. It relies on the SSLPolicyBackend to actually enact |
| 29 // the decisions it reaches. | 29 // the decisions it reaches. |
| 30 // | 30 // |
| 31 class SSLPolicy { | 31 class SSLPolicy { |
| 32 public: | 32 public: |
| 33 explicit SSLPolicy(SSLPolicyBackend* backend); | 33 explicit SSLPolicy(SSLPolicyBackend* backend); |
| 34 | 34 |
| 35 // An error occurred with the certificate in an SSL connection. | 35 // An error occurred with the certificate in an SSL connection. |
| 36 void OnCertError(SSLErrorHandler* handler); | 36 void OnCertError(std::unique_ptr<SSLErrorHandler> handler); |
| 37 | 37 |
| 38 void DidRunInsecureContent(NavigationEntryImpl* entry, | 38 void DidRunInsecureContent(NavigationEntryImpl* entry, |
| 39 const GURL& security_origin); | 39 const GURL& security_origin); |
| 40 | 40 |
| 41 // We have started a resource request for |url| with the given |cert_id| and | 41 // We have started a resource request for |url| with the given |cert_id| and |
| 42 // |cert_status|. | 42 // |cert_status|. |
| 43 void OnRequestStarted(const GURL& url, | 43 void OnRequestStarted(const GURL& url, |
| 44 int cert_id, | 44 int cert_id, |
| 45 net::CertStatus cert_status); | 45 net::CertStatus cert_status); |
| 46 | 46 |
| (...skipping 10 matching lines...) Expand all Loading... |
| 57 int cert_id, | 57 int cert_id, |
| 58 net::CertStatus cert_status); | 58 net::CertStatus cert_status); |
| 59 | 59 |
| 60 private: | 60 private: |
| 61 enum OnCertErrorInternalOptionsMask { | 61 enum OnCertErrorInternalOptionsMask { |
| 62 OVERRIDABLE = 1 << 0, | 62 OVERRIDABLE = 1 << 0, |
| 63 STRICT_ENFORCEMENT = 1 << 1, | 63 STRICT_ENFORCEMENT = 1 << 1, |
| 64 EXPIRED_PREVIOUS_DECISION = 1 << 2 | 64 EXPIRED_PREVIOUS_DECISION = 1 << 2 |
| 65 }; | 65 }; |
| 66 | 66 |
| 67 // Callback that the user chose to accept or deny the certificate. | |
| 68 void OnAllowCertificate(scoped_refptr<SSLErrorHandler> handler, | |
| 69 CertificateRequestResultType decision); | |
| 70 | |
| 71 // Helper method for derived classes handling certificate errors. | 67 // Helper method for derived classes handling certificate errors. |
| 72 // | 68 // |
| 73 // Options should be a bitmask combination of OnCertErrorInternalOptionsMask. | 69 // Options should be a bitmask combination of OnCertErrorInternalOptionsMask. |
| 74 // OVERRIDABLE indicates whether or not the user could (assuming perfect | 70 // OVERRIDABLE indicates whether or not the user could (assuming perfect |
| 75 // knowledge) successfully override the error and still get the security | 71 // knowledge) successfully override the error and still get the security |
| 76 // guarantees of TLS. STRICT_ENFORCEMENT indicates whether or not the site the | 72 // guarantees of TLS. STRICT_ENFORCEMENT indicates whether or not the site the |
| 77 // user is trying to connect to has requested strict enforcement of | 73 // user is trying to connect to has requested strict enforcement of |
| 78 // certificate validation (e.g. with HTTP Strict-Transport-Security). | 74 // certificate validation (e.g. with HTTP Strict-Transport-Security). |
| 79 // EXPIRED_PREVIOUS_DECISION indicates whether a user decision had been | 75 // EXPIRED_PREVIOUS_DECISION indicates whether a user decision had been |
| 80 // previously made but the decision has expired. | 76 // previously made but the decision has expired. |
| 81 void OnCertErrorInternal(SSLErrorHandler* handler, int options_mask); | 77 void OnCertErrorInternal(std::unique_ptr<SSLErrorHandler> handler, |
| 78 int options_mask); |
| 82 | 79 |
| 83 // If the security style of |entry| has not been initialized, then initialize | 80 // If the security style of |entry| has not been initialized, then initialize |
| 84 // it with the default style for its URL. | 81 // it with the default style for its URL. |
| 85 void InitializeEntryIfNeeded(NavigationEntryImpl* entry); | 82 void InitializeEntryIfNeeded(NavigationEntryImpl* entry); |
| 86 | 83 |
| 87 // The backend we use to enact our decisions. | 84 // The backend we use to enact our decisions. |
| 88 SSLPolicyBackend* backend_; | 85 SSLPolicyBackend* backend_; |
| 89 | 86 |
| 90 DISALLOW_COPY_AND_ASSIGN(SSLPolicy); | 87 DISALLOW_COPY_AND_ASSIGN(SSLPolicy); |
| 91 }; | 88 }; |
| 92 | 89 |
| 93 } // namespace content | 90 } // namespace content |
| 94 | 91 |
| 95 #endif // CONTENT_BROWSER_SSL_SSL_POLICY_H_ | 92 #endif // CONTENT_BROWSER_SSL_SSL_POLICY_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2213193005:
Make SSLErrorHandler UI-thread-only and not-refcounted (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master