| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef COMPONENTS_SECURITY_STATE_SECURITY_STATE_MODEL_H_ | 5 #ifndef COMPONENTS_SECURITY_STATE_SECURITY_STATE_MODEL_H_ |
| 6 #define COMPONENTS_SECURITY_STATE_SECURITY_STATE_MODEL_H_ | 6 #define COMPONENTS_SECURITY_STATE_SECURITY_STATE_MODEL_H_ |
| 7 | 7 |
| 8 #include "base/macros.h" | 8 #include "base/macros.h" |
| 9 #include "net/cert/cert_status_flags.h" | 9 #include "net/cert/cert_status_flags.h" |
| 10 #include "net/cert/sct_status_flags.h" | 10 #include "net/cert/sct_status_flags.h" |
| (...skipping 73 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 84 // Describes the security status of a page or request. This is the | 84 // Describes the security status of a page or request. This is the |
| 85 // main data structure provided by this class. | 85 // main data structure provided by this class. |
| 86 struct SecurityInfo { | 86 struct SecurityInfo { |
| 87 SecurityInfo(); | 87 SecurityInfo(); |
| 88 ~SecurityInfo(); | 88 ~SecurityInfo(); |
| 89 SecurityLevel security_level; | 89 SecurityLevel security_level; |
| 90 SHA1DeprecationStatus sha1_deprecation_status; | 90 SHA1DeprecationStatus sha1_deprecation_status; |
| 91 // |mixed_content_status| describes the presence of content that was | 91 // |mixed_content_status| describes the presence of content that was |
| 92 // |loaded over a nonsecure (HTTP) connection. | 92 // |loaded over a nonsecure (HTTP) connection. |
| 93 ContentStatus mixed_content_status; | 93 ContentStatus mixed_content_status; |
| 94 // |content_with_cert_errors_status| describes the presence of |
| 95 // |content that was loaded over an HTTPS connection with |
| 96 // |certificate errors. |
| 97 ContentStatus content_with_cert_errors_status; |
| 94 // The verification statuses of the signed certificate timestamps | 98 // The verification statuses of the signed certificate timestamps |
| 95 // for the connection. | 99 // for the connection. |
| 96 std::vector<net::ct::SCTVerifyStatus> sct_verify_statuses; | 100 std::vector<net::ct::SCTVerifyStatus> sct_verify_statuses; |
| 97 bool scheme_is_cryptographic; | 101 bool scheme_is_cryptographic; |
| 98 net::CertStatus cert_status; | 102 net::CertStatus cert_status; |
| 99 int cert_id; | 103 int cert_id; |
| 100 // The security strength, in bits, of the SSL cipher suite. In late | 104 // The security strength, in bits, of the SSL cipher suite. In late |
| 101 // 2015, 128 is considered the minimum. | 105 // 2015, 128 is considered the minimum. |
| 102 // 0 means the connection is not encrypted. | 106 // 0 means the connection is not encrypted. |
| 103 // -1 means the security strength is unknown. | 107 // -1 means the security strength is unknown. |
| (...skipping 27 matching lines...) Expand all Loading... |
| 131 net::CertStatus cert_status; | 135 net::CertStatus cert_status; |
| 132 int connection_status; | 136 int connection_status; |
| 133 int security_bits; | 137 int security_bits; |
| 134 // The verification statuses of the Signed Certificate | 138 // The verification statuses of the Signed Certificate |
| 135 // Timestamps (if any) that the server provided. | 139 // Timestamps (if any) that the server provided. |
| 136 std::vector<net::ct::SCTVerifyStatus> sct_verify_statuses; | 140 std::vector<net::ct::SCTVerifyStatus> sct_verify_statuses; |
| 137 // True if the page displayed passive mixed content. | 141 // True if the page displayed passive mixed content. |
| 138 bool displayed_mixed_content; | 142 bool displayed_mixed_content; |
| 139 // True if the page ran active mixed content. | 143 // True if the page ran active mixed content. |
| 140 bool ran_mixed_content; | 144 bool ran_mixed_content; |
| 145 // True if the page displayed passive subresources with certificate errors. |
| 146 bool displayed_content_with_cert_errors; |
| 147 // True if the page ran active subresources with certificate errors. |
| 148 bool ran_content_with_cert_errors; |
| 141 // True if PKP was bypassed due to a local trust anchor. | 149 // True if PKP was bypassed due to a local trust anchor. |
| 142 bool pkp_bypassed; | 150 bool pkp_bypassed; |
| 143 }; | 151 }; |
| 144 | 152 |
| 145 // These security levels describe the treatment given to pages that | 153 // These security levels describe the treatment given to pages that |
| 146 // display and run mixed content. They are used to coordinate the | 154 // display and run mixed content. They are used to coordinate the |
| 147 // treatment of mixed content with other security UI elements. | 155 // treatment of mixed content with other security UI elements. |
| 148 static const SecurityLevel kDisplayedInsecureContentLevel; | 156 static const SecurityLevel kDisplayedInsecureContentLevel; |
| 149 static const SecurityLevel kRanInsecureContentLevel; | 157 static const SecurityLevel kRanInsecureContentLevel; |
| 150 | 158 |
| (...skipping 15 matching lines...) Expand all Loading... |
| 166 mutable VisibleSecurityState visible_security_state_; | 174 mutable VisibleSecurityState visible_security_state_; |
| 167 | 175 |
| 168 SecurityStateModelClient* client_; | 176 SecurityStateModelClient* client_; |
| 169 | 177 |
| 170 DISALLOW_COPY_AND_ASSIGN(SecurityStateModel); | 178 DISALLOW_COPY_AND_ASSIGN(SecurityStateModel); |
| 171 }; | 179 }; |
| 172 | 180 |
| 173 } // namespace security_state | 181 } // namespace security_state |
| 174 | 182 |
| 175 #endif // COMPONENTS_SECURITY_STATE_SECURITY_STATE_MODEL_H_ | 183 #endif // COMPONENTS_SECURITY_STATE_SECURITY_STATE_MODEL_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2224023003:
Teach SecurityStateModel about subresources with cert errors (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master