Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(338)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 2226363002: Track subresources with cert errors separately from mixed content (Closed)

Created:
4 years, 4 months ago by estark
Modified:
4 years, 4 months ago
Reviewers:
jam
CC:
chromium-reviews, jam, nasko+codewatch_chromium.org, darin-cc_chromium.org, creis+watch_chromium.org
Base URL:
https://chromium.googlesource.com/chromium/src.git@master
Target Ref:
refs/pending/heads/master
Project:
chromium
Visibility:
Public.

Description

Track subresources with cert errors separately from mixed content This is the final in a series of CLs to create dedicated plumbing for subresources with certificate errors, instead of treating them like mixed content from the browser's perspective. Previously, when WebContentsImpl learned about a subresource with certificate errors, it set its own DisplayedInsecureContent() flag for a passive resource, or notified SSLManager::HostRanInsecureContent() about an active subresource. This is the same set of mechanisms that was used for subresources loaded over HTTP on HTTPS pages (mixed content). In this CL, SSLManager, SSLPolicy, and SSLPolicyBackend get mechanisms for tracking subresources with cert errors separately from mixed content. WebContentsImpl also gets a DisplayedContentWithCertErrors() flag separate from DisplayedInsecureContent() which it uses for mixed content. This separate set of plumbing allows browser UI to distinguish mixed content from subresources with cert errors; for example, the DevTools security panel should use a separate message to describe these two different situations. (This CL does not actually make aforementioned UI changes, but rather just sets up the plumbing to do so.) #1: https://codereview.chromium.org/2224193003/ Rename SecurityStateModel::MIXED_CONTENT_STATUS enum values #2: https://codereview.chromium.org/2224023003/ Teach SecurityStateModel about subresources with cert errors #3: https://codereview.chromium.org/2225213004/ Teach SSLHostStateDelegate about subresources with cert errors #4: https://codereview.chromium.org/2226363002/ (this CL) BUG=634171, 636986 Committed: https://crrev.com/cd2e30cd6679e2249af296807d7270087879919d Cr-Commit-Position: refs/heads/master@{#411564}

Patch Set 1 #

Total comments: 4

Patch Set 2 : rebase #

Patch Set 3 : jam comments #

Patch Set 4 : remove some more TODOs #

Patch Set 5 : add comments #

Unified diffs Side-by-side diffs Delta from patch set Stats (+185 lines, -78 lines) Patch
M chrome/browser/ssl/ssl_browser_tests.cc View 1 2 3 9 chunks +51 lines, -25 lines 0 comments Download
M content/browser/service_worker/service_worker_browsertest.cc View 1 2 3 chunks +5 lines, -2 lines 0 comments Download
M content/browser/site_per_process_browsertest.cc View 1 2 6 chunks +29 lines, -21 lines 0 comments Download
M content/browser/ssl/ssl_manager.h View 1 1 chunk +4 lines, -1 line 0 comments Download
M content/browser/ssl/ssl_manager.cc View 1 1 chunk +6 lines, -0 lines 0 comments Download
M content/browser/ssl/ssl_policy.h View 1 1 chunk +3 lines, -0 lines 0 comments Download
M content/browser/ssl/ssl_policy.cc View 1 2 3 chunks +33 lines, -2 lines 0 comments Download
M content/browser/ssl/ssl_policy_backend.h View 1 chunk +9 lines, -2 lines 0 comments Download
M content/browser/ssl/ssl_policy_backend.cc View 1 chunk +17 lines, -0 lines 0 comments Download
M content/browser/web_contents/web_contents_impl.h View 1 2 3 4 3 chunks +14 lines, -2 lines 0 comments Download
M content/browser/web_contents/web_contents_impl.cc View 1 2 4 chunks +14 lines, -20 lines 0 comments Download
M content/public/browser/web_contents.h View 1 2 1 chunk +0 lines, -3 lines 0 comments Download

Messages

Total messages: 20 (14 generated)
estark
jam, this is #4/4. Thanks!
4 years, 4 months ago (2016-08-11 16:06:28 UTC) #7
jam
lgtm https://codereview.chromium.org/2226363002/diff/1/chrome/browser/ssl/ssl_browser_tests.cc File chrome/browser/ssl/ssl_browser_tests.cc (right): https://codereview.chromium.org/2226363002/diff/1/chrome/browser/ssl/ssl_browser_tests.cc#newcode341 chrome/browser/ssl/ssl_browser_tests.cc:341: // interceptor to hang all favicon requests. nit: ...
4 years, 4 months ago (2016-08-11 19:53:20 UTC) #8
estark
https://codereview.chromium.org/2226363002/diff/1/chrome/browser/ssl/ssl_browser_tests.cc File chrome/browser/ssl/ssl_browser_tests.cc (right): https://codereview.chromium.org/2226363002/diff/1/chrome/browser/ssl/ssl_browser_tests.cc#newcode341 chrome/browser/ssl/ssl_browser_tests.cc:341: // interceptor to hang all favicon requests. On 2016/08/11 ...
4 years, 4 months ago (2016-08-12 04:56:02 UTC) #9
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.org/2226363002/80001
4 years, 4 months ago (2016-08-12 06:47:49 UTC) #16
commit-bot: I haz the power
Committed patchset #5 (id:80001)
4 years, 4 months ago (2016-08-12 06:51:34 UTC) #18
commit-bot: I haz the power
4 years, 4 months ago (2016-08-12 06:53:22 UTC) #20
Message was sent while issue was closed. 
Patchset 5 (id:??) landed as
https://crrev.com/cd2e30cd6679e2249af296807d7270087879919d
Cr-Commit-Position: refs/heads/master@{#411564}

Powered by Google App Engine
This is Rietveld 408576698