Track subresources with cert errors separately from mixed content

content/browser/web_contents/web_contents_impl.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/browser/web_contents/web_contents_impl.h"
 
 #include <stddef.h>
 
 #include <cmath>
 #include <utility>
@@ skipping 389 matching lines @@
                   this),
       is_load_to_different_document_(false),
       crashed_status_(base::TERMINATION_STATUS_STILL_RUNNING),
       crashed_error_code_(0),
       waiting_for_response_(false),
       load_state_(net::LOAD_STATE_IDLE, base::string16()),
       upload_size_(0),
       upload_position_(0),
       is_resume_pending_(false),
       displayed_insecure_content_(false),
+      displayed_content_with_cert_errors_(false),
       has_accessed_initial_document_(false),
       theme_color_(SK_ColorTRANSPARENT),
       last_sent_theme_color_(SK_ColorTRANSPARENT),
       did_first_visually_non_empty_paint_(false),
       capturer_count_(0),
       should_normally_be_visible_(true),
       did_first_set_visible_(false),
       is_being_destroyed_(false),
       notify_disconnection_(false),
       dialog_manager_(NULL),
@@ skipping 764 matching lines @@
 }
 
 uint64_t WebContentsImpl::GetUploadPosition() const {
   return upload_position_;
 }
 
 const std::string& WebContentsImpl::GetEncoding() const {
   return canonical_encoding_;
 }
 
-bool WebContentsImpl::DisplayedInsecureContent() const {
-  return displayed_insecure_content_;
-}
-
 void WebContentsImpl::IncrementCapturerCount(const gfx::Size& capture_size) {
   DCHECK(!is_being_destroyed_);
   ++capturer_count_;
   DVLOG(1) << "There are now " << capturer_count_
            << " capturing(s) of WebContentsImpl@" << this;
 
   // Note: This provides a hint to upstream code to size the views optimally
   // for quality (e.g., to avoid scaling).
   if (!capture_size.IsEmpty() && preferred_size_for_capture_.IsEmpty()) {
     preferred_size_for_capture_ = capture_size;
@@ skipping 1302 matching lines @@
 void WebContentsImpl::ResizeDueToAutoResize(
     RenderWidgetHostImpl* render_widget_host,
     const gfx::Size& new_size) {
   if (render_widget_host != GetRenderViewHost()->GetWidget())
     return;
 
   if (delegate_)
     delegate_->ResizeDueToAutoResize(this, new_size);
 }
 
+bool WebContentsImpl::DisplayedInsecureContent() const {
+  return displayed_insecure_content_;
+}
+
+bool WebContentsImpl::DisplayedContentWithCertErrors() const {
+  return displayed_content_with_cert_errors_;
+}
+
 WebContents* WebContentsImpl::OpenURL(const OpenURLParams& params) {
   if (!delegate_)
     return NULL;
 
   WebContents* new_contents = delegate_->OpenURLFromTab(this, params);
   return new_contents;
 }
 
 bool WebContentsImpl::Send(IPC::Message* message) {
   if (!GetRenderViewHost()) {
@@ skipping 972 matching lines @@
   if (base::EndsWith(security_origin.spec(), kDotGoogleDotCom,
                      base::CompareCase::INSENSITIVE_ASCII))
     RecordAction(base::UserMetricsAction("SSL.RanInsecureContentGoogle"));
   controller_.ssl_manager()->DidRunInsecureContent(security_origin);
   SSLManager::NotifySSLInternalStateChanged(
       GetController().GetBrowserContext());
 }
 
 void WebContentsImpl::OnDidDisplayContentWithCertificateErrors(
     const GURL& url) {
-  // Check that the main frame navigation entry has a cryptographic
-  // scheme; the security UI is associated with the main frame rather
-  // than the subframe (if any) that actually displayed the subresource
-  // with errors.
-  NavigationEntry* entry = controller_.GetLastCommittedEntry();
-  if (!entry || !entry->GetURL().SchemeIsCryptographic())
-    return;
-
-  displayed_insecure_content_ = true;
+  displayed_content_with_cert_errors_ = true;
   SSLManager::NotifySSLInternalStateChanged(
       GetController().GetBrowserContext());
 }
 
 void WebContentsImpl::OnDidRunContentWithCertificateErrors(
     const GURL& url) {
-  // Check that the main frame navigation entry has a cryptographic
-  // scheme; the security UI is associated with the main frame rather
-  // than the subframe (if any) that actually displayed the subresource
-  // with errors.
-  NavigationEntry* entry = controller_.GetLastCommittedEntry();
-  if (!entry || !entry->GetURL().SchemeIsCryptographic())
+  NavigationEntry* entry = controller_.GetVisibleEntry();
+  if (!entry)
     return;
 
   // TODO(estark): check that this does something reasonable for
   // about:blank and sandboxed origins. https://crbug.com/609527
-  controller_.ssl_manager()->DidRunInsecureContent(entry->GetURL().GetOrigin());
+  controller_.ssl_manager()->DidRunContentWithCertErrors(
+      entry->GetURL().GetOrigin());
   SSLManager::NotifySSLInternalStateChanged(
       GetController().GetBrowserContext());
 }
 
 void WebContentsImpl::OnDocumentLoadedInFrame() {
   if (!HasValidFrameSource())
     return;
 
   RenderFrameHostImpl* rfh =
       static_cast<RenderFrameHostImpl*>(render_frame_message_source_);
@@ skipping 1691 matching lines @@
   for (RenderViewHost* render_view_host : render_view_host_set)
     render_view_host->OnWebkitPreferencesChanged();
 }
 
 void WebContentsImpl::SetJavaScriptDialogManagerForTesting(
     JavaScriptDialogManager* dialog_manager) {
   dialog_manager_ = dialog_manager;
 }
 
 }  // namespace content