| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" | 5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" |
| 6 | 6 |
| 7 #include <vector> | 7 #include <vector> |
| 8 | 8 |
| 9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
| 10 #include "base/metrics/field_trial.h" | 10 #include "base/metrics/field_trial.h" |
| (...skipping 136 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 147 description_replacements.push_back(cipher_name); | 147 description_replacements.push_back(cipher_name); |
| 148 | 148 |
| 149 security_style_explanations->info_explanations.push_back( | 149 security_style_explanations->info_explanations.push_back( |
| 150 content::SecurityStyleExplanation( | 150 content::SecurityStyleExplanation( |
| 151 l10n_util::GetStringUTF8(IDS_OBSOLETE_SSL_SUMMARY), | 151 l10n_util::GetStringUTF8(IDS_OBSOLETE_SSL_SUMMARY), |
| 152 base::UTF16ToUTF8( | 152 base::UTF16ToUTF8( |
| 153 l10n_util::GetStringFUTF16(IDS_OBSOLETE_SSL_DESCRIPTION, | 153 l10n_util::GetStringFUTF16(IDS_OBSOLETE_SSL_DESCRIPTION, |
| 154 description_replacements, nullptr)))); | 154 description_replacements, nullptr)))); |
| 155 } | 155 } |
| 156 | 156 |
| 157 // Check to see whether the security state should be downgraded to reflect |
| 158 // a Safe Browsing verdict. |
| 159 void CheckSafeBrowsingStatus(content::NavigationEntry* entry, |
| 160 content::WebContents* web_contents, |
| 161 SecurityStateModel::VisibleSecurityState* state) { |
| 162 safe_browsing::SafeBrowsingService* sb_service = |
| 163 g_browser_process->safe_browsing_service(); |
| 164 if (!sb_service) |
| 165 return; |
| 166 scoped_refptr<SafeBrowsingUIManager> sb_ui_manager = sb_service->ui_manager(); |
| 167 if (sb_ui_manager->IsUrlWhitelistedOrPendingForWebContents( |
| 168 entry->GetURL(), false, entry, web_contents, false)) { |
| 169 state->fails_malware_check = true; |
| 170 state->initial_security_level = SecurityStateModel::SECURITY_ERROR; |
| 171 } |
| 172 } |
| 173 |
| 157 } // namespace | 174 } // namespace |
| 158 | 175 |
| 159 ChromeSecurityStateModelClient::ChromeSecurityStateModelClient( | 176 ChromeSecurityStateModelClient::ChromeSecurityStateModelClient( |
| 160 content::WebContents* web_contents) | 177 content::WebContents* web_contents) |
| 161 : web_contents_(web_contents), | 178 : web_contents_(web_contents), |
| 162 security_state_model_(new SecurityStateModel()) { | 179 security_state_model_(new SecurityStateModel()) { |
| 163 security_state_model_->SetClient(this); | 180 security_state_model_->SetClient(this); |
| 164 } | 181 } |
| 165 | 182 |
| 166 ChromeSecurityStateModelClient::~ChromeSecurityStateModelClient() {} | 183 ChromeSecurityStateModelClient::~ChromeSecurityStateModelClient() {} |
| (...skipping 122 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 289 } | 306 } |
| 290 | 307 |
| 291 bool ChromeSecurityStateModelClient::IsOriginSecure(const GURL& url) { | 308 bool ChromeSecurityStateModelClient::IsOriginSecure(const GURL& url) { |
| 292 return content::IsOriginSecure(url); | 309 return content::IsOriginSecure(url); |
| 293 } | 310 } |
| 294 | 311 |
| 295 void ChromeSecurityStateModelClient::GetVisibleSecurityState( | 312 void ChromeSecurityStateModelClient::GetVisibleSecurityState( |
| 296 SecurityStateModel::VisibleSecurityState* state) { | 313 SecurityStateModel::VisibleSecurityState* state) { |
| 297 content::NavigationEntry* entry = | 314 content::NavigationEntry* entry = |
| 298 web_contents_->GetController().GetVisibleEntry(); | 315 web_contents_->GetController().GetVisibleEntry(); |
| 299 if (!entry || | 316 if (!entry) { |
| 300 entry->GetSSL().security_style == content::SECURITY_STYLE_UNKNOWN) { | |
| 301 *state = SecurityStateModel::VisibleSecurityState(); | 317 *state = SecurityStateModel::VisibleSecurityState(); |
| 302 return; | 318 return; |
| 303 } | 319 } |
| 304 | 320 |
| 321 if (entry->GetSSL().security_style == content::SECURITY_STYLE_UNKNOWN) { |
| 322 *state = SecurityStateModel::VisibleSecurityState(); |
| 323 // Connection security information is still being initialized, but malware |
| 324 // status might already be known. |
| 325 CheckSafeBrowsingStatus(entry, web_contents_, state); |
| 326 return; |
| 327 } |
| 328 |
| 305 state->connection_info_initialized = true; | 329 state->connection_info_initialized = true; |
| 306 state->url = entry->GetURL(); | 330 state->url = entry->GetURL(); |
| 307 const content::SSLStatus& ssl = entry->GetSSL(); | 331 const content::SSLStatus& ssl = entry->GetSSL(); |
| 308 state->initial_security_level = | 332 state->initial_security_level = |
| 309 GetSecurityLevelForSecurityStyle(ssl.security_style); | 333 GetSecurityLevelForSecurityStyle(ssl.security_style); |
| 310 state->cert_id = ssl.cert_id; | 334 state->cert_id = ssl.cert_id; |
| 311 state->cert_status = ssl.cert_status; | 335 state->cert_status = ssl.cert_status; |
| 312 state->connection_status = ssl.connection_status; | 336 state->connection_status = ssl.connection_status; |
| 313 state->security_bits = ssl.security_bits; | 337 state->security_bits = ssl.security_bits; |
| 314 state->pkp_bypassed = ssl.pkp_bypassed; | 338 state->pkp_bypassed = ssl.pkp_bypassed; |
| 315 state->sct_verify_statuses.clear(); | 339 state->sct_verify_statuses.clear(); |
| 316 state->sct_verify_statuses.insert(state->sct_verify_statuses.begin(), | 340 state->sct_verify_statuses.insert(state->sct_verify_statuses.begin(), |
| 317 ssl.sct_statuses.begin(), | 341 ssl.sct_statuses.begin(), |
| 318 ssl.sct_statuses.end()); | 342 ssl.sct_statuses.end()); |
| 319 state->displayed_mixed_content = | 343 state->displayed_mixed_content = |
| 320 !!(ssl.content_status & content::SSLStatus::DISPLAYED_INSECURE_CONTENT); | 344 !!(ssl.content_status & content::SSLStatus::DISPLAYED_INSECURE_CONTENT); |
| 321 state->ran_mixed_content = | 345 state->ran_mixed_content = |
| 322 !!(ssl.content_status & content::SSLStatus::RAN_INSECURE_CONTENT); | 346 !!(ssl.content_status & content::SSLStatus::RAN_INSECURE_CONTENT); |
| 323 state->displayed_content_with_cert_errors = | 347 state->displayed_content_with_cert_errors = |
| 324 !!(ssl.content_status & | 348 !!(ssl.content_status & |
| 325 content::SSLStatus::DISPLAYED_CONTENT_WITH_CERT_ERRORS); | 349 content::SSLStatus::DISPLAYED_CONTENT_WITH_CERT_ERRORS); |
| 326 state->ran_content_with_cert_errors = | 350 state->ran_content_with_cert_errors = |
| 327 !!(ssl.content_status & content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS); | 351 !!(ssl.content_status & content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS); |
| 328 | 352 |
| 329 // Check to see whether the security state should be downgraded to reflect | 353 CheckSafeBrowsingStatus(entry, web_contents_, state); |
| 330 // a Safe Browsing verdict. | |
| 331 safe_browsing::SafeBrowsingService* sb_service = | |
| 332 g_browser_process->safe_browsing_service(); | |
| 333 if (!sb_service) | |
| 334 return; | |
| 335 scoped_refptr<SafeBrowsingUIManager> sb_ui_manager = sb_service->ui_manager(); | |
| 336 if (sb_ui_manager->IsUrlWhitelistedForWebContents(entry->GetURL(), false, | |
| 337 entry, web_contents_)) { | |
| 338 state->fails_malware_check = true; | |
| 339 state->initial_security_level = SecurityStateModel::SECURITY_ERROR; | |
| 340 } | |
| 341 } | 354 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2275123004:
Downgrade security state while displaying an SB interstitial (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@dangerstate