OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" | 5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" |
6 | 6 |
7 #include <vector> | 7 #include <vector> |
8 | 8 |
9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
10 #include "base/metrics/field_trial.h" | 10 #include "base/metrics/field_trial.h" |
(...skipping 136 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
147 description_replacements.push_back(cipher_name); | 147 description_replacements.push_back(cipher_name); |
148 | 148 |
149 security_style_explanations->info_explanations.push_back( | 149 security_style_explanations->info_explanations.push_back( |
150 content::SecurityStyleExplanation( | 150 content::SecurityStyleExplanation( |
151 l10n_util::GetStringUTF8(IDS_OBSOLETE_SSL_SUMMARY), | 151 l10n_util::GetStringUTF8(IDS_OBSOLETE_SSL_SUMMARY), |
152 base::UTF16ToUTF8( | 152 base::UTF16ToUTF8( |
153 l10n_util::GetStringFUTF16(IDS_OBSOLETE_SSL_DESCRIPTION, | 153 l10n_util::GetStringFUTF16(IDS_OBSOLETE_SSL_DESCRIPTION, |
154 description_replacements, nullptr)))); | 154 description_replacements, nullptr)))); |
155 } | 155 } |
156 | 156 |
| 157 // Check to see whether the security state should be downgraded to reflect |
| 158 // a Safe Browsing verdict. |
| 159 void CheckSafeBrowsingStatus(content::NavigationEntry* entry, |
| 160 content::WebContents* web_contents, |
| 161 SecurityStateModel::VisibleSecurityState* state) { |
| 162 safe_browsing::SafeBrowsingService* sb_service = |
| 163 g_browser_process->safe_browsing_service(); |
| 164 if (!sb_service) |
| 165 return; |
| 166 scoped_refptr<SafeBrowsingUIManager> sb_ui_manager = sb_service->ui_manager(); |
| 167 if (sb_ui_manager->IsUrlWhitelistedOrPendingForWebContents( |
| 168 entry->GetURL(), false, entry, web_contents, false)) { |
| 169 state->fails_malware_check = true; |
| 170 state->initial_security_level = SecurityStateModel::SECURITY_ERROR; |
| 171 } |
| 172 } |
| 173 |
157 } // namespace | 174 } // namespace |
158 | 175 |
159 ChromeSecurityStateModelClient::ChromeSecurityStateModelClient( | 176 ChromeSecurityStateModelClient::ChromeSecurityStateModelClient( |
160 content::WebContents* web_contents) | 177 content::WebContents* web_contents) |
161 : web_contents_(web_contents), | 178 : web_contents_(web_contents), |
162 security_state_model_(new SecurityStateModel()) { | 179 security_state_model_(new SecurityStateModel()) { |
163 security_state_model_->SetClient(this); | 180 security_state_model_->SetClient(this); |
164 } | 181 } |
165 | 182 |
166 ChromeSecurityStateModelClient::~ChromeSecurityStateModelClient() {} | 183 ChromeSecurityStateModelClient::~ChromeSecurityStateModelClient() {} |
(...skipping 122 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
289 } | 306 } |
290 | 307 |
291 bool ChromeSecurityStateModelClient::IsOriginSecure(const GURL& url) { | 308 bool ChromeSecurityStateModelClient::IsOriginSecure(const GURL& url) { |
292 return content::IsOriginSecure(url); | 309 return content::IsOriginSecure(url); |
293 } | 310 } |
294 | 311 |
295 void ChromeSecurityStateModelClient::GetVisibleSecurityState( | 312 void ChromeSecurityStateModelClient::GetVisibleSecurityState( |
296 SecurityStateModel::VisibleSecurityState* state) { | 313 SecurityStateModel::VisibleSecurityState* state) { |
297 content::NavigationEntry* entry = | 314 content::NavigationEntry* entry = |
298 web_contents_->GetController().GetVisibleEntry(); | 315 web_contents_->GetController().GetVisibleEntry(); |
299 if (!entry || | 316 if (!entry) { |
300 entry->GetSSL().security_style == content::SECURITY_STYLE_UNKNOWN) { | |
301 *state = SecurityStateModel::VisibleSecurityState(); | 317 *state = SecurityStateModel::VisibleSecurityState(); |
302 return; | 318 return; |
303 } | 319 } |
304 | 320 |
| 321 if (entry->GetSSL().security_style == content::SECURITY_STYLE_UNKNOWN) { |
| 322 *state = SecurityStateModel::VisibleSecurityState(); |
| 323 // Connection security information is still being initialized, but malware |
| 324 // status might already be known. |
| 325 CheckSafeBrowsingStatus(entry, web_contents_, state); |
| 326 return; |
| 327 } |
| 328 |
305 state->connection_info_initialized = true; | 329 state->connection_info_initialized = true; |
306 state->url = entry->GetURL(); | 330 state->url = entry->GetURL(); |
307 const content::SSLStatus& ssl = entry->GetSSL(); | 331 const content::SSLStatus& ssl = entry->GetSSL(); |
308 state->initial_security_level = | 332 state->initial_security_level = |
309 GetSecurityLevelForSecurityStyle(ssl.security_style); | 333 GetSecurityLevelForSecurityStyle(ssl.security_style); |
310 state->cert_id = ssl.cert_id; | 334 state->cert_id = ssl.cert_id; |
311 state->cert_status = ssl.cert_status; | 335 state->cert_status = ssl.cert_status; |
312 state->connection_status = ssl.connection_status; | 336 state->connection_status = ssl.connection_status; |
313 state->security_bits = ssl.security_bits; | 337 state->security_bits = ssl.security_bits; |
314 state->pkp_bypassed = ssl.pkp_bypassed; | 338 state->pkp_bypassed = ssl.pkp_bypassed; |
315 state->sct_verify_statuses.clear(); | 339 state->sct_verify_statuses.clear(); |
316 state->sct_verify_statuses.insert(state->sct_verify_statuses.begin(), | 340 state->sct_verify_statuses.insert(state->sct_verify_statuses.begin(), |
317 ssl.sct_statuses.begin(), | 341 ssl.sct_statuses.begin(), |
318 ssl.sct_statuses.end()); | 342 ssl.sct_statuses.end()); |
319 state->displayed_mixed_content = | 343 state->displayed_mixed_content = |
320 !!(ssl.content_status & content::SSLStatus::DISPLAYED_INSECURE_CONTENT); | 344 !!(ssl.content_status & content::SSLStatus::DISPLAYED_INSECURE_CONTENT); |
321 state->ran_mixed_content = | 345 state->ran_mixed_content = |
322 !!(ssl.content_status & content::SSLStatus::RAN_INSECURE_CONTENT); | 346 !!(ssl.content_status & content::SSLStatus::RAN_INSECURE_CONTENT); |
323 state->displayed_content_with_cert_errors = | 347 state->displayed_content_with_cert_errors = |
324 !!(ssl.content_status & | 348 !!(ssl.content_status & |
325 content::SSLStatus::DISPLAYED_CONTENT_WITH_CERT_ERRORS); | 349 content::SSLStatus::DISPLAYED_CONTENT_WITH_CERT_ERRORS); |
326 state->ran_content_with_cert_errors = | 350 state->ran_content_with_cert_errors = |
327 !!(ssl.content_status & content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS); | 351 !!(ssl.content_status & content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS); |
328 | 352 |
329 // Check to see whether the security state should be downgraded to reflect | 353 CheckSafeBrowsingStatus(entry, web_contents_, state); |
330 // a Safe Browsing verdict. | |
331 safe_browsing::SafeBrowsingService* sb_service = | |
332 g_browser_process->safe_browsing_service(); | |
333 if (!sb_service) | |
334 return; | |
335 scoped_refptr<SafeBrowsingUIManager> sb_ui_manager = sb_service->ui_manager(); | |
336 if (sb_ui_manager->IsUrlWhitelistedForWebContents(entry->GetURL(), false, | |
337 entry, web_contents_)) { | |
338 state->fails_malware_check = true; | |
339 state->initial_security_level = SecurityStateModel::SECURITY_ERROR; | |
340 } | |
341 } | 354 } |
OLD | NEW |