OLD | NEW |
---|---|
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" | 5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" |
6 | 6 |
7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
8 #include "base/metrics/field_trial.h" | 8 #include "base/metrics/field_trial.h" |
9 #include "base/metrics/histogram_macros.h" | 9 #include "base/metrics/histogram_macros.h" |
10 #include "base/strings/utf_string_conversions.h" | 10 #include "base/strings/utf_string_conversions.h" |
(...skipping 63 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
74 case SecurityStateModel::SECURE: | 74 case SecurityStateModel::SECURE: |
75 return content::SECURITY_STYLE_AUTHENTICATED; | 75 return content::SECURITY_STYLE_AUTHENTICATED; |
76 case SecurityStateModel::SECURITY_ERROR: | 76 case SecurityStateModel::SECURITY_ERROR: |
77 return content::SECURITY_STYLE_AUTHENTICATION_BROKEN; | 77 return content::SECURITY_STYLE_AUTHENTICATION_BROKEN; |
78 } | 78 } |
79 | 79 |
80 NOTREACHED(); | 80 NOTREACHED(); |
81 return content::SECURITY_STYLE_UNKNOWN; | 81 return content::SECURITY_STYLE_UNKNOWN; |
82 } | 82 } |
83 | 83 |
84 // Check to see whether the security state should be downgraded to reflect | |
85 // a Safe Browsing verdict. | |
86 void CheckSafeBrowsingStatus(content::NavigationEntry* entry, | |
87 content::WebContents* web_contents, | |
88 SecurityStateModel::VisibleSecurityState* state) { | |
89 safe_browsing::SafeBrowsingService* sb_service = | |
90 g_browser_process->safe_browsing_service(); | |
91 if (!sb_service) | |
92 return; | |
93 scoped_refptr<SafeBrowsingUIManager> sb_ui_manager = sb_service->ui_manager(); | |
94 if (sb_ui_manager->IsUrlWhitelistedOrPendingForWebContents( | |
95 entry->GetURL(), false, entry, web_contents, false)) { | |
96 state->fails_malware_check = true; | |
97 state->initial_security_level = SecurityStateModel::SECURITY_ERROR; | |
98 } | |
99 } | |
100 | |
84 } // namespace | 101 } // namespace |
85 | 102 |
86 ChromeSecurityStateModelClient::ChromeSecurityStateModelClient( | 103 ChromeSecurityStateModelClient::ChromeSecurityStateModelClient( |
87 content::WebContents* web_contents) | 104 content::WebContents* web_contents) |
88 : web_contents_(web_contents), | 105 : web_contents_(web_contents), |
89 security_state_model_(new SecurityStateModel()) { | 106 security_state_model_(new SecurityStateModel()) { |
90 security_state_model_->SetClient(this); | 107 security_state_model_->SetClient(this); |
91 } | 108 } |
92 | 109 |
93 ChromeSecurityStateModelClient::~ChromeSecurityStateModelClient() {} | 110 ChromeSecurityStateModelClient::~ChromeSecurityStateModelClient() {} |
(...skipping 128 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
222 } | 239 } |
223 | 240 |
224 bool ChromeSecurityStateModelClient::IsOriginSecure(const GURL& url) { | 241 bool ChromeSecurityStateModelClient::IsOriginSecure(const GURL& url) { |
225 return content::IsOriginSecure(url); | 242 return content::IsOriginSecure(url); |
226 } | 243 } |
227 | 244 |
228 void ChromeSecurityStateModelClient::GetVisibleSecurityState( | 245 void ChromeSecurityStateModelClient::GetVisibleSecurityState( |
229 SecurityStateModel::VisibleSecurityState* state) { | 246 SecurityStateModel::VisibleSecurityState* state) { |
230 content::NavigationEntry* entry = | 247 content::NavigationEntry* entry = |
231 web_contents_->GetController().GetVisibleEntry(); | 248 web_contents_->GetController().GetVisibleEntry(); |
232 if (!entry || | 249 if (!entry) { |
233 entry->GetSSL().security_style == content::SECURITY_STYLE_UNKNOWN) { | |
234 *state = SecurityStateModel::VisibleSecurityState(); | 250 *state = SecurityStateModel::VisibleSecurityState(); |
235 return; | 251 return; |
236 } | 252 } |
237 | 253 |
254 if (entry->GetSSL().security_style == content::SECURITY_STYLE_UNKNOWN) { | |
estark
2016/08/25 06:54:06
nit: could you add a comment around here along the
felt
2016/08/25 15:17:27
Done.
| |
255 *state = SecurityStateModel::VisibleSecurityState(); | |
256 CheckSafeBrowsingStatus(entry, web_contents_, state); | |
257 return; | |
258 } | |
259 | |
238 state->connection_info_initialized = true; | 260 state->connection_info_initialized = true; |
239 state->url = entry->GetURL(); | 261 state->url = entry->GetURL(); |
240 const content::SSLStatus& ssl = entry->GetSSL(); | 262 const content::SSLStatus& ssl = entry->GetSSL(); |
241 state->initial_security_level = | 263 state->initial_security_level = |
242 GetSecurityLevelForSecurityStyle(ssl.security_style); | 264 GetSecurityLevelForSecurityStyle(ssl.security_style); |
243 state->cert_id = ssl.cert_id; | 265 state->cert_id = ssl.cert_id; |
244 state->cert_status = ssl.cert_status; | 266 state->cert_status = ssl.cert_status; |
245 state->connection_status = ssl.connection_status; | 267 state->connection_status = ssl.connection_status; |
246 state->security_bits = ssl.security_bits; | 268 state->security_bits = ssl.security_bits; |
247 state->pkp_bypassed = ssl.pkp_bypassed; | 269 state->pkp_bypassed = ssl.pkp_bypassed; |
248 state->sct_verify_statuses.clear(); | 270 state->sct_verify_statuses.clear(); |
249 state->sct_verify_statuses.insert(state->sct_verify_statuses.begin(), | 271 state->sct_verify_statuses.insert(state->sct_verify_statuses.begin(), |
250 ssl.sct_statuses.begin(), | 272 ssl.sct_statuses.begin(), |
251 ssl.sct_statuses.end()); | 273 ssl.sct_statuses.end()); |
252 state->displayed_mixed_content = | 274 state->displayed_mixed_content = |
253 !!(ssl.content_status & content::SSLStatus::DISPLAYED_INSECURE_CONTENT); | 275 !!(ssl.content_status & content::SSLStatus::DISPLAYED_INSECURE_CONTENT); |
254 state->ran_mixed_content = | 276 state->ran_mixed_content = |
255 !!(ssl.content_status & content::SSLStatus::RAN_INSECURE_CONTENT); | 277 !!(ssl.content_status & content::SSLStatus::RAN_INSECURE_CONTENT); |
256 state->displayed_content_with_cert_errors = | 278 state->displayed_content_with_cert_errors = |
257 !!(ssl.content_status & | 279 !!(ssl.content_status & |
258 content::SSLStatus::DISPLAYED_CONTENT_WITH_CERT_ERRORS); | 280 content::SSLStatus::DISPLAYED_CONTENT_WITH_CERT_ERRORS); |
259 state->ran_content_with_cert_errors = | 281 state->ran_content_with_cert_errors = |
260 !!(ssl.content_status & content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS); | 282 !!(ssl.content_status & content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS); |
261 | 283 |
262 // Check to see whether the security state should be downgraded to reflect | 284 CheckSafeBrowsingStatus(entry, web_contents_, state); |
263 // a Safe Browsing verdict. | |
264 safe_browsing::SafeBrowsingService* sb_service = | |
265 g_browser_process->safe_browsing_service(); | |
266 if (!sb_service) | |
267 return; | |
268 scoped_refptr<SafeBrowsingUIManager> sb_ui_manager = sb_service->ui_manager(); | |
269 if (sb_ui_manager->IsUrlWhitelistedForWebContents(entry->GetURL(), false, | |
270 entry, web_contents_)) { | |
271 state->fails_malware_check = true; | |
272 state->initial_security_level = SecurityStateModel::SECURITY_ERROR; | |
273 } | |
274 } | 285 } |
OLD | NEW |