| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" | 5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" |
| 6 | 6 |
| 7 #include <vector> | 7 #include <vector> |
| 8 | 8 |
| 9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
| 10 #include "base/metrics/field_trial.h" | 10 #include "base/metrics/field_trial.h" |
| (...skipping 186 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 197 security_info.cert_id)); | 197 security_info.cert_id)); |
| 198 } else if (security_info.sha1_deprecation_status == | 198 } else if (security_info.sha1_deprecation_status == |
| 199 SecurityStateModel::DEPRECATED_SHA1_MINOR) { | 199 SecurityStateModel::DEPRECATED_SHA1_MINOR) { |
| 200 security_style_explanations->unauthenticated_explanations.push_back( | 200 security_style_explanations->unauthenticated_explanations.push_back( |
| 201 content::SecurityStyleExplanation( | 201 content::SecurityStyleExplanation( |
| 202 l10n_util::GetStringUTF8(IDS_MINOR_SHA1), | 202 l10n_util::GetStringUTF8(IDS_MINOR_SHA1), |
| 203 l10n_util::GetStringUTF8(IDS_MINOR_SHA1_DESCRIPTION), | 203 l10n_util::GetStringUTF8(IDS_MINOR_SHA1_DESCRIPTION), |
| 204 security_info.cert_id)); | 204 security_info.cert_id)); |
| 205 } | 205 } |
| 206 | 206 |
| 207 security_style_explanations->ran_insecure_content = | 207 // Record the presence of mixed content (HTTP subresources on an HTTPS |
| 208 // page). |
| 209 security_style_explanations->ran_mixed_content = |
| 208 security_info.mixed_content_status == | 210 security_info.mixed_content_status == |
| 209 SecurityStateModel::CONTENT_STATUS_RAN || | 211 SecurityStateModel::CONTENT_STATUS_RAN || |
| 210 security_info.mixed_content_status == | 212 security_info.mixed_content_status == |
| 211 SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN; | 213 SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN; |
| 212 security_style_explanations->displayed_insecure_content = | 214 security_style_explanations->displayed_mixed_content = |
| 213 security_info.mixed_content_status == | 215 security_info.mixed_content_status == |
| 214 SecurityStateModel::CONTENT_STATUS_DISPLAYED || | 216 SecurityStateModel::CONTENT_STATUS_DISPLAYED || |
| 215 security_info.mixed_content_status == | 217 security_info.mixed_content_status == |
| 216 SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN; | 218 SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN; |
| 217 | 219 |
| 218 if (net::IsCertStatusError(security_info.cert_status)) { | 220 bool is_cert_status_error = net::IsCertStatusError(security_info.cert_status); |
| 221 bool is_cert_status_minor_error = |
| 222 net::IsCertStatusMinorError(security_info.cert_status); |
| 223 |
| 224 // If the main resource was loaded no certificate errors or only minor |
| 225 // certificate errors, then record the presence of subresources with |
| 226 // certificate errors. Subresource certificate errors aren't recorded |
| 227 // when the main resource was loaded with major certificate errors |
| 228 // because, in the common case, these subresource certificate errors |
| 229 // would be duplicative with the main resource's error. |
| 230 if (!is_cert_status_error || is_cert_status_minor_error) { |
| 231 security_style_explanations->ran_content_with_cert_errors = |
| 232 security_info.content_with_cert_errors_status == |
| 233 SecurityStateModel::CONTENT_STATUS_RAN || |
| 234 security_info.content_with_cert_errors_status == |
| 235 SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN; |
| 236 security_style_explanations->displayed_content_with_cert_errors = |
| 237 security_info.content_with_cert_errors_status == |
| 238 SecurityStateModel::CONTENT_STATUS_DISPLAYED || |
| 239 security_info.content_with_cert_errors_status == |
| 240 SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN; |
| 241 } |
| 242 |
| 243 if (is_cert_status_error) { |
| 219 base::string16 error_string = base::UTF8ToUTF16(net::ErrorToString( | 244 base::string16 error_string = base::UTF8ToUTF16(net::ErrorToString( |
| 220 net::MapCertStatusToNetError(security_info.cert_status))); | 245 net::MapCertStatusToNetError(security_info.cert_status))); |
| 221 | 246 |
| 222 content::SecurityStyleExplanation explanation( | 247 content::SecurityStyleExplanation explanation( |
| 223 l10n_util::GetStringUTF8(IDS_CERTIFICATE_CHAIN_ERROR), | 248 l10n_util::GetStringUTF8(IDS_CERTIFICATE_CHAIN_ERROR), |
| 224 l10n_util::GetStringFUTF8( | 249 l10n_util::GetStringFUTF8( |
| 225 IDS_CERTIFICATE_CHAIN_ERROR_DESCRIPTION_FORMAT, error_string), | 250 IDS_CERTIFICATE_CHAIN_ERROR_DESCRIPTION_FORMAT, error_string), |
| 226 security_info.cert_id); | 251 security_info.cert_id); |
| 227 | 252 |
| 228 if (net::IsCertStatusMinorError(security_info.cert_status)) | 253 if (is_cert_status_minor_error) { |
| 229 security_style_explanations->unauthenticated_explanations.push_back( | 254 security_style_explanations->unauthenticated_explanations.push_back( |
| 230 explanation); | 255 explanation); |
| 231 else | 256 } else { |
| 232 security_style_explanations->broken_explanations.push_back(explanation); | 257 security_style_explanations->broken_explanations.push_back(explanation); |
| 258 } |
| 233 } else { | 259 } else { |
| 234 // If the certificate does not have errors and is not using | 260 // If the certificate does not have errors and is not using |
| 235 // deprecated SHA1, then add an explanation that the certificate is | 261 // deprecated SHA1, then add an explanation that the certificate is |
| 236 // valid. | 262 // valid. |
| 237 if (security_info.sha1_deprecation_status == | 263 if (security_info.sha1_deprecation_status == |
| 238 SecurityStateModel::NO_DEPRECATED_SHA1) { | 264 SecurityStateModel::NO_DEPRECATED_SHA1) { |
| 239 security_style_explanations->secure_explanations.push_back( | 265 security_style_explanations->secure_explanations.push_back( |
| 240 content::SecurityStyleExplanation( | 266 content::SecurityStyleExplanation( |
| 241 l10n_util::GetStringUTF8(IDS_VALID_SERVER_CERTIFICATE), | 267 l10n_util::GetStringUTF8(IDS_VALID_SERVER_CERTIFICATE), |
| 242 l10n_util::GetStringUTF8( | 268 l10n_util::GetStringUTF8( |
| (...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 315 state->displayed_mixed_content = | 341 state->displayed_mixed_content = |
| 316 !!(ssl.content_status & content::SSLStatus::DISPLAYED_INSECURE_CONTENT); | 342 !!(ssl.content_status & content::SSLStatus::DISPLAYED_INSECURE_CONTENT); |
| 317 state->ran_mixed_content = | 343 state->ran_mixed_content = |
| 318 !!(ssl.content_status & content::SSLStatus::RAN_INSECURE_CONTENT); | 344 !!(ssl.content_status & content::SSLStatus::RAN_INSECURE_CONTENT); |
| 319 state->displayed_content_with_cert_errors = | 345 state->displayed_content_with_cert_errors = |
| 320 !!(ssl.content_status & | 346 !!(ssl.content_status & |
| 321 content::SSLStatus::DISPLAYED_CONTENT_WITH_CERT_ERRORS); | 347 content::SSLStatus::DISPLAYED_CONTENT_WITH_CERT_ERRORS); |
| 322 state->ran_content_with_cert_errors = | 348 state->ran_content_with_cert_errors = |
| 323 !!(ssl.content_status & content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS); | 349 !!(ssl.content_status & content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS); |
| 324 } | 350 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2286553002:
DevTools security panel: explain subresources with cert errors separately (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master