Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(518)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/WebKit/Source/devtools/front_end/security/SecurityPanel.js

Issue 2286553002: DevTools security panel: explain subresources with cert errors separately (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: try to make comment more clear Created 4 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « third_party/WebKit/Source/devtools/front_end/security/SecurityModel.js ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 /** 5 /**
6 * @constructor 6 * @constructor
7 * @extends {WebInspector.PanelWithSidebar} 7 * @extends {WebInspector.PanelWithSidebar}
8 * @implements {WebInspector.TargetManager.Observer} 8 * @implements {WebInspector.TargetManager.Observer}
9 */ 9 */
10 WebInspector.SecurityPanel = function() 10 WebInspector.SecurityPanel = function()
(...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after
56 * @param {!SecurityAgent.SecurityState} securityState 56 * @param {!SecurityAgent.SecurityState} securityState
57 */ 57 */
58 setDisplayedInsecureContentStyle: function(securityState) 58 setDisplayedInsecureContentStyle: function(securityState)
59 { 59 {
60 this._displayedInsecureContentStyle = securityState; 60 this._displayedInsecureContentStyle = securityState;
61 }, 61 },
62 62
63 /** 63 /**
64 * @param {!SecurityAgent.SecurityState} newSecurityState 64 * @param {!SecurityAgent.SecurityState} newSecurityState
65 * @param {!Array<!SecurityAgent.SecurityStateExplanation>} explanations 65 * @param {!Array<!SecurityAgent.SecurityStateExplanation>} explanations
66 * @param {?SecurityAgent.MixedContentStatus} mixedContentStatus 66 * @param {?SecurityAgent.InsecureContentStatus} insecureContentStatus
67 * @param {boolean} schemeIsCryptographic 67 * @param {boolean} schemeIsCryptographic
68 */ 68 */
69 _updateSecurityState: function(newSecurityState, explanations, mixedContentS tatus, schemeIsCryptographic) 69 _updateSecurityState: function(newSecurityState, explanations, insecureConte ntStatus, schemeIsCryptographic)
70 { 70 {
71 this._sidebarMainViewElement.setSecurityState(newSecurityState); 71 this._sidebarMainViewElement.setSecurityState(newSecurityState);
72 this._mainView.updateSecurityState(newSecurityState, explanations, mixed ContentStatus, schemeIsCryptographic); 72 this._mainView.updateSecurityState(newSecurityState, explanations, insec ureContentStatus, schemeIsCryptographic);
73 }, 73 },
74 74
75 /** 75 /**
76 * @param {!WebInspector.Event} event 76 * @param {!WebInspector.Event} event
77 */ 77 */
78 _onSecurityStateChanged: function(event) 78 _onSecurityStateChanged: function(event)
79 { 79 {
80 var data = /** @type {!WebInspector.PageSecurityState} */ (event.data); 80 var data = /** @type {!WebInspector.PageSecurityState} */ (event.data);
81 var securityState = /** @type {!SecurityAgent.SecurityState} */ (data.se curityState); 81 var securityState = /** @type {!SecurityAgent.SecurityState} */ (data.se curityState);
82 var explanations = /** @type {!Array<!SecurityAgent.SecurityStateExplana tion>} */ (data.explanations); 82 var explanations = /** @type {!Array<!SecurityAgent.SecurityStateExplana tion>} */ (data.explanations);
83 var mixedContentStatus = /** @type {?SecurityAgent.MixedContentStatus} * / (data.mixedContentStatus); 83 var insecureContentStatus = /** @type {?SecurityAgent.InsecureContentSta tus} */ (data.insecureContentStatus);
84 var schemeIsCryptographic = /** @type {boolean} */ (data.schemeIsCryptog raphic); 84 var schemeIsCryptographic = /** @type {boolean} */ (data.schemeIsCryptog raphic);
85 this._updateSecurityState(securityState, explanations, mixedContentStatu s, schemeIsCryptographic); 85 this._updateSecurityState(securityState, explanations, insecureContentSt atus, schemeIsCryptographic);
86 }, 86 },
87 87
88 selectAndSwitchToMainView: function() 88 selectAndSwitchToMainView: function()
89 { 89 {
90 // The sidebar element will trigger displaying the main view. Rather tha n making a redundant call to display the main view, we rely on this. 90 // The sidebar element will trigger displaying the main view. Rather tha n making a redundant call to display the main view, we rely on this.
91 this._sidebarMainViewElement.select(); 91 this._sidebarMainViewElement.select();
92 }, 92 },
93 /** 93 /**
94 * @param {!WebInspector.SecurityPanel.Origin} origin 94 * @param {!WebInspector.SecurityPanel.Origin} origin
95 */ 95 */
(...skipping 505 matching lines...) Expand 10 before | Expand all | Expand 10 after
601 if (explanation.certificateId) { 601 if (explanation.certificateId) {
602 text.appendChild(WebInspector.SecurityPanel.createCertificateViewerB utton(WebInspector.UIString("View certificate"), explanation.certificateId)); 602 text.appendChild(WebInspector.SecurityPanel.createCertificateViewerB utton(WebInspector.UIString("View certificate"), explanation.certificateId));
603 } 603 }
604 604
605 return text; 605 return text;
606 }, 606 },
607 607
608 /** 608 /**
609 * @param {!SecurityAgent.SecurityState} newSecurityState 609 * @param {!SecurityAgent.SecurityState} newSecurityState
610 * @param {!Array<!SecurityAgent.SecurityStateExplanation>} explanations 610 * @param {!Array<!SecurityAgent.SecurityStateExplanation>} explanations
611 * @param {?SecurityAgent.MixedContentStatus} mixedContentStatus 611 * @param {?SecurityAgent.InsecureContentStatus} insecureContentStatus
612 * @param {boolean} schemeIsCryptographic 612 * @param {boolean} schemeIsCryptographic
613 */ 613 */
614 updateSecurityState: function(newSecurityState, explanations, mixedContentSt atus, schemeIsCryptographic) 614 updateSecurityState: function(newSecurityState, explanations, insecureConten tStatus, schemeIsCryptographic)
615 { 615 {
616 // Remove old state. 616 // Remove old state.
617 // It's safe to call this even when this._securityState is undefined. 617 // It's safe to call this even when this._securityState is undefined.
618 this._summarySection.classList.remove("security-summary-" + this._securi tyState); 618 this._summarySection.classList.remove("security-summary-" + this._securi tyState);
619 619
620 // Add new state. 620 // Add new state.
621 this._securityState = newSecurityState; 621 this._securityState = newSecurityState;
622 this._summarySection.classList.add("security-summary-" + this._securityS tate); 622 this._summarySection.classList.add("security-summary-" + this._securityS tate);
623 var summaryExplanationStrings = { 623 var summaryExplanationStrings = {
624 "unknown": WebInspector.UIString("The security of this page is unkn own."), 624 "unknown": WebInspector.UIString("The security of this page is unkn own."),
625 "insecure": WebInspector.UIString("This page is insecure (broken HTT PS)."), 625 "insecure": WebInspector.UIString("This page is insecure (broken HTT PS)."),
626 "neutral": WebInspector.UIString("This page is not secure."), 626 "neutral": WebInspector.UIString("This page is not secure."),
627 "secure": WebInspector.UIString("This page is secure (valid HTTPS) .") 627 "secure": WebInspector.UIString("This page is secure (valid HTTPS) .")
628 } 628 }
629 this._summaryText.textContent = summaryExplanationStrings[this._security State]; 629 this._summaryText.textContent = summaryExplanationStrings[this._security State];
630 630
631 this._explanations = explanations, 631 this._explanations = explanations,
632 this._mixedContentStatus = mixedContentStatus; 632 this._insecureContentStatus = insecureContentStatus;
633 this._schemeIsCryptographic = schemeIsCryptographic; 633 this._schemeIsCryptographic = schemeIsCryptographic;
634 634
635 this._panel.setRanInsecureContentStyle(mixedContentStatus.ranInsecureCon tentStyle); 635 this._panel.setRanInsecureContentStyle(insecureContentStatus.ranInsecure ContentStyle);
636 this._panel.setDisplayedInsecureContentStyle(mixedContentStatus.displaye dInsecureContentStyle); 636 this._panel.setDisplayedInsecureContentStyle(insecureContentStatus.displ ayedInsecureContentStyle);
637 637
638 this.refreshExplanations(); 638 this.refreshExplanations();
639 }, 639 },
640 640
641 refreshExplanations: function() 641 refreshExplanations: function()
642 { 642 {
643 this._securityExplanationsMain.removeChildren(); 643 this._securityExplanationsMain.removeChildren();
644 this._securityExplanationsExtra.removeChildren(); 644 this._securityExplanationsExtra.removeChildren();
645 for (var explanation of this._explanations) { 645 for (var explanation of this._explanations) {
646 if (explanation.securityState === SecurityAgent.SecurityState.Info) { 646 if (explanation.securityState === SecurityAgent.SecurityState.Info) {
647 this._addExplanation(this._securityExplanationsExtra, explanatio n); 647 this._addExplanation(this._securityExplanationsExtra, explanatio n);
648 } else { 648 } else {
649 this._addExplanation(this._securityExplanationsMain, explanation ); 649 this._addExplanation(this._securityExplanationsMain, explanation );
650 } 650 }
651 } 651 }
652 652
653 this._addMixedContentExplanations(); 653 this._addMixedContentExplanations();
654 this._addContentWithCertErrorsExplanations();
655
656 // If all resources were served securely, add a Secure explanation.
657 if (this._schemeIsCryptographic && this._insecureContentStatus && (!this ._insecureContentStatus.displayedMixedContent && !this._insecureContentStatus.ra nMixedContent && !this._insecureContentStatus.displayedContentWithCertErrors && !this._insecureContentStatus.ranContentWithCertErrors)) {
658 this._addExplanation(this._securityExplanationsMain, /** @type {!Sec urityAgent.SecurityStateExplanation} */ ({
659 "securityState": SecurityAgent.SecurityState.Secure,
660 "summary": WebInspector.UIString("Secure Resources"),
661 "description": WebInspector.UIString("All resources on this page are served securely.")
662 }));
663 }
654 }, 664 },
655 665
656 _addMixedContentExplanations: function() 666 _addMixedContentExplanations: function()
657 { 667 {
658 if (!this._schemeIsCryptographic) 668 if (!this._schemeIsCryptographic)
659 return; 669 return;
660 670
661 if (this._mixedContentStatus && (this._mixedContentStatus.ranInsecureCon tent || this._mixedContentStatus.displayedInsecureContent)) { 671 if (this._insecureContentStatus && (this._insecureContentStatus.ranMixed Content || this._insecureContentStatus.displayedMixedContent)) {
662 if (this._mixedContentStatus.ranInsecureContent) 672 if (this._insecureContentStatus.ranMixedContent)
663 this._addMixedContentExplanation(this._securityExplanationsMain, this._mixedContentStatus.ranInsecureContentStyle, WebInspector.UIString("Active Mixed Content"), WebInspector.UIString("You have recently allowed insecure cont ent (such as scripts or iframes) to run on this site."), WebInspector.NetworkLog View.MixedContentFilterValues.BlockOverridden, showBlockOverriddenMixedContentIn NetworkPanel); 673 this._addMixedContentExplanation(this._securityExplanationsMain, this._insecureContentStatus.ranInsecureContentStyle, WebInspector.UIString("Act ive Mixed Content"), WebInspector.UIString("You have recently allowed insecure c ontent (such as scripts or iframes) to run on this site."), WebInspector.Network LogView.MixedContentFilterValues.BlockOverridden, showBlockOverriddenMixedConten tInNetworkPanel);
664 if (this._mixedContentStatus.displayedInsecureContent) 674 if (this._insecureContentStatus.displayedMixedContent)
665 this._addMixedContentExplanation(this._securityExplanationsMain, this._mixedContentStatus.displayedInsecureContentStyle, WebInspector.UIString(" Mixed Content"), WebInspector.UIString("The site includes HTTP resources."), Web Inspector.NetworkLogView.MixedContentFilterValues.Displayed, showDisplayedMixedC ontentInNetworkPanel); 675 this._addMixedContentExplanation(this._securityExplanationsMain, this._insecureContentStatus.displayedInsecureContentStyle, WebInspector.UIStrin g("Mixed Content"), WebInspector.UIString("The site includes HTTP resources."), WebInspector.NetworkLogView.MixedContentFilterValues.Displayed, showDisplayedMix edContentInNetworkPanel);
666 }
667
668 if (this._mixedContentStatus && (!this._mixedContentStatus.displayedInse cureContent && !this._mixedContentStatus.ranInsecureContent)) {
669 this._addExplanation(this._securityExplanationsMain, /** @type {!Sec urityAgent.SecurityStateExplanation} */ ({
670 "securityState": SecurityAgent.SecurityState.Secure,
671 "summary": WebInspector.UIString("Secure Resources"),
672 "description": WebInspector.UIString("All resources on this page are served securely.")
673 }));
674 } 676 }
675 677
676 if (this._panel.filterRequestCount(WebInspector.NetworkLogView.MixedCont entFilterValues.Blocked) > 0) 678 if (this._panel.filterRequestCount(WebInspector.NetworkLogView.MixedCont entFilterValues.Blocked) > 0)
677 this._addMixedContentExplanation(this._securityExplanationsExtra, Se curityAgent.SecurityState.Info, WebInspector.UIString("Blocked mixed content"), WebInspector.UIString("Your page requested insecure resources that were blocked. "), WebInspector.NetworkLogView.MixedContentFilterValues.Blocked, showBlockedMix edContentInNetworkPanel); 679 this._addMixedContentExplanation(this._securityExplanationsExtra, Se curityAgent.SecurityState.Info, WebInspector.UIString("Blocked mixed content"), WebInspector.UIString("Your page requested insecure resources that were blocked. "), WebInspector.NetworkLogView.MixedContentFilterValues.Blocked, showBlockedMix edContentInNetworkPanel);
678 680
679 /** 681 /**
680 * @param {!Event} e 682 * @param {!Event} e
681 */ 683 */
682 function showDisplayedMixedContentInNetworkPanel(e) 684 function showDisplayedMixedContentInNetworkPanel(e)
683 { 685 {
(...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after
740 if (filterRequestCount > 0) { 742 if (filterRequestCount > 0) {
741 requestsAnchor.textContent = WebInspector.UIString("View %d request% s in Network Panel", filterRequestCount, (filterRequestCount > 1 ? "s" : "")); 743 requestsAnchor.textContent = WebInspector.UIString("View %d request% s in Network Panel", filterRequestCount, (filterRequestCount > 1 ? "s" : ""));
742 } else { 744 } else {
743 // Network instrumentation might not have been enabled for the page load, so the security panel does not necessarily know a count of individual mixe d requests at this point. Point the user at the Network Panel which prompts them to refresh. 745 // Network instrumentation might not have been enabled for the page load, so the security panel does not necessarily know a count of individual mixe d requests at this point. Point the user at the Network Panel which prompts them to refresh.
744 requestsAnchor.textContent = WebInspector.UIString("View requests in Network Panel"); 746 requestsAnchor.textContent = WebInspector.UIString("View requests in Network Panel");
745 } 747 }
746 requestsAnchor.href = ""; 748 requestsAnchor.href = "";
747 requestsAnchor.addEventListener("click", networkFilterFn); 749 requestsAnchor.addEventListener("click", networkFilterFn);
748 }, 750 },
749 751
752 _addContentWithCertErrorsExplanations: function()
753 {
754 if (!this._schemeIsCryptographic)
755 return;
756
757 if (!this._insecureContentStatus)
758 return;
759
760 if (this._insecureContentStatus.ranContentWithCertErrors) {
761 this._addExplanation(this._securityExplanationsMain, /** @type {!Sec urityAgent.SecurityStateExplanation} */ ({
762 "securityState": this._insecureContentStatus.ranInsecureContentS tyle,
763 "summary": WebInspector.UIString("Active content with certificat e errors"),
764 "description": WebInspector.UIString("You have recently allowed content loaded with certificate errors (such as scripts or iframes) to run on th is site.")
765 }));
766 }
767
768 if (this._insecureContentStatus.displayedContentWithCertErrors) {
769 this._addExplanation(this._securityExplanationsMain, /** @type {!Sec urityAgent.SecurityStateExplanation} */ ({
770 "securityState": this._insecureContentStatus.displayedInsecureCo ntentStyle,
771 "summary": WebInspector.UIString("Content with certificate error s"),
772 "description": WebInspector.UIString("This site includes resourc es that were loaded with certificate errors.")
773 }));
774 }
775 },
776
777
750 __proto__: WebInspector.VBox.prototype 778 __proto__: WebInspector.VBox.prototype
751 } 779 }
752 780
753 /** 781 /**
754 * @constructor 782 * @constructor
755 * @extends {WebInspector.VBox} 783 * @extends {WebInspector.VBox}
756 * @param {!WebInspector.SecurityPanel} panel 784 * @param {!WebInspector.SecurityPanel} panel
757 * @param {!WebInspector.SecurityPanel.Origin} origin 785 * @param {!WebInspector.SecurityPanel.Origin} origin
758 * @param {!WebInspector.SecurityPanel.OriginState} originState 786 * @param {!WebInspector.SecurityPanel.OriginState} originState
759 */ 787 */
(...skipping 228 matching lines...) Expand 10 before | Expand all | Expand 10 after
988 row.createChild("div").textContent = key; 1016 row.createChild("div").textContent = key;
989 1017
990 var valueDiv = row.createChild("div"); 1018 var valueDiv = row.createChild("div");
991 if (typeof value === "string") { 1019 if (typeof value === "string") {
992 valueDiv.textContent = value; 1020 valueDiv.textContent = value;
993 } else { 1021 } else {
994 valueDiv.appendChild(value); 1022 valueDiv.appendChild(value);
995 } 1023 }
996 } 1024 }
997 } 1025 }
OLDNEW
« no previous file with comments | « third_party/WebKit/Source/devtools/front_end/security/SecurityModel.js ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698