| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef CONTENT_BROWSER_SSL_SSL_POLICY_H_ | |
| 6 #define CONTENT_BROWSER_SSL_SSL_POLICY_H_ | |
| 7 | |
| 8 #include <string> | |
| 9 | |
| 10 #include "base/macros.h" | |
| 11 #include "base/memory/ref_counted.h" | |
| 12 #include "content/common/content_export.h" | |
| 13 #include "content/public/browser/certificate_request_result_type.h" | |
| 14 #include "content/public/common/resource_type.h" | |
| 15 #include "net/cert/cert_status_flags.h" | |
| 16 | |
| 17 class GURL; | |
| 18 | |
| 19 namespace content { | |
| 20 class NavigationEntryImpl; | |
| 21 class SSLErrorHandler; | |
| 22 class SSLPolicyBackend; | |
| 23 class WebContents; | |
| 24 | |
| 25 // SSLPolicy | |
| 26 // | |
| 27 // This class is responsible for making the security decisions that concern the | |
| 28 // SSL trust indicators. It relies on the SSLPolicyBackend to actually enact | |
| 29 // the decisions it reaches. | |
| 30 // | |
| 31 class CONTENT_EXPORT SSLPolicy { | |
| 32 public: | |
| 33 explicit SSLPolicy(SSLPolicyBackend* backend); | |
| 34 | |
| 35 // An error occurred with the certificate in an SSL connection. | |
| 36 void OnCertError(std::unique_ptr<SSLErrorHandler> handler); | |
| 37 | |
| 38 void DidRunInsecureContent(NavigationEntryImpl* entry, | |
| 39 const GURL& security_origin); | |
| 40 | |
| 41 void DidRunContentWithCertErrors(NavigationEntryImpl* entry, | |
| 42 const GURL& security_origin); | |
| 43 | |
| 44 // We have started a resource request for |url| and if it has a certificate | |
| 45 // and |cert_status|. | |
| 46 void OnRequestStarted(const GURL& url, | |
| 47 bool has_certificate, | |
| 48 net::CertStatus cert_status); | |
| 49 | |
| 50 // Update the SSL information in |entry| to match the current state. | |
| 51 // |web_contents| is the WebContents associated with this entry. | |
| 52 void UpdateEntry(NavigationEntryImpl* entry, WebContents* web_contents); | |
| 53 | |
| 54 SSLPolicyBackend* backend() const { return backend_; } | |
| 55 | |
| 56 private: | |
| 57 enum OnCertErrorInternalOptionsMask { | |
| 58 OVERRIDABLE = 1 << 0, | |
| 59 STRICT_ENFORCEMENT = 1 << 1, | |
| 60 EXPIRED_PREVIOUS_DECISION = 1 << 2 | |
| 61 }; | |
| 62 | |
| 63 // Helper method for derived classes handling certificate errors. | |
| 64 // | |
| 65 // Options should be a bitmask combination of OnCertErrorInternalOptionsMask. | |
| 66 // OVERRIDABLE indicates whether or not the user could (assuming perfect | |
| 67 // knowledge) successfully override the error and still get the security | |
| 68 // guarantees of TLS. STRICT_ENFORCEMENT indicates whether or not the site the | |
| 69 // user is trying to connect to has requested strict enforcement of | |
| 70 // certificate validation (e.g. with HTTP Strict-Transport-Security). | |
| 71 // EXPIRED_PREVIOUS_DECISION indicates whether a user decision had been | |
| 72 // previously made but the decision has expired. | |
| 73 void OnCertErrorInternal(std::unique_ptr<SSLErrorHandler> handler, | |
| 74 int options_mask); | |
| 75 | |
| 76 // If the security style of |entry| has not been initialized, then initialize | |
| 77 // it with the default style for its URL. | |
| 78 void InitializeEntryIfNeeded(NavigationEntryImpl* entry); | |
| 79 | |
| 80 // The backend we use to enact our decisions. | |
| 81 SSLPolicyBackend* backend_; | |
| 82 | |
| 83 DISALLOW_COPY_AND_ASSIGN(SSLPolicy); | |
| 84 }; | |
| 85 | |
| 86 } // namespace content | |
| 87 | |
| 88 #endif // CONTENT_BROWSER_SSL_SSL_POLICY_H_ | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2395663002:
Collapse SSLPolicy/SSLPolicyBackend into SSLManager (Closed)
