Chromium Code Reviews Chromium Code Reviews
Issue 2395663002:
Collapse SSLPolicy/SSLPolicyBackend into SSLManager (Closed)
| Index: content/browser/ssl/ssl_manager.h |
| diff --git a/content/browser/ssl/ssl_manager.h b/content/browser/ssl/ssl_manager.h |
| index 493d0bad6393fad7bc547aa3de099d0d16180ab3..6c6f1306ae3e38c540ed8cf4048a0be504aa3eef 100644 |
| --- a/content/browser/ssl/ssl_manager.h |
| +++ b/content/browser/ssl/ssl_manager.h |
| @@ -11,7 +11,6 @@ |
| #include "base/macros.h" |
| #include "base/memory/weak_ptr.h" |
| #include "content/browser/ssl/ssl_error_handler.h" |
| -#include "content/browser/ssl/ssl_policy_backend.h" |
| #include "content/common/content_export.h" |
| #include "content/public/browser/global_request_id.h" |
| #include "net/base/net_errors.h" |
| @@ -26,19 +25,16 @@ namespace content { |
| class BrowserContext; |
| class NavigationEntryImpl; |
| class NavigationControllerImpl; |
| -class SSLPolicy; |
| +class SSLHostStateDelegate; |
| struct LoadCommittedDetails; |
| -struct ResourceRedirectDetails; |
| -struct ResourceRequestDetails; |
| -// The SSLManager SSLManager controls the SSL UI elements in a WebContents. It |
| +// The SSLManager controls the SSL UI elements in a WebContents. It |
|
jam
2016/10/05 16:36:02
nit: extra space after SSLManager
estark
2016/10/05 16:53:04
Done.
|
| // listens for various events that influence when these elements should or |
| // should not be displayed and adjusts them accordingly. |
| // |
| // There is one SSLManager per tab. |
| // The security state (secure/insecure) is stored in the navigation entry. |
| // Along with it are stored any SSL error code and the associated cert. |
| - |
| class CONTENT_EXPORT SSLManager { |
| public: |
| // Entry point for SSLCertificateErrors. This function begins the process |
| @@ -70,20 +66,17 @@ class CONTENT_EXPORT SSLManager { |
| static void NotifySSLInternalStateChanged(BrowserContext* context); |
| // Construct an SSLManager for the specified tab. |
| - // If |delegate| is NULL, SSLPolicy::GetDefaultPolicy() is used. |
| explicit SSLManager(NavigationControllerImpl* controller); |
| virtual ~SSLManager(); |
| - SSLPolicy* policy() { return policy_.get(); } |
| - SSLPolicyBackend* backend() { return &backend_; } |
| - |
| // The navigation controller associated with this SSLManager. The |
| // NavigationController is guaranteed to outlive the SSLManager. |
| NavigationControllerImpl* controller() { return controller_; } |
| void DidCommitProvisionalLoad(const LoadCommittedDetails& details); |
| - void DidStartResourceResponse(const ResourceRequestDetails& details); |
| - void DidReceiveResourceRedirect(const ResourceRedirectDetails& details); |
| + void DidStartResourceResponse(const GURL& url, |
| + bool has_certificate, |
| + net::CertStatus ssl_cert_status); |
| // Entry point for insecure mixed content (loaded over HTTP). |
| void DidRunInsecureContent(const GURL& security_origin); |
| @@ -91,7 +84,29 @@ class CONTENT_EXPORT SSLManager { |
| // Entry point for content loaded with HTTPS certificate errors. |
| void DidRunContentWithCertErrors(const GURL& security_origin); |
| + // An error occurred with the certificate in an SSL connection. |
| + void OnCertError(std::unique_ptr<SSLErrorHandler> handler); |
| + |
| private: |
| + enum OnCertErrorInternalOptionsMask { |
| + OVERRIDABLE = 1 << 0, |
| + STRICT_ENFORCEMENT = 1 << 1, |
| + EXPIRED_PREVIOUS_DECISION = 1 << 2 |
| + }; |
| + |
| + // Helper method for handling certificate errors. |
| + // |
| + // Options should be a bitmask combination of OnCertErrorInternalOptionsMask. |
| + // OVERRIDABLE indicates whether or not the user could (assuming perfect |
| + // knowledge) successfully override the error and still get the security |
| + // guarantees of TLS. STRICT_ENFORCEMENT indicates whether or not the site the |
| + // user is trying to connect to has requested strict enforcement of |
| + // certificate validation (e.g. with HTTP Strict-Transport-Security). |
| + // EXPIRED_PREVIOUS_DECISION indicates whether a user decision had been |
| + // previously made but the decision has expired. |
| + void OnCertErrorInternal(std::unique_ptr<SSLErrorHandler> handler, |
| + int options_mask); |
| + |
| // Updates the NavigationEntry with our current state. This will |
| // notify the WebContents of an SSL state change if a change was |
| // actually made. |
| @@ -100,16 +115,13 @@ class CONTENT_EXPORT SSLManager { |
| // Notifies the WebContents that the SSL state changed. |
| void NotifyDidChangeVisibleSSLState(); |
| - // The backend for the SSLPolicy to actuate its decisions. |
| - SSLPolicyBackend backend_; |
| - |
| - // The SSLPolicy instance for this manager. |
| - std::unique_ptr<SSLPolicy> policy_; |
| - |
| // The NavigationController that owns this SSLManager. We are responsible |
| // for the security UI of this tab. |
| NavigationControllerImpl* controller_; |
| + // Delegate that manages SSL state specific to each host. |
| + SSLHostStateDelegate* ssl_host_state_delegate_; |
| + |
| DISALLOW_COPY_AND_ASSIGN(SSLManager); |
| }; |
