Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(420)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: components/security_state/security_state_model.cc

Issue 2400673003: Remove SSLStatus::security_style member and content::SecurityStyle (Closed)
Patch Set: Created 4 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« components/security_state/security_state_model.h ('K') | « components/security_state/security_state_model.h ('k') | components/security_state/security_state_model_client.h » ('j') | content/child/web_url_loader_impl.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: components/security_state/security_state_model.cc
diff --git a/components/security_state/security_state_model.cc b/components/security_state/security_state_model.cc
index 6239186adb55f7bb1ac73a4cdb58ecfab8ed1706..fad19e0708d2d163dc2ccac877adb8dacf0929a2 100644
--- a/components/security_state/security_state_model.cc
+++ b/components/security_state/security_state_model.cc
@@ -87,9 +87,8 @@ SecurityStateModel::SecurityLevel GetSecurityLevelForNonSecureFieldTrial(
}
SecurityStateModel::SHA1DeprecationStatus GetSHA1DeprecationStatus(
- scoped_refptr<net::X509Certificate> cert,
const SecurityStateModel::VisibleSecurityState& visible_security_state) {
- if (!cert ||
+ if (!visible_security_state.certificate ||
!(visible_security_state.cert_status &
net::CERT_STATUS_SHA1_SIGNATURE_PRESENT))
return SecurityStateModel::NO_DEPRECATED_SHA1;
@@ -97,10 +96,12 @@ SecurityStateModel::SHA1DeprecationStatus GetSHA1DeprecationStatus(
// The internal representation of the dates for UI treatment of SHA-1.
// See http://crbug.com/401365 for details.
static const int64_t kJanuary2017 = INT64_C(13127702400000000);
- if (cert->valid_expiry() >= base::Time::FromInternalValue(kJanuary2017))
+ if (visible_security_state.certificate->valid_expiry() >=
+ base::Time::FromInternalValue(kJanuary2017))
return SecurityStateModel::DEPRECATED_SHA1_MAJOR;
static const int64_t kJanuary2016 = INT64_C(13096080000000000);
- if (cert->valid_expiry() >= base::Time::FromInternalValue(kJanuary2016))
+ if (visible_security_state.certificate->valid_expiry() >=
+ base::Time::FromInternalValue(kJanuary2016))
return SecurityStateModel::DEPRECATED_SHA1_MINOR;
return SecurityStateModel::NO_DEPRECATED_SHA1;
@@ -119,7 +120,6 @@ SecurityStateModel::ContentStatus GetContentStatus(bool displayed, bool ran) {
SecurityStateModel::SecurityLevel GetSecurityLevelForRequest(
felt 2016/10/07 03:30:48 The downside, I guess, is that this method gets sl
estark 2016/10/07 06:34:31 You think so? Oddly I find it easier to follow thi
const SecurityStateModel::VisibleSecurityState& visible_security_state,
SecurityStateModelClient* client,
- const scoped_refptr<net::X509Certificate>& cert,
SecurityStateModel::SHA1DeprecationStatus sha1_status,
SecurityStateModel::ContentStatus mixed_content_status,
SecurityStateModel::ContentStatus content_with_cert_errors_status) {
@@ -132,93 +132,78 @@ SecurityStateModel::SecurityLevel GetSecurityLevelForRequest(
return SecurityStateModel::DANGEROUS;
GURL url = visible_security_state.url;
- switch (visible_security_state.initial_security_level) {
- case SecurityStateModel::NONE:
- case SecurityStateModel::HTTP_SHOW_WARNING: {
- if (!client->IsOriginSecure(url) && url.IsStandard()) {
- return GetSecurityLevelForNonSecureFieldTrial(
- visible_security_state.displayed_password_field_on_http ||
- visible_security_state.displayed_credit_card_field_on_http);
- }
- return SecurityStateModel::NONE;
- }
- case SecurityStateModel::DANGEROUS:
- return SecurityStateModel::DANGEROUS;
-
- case SecurityStateModel::SECURITY_WARNING:
- case SecurityStateModel::SECURE_WITH_POLICY_INSTALLED_CERT:
- return visible_security_state.initial_security_level;
-
- case SecurityStateModel::SECURE:
- case SecurityStateModel::EV_SECURE: {
- // Major cert errors and active mixed content will generally be
- // downgraded by the embedder to DANGEROUS and handled above,
- // but downgrade here just in case.
- net::CertStatus cert_status = visible_security_state.cert_status;
- if (net::IsCertStatusError(cert_status) &&
- !net::IsCertStatusMinorError(cert_status)) {
- return SecurityStateModel::DANGEROUS;
- }
- if (mixed_content_status == SecurityStateModel::CONTENT_STATUS_RAN ||
- mixed_content_status ==
- SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN ||
- content_with_cert_errors_status ==
- SecurityStateModel::CONTENT_STATUS_RAN ||
- content_with_cert_errors_status ==
- SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN) {
- return SecurityStateModel::kRanInsecureContentLevel;
- }
-
- // Report if there is a policy cert first, before reporting any other
- // authenticated-but-with-errors cases. A policy cert is a strong
- // indicator of a MITM being present (the enterprise), while the
- // other authenticated-but-with-errors indicate something may
- // be wrong, or may be wrong in the future, but is unclear now.
- if (client->UsedPolicyInstalledCertificate())
- return SecurityStateModel::SECURE_WITH_POLICY_INSTALLED_CERT;
-
- if (sha1_status == SecurityStateModel::DEPRECATED_SHA1_MAJOR)
- return SecurityStateModel::DANGEROUS;
- if (sha1_status == SecurityStateModel::DEPRECATED_SHA1_MINOR)
- return SecurityStateModel::NONE;
-
- // Active mixed content is handled above.
- DCHECK_NE(SecurityStateModel::CONTENT_STATUS_RAN, mixed_content_status);
- DCHECK_NE(SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN,
- mixed_content_status);
-
- if (mixed_content_status ==
- SecurityStateModel::CONTENT_STATUS_DISPLAYED ||
- content_with_cert_errors_status ==
- SecurityStateModel::CONTENT_STATUS_DISPLAYED) {
- return SecurityStateModel::kDisplayedInsecureContentLevel;
- }
-
- if (net::IsCertStatusError(cert_status)) {
- // Major cert errors are handled above.
- DCHECK(net::IsCertStatusMinorError(cert_status));
- return SecurityStateModel::NONE;
- }
- if (net::SSLConnectionStatusToVersion(
- visible_security_state.connection_status) ==
- net::SSL_CONNECTION_VERSION_SSL3) {
- // SSLv3 will be removed in the future.
- return SecurityStateModel::SECURITY_WARNING;
- }
- if ((cert_status & net::CERT_STATUS_IS_EV) && cert)
- return SecurityStateModel::EV_SECURE;
- return SecurityStateModel::SECURE;
+ bool is_cryptographic_with_certificate =
+ (url.SchemeIsCryptographic() && visible_security_state.certificate);
+
+ // Set the security level to DANGEROUS for major certificate errors.
+ if (is_cryptographic_with_certificate &&
+ net::IsCertStatusError(visible_security_state.cert_status) &&
+ !net::IsCertStatusMinorError(visible_security_state.cert_status)) {
+ return SecurityStateModel::DANGEROUS;
+ }
+
+ // Choose the appropriate security level for HTTP requests.
+ if (!is_cryptographic_with_certificate) {
+ if (!client->IsOriginSecure(url) && url.IsStandard()) {
+ return GetSecurityLevelForNonSecureFieldTrial(
+ visible_security_state.displayed_password_field_on_http ||
+ visible_security_state.displayed_credit_card_field_on_http);
}
+ return SecurityStateModel::NONE;
+ }
+
+ // Downgrade the security level for active insecure subresources.
+ if (mixed_content_status == SecurityStateModel::CONTENT_STATUS_RAN ||
+ mixed_content_status ==
+ SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN ||
+ content_with_cert_errors_status ==
+ SecurityStateModel::CONTENT_STATUS_RAN ||
+ content_with_cert_errors_status ==
+ SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN) {
+ return SecurityStateModel::kRanInsecureContentLevel;
felt 2016/10/07 03:30:48 Tangent: why do we have this constant instead of j
estark 2016/10/07 06:34:31 We send this constant to devtools so that devtools
felt 2016/10/07 15:08:10 Ah, right on.
+ }
+
+ // Report if there is a policy cert first, before reporting any other
+ // authenticated-but-with-errors cases. A policy cert is a strong
+ // indicator of a MITM being present (the enterprise), while the
+ // other authenticated-but-with-errors indicate something may
+ // be wrong, or may be wrong in the future, but is unclear now.
+ if (client->UsedPolicyInstalledCertificate())
+ return SecurityStateModel::SECURE_WITH_POLICY_INSTALLED_CERT;
+
+ if (sha1_status == SecurityStateModel::DEPRECATED_SHA1_MAJOR)
+ return SecurityStateModel::DANGEROUS;
+ if (sha1_status == SecurityStateModel::DEPRECATED_SHA1_MINOR)
+ return SecurityStateModel::NONE;
+
+ // Active mixed content is handled above.
+ DCHECK_NE(SecurityStateModel::CONTENT_STATUS_RAN, mixed_content_status);
+ DCHECK_NE(SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN,
+ mixed_content_status);
+
+ if (mixed_content_status == SecurityStateModel::CONTENT_STATUS_DISPLAYED ||
+ content_with_cert_errors_status ==
+ SecurityStateModel::CONTENT_STATUS_DISPLAYED) {
+ return SecurityStateModel::kDisplayedInsecureContentLevel;
+ }
+
+ if (net::IsCertStatusError(visible_security_state.cert_status)) {
+ // Major cert errors are handled above.
+ DCHECK(net::IsCertStatusMinorError(visible_security_state.cert_status));
+ return SecurityStateModel::NONE;
}
- return SecurityStateModel::NONE;
+ if ((visible_security_state.cert_status & net::CERT_STATUS_IS_EV) &&
+ visible_security_state.certificate) {
+ return SecurityStateModel::EV_SECURE;
+ }
+ return SecurityStateModel::SECURE;
}
void SecurityInfoForRequest(
SecurityStateModelClient* client,
const SecurityStateModel::VisibleSecurityState& visible_security_state,
- const scoped_refptr<net::X509Certificate>& cert,
SecurityStateModel::SecurityInfo* security_info) {
if (!visible_security_state.connection_info_initialized) {
*security_info = SecurityStateModel::SecurityInfo();
@@ -226,8 +211,7 @@ void SecurityInfoForRequest(
visible_security_state.fails_malware_check;
if (security_info->fails_malware_check) {
security_info->security_level = GetSecurityLevelForRequest(
- visible_security_state, client, cert,
- SecurityStateModel::UNKNOWN_SHA1,
+ visible_security_state, client, SecurityStateModel::UNKNOWN_SHA1,
SecurityStateModel::CONTENT_STATUS_UNKNOWN,
SecurityStateModel::CONTENT_STATUS_UNKNOWN);
}
@@ -235,7 +219,7 @@ void SecurityInfoForRequest(
}
security_info->certificate = visible_security_state.certificate;
security_info->sha1_deprecation_status =
- GetSHA1DeprecationStatus(cert, visible_security_state);
+ GetSHA1DeprecationStatus(visible_security_state);
security_info->mixed_content_status =
GetContentStatus(visible_security_state.displayed_mixed_content,
visible_security_state.ran_mixed_content);
@@ -258,8 +242,7 @@ void SecurityInfoForRequest(
visible_security_state.fails_malware_check;
security_info->security_level = GetSecurityLevelForRequest(
- visible_security_state, client, cert,
- security_info->sha1_deprecation_status,
+ visible_security_state, client, security_info->sha1_deprecation_status,
security_info->mixed_content_status,
security_info->content_with_cert_errors_status);
}
@@ -295,12 +278,9 @@ SecurityStateModel::~SecurityStateModel() {}
void SecurityStateModel::GetSecurityInfo(
SecurityStateModel::SecurityInfo* result) const {
- scoped_refptr<net::X509Certificate> cert = nullptr;
- client_->RetrieveCert(&cert);
-
VisibleSecurityState new_visible_state;
client_->GetVisibleSecurityState(&new_visible_state);
- SecurityInfoForRequest(client_, new_visible_state, cert, result);
+ SecurityInfoForRequest(client_, new_visible_state, result);
}
void SecurityStateModel::SetClient(SecurityStateModelClient* client) {
@@ -308,8 +288,7 @@ void SecurityStateModel::SetClient(SecurityStateModelClient* client) {
}
SecurityStateModel::VisibleSecurityState::VisibleSecurityState()
- : initial_security_level(SecurityStateModel::NONE),
- fails_malware_check(false),
+ : fails_malware_check(false),
connection_info_initialized(false),
cert_status(0),
connection_status(0),
@@ -328,7 +307,6 @@ SecurityStateModel::VisibleSecurityState::~VisibleSecurityState() {}
bool SecurityStateModel::VisibleSecurityState::operator==(
const SecurityStateModel::VisibleSecurityState& other) const {
return (url == other.url &&
- initial_security_level == other.initial_security_level &&
fails_malware_check == other.fails_malware_check &&
!!certificate == !!other.certificate &&
(certificate ? certificate->Equals(other.certificate.get()) : true) &&
« components/security_state/security_state_model.h ('K') | « components/security_state/security_state_model.h ('k') | components/security_state/security_state_model_client.h » ('j') | content/child/web_url_loader_impl.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698