Chromium Code Reviews Chromium Code Reviews
Issue 2410043003:
Add a console messsage for HTTP-bad (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" | 5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" |
| 6 | 6 |
| 7 #include <openssl/ssl.h> | 7 #include <openssl/ssl.h> |
| 8 | 8 |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| 11 #include "base/command_line.h" | 11 #include "base/command_line.h" |
| 12 #include "base/metrics/field_trial.h" | 12 #include "base/metrics/field_trial.h" |
| 13 #include "base/metrics/histogram_macros.h" | 13 #include "base/metrics/histogram_macros.h" |
| 14 #include "base/strings/string16.h" | 14 #include "base/strings/string16.h" |
| 15 #include "base/strings/utf_string_conversions.h" | 15 #include "base/strings/utf_string_conversions.h" |
| 16 #include "build/build_config.h" | 16 #include "build/build_config.h" |
| 17 #include "chrome/browser/browser_process.h" | 17 #include "chrome/browser/browser_process.h" |
| 18 #include "chrome/browser/chromeos/policy/policy_cert_service.h" | 18 #include "chrome/browser/chromeos/policy/policy_cert_service.h" |
| 19 #include "chrome/browser/chromeos/policy/policy_cert_service_factory.h" | 19 #include "chrome/browser/chromeos/policy/policy_cert_service_factory.h" |
| 20 #include "chrome/browser/profiles/profile.h" | 20 #include "chrome/browser/profiles/profile.h" |
| 21 #include "chrome/browser/safe_browsing/safe_browsing_service.h" | 21 #include "chrome/browser/safe_browsing/safe_browsing_service.h" |
| 22 #include "chrome/browser/safe_browsing/ui_manager.h" | 22 #include "chrome/browser/safe_browsing/ui_manager.h" |
| 23 #include "chrome/grit/generated_resources.h" | 23 #include "chrome/grit/generated_resources.h" |
| 24 #include "content/public/browser/navigation_entry.h" | 24 #include "content/public/browser/navigation_entry.h" |
| 25 #include "content/public/browser/navigation_handle.h" | |
| 26 #include "content/public/browser/render_frame_host.h" | |
| 25 #include "content/public/browser/security_style_explanation.h" | 27 #include "content/public/browser/security_style_explanation.h" |
| 26 #include "content/public/browser/security_style_explanations.h" | 28 #include "content/public/browser/security_style_explanations.h" |
| 27 #include "content/public/browser/ssl_status.h" | 29 #include "content/public/browser/ssl_status.h" |
| 28 #include "content/public/browser/web_contents.h" | 30 #include "content/public/browser/web_contents.h" |
| 29 #include "content/public/common/origin_util.h" | 31 #include "content/public/common/origin_util.h" |
| 30 #include "net/base/net_errors.h" | 32 #include "net/base/net_errors.h" |
| 31 #include "net/cert/x509_certificate.h" | 33 #include "net/cert/x509_certificate.h" |
| 32 #include "net/ssl/ssl_cipher_suite_names.h" | 34 #include "net/ssl/ssl_cipher_suite_names.h" |
| 33 #include "net/ssl/ssl_connection_status_flags.h" | 35 #include "net/ssl/ssl_connection_status_flags.h" |
| 34 #include "ui/base/l10n/l10n_util.h" | 36 #include "ui/base/l10n/l10n_util.h" |
| (...skipping 122 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 157 if (sb_ui_manager->IsUrlWhitelistedOrPendingForWebContents( | 159 if (sb_ui_manager->IsUrlWhitelistedOrPendingForWebContents( |
| 158 entry->GetURL(), false, entry, web_contents, false)) { | 160 entry->GetURL(), false, entry, web_contents, false)) { |
| 159 state->fails_malware_check = true; | 161 state->fails_malware_check = true; |
| 160 } | 162 } |
| 161 } | 163 } |
| 162 | 164 |
| 163 } // namespace | 165 } // namespace |
| 164 | 166 |
| 165 ChromeSecurityStateModelClient::ChromeSecurityStateModelClient( | 167 ChromeSecurityStateModelClient::ChromeSecurityStateModelClient( |
| 166 content::WebContents* web_contents) | 168 content::WebContents* web_contents) |
| 167 : web_contents_(web_contents), | 169 : content::WebContentsObserver(web_contents), |
| 168 security_state_model_(new SecurityStateModel()) { | 170 web_contents_(web_contents), |
| 171 security_state_model_(new SecurityStateModel()), | |
| 172 logged_http_warning_on_current_navigation_(false) { | |
| 169 security_state_model_->SetClient(this); | 173 security_state_model_->SetClient(this); |
| 170 } | 174 } |
| 171 | 175 |
| 172 ChromeSecurityStateModelClient::~ChromeSecurityStateModelClient() {} | 176 ChromeSecurityStateModelClient::~ChromeSecurityStateModelClient() {} |
| 173 | 177 |
| 174 // static | 178 // static |
| 175 blink::WebSecurityStyle ChromeSecurityStateModelClient::GetSecurityStyle( | 179 blink::WebSecurityStyle ChromeSecurityStateModelClient::GetSecurityStyle( |
| 176 const security_state::SecurityStateModel::SecurityInfo& security_info, | 180 const security_state::SecurityStateModel::SecurityInfo& security_info, |
| 177 content::SecurityStyleExplanations* security_style_explanations) { | 181 content::SecurityStyleExplanations* security_style_explanations) { |
| 178 const blink::WebSecurityStyle security_style = | 182 const blink::WebSecurityStyle security_style = |
| (...skipping 113 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 292 } | 296 } |
| 293 | 297 |
| 294 return security_style; | 298 return security_style; |
| 295 } | 299 } |
| 296 | 300 |
| 297 void ChromeSecurityStateModelClient::GetSecurityInfo( | 301 void ChromeSecurityStateModelClient::GetSecurityInfo( |
| 298 SecurityStateModel::SecurityInfo* result) const { | 302 SecurityStateModel::SecurityInfo* result) const { |
| 299 security_state_model_->GetSecurityInfo(result); | 303 security_state_model_->GetSecurityInfo(result); |
| 300 } | 304 } |
| 301 | 305 |
| 306 void ChromeSecurityStateModelClient::VisibleSSLStateChanged() { | |
| 307 if (!logged_http_warning_on_current_navigation_) { | |
|
sky
2016/10/14 22:21:47
optional: early out (we generally do that rather t
estark
2016/10/14 23:50:01
Done.
| |
| 308 security_state::SecurityStateModel::SecurityInfo security_info; | |
| 309 GetSecurityInfo(&security_info); | |
| 310 if (security_info.security_level == | |
| 311 security_state::SecurityStateModel::HTTP_SHOW_WARNING) { | |
| 312 web_contents_->GetMainFrame()->AddMessageToConsole( | |
| 313 content::CONSOLE_MESSAGE_LEVEL_WARNING, | |
| 314 "In Chrome M56 (Jan 2017), this page will be marked " | |
| 315 "as \"not secure\" in the URL bar. For more " | |
| 316 "information, see https://goo.gl/zmWq3m"); | |
| 317 logged_http_warning_on_current_navigation_ = true; | |
| 318 } | |
| 319 } | |
| 320 } | |
| 321 | |
| 322 void ChromeSecurityStateModelClient::DidFinishNavigation( | |
| 323 content::NavigationHandle* navigation_handle) { | |
| 324 if (navigation_handle->IsInMainFrame() && | |
| 325 !navigation_handle->IsSynchronousNavigation()) { | |
| 326 // Only reset the console message flag for main-frame navigations, | |
| 327 // and not for synchronous navigations like reference fragments and | |
| 328 // pushState. | |
| 329 logged_http_warning_on_current_navigation_ = false; | |
| 330 } | |
| 331 } | |
| 332 | |
| 302 bool ChromeSecurityStateModelClient::UsedPolicyInstalledCertificate() { | 333 bool ChromeSecurityStateModelClient::UsedPolicyInstalledCertificate() { |
| 303 #if defined(OS_CHROMEOS) | 334 #if defined(OS_CHROMEOS) |
| 304 policy::PolicyCertService* service = | 335 policy::PolicyCertService* service = |
| 305 policy::PolicyCertServiceFactory::GetForProfile( | 336 policy::PolicyCertServiceFactory::GetForProfile( |
| 306 Profile::FromBrowserContext(web_contents_->GetBrowserContext())); | 337 Profile::FromBrowserContext(web_contents_->GetBrowserContext())); |
| 307 if (service && service->UsedPolicyCertificates()) | 338 if (service && service->UsedPolicyCertificates()) |
| 308 return true; | 339 return true; |
| 309 #endif | 340 #endif |
| 310 return false; | 341 return false; |
| 311 } | 342 } |
| (...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 355 !!(ssl.content_status & content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS); | 386 !!(ssl.content_status & content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS); |
| 356 state->displayed_password_field_on_http = | 387 state->displayed_password_field_on_http = |
| 357 !!(ssl.content_status & | 388 !!(ssl.content_status & |
| 358 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); | 389 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); |
| 359 state->displayed_credit_card_field_on_http = | 390 state->displayed_credit_card_field_on_http = |
| 360 !!(ssl.content_status & | 391 !!(ssl.content_status & |
| 361 content::SSLStatus::DISPLAYED_CREDIT_CARD_FIELD_ON_HTTP); | 392 content::SSLStatus::DISPLAYED_CREDIT_CARD_FIELD_ON_HTTP); |
| 362 | 393 |
| 363 CheckSafeBrowsingStatus(entry, web_contents_, state); | 394 CheckSafeBrowsingStatus(entry, web_contents_, state); |
| 364 } | 395 } |
| OLD | NEW |
