chrome/browser/ssl/chrome_security_state_model_client.cc - Issue 2410043003: Add a console messsage for HTTP-bad

Unified Diff: chrome/browser/ssl/chrome_security_state_model_client.cc

Issue 2410043003: Add a console messsage for HTTP-bad (Closed)

Patch Set: elawrence, sky comments Created 4 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

« no previous file with comments | « chrome/browser/ssl/chrome_security_state_model_client.h ('k') | chrome/browser/ssl/chrome_security_state_model_client_browser_tests.cc » ('j') | chrome/browser/ssl/chrome_security_state_model_client_browser_tests.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: chrome/browser/ssl/chrome_security_state_model_client.cc

diff --git a/chrome/browser/ssl/chrome_security_state_model_client.cc b/chrome/browser/ssl/chrome_security_state_model_client.cc

index 51cd505bc34bbffe981a309fd96a2da7606d819a..e870b79f861d62249af85920ba7c389ac18c643e 100644

--- a/chrome/browser/ssl/chrome_security_state_model_client.cc

+++ b/chrome/browser/ssl/chrome_security_state_model_client.cc

@@ -22,6 +22,8 @@

#include "chrome/browser/safe_browsing/ui_manager.h"

#include "chrome/grit/generated_resources.h"

#include "content/public/browser/navigation_entry.h"

+#include "content/public/browser/navigation_handle.h"

+#include "content/public/browser/render_frame_host.h"

#include "content/public/browser/security_style_explanation.h"

#include "content/public/browser/security_style_explanations.h"

#include "content/public/browser/ssl_status.h"

@@ -164,8 +166,10 @@ void CheckSafeBrowsingStatus(content::NavigationEntry* entry,

ChromeSecurityStateModelClient::ChromeSecurityStateModelClient(

content::WebContents* web_contents)

- : web_contents_(web_contents),

- security_state_model_(new SecurityStateModel()) {

+ : content::WebContentsObserver(web_contents),

+ web_contents_(web_contents),

+ security_state_model_(new SecurityStateModel()),

+ logged_http_warning_on_current_navigation_(false) {

security_state_model_->SetClient(this);

}

@@ -299,6 +303,33 @@ void ChromeSecurityStateModelClient::GetSecurityInfo(

security_state_model_->GetSecurityInfo(result);

}

+void ChromeSecurityStateModelClient::VisibleSSLStateChanged() {

+ if (!logged_http_warning_on_current_navigation_) {

sky 2016/10/14 22:21:47 optional: early out (we generally do that rather t

estark 2016/10/14 23:50:01 Done.

+ security_state::SecurityStateModel::SecurityInfo security_info;

+ GetSecurityInfo(&security_info);

+ if (security_info.security_level ==

+ security_state::SecurityStateModel::HTTP_SHOW_WARNING) {

+ web_contents_->GetMainFrame()->AddMessageToConsole(

+ content::CONSOLE_MESSAGE_LEVEL_WARNING,

+ "In Chrome M56 (Jan 2017), this page will be marked "

+ "as \"not secure\" in the URL bar. For more "

+ "information, see https://goo.gl/zmWq3m");

+ logged_http_warning_on_current_navigation_ = true;

+ }

+void ChromeSecurityStateModelClient::DidFinishNavigation(

+ content::NavigationHandle* navigation_handle) {

+ if (navigation_handle->IsInMainFrame() &&

+ !navigation_handle->IsSynchronousNavigation()) {

+ // Only reset the console message flag for main-frame navigations,

+ // and not for synchronous navigations like reference fragments and

+ // pushState.

+ logged_http_warning_on_current_navigation_ = false;

+ }

bool ChromeSecurityStateModelClient::UsedPolicyInstalledCertificate() {

#if defined(OS_CHROMEOS)

policy::PolicyCertService* service =