Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(84)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/ssl/chrome_security_state_model_client.cc

Issue 2432933004: Adjust HTTP-bad console messages (Closed)
Patch Set: elawrence comments Created 4 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | chrome/browser/ssl/chrome_security_state_model_client_browser_tests.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" 5 #include "chrome/browser/ssl/chrome_security_state_model_client.h"
6 6
7 #include <openssl/ssl.h> 7 #include <openssl/ssl.h>
8 8
9 #include <vector> 9 #include <vector>
10 10
(...skipping 316 matching lines...) Expand 10 before | Expand all | Expand 10 after
327 SecurityStateModel::SecurityInfo* result) const { 327 SecurityStateModel::SecurityInfo* result) const {
328 security_state_model_->GetSecurityInfo(result); 328 security_state_model_->GetSecurityInfo(result);
329 } 329 }
330 330
331 void ChromeSecurityStateModelClient::VisibleSSLStateChanged() { 331 void ChromeSecurityStateModelClient::VisibleSSLStateChanged() {
332 if (logged_http_warning_on_current_navigation_) 332 if (logged_http_warning_on_current_navigation_)
333 return; 333 return;
334 334
335 security_state::SecurityStateModel::SecurityInfo security_info; 335 security_state::SecurityStateModel::SecurityInfo security_info;
336 GetSecurityInfo(&security_info); 336 GetSecurityInfo(&security_info);
337 if (!security_info.displayed_private_user_data_input_on_http)
338 return;
339
337 if (security_info.security_level == 340 if (security_info.security_level ==
338 security_state::SecurityStateModel::HTTP_SHOW_WARNING) { 341 security_state::SecurityStateModel::HTTP_SHOW_WARNING) {
339 web_contents_->GetMainFrame()->AddMessageToConsole( 342 web_contents_->GetMainFrame()->AddMessageToConsole(
340 content::CONSOLE_MESSAGE_LEVEL_WARNING, 343 content::CONSOLE_MESSAGE_LEVEL_WARNING,
341 "In Chrome M56 (Jan 2017), this page will be marked " 344 "This page includes a password or credit card input in a non-secure "
342 "as \"not secure\" in the URL bar. For more " 345 "context. A warning has been added to the URL bar. For more "
343 "information, see https://goo.gl/zmWq3m"); 346 "information, see "
347 "https://goo.gl/zmWq3m.");
348 logged_http_warning_on_current_navigation_ = true;
349 } else if (security_info.security_level ==
350 security_state::SecurityStateModel::NONE) {
351 web_contents_->GetMainFrame()->AddMessageToConsole(
352 content::CONSOLE_MESSAGE_LEVEL_WARNING,
353 "This page includes a password or credit card input in a non-secure "
354 "context. A warning will be added to the URL bar in Chrome 56 (Jan "
355 "2017). For "
356 "more information, see https://goo.gl/zmWq3m.");
elawrence 2016/10/20 18:56:13 Is this more clear, or less? string sWarning; sw
estark 2016/10/20 21:18:14 Done.
344 logged_http_warning_on_current_navigation_ = true; 357 logged_http_warning_on_current_navigation_ = true;
345 } 358 }
346 } 359 }
347 360
348 void ChromeSecurityStateModelClient::DidFinishNavigation( 361 void ChromeSecurityStateModelClient::DidFinishNavigation(
349 content::NavigationHandle* navigation_handle) { 362 content::NavigationHandle* navigation_handle) {
350 if (navigation_handle->IsInMainFrame() && 363 if (navigation_handle->IsInMainFrame() &&
351 !navigation_handle->IsSynchronousNavigation()) { 364 !navigation_handle->IsSynchronousNavigation()) {
352 // Only reset the console message flag for main-frame navigations, 365 // Only reset the console message flag for main-frame navigations,
353 // and not for synchronous navigations like reference fragments and 366 // and not for synchronous navigations like reference fragments and
(...skipping 58 matching lines...) Expand 10 before | Expand all | Expand 10 after
412 !!(ssl.content_status & content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS); 425 !!(ssl.content_status & content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS);
413 state->displayed_password_field_on_http = 426 state->displayed_password_field_on_http =
414 !!(ssl.content_status & 427 !!(ssl.content_status &
415 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); 428 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
416 state->displayed_credit_card_field_on_http = 429 state->displayed_credit_card_field_on_http =
417 !!(ssl.content_status & 430 !!(ssl.content_status &
418 content::SSLStatus::DISPLAYED_CREDIT_CARD_FIELD_ON_HTTP); 431 content::SSLStatus::DISPLAYED_CREDIT_CARD_FIELD_ON_HTTP);
419 432
420 CheckSafeBrowsingStatus(entry, web_contents_, state); 433 CheckSafeBrowsingStatus(entry, web_contents_, state);
421 } 434 }
OLDNEW
« no previous file with comments | « no previous file | chrome/browser/ssl/chrome_security_state_model_client_browser_tests.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698