Chromium Code Reviews Chromium Code Reviews
Issue 2448943002:
Refactor SecurityStateModel/Clients for simplicity and reusability. (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef COMPONENTS_SECURITY_STATE_SECURITY_STATE_MODEL_H_ | 5 #ifndef COMPONENTS_SECURITY_STATE_SECURITY_STATE_MODEL_H_ |
| 6 #define COMPONENTS_SECURITY_STATE_SECURITY_STATE_MODEL_H_ | 6 #define COMPONENTS_SECURITY_STATE_SECURITY_STATE_MODEL_H_ |
| 7 | 7 |
| 8 #include <stdint.h> | 8 #include <stdint.h> |
| 9 #include <memory> | |
| 9 | 10 |
| 11 #include "base/callback.h" | |
| 10 #include "base/macros.h" | 12 #include "base/macros.h" |
| 11 #include "net/cert/cert_status_flags.h" | 13 #include "net/cert/cert_status_flags.h" |
| 12 #include "net/cert/sct_status_flags.h" | 14 #include "net/cert/sct_status_flags.h" |
| 13 #include "net/cert/x509_certificate.h" | 15 #include "net/cert/x509_certificate.h" |
| 14 #include "url/gurl.h" | 16 #include "url/gurl.h" |
| 15 | 17 |
| 16 namespace security_state { | 18 namespace security_state { |
| 17 | 19 |
| 18 class SecurityStateModelClient; | |
| 19 | |
| 20 // SecurityStateModel provides high-level security information about a | 20 // SecurityStateModel provides high-level security information about a |
| 21 // page or request. | 21 // page or request. |
| 22 // | 22 // |
| 23 // SecurityStateModel::SecurityInfo is the main data structure computed | 23 // SecurityStateModel::SecurityInfo is the main data structure computed |
| 24 // by a SecurityStateModel. SecurityInfo contains a SecurityLevel (which | 24 // by a SecurityStateModel. SecurityInfo contains a SecurityLevel (which |
| 25 // is a single value describing the overall security state) along with | 25 // is a single value describing the overall security state) along with |
| 26 // information that a consumer might want to display in UI to explain or | 26 // information that a consumer might want to display in UI to explain or |
| 27 // elaborate on the SecurityLevel. | 27 // elaborate on the SecurityLevel. |
| 28 class SecurityStateModel { | 28 class SecurityStateModel { |
|
estark
2016/11/03 04:38:45
I'll just note, there's no reason AFAICT for this
Eric Seckler
2016/11/03 17:01:06
Class is gone :)
| |
| 29 public: | 29 public: |
| 30 // Describes the overall security state of the page. | 30 // Describes the overall security state of the page. |
| 31 // | 31 // |
| 32 // If you reorder, add, or delete values from this enum, you must also | 32 // If you reorder, add, or delete values from this enum, you must also |
| 33 // update the UI icons in ToolbarModelImpl::GetIconForSecurityLevel. | 33 // update the UI icons in ToolbarModelImpl::GetIconForSecurityLevel. |
| 34 // | 34 // |
| 35 // A Java counterpart will be generated for this enum. | 35 // A Java counterpart will be generated for this enum. |
| 36 // GENERATED_JAVA_ENUM_PACKAGE: org.chromium.components.security_state | 36 // GENERATED_JAVA_ENUM_PACKAGE: org.chromium.components.security_state |
| 37 // GENERATED_JAVA_CLASS_NAME_OVERRIDE: ConnectionSecurityLevel | 37 // GENERATED_JAVA_CLASS_NAME_OVERRIDE: ConnectionSecurityLevel |
| 38 enum SecurityLevel { | 38 enum SecurityLevel { |
| (...skipping 98 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 137 // True if pinning was bypassed due to a local trust anchor. | 137 // True if pinning was bypassed due to a local trust anchor. |
| 138 bool pkp_bypassed; | 138 bool pkp_bypassed; |
| 139 | 139 |
| 140 // True if the page displayed sensitive user data inputs (like a | 140 // True if the page displayed sensitive user data inputs (like a |
| 141 // password or credit card) on an HTTP page. | 141 // password or credit card) on an HTTP page. |
| 142 bool displayed_private_user_data_input_on_http; | 142 bool displayed_private_user_data_input_on_http; |
| 143 }; | 143 }; |
| 144 | 144 |
| 145 // Contains the security state relevant to computing the SecurityInfo | 145 // Contains the security state relevant to computing the SecurityInfo |
| 146 // for a page. This is the input to GetSecurityInfo() provided by the | 146 // for a page. This is the input to GetSecurityInfo() provided by the |
| 147 // model's client. | 147 // model's user. |
| 148 struct VisibleSecurityState { | 148 struct VisibleSecurityState { |
| 149 VisibleSecurityState(); | 149 VisibleSecurityState(); |
| 150 ~VisibleSecurityState(); | 150 ~VisibleSecurityState(); |
| 151 bool operator==(const VisibleSecurityState& other) const; | 151 bool operator==(const VisibleSecurityState& other) const; |
| 152 GURL url; | 152 GURL url; |
| 153 | 153 |
| 154 // True if the page fails the browser's malware or phishing checks. | 154 // True if the page fails the browser's malware or phishing checks. |
| 155 bool fails_malware_check; | 155 bool fails_malware_check; |
| 156 | 156 |
| 157 // CONNECTION SECURITY FIELDS | 157 // CONNECTION SECURITY FIELDS |
| (...skipping 29 matching lines...) Expand all Loading... | |
| 187 | 187 |
| 188 // These security levels describe the treatment given to pages that | 188 // These security levels describe the treatment given to pages that |
| 189 // display and run mixed content. They are used to coordinate the | 189 // display and run mixed content. They are used to coordinate the |
| 190 // treatment of mixed content with other security UI elements. | 190 // treatment of mixed content with other security UI elements. |
| 191 static const SecurityLevel kDisplayedInsecureContentLevel; | 191 static const SecurityLevel kDisplayedInsecureContentLevel; |
| 192 static const SecurityLevel kRanInsecureContentLevel; | 192 static const SecurityLevel kRanInsecureContentLevel; |
| 193 | 193 |
| 194 SecurityStateModel(); | 194 SecurityStateModel(); |
| 195 virtual ~SecurityStateModel(); | 195 virtual ~SecurityStateModel(); |
| 196 | 196 |
| 197 // Returns true if the given |url|'s origin should be considered secure. | |
| 198 using IsOriginSecureCallback = base::Callback<bool(const GURL& url)>; | |
| 199 | |
| 197 // Populates |result| to describe the current page. | 200 // Populates |result| to describe the current page. |
| 198 void GetSecurityInfo(SecurityInfo* result) const; | 201 // |visible_security_state| contains the relevant security state. |
| 199 | 202 // |used_policy_installed_certificate| indicates whether the page or request |
| 200 void SetClient(SecurityStateModelClient* client); | 203 // is known to be loaded with a certificate installed by the system admin. |
| 204 // |is_origin_secure_callback| determines whether a URL's origin should be | |
| 205 // considered secure. | |
| 206 void GetSecurityInfo( | |
| 207 SecurityInfo* result, | |
|
estark
2016/11/03 04:38:45
optional nit: I think putting the output parameter
Eric Seckler
2016/11/03 17:01:06
Done.
| |
| 208 std::unique_ptr<VisibleSecurityState> visible_security_state, | |
| 209 bool used_policy_installed_certificate, | |
| 210 IsOriginSecureCallback is_origin_secure_callback) const; | |
| 201 | 211 |
| 202 private: | 212 private: |
| 203 SecurityStateModelClient* client_; | |
| 204 | |
| 205 DISALLOW_COPY_AND_ASSIGN(SecurityStateModel); | 213 DISALLOW_COPY_AND_ASSIGN(SecurityStateModel); |
| 206 }; | 214 }; |
| 207 | 215 |
| 208 } // namespace security_state | 216 } // namespace security_state |
| 209 | 217 |
| 210 #endif // COMPONENTS_SECURITY_STATE_SECURITY_STATE_MODEL_H_ | 218 #endif // COMPONENTS_SECURITY_STATE_SECURITY_STATE_MODEL_H_ |
| OLD | NEW |
