| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" | 5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" |
| 6 | 6 |
| 7 #include <openssl/ssl.h> | 7 #include <openssl/ssl.h> |
| 8 | 8 |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| (...skipping 320 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 331 void ChromeSecurityStateModelClient::VisibleSecurityStateChanged() { | 331 void ChromeSecurityStateModelClient::VisibleSecurityStateChanged() { |
| 332 if (logged_http_warning_on_current_navigation_) | 332 if (logged_http_warning_on_current_navigation_) |
| 333 return; | 333 return; |
| 334 | 334 |
| 335 security_state::SecurityStateModel::SecurityInfo security_info; | 335 security_state::SecurityStateModel::SecurityInfo security_info; |
| 336 GetSecurityInfo(&security_info); | 336 GetSecurityInfo(&security_info); |
| 337 if (!security_info.displayed_private_user_data_input_on_http) | 337 if (!security_info.displayed_private_user_data_input_on_http) |
| 338 return; | 338 return; |
| 339 | 339 |
| 340 std::string warning; | 340 std::string warning; |
| 341 bool warning_is_user_visible = false; |
| 341 switch (security_info.security_level) { | 342 switch (security_info.security_level) { |
| 342 case security_state::SecurityStateModel::HTTP_SHOW_WARNING: | 343 case security_state::SecurityStateModel::HTTP_SHOW_WARNING: |
| 343 warning = | 344 warning = |
| 344 "This page includes a password or credit card input in a non-secure " | 345 "This page includes a password or credit card input in a non-secure " |
| 345 "context. A warning has been added to the URL bar. For more " | 346 "context. A warning has been added to the URL bar. For more " |
| 346 "information, see https://goo.gl/zmWq3m."; | 347 "information, see https://goo.gl/zmWq3m."; |
| 348 warning_is_user_visible = true; |
| 347 break; | 349 break; |
| 348 case security_state::SecurityStateModel::NONE: | 350 case security_state::SecurityStateModel::NONE: |
| 351 case security_state::SecurityStateModel::DANGEROUS: |
| 349 warning = | 352 warning = |
| 350 "This page includes a password or credit card input in a non-secure " | 353 "This page includes a password or credit card input in a non-secure " |
| 351 "context. A warning will be added to the URL bar in Chrome 56 (Jan " | 354 "context. A warning will be added to the URL bar in Chrome 56 (Jan " |
| 352 "2017). For more information, see https://goo.gl/zmWq3m."; | 355 "2017). For more information, see https://goo.gl/zmWq3m."; |
| 353 break; | 356 break; |
| 354 default: | 357 default: |
| 355 return; | 358 return; |
| 356 } | 359 } |
| 357 | 360 |
| 358 logged_http_warning_on_current_navigation_ = true; | 361 logged_http_warning_on_current_navigation_ = true; |
| 359 web_contents_->GetMainFrame()->AddMessageToConsole( | 362 web_contents_->GetMainFrame()->AddMessageToConsole( |
| 360 content::CONSOLE_MESSAGE_LEVEL_WARNING, warning); | 363 content::CONSOLE_MESSAGE_LEVEL_WARNING, warning); |
| 364 UMA_HISTOGRAM_BOOLEAN("Security.HTTPBad.UserWarnedAboutSensitiveInput", |
| 365 warning_is_user_visible); |
| 361 } | 366 } |
| 362 | 367 |
| 363 void ChromeSecurityStateModelClient::DidFinishNavigation( | 368 void ChromeSecurityStateModelClient::DidFinishNavigation( |
| 364 content::NavigationHandle* navigation_handle) { | 369 content::NavigationHandle* navigation_handle) { |
| 365 if (navigation_handle->IsInMainFrame() && !navigation_handle->IsSamePage()) { | 370 if (navigation_handle->IsInMainFrame() && !navigation_handle->IsSamePage()) { |
| 366 // Only reset the console message flag for main-frame navigations, | 371 // Only reset the console message flag for main-frame navigations, |
| 367 // and not for same-page navigations like reference fragments and pushState. | 372 // and not for same-page navigations like reference fragments and pushState. |
| 368 logged_http_warning_on_current_navigation_ = false; | 373 logged_http_warning_on_current_navigation_ = false; |
| 369 } | 374 } |
| 370 } | 375 } |
| (...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 425 !!(ssl.content_status & content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS); | 430 !!(ssl.content_status & content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS); |
| 426 state->displayed_password_field_on_http = | 431 state->displayed_password_field_on_http = |
| 427 !!(ssl.content_status & | 432 !!(ssl.content_status & |
| 428 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); | 433 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); |
| 429 state->displayed_credit_card_field_on_http = | 434 state->displayed_credit_card_field_on_http = |
| 430 !!(ssl.content_status & | 435 !!(ssl.content_status & |
| 431 content::SSLStatus::DISPLAYED_CREDIT_CARD_FIELD_ON_HTTP); | 436 content::SSLStatus::DISPLAYED_CREDIT_CARD_FIELD_ON_HTTP); |
| 432 | 437 |
| 433 CheckSafeBrowsingStatus(entry, web_contents_, state); | 438 CheckSafeBrowsingStatus(entry, web_contents_, state); |
| 434 } | 439 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2451293002:
Add a histogram for each time the HTTP Bad UI is shown (Closed)
