Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(313)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/core/loader/MixedContentChecker.cpp

Issue 246893014: Add a WebSettings item to turn off mixed content check for WebSocket (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: Comment Created 6 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« Source/core/frame/Settings.in ('K') | « Source/core/loader/MixedContentChecker.h ('k') | Source/web/WebSettingsImpl.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2012 Google Inc. All rights reserved. 2 * Copyright (C) 2012 Google Inc. All rights reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions 5 * modification, are permitted provided that the following conditions
6 * are met: 6 * are met:
7 * 7 *
8 * 1. Redistributions of source code must retain the above copyright 8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer. 9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright 10 * 2. Redistributions in binary form must reproduce the above copyright
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after
66 Settings* settings = m_frame->settings(); 66 Settings* settings = m_frame->settings();
67 bool allowed = client()->allowDisplayingInsecureContent(settings && settings ->allowDisplayOfInsecureContent(), securityOrigin, url); 67 bool allowed = client()->allowDisplayingInsecureContent(settings && settings ->allowDisplayOfInsecureContent(), securityOrigin, url);
68 logWarning(allowed, "displayed", url); 68 logWarning(allowed, "displayed", url);
69 69
70 if (allowed) 70 if (allowed)
71 client()->didDisplayInsecureContent(); 71 client()->didDisplayInsecureContent();
72 72
73 return allowed; 73 return allowed;
74 } 74 }
75 75
76 bool MixedContentChecker::canRunInsecureContent(SecurityOrigin* securityOrigin, const KURL& url) const 76 bool MixedContentChecker::canRunInsecureContentInternal(SecurityOrigin* security Origin, const KURL& url, bool isWebSocket) const
77 { 77 {
78 if (!isMixedContent(securityOrigin, url)) 78 if (!isMixedContent(securityOrigin, url))
79 return true; 79 return true;
80 80
81 Settings* settings = m_frame->settings(); 81 Settings* settings = m_frame->settings();
82 bool allowed = client()->allowRunningInsecureContent(settings && settings->a llowRunningOfInsecureContent(), securityOrigin, url); 82 bool allowedPerSettings = settings && (settings->allowRunningOfInsecureConte nt() || (isWebSocket && settings->allowConnectingInsecureWebSocket()));
83 bool allowed = client()->allowRunningInsecureContent(allowedPerSettings, sec urityOrigin, url);
83 logWarning(allowed, "ran", url); 84 logWarning(allowed, "ran", url);
84 85
85 if (allowed) 86 if (allowed)
86 client()->didRunInsecureContent(securityOrigin, url); 87 client()->didRunInsecureContent(securityOrigin, url);
87 88
88 return allowed; 89 return allowed;
89 } 90 }
90 91
91 void MixedContentChecker::logWarning(bool allowed, const String& action, const K URL& target) const 92 void MixedContentChecker::logWarning(bool allowed, const String& action, const K URL& target) const
92 { 93 {
93 String message = String(allowed ? "" : "[blocked] ") + "The page at '" + m_f rame->document()->url().elidedString() + "' was loaded over HTTPS, but " + actio n + " insecure content from '" + target.elidedString() + "': this content should also be loaded over HTTPS.\n"; 94 String message = String(allowed ? "" : "[blocked] ") + "The page at '" + m_f rame->document()->url().elidedString() + "' was loaded over HTTPS, but " + actio n + " insecure content from '" + target.elidedString() + "': this content should also be loaded over HTTPS.\n";
94 MessageLevel messageLevel = allowed ? WarningMessageLevel : ErrorMessageLeve l; 95 MessageLevel messageLevel = allowed ? WarningMessageLevel : ErrorMessageLeve l;
95 m_frame->document()->addConsoleMessage(SecurityMessageSource, messageLevel, message); 96 m_frame->document()->addConsoleMessage(SecurityMessageSource, messageLevel, message);
96 } 97 }
97 98
98 } // namespace WebCore 99 } // namespace WebCore
OLDNEW
« Source/core/frame/Settings.in ('K') | « Source/core/loader/MixedContentChecker.h ('k') | Source/web/WebSettingsImpl.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698