| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/security_state/core/security_state.h" | 5 #include "components/security_state/core/security_state.h" |
| 6 | 6 |
| 7 #include <stdint.h> | 7 #include <stdint.h> |
| 8 | 8 |
| 9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
| 10 #include "base/metrics/field_trial.h" | 10 #include "base/metrics/field_trial.h" |
| (...skipping 24 matching lines...) Expand all Loading... |
| 35 return true; | 35 return true; |
| 36 } | 36 } |
| 37 | 37 |
| 38 if (switch_or_field_trial_group == switches::kMarkHttpAsDangerous) { | 38 if (switch_or_field_trial_group == switches::kMarkHttpAsDangerous) { |
| 39 *level = DANGEROUS; | 39 *level = DANGEROUS; |
| 40 *histogram_status = NON_SECURE; | 40 *histogram_status = NON_SECURE; |
| 41 return true; | 41 return true; |
| 42 } | 42 } |
| 43 | 43 |
| 44 if (switch_or_field_trial_group == | 44 if (switch_or_field_trial_group == |
| 45 switches::kMarkHttpWithPasswordsOrCcWithChip || | 45 switches::kMarkHttpWithPasswordsOrCcWithChip) { |
| 46 switch_or_field_trial_group == | |
| 47 switches::kMarkHttpWithPasswordsOrCcWithChipAndFormWarning) { | |
| 48 if (displayed_sensitive_input_on_http) { | 46 if (displayed_sensitive_input_on_http) { |
| 49 *level = security_state::HTTP_SHOW_WARNING; | 47 *level = security_state::HTTP_SHOW_WARNING; |
| 50 } else { | 48 } else { |
| 51 *level = NONE; | 49 *level = NONE; |
| 52 } | 50 } |
| 53 *histogram_status = HTTP_SHOW_WARNING; | 51 *histogram_status = HTTP_SHOW_WARNING; |
| 54 return true; | 52 return true; |
| 55 } | 53 } |
| 56 | 54 |
| 57 return false; | 55 return false; |
| (...skipping 191 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 249 | 247 |
| 250 security_info->security_level = GetSecurityLevelForRequest( | 248 security_info->security_level = GetSecurityLevelForRequest( |
| 251 visible_security_state, used_policy_installed_certificate, | 249 visible_security_state, used_policy_installed_certificate, |
| 252 is_origin_secure_callback, security_info->sha1_deprecation_status, | 250 is_origin_secure_callback, security_info->sha1_deprecation_status, |
| 253 security_info->mixed_content_status, | 251 security_info->mixed_content_status, |
| 254 security_info->content_with_cert_errors_status); | 252 security_info->content_with_cert_errors_status); |
| 255 } | 253 } |
| 256 | 254 |
| 257 } // namespace | 255 } // namespace |
| 258 | 256 |
| 257 const base::Feature kHttpFormWarningFeature{"HttpFormWarning", |
| 258 base::FEATURE_DISABLED_BY_DEFAULT}; |
| 259 |
| 259 SecurityInfo::SecurityInfo() | 260 SecurityInfo::SecurityInfo() |
| 260 : security_level(NONE), | 261 : security_level(NONE), |
| 261 malicious_content_status(MALICIOUS_CONTENT_STATUS_NONE), | 262 malicious_content_status(MALICIOUS_CONTENT_STATUS_NONE), |
| 262 sha1_deprecation_status(NO_DEPRECATED_SHA1), | 263 sha1_deprecation_status(NO_DEPRECATED_SHA1), |
| 263 mixed_content_status(CONTENT_STATUS_NONE), | 264 mixed_content_status(CONTENT_STATUS_NONE), |
| 264 content_with_cert_errors_status(CONTENT_STATUS_NONE), | 265 content_with_cert_errors_status(CONTENT_STATUS_NONE), |
| 265 scheme_is_cryptographic(false), | 266 scheme_is_cryptographic(false), |
| 266 cert_status(0), | 267 cert_status(0), |
| 267 security_bits(-1), | 268 security_bits(-1), |
| 268 connection_status(0), | 269 connection_status(0), |
| 269 key_exchange_group(0), | 270 key_exchange_group(0), |
| 270 obsolete_ssl_status(net::OBSOLETE_SSL_NONE), | 271 obsolete_ssl_status(net::OBSOLETE_SSL_NONE), |
| 271 pkp_bypassed(false), | 272 pkp_bypassed(false), |
| 272 displayed_password_field_on_http(false), | 273 displayed_password_field_on_http(false), |
| 273 displayed_credit_card_field_on_http(false) {} | 274 displayed_credit_card_field_on_http(false) {} |
| 274 | 275 |
| 275 SecurityInfo::~SecurityInfo() {} | 276 SecurityInfo::~SecurityInfo() {} |
| 276 | 277 |
| 277 void GetSecurityInfo( | 278 void GetSecurityInfo( |
| 278 std::unique_ptr<VisibleSecurityState> visible_security_state, | 279 std::unique_ptr<VisibleSecurityState> visible_security_state, |
| 279 bool used_policy_installed_certificate, | 280 bool used_policy_installed_certificate, |
| 280 IsOriginSecureCallback is_origin_secure_callback, | 281 IsOriginSecureCallback is_origin_secure_callback, |
| 281 SecurityInfo* result) { | 282 SecurityInfo* result) { |
| 282 SecurityInfoForRequest(*visible_security_state, | 283 SecurityInfoForRequest(*visible_security_state, |
| 283 used_policy_installed_certificate, | 284 used_policy_installed_certificate, |
| 284 is_origin_secure_callback, result); | 285 is_origin_secure_callback, result); |
| 285 } | 286 } |
| 286 | 287 |
| 288 bool IsHttpWarningInFormEnabled() { |
| 289 return base::FeatureList::IsEnabled(kHttpFormWarningFeature); |
| 290 } |
| 291 |
| 287 VisibleSecurityState::VisibleSecurityState() | 292 VisibleSecurityState::VisibleSecurityState() |
| 288 : malicious_content_status(MALICIOUS_CONTENT_STATUS_NONE), | 293 : malicious_content_status(MALICIOUS_CONTENT_STATUS_NONE), |
| 289 connection_info_initialized(false), | 294 connection_info_initialized(false), |
| 290 cert_status(0), | 295 cert_status(0), |
| 291 connection_status(0), | 296 connection_status(0), |
| 292 key_exchange_group(0), | 297 key_exchange_group(0), |
| 293 security_bits(-1), | 298 security_bits(-1), |
| 294 displayed_mixed_content(false), | 299 displayed_mixed_content(false), |
| 295 ran_mixed_content(false), | 300 ran_mixed_content(false), |
| 296 displayed_content_with_cert_errors(false), | 301 displayed_content_with_cert_errors(false), |
| (...skipping 19 matching lines...) Expand all Loading... |
| 316 other.displayed_content_with_cert_errors && | 321 other.displayed_content_with_cert_errors && |
| 317 ran_content_with_cert_errors == other.ran_content_with_cert_errors && | 322 ran_content_with_cert_errors == other.ran_content_with_cert_errors && |
| 318 pkp_bypassed == other.pkp_bypassed && | 323 pkp_bypassed == other.pkp_bypassed && |
| 319 displayed_password_field_on_http == | 324 displayed_password_field_on_http == |
| 320 other.displayed_password_field_on_http && | 325 other.displayed_password_field_on_http && |
| 321 displayed_credit_card_field_on_http == | 326 displayed_credit_card_field_on_http == |
| 322 other.displayed_credit_card_field_on_http); | 327 other.displayed_credit_card_field_on_http); |
| 323 } | 328 } |
| 324 | 329 |
| 325 } // namespace security_state | 330 } // namespace security_state |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2588133002:
Make form-not-secure controllable as its own separate Finch feature (Closed)
