Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(650)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: components/security_state/content/content_utils.cc

Issue 2616553002: Remove obsolete SHA-1 UX elements (Closed)
Patch Set: Final nits Created 3 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « components/pageinfo_strings.grdp ('k') | components/security_state/core/security_state.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2016 The Chromium Authors. All rights reserved. 1 // Copyright 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "components/security_state/content/content_utils.h" 5 #include "components/security_state/content/content_utils.h"
6 6
7 #include <string> 7 #include <string>
8 #include <vector> 8 #include <vector>
9 9
10 #include "base/memory/ptr_util.h" 10 #include "base/memory/ptr_util.h"
(...skipping 212 matching lines...) Expand 10 before | Expand all | Expand 10 after
223 // represents how the embedder wishes to display the security state of 223 // represents how the embedder wishes to display the security state of
224 // the page, and the embedder can choose to display HTTPS page as HTTP 224 // the page, and the embedder can choose to display HTTPS page as HTTP
225 // if it wants to (for example, displaying deprecated crypto 225 // if it wants to (for example, displaying deprecated crypto
226 // algorithms with the same UI treatment as HTTP pages). 226 // algorithms with the same UI treatment as HTTP pages).
227 security_style_explanations->scheme_is_cryptographic = 227 security_style_explanations->scheme_is_cryptographic =
228 security_info.scheme_is_cryptographic; 228 security_info.scheme_is_cryptographic;
229 if (!security_info.scheme_is_cryptographic) { 229 if (!security_info.scheme_is_cryptographic) {
230 return security_style; 230 return security_style;
231 } 231 }
232 232
233 if (security_info.sha1_deprecation_status == 233 if (security_info.sha1_in_chain) {
234 security_state::DEPRECATED_SHA1_MAJOR) {
235 security_style_explanations->broken_explanations.push_back(
236 content::SecurityStyleExplanation(
237 l10n_util::GetStringUTF8(IDS_MAJOR_SHA1),
238 l10n_util::GetStringUTF8(IDS_MAJOR_SHA1_DESCRIPTION),
239 !!security_info.certificate));
240 } else if (security_info.sha1_deprecation_status ==
241 security_state::DEPRECATED_SHA1_MINOR) {
242 security_style_explanations->unauthenticated_explanations.push_back( 234 security_style_explanations->unauthenticated_explanations.push_back(
243 content::SecurityStyleExplanation( 235 content::SecurityStyleExplanation(
244 l10n_util::GetStringUTF8(IDS_MINOR_SHA1), 236 l10n_util::GetStringUTF8(IDS_SHA1),
245 l10n_util::GetStringUTF8(IDS_MINOR_SHA1_DESCRIPTION), 237 l10n_util::GetStringUTF8(IDS_SHA1_DESCRIPTION),
246 !!security_info.certificate)); 238 !!security_info.certificate));
247 } 239 }
248 240
249 // Record the presence of mixed content (HTTP subresources on an HTTPS 241 // Record the presence of mixed content (HTTP subresources on an HTTPS
250 // page). 242 // page).
251 security_style_explanations->ran_mixed_content = 243 security_style_explanations->ran_mixed_content =
252 security_info.mixed_content_status == 244 security_info.mixed_content_status ==
253 security_state::CONTENT_STATUS_RAN || 245 security_state::CONTENT_STATUS_RAN ||
254 security_info.mixed_content_status == 246 security_info.mixed_content_status ==
255 security_state::CONTENT_STATUS_DISPLAYED_AND_RAN; 247 security_state::CONTENT_STATUS_DISPLAYED_AND_RAN;
(...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after
292 IDS_CERTIFICATE_CHAIN_ERROR_DESCRIPTION_FORMAT, error_string), 284 IDS_CERTIFICATE_CHAIN_ERROR_DESCRIPTION_FORMAT, error_string),
293 !!security_info.certificate); 285 !!security_info.certificate);
294 286
295 if (is_cert_status_minor_error) { 287 if (is_cert_status_minor_error) {
296 security_style_explanations->unauthenticated_explanations.push_back( 288 security_style_explanations->unauthenticated_explanations.push_back(
297 explanation); 289 explanation);
298 } else { 290 } else {
299 security_style_explanations->broken_explanations.push_back(explanation); 291 security_style_explanations->broken_explanations.push_back(explanation);
300 } 292 }
301 } else { 293 } else {
302 // If the certificate does not have errors and is not using 294 // If the certificate does not have errors and is not using SHA1, then add
303 // deprecated SHA1, then add an explanation that the certificate is 295 // an explanation that the certificate is valid.
304 // valid. 296 if (!security_info.sha1_in_chain) {
305 if (security_info.sha1_deprecation_status ==
306 security_state::NO_DEPRECATED_SHA1) {
307 security_style_explanations->secure_explanations.push_back( 297 security_style_explanations->secure_explanations.push_back(
308 content::SecurityStyleExplanation( 298 content::SecurityStyleExplanation(
309 l10n_util::GetStringUTF8(IDS_VALID_SERVER_CERTIFICATE), 299 l10n_util::GetStringUTF8(IDS_VALID_SERVER_CERTIFICATE),
310 l10n_util::GetStringUTF8( 300 l10n_util::GetStringUTF8(
311 IDS_VALID_SERVER_CERTIFICATE_DESCRIPTION), 301 IDS_VALID_SERVER_CERTIFICATE_DESCRIPTION),
312 !!security_info.certificate)); 302 !!security_info.certificate));
313 } 303 }
314 } 304 }
315 305
316 AddConnectionExplanation(security_info, security_style_explanations); 306 AddConnectionExplanation(security_info, security_style_explanations);
317 307
318 security_style_explanations->pkp_bypassed = security_info.pkp_bypassed; 308 security_style_explanations->pkp_bypassed = security_info.pkp_bypassed;
319 if (security_info.pkp_bypassed) { 309 if (security_info.pkp_bypassed) {
320 security_style_explanations->info_explanations.push_back( 310 security_style_explanations->info_explanations.push_back(
321 content::SecurityStyleExplanation( 311 content::SecurityStyleExplanation(
322 "Public-Key Pinning Bypassed", 312 "Public-Key Pinning Bypassed",
323 "Public-key pinning was bypassed by a local root certificate.")); 313 "Public-key pinning was bypassed by a local root certificate."));
324 } 314 }
325 315
326 return security_style; 316 return security_style;
327 } 317 }
328 318
329 } // namespace security_state 319 } // namespace security_state
OLDNEW
« no previous file with comments | « components/pageinfo_strings.grdp ('k') | components/security_state/core/security_state.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698