| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "ios/chrome/browser/ui/omnibox/page_info_model.h" | 5 #include "ios/chrome/browser/ui/omnibox/page_info_model.h" |
| 6 | 6 |
| 7 #include <stdint.h> | 7 #include <stdint.h> |
| 8 | 8 |
| 9 #include <string> | 9 #include <string> |
| 10 | 10 |
| (...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 50 SECTION_INFO_INTERNAL_PAGE, BUTTON_RELOAD)); | 50 SECTION_INFO_INTERNAL_PAGE, BUTTON_RELOAD)); |
| 51 } else { | 51 } else { |
| 52 sections_.push_back( | 52 sections_.push_back( |
| 53 SectionInfo(ICON_STATE_INTERNAL_PAGE, base::string16(), | 53 SectionInfo(ICON_STATE_INTERNAL_PAGE, base::string16(), |
| 54 l10n_util::GetStringUTF16(IDS_PAGE_INFO_INTERNAL_PAGE), | 54 l10n_util::GetStringUTF16(IDS_PAGE_INFO_INTERNAL_PAGE), |
| 55 SECTION_INFO_INTERNAL_PAGE, BUTTON_NONE)); | 55 SECTION_INFO_INTERNAL_PAGE, BUTTON_NONE)); |
| 56 } | 56 } |
| 57 return; | 57 return; |
| 58 } | 58 } |
| 59 | 59 |
| 60 SectionStateIcon icon_id = ICON_STATE_OK; | 60 base::string16 hostname(base::UTF8ToUTF16(url.host())); |
| 61 base::string16 headline; | |
| 62 base::string16 description; | |
| 63 | 61 |
| 64 // Identity section. | 62 base::string16 summary; |
| 65 base::string16 subject_name(base::UTF8ToUTF16(url.host())); | 63 base::string16 details; |
| 66 bool empty_subject_name = false; | 64 base::string16 certificate_details; |
| 67 if (subject_name.empty()) { | |
| 68 subject_name.assign( | |
| 69 l10n_util::GetStringUTF16(IDS_PAGE_INFO_SECURITY_TAB_UNKNOWN_PARTY)); | |
| 70 empty_subject_name = true; | |
| 71 } | |
| 72 | 65 |
| 73 bool is_cert_present = !!ssl.certificate; | 66 // Summary and details. |
| 74 bool is_major_cert_error = net::IsCertStatusError(ssl.cert_status) && | 67 SectionStateIcon icon_id = ICON_NONE; |
| 75 !net::IsCertStatusMinorError(ssl.cert_status); | 68 if (!ssl.certificate) { |
| 69 // Not HTTPS. |
| 70 icon_id = ICON_STATE_INFO; |
| 71 summary.assign(l10n_util::GetStringUTF16(IDS_PAGEINFO_NOT_SECURE_SUMMARY)); |
| 72 details.assign(l10n_util::GetStringUTF16(IDS_PAGEINFO_NOT_SECURE_DETAILS)); |
| 73 } else { |
| 74 // It is possible to have |SECURITY_STYLE_AUTHENTICATION_BROKEN| and |
| 75 // non-error |
| 76 // |cert_status| for WKWebView because |security_style| and |cert_status| |
| 77 // are |
| 78 // calculated using different API, which may lead to different cert |
| 79 // verification results. |
| 80 if (net::IsCertStatusError(ssl.cert_status) || |
| 81 ssl.security_style == web::SECURITY_STYLE_AUTHENTICATION_BROKEN) { |
| 82 // HTTPS with major errors |
| 83 icon_id = ICON_STATE_ERROR; |
| 84 DCHECK(!net::IsCertStatusMinorError(ssl.cert_status)); |
| 85 summary.assign( |
| 86 l10n_util::GetStringUTF16(IDS_PAGEINFO_NOT_SECURE_SUMMARY)); |
| 87 details.assign( |
| 88 l10n_util::GetStringUTF16(IDS_PAGEINFO_NOT_SECURE_DETAILS)); |
| 76 | 89 |
| 77 // It is possible to have |SECURITY_STYLE_AUTHENTICATION_BROKEN| and non-error | 90 certificate_details.assign(l10n_util::GetStringUTF16( |
| 78 // |cert_status| for WKWebView because |security_style| and |cert_status| are | 91 IDS_PAGE_INFO_SECURITY_TAB_INSECURE_IDENTITY)); |
| 79 // calculated using different API, which may lead to different cert | 92 const base::string16 bullet = base::UTF8ToUTF16("\n • "); |
| 80 // verification results. | 93 std::vector<ssl_errors::ErrorInfo> errors; |
| 81 if (is_cert_present && !is_major_cert_error && | 94 ssl_errors::ErrorInfo::GetErrorsForCertStatus( |
| 82 ssl.security_style != web::SECURITY_STYLE_AUTHENTICATION_BROKEN) { | 95 ssl.certificate, ssl.cert_status, url, &errors); |
| 83 // There are no major errors. Check for minor errors. | 96 for (size_t i = 0; i < errors.size(); ++i) { |
| 84 if (net::IsCertStatusMinorError(ssl.cert_status)) { | 97 certificate_details += bullet; |
| 98 certificate_details += errors[i].short_description(); |
| 99 } |
| 100 } else { |
| 101 // Valid HTTPS or HTTPS with minor errors. |
| 85 base::string16 issuer_name( | 102 base::string16 issuer_name( |
| 86 base::UTF8ToUTF16(ssl.certificate->issuer().GetDisplayName())); | 103 base::UTF8ToUTF16(ssl.certificate->issuer().GetDisplayName())); |
| 87 if (issuer_name.empty()) { | 104 if (!issuer_name.empty()) { |
| 88 issuer_name.assign(l10n_util::GetStringUTF16( | 105 // Show the issuer name if it's available. |
| 89 IDS_PAGE_INFO_SECURITY_TAB_UNKNOWN_PARTY)); | 106 // TODO(crbug.com/502470): Implement a certificate viewer instead. |
| 107 certificate_details.assign(l10n_util::GetStringFUTF16( |
| 108 IDS_IOS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY, issuer_name)); |
| 90 } | 109 } |
| 91 description.assign(l10n_util::GetStringFUTF16( | 110 if (ssl.content_status == web::SSLStatus::DISPLAYED_INSECURE_CONTENT) { |
| 92 IDS_IOS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY, issuer_name)); | 111 // HTTPS with mixed content. |
| 112 icon_id = ICON_STATE_INFO; |
| 113 summary.assign( |
| 114 l10n_util::GetStringUTF16(IDS_PAGEINFO_MIXED_CONTENT_SUMMARY)); |
| 115 details.assign( |
| 116 l10n_util::GetStringUTF16(IDS_PAGEINFO_MIXED_CONTENT_DETAILS)); |
| 117 } else { |
| 118 // Valid HTTPS |
| 119 icon_id = ICON_STATE_OK; |
| 120 summary.assign(l10n_util::GetStringUTF16(IDS_PAGEINFO_SECURE_SUMMARY)); |
| 121 details.assign(l10n_util::GetStringUTF16(IDS_PAGEINFO_SECURE_DETAILS)); |
| 93 | 122 |
| 94 description += base::ASCIIToUTF16("\n\n"); | 123 DCHECK(!(ssl.cert_status & net::CERT_STATUS_IS_EV)) |
| 95 if (ssl.cert_status & net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION) { | 124 << "Extended Validation should be disabled"; |
| 96 description += l10n_util::GetStringUTF16( | |
| 97 IDS_PAGE_INFO_SECURITY_TAB_UNABLE_TO_CHECK_REVOCATION); | |
| 98 } else if (ssl.cert_status & net::CERT_STATUS_NO_REVOCATION_MECHANISM) { | |
| 99 description += l10n_util::GetStringUTF16( | |
| 100 IDS_PAGE_INFO_SECURITY_TAB_NO_REVOCATION_MECHANISM); | |
| 101 } else { | |
| 102 NOTREACHED() << "Need to specify string for this warning"; | |
| 103 } | 125 } |
| 104 icon_id = ICON_STATE_INFO; | |
| 105 } else { | |
| 106 // OK HTTPS page. | |
| 107 DCHECK(!(ssl.cert_status & net::CERT_STATUS_IS_EV)) | |
| 108 << "Extended Validation should be disabled"; | |
| 109 if (empty_subject_name) | |
| 110 headline.clear(); // Don't display any title. | |
| 111 else | |
| 112 headline.assign(subject_name); | |
| 113 base::string16 issuer_name( | |
| 114 base::UTF8ToUTF16(ssl.certificate->issuer().GetDisplayName())); | |
| 115 if (issuer_name.empty()) { | |
| 116 issuer_name.assign(l10n_util::GetStringUTF16( | |
| 117 IDS_PAGE_INFO_SECURITY_TAB_UNKNOWN_PARTY)); | |
| 118 } | |
| 119 description.assign(l10n_util::GetStringFUTF16( | |
| 120 IDS_IOS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY, issuer_name)); | |
| 121 } | |
| 122 if (ssl.cert_status & net::CERT_STATUS_SHA1_SIGNATURE_PRESENT) { | |
| 123 icon_id = ICON_STATE_INFO; | |
| 124 description += | |
| 125 base::UTF8ToUTF16("\n\n") + | |
| 126 l10n_util::GetStringUTF16( | |
| 127 IDS_PAGE_INFO_SECURITY_TAB_DEPRECATED_SIGNATURE_ALGORITHM); | |
| 128 } | |
| 129 } else { | |
| 130 // HTTP or HTTPS with errors (not warnings). | |
| 131 description.assign(l10n_util::GetStringUTF16( | |
| 132 IDS_PAGE_INFO_SECURITY_TAB_INSECURE_IDENTITY)); | |
| 133 icon_id = ssl.security_style == web::SECURITY_STYLE_UNAUTHENTICATED | |
| 134 ? ICON_STATE_INFO | |
| 135 : ICON_STATE_ERROR; | |
| 136 | |
| 137 const base::string16 bullet = base::UTF8ToUTF16("\n • "); | |
| 138 std::vector<ssl_errors::ErrorInfo> errors; | |
| 139 ssl_errors::ErrorInfo::GetErrorsForCertStatus( | |
| 140 ssl.certificate, ssl.cert_status, url, &errors); | |
| 141 for (size_t i = 0; i < errors.size(); ++i) { | |
| 142 description += bullet; | |
| 143 description += errors[i].short_description(); | |
| 144 } | |
| 145 | |
| 146 if (ssl.cert_status & net::CERT_STATUS_NON_UNIQUE_NAME) { | |
| 147 description += base::ASCIIToUTF16("\n\n"); | |
| 148 description += | |
| 149 l10n_util::GetStringUTF16(IDS_PAGE_INFO_SECURITY_TAB_NON_UNIQUE_NAME); | |
| 150 } | |
| 151 } | |
| 152 sections_.push_back(SectionInfo(icon_id, headline, description, | |
| 153 SECTION_INFO_IDENTITY, | |
| 154 BUTTON_SHOW_SECURITY_HELP)); | |
| 155 | |
| 156 // Connection section. | |
| 157 icon_id = ICON_STATE_OK; | |
| 158 headline.clear(); | |
| 159 description.clear(); | |
| 160 if (!ssl.certificate) { | |
| 161 // Not HTTPS. | |
| 162 icon_id = ssl.security_style == web::SECURITY_STYLE_UNAUTHENTICATED | |
| 163 ? ICON_STATE_INFO | |
| 164 : ICON_STATE_ERROR; | |
| 165 description.assign( | |
| 166 l10n_util::GetStringUTF16(IDS_PAGEINFO_NOT_SECURE_SUMMARY)); | |
| 167 description += base::ASCIIToUTF16("\n\n"); | |
| 168 description += l10n_util::GetStringUTF16(IDS_PAGEINFO_NOT_SECURE_DETAILS); | |
| 169 } else if (ssl.security_bits < 0) { | |
| 170 if (ssl.content_status == web::SSLStatus::DISPLAYED_INSECURE_CONTENT) { | |
| 171 DCHECK(description.empty()); | |
| 172 // For WKWebView security_bits flag is always -1, and description is empty | |
| 173 // because ciphersuite is unknown. On iOS9 WKWebView blocks active | |
| 174 // mixed content, so warning should be about page look, not about page | |
| 175 // behavior. | |
| 176 icon_id = ICON_NONE; | |
| 177 description.assign(l10n_util::GetStringUTF16( | |
| 178 IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_INSECURE_CONTENT_WARNING)); | |
| 179 } else { | |
| 180 // Security strength is unknown. Say nothing. | |
| 181 icon_id = ICON_STATE_ERROR; | |
| 182 } | |
| 183 } else if (ssl.security_bits == 0) { | |
| 184 DCHECK_NE(ssl.security_style, web::SECURITY_STYLE_UNAUTHENTICATED); | |
| 185 icon_id = ICON_STATE_ERROR; | |
| 186 description.assign(l10n_util::GetStringFUTF16( | |
| 187 IDS_PAGE_INFO_SECURITY_TAB_NOT_ENCRYPTED_CONNECTION_TEXT, | |
| 188 subject_name)); | |
| 189 } else { | |
| 190 if (net::SSLConnectionStatusToVersion(ssl.connection_status) >= | |
| 191 net::SSL_CONNECTION_VERSION_TLS1_2 && | |
| 192 (net::OBSOLETE_SSL_NONE == | |
| 193 net::ObsoleteSSLStatus( | |
| 194 net::SSLConnectionStatusToCipherSuite(ssl.connection_status)))) { | |
| 195 description.assign(l10n_util::GetStringFUTF16( | |
| 196 IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_CONNECTION_TEXT, subject_name)); | |
| 197 } else { | |
| 198 description.assign(l10n_util::GetStringFUTF16( | |
| 199 IDS_PAGE_INFO_SECURITY_TAB_WEAK_ENCRYPTION_CONNECTION_TEXT, | |
| 200 subject_name)); | |
| 201 } | |
| 202 if (ssl.content_status) { | |
| 203 bool ran_insecure_content = false; // Always false on iOS. | |
| 204 icon_id = ran_insecure_content ? ICON_STATE_ERROR : ICON_NONE; | |
| 205 description.assign(l10n_util::GetStringFUTF16( | |
| 206 IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_SENTENCE_LINK, description, | |
| 207 l10n_util::GetStringUTF16( | |
| 208 ran_insecure_content | |
| 209 ? IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_INSECURE_CONTENT_ERROR | |
| 210 : IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_INSECURE_CONTENT_WARNIN
G))); | |
| 211 } | 126 } |
| 212 } | 127 } |
| 213 | 128 |
| 214 uint16_t cipher_suite = | 129 base::string16 description; |
| 215 net::SSLConnectionStatusToCipherSuite(ssl.connection_status); | 130 base::string16 spacer = base::UTF8ToUTF16("\n\n"); |
| 216 if (ssl.security_bits > 0 && cipher_suite) { | |
| 217 int ssl_version = net::SSLConnectionStatusToVersion(ssl.connection_status); | |
| 218 const char* ssl_version_str; | |
| 219 net::SSLVersionToString(&ssl_version_str, ssl_version); | |
| 220 description += base::ASCIIToUTF16("\n\n"); | |
| 221 description += | |
| 222 l10n_util::GetStringFUTF16(IDS_PAGE_INFO_SECURITY_TAB_SSL_VERSION, | |
| 223 base::ASCIIToUTF16(ssl_version_str)); | |
| 224 | 131 |
| 225 const char *key_exchange, *cipher, *mac; | 132 description.assign(summary); |
| 226 bool is_aead; | 133 description += spacer; |
| 227 bool is_tls13; | 134 description += details; |
| 228 net::SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, | |
| 229 &is_tls13, cipher_suite); | |
| 230 | 135 |
| 231 description += base::ASCIIToUTF16("\n\n"); | 136 if (!certificate_details.empty()) { |
| 232 if (is_aead) { | 137 description += spacer; |
| 233 description += l10n_util::GetStringFUTF16( | 138 description += certificate_details; |
| 234 IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTION_DETAILS_AEAD, | |
| 235 base::ASCIIToUTF16(cipher), base::ASCIIToUTF16(key_exchange)); | |
| 236 } else { | |
| 237 description += l10n_util::GetStringFUTF16( | |
| 238 IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTION_DETAILS, | |
| 239 base::ASCIIToUTF16(cipher), base::ASCIIToUTF16(mac), | |
| 240 base::ASCIIToUTF16(key_exchange)); | |
| 241 } | |
| 242 } | 139 } |
| 243 | 140 |
| 244 if (!description.empty()) { | 141 sections_.push_back(SectionInfo(icon_id, hostname, description, |
| 245 sections_.push_back(SectionInfo(icon_id, headline, description, | 142 SECTION_INFO_CONNECTION, |
| 246 SECTION_INFO_CONNECTION, | 143 BUTTON_SHOW_SECURITY_HELP)); |
| 247 BUTTON_SHOW_SECURITY_HELP)); | |
| 248 } | |
| 249 | |
| 250 if (ssl.certificate) { | |
| 251 certificate_label_ = | |
| 252 l10n_util::GetStringUTF16(IDS_PAGEINFO_CERT_INFO_BUTTON); | |
| 253 } | |
| 254 } | 144 } |
| 255 | 145 |
| 256 PageInfoModel::~PageInfoModel() {} | 146 PageInfoModel::~PageInfoModel() {} |
| 257 | 147 |
| 258 int PageInfoModel::GetSectionCount() { | 148 int PageInfoModel::GetSectionCount() { |
| 259 return sections_.size(); | 149 return sections_.size(); |
| 260 } | 150 } |
| 261 | 151 |
| 262 PageInfoModel::SectionInfo PageInfoModel::GetSectionInfo(int index) { | 152 PageInfoModel::SectionInfo PageInfoModel::GetSectionInfo(int index) { |
| 263 DCHECK(index < static_cast<int>(sections_.size())); | 153 DCHECK(index < static_cast<int>(sections_.size())); |
| (...skipping 15 matching lines...) Expand all Loading... |
| 279 case ICON_STATE_OFFLINE_PAGE: | 169 case ICON_STATE_OFFLINE_PAGE: |
| 280 return &rb.GetNativeImageNamed(IDR_IOS_OMNIBOX_OFFLINE); | 170 return &rb.GetNativeImageNamed(IDR_IOS_OMNIBOX_OFFLINE); |
| 281 } | 171 } |
| 282 } | 172 } |
| 283 | 173 |
| 284 base::string16 PageInfoModel::GetCertificateLabel() const { | 174 base::string16 PageInfoModel::GetCertificateLabel() const { |
| 285 return certificate_label_; | 175 return certificate_label_; |
| 286 } | 176 } |
| 287 | 177 |
| 288 PageInfoModel::PageInfoModel() : observer_(NULL) {} | 178 PageInfoModel::PageInfoModel() : observer_(NULL) {} |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2620243005:
Update Page Info on iOS to an interim Material Design state. (Closed)
