OLD | NEW |
---|---|
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "components/security_state/content/content_utils.h" | 5 #include "components/security_state/content/content_utils.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 #include <vector> | 8 #include <vector> |
9 | 9 |
10 #include "base/memory/ptr_util.h" | 10 #include "base/memory/ptr_util.h" |
(...skipping 166 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
177 | 177 |
178 return state; | 178 return state; |
179 } | 179 } |
180 | 180 |
181 blink::WebSecurityStyle GetSecurityStyle( | 181 blink::WebSecurityStyle GetSecurityStyle( |
182 const security_state::SecurityInfo& security_info, | 182 const security_state::SecurityInfo& security_info, |
183 content::SecurityStyleExplanations* security_style_explanations) { | 183 content::SecurityStyleExplanations* security_style_explanations) { |
184 const blink::WebSecurityStyle security_style = | 184 const blink::WebSecurityStyle security_style = |
185 SecurityLevelToSecurityStyle(security_info.security_level); | 185 SecurityLevelToSecurityStyle(security_info.security_level); |
186 | 186 |
187 if (security_info.security_level == security_state::HTTP_SHOW_WARNING) { | 187 // The HTTP_SHOW_WARNING state may occur if the page is served as a data: URI |
188 // If the HTTP_SHOW_WARNING field trial is in use, display an | 188 // or if it is served non-securely AND contains a sensitive form field. |
189 // unauthenticated explanation explaining why the omnibox warning is | 189 if (security_info.security_level == security_state::HTTP_SHOW_WARNING && |
190 // present. | 190 (security_info.displayed_password_field_on_http || |
191 security_info.displayed_credit_card_field_on_http)) { | |
192 // Display an unauthenticated explanation explaining why the omnibox warning | |
estark
2017/03/02 22:53:33
optional nit: I don't think this comment is helpfu
elawrence
2017/03/02 23:11:43
Done.
| |
193 // is present. | |
191 security_style_explanations->unauthenticated_explanations.push_back( | 194 security_style_explanations->unauthenticated_explanations.push_back( |
192 content::SecurityStyleExplanation( | 195 content::SecurityStyleExplanation( |
193 l10n_util::GetStringUTF8(IDS_PRIVATE_USER_DATA_INPUT), | 196 l10n_util::GetStringUTF8(IDS_PRIVATE_USER_DATA_INPUT), |
194 l10n_util::GetStringUTF8(IDS_PRIVATE_USER_DATA_INPUT_DESCRIPTION))); | 197 l10n_util::GetStringUTF8(IDS_PRIVATE_USER_DATA_INPUT_DESCRIPTION))); |
195 } else if (security_info.security_level == security_state::NONE && | |
196 (security_info.displayed_password_field_on_http || | |
197 security_info.displayed_credit_card_field_on_http)) { | |
198 // If the HTTP_SHOW_WARNING field trial isn't in use yet, display an | |
199 // informational note that the omnibox will contain a warning for | |
200 // this site in a future version of Chrome. | |
201 security_style_explanations->info_explanations.push_back( | |
202 content::SecurityStyleExplanation( | |
203 l10n_util::GetStringUTF8(IDS_PRIVATE_USER_DATA_INPUT), | |
204 l10n_util::GetStringUTF8( | |
205 IDS_PRIVATE_USER_DATA_INPUT_FUTURE_DESCRIPTION))); | |
206 } | 198 } |
207 | |
208 security_style_explanations->ran_insecure_content_style = | 199 security_style_explanations->ran_insecure_content_style = |
209 SecurityLevelToSecurityStyle(security_state::kRanInsecureContentLevel); | 200 SecurityLevelToSecurityStyle(security_state::kRanInsecureContentLevel); |
210 security_style_explanations->displayed_insecure_content_style = | 201 security_style_explanations->displayed_insecure_content_style = |
211 SecurityLevelToSecurityStyle( | 202 SecurityLevelToSecurityStyle( |
212 security_state::kDisplayedInsecureContentLevel); | 203 security_state::kDisplayedInsecureContentLevel); |
213 | 204 |
214 if (security_info.malicious_content_status != | 205 if (security_info.malicious_content_status != |
215 security_state::MALICIOUS_CONTENT_STATUS_NONE) { | 206 security_state::MALICIOUS_CONTENT_STATUS_NONE) { |
216 security_style_explanations->summary = | 207 security_style_explanations->summary = |
217 l10n_util::GetStringUTF8(IDS_SAFEBROWSING_WARNING); | 208 l10n_util::GetStringUTF8(IDS_SAFEBROWSING_WARNING); |
(...skipping 92 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
310 security_style_explanations->info_explanations.push_back( | 301 security_style_explanations->info_explanations.push_back( |
311 content::SecurityStyleExplanation( | 302 content::SecurityStyleExplanation( |
312 "Public-Key Pinning Bypassed", | 303 "Public-Key Pinning Bypassed", |
313 "Public-key pinning was bypassed by a local root certificate.")); | 304 "Public-key pinning was bypassed by a local root certificate.")); |
314 } | 305 } |
315 | 306 |
316 return security_style; | 307 return security_style; |
317 } | 308 } |
318 | 309 |
319 } // namespace security_state | 310 } // namespace security_state |
OLD | NEW |