Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(110)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: components/security_state/core/security_state.cc

Issue 2761333002: Add a DevTools warning for a missing subjectAltName (Closed)
Patch Set: Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« components/security_state/core/security_state.h ('K') | « components/security_state/core/security_state.h ('k') | components/security_state_strings.grdp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "components/security_state/core/security_state.h" 5 #include "components/security_state/core/security_state.h"
6 6
7 #include <stdint.h> 7 #include <stdint.h>
8 8
9 #include "base/command_line.h" 9 #include "base/command_line.h"
10 #include "base/metrics/field_trial.h" 10 #include "base/metrics/field_trial.h"
(...skipping 204 matching lines...) Expand 10 before | Expand all | Expand 10 after
215 security_info->sct_verify_statuses = 215 security_info->sct_verify_statuses =
216 visible_security_state.sct_verify_statuses; 216 visible_security_state.sct_verify_statuses;
217 217
218 security_info->malicious_content_status = 218 security_info->malicious_content_status =
219 visible_security_state.malicious_content_status; 219 visible_security_state.malicious_content_status;
220 220
221 security_info->displayed_password_field_on_http = 221 security_info->displayed_password_field_on_http =
222 visible_security_state.displayed_password_field_on_http; 222 visible_security_state.displayed_password_field_on_http;
223 security_info->displayed_credit_card_field_on_http = 223 security_info->displayed_credit_card_field_on_http =
224 visible_security_state.displayed_credit_card_field_on_http; 224 visible_security_state.displayed_credit_card_field_on_http;
225 if (visible_security_state.certificate) {
elawrence 2017/03/21 16:49:04 Could we change this to: if (visible_security_sta
Ryan Sleevi 2017/03/21 16:50:39 I intentionally omitted this, because like SHA-1,
226 std::vector<std::string> dns_names;
227 std::vector<std::string> ip_addrs;
228 visible_security_state.certificate.GetSubjectAltName(&dns_names, &ip_addrs);
elawrence 2017/03/21 16:22:54 Would it make sense to just have a HasSubjectAltNa
Ryan Sleevi 2017/03/21 16:41:41 No. Generally, I explicitly try to avoid adding th
elawrence 2017/03/21 16:49:04 Ok. I was slightly worried about the perf of doing
Ryan Sleevi 2017/03/21 16:50:39 I don't think we can/should, but I think that make
229 security_info->san_is_missing = dns_names.empty() && ip_addrs.empty();
230 }
225 231
226 security_info->security_level = GetSecurityLevelForRequest( 232 security_info->security_level = GetSecurityLevelForRequest(
227 visible_security_state, used_policy_installed_certificate, 233 visible_security_state, used_policy_installed_certificate,
228 is_origin_secure_callback, security_info->sha1_in_chain, 234 is_origin_secure_callback, security_info->sha1_in_chain,
229 security_info->mixed_content_status, 235 security_info->mixed_content_status,
230 security_info->content_with_cert_errors_status); 236 security_info->content_with_cert_errors_status);
231 } 237 }
232 238
233 } // namespace 239 } // namespace
234 240
235 const base::Feature kHttpFormWarningFeature{"HttpFormWarning", 241 const base::Feature kHttpFormWarningFeature{"HttpFormWarning",
236 base::FEATURE_DISABLED_BY_DEFAULT}; 242 base::FEATURE_DISABLED_BY_DEFAULT};
237 243
238 SecurityInfo::SecurityInfo() 244 SecurityInfo::SecurityInfo()
239 : security_level(NONE), 245 : security_level(NONE),
240 malicious_content_status(MALICIOUS_CONTENT_STATUS_NONE), 246 malicious_content_status(MALICIOUS_CONTENT_STATUS_NONE),
241 sha1_in_chain(false), 247 sha1_in_chain(false),
242 mixed_content_status(CONTENT_STATUS_NONE), 248 mixed_content_status(CONTENT_STATUS_NONE),
243 content_with_cert_errors_status(CONTENT_STATUS_NONE), 249 content_with_cert_errors_status(CONTENT_STATUS_NONE),
244 scheme_is_cryptographic(false), 250 scheme_is_cryptographic(false),
245 cert_status(0), 251 cert_status(0),
246 security_bits(-1), 252 security_bits(-1),
247 connection_status(0), 253 connection_status(0),
248 key_exchange_group(0), 254 key_exchange_group(0),
249 obsolete_ssl_status(net::OBSOLETE_SSL_NONE), 255 obsolete_ssl_status(net::OBSOLETE_SSL_NONE),
250 pkp_bypassed(false), 256 pkp_bypassed(false),
251 displayed_password_field_on_http(false), 257 displayed_password_field_on_http(false),
252 displayed_credit_card_field_on_http(false) {} 258 displayed_credit_card_field_on_http(false),
259 san_is_missing(false) {}
253 260
254 SecurityInfo::~SecurityInfo() {} 261 SecurityInfo::~SecurityInfo() {}
255 262
256 void GetSecurityInfo( 263 void GetSecurityInfo(
257 std::unique_ptr<VisibleSecurityState> visible_security_state, 264 std::unique_ptr<VisibleSecurityState> visible_security_state,
258 bool used_policy_installed_certificate, 265 bool used_policy_installed_certificate,
259 IsOriginSecureCallback is_origin_secure_callback, 266 IsOriginSecureCallback is_origin_secure_callback,
260 SecurityInfo* result) { 267 SecurityInfo* result) {
261 SecurityInfoForRequest(*visible_security_state, 268 SecurityInfoForRequest(*visible_security_state,
262 used_policy_installed_certificate, 269 used_policy_installed_certificate,
(...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after
299 other.displayed_content_with_cert_errors && 306 other.displayed_content_with_cert_errors &&
300 ran_content_with_cert_errors == other.ran_content_with_cert_errors && 307 ran_content_with_cert_errors == other.ran_content_with_cert_errors &&
301 pkp_bypassed == other.pkp_bypassed && 308 pkp_bypassed == other.pkp_bypassed &&
302 displayed_password_field_on_http == 309 displayed_password_field_on_http ==
303 other.displayed_password_field_on_http && 310 other.displayed_password_field_on_http &&
304 displayed_credit_card_field_on_http == 311 displayed_credit_card_field_on_http ==
305 other.displayed_credit_card_field_on_http); 312 other.displayed_credit_card_field_on_http);
306 } 313 }
307 314
308 } // namespace security_state 315 } // namespace security_state
OLDNEW
« components/security_state/core/security_state.h ('K') | « components/security_state/core/security_state.h ('k') | components/security_state_strings.grdp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698