Index: components/ssl_errors/error_classification.h |
diff --git a/components/ssl_errors/error_classification.h b/components/ssl_errors/error_classification.h |
index b8c472df6697f0607b8cd6b37185ed63fd3c3d9a..01f0460988ecd9934b32b131930bc039f406f432 100644 |
--- a/components/ssl_errors/error_classification.h |
+++ b/components/ssl_errors/error_classification.h |
@@ -28,6 +28,34 @@ typedef std::vector<std::string> HostnameTokens; |
// Methods for identifying specific error causes. ------------------------------ |
+// Events for UMA. Do not reorder or change! |
+enum SSLInterstitialCause { |
+ CLOCK_PAST, |
+ CLOCK_FUTURE, |
+ WWW_SUBDOMAIN_MATCH, // Deprecated |
+ SUBDOMAIN_MATCH, // Deprecated |
+ SUBDOMAIN_INVERSE_MATCH, // Deprecated |
+ SUBDOMAIN_OUTSIDE_WILDCARD, // Deprecated |
+ HOST_NAME_NOT_KNOWN_TLD, |
+ LIKELY_MULTI_TENANT_HOSTING, // Deprecated |
+ LOCALHOST, |
+ PRIVATE_URL, |
+ AUTHORITY_ERROR_CAPTIVE_PORTAL, // Deprecated in M47. |
+ SELF_SIGNED, |
+ EXPIRED_RECENTLY, |
+ LIKELY_SAME_DOMAIN, // Deprecated |
+ // In Chrome 58, SubjectCN matching was deprecated, deprecating original |
+ // metrics to be replaced with the 2-suffixed variants below. |
+ NO_SUBJECT_ALT_NAMES, |
+ WWW_SUBDOMAIN_MATCH2, |
+ SUBDOMAIN_MATCH2, |
+ SUBDOMAIN_INVERSE_MATCH2, |
+ SUBDOMAIN_OUTSIDE_WILDCARD2, |
+ LIKELY_MULTI_TENANT_HOSTING2, |
+ LIKELY_SAME_DOMAIN2, |
+ UNUSED_INTERSTITIAL_CAUSE_ENTRY, |
+}; |
+ |
// What is known about the accuracy of system clock. Do not change or |
// reorder; these values are used in an UMA histogram. |
enum ClockState { |
@@ -110,14 +138,9 @@ bool IsCertLikelyFromMultiTenantHosting(const GURL& request_url, |
bool IsCertLikelyFromSameDomain(const GURL& request_url, |
const net::X509Certificate& cert); |
-// Returns true if the site's hostname differs from one of the DNS |
-// names in the certificate (CN or SANs) only by the presence or |
-// absence of the single-label prefix "www". E.g.: (The first domain |
-// is hostname and the second domain is a DNS name in the certificate) |
-// www.example.com ~ example.com -> true |
-// example.com ~ www.example.com -> true |
-// www.food.example.com ~ example.com -> false |
-// mail.example.com ~ example.com -> false |
+// Returns true if the site's hostname differs from one of the DNS names in |
+// |dns_names| only by the presence or absence of the single-label prefix "www". |
+// The matching name from the certificate is returned in |www_match_host_name|. |
bool GetWWWSubDomainMatch(const GURL& request_url, |
const std::vector<std::string>& dns_names, |
std::string* www_match_host_name); |