Index: tools/metrics/histograms/histograms.xml |
diff --git a/tools/metrics/histograms/histograms.xml b/tools/metrics/histograms/histograms.xml |
index d8275c8c16b1b5ca8ac39b86130383ea24d8fa95..67040c416c98a7849c543dc566b25026c6b6146a 100644 |
--- a/tools/metrics/histograms/histograms.xml |
+++ b/tools/metrics/histograms/histograms.xml |
@@ -110245,44 +110245,24 @@ from previous Chrome versions. |
reason to believe that the system clock was behind. Methods of detecting |
clock inaccuracy have changed over time. |
</int> |
- <int value="2" |
- label="WWW_SUBDOMAIN_MATCH: Difference between the URL and the DNS is |
- www"> |
- This cause is recorded if the ssl error is CERT_COMMON_NAME_INVALID and the |
- hostname differs from one of the DNS names in the certificate (CN or SANs) |
- only by the presence or absence of the single-label prefix "www". |
- This case is not recored if the host name is not a known TLD. |
+ <int value="2" label="WWW_SUBDOMAIN_MATCH: (Deprecated)"> |
+ (Deprecated in favor of WWW_SUBDOMAIN_MATCH2) |
</int> |
- <int value="3" label="SUBDOMAIN_MATCH: The URL is a subdomain of the DNS"> |
- This cause is recorded if the ssl error is CERT_COMMON_NAME_INVALID and the |
- difference between the URL and the DNS name is not "www". This |
- case is not recorded if the host name is not a known TLD. |
+ <int value="3" label="SUBDOMAIN_MATCH: (Deprecated)"> |
+ (Deprecated in favor of SUBDOMAIN_MATCH2) |
</int> |
- <int value="4" |
- label="SUBDOMAIN_INVERSE_MATCH: The DNS is a subdomain of the URL"> |
- This cause is recorded if the ssl error is CERT_COMMON_NAME_INVALID and the |
- difference between the DNS name and the URL is not "www". This |
- case is not recorded if the host name is not a known TLD. |
+ <int value="4" label="SUBDOMAIN_INVERSE_MATCH: (Deprecated)"> |
+ (Deprecated in favor of SUBDOMAIN_INVERSE_MATCH2) |
</int> |
- <int value="5" |
- label="SUBDOMAIN_OUTSIDE_WILDCARD: The URL is outside the scope of the |
- wildcard certificate"> |
- This cause is recorded only if the ssl error is CERT_COMMON_NAME_INVALID, we |
- have received a wildcard certificate and the scope of a wildcard certificate |
- is too narrow for the hostname. This case is not recorded if the host name |
- is not a known TLD. |
+ <int value="5" label="SUBDOMAIN_OUTSIDE_WILDCARD: (Deprecated)"> |
+ (Deprecated in favor of SUBDOMAIN_OUTSIDE_WILDCARD2) |
</int> |
<int value="6" |
label="HOST_NAME_NOT_KNOWN_TLD: The host name is not a known TLD"> |
This cause is recorded only for CERT_COMMON_NAME_INVALID errors. |
</int> |
- <int value="7" |
- label="LIKELY_MULTI_TENANT_HOSTING: The certificate is a shared |
- certificate"> |
- This cause is recorded only for CERT_COMMON_NAME_INVALID errors. It is |
- possible that this error overlaps with others but it is not likely because |
- of the heuristics which decide as to what constitutes a shared certificate. |
- In cases of overlap, we emit to only one bucket. |
+ <int value="7" label="LIKELY_MULTI_TENANT_HOSTING: (Deprecated)"> |
+ (Deprecated in favor of LIKELY_MULTI_TENANT_HOSTING2) |
</int> |
<int value="8" label="LOCALHOST: The user is trying to connect to local host"> |
This cause is recorded only for CERT_AUTHORITY_INVALID errors. |
@@ -110302,12 +110282,56 @@ from previous Chrome versions. |
<int value="12" label="EXPIRED_RECENTLY: Cert expired within last 28 days."> |
</int> |
- <int value="13" |
- label="LIKELY_SAME_DOMAIN: Cert likely belongs to the same domain"> |
+ <int value="13" label="LIKELY_SAME_DOMAIN: (Deprecated)"> |
+ (Deprecated in favor of LIKELY_SAME_DOMAIN2) |
+ </int> |
+ <int value="14" label="NO_SUBJECT_ALT_NAME: Cert lacks SubjectAltName"> |
+ This case is recorded if the SSL error is CERT_COMMON_NAME_INVALID error and |
+ the certificate does not specify any DNS names in a SubjectAltName |
+ extension. (Chrome 58 deprecated matching hostnames to the SubjectCN Field.) |
+ </int> |
+ <int value="15" |
+ label="WWW_SUBDOMAIN_MATCH2: Difference between the URL and the DNS is |
+ www"> |
+ This cause is recorded if the SSL error is CERT_COMMON_NAME_INVALID and the |
+ hostname differs from one of the DNS names in the certificate (SANs) only by |
+ the presence or absence of the single-label prefix "www". This |
+ case is not recorded if the host name is not a known TLD. |
+ </int> |
+ <int value="16" label="SUBDOMAIN_MATCH2: The URL is a subdomain of the DNS"> |
+ This cause is recorded if the SSL error is CERT_COMMON_NAME_INVALID, the URL |
+ hostname is a subdomain of a DNS name in the certificate, and the difference |
+ between the URL and the DNS name is not "www". This case is not |
+ recorded if the host name is not a known TLD. |
+ </int> |
+ <int value="17" |
+ label="SUBDOMAIN_INVERSE_MATCH2: The DNS is a subdomain of the URL"> |
+ This cause is recorded if the SSL error is CERT_COMMON_NAME_INVALID, a DNS |
+ name in the certificate is a subdomain of the URL hostname, and the |
+ difference between the DNS name and the URL is not "www". This |
+ case is not recorded if the host name is not a known TLD. |
+ </int> |
+ <int value="18" |
+ label="SUBDOMAIN_OUTSIDE_WILDCARD2: The URL is outside the scope of the |
+ wildcard certificate"> |
+ This cause is recorded only if the SSL error is CERT_COMMON_NAME_INVALID, we |
+ have received a wildcard certificate and the scope of a wildcard certificate |
+ is too narrow for the hostname. This case is not recorded if the host name |
+ is not a known TLD. |
+ </int> |
+ <int value="19" |
+ label="LIKELY_MULTI_TENANT_HOSTING2: The certificate is a shared |
+ certificate"> |
+ This cause is recorded only for CERT_COMMON_NAME_INVALID errors where the |
+ certificate contains numerous unrelated DNS names. This case is not recorded |
+ if the host name is not a known TLD. |
+ </int> |
+ <int value="20" |
+ label="LIKELY_SAME_DOMAIN2: Cert likely belongs to the same domain"> |
This case is recorded if the SSL error is CERT_COMMON_NAME_INVALID error and |
the hostname in request URL has the same domain (effective TLD + 1 label) as |
- the common name or at least one of the subject alternative names in |
- certificate. This case is not recorded if the host name is not a known tld. |
+ a SubjectAltName in the certificate. This case is not recorded if the host |
+ name is not a known TLD. |
</int> |
</enum> |
@@ -110317,11 +110341,12 @@ from previous Chrome versions. |
<int value="2" label="SHOW_CAPTIVE_PORTAL_INTERSTITIAL_OVERRIDABLE"/> |
<int value="3" label="SHOW_SSL_INTERSTITIAL_NONOVERRIDABLE"/> |
<int value="4" label="SHOW_SSL_INTERSTITIAL_OVERRIDABLE"/> |
- <int value="5" label="WWW_MISMATCH_FOUND"/> |
+ <int value="5" label="WWW_MISMATCH_FOUND (Deprecated)"/> |
<int value="6" label="WWW_MISMATCH_URL_AVAILABLE"/> |
<int value="7" label="WWW_MISMATCH_URL_NOT_AVAILABLE"/> |
<int value="8" label="SHOW_BAD_CLOCK"/> |
<int value="9" label="CAPTIVE_PORTAL_CERT_FOUND"/> |
+ <int value="10" label="WWW_MISMATCH_FOUND_IN_SAN"/> |
</enum> |
<enum name="SSLErrorTypes" type="int"> |