chrome/browser/ssl/chrome_ssl_host_state_delegate.h - Issue 369703002: Remember user decisions on invalid certificates behind a flag

Side by Side Diff: chrome/browser/ssl/chrome_ssl_host_state_delegate.h

Issue 369703002: Remember user decisions on invalid certificates behind a flag (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Fixed broken include Created 6 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
(Empty)
	1 // Copyright (c) 2014 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #ifndef CHROME_BROWSER_SSL_CHROME_SSL_HOST_STATE_DELEGATE_H_

	6 #define CHROME_BROWSER_SSL_CHROME_SSL_HOST_STATE_DELEGATE_H_

	7

	8 #include "base/gtest_prod_util.h"

	9 #include "base/memory/scoped_ptr.h"

	10 #include "base/time/time.h"

	11 #include "content/public/browser/ssl_host_state_delegate.h"

	12

	13 class Profile;

	14

	15 namespace base {

	16 class Clock;

	17 class DictionaryValue;

	18 } // namespace base

	19

	20 // Implementation of the tracking of user decisions on SSL errors for sites.

	21 // Tracks if the user has allowed, denied, or not seen an exception for the

	22 // specified site, SSL fingerprint, and error. If the user makes a decision,

	23 // stores the decision until either the session ends or for a length of time

	24 // (across session restarts), based on command line flags.

	25 class ChromeSSLHostStateDelegate : public content::SSLHostStateDelegate {

	26 public:

	27 explicit ChromeSSLHostStateDelegate(Profile* profile);

	28 virtual ~ChromeSSLHostStateDelegate();

	29

	30 // SSLHostStateDelegate:

	31 virtual void DenyCert(const std::string& host,

	32 net::X509Certificate* cert,

	33 net::CertStatus error) OVERRIDE;

	34 virtual void AllowCert(const std::string& host,

	35 net::X509Certificate* cert,

	36 net::CertStatus error) OVERRIDE;

	37 virtual void Clear() OVERRIDE;

	38 virtual net::CertPolicy::Judgment QueryPolicy(const std::string& host,

	39 net::X509Certificate* cert,

	40 net::CertStatus error) OVERRIDE;

	41 virtual void RevokeAllowAndDenyPreferences(const std::string& host) OVERRIDE;

	42 virtual bool HasAllowedOrDeniedCert(const std::string& host) OVERRIDE;

	43

	44 // Called on the UI thread when the profile is about to be destroyed.

	45 void ShutdownOnUIThread() {}

	46

	47 protected:

	48 // SetClock takes ownership of the passed in clock.

	49 void SetClock(scoped_ptr<base::Clock> clock);

	50

	51 private:

	52 FRIEND_TEST_ALL_PREFIXES(ForgetInstantlySSLHostStateDelegateTest,

	53 MakeAndForgetException);

	54 FRIEND_TEST_ALL_PREFIXES(RememberSSLHostStateDelegateTest, AfterRestart);

	55

	56 // Used to specify whether new content setting entries should be created if

	57 // they don't already exist when querying the user's settings.

	58 enum CreateDictionaryEntriesDisposition {

	59 CreateDictionaryEntries,

	60 DoNotCreateDictionaryEntries

	61 };

	62

	63 // Specifies whether user SSL error decisions should be forgetten at the end

	64 // of this current session (the old style of remembering decisions), or

	65 // whether they should be remembered across session restarts for a specified

	66 // length of time, deteremined by

	67 // \|default_ssl_cert_decision_expiration_delta_\|.

	68 enum RememberSSLExceptionDecisionsDisposition {

	69 ForgetSSLExceptionDecisionsAtSessionEnd,

	70 RememberSSLExceptionDecisionsForDelta

	71 };

	72

	73 // Modify the user's content settings to specify a judgement made for a

	74 // specific site and certificate, where \|url\| is the site in question, \|cert\|

	75 // is the certificate with an error, \|error\| is the error in the certificate,

	76 // and \|judgement\| is the user decision to be recorded.

	77 void ChangeCertPolicy(const std::string& host,

	78 net::X509Certificate* cert,

	79 net::CertStatus error,

	80 net::CertPolicy::Judgment judgment);

	81

	82 // Query the content settings to retrieve a dictionary of certificate

	83 // fingerprints and errors of certificates to user decisions, as set by

	84 // ChangeCertPolicy. Returns NULL on a failure.

	85 //

	86 // \|dict\| specifies the user's full exceptions dictionary for a specific site

	87 // in their content settings. Must be retrieved directly from a website

	88 // setting in the the profile's HostContentSettingsMap.

	89 //

	90 // If \|create_entries\| specifies CreateDictionaryEntries, then

	91 // GetValidCertDecisionsDict will create a new set of entries within the

	92 // dictionary if they do not already exist. Otherwise will fail and return if

	93 // NULL if they do not exist.

	94 base::DictionaryValue* GetValidCertDecisionsDict(

	95 base::DictionaryValue* dict,

	96 CreateDictionaryEntriesDisposition create_entries);

	97

	98 scoped_ptr<base::Clock> clock_;

	99 RememberSSLExceptionDecisionsDisposition should_remember_ssl_decisions_;

	100 base::TimeDelta default_ssl_cert_decision_expiration_delta_;

	101 Profile* profile_;

	102

	103 DISALLOW_COPY_AND_ASSIGN(ChromeSSLHostStateDelegate);

	104 };

	105

	106 #endif // CHROME_BROWSER_SSL_CHROME_SSL_HOST_STATE_DELEGATE_H_

OLD	NEW

« no previous file with comments | « chrome/browser/profiles/profile_impl.cc ('k') | chrome/browser/ssl/chrome_ssl_host_state_delegate.cc » ('j') | content/browser/ssl/ssl_host_state.cc » ('J')