Remember user decisions on invalid certificates behind a flag

chrome/browser/ssl/chrome_ssl_host_state_decisions.h

Index: chrome/browser/ssl/chrome_ssl_host_state_decisions.h
diff --git a/chrome/browser/ssl/chrome_ssl_host_state_decisions.h b/chrome/browser/ssl/chrome_ssl_host_state_decisions.h
new file mode 100644
index 0000000000000000000000000000000000000000..db85a69c034af96a6276faac8cc1481244b8b72d
--- /dev/null
+++ b/chrome/browser/ssl/chrome_ssl_host_state_decisions.h
@@ -0,0 +1,114 @@
+// Copyright (c) 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CHROME_BROWSER_SSL_CHROME_SSL_HOST_STATE_DECISIONS_H_
+#define CHROME_BROWSER_SSL_CHROME_SSL_HOST_STATE_DECISIONS_H_
+
+#include "base/scoped_ptr.h"
+#include "base/time/clock.h"

[Ryan Sleevi, 2014/07/31 00:31:28]

Can forward declare clock if you move line 56 to the .cc

[jww, 2014/07/31 05:57:00]

Done.

+#include "base/time/time.h"
+#include "content/public/browser/ssl_host_state_decisions.h"
+
+class GURL;
+class Profile;
+
+namespace base {
+
+class DictionaryValue;
+

[Ryan Sleevi, 2014/07/31 00:31:28]

can nuke the newlines on 17/19

[jww, 2014/07/31 05:57:00]

Done.

+}  //  namespace base
+
+// Implementation of the tracking of user decisions on SSL errors for sites.
+// Tracks if the user has allowed, denied, or not seen an exception for the
+// specified site, SSL fingerprint, and error. If the user makes a decision,
+// stores the decision until either the session ends or for a length of time
+// (across session restarts), based on command line flags.
+//
+// The various methods take GURLs as arguments but the path will be ignored for
+// all GURL arguments. SSL certificate decisions are on a per scheme/host/port
+// basis.
+class ChromeSSLHostStateDecisions : public content::SSLHostStateDecisions {
+ public:
+  explicit ChromeSSLHostStateDecisions(Profile* profile);
+  virtual ~ChromeSSLHostStateDecisions();
+
+  // SSLHostStateDecisions:
+  virtual void DenyCert(const GURL& url,
+                        net::X509Certificate* cert,
+                        net::CertStatus error) OVERRIDE;
+  virtual void AllowCert(const GURL& url,
+                         net::X509Certificate* cert,
+                         net::CertStatus error) OVERRIDE;
+  virtual void Clear() OVERRIDE;
+  virtual net::CertPolicy::Judgment QueryPolicy(const GURL& url,
+                                                net::X509Certificate* cert,
+                                                net::CertStatus error) OVERRIDE;
+  virtual void RevokeAllowAndDenyPreferences(const GURL& url) OVERRIDE;
+  virtual bool HasAllowedOrDeniedCert(const GURL& url) OVERRIDE;
+
+  // Called on the UI thread when the profile is about to be destroyed.
+  void ShutdownOnUIThread() {}
+
+ protected:
+  // SetClock takes ownership of the passed in clock.
+  void SetClock(scoped_ptr<base::Clock> clock) {
+    clock_.reset(clock.release());
+  }
+
+ private:
+  FRIEND_TEST_ALL_PREFIXES(ForgetInstantlySSLHostStateDecisionsTest,
+                           MakeAndForgetException);
+  FRIEND_TEST_ALL_PREFIXES(RememberSSLHostStateDecisionsTest, AfterRestart);

[Ryan Sleevi, 2014/07/31 00:31:28]

IWYU:
#include "base/gtest_prod_util.h"

[jww, 2014/07/31 05:57:00]

Done.

+
+  // Used to specify whether new content setting entries should be created if
+  // they don't already exist when querying the user's settings.
+  enum CreateDictionaryEntriesDisposition {
+    CreateDictionaryEntries,
+    DoNotCreateDictionaryEntries
+  };
+
+  // Specifies whether user SSL error decisions should be forgetten at the end
+  // of this current session (the old style of remembering decisions), or
+  // whether they should be remembered across session restarts for a specified
+  // length of time, deteremined by
+  // |default_ssl_cert_decision_expiration_delta_|.
+  enum RememberSSLExceptionDecisionsDisposition {
+    ForgetSSLExceptionDecisionsAtSessionEnd,
+    RememberSSLExceptionDecisionsForDelta
+  };
+
+  // Modify the user's content settings to specify a judgement made for a
+  // specific site and certificate, where |url| is the site in question, |cert|
+  // is the certificate with an error, |error| is the error in the certificate,
+  // and |judgement| is the user decision to be recorded.
+  void ChangeCertPolicy(const GURL& url,
+                        net::X509Certificate* cert,
+                        net::CertStatus error,
+                        net::CertPolicy::Judgment judgment);
+
+  // Query the content settings to retrieve a dictionary of certificate
+  // fingerprints and errors of certificates to user decisions, as set by
+  // ChangeCertPolicy. Returns NULL on a failure.
+  //
+  // |dict| specifies the user's full exceptions dictionary for a specific site
+  // in their content settings. Must be retrieved directly from a website
+  // setting in the the profile's HostContentSettingsMap.
+  //
+  // If |create_entries| specifies CreateDictionaryEntries, then
+  // GetValidCertDecisionsDict will create a new set of entries within the
+  // dictionary if they do not already exist. Otherwise will fail and return if
+  // NULL if they do not exist.
+  base::DictionaryValue* GetValidCertDecisionsDict(
+      base::DictionaryValue* dict,
+      CreateDictionaryEntriesDisposition create_entries);
+
+  scoped_ptr<base::Clock> clock_;
+  RememberSSLExceptionDecisionsDisposition should_remember_ssl_decisions_;
+  base::TimeDelta default_ssl_cert_decision_expiration_delta_;
+  Profile* profile_;
+
+  DISALLOW_COPY_AND_ASSIGN(ChromeSSLHostStateDecisions);
+};
+
+#endif  // CHROME_BROWSER_SSL_CHROME_SSL_HOST_STATE_DECISIONS_H_