Index: content/browser/ssl/ssl_host_state.h |
diff --git a/content/browser/ssl/ssl_host_state.h b/content/browser/ssl/ssl_host_state.h |
index 820821786d31180066f21fdfb900f1b7dd9a7fbd..f2c453d98c5dc068bc0882c78882475dbca135ce 100644 |
--- a/content/browser/ssl/ssl_host_state.h |
+++ b/content/browser/ssl/ssl_host_state.h |
@@ -17,8 +17,11 @@ |
#include "net/cert/cert_status_flags.h" |
#include "net/cert/x509_certificate.h" |
+class GURL; |
+ |
namespace content { |
class BrowserContext; |
+class SSLHostStateDecisions; |
// SSLHostState |
// |
@@ -27,7 +30,6 @@ class BrowserContext; |
// particular broken cert for use with particular host. We separate this state |
// from the SSLManager because this state is shared across many navigation |
// controllers. |
- |
class CONTENT_EXPORT SSLHostState |
: NON_EXPORTED_BASE(base::SupportsUserData::Data), |
NON_EXPORTED_BASE(public base::NonThreadSafe) { |
@@ -46,21 +48,27 @@ class CONTENT_EXPORT SSLHostState |
// Records that |cert| is not permitted to be used for |host| in the future, |
// for a specified |error| type.. |
void DenyCertForHost(net::X509Certificate* cert, |
- const std::string& host, |
+ const GURL& url, |
net::CertStatus error); |
// Records that |cert| is permitted to be used for |host| in the future, for |
// a specified |error| type. |
void AllowCertForHost(net::X509Certificate* cert, |
- const std::string& host, |
+ const GURL& url, |
net::CertStatus error); |
+ // Revoke all allow/deny preferences for a given url. May close idle |
+ // HTTP/HTTPS connections in the process. |
+ void RevokeAllowAndDenyPreferences(const GURL& url); |
+ |
+ bool HasAllowedOrDeniedCert(const GURL& url); |
+ |
// Clear all allow/deny preferences. |
void Clear(); |
// Queries whether |cert| is allowed or denied for |host| and |error|. |
net::CertPolicy::Judgment QueryPolicy(net::X509Certificate* cert, |
- const std::string& host, |
+ const GURL& url, |
net::CertStatus error); |
private: |
@@ -73,8 +81,12 @@ class CONTENT_EXPORT SSLHostState |
// same-origin frames in one processs but cannot jump between processes. |
std::set<BrokenHostEntry> ran_insecure_content_hosts_; |
- // Certificate policies for each host. |
- std::map<std::string, net::CertPolicy> cert_policy_for_host_; |
+ // BrowserContext that the state was created on. |
+ BrowserContext* browser_context_; |
Ryan Sleevi
2014/07/31 00:31:28
Given that SSLHostState SupportsUserData, should t
jww
2014/07/31 05:57:00
This is leftover from when CloseIdleSockets was pr
|
+ |
+ // The certificate decision store. It may be NULL, depending on the browsing |
+ // context. This is owned by the browsing context. |
+ SSLHostStateDecisions* decisions_; |
DISALLOW_COPY_AND_ASSIGN(SSLHostState); |
}; |