Add button to page info to revoke user certificate decisions.

content/public/browser/ssl_host_state.h

+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CONTENT_PUBLIC_BROWSER_SSL_SSL_HOST_STATE_H_
+#define CONTENT_PUBLIC_BROWSER_SSL_SSL_HOST_STATE_H_
+
+#include <map>
+#include <set>
+#include <string>
+
+#include "base/basictypes.h"
+#include "base/compiler_specific.h"
+#include "base/supports_user_data.h"
+#include "base/threading/non_thread_safe.h"
+#include "content/common/content_export.h"
+#include "net/cert/cert_status_flags.h"
+#include "net/cert/x509_certificate.h"
+
+namespace content {
+class BrowserContext;
+class SSLHostStateDelegate;
+
+// SSLHostState
+//
+// The SSLHostState encapulates the host-specific state for SSL errors.  For
+// example, SSLHostState remembers whether the user has whitelisted a
+// particular broken cert for use with particular host.  We separate this state
+// from the SSLManager because this state is shared across many navigation
+// controllers.
+class CONTENT_EXPORT SSLHostState
+    : NON_EXPORTED_BASE(public base::NonThreadSafe) {

[jam, 2014/08/06 21:27:26]

nit: get rid of the NonThreadSafe, if you really want it, put it on the
implementation and not the public interface.

[jww, 2014/08/11 19:21:28]

Removed ssl_host_state.{h,cc} completely, as per our offline conversation, so no
longer relevant.

+ public:
+  SSLHostState(BrowserContext*);
+  virtual ~SSLHostState() {}
+
+  // Revoke all allow/deny preferences for a given host. The
+  // RevokeAllowAndDenyPreferencesHard version may close idle connections in the
+  // process. This version should be used *only* for rare events, such as a user
+  // controlled button, as it may be very disruptive to the networking stack.
+  virtual void RevokeAllowAndDenyPreferences(const std::string& host);
+  virtual void RevokeAllowAndDenyPreferencesHard(const std::string& host);
+
+  virtual bool HasAllowedOrDeniedCert(const std::string& host);

[jam, 2014/08/06 21:27:26]

nit: document

[jww, 2014/08/11 19:21:28]

Removed ssl_host_state.{h,cc} completely, as per our offline conversation, so no
longer relevant.

+
+  void set_delegate(SSLHostStateDelegate* delegate) { delegate_ = delegate; }

[jam, 2014/08/06 21:27:26]

this would be a pure method called SetDelegate

[jww, 2014/08/11 19:21:28]

Removed ssl_host_state.{h,cc} completely, as per our offline conversation, so no
longer relevant.

+
+ protected:
+  // BrowserContext that the state was created on.
+  BrowserContext* browser_context_;
+
+  // The certificate decision store. It may be NULL, depending on the browsing
+  // context. This is owned by the browsing context.
+  SSLHostStateDelegate* delegate_;

[jam, 2014/08/06 21:27:26]

nit: see http://www.chromium.org/developers/content-module/content-api, this
should only be an interface. the data members can go on the implementation

[jww, 2014/08/11 19:21:28]

Removed ssl_host_state.{h,cc} completely, as per our offline conversation, so no
longer relevant.

+};
+
+}  // namespace content
+
+#endif  // CONTENT_PUBLIC_BROWSER_SSL_SSL_HOST_STATE_H_