OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CONTENT_PUBLIC_BROWSER_SSL_HOST_STATE_DELEGATE_H_ | 5 #ifndef CONTENT_PUBLIC_BROWSER_SSL_HOST_STATE_DELEGATE_H_ |
6 #define CONTENT_PUBLIC_BROWSER_SSL_HOST_STATE_DELEGATE_H_ | 6 #define CONTENT_PUBLIC_BROWSER_SSL_HOST_STATE_DELEGATE_H_ |
7 | 7 |
8 #include "base/memory/ref_counted.h" | 8 #include "base/memory/ref_counted.h" |
9 #include "base/memory/scoped_ptr.h" | 9 #include "base/memory/scoped_ptr.h" |
10 #include "base/threading/non_thread_safe.h" | |
10 #include "content/common/content_export.h" | 11 #include "content/common/content_export.h" |
11 #include "net/cert/x509_certificate.h" | 12 #include "net/cert/x509_certificate.h" |
12 | 13 |
13 namespace content { | 14 namespace content { |
14 | 15 |
16 // The SSLHostStateDelegate encapulates the host-specific state for SSL errors. | |
17 // For example, SSLHostStateDelegate remembers whether the user has whitelisted | |
18 // a particular broken cert for use with particular host. We separate this | |
19 // state from the SSLManager because this state is shared across many navigation | |
20 // controllers. | |
21 // | |
15 // SSLHostStateDelegate may be implemented by the embedder to provide a storage | 22 // SSLHostStateDelegate may be implemented by the embedder to provide a storage |
16 // strategy for certificate decisions. | 23 // strategy for certificate decisions or it may be left unimplemented to use a |
24 // default strategy of not remembering decisions at all. | |
17 class SSLHostStateDelegate { | 25 class SSLHostStateDelegate { |
18 public: | 26 public: |
19 // Records that |cert| is not permitted to be used for |host| in the future, | 27 // Records that |cert| is not permitted to be used for |host| in the future, |
20 // for a specified |error| type. | 28 // for a specified |error| type. |
21 virtual void DenyCert(const std::string& host, | 29 virtual void DenyCert(const std::string& host, |
22 net::X509Certificate* cert, | 30 net::X509Certificate* cert, |
23 net::CertStatus error) = 0; | 31 net::CertStatus error) = 0; |
24 | 32 |
25 // Records that |cert| is permitted to be used for |host| in the future, for | 33 // Records that |cert| is permitted to be used for |host| in the future, for |
26 // a specified |error| type. | 34 // a specified |error| type. |
27 virtual void AllowCert(const std::string&, | 35 virtual void AllowCert(const std::string&, |
28 net::X509Certificate* cert, | 36 net::X509Certificate* cert, |
29 net::CertStatus error) = 0; | 37 net::CertStatus error) = 0; |
30 | 38 |
31 // Clear all allow/deny preferences. | 39 // Clear all allow/deny preferences. |
32 virtual void Clear() = 0; | 40 virtual void Clear() = 0; |
33 | 41 |
34 // Queries whether |cert| is allowed or denied for |host| and |error|. | 42 // Queries whether |cert| is allowed or denied for |host| and |error|. |
35 virtual net::CertPolicy::Judgment QueryPolicy(const std::string& host, | 43 virtual net::CertPolicy::Judgment QueryPolicy(const std::string& host, |
36 net::X509Certificate* cert, | 44 net::X509Certificate* cert, |
37 net::CertStatus error) = 0; | 45 net::CertStatus error) = 0; |
38 | 46 |
39 // Revoke all allow/deny preferences for |host|. | 47 // Revoke all user decisions for |host|. The RevokeUserDecisionsHard version |
40 virtual void RevokeAllowAndDenyPreferences(const std::string& host) = 0; | 48 // may close idle connections in the process. This version should be used |
49 // *only* for rare events, such as a user controlled button, as it may be very | |
50 // disruptive to the networking stack. | |
51 virtual void RevokeUserDecisions(const std::string& host) = 0; | |
52 virtual void RevokeUserDecisionsHard(const std::string& host) = 0; | |
jam
2014/08/12 02:24:54
these two methods appear to be called from chrome
jww
2014/08/12 04:41:19
Done. HasUserDecision is the same, so I also moved
| |
41 | 53 |
42 // Returns true if any decisions has been recorded for |host|, otherwise | 54 // Returns true if any decisions has been recorded for |host|, otherwise |
43 // false. | 55 // false. |
44 virtual bool HasAllowedOrDeniedCert(const std::string& host) = 0; | 56 virtual bool HasUserDecision(const std::string& host) = 0; |
57 | |
58 // Records that a host has run insecure content. | |
59 virtual void HostRanInsecureContent(const std::string& host, int pid) = 0; | |
60 | |
61 // Returns whether the specified host ran insecure content. | |
62 virtual bool DidHostRunInsecureContent(const std::string& host, | |
63 int pid) const = 0; | |
45 | 64 |
46 protected: | 65 protected: |
47 virtual ~SSLHostStateDelegate() {} | 66 virtual ~SSLHostStateDelegate() {} |
48 }; | 67 }; |
49 | 68 |
50 } // namespace content | 69 } // namespace content |
51 | 70 |
52 #endif // CONTENT_PUBLIC_BROWSER_SSL_HOST_STATE_DELEGATE_H_ | 71 #endif // CONTENT_PUBLIC_BROWSER_SSL_HOST_STATE_DELEGATE_H_ |
OLD | NEW |