OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/ui/website_settings/website_settings.h" | 5 #include "chrome/browser/ui/website_settings/website_settings.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 #include <vector> | 8 #include <vector> |
9 | 9 |
10 #include "base/bind.h" | 10 #include "base/bind.h" |
11 #include "base/bind_helpers.h" | 11 #include "base/bind_helpers.h" |
12 #include "base/command_line.h" | 12 #include "base/command_line.h" |
13 #include "base/i18n/time_formatting.h" | 13 #include "base/i18n/time_formatting.h" |
| 14 #include "base/metrics/field_trial.h" |
14 #include "base/metrics/histogram.h" | 15 #include "base/metrics/histogram.h" |
15 #include "base/strings/string_number_conversions.h" | 16 #include "base/strings/string_number_conversions.h" |
16 #include "base/strings/utf_string_conversions.h" | 17 #include "base/strings/utf_string_conversions.h" |
17 #include "base/values.h" | 18 #include "base/values.h" |
18 #include "chrome/browser/browsing_data/browsing_data_channel_id_helper.h" | 19 #include "chrome/browser/browsing_data/browsing_data_channel_id_helper.h" |
19 #include "chrome/browser/browsing_data/browsing_data_cookie_helper.h" | 20 #include "chrome/browser/browsing_data/browsing_data_cookie_helper.h" |
20 #include "chrome/browser/browsing_data/browsing_data_database_helper.h" | 21 #include "chrome/browser/browsing_data/browsing_data_database_helper.h" |
21 #include "chrome/browser/browsing_data/browsing_data_file_system_helper.h" | 22 #include "chrome/browser/browsing_data/browsing_data_file_system_helper.h" |
22 #include "chrome/browser/browsing_data/browsing_data_indexed_db_helper.h" | 23 #include "chrome/browser/browsing_data/browsing_data_indexed_db_helper.h" |
23 #include "chrome/browser/browsing_data/browsing_data_local_storage_helper.h" | 24 #include "chrome/browser/browsing_data/browsing_data_local_storage_helper.h" |
24 #include "chrome/browser/content_settings/content_settings_utils.h" | 25 #include "chrome/browser/content_settings/content_settings_utils.h" |
25 #include "chrome/browser/content_settings/host_content_settings_map.h" | 26 #include "chrome/browser/content_settings/host_content_settings_map.h" |
26 #include "chrome/browser/content_settings/local_shared_objects_container.h" | 27 #include "chrome/browser/content_settings/local_shared_objects_container.h" |
27 #include "chrome/browser/history/history_service_factory.h" | 28 #include "chrome/browser/history/history_service_factory.h" |
28 #include "chrome/browser/profiles/profile.h" | 29 #include "chrome/browser/profiles/profile.h" |
| 30 #include "chrome/browser/ssl/chrome_ssl_host_state_delegate.h" |
| 31 #include "chrome/browser/ssl/chrome_ssl_host_state_delegate_factory.h" |
29 #include "chrome/browser/ssl/ssl_error_info.h" | 32 #include "chrome/browser/ssl/ssl_error_info.h" |
30 #include "chrome/browser/ui/website_settings/website_settings_infobar_delegate.h
" | 33 #include "chrome/browser/ui/website_settings/website_settings_infobar_delegate.h
" |
31 #include "chrome/browser/ui/website_settings/website_settings_ui.h" | 34 #include "chrome/browser/ui/website_settings/website_settings_ui.h" |
| 35 #include "chrome/common/chrome_switches.h" |
32 #include "chrome/common/content_settings_pattern.h" | 36 #include "chrome/common/content_settings_pattern.h" |
33 #include "content/public/browser/browser_thread.h" | 37 #include "content/public/browser/browser_thread.h" |
34 #include "content/public/browser/cert_store.h" | 38 #include "content/public/browser/cert_store.h" |
35 #include "content/public/browser/user_metrics.h" | 39 #include "content/public/browser/user_metrics.h" |
36 #include "content/public/common/content_switches.h" | 40 #include "content/public/common/content_switches.h" |
37 #include "content/public/common/ssl_status.h" | 41 #include "content/public/common/ssl_status.h" |
38 #include "content/public/common/url_constants.h" | 42 #include "content/public/common/url_constants.h" |
39 #include "grit/chromium_strings.h" | 43 #include "grit/chromium_strings.h" |
40 #include "grit/generated_resources.h" | 44 #include "grit/generated_resources.h" |
41 #include "net/base/registry_controlled_domains/registry_controlled_domain.h" | 45 #include "net/base/registry_controlled_domains/registry_controlled_domain.h" |
(...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
114 WebsiteSettings::SiteIdentityStatus GetSiteIdentityStatusByCTInfo( | 118 WebsiteSettings::SiteIdentityStatus GetSiteIdentityStatusByCTInfo( |
115 const content::SignedCertificateTimestampIDStatusList& scts, | 119 const content::SignedCertificateTimestampIDStatusList& scts, |
116 bool is_ev) { | 120 bool is_ev) { |
117 if (CertificateTransparencyStatusMatch(scts, net::ct::SCT_STATUS_INVALID)) | 121 if (CertificateTransparencyStatusMatch(scts, net::ct::SCT_STATUS_INVALID)) |
118 return WebsiteSettings::SITE_IDENTITY_STATUS_ERROR; | 122 return WebsiteSettings::SITE_IDENTITY_STATUS_ERROR; |
119 | 123 |
120 return is_ev ? WebsiteSettings::SITE_IDENTITY_STATUS_EV_CERT | 124 return is_ev ? WebsiteSettings::SITE_IDENTITY_STATUS_EV_CERT |
121 : WebsiteSettings::SITE_IDENTITY_STATUS_CERT; | 125 : WebsiteSettings::SITE_IDENTITY_STATUS_CERT; |
122 } | 126 } |
123 | 127 |
| 128 const char kRememberCertificateErrorDecisionsFieldTrialName[] = |
| 129 "RememberCertificateErrorDecisions"; |
| 130 const char kRememberCertificateErrorDecisionsFieldTrialDefaultGroup[] = |
| 131 "Default"; |
| 132 const char kRememberCertificateErrorDecisionsFieldTrialDisableGroup[] = |
| 133 "Disable"; |
| 134 // Returns true if the user is in the experimental group or has the flag enabled |
| 135 // for remembering SSL error decisions, otherwise false. |
| 136 // |
| 137 // TODO(jww): The field trial is scheduled to end 2015/02/28. This should be |
| 138 // removed at that point unless the field trial or flag continues. |
| 139 bool InRememberCertificateErrorDecisionsGroup() { |
| 140 std::string group_name = base::FieldTrialList::FindFullName( |
| 141 kRememberCertificateErrorDecisionsFieldTrialName); |
| 142 |
| 143 // The Default and Disable groups are the "old-style" forget-at-session |
| 144 // restart groups, so they do not get the button. |
| 145 bool in_experimental_group = !group_name.empty() && |
| 146 group_name.compare( |
| 147 kRememberCertificateErrorDecisionsFieldTrialDefaultGroup) != 0 && |
| 148 group_name.compare( |
| 149 kRememberCertificateErrorDecisionsFieldTrialDisableGroup) != 0; |
| 150 bool has_command_line_switch = CommandLine::ForCurrentProcess()->HasSwitch( |
| 151 switches::kRememberCertErrorDecisions); |
| 152 return in_experimental_group || has_command_line_switch; |
| 153 } |
| 154 |
124 } // namespace | 155 } // namespace |
125 | 156 |
126 WebsiteSettings::WebsiteSettings( | 157 WebsiteSettings::WebsiteSettings( |
127 WebsiteSettingsUI* ui, | 158 WebsiteSettingsUI* ui, |
128 Profile* profile, | 159 Profile* profile, |
129 TabSpecificContentSettings* tab_specific_content_settings, | 160 TabSpecificContentSettings* tab_specific_content_settings, |
130 InfoBarService* infobar_service, | 161 InfoBarService* infobar_service, |
131 const GURL& url, | 162 const GURL& url, |
132 const content::SSLStatus& ssl, | 163 const content::SSLStatus& ssl, |
133 content::CertStore* cert_store) | 164 content::CertStore* cert_store) |
134 : TabSpecificContentSettings::SiteDataObserver( | 165 : TabSpecificContentSettings::SiteDataObserver( |
135 tab_specific_content_settings), | 166 tab_specific_content_settings), |
136 ui_(ui), | 167 ui_(ui), |
137 infobar_service_(infobar_service), | 168 infobar_service_(infobar_service), |
138 show_info_bar_(false), | 169 show_info_bar_(false), |
139 site_url_(url), | 170 site_url_(url), |
140 site_identity_status_(SITE_IDENTITY_STATUS_UNKNOWN), | 171 site_identity_status_(SITE_IDENTITY_STATUS_UNKNOWN), |
141 cert_id_(0), | 172 cert_id_(0), |
142 site_connection_status_(SITE_CONNECTION_STATUS_UNKNOWN), | 173 site_connection_status_(SITE_CONNECTION_STATUS_UNKNOWN), |
143 cert_store_(cert_store), | 174 cert_store_(cert_store), |
144 content_settings_(profile->GetHostContentSettingsMap()) { | 175 content_settings_(profile->GetHostContentSettingsMap()), |
| 176 chrome_ssl_host_state_delegate_( |
| 177 ChromeSSLHostStateDelegateFactory::GetForProfile(profile)) { |
145 Init(profile, url, ssl); | 178 Init(profile, url, ssl); |
146 | 179 |
147 HistoryService* history_service = HistoryServiceFactory::GetForProfile( | 180 HistoryService* history_service = HistoryServiceFactory::GetForProfile( |
148 profile, Profile::EXPLICIT_ACCESS); | 181 profile, Profile::EXPLICIT_ACCESS); |
149 if (history_service) { | 182 if (history_service) { |
150 history_service->GetVisibleVisitCountToHost( | 183 history_service->GetVisibleVisitCountToHost( |
151 site_url_, | 184 site_url_, |
152 base::Bind(&WebsiteSettings::OnGotVisitCountToHost, | 185 base::Bind(&WebsiteSettings::OnGotVisitCountToHost, |
153 base::Unretained(this)), | 186 base::Unretained(this)), |
154 &visit_count_task_tracker_); | 187 &visit_count_task_tracker_); |
(...skipping 370 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
525 site_connection_details_ += l10n_util::GetStringUTF16( | 558 site_connection_details_ += l10n_util::GetStringUTF16( |
526 IDS_PAGE_INFO_SECURITY_TAB_FALLBACK_MESSAGE); | 559 IDS_PAGE_INFO_SECURITY_TAB_FALLBACK_MESSAGE); |
527 } | 560 } |
528 if (no_renegotiation) { | 561 if (no_renegotiation) { |
529 site_connection_details_ += ASCIIToUTF16("\n\n"); | 562 site_connection_details_ += ASCIIToUTF16("\n\n"); |
530 site_connection_details_ += l10n_util::GetStringUTF16( | 563 site_connection_details_ += l10n_util::GetStringUTF16( |
531 IDS_PAGE_INFO_SECURITY_TAB_RENEGOTIATION_MESSAGE); | 564 IDS_PAGE_INFO_SECURITY_TAB_RENEGOTIATION_MESSAGE); |
532 } | 565 } |
533 } | 566 } |
534 | 567 |
| 568 // Check if a user decision has been made to allow or deny certificates with |
| 569 // errors on this site. |
| 570 ChromeSSLHostStateDelegate* delegate = |
| 571 ChromeSSLHostStateDelegateFactory::GetForProfile(profile); |
| 572 DCHECK(delegate); |
| 573 // Only show an SSL decision revoke button if both the user has chosen to |
| 574 // bypass SSL host errors for this host in the past and the user is not using |
| 575 // the traditional "forget-at-session-restart" error decision memory. |
| 576 show_ssl_decision_revoke_button_ = delegate->HasUserDecision(url.host()) && |
| 577 InRememberCertificateErrorDecisionsGroup(); |
| 578 |
535 // By default select the permissions tab that displays all the site | 579 // By default select the permissions tab that displays all the site |
536 // permissions. In case of a connection error or an issue with the | 580 // permissions. In case of a connection error or an issue with the |
537 // certificate presented by the website, select the connection tab to draw | 581 // certificate presented by the website, select the connection tab to draw |
538 // the user's attention to the issue. If the site does not provide a | 582 // the user's attention to the issue. If the site does not provide a |
539 // certificate because it was loaded over an unencrypted connection, don't | 583 // certificate because it was loaded over an unencrypted connection, don't |
540 // select the connection tab. | 584 // select the connection tab. |
541 WebsiteSettingsUI::TabId tab_id = WebsiteSettingsUI::TAB_ID_PERMISSIONS; | 585 WebsiteSettingsUI::TabId tab_id = WebsiteSettingsUI::TAB_ID_PERMISSIONS; |
542 if (site_connection_status_ == SITE_CONNECTION_STATUS_ENCRYPTED_ERROR || | 586 if (site_connection_status_ == SITE_CONNECTION_STATUS_ENCRYPTED_ERROR || |
543 site_connection_status_ == SITE_CONNECTION_STATUS_MIXED_CONTENT || | 587 site_connection_status_ == SITE_CONNECTION_STATUS_MIXED_CONTENT || |
544 site_identity_status_ == SITE_IDENTITY_STATUS_ERROR || | 588 site_identity_status_ == SITE_IDENTITY_STATUS_ERROR || |
(...skipping 113 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
658 info.connection_status = site_connection_status_; | 702 info.connection_status = site_connection_status_; |
659 info.connection_status_description = | 703 info.connection_status_description = |
660 UTF16ToUTF8(site_connection_details_); | 704 UTF16ToUTF8(site_connection_details_); |
661 info.identity_status = site_identity_status_; | 705 info.identity_status = site_identity_status_; |
662 info.identity_status_description = | 706 info.identity_status_description = |
663 UTF16ToUTF8(site_identity_details_); | 707 UTF16ToUTF8(site_identity_details_); |
664 info.cert_id = cert_id_; | 708 info.cert_id = cert_id_; |
665 info.signed_certificate_timestamp_ids.assign( | 709 info.signed_certificate_timestamp_ids.assign( |
666 signed_certificate_timestamp_ids_.begin(), | 710 signed_certificate_timestamp_ids_.begin(), |
667 signed_certificate_timestamp_ids_.end()); | 711 signed_certificate_timestamp_ids_.end()); |
| 712 info.show_ssl_decision_revoke_button = show_ssl_decision_revoke_button_; |
668 ui_->SetIdentityInfo(info); | 713 ui_->SetIdentityInfo(info); |
669 } | 714 } |
670 | 715 |
671 void WebsiteSettings::PresentHistoryInfo(base::Time first_visit) { | 716 void WebsiteSettings::PresentHistoryInfo(base::Time first_visit) { |
672 if (first_visit == base::Time()) { | 717 if (first_visit == base::Time()) { |
673 ui_->SetFirstVisit(base::string16()); | 718 ui_->SetFirstVisit(base::string16()); |
674 return; | 719 return; |
675 } | 720 } |
676 | 721 |
677 bool visited_before_today = false; | 722 bool visited_before_today = false; |
678 base::Time today = base::Time::Now().LocalMidnight(); | 723 base::Time today = base::Time::Now().LocalMidnight(); |
679 base::Time first_visit_midnight = first_visit.LocalMidnight(); | 724 base::Time first_visit_midnight = first_visit.LocalMidnight(); |
680 visited_before_today = (first_visit_midnight < today); | 725 visited_before_today = (first_visit_midnight < today); |
681 | 726 |
682 base::string16 first_visit_text; | 727 base::string16 first_visit_text; |
683 if (visited_before_today) { | 728 if (visited_before_today) { |
684 first_visit_text = l10n_util::GetStringFUTF16( | 729 first_visit_text = l10n_util::GetStringFUTF16( |
685 IDS_PAGE_INFO_SECURITY_TAB_VISITED_BEFORE_TODAY, | 730 IDS_PAGE_INFO_SECURITY_TAB_VISITED_BEFORE_TODAY, |
686 base::TimeFormatShortDate(first_visit)); | 731 base::TimeFormatShortDate(first_visit)); |
687 } else { | 732 } else { |
688 first_visit_text = l10n_util::GetStringUTF16( | 733 first_visit_text = l10n_util::GetStringUTF16( |
689 IDS_PAGE_INFO_SECURITY_TAB_FIRST_VISITED_TODAY); | 734 IDS_PAGE_INFO_SECURITY_TAB_FIRST_VISITED_TODAY); |
690 } | 735 } |
691 ui_->SetFirstVisit(first_visit_text); | 736 ui_->SetFirstVisit(first_visit_text); |
692 } | 737 } |
OLD | NEW |