OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CONTENT_PUBLIC_BROWSER_SSL_HOST_STATE_DELEGATE_H_ | 5 #ifndef CONTENT_PUBLIC_BROWSER_SSL_HOST_STATE_DELEGATE_H_ |
6 #define CONTENT_PUBLIC_BROWSER_SSL_HOST_STATE_DELEGATE_H_ | 6 #define CONTENT_PUBLIC_BROWSER_SSL_HOST_STATE_DELEGATE_H_ |
7 | 7 |
8 #include "base/memory/ref_counted.h" | 8 #include "base/memory/ref_counted.h" |
9 #include "base/memory/scoped_ptr.h" | 9 #include "base/memory/scoped_ptr.h" |
| 10 #include "base/threading/non_thread_safe.h" |
10 #include "content/common/content_export.h" | 11 #include "content/common/content_export.h" |
11 #include "net/cert/x509_certificate.h" | 12 #include "net/cert/x509_certificate.h" |
12 | 13 |
13 namespace content { | 14 namespace content { |
14 | 15 |
| 16 // The SSLHostStateDelegate encapulates the host-specific state for SSL errors. |
| 17 // For example, SSLHostStateDelegate remembers whether the user has whitelisted |
| 18 // a particular broken cert for use with particular host. We separate this |
| 19 // state from the SSLManager because this state is shared across many navigation |
| 20 // controllers. |
| 21 // |
15 // SSLHostStateDelegate may be implemented by the embedder to provide a storage | 22 // SSLHostStateDelegate may be implemented by the embedder to provide a storage |
16 // strategy for certificate decisions. | 23 // strategy for certificate decisions or it may be left unimplemented to use a |
| 24 // default strategy of not remembering decisions at all. |
17 class SSLHostStateDelegate { | 25 class SSLHostStateDelegate { |
18 public: | 26 public: |
19 // Records that |cert| is not permitted to be used for |host| in the future, | 27 // Records that |cert| is not permitted to be used for |host| in the future, |
20 // for a specified |error| type. | 28 // for a specified |error| type. |
21 virtual void DenyCert(const std::string& host, | 29 virtual void DenyCert(const std::string& host, |
22 net::X509Certificate* cert, | 30 net::X509Certificate* cert, |
23 net::CertStatus error) = 0; | 31 net::CertStatus error) = 0; |
24 | 32 |
25 // Records that |cert| is permitted to be used for |host| in the future, for | 33 // Records that |cert| is permitted to be used for |host| in the future, for |
26 // a specified |error| type. | 34 // a specified |error| type. |
27 virtual void AllowCert(const std::string&, | 35 virtual void AllowCert(const std::string&, |
28 net::X509Certificate* cert, | 36 net::X509Certificate* cert, |
29 net::CertStatus error) = 0; | 37 net::CertStatus error) = 0; |
30 | 38 |
31 // Clear all allow/deny preferences. | 39 // Clear all allow/deny preferences. |
32 virtual void Clear() = 0; | 40 virtual void Clear() = 0; |
33 | 41 |
34 // Queries whether |cert| is allowed or denied for |host| and |error|. | 42 // Queries whether |cert| is allowed or denied for |host| and |error|. |
35 virtual net::CertPolicy::Judgment QueryPolicy(const std::string& host, | 43 virtual net::CertPolicy::Judgment QueryPolicy(const std::string& host, |
36 net::X509Certificate* cert, | 44 net::X509Certificate* cert, |
37 net::CertStatus error) = 0; | 45 net::CertStatus error) = 0; |
38 | 46 |
39 // Revoke all allow/deny preferences for |host|. | 47 // Records that a host has run insecure content. |
40 virtual void RevokeAllowAndDenyPreferences(const std::string& host) = 0; | 48 virtual void HostRanInsecureContent(const std::string& host, int pid) = 0; |
41 | 49 |
42 // Returns true if any decisions has been recorded for |host|, otherwise | 50 // Returns whether the specified host ran insecure content. |
43 // false. | 51 virtual bool DidHostRunInsecureContent(const std::string& host, |
44 virtual bool HasAllowedOrDeniedCert(const std::string& host) = 0; | 52 int pid) const = 0; |
45 | 53 |
46 protected: | 54 protected: |
47 virtual ~SSLHostStateDelegate() {} | 55 virtual ~SSLHostStateDelegate() {} |
48 }; | 56 }; |
49 | 57 |
50 } // namespace content | 58 } // namespace content |
51 | 59 |
52 #endif // CONTENT_PUBLIC_BROWSER_SSL_HOST_STATE_DELEGATE_H_ | 60 #endif // CONTENT_PUBLIC_BROWSER_SSL_HOST_STATE_DELEGATE_H_ |
OLD | NEW |