Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1406)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/public/browser/ssl_host_state_delegate.h

Issue 418133012: Add button to page info to revoke user certificate decisions. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Address some pkasting nits Created 6 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « content/content_browser.gypi ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/public/browser/ssl_host_state_delegate.h
diff --git a/content/public/browser/ssl_host_state_delegate.h b/content/public/browser/ssl_host_state_delegate.h
index 859a4e78be5fce2548dc41fa09af757927fbc55d..2476199d313745ebc97e9bdd2ff5dfd16032f15e 100644
--- a/content/public/browser/ssl_host_state_delegate.h
+++ b/content/public/browser/ssl_host_state_delegate.h
@@ -7,13 +7,21 @@
#include "base/memory/ref_counted.h"
#include "base/memory/scoped_ptr.h"
+#include "base/threading/non_thread_safe.h"
#include "content/common/content_export.h"
#include "net/cert/x509_certificate.h"
namespace content {
+// The SSLHostStateDelegate encapulates the host-specific state for SSL errors.
+// For example, SSLHostStateDelegate remembers whether the user has whitelisted
+// a particular broken cert for use with particular host. We separate this
+// state from the SSLManager because this state is shared across many navigation
+// controllers.
+//
// SSLHostStateDelegate may be implemented by the embedder to provide a storage
-// strategy for certificate decisions.
+// strategy for certificate decisions or it may be left unimplemented to use a
+// default strategy of not remembering decisions at all.
class SSLHostStateDelegate {
public:
// Records that |cert| is not permitted to be used for |host| in the future,
@@ -36,12 +44,23 @@ class SSLHostStateDelegate {
net::X509Certificate* cert,
net::CertStatus error) = 0;
- // Revoke all allow/deny preferences for |host|.
- virtual void RevokeAllowAndDenyPreferences(const std::string& host) = 0;
+ // Revoke all user decisions for |host|. The RevokeUserDecisionsHard version
+ // may close idle connections in the process. This version should be used
+ // *only* for rare events, such as a user controlled button, as it may be very
+ // disruptive to the networking stack.
+ virtual void RevokeUserDecisions(const std::string& host) = 0;
+ virtual void RevokeUserDecisionsHard(const std::string& host) = 0;
jam 2014/08/12 02:24:54 these two methods appear to be called from chrome
jww 2014/08/12 04:41:19 Done. HasUserDecision is the same, so I also moved
// Returns true if any decisions has been recorded for |host|, otherwise
// false.
- virtual bool HasAllowedOrDeniedCert(const std::string& host) = 0;
+ virtual bool HasUserDecision(const std::string& host) = 0;
+
+ // Records that a host has run insecure content.
+ virtual void HostRanInsecureContent(const std::string& host, int pid) = 0;
+
+ // Returns whether the specified host ran insecure content.
+ virtual bool DidHostRunInsecureContent(const std::string& host,
+ int pid) const = 0;
protected:
virtual ~SSLHostStateDelegate() {}
« no previous file with comments | « content/content_browser.gypi ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698