Index: content/browser/ssl/ssl_host_state_impl.h |
diff --git a/content/browser/ssl/ssl_host_state_impl.h b/content/browser/ssl/ssl_host_state_impl.h |
new file mode 100644 |
index 0000000000000000000000000000000000000000..5267d9b7113717a4d095e4595fa32799b8c295f3 |
--- /dev/null |
+++ b/content/browser/ssl/ssl_host_state_impl.h |
@@ -0,0 +1,69 @@ |
+// Copyright (c) 2012 The Chromium Authors. All rights reserved. |
+// Use of this source code is governed by a BSD-style license that can be |
+// found in the LICENSE file. |
+ |
+#ifndef CONTENT_BROWSER_SSL_SSL_HOST_STATE_H_ |
+#define CONTENT_BROWSER_SSL_SSL_HOST_STATE_H_ |
+ |
+#include <map> |
+#include <set> |
+#include <string> |
+ |
+#include "base/basictypes.h" |
+#include "base/compiler_specific.h" |
+#include "base/supports_user_data.h" |
+#include "base/threading/non_thread_safe.h" |
+#include "content/common/content_export.h" |
+#include "content/public/browser/ssl_host_state.h" |
+#include "net/cert/cert_status_flags.h" |
+#include "net/cert/x509_certificate.h" |
+ |
+namespace content { |
+class BrowserContext; |
+ |
+class CONTENT_EXPORT SSLHostStateImpl : public SSLHostState { |
+ public: |
+ SSLHostStateImpl(); |
+ virtual ~SSLHostStateImpl(); |
+ |
+ virtual void HostRanInsecureContent(const std::string& host, |
+ int pid) OVERRIDE; |
+ |
+ virtual bool DidHostRunInsecureContent(const std::string& host, |
+ int pid) const OVERRIDE; |
+ |
+ virtual void DenyCertForHost(net::X509Certificate* cert, |
+ const std::string& host, |
+ net::CertStatus error) OVERRIDE; |
+ |
+ virtual void AllowCertForHost(net::X509Certificate* cert, |
+ const std::string& host, |
+ net::CertStatus error) OVERRIDE; |
+ |
+ virtual void Clear() OVERRIDE; |
+ |
+ virtual void RevokeAllowAndDenyPreferences(const std::string& host) OVERRIDE; |
+ |
+ virtual bool HasAllowedOrDeniedCert(const std::string& host) OVERRIDE; |
+ |
+ virtual net::CertPolicy::Judgment QueryPolicy(net::X509Certificate* cert, |
+ const std::string& host, |
+ net::CertStatus error) OVERRIDE; |
+ |
+ private: |
+ // A BrokenHostEntry is a pair of (host, process_id) that indicates the host |
+ // contains insecure content in that renderer process. |
+ typedef std::pair<std::string, int> BrokenHostEntry; |
+ |
+ // Hosts which have been contaminated with insecure content in the |
+ // specified process. Note that insecure content can travel between |
+ // same-origin frames in one processs but cannot jump between processes. |
+ std::set<BrokenHostEntry> ran_insecure_content_hosts_; |
+ |
+ // Certificate policies for each host. |
+ std::map<std::string, net::CertPolicy> cert_policy_for_host_; |
+}; |
+ |
+} // namespace content |
+ |
+#endif // CONTENT_BROWSER_SSL_SSL_HOST_STATE_H_ |