Index: content/public/browser/ssl_host_state.h |
diff --git a/content/public/browser/ssl_host_state.h b/content/public/browser/ssl_host_state.h |
new file mode 100644 |
index 0000000000000000000000000000000000000000..04b532d52d6139ed0b0f16d331d845f4ea7def02 |
--- /dev/null |
+++ b/content/public/browser/ssl_host_state.h |
@@ -0,0 +1,78 @@ |
+// Copyright (c) 2012 The Chromium Authors. All rights reserved. |
+// Use of this source code is governed by a BSD-style license that can be |
+// found in the LICENSE file. |
+ |
+#ifndef CONTENT_PUBLIC_BROWSER_SSL_SSL_HOST_STATE_H_ |
+#define CONTENT_PUBLIC_BROWSER_SSL_SSL_HOST_STATE_H_ |
+ |
+#include <map> |
+#include <set> |
+#include <string> |
+ |
+#include "base/basictypes.h" |
+#include "base/compiler_specific.h" |
+#include "base/supports_user_data.h" |
+#include "base/threading/non_thread_safe.h" |
+#include "content/common/content_export.h" |
+#include "net/cert/cert_status_flags.h" |
+#include "net/cert/x509_certificate.h" |
+ |
+namespace content { |
+class BrowserContext; |
+ |
+// SSLHostState |
+// |
+// The SSLHostState encapulates the host-specific state for SSL errors. For |
+// example, SSLHostState remembers whether the user has whitelisted a |
+// particular broken cert for use with particular host. We separate this state |
+// from the SSLManager because this state is shared across many navigation |
+// controllers. |
+ |
+class SSLHostState : NON_EXPORTED_BASE(base::SupportsUserData::Data), |
Charlie Reis
2014/07/28 20:16:24
We're generally very stingy with adding new concep
jam
2014/07/28 23:06:20
correct, Joe: see http://www.chromium.org/develope
jww
2014/08/06 00:51:47
I particularly like the BrowserContext suggestion;
|
+ NON_EXPORTED_BASE(public base::NonThreadSafe) { |
+ public: |
+ CONTENT_EXPORT static SSLHostState* GetFor(BrowserContext* browser_context); |
+ |
+ SSLHostState() {} |
+ virtual ~SSLHostState() {} |
+ |
+ // Records that a host has run insecure content. |
+ virtual void HostRanInsecureContent(const std::string& host, int pid) = 0; |
+ |
+ // Returns whether the specified host ran insecure content. |
+ virtual bool DidHostRunInsecureContent(const std::string& host, |
+ int pid) const = 0; |
+ |
+ // Records that |cert| is not permitted to be used for |host| in the future, |
+ // for a specified |error| type. |
+ virtual void DenyCertForHost(net::X509Certificate* cert, |
+ const std::string& host, |
+ net::CertStatus error) = 0; |
+ |
+ // Records that |cert| is permitted to be used for |host| in the future, for |
+ // a specified |error| type. |
+ virtual void AllowCertForHost(net::X509Certificate* cert, |
+ const std::string& host, |
+ net::CertStatus error) = 0; |
+ |
+ // Clear all allow/deny preferences. |
+ virtual void Clear() = 0; |
+ |
+ // Revoke all allow/deny preferences for a given host. May close idle |
+ // HTTP/HTTPS connections in the process. |
+ virtual void RevokeAllowAndDenyPreferences(const std::string& host) = 0; |
+ |
+ virtual bool HasAllowedOrDeniedCert(const std::string& host) = 0; |
+ |
+ // Queries whether |cert| is allowed or denied for |host| and |error|. |
+ virtual net::CertPolicy::Judgment QueryPolicy(net::X509Certificate* cert, |
+ const std::string& host, |
+ net::CertStatus error) = 0; |
+ |
+ private: |
+ DISALLOW_COPY_AND_ASSIGN(SSLHostState); |
+}; |
+ |
+} // namespace content |
+ |
+#endif // CONTENT_PUBLIC_BROWSER_SSL_SSL_HOST_STATE_H_ |