Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1555)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/browser/ssl/ssl_policy.cc

Issue 450833002: Add additional UMA stats for remembering certificate decisions. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Fixes from felt comments Created 6 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« chrome/browser/ssl/ssl_blocking_page.cc ('K') | « content/browser/ssl/ssl_policy.h ('k') | content/browser/ssl/ssl_policy_backend.h » ('j') | content/public/browser/ssl_host_state_delegate.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/browser/ssl/ssl_policy.cc
diff --git a/content/browser/ssl/ssl_policy.cc b/content/browser/ssl/ssl_policy.cc
index c06c7db852c97d6ca4bc75aaa7d1d608fc54c972..9ea25f924a7670920d67c09ceabbff47e4b32f8e 100644
--- a/content/browser/ssl/ssl_policy.cc
+++ b/content/browser/ssl/ssl_policy.cc
@@ -32,11 +32,13 @@ SSLPolicy::SSLPolicy(SSLPolicyBackend* backend)
}
void SSLPolicy::OnCertError(SSLCertErrorHandler* handler) {
+ bool expired_previous_decision;
// First we check if we know the policy for this error.
net::CertPolicy::Judgment judgment =
backend_->QueryPolicy(handler->ssl_info().cert.get(),
handler->request_url().host(),
- handler->cert_error());
+ handler->cert_error(),
+ &expired_previous_decision);
if (judgment == net::CertPolicy::ALLOWED) {
handler->ContinueRequest();
@@ -54,7 +56,10 @@ void SSLPolicy::OnCertError(SSLCertErrorHandler* handler) {
case net::ERR_CERT_WEAK_SIGNATURE_ALGORITHM:
case net::ERR_CERT_WEAK_KEY:
case net::ERR_CERT_NAME_CONSTRAINT_VIOLATION:
- OnCertErrorInternal(handler, !handler->fatal(), handler->fatal());
+ OnCertErrorInternal(handler,
+ !handler->fatal(),
+ handler->fatal(),
+ expired_previous_decision);
break;
case net::ERR_CERT_NO_REVOCATION_MECHANISM:
// Ignore this error.
@@ -70,7 +75,8 @@ void SSLPolicy::OnCertError(SSLCertErrorHandler* handler) {
case net::ERR_CERT_INVALID:
case net::ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY:
case net::ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN:
- OnCertErrorInternal(handler, false, handler->fatal());
+ OnCertErrorInternal(
+ handler, false, handler->fatal(), expired_previous_decision);
break;
default:
NOTREACHED();
@@ -183,7 +189,8 @@ void SSLPolicy::OnAllowCertificate(scoped_refptr<SSLCertErrorHandler> handler,
void SSLPolicy::OnCertErrorInternal(SSLCertErrorHandler* handler,
bool overridable,
- bool strict_enforcement) {
+ bool strict_enforcement,
+ bool expired_previous_decision) {
CertificateRequestResultType result =
CERTIFICATE_REQUEST_RESULT_TYPE_CONTINUE;
GetContentClient()->browser()->AllowCertificateError(
@@ -195,7 +202,9 @@ void SSLPolicy::OnCertErrorInternal(SSLCertErrorHandler* handler,
handler->resource_type(),
overridable,
strict_enforcement,
- base::Bind(&SSLPolicy::OnAllowCertificate, base::Unretained(this),
+ expired_previous_decision,
+ base::Bind(&SSLPolicy::OnAllowCertificate,
+ base::Unretained(this),
make_scoped_refptr(handler)),
&result);
switch (result) {
« chrome/browser/ssl/ssl_blocking_page.cc ('K') | « content/browser/ssl/ssl_policy.h ('k') | content/browser/ssl/ssl_policy_backend.h » ('j') | content/public/browser/ssl_host_state_delegate.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698