Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(5)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/public/browser/ssl_host_state_delegate.h

Issue 465133004: Remove DenyCertForHost from SSLHostStateDelegate API. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Removed UNKNOWN and CertPolicy Created 6 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« content/browser/ssl/ssl_policy.cc ('K') | « content/browser/ssl/ssl_policy_backend.cc ('k') | net/cert/x509_cert_types.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/public/browser/ssl_host_state_delegate.h
diff --git a/content/public/browser/ssl_host_state_delegate.h b/content/public/browser/ssl_host_state_delegate.h
index bcacd7fdef1aa08b47496abf9344090809df2dd5..9612697bd4a91936acb40c821151fc0b872a3b36 100644
--- a/content/public/browser/ssl_host_state_delegate.h
+++ b/content/public/browser/ssl_host_state_delegate.h
@@ -24,11 +24,14 @@ namespace content {
// default strategy of not remembering decisions at all.
class SSLHostStateDelegate {
public:
- // Records that |cert| is not permitted to be used for |host| in the future,
- // for a specified |error| type.
- virtual void DenyCert(const std::string& host,
- net::X509Certificate* cert,
- net::CertStatus error) = 0;
+ // The judgements that can be reached by a user for invalid certificates.
+ enum CertJudgment {
+ // This certificate is denied.
+ DENIED,
+
+ // This certificate is allowed.
+ ALLOWED,
+ };
// Records that |cert| is permitted to be used for |host| in the future, for
// a specified |error| type.
@@ -36,17 +39,18 @@ class SSLHostStateDelegate {
net::X509Certificate* cert,
net::CertStatus error) = 0;
- // Clear all allow/deny preferences.
+ // Clear all allow preferences.
virtual void Clear() = 0;
- // Queries whether |cert| is allowed or denied for |host| and |error|. Returns
- // true in |expired_previous_decision| if a previous user decision expired
- // immediately prior to this query, otherwise false.
- virtual net::CertPolicy::Judgment QueryPolicy(
- const std::string& host,
- net::X509Certificate* cert,
- net::CertStatus error,
- bool* expired_previous_decision) = 0;
+ // Queries whether |cert| is allowed for |host| and |error|. Returns true in
+ // |expired_previous_decision| if a previous user decision expired immediately
+ // prior to this query, otherwise false. Since the API does not currently
+ // provide a way to deny certs, QueryPolicy guarantees to return either
+ // ALLOWED or UNKNOWN but never DENIED.
+ virtual CertJudgment QueryPolicy(const std::string& host,
+ net::X509Certificate* cert,
+ net::CertStatus error,
+ bool* expired_previous_decision) = 0;
// Records that a host has run insecure content.
virtual void HostRanInsecureContent(const std::string& host, int pid) = 0;
« content/browser/ssl/ssl_policy.cc ('K') | « content/browser/ssl/ssl_policy_backend.cc ('k') | net/cert/x509_cert_types.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698