OLD | NEW |
---|---|
1 // Copyright 2012 The Chromium Authors. All rights reserved. | 1 // Copyright 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/ui/toolbar/toolbar_model_impl.h" | 5 #include "chrome/browser/ui/toolbar/toolbar_model_impl.h" |
6 | 6 |
7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
8 #include "base/metrics/field_trial.h" | |
8 #include "base/prefs/pref_service.h" | 9 #include "base/prefs/pref_service.h" |
9 #include "base/strings/utf_string_conversions.h" | 10 #include "base/strings/utf_string_conversions.h" |
11 #include "base/time/time.h" | |
10 #include "chrome/browser/autocomplete/autocomplete_classifier.h" | 12 #include "chrome/browser/autocomplete/autocomplete_classifier.h" |
11 #include "chrome/browser/autocomplete/autocomplete_classifier_factory.h" | 13 #include "chrome/browser/autocomplete/autocomplete_classifier_factory.h" |
12 #include "chrome/browser/autocomplete/chrome_autocomplete_scheme_classifier.h" | 14 #include "chrome/browser/autocomplete/chrome_autocomplete_scheme_classifier.h" |
13 #include "chrome/browser/profiles/profile.h" | 15 #include "chrome/browser/profiles/profile.h" |
14 #include "chrome/browser/search/search.h" | 16 #include "chrome/browser/search/search.h" |
15 #include "chrome/browser/ssl/ssl_error_info.h" | 17 #include "chrome/browser/ssl/ssl_error_info.h" |
16 #include "chrome/browser/ui/toolbar/toolbar_model_delegate.h" | 18 #include "chrome/browser/ui/toolbar/toolbar_model_delegate.h" |
17 #include "chrome/common/chrome_constants.h" | 19 #include "chrome/common/chrome_constants.h" |
18 #include "chrome/common/chrome_switches.h" | 20 #include "chrome/common/chrome_switches.h" |
19 #include "chrome/common/pref_names.h" | 21 #include "chrome/common/pref_names.h" |
(...skipping 19 matching lines...) Expand all Loading... | |
39 #if defined(OS_CHROMEOS) | 41 #if defined(OS_CHROMEOS) |
40 #include "chrome/browser/chromeos/policy/policy_cert_service.h" | 42 #include "chrome/browser/chromeos/policy/policy_cert_service.h" |
41 #include "chrome/browser/chromeos/policy/policy_cert_service_factory.h" | 43 #include "chrome/browser/chromeos/policy/policy_cert_service_factory.h" |
42 #endif | 44 #endif |
43 | 45 |
44 using content::NavigationController; | 46 using content::NavigationController; |
45 using content::NavigationEntry; | 47 using content::NavigationEntry; |
46 using content::SSLStatus; | 48 using content::SSLStatus; |
47 using content::WebContents; | 49 using content::WebContents; |
48 | 50 |
51 namespace { | |
52 | |
53 // The internal representation of the dates for UI treatment of SHA-1. | |
54 // See http://crbug.com/401365 for details | |
55 static const int64_t kJanuary2017 = INT64_C(13127702400000000); | |
56 static const int64_t kJune2016 = INT64_C(13109213000000000); | |
57 static const int64_t kJanuary2016 = INT64_C(13096080000000000); | |
Peter Kasting
2014/09/29 20:25:52
Nit: Declare constants in the most local scope pos
| |
58 | |
59 // Converts a SHA-1 field trial group into the appropriate SecurityLevel. | |
60 bool GetSecurityLevelForFieldTrialGroup(const std::string& group, | |
61 ToolbarModel::SecurityLevel* level) { | |
62 if (group == "Error") { | |
63 *level = ToolbarModel::SECURITY_ERROR; | |
64 return true; | |
65 } | |
66 if (group == "Warning") { | |
67 *level = ToolbarModel::SECURITY_WARNING; | |
68 return true; | |
69 } | |
70 if (group == "HTTP") { | |
71 *level = ToolbarModel::NONE; | |
72 return true; | |
73 } | |
74 return false; | |
Peter Kasting
2014/09/29 20:25:52
Nit: Shorter:
if (group == "Error")
*level
| |
75 } | |
76 | |
77 } // namespace | |
78 | |
49 ToolbarModelImpl::ToolbarModelImpl(ToolbarModelDelegate* delegate) | 79 ToolbarModelImpl::ToolbarModelImpl(ToolbarModelDelegate* delegate) |
50 : delegate_(delegate) { | 80 : delegate_(delegate) { |
51 } | 81 } |
52 | 82 |
53 ToolbarModelImpl::~ToolbarModelImpl() { | 83 ToolbarModelImpl::~ToolbarModelImpl() { |
54 } | 84 } |
55 | 85 |
56 // static | 86 // static |
57 ToolbarModel::SecurityLevel ToolbarModelImpl::GetSecurityLevelForWebContents( | 87 ToolbarModel::SecurityLevel ToolbarModelImpl::GetSecurityLevelForWebContents( |
58 content::WebContents* web_contents) { | 88 content::WebContents* web_contents) { |
(...skipping 16 matching lines...) Expand all Loading... | |
75 case content::SECURITY_STYLE_AUTHENTICATED: { | 105 case content::SECURITY_STYLE_AUTHENTICATED: { |
76 #if defined(OS_CHROMEOS) | 106 #if defined(OS_CHROMEOS) |
77 policy::PolicyCertService* service = | 107 policy::PolicyCertService* service = |
78 policy::PolicyCertServiceFactory::GetForProfile( | 108 policy::PolicyCertServiceFactory::GetForProfile( |
79 Profile::FromBrowserContext(web_contents->GetBrowserContext())); | 109 Profile::FromBrowserContext(web_contents->GetBrowserContext())); |
80 if (service && service->UsedPolicyCertificates()) | 110 if (service && service->UsedPolicyCertificates()) |
81 return SECURITY_POLICY_WARNING; | 111 return SECURITY_POLICY_WARNING; |
82 #endif | 112 #endif |
83 if (!!(ssl.content_status & SSLStatus::DISPLAYED_INSECURE_CONTENT)) | 113 if (!!(ssl.content_status & SSLStatus::DISPLAYED_INSECURE_CONTENT)) |
84 return SECURITY_WARNING; | 114 return SECURITY_WARNING; |
115 scoped_refptr<net::X509Certificate> cert; | |
116 if (content::CertStore::GetInstance()->RetrieveCert(ssl.cert_id, &cert) && | |
117 (ssl.cert_status & net::CERT_STATUS_SHA1_SIGNATURE_PRESENT)) { | |
118 ToolbarModel::SecurityLevel security_level = NONE; | |
119 if (cert->valid_expiry() >= | |
Peter Kasting
2014/09/29 20:25:52
Nit: I wonder if this could be condensed some by d
| |
120 base::Time::FromInternalValue(kJanuary2017)) { | |
121 if (GetSecurityLevelForFieldTrialGroup( | |
Peter Kasting
2014/09/29 20:25:52
You should probably document why you're using fiel
| |
122 base::FieldTrialList::FindFullName( | |
123 "SHA1ToolbarUIJanuary2017"), | |
124 &security_level)) { | |
125 return security_level; | |
126 } | |
127 } else if (cert->valid_expiry() >= | |
128 base::Time::FromInternalValue(kJune2016)) { | |
129 if (GetSecurityLevelForFieldTrialGroup( | |
130 base::FieldTrialList::FindFullName("SHA1ToolbarUIJune2016"), | |
131 &security_level)) { | |
132 return security_level; | |
133 } | |
134 } else if (cert->valid_expiry() >= | |
135 base::Time::FromInternalValue(kJanuary2016)) { | |
136 if (GetSecurityLevelForFieldTrialGroup( | |
137 base::FieldTrialList::FindFullName( | |
138 "SHA1ToolbarUIJanuary2016"), | |
139 &security_level)) { | |
140 return security_level; | |
141 } | |
142 } | |
143 } | |
85 if (net::IsCertStatusError(ssl.cert_status)) { | 144 if (net::IsCertStatusError(ssl.cert_status)) { |
86 DCHECK(net::IsCertStatusMinorError(ssl.cert_status)); | 145 DCHECK(net::IsCertStatusMinorError(ssl.cert_status)); |
87 return SECURITY_WARNING; | 146 return SECURITY_WARNING; |
88 } | 147 } |
89 if ((ssl.cert_status & net::CERT_STATUS_IS_EV) && | 148 if ((ssl.cert_status & net::CERT_STATUS_IS_EV) && cert.get()) |
Peter Kasting
2014/09/29 20:25:52
Nit: Technically, this assumes that RetrieveCert()
Ryan Sleevi
2014/09/30 00:15:50
Yup!
| |
90 content::CertStore::GetInstance()->RetrieveCert(ssl.cert_id, NULL)) | |
91 return EV_SECURE; | 149 return EV_SECURE; |
92 return SECURE; | 150 return SECURE; |
93 } | 151 } |
94 default: | 152 default: |
95 NOTREACHED(); | 153 NOTREACHED(); |
96 return NONE; | 154 return NONE; |
97 } | 155 } |
98 } | 156 } |
99 | 157 |
100 // ToolbarModelImpl Implementation. | 158 // ToolbarModelImpl Implementation. |
(...skipping 228 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
329 if (entry && | 387 if (entry && |
330 google_util::StartsWithCommandLineGoogleBaseURL(entry->GetVirtualURL())) | 388 google_util::StartsWithCommandLineGoogleBaseURL(entry->GetVirtualURL())) |
331 return search_terms; | 389 return search_terms; |
332 | 390 |
333 // Otherwise, extract search terms for HTTPS pages that do not have a security | 391 // Otherwise, extract search terms for HTTPS pages that do not have a security |
334 // error. | 392 // error. |
335 ToolbarModel::SecurityLevel security_level = GetSecurityLevel(ignore_editing); | 393 ToolbarModel::SecurityLevel security_level = GetSecurityLevel(ignore_editing); |
336 return ((security_level == NONE) || (security_level == SECURITY_ERROR)) ? | 394 return ((security_level == NONE) || (security_level == SECURITY_ERROR)) ? |
337 base::string16() : search_terms; | 395 base::string16() : search_terms; |
338 } | 396 } |
OLD | NEW |