OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/ui/website_settings/website_settings.h" | 5 #include "chrome/browser/ui/website_settings/website_settings.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 #include <vector> | 8 #include <vector> |
9 | 9 |
10 #include "base/bind.h" | 10 #include "base/bind.h" |
(...skipping 383 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
394 site_identity_details_ += ASCIIToUTF16("\n\n"); | 394 site_identity_details_ += ASCIIToUTF16("\n\n"); |
395 if (ssl.cert_status & net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION) { | 395 if (ssl.cert_status & net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION) { |
396 site_identity_details_ += l10n_util::GetStringUTF16( | 396 site_identity_details_ += l10n_util::GetStringUTF16( |
397 IDS_PAGE_INFO_SECURITY_TAB_UNABLE_TO_CHECK_REVOCATION); | 397 IDS_PAGE_INFO_SECURITY_TAB_UNABLE_TO_CHECK_REVOCATION); |
398 } else if (ssl.cert_status & net::CERT_STATUS_NO_REVOCATION_MECHANISM) { | 398 } else if (ssl.cert_status & net::CERT_STATUS_NO_REVOCATION_MECHANISM) { |
399 site_identity_details_ += l10n_util::GetStringUTF16( | 399 site_identity_details_ += l10n_util::GetStringUTF16( |
400 IDS_PAGE_INFO_SECURITY_TAB_NO_REVOCATION_MECHANISM); | 400 IDS_PAGE_INFO_SECURITY_TAB_NO_REVOCATION_MECHANISM); |
401 } else { | 401 } else { |
402 NOTREACHED() << "Need to specify string for this warning"; | 402 NOTREACHED() << "Need to specify string for this warning"; |
403 } | 403 } |
404 } else if (ssl.cert_status & net::CERT_STATUS_IS_EV) { | 404 } else { |
405 // EV HTTPS page. | 405 if (ssl.cert_status & net::CERT_STATUS_IS_EV) { |
Peter Kasting
2014/09/29 20:25:52
This function is sure long with lots of nested con
| |
406 site_identity_status_ = GetSiteIdentityStatusByCTInfo( | 406 // EV HTTPS page. |
407 ssl.signed_certificate_timestamp_ids, true); | 407 site_identity_status_ = GetSiteIdentityStatusByCTInfo( |
408 DCHECK(!cert->subject().organization_names.empty()); | 408 ssl.signed_certificate_timestamp_ids, true); |
409 organization_name_ = UTF8ToUTF16(cert->subject().organization_names[0]); | 409 DCHECK(!cert->subject().organization_names.empty()); |
410 // An EV Cert is required to have a city (localityName) and country but | 410 organization_name_ = UTF8ToUTF16(cert->subject().organization_names[0]); |
411 // state is "if any". | 411 // An EV Cert is required to have a city (localityName) and country but |
412 DCHECK(!cert->subject().locality_name.empty()); | 412 // state is "if any". |
413 DCHECK(!cert->subject().country_name.empty()); | 413 DCHECK(!cert->subject().locality_name.empty()); |
414 base::string16 locality; | 414 DCHECK(!cert->subject().country_name.empty()); |
415 if (!cert->subject().state_or_province_name.empty()) { | 415 base::string16 locality; |
416 locality = l10n_util::GetStringFUTF16( | 416 if (!cert->subject().state_or_province_name.empty()) { |
417 IDS_PAGEINFO_ADDRESS, | 417 locality = l10n_util::GetStringFUTF16( |
418 UTF8ToUTF16(cert->subject().locality_name), | 418 IDS_PAGEINFO_ADDRESS, |
419 UTF8ToUTF16(cert->subject().state_or_province_name), | 419 UTF8ToUTF16(cert->subject().locality_name), |
420 UTF8ToUTF16(cert->subject().country_name)); | 420 UTF8ToUTF16(cert->subject().state_or_province_name), |
421 UTF8ToUTF16(cert->subject().country_name)); | |
422 } else { | |
423 locality = l10n_util::GetStringFUTF16( | |
424 IDS_PAGEINFO_PARTIAL_ADDRESS, | |
425 UTF8ToUTF16(cert->subject().locality_name), | |
426 UTF8ToUTF16(cert->subject().country_name)); | |
427 } | |
428 DCHECK(!cert->subject().organization_names.empty()); | |
429 site_identity_details_.assign(l10n_util::GetStringFUTF16( | |
430 GetSiteIdentityDetailsMessageByCTInfo( | |
431 ssl.signed_certificate_timestamp_ids, true /* is EV */), | |
432 UTF8ToUTF16(cert->subject().organization_names[0]), | |
433 locality, | |
434 UTF8ToUTF16(cert->issuer().GetDisplayName()))); | |
421 } else { | 435 } else { |
422 locality = l10n_util::GetStringFUTF16( | 436 // Non-EV OK HTTPS page. |
423 IDS_PAGEINFO_PARTIAL_ADDRESS, | 437 site_identity_status_ = GetSiteIdentityStatusByCTInfo( |
424 UTF8ToUTF16(cert->subject().locality_name), | 438 ssl.signed_certificate_timestamp_ids, false); |
425 UTF8ToUTF16(cert->subject().country_name)); | 439 base::string16 issuer_name( |
440 UTF8ToUTF16(cert->issuer().GetDisplayName())); | |
441 if (issuer_name.empty()) { | |
442 issuer_name.assign(l10n_util::GetStringUTF16( | |
443 IDS_PAGE_INFO_SECURITY_TAB_UNKNOWN_PARTY)); | |
444 } | |
445 | |
446 site_identity_details_.assign(l10n_util::GetStringFUTF16( | |
447 GetSiteIdentityDetailsMessageByCTInfo( | |
448 ssl.signed_certificate_timestamp_ids, false /* not EV */), | |
449 issuer_name)); | |
426 } | 450 } |
427 DCHECK(!cert->subject().organization_names.empty()); | 451 // The date after which no new SHA-1 certificates may be issued. |
428 site_identity_details_.assign(l10n_util::GetStringFUTF16( | 452 // 2016-01-01 00:00:00 UTC |
429 GetSiteIdentityDetailsMessageByCTInfo( | 453 static const int64_t kSHA1LastIssuanceDate = INT64_C(13096080000000000); |
Peter Kasting
2014/09/29 20:25:53
See comments in toolbar_model_impl.cc.
| |
430 ssl.signed_certificate_timestamp_ids, true /* is EV */), | 454 if ((ssl.cert_status & net::CERT_STATUS_SHA1_SIGNATURE_PRESENT) && |
431 UTF8ToUTF16(cert->subject().organization_names[0]), | 455 cert->valid_expiry() > |
432 locality, | 456 base::Time::FromInternalValue(kSHA1LastIssuanceDate) && |
433 UTF8ToUTF16(cert->issuer().GetDisplayName()))); | 457 base::FieldTrialList::FindFullName("SHA1IdentityUIWarning") == |
434 } else { | 458 "Enabled") { |
435 // Non-EV OK HTTPS page. | 459 site_identity_status_ = |
436 site_identity_status_ = GetSiteIdentityStatusByCTInfo( | 460 SITE_IDENTITY_STATUS_DEPRECATED_SIGNATURE_ALGORITHM; |
437 ssl.signed_certificate_timestamp_ids, false); | 461 site_identity_details_ += UTF8ToUTF16("\n\n"); |
Peter Kasting
2014/09/29 20:25:53
Nit: Stick a "+" on the end here and add in the ne
| |
438 base::string16 issuer_name(UTF8ToUTF16(cert->issuer().GetDisplayName())); | 462 site_identity_details_ += l10n_util::GetStringUTF16( |
439 if (issuer_name.empty()) { | 463 IDS_PAGE_INFO_SECURITY_TAB_DEPRECATED_SIGNATURE_ALGORITHM); |
440 issuer_name.assign(l10n_util::GetStringUTF16( | |
441 IDS_PAGE_INFO_SECURITY_TAB_UNKNOWN_PARTY)); | |
442 } | 464 } |
443 | |
444 site_identity_details_.assign(l10n_util::GetStringFUTF16( | |
445 GetSiteIdentityDetailsMessageByCTInfo( | |
446 ssl.signed_certificate_timestamp_ids, false /* not EV */), | |
447 issuer_name)); | |
448 } | 465 } |
449 } else { | 466 } else { |
450 // HTTP or HTTPS with errors (not warnings). | 467 // HTTP or HTTPS with errors (not warnings). |
451 site_identity_details_.assign(l10n_util::GetStringUTF16( | 468 site_identity_details_.assign(l10n_util::GetStringUTF16( |
452 IDS_PAGE_INFO_SECURITY_TAB_INSECURE_IDENTITY)); | 469 IDS_PAGE_INFO_SECURITY_TAB_INSECURE_IDENTITY)); |
453 if (ssl.security_style == content::SECURITY_STYLE_UNAUTHENTICATED) | 470 if (ssl.security_style == content::SECURITY_STYLE_UNAUTHENTICATED) |
454 site_identity_status_ = SITE_IDENTITY_STATUS_NO_CERT; | 471 site_identity_status_ = SITE_IDENTITY_STATUS_NO_CERT; |
455 else | 472 else |
456 site_identity_status_ = SITE_IDENTITY_STATUS_ERROR; | 473 site_identity_status_ = SITE_IDENTITY_STATUS_ERROR; |
457 | 474 |
(...skipping 133 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
591 // permissions. In case of a connection error or an issue with the | 608 // permissions. In case of a connection error or an issue with the |
592 // certificate presented by the website, select the connection tab to draw | 609 // certificate presented by the website, select the connection tab to draw |
593 // the user's attention to the issue. If the site does not provide a | 610 // the user's attention to the issue. If the site does not provide a |
594 // certificate because it was loaded over an unencrypted connection, don't | 611 // certificate because it was loaded over an unencrypted connection, don't |
595 // select the connection tab. | 612 // select the connection tab. |
596 WebsiteSettingsUI::TabId tab_id = WebsiteSettingsUI::TAB_ID_PERMISSIONS; | 613 WebsiteSettingsUI::TabId tab_id = WebsiteSettingsUI::TAB_ID_PERMISSIONS; |
597 if (site_connection_status_ == SITE_CONNECTION_STATUS_ENCRYPTED_ERROR || | 614 if (site_connection_status_ == SITE_CONNECTION_STATUS_ENCRYPTED_ERROR || |
598 site_connection_status_ == SITE_CONNECTION_STATUS_MIXED_CONTENT || | 615 site_connection_status_ == SITE_CONNECTION_STATUS_MIXED_CONTENT || |
599 site_identity_status_ == SITE_IDENTITY_STATUS_ERROR || | 616 site_identity_status_ == SITE_IDENTITY_STATUS_ERROR || |
600 site_identity_status_ == SITE_IDENTITY_STATUS_CERT_REVOCATION_UNKNOWN || | 617 site_identity_status_ == SITE_IDENTITY_STATUS_CERT_REVOCATION_UNKNOWN || |
601 site_identity_status_ == SITE_IDENTITY_STATUS_ADMIN_PROVIDED_CERT) | 618 site_identity_status_ == SITE_IDENTITY_STATUS_ADMIN_PROVIDED_CERT || |
619 site_identity_status_ == | |
620 SITE_IDENTITY_STATUS_DEPRECATED_SIGNATURE_ALGORITHM) | |
602 tab_id = WebsiteSettingsUI::TAB_ID_CONNECTION; | 621 tab_id = WebsiteSettingsUI::TAB_ID_CONNECTION; |
603 ui_->SetSelectedTab(tab_id); | 622 ui_->SetSelectedTab(tab_id); |
604 } | 623 } |
605 | 624 |
606 void WebsiteSettings::PresentSitePermissions() { | 625 void WebsiteSettings::PresentSitePermissions() { |
607 PermissionInfoList permission_info_list; | 626 PermissionInfoList permission_info_list; |
608 | 627 |
609 WebsiteSettingsUI::PermissionInfo permission_info; | 628 WebsiteSettingsUI::PermissionInfo permission_info; |
610 for (size_t i = 0; i < arraysize(kPermissionType); ++i) { | 629 for (size_t i = 0; i < arraysize(kPermissionType); ++i) { |
611 permission_info.type = kPermissionType[i]; | 630 permission_info.type = kPermissionType[i]; |
(...skipping 130 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
742 if (visited_before_today) { | 761 if (visited_before_today) { |
743 first_visit_text = l10n_util::GetStringFUTF16( | 762 first_visit_text = l10n_util::GetStringFUTF16( |
744 IDS_PAGE_INFO_SECURITY_TAB_VISITED_BEFORE_TODAY, | 763 IDS_PAGE_INFO_SECURITY_TAB_VISITED_BEFORE_TODAY, |
745 base::TimeFormatShortDate(first_visit)); | 764 base::TimeFormatShortDate(first_visit)); |
746 } else { | 765 } else { |
747 first_visit_text = l10n_util::GetStringUTF16( | 766 first_visit_text = l10n_util::GetStringUTF16( |
748 IDS_PAGE_INFO_SECURITY_TAB_FIRST_VISITED_TODAY); | 767 IDS_PAGE_INFO_SECURITY_TAB_FIRST_VISITED_TODAY); |
749 } | 768 } |
750 ui_->SetFirstVisit(first_visit_text); | 769 ui_->SetFirstVisit(first_visit_text); |
751 } | 770 } |
OLD | NEW |