OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/ui/website_settings/website_settings.h" | 5 #include "chrome/browser/ui/website_settings/website_settings.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 #include <vector> | 8 #include <vector> |
9 | 9 |
10 #include "base/bind.h" | 10 #include "base/bind.h" |
(...skipping 383 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
394 site_identity_details_ += ASCIIToUTF16("\n\n"); | 394 site_identity_details_ += ASCIIToUTF16("\n\n"); |
395 if (ssl.cert_status & net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION) { | 395 if (ssl.cert_status & net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION) { |
396 site_identity_details_ += l10n_util::GetStringUTF16( | 396 site_identity_details_ += l10n_util::GetStringUTF16( |
397 IDS_PAGE_INFO_SECURITY_TAB_UNABLE_TO_CHECK_REVOCATION); | 397 IDS_PAGE_INFO_SECURITY_TAB_UNABLE_TO_CHECK_REVOCATION); |
398 } else if (ssl.cert_status & net::CERT_STATUS_NO_REVOCATION_MECHANISM) { | 398 } else if (ssl.cert_status & net::CERT_STATUS_NO_REVOCATION_MECHANISM) { |
399 site_identity_details_ += l10n_util::GetStringUTF16( | 399 site_identity_details_ += l10n_util::GetStringUTF16( |
400 IDS_PAGE_INFO_SECURITY_TAB_NO_REVOCATION_MECHANISM); | 400 IDS_PAGE_INFO_SECURITY_TAB_NO_REVOCATION_MECHANISM); |
401 } else { | 401 } else { |
402 NOTREACHED() << "Need to specify string for this warning"; | 402 NOTREACHED() << "Need to specify string for this warning"; |
403 } | 403 } |
404 } else if (ssl.cert_status & net::CERT_STATUS_IS_EV) { | 404 } else { |
405 // EV HTTPS page. | 405 if (ssl.cert_status & net::CERT_STATUS_IS_EV) { |
406 site_identity_status_ = GetSiteIdentityStatusByCTInfo( | 406 // EV HTTPS page. |
407 ssl.signed_certificate_timestamp_ids, true); | 407 site_identity_status_ = GetSiteIdentityStatusByCTInfo( |
408 DCHECK(!cert->subject().organization_names.empty()); | 408 ssl.signed_certificate_timestamp_ids, true); |
409 organization_name_ = UTF8ToUTF16(cert->subject().organization_names[0]); | 409 DCHECK(!cert->subject().organization_names.empty()); |
410 // An EV Cert is required to have a city (localityName) and country but | 410 organization_name_ = UTF8ToUTF16(cert->subject().organization_names[0]); |
411 // state is "if any". | 411 // An EV Cert is required to have a city (localityName) and country but |
412 DCHECK(!cert->subject().locality_name.empty()); | 412 // state is "if any". |
413 DCHECK(!cert->subject().country_name.empty()); | 413 DCHECK(!cert->subject().locality_name.empty()); |
414 base::string16 locality; | 414 DCHECK(!cert->subject().country_name.empty()); |
415 if (!cert->subject().state_or_province_name.empty()) { | 415 base::string16 locality; |
416 locality = l10n_util::GetStringFUTF16( | 416 if (!cert->subject().state_or_province_name.empty()) { |
417 IDS_PAGEINFO_ADDRESS, | 417 locality = l10n_util::GetStringFUTF16( |
418 UTF8ToUTF16(cert->subject().locality_name), | 418 IDS_PAGEINFO_ADDRESS, |
419 UTF8ToUTF16(cert->subject().state_or_province_name), | 419 UTF8ToUTF16(cert->subject().locality_name), |
420 UTF8ToUTF16(cert->subject().country_name)); | 420 UTF8ToUTF16(cert->subject().state_or_province_name), |
| 421 UTF8ToUTF16(cert->subject().country_name)); |
| 422 } else { |
| 423 locality = l10n_util::GetStringFUTF16( |
| 424 IDS_PAGEINFO_PARTIAL_ADDRESS, |
| 425 UTF8ToUTF16(cert->subject().locality_name), |
| 426 UTF8ToUTF16(cert->subject().country_name)); |
| 427 } |
| 428 DCHECK(!cert->subject().organization_names.empty()); |
| 429 site_identity_details_.assign(l10n_util::GetStringFUTF16( |
| 430 GetSiteIdentityDetailsMessageByCTInfo( |
| 431 ssl.signed_certificate_timestamp_ids, true /* is EV */), |
| 432 UTF8ToUTF16(cert->subject().organization_names[0]), |
| 433 locality, |
| 434 UTF8ToUTF16(cert->issuer().GetDisplayName()))); |
421 } else { | 435 } else { |
422 locality = l10n_util::GetStringFUTF16( | 436 // Non-EV OK HTTPS page. |
423 IDS_PAGEINFO_PARTIAL_ADDRESS, | 437 site_identity_status_ = GetSiteIdentityStatusByCTInfo( |
424 UTF8ToUTF16(cert->subject().locality_name), | 438 ssl.signed_certificate_timestamp_ids, false); |
425 UTF8ToUTF16(cert->subject().country_name)); | 439 base::string16 issuer_name( |
| 440 UTF8ToUTF16(cert->issuer().GetDisplayName())); |
| 441 if (issuer_name.empty()) { |
| 442 issuer_name.assign(l10n_util::GetStringUTF16( |
| 443 IDS_PAGE_INFO_SECURITY_TAB_UNKNOWN_PARTY)); |
| 444 } |
| 445 |
| 446 site_identity_details_.assign(l10n_util::GetStringFUTF16( |
| 447 GetSiteIdentityDetailsMessageByCTInfo( |
| 448 ssl.signed_certificate_timestamp_ids, false /* not EV */), |
| 449 issuer_name)); |
426 } | 450 } |
427 DCHECK(!cert->subject().organization_names.empty()); | 451 // The date after which no new SHA-1 certificates may be issued. |
428 site_identity_details_.assign(l10n_util::GetStringFUTF16( | 452 // 2016-01-01 00:00:00 UTC |
429 GetSiteIdentityDetailsMessageByCTInfo( | 453 static const int64_t kSHA1LastIssuanceDate = INT64_C(13096080000000000); |
430 ssl.signed_certificate_timestamp_ids, true /* is EV */), | 454 if ((ssl.cert_status & net::CERT_STATUS_SHA1_SIGNATURE_PRESENT) && |
431 UTF8ToUTF16(cert->subject().organization_names[0]), | 455 cert->valid_expiry() > |
432 locality, | 456 base::Time::FromInternalValue(kSHA1LastIssuanceDate) && |
433 UTF8ToUTF16(cert->issuer().GetDisplayName()))); | 457 base::FieldTrialList::FindFullName("SHA1IdentityUIWarning") == |
434 } else { | 458 "Enabled") { |
435 // Non-EV OK HTTPS page. | 459 site_identity_status_ = |
436 site_identity_status_ = GetSiteIdentityStatusByCTInfo( | 460 SITE_IDENTITY_STATUS_DEPRECATED_SIGNATURE_ALGORITHM; |
437 ssl.signed_certificate_timestamp_ids, false); | 461 site_identity_details_ += |
438 base::string16 issuer_name(UTF8ToUTF16(cert->issuer().GetDisplayName())); | 462 UTF8ToUTF16("\n\n") + |
439 if (issuer_name.empty()) { | 463 l10n_util::GetStringUTF16( |
440 issuer_name.assign(l10n_util::GetStringUTF16( | 464 IDS_PAGE_INFO_SECURITY_TAB_DEPRECATED_SIGNATURE_ALGORITHM); |
441 IDS_PAGE_INFO_SECURITY_TAB_UNKNOWN_PARTY)); | |
442 } | 465 } |
443 | |
444 site_identity_details_.assign(l10n_util::GetStringFUTF16( | |
445 GetSiteIdentityDetailsMessageByCTInfo( | |
446 ssl.signed_certificate_timestamp_ids, false /* not EV */), | |
447 issuer_name)); | |
448 } | 466 } |
449 } else { | 467 } else { |
450 // HTTP or HTTPS with errors (not warnings). | 468 // HTTP or HTTPS with errors (not warnings). |
451 site_identity_details_.assign(l10n_util::GetStringUTF16( | 469 site_identity_details_.assign(l10n_util::GetStringUTF16( |
452 IDS_PAGE_INFO_SECURITY_TAB_INSECURE_IDENTITY)); | 470 IDS_PAGE_INFO_SECURITY_TAB_INSECURE_IDENTITY)); |
453 if (ssl.security_style == content::SECURITY_STYLE_UNAUTHENTICATED) | 471 if (ssl.security_style == content::SECURITY_STYLE_UNAUTHENTICATED) |
454 site_identity_status_ = SITE_IDENTITY_STATUS_NO_CERT; | 472 site_identity_status_ = SITE_IDENTITY_STATUS_NO_CERT; |
455 else | 473 else |
456 site_identity_status_ = SITE_IDENTITY_STATUS_ERROR; | 474 site_identity_status_ = SITE_IDENTITY_STATUS_ERROR; |
457 | 475 |
(...skipping 133 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
591 // permissions. In case of a connection error or an issue with the | 609 // permissions. In case of a connection error or an issue with the |
592 // certificate presented by the website, select the connection tab to draw | 610 // certificate presented by the website, select the connection tab to draw |
593 // the user's attention to the issue. If the site does not provide a | 611 // the user's attention to the issue. If the site does not provide a |
594 // certificate because it was loaded over an unencrypted connection, don't | 612 // certificate because it was loaded over an unencrypted connection, don't |
595 // select the connection tab. | 613 // select the connection tab. |
596 WebsiteSettingsUI::TabId tab_id = WebsiteSettingsUI::TAB_ID_PERMISSIONS; | 614 WebsiteSettingsUI::TabId tab_id = WebsiteSettingsUI::TAB_ID_PERMISSIONS; |
597 if (site_connection_status_ == SITE_CONNECTION_STATUS_ENCRYPTED_ERROR || | 615 if (site_connection_status_ == SITE_CONNECTION_STATUS_ENCRYPTED_ERROR || |
598 site_connection_status_ == SITE_CONNECTION_STATUS_MIXED_CONTENT || | 616 site_connection_status_ == SITE_CONNECTION_STATUS_MIXED_CONTENT || |
599 site_identity_status_ == SITE_IDENTITY_STATUS_ERROR || | 617 site_identity_status_ == SITE_IDENTITY_STATUS_ERROR || |
600 site_identity_status_ == SITE_IDENTITY_STATUS_CERT_REVOCATION_UNKNOWN || | 618 site_identity_status_ == SITE_IDENTITY_STATUS_CERT_REVOCATION_UNKNOWN || |
601 site_identity_status_ == SITE_IDENTITY_STATUS_ADMIN_PROVIDED_CERT) | 619 site_identity_status_ == SITE_IDENTITY_STATUS_ADMIN_PROVIDED_CERT || |
| 620 site_identity_status_ == |
| 621 SITE_IDENTITY_STATUS_DEPRECATED_SIGNATURE_ALGORITHM) |
602 tab_id = WebsiteSettingsUI::TAB_ID_CONNECTION; | 622 tab_id = WebsiteSettingsUI::TAB_ID_CONNECTION; |
603 ui_->SetSelectedTab(tab_id); | 623 ui_->SetSelectedTab(tab_id); |
604 } | 624 } |
605 | 625 |
606 void WebsiteSettings::PresentSitePermissions() { | 626 void WebsiteSettings::PresentSitePermissions() { |
607 PermissionInfoList permission_info_list; | 627 PermissionInfoList permission_info_list; |
608 | 628 |
609 WebsiteSettingsUI::PermissionInfo permission_info; | 629 WebsiteSettingsUI::PermissionInfo permission_info; |
610 for (size_t i = 0; i < arraysize(kPermissionType); ++i) { | 630 for (size_t i = 0; i < arraysize(kPermissionType); ++i) { |
611 permission_info.type = kPermissionType[i]; | 631 permission_info.type = kPermissionType[i]; |
(...skipping 130 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
742 if (visited_before_today) { | 762 if (visited_before_today) { |
743 first_visit_text = l10n_util::GetStringFUTF16( | 763 first_visit_text = l10n_util::GetStringFUTF16( |
744 IDS_PAGE_INFO_SECURITY_TAB_VISITED_BEFORE_TODAY, | 764 IDS_PAGE_INFO_SECURITY_TAB_VISITED_BEFORE_TODAY, |
745 base::TimeFormatShortDate(first_visit)); | 765 base::TimeFormatShortDate(first_visit)); |
746 } else { | 766 } else { |
747 first_visit_text = l10n_util::GetStringUTF16( | 767 first_visit_text = l10n_util::GetStringUTF16( |
748 IDS_PAGE_INFO_SECURITY_TAB_FIRST_VISITED_TODAY); | 768 IDS_PAGE_INFO_SECURITY_TAB_FIRST_VISITED_TODAY); |
749 } | 769 } |
750 ui_->SetFirstVisit(first_visit_text); | 770 ui_->SetFirstVisit(first_visit_text); |
751 } | 771 } |
OLD | NEW |