Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(5162)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/ui/website_settings/website_settings.cc

Issue 662883002: net: show UI warnings for SSLv3. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git/+/master
Patch Set: Remove comment. Created 6 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/ui/toolbar/toolbar_model_impl.cc ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/ui/website_settings/website_settings.cc
diff --git a/chrome/browser/ui/website_settings/website_settings.cc b/chrome/browser/ui/website_settings/website_settings.cc
index eeff75194caad569d6a502838e94c5f34081dfa0..d6b2ca5dc0fb55b12a6a671e3cb7eff538458577 100644
--- a/chrome/browser/ui/website_settings/website_settings.cc
+++ b/chrome/browser/ui/website_settings/website_settings.cc
@@ -551,6 +551,7 @@ void WebsiteSettings::Init(Profile* profile,
if (ssl.security_bits > 0 && cipher_suite) {
int ssl_version =
net::SSLConnectionStatusToVersion(ssl.connection_status);
+ const bool is_sslv3 = ssl_version == net::SSL_CONNECTION_VERSION_SSL3;
msw 2014/10/20 18:27:39 nit: move this down to where it's used, or inline
const char* ssl_version_str;
net::SSLVersionToString(&ssl_version_str, ssl_version);
site_connection_details_ += ASCIIToUTF16("\n\n");
@@ -558,8 +559,6 @@ void WebsiteSettings::Init(Profile* profile,
IDS_PAGE_INFO_SECURITY_TAB_SSL_VERSION,
ASCIIToUTF16(ssl_version_str));
- bool did_fallback = (ssl.connection_status &
msw 2014/10/20 18:27:39 q: do you actually intend to remove SSL_CONNECTION
- net::SSL_CONNECTION_VERSION_FALLBACK) != 0;
agl 2014/10/20 18:55:19 Yes, fallback to SSLv3 is getting removed in Chrom
msw 2014/10/20 19:14:06 Acknowledged.
bool no_renegotiation =
(ssl.connection_status &
net::SSL_CONNECTION_NO_RENEGOTIATION_EXTENSION) != 0;
@@ -579,14 +578,11 @@ void WebsiteSettings::Init(Profile* profile,
ASCIIToUTF16(cipher), ASCIIToUTF16(mac), ASCIIToUTF16(key_exchange));
}
- if (did_fallback) {
- // For now, only SSLv3 fallback will trigger a warning icon.
- if (site_connection_status_ < SITE_CONNECTION_STATUS_MIXED_CONTENT)
- site_connection_status_ = SITE_CONNECTION_STATUS_MIXED_CONTENT;
- site_connection_details_ += ASCIIToUTF16("\n\n");
- site_connection_details_ += l10n_util::GetStringUTF16(
- IDS_PAGE_INFO_SECURITY_TAB_FALLBACK_MESSAGE);
msw 2014/10/20 18:27:39 The IDS and string asset should be removed if they
agl 2014/10/20 18:55:19 I did plan on removing this message but, having sl
msw 2014/10/20 19:14:06 Acknowledged.
+ if (is_sslv3 &&
+ site_connection_status_ < SITE_CONNECTION_STATUS_MIXED_CONTENT) {
+ site_connection_status_ = SITE_CONNECTION_STATUS_ENCRYPTED_ERROR;
}
+
if (no_renegotiation) {
site_connection_details_ += ASCIIToUTF16("\n\n");
site_connection_details_ += l10n_util::GetStringUTF16(
« no previous file with comments | « chrome/browser/ui/toolbar/toolbar_model_impl.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698