| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/ssl/ssl_policy.h" | 5 #include "content/browser/ssl/ssl_policy.h" |
| 6 | 6 |
| 7 #include "base/base_switches.h" | 7 #include "base/base_switches.h" |
| 8 #include "base/bind.h" | 8 #include "base/bind.h" |
| 9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
| 10 #include "base/memory/singleton.h" | 10 #include "base/memory/singleton.h" |
| (...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 49 // For all other hosts, which must be DENIED, a blocking page is shown to the | 49 // For all other hosts, which must be DENIED, a blocking page is shown to the |
| 50 // user every time they come back to the page. | 50 // user every time they come back to the page. |
| 51 int options_mask = 0; | 51 int options_mask = 0; |
| 52 switch (handler->cert_error()) { | 52 switch (handler->cert_error()) { |
| 53 case net::ERR_CERT_COMMON_NAME_INVALID: | 53 case net::ERR_CERT_COMMON_NAME_INVALID: |
| 54 case net::ERR_CERT_DATE_INVALID: | 54 case net::ERR_CERT_DATE_INVALID: |
| 55 case net::ERR_CERT_AUTHORITY_INVALID: | 55 case net::ERR_CERT_AUTHORITY_INVALID: |
| 56 case net::ERR_CERT_WEAK_SIGNATURE_ALGORITHM: | 56 case net::ERR_CERT_WEAK_SIGNATURE_ALGORITHM: |
| 57 case net::ERR_CERT_WEAK_KEY: | 57 case net::ERR_CERT_WEAK_KEY: |
| 58 case net::ERR_CERT_NAME_CONSTRAINT_VIOLATION: | 58 case net::ERR_CERT_NAME_CONSTRAINT_VIOLATION: |
| 59 case net::ERR_CERT_VALIDITY_TOO_LONG: | |
| 60 if (!handler->fatal()) | 59 if (!handler->fatal()) |
| 61 options_mask |= OVERRIDABLE; | 60 options_mask |= OVERRIDABLE; |
| 62 else | 61 else |
| 63 options_mask |= STRICT_ENFORCEMENT; | 62 options_mask |= STRICT_ENFORCEMENT; |
| 64 if (expired_previous_decision) | 63 if (expired_previous_decision) |
| 65 options_mask |= EXPIRED_PREVIOUS_DECISION; | 64 options_mask |= EXPIRED_PREVIOUS_DECISION; |
| 66 OnCertErrorInternal(handler, options_mask); | 65 OnCertErrorInternal(handler, options_mask); |
| 67 break; | 66 break; |
| 68 case net::ERR_CERT_NO_REVOCATION_MECHANISM: | 67 case net::ERR_CERT_NO_REVOCATION_MECHANISM: |
| 69 // Ignore this error. | 68 // Ignore this error. |
| (...skipping 162 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 232 SECURITY_STYLE_AUTHENTICATED : SECURITY_STYLE_UNAUTHENTICATED; | 231 SECURITY_STYLE_AUTHENTICATED : SECURITY_STYLE_UNAUTHENTICATED; |
| 233 } | 232 } |
| 234 | 233 |
| 235 void SSLPolicy::OriginRanInsecureContent(const std::string& origin, int pid) { | 234 void SSLPolicy::OriginRanInsecureContent(const std::string& origin, int pid) { |
| 236 GURL parsed_origin(origin); | 235 GURL parsed_origin(origin); |
| 237 if (parsed_origin.SchemeIsSecure()) | 236 if (parsed_origin.SchemeIsSecure()) |
| 238 backend_->HostRanInsecureContent(parsed_origin.host(), pid); | 237 backend_->HostRanInsecureContent(parsed_origin.host(), pid); |
| 239 } | 238 } |
| 240 | 239 |
| 241 } // namespace content | 240 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 717653002:
Revert "Reject certificates that are valid for too long." (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master