Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(56)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: android_webview/browser/aw_ssl_host_state_delegate.h

Issue 794023002: Remember user's decisions on SSL errors. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: comments Created 6 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « android_webview/browser/aw_browser_context.cc ('k') | android_webview/browser/aw_ssl_host_state_delegate.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright (c) 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #ifndef ANDROID_WEBVIEW_BROWSER_AW_SSL_HOST_STATE_DELEGATE_H_
6 #define ANDROID_WEBVIEW_BROWSER_AW_SSL_HOST_STATE_DELEGATE_H_
7
8 #include <map>
9 #include <string>
10
11 #include "content/public/browser/ssl_host_state_delegate.h"
12 #include "net/base/hash_value.h"
13 #include "net/cert/cert_status_flags.h"
14 #include "net/cert/x509_certificate.h"
15
16 namespace android_webview {
17
18 namespace internal {
19 // This class maintains the policy for storing actions on certificate errors.
20 class CertPolicy {
21 public:
22 CertPolicy();
23 ~CertPolicy();
24 // Returns true if the user has decided to proceed through the ssl error
25 // before. For a certificate to be allowed, it must not have any
26 // *additional* errors from when it was allowed.
27 bool Check(const net::X509Certificate& cert, net::CertStatus error) const;
28
29 // Causes the policy to allow this certificate for a given |error|. And
30 // remember the user's choice.
31 void Allow(const net::X509Certificate& cert, net::CertStatus error);
32
33 private:
34 // The set of fingerprints of allowed certificates.
35 std::map<net::SHA256HashValue, net::CertStatus, net::SHA256HashValueLessThan>
36 allowed_;
37 };
38
39 } // namespace internal
40
41 class AwSSLHostStateDelegate : public content::SSLHostStateDelegate {
42 public:
43 AwSSLHostStateDelegate();
44 virtual ~AwSSLHostStateDelegate();
45
46 // Records that |cert| is permitted to be used for |host| in the future, for
47 // a specified |error| type.
48 void AllowCert(const std::string& host,
49 const net::X509Certificate& cert,
50 net::CertStatus error) override;
51
52 void Clear() override;
53
54 // Queries whether |cert| is allowed or denied for |host| and |error|.
55 content::SSLHostStateDelegate::CertJudgment QueryPolicy(
56 const std::string& host,
57 const net::X509Certificate& cert,
58 net::CertStatus error,
59 bool* expired_previous_decision) override;
60
61 // Records that a host has run insecure content.
62 void HostRanInsecureContent(const std::string& host, int pid) override;
63
64 // Returns whether the specified host ran insecure content.
65 bool DidHostRunInsecureContent(const std::string& host,
66 int pid) const override;
67
68 private:
69 // Certificate policies for each host.
70 std::map<std::string, internal::CertPolicy> cert_policy_for_host_;
71
72 DISALLOW_COPY_AND_ASSIGN(AwSSLHostStateDelegate);
73 };
74
75 } // namespace android_webview
76
77 #endif // ANDROID_WEBVIEW_BROWSER_AW_SSL_HOST_STATE_DELEGATE_H_
OLDNEW
« no previous file with comments | « android_webview/browser/aw_browser_context.cc ('k') | android_webview/browser/aw_ssl_host_state_delegate.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698