Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(242)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/ssl/chrome_ssl_host_state_delegate.cc

Issue 887223005: Skip interstitials and don't block requests for localhost SSL errors (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: rebase again Created 5 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/browser/chrome_content_browser_client.cc ('k') | chrome/browser/ssl/chrome_ssl_host_state_delegate_test.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/ssl/chrome_ssl_host_state_delegate.h" 5 #include "chrome/browser/ssl/chrome_ssl_host_state_delegate.h"
6 6
7 #include <set> 7 #include <set>
8 8
9 #include "base/base64.h" 9 #include "base/base64.h"
10 #include "base/bind.h" 10 #include "base/bind.h"
11 #include "base/command_line.h" 11 #include "base/command_line.h"
12 #include "base/guid.h" 12 #include "base/guid.h"
13 #include "base/logging.h" 13 #include "base/logging.h"
14 #include "base/metrics/field_trial.h" 14 #include "base/metrics/field_trial.h"
15 #include "base/strings/string_number_conversions.h" 15 #include "base/strings/string_number_conversions.h"
16 #include "base/time/clock.h" 16 #include "base/time/clock.h"
17 #include "base/time/default_clock.h" 17 #include "base/time/default_clock.h"
18 #include "base/time/time.h" 18 #include "base/time/time.h"
19 #include "base/values.h" 19 #include "base/values.h"
20 #include "chrome/browser/profiles/profile.h" 20 #include "chrome/browser/profiles/profile.h"
21 #include "chrome/common/chrome_switches.h" 21 #include "chrome/common/chrome_switches.h"
22 #include "components/content_settings/core/browser/host_content_settings_map.h" 22 #include "components/content_settings/core/browser/host_content_settings_map.h"
23 #include "components/content_settings/core/common/content_settings_types.h" 23 #include "components/content_settings/core/common/content_settings_types.h"
24 #include "components/variations/variations_associated_data.h" 24 #include "components/variations/variations_associated_data.h"
25 #include "net/base/hash_value.h" 25 #include "net/base/hash_value.h"
26 #include "net/base/net_util.h"
26 #include "net/cert/x509_certificate.h" 27 #include "net/cert/x509_certificate.h"
27 #include "net/http/http_transaction_factory.h" 28 #include "net/http/http_transaction_factory.h"
28 #include "net/url_request/url_request_context.h" 29 #include "net/url_request/url_request_context.h"
29 #include "net/url_request/url_request_context_getter.h" 30 #include "net/url_request/url_request_context_getter.h"
30 #include "url/gurl.h" 31 #include "url/gurl.h"
31 32
32 namespace { 33 namespace {
33 34
34 // Switch value that specifies that certificate decisions should be forgotten at 35 // Switch value that specifies that certificate decisions should be forgotten at
35 // the end of the current session. 36 // the end of the current session.
(...skipping 287 matching lines...) Expand 10 before | Expand all | Expand 10 after
323 net::CertStatus error, 324 net::CertStatus error,
324 bool* expired_previous_decision) { 325 bool* expired_previous_decision) {
325 HostContentSettingsMap* map = profile_->GetHostContentSettingsMap(); 326 HostContentSettingsMap* map = profile_->GetHostContentSettingsMap();
326 GURL url = GetSecureGURLForHost(host); 327 GURL url = GetSecureGURLForHost(host);
327 scoped_ptr<base::Value> value(map->GetWebsiteSetting( 328 scoped_ptr<base::Value> value(map->GetWebsiteSetting(
328 url, url, CONTENT_SETTINGS_TYPE_SSL_CERT_DECISIONS, std::string(), NULL)); 329 url, url, CONTENT_SETTINGS_TYPE_SSL_CERT_DECISIONS, std::string(), NULL));
329 330
330 // Set a default value in case this method is short circuited and doesn't do a 331 // Set a default value in case this method is short circuited and doesn't do a
331 // full query. 332 // full query.
332 *expired_previous_decision = false; 333 *expired_previous_decision = false;
334
335 // If the appropriate flag is set, let requests on localhost go
336 // through even if there are certificate errors. Errors on localhost
337 // are unlikely to indicate actual security problems.
338 bool allow_localhost = base::CommandLine::ForCurrentProcess()->HasSwitch(
339 switches::kAllowInsecureLocalhost);
340 if (allow_localhost && net::IsLocalhost(url.host()))
341 return ALLOWED;
342
333 if (!value.get() || !value->IsType(base::Value::TYPE_DICTIONARY)) 343 if (!value.get() || !value->IsType(base::Value::TYPE_DICTIONARY))
334 return DENIED; 344 return DENIED;
335 345
336 base::DictionaryValue* dict; // Owned by value 346 base::DictionaryValue* dict; // Owned by value
337 int policy_decision; 347 int policy_decision;
338 bool success = value->GetAsDictionary(&dict); 348 bool success = value->GetAsDictionary(&dict);
339 DCHECK(success); 349 DCHECK(success);
340 350
341 base::DictionaryValue* cert_error_dict; // Owned by value 351 base::DictionaryValue* cert_error_dict; // Owned by value
342 cert_error_dict = GetValidCertDecisionsDict( 352 cert_error_dict = GetValidCertDecisionsDict(
(...skipping 88 matching lines...) Expand 10 before | Expand all | Expand 10 after
431 } 441 }
432 442
433 bool ChromeSSLHostStateDelegate::DidHostRunInsecureContent( 443 bool ChromeSSLHostStateDelegate::DidHostRunInsecureContent(
434 const std::string& host, 444 const std::string& host,
435 int pid) const { 445 int pid) const {
436 return !!ran_insecure_content_hosts_.count(BrokenHostEntry(host, pid)); 446 return !!ran_insecure_content_hosts_.count(BrokenHostEntry(host, pid));
437 } 447 }
438 void ChromeSSLHostStateDelegate::SetClock(scoped_ptr<base::Clock> clock) { 448 void ChromeSSLHostStateDelegate::SetClock(scoped_ptr<base::Clock> clock) {
439 clock_.reset(clock.release()); 449 clock_.reset(clock.release());
440 } 450 }
OLDNEW
« no previous file with comments | « chrome/browser/chrome_content_browser_client.cc ('k') | chrome/browser/ssl/chrome_ssl_host_state_delegate_test.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698