| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CHROME_BROWSER_SSL_SSL_BLOCKING_PAGE_H_ | 5 #ifndef CHROME_BROWSER_SSL_SSL_BLOCKING_PAGE_H_ |
| 6 #define CHROME_BROWSER_SSL_SSL_BLOCKING_PAGE_H_ | 6 #define CHROME_BROWSER_SSL_SSL_BLOCKING_PAGE_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| 11 #include "base/callback.h" | 11 #include "base/callback.h" |
| 12 #include "base/strings/string16.h" | 12 #include "base/strings/string16.h" |
| 13 #include "base/task/cancelable_task_tracker.h" | 13 #include "base/task/cancelable_task_tracker.h" |
| 14 #include "base/time/time.h" | 14 #include "base/time/time.h" |
| 15 #include "chrome/browser/interstitials/security_interstitial_metrics_helper.h" | |
| 16 #include "chrome/browser/interstitials/security_interstitial_page.h" | 15 #include "chrome/browser/interstitials/security_interstitial_page.h" |
| 17 #include "net/ssl/ssl_info.h" | 16 #include "net/ssl/ssl_info.h" |
| 18 #include "url/gurl.h" | 17 #include "url/gurl.h" |
| 19 | 18 |
| 20 #if defined(ENABLE_EXTENSIONS) | 19 #if defined(ENABLE_EXTENSIONS) |
| 21 namespace extensions { | 20 namespace extensions { |
| 22 class ExperienceSamplingEvent; | 21 class ExperienceSamplingEvent; |
| 23 } | 22 } |
| 24 #endif | 23 #endif |
| 25 | 24 |
| 25 class SafeBrowsingUIManager; |
| 26 class SSLErrorClassification; | 26 class SSLErrorClassification; |
| 27 | 27 |
| 28 // This class is responsible for showing/hiding the interstitial page that is | 28 // This class is responsible for showing/hiding the interstitial page that is |
| 29 // shown when a certificate error happens. | 29 // shown when a certificate error happens. |
| 30 // It deletes itself when the interstitial page is closed. | 30 // It deletes itself when the interstitial page is closed. |
| 31 class SSLBlockingPage : public SecurityInterstitialPage { | 31 class SSLBlockingPage : public SecurityInterstitialPage { |
| 32 public: | 32 public: |
| 33 enum SSLBlockingPageOptionsMask { | 33 enum SSLBlockingPageOptionsMask { |
| 34 // Indicates whether or not the user could (assuming perfect knowledge) | 34 // Indicates whether or not the user could (assuming perfect knowledge) |
| 35 // successfully override the error and still get the security guarantees | 35 // successfully override the error and still get the security guarantees |
| (...skipping 16 matching lines...) Expand all Loading... |
| 52 // Creates an SSL blocking page. If the blocking page isn't shown, the caller | 52 // Creates an SSL blocking page. If the blocking page isn't shown, the caller |
| 53 // is responsible for cleaning up the blocking page, otherwise the | 53 // is responsible for cleaning up the blocking page, otherwise the |
| 54 // interstitial takes ownership when shown. |options_mask| must be a bitwise | 54 // interstitial takes ownership when shown. |options_mask| must be a bitwise |
| 55 // mask of SSLBlockingPageOptionsMask values. | 55 // mask of SSLBlockingPageOptionsMask values. |
| 56 SSLBlockingPage(content::WebContents* web_contents, | 56 SSLBlockingPage(content::WebContents* web_contents, |
| 57 int cert_error, | 57 int cert_error, |
| 58 const net::SSLInfo& ssl_info, | 58 const net::SSLInfo& ssl_info, |
| 59 const GURL& request_url, | 59 const GURL& request_url, |
| 60 int options_mask, | 60 int options_mask, |
| 61 const base::Time& time_triggered, | 61 const base::Time& time_triggered, |
| 62 SafeBrowsingUIManager* safe_browsing_ui_manager, |
| 62 const base::Callback<void(bool)>& callback); | 63 const base::Callback<void(bool)>& callback); |
| 63 | 64 |
| 64 // InterstitialPageDelegate method: | 65 // InterstitialPageDelegate method: |
| 65 InterstitialPageDelegate::TypeID GetTypeForTesting() const override; | 66 InterstitialPageDelegate::TypeID GetTypeForTesting() const override; |
| 66 | 67 |
| 67 // Returns true if |options_mask| refers to an overridable SSL error. | 68 // Returns true if |options_mask| refers to an overridable SSL error. |
| 68 static bool IsOptionsOverridable(int options_mask); | 69 static bool IsOptionsOverridable(int options_mask); |
| 69 | 70 |
| 71 // Allows tests to be notified when an invalid cert chain report has |
| 72 // been sent (or not sent). |
| 73 void SetCertificateReportCallbackForTesting(const base::Closure& callback); |
| 74 |
| 70 protected: | 75 protected: |
| 71 // InterstitialPageDelegate implementation. | 76 // InterstitialPageDelegate implementation. |
| 72 void CommandReceived(const std::string& command) override; | 77 void CommandReceived(const std::string& command) override; |
| 73 void OverrideEntry(content::NavigationEntry* entry) override; | 78 void OverrideEntry(content::NavigationEntry* entry) override; |
| 74 void OverrideRendererPrefs(content::RendererPreferences* prefs) override; | 79 void OverrideRendererPrefs(content::RendererPreferences* prefs) override; |
| 75 void OnProceed() override; | 80 void OnProceed() override; |
| 76 void OnDontProceed() override; | 81 void OnDontProceed() override; |
| 77 | 82 |
| 78 // SecurityInterstitialPage implementation: | 83 // SecurityInterstitialPage implementation: |
| 79 bool ShouldCreateNewNavigation() const override; | 84 bool ShouldCreateNewNavigation() const override; |
| 80 void PopulateInterstitialStrings( | 85 void PopulateInterstitialStrings( |
| 81 base::DictionaryValue* load_time_data) override; | 86 base::DictionaryValue* load_time_data) override; |
| 82 | 87 |
| 88 void PopulateExtendedReportingOption(base::DictionaryValue* load_time_data); |
| 89 |
| 83 private: | 90 private: |
| 84 void NotifyDenyCertificate(); | 91 void NotifyDenyCertificate(); |
| 85 void NotifyAllowCertificate(); | 92 void NotifyAllowCertificate(); |
| 86 | 93 |
| 87 std::string GetUmaHistogramPrefix() const; | 94 std::string GetUmaHistogramPrefix() const; |
| 88 std::string GetSamplingEventName() const; | 95 std::string GetSamplingEventName() const; |
| 89 | 96 |
| 97 // Send a report about an invalid certificate to the server. Takes |
| 98 // care of calling certificate_report_callback_for_testing_. |
| 99 void FinishCertCollection(); |
| 100 |
| 90 base::Callback<void(bool)> callback_; | 101 base::Callback<void(bool)> callback_; |
| 91 | 102 |
| 92 const int cert_error_; | 103 const int cert_error_; |
| 93 const net::SSLInfo ssl_info_; | 104 const net::SSLInfo ssl_info_; |
| 94 // There are two ways for the user to override an interstitial: | 105 // There are two ways for the user to override an interstitial: |
| 95 // | 106 // |
| 96 // overridable_) By clicking on "Advanced" and then "Proceed". | 107 // overridable_) By clicking on "Advanced" and then "Proceed". |
| 97 // - This corresponds to "the user can override using the UI". | 108 // - This corresponds to "the user can override using the UI". |
| 98 // danger_overridable_) By typing the word "danger". | 109 // danger_overridable_) By typing the word "danger". |
| 99 // - This is an undocumented workaround. | 110 // - This is an undocumented workaround. |
| 100 // - This can be set to "false" dynamically to prevent the behaviour. | 111 // - This can be set to "false" dynamically to prevent the behaviour. |
| 101 const bool overridable_; | 112 const bool overridable_; |
| 102 bool danger_overridable_; | 113 bool danger_overridable_; |
| 103 // Has the site requested strict enforcement of certificate errors? | 114 // Has the site requested strict enforcement of certificate errors? |
| 104 const bool strict_enforcement_; | 115 const bool strict_enforcement_; |
| 105 // Did the user previously allow a bad certificate but the decision has now | 116 // Did the user previously allow a bad certificate but the decision has now |
| 106 // expired? | 117 // expired? |
| 107 const bool expired_but_previously_allowed_; | 118 const bool expired_but_previously_allowed_; |
| 108 scoped_ptr<SSLErrorClassification> ssl_error_classification_; | 119 scoped_ptr<SSLErrorClassification> ssl_error_classification_; |
| 109 scoped_ptr<SecurityInterstitialMetricsHelper> metrics_helper_; | 120 |
| 110 // The time at which the interstitial was triggered. The interstitial | 121 // The time at which the interstitial was triggered. The interstitial |
| 111 // calculates all times relative to this. | 122 // calculates all times relative to this. |
| 112 const base::Time time_triggered_; | 123 const base::Time time_triggered_; |
| 113 | 124 |
| 125 // For reporting invalid SSL certificates as part of Safe Browsing |
| 126 // Extended Reporting. |
| 127 SafeBrowsingUIManager* safe_browsing_ui_manager_; |
| 128 |
| 129 // This callback is run when an extended reporting certificate chain |
| 130 // report has been sent, or when it is decided that it should not be |
| 131 // sent (for example, when in incognito mode). |
| 132 base::Closure certificate_report_callback_for_testing_; |
| 133 |
| 114 // Which type of interstitial this is. | 134 // Which type of interstitial this is. |
| 115 enum SSLInterstitialReason { | 135 enum SSLInterstitialReason { |
| 116 SSL_REASON_SSL, | 136 SSL_REASON_SSL, |
| 117 SSL_REASON_BAD_CLOCK | 137 SSL_REASON_BAD_CLOCK |
| 118 } interstitial_reason_; | 138 } interstitial_reason_; |
| 119 | 139 |
| 120 DISALLOW_COPY_AND_ASSIGN(SSLBlockingPage); | 140 DISALLOW_COPY_AND_ASSIGN(SSLBlockingPage); |
| 121 }; | 141 }; |
| 122 | 142 |
| 123 #endif // CHROME_BROWSER_SSL_SSL_BLOCKING_PAGE_H_ | 143 #endif // CHROME_BROWSER_SSL_SSL_BLOCKING_PAGE_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 935663004:
Add checkbox for reporting invalid TLS/SSL cert chains (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master