| OLD | NEW |
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CONTENT_BROWSER_SSL_SSL_HOST_STATE_H_ | 5 #ifndef CONTENT_BROWSER_SSL_SSL_HOST_STATE_H_ |
| 6 #define CONTENT_BROWSER_SSL_SSL_HOST_STATE_H_ | 6 #define CONTENT_BROWSER_SSL_SSL_HOST_STATE_H_ |
| 7 #pragma once | 7 #pragma once |
| 8 | 8 |
| 9 #include <string> | 9 #include <string> |
| 10 #include <map> | 10 #include <map> |
| (...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 44 | 44 |
| 45 // Returns whether the specified host ran insecure content. | 45 // Returns whether the specified host ran insecure content. |
| 46 bool DidHostRunInsecureContent(const std::string& host, int pid) const; | 46 bool DidHostRunInsecureContent(const std::string& host, int pid) const; |
| 47 | 47 |
| 48 // Records that |cert| is permitted to be used for |host| in the future. | 48 // Records that |cert| is permitted to be used for |host| in the future. |
| 49 void DenyCertForHost(net::X509Certificate* cert, const std::string& host); | 49 void DenyCertForHost(net::X509Certificate* cert, const std::string& host); |
| 50 | 50 |
| 51 // Records that |cert| is not permitted to be used for |host| in the future. | 51 // Records that |cert| is not permitted to be used for |host| in the future. |
| 52 void AllowCertForHost(net::X509Certificate* cert, const std::string& host); | 52 void AllowCertForHost(net::X509Certificate* cert, const std::string& host); |
| 53 | 53 |
| 54 // Clear all allow/deny preferences. |
| 55 void Clear(); |
| 56 |
| 54 // Queries whether |cert| is allowed or denied for |host|. | 57 // Queries whether |cert| is allowed or denied for |host|. |
| 55 net::CertPolicy::Judgment QueryPolicy( | 58 net::CertPolicy::Judgment QueryPolicy( |
| 56 net::X509Certificate* cert, const std::string& host); | 59 net::X509Certificate* cert, const std::string& host); |
| 57 | 60 |
| 58 private: | 61 private: |
| 59 // A BrokenHostEntry is a pair of (host, process_id) that indicates the host | 62 // A BrokenHostEntry is a pair of (host, process_id) that indicates the host |
| 60 // contains insecure content in that renderer process. | 63 // contains insecure content in that renderer process. |
| 61 typedef std::pair<std::string, int> BrokenHostEntry; | 64 typedef std::pair<std::string, int> BrokenHostEntry; |
| 62 | 65 |
| 63 // Hosts which have been contaminated with insecure content in the | 66 // Hosts which have been contaminated with insecure content in the |
| 64 // specified process. Note that insecure content can travel between | 67 // specified process. Note that insecure content can travel between |
| 65 // same-origin frames in one processs but cannot jump between processes. | 68 // same-origin frames in one processs but cannot jump between processes. |
| 66 std::set<BrokenHostEntry> ran_insecure_content_hosts_; | 69 std::set<BrokenHostEntry> ran_insecure_content_hosts_; |
| 67 | 70 |
| 68 // Certificate policies for each host. | 71 // Certificate policies for each host. |
| 69 std::map<std::string, net::CertPolicy> cert_policy_for_host_; | 72 std::map<std::string, net::CertPolicy> cert_policy_for_host_; |
| 70 | 73 |
| 71 DISALLOW_COPY_AND_ASSIGN(SSLHostState); | 74 DISALLOW_COPY_AND_ASSIGN(SSLHostState); |
| 72 }; | 75 }; |
| 73 | 76 |
| 74 #endif // CONTENT_BROWSER_SSL_SSL_HOST_STATE_H_ | 77 #endif // CONTENT_BROWSER_SSL_SSL_HOST_STATE_H_ |
| OLD | NEW |