| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef COMPONENTS_AUTOFILL_CORE_COMMON_SAVE_PASSWORD_PROGRESS_LOGGER_H_ | 5 #ifndef COMPONENTS_AUTOFILL_CORE_COMMON_SAVE_PASSWORD_PROGRESS_LOGGER_H_ |
| 6 #define COMPONENTS_AUTOFILL_CORE_COMMON_SAVE_PASSWORD_PROGRESS_LOGGER_H_ | 6 #define COMPONENTS_AUTOFILL_CORE_COMMON_SAVE_PASSWORD_PROGRESS_LOGGER_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "url/gurl.h" | 10 #include "url/gurl.h" |
| (...skipping 14 matching lines...) Expand all Loading... |
| 25 // | 25 // |
| 26 // To use this class, the method SendLog needs to be overriden to send the logs | 26 // To use this class, the method SendLog needs to be overriden to send the logs |
| 27 // for display as appropriate. | 27 // for display as appropriate. |
| 28 // | 28 // |
| 29 // TODO(vabr): Logically, this class belongs to the password_manager component. | 29 // TODO(vabr): Logically, this class belongs to the password_manager component. |
| 30 // But the PasswordAutofillAgent needs to use it, so until that agent is in a | 30 // But the PasswordAutofillAgent needs to use it, so until that agent is in a |
| 31 // third component, shared by autofill and password_manager, this helper needs | 31 // third component, shared by autofill and password_manager, this helper needs |
| 32 // to stay in autofill as well. | 32 // to stay in autofill as well. |
| 33 class SavePasswordProgressLogger { | 33 class SavePasswordProgressLogger { |
| 34 public: | 34 public: |
| 35 // All three possible decisions about saving a password. Call LogFinalDecision | 35 // IDs of strings allowed in the logs: for security reasons, we only pass the |
| 36 // as soon as one is taken by the password management code. | 36 // IDs from the renderer, and map them to strings in the browser. |
| 37 enum Decision { DECISION_SAVE, DECISION_ASK, DECISION_DROP }; | 37 enum StringID { |
| 38 STRING_DECISION_ASK, |
| 39 STRING_DECISION_DROP, |
| 40 STRING_DECISION_SAVE, |
| 41 STRING_METHOD, |
| 42 STRING_METHOD_GET, |
| 43 STRING_METHOD_POST, |
| 44 STRING_METHOD_EMPTY, |
| 45 STRING_OTHER, |
| 46 STRING_SCHEME_HTML, |
| 47 STRING_SCHEME_BASIC, |
| 48 STRING_SCHEME_DIGEST, |
| 49 STRING_SCHEME_MESSAGE, |
| 50 STRING_SIGNON_REALM, |
| 51 STRING_ORIGINAL_SIGNON_REALM, |
| 52 STRING_ORIGIN, |
| 53 STRING_ACTION, |
| 54 STRING_USERNAME_ELEMENT, |
| 55 STRING_PASSWORD_ELEMENT, |
| 56 STRING_PASSWORD_AUTOCOMPLETE_SET, |
| 57 STRING_OLD_PASSWORD_ELEMENT, |
| 58 STRING_SSL_VALID, |
| 59 STRING_PASSWORD_GENERATED, |
| 60 STRING_TIMES_USED, |
| 61 STRING_USE_ADDITIONAL_AUTHENTICATION, |
| 62 STRING_PSL_MATCH, |
| 63 STRING_NAME_OR_ID, |
| 64 STRING_MESSAGE, |
| 65 STRING_INVALID, // Represents a string returned in a case of an error. |
| 66 STRING_MAX = STRING_INVALID |
| 67 }; |
| 38 | 68 |
| 39 SavePasswordProgressLogger(); | 69 SavePasswordProgressLogger(); |
| 40 virtual ~SavePasswordProgressLogger(); | 70 virtual ~SavePasswordProgressLogger(); |
| 41 | 71 |
| 42 // Logging: specialized methods (for logging forms, URLs, etc.) take care of | 72 // Call these methods to log information. They sanitize the input and call |
| 43 // proper removing of sensitive data where appropriate. | 73 // SendLog to pass it for display. |
| 44 void LogPasswordForm(const std::string& message, | 74 void LogPasswordForm(StringID label, const autofill::PasswordForm& form); |
| 45 const autofill::PasswordForm& form); | 75 void LogHTMLForm(StringID label, |
| 46 void LogHTMLForm(const std::string& message, | |
| 47 const std::string& name_or_id, | 76 const std::string& name_or_id, |
| 48 const std::string& method, | 77 const std::string& method, |
| 49 const GURL& action); | 78 const GURL& action); |
| 50 void LogURL(const std::string& message, const GURL& url); | 79 void LogURL(StringID label, const GURL& url); |
| 51 void LogBoolean(const std::string& message, bool value); | 80 void LogBoolean(StringID label, bool truth_value); |
| 52 void LogNumber(const std::string& message, int value); | 81 void LogNumber(StringID label, int signed_number); |
| 53 void LogNumber(const std::string& message, size_t value); | 82 void LogNumber(StringID label, size_t unsigned_number); |
| 54 void LogFinalDecision(Decision decision); | 83 void LogMessage(StringID message); |
| 55 // Do not use LogMessage when there is an appropriate specialized method | |
| 56 // above. LogMessage performs no scrubbing of sensitive data. | |
| 57 void LogMessage(const std::string& message); | |
| 58 | 84 |
| 59 protected: | 85 protected: |
| 60 // Sends |log| immediately for display. | 86 // Sends |log| immediately for display. |
| 61 virtual void SendLog(const std::string& log) = 0; | 87 virtual void SendLog(const std::string& log) = 0; |
| 62 | 88 |
| 63 private: | 89 private: |
| 64 // Takes a structured |log|, converts it to a string suitable for plain text | 90 // Converts |log| and its |label| to a string and calls SendLog on the result. |
| 65 // output, adds the |name| as a caption, and sends out via SendLog. | 91 void LogValue(StringID label, const base::Value& log); |
| 66 void LogValue(const std::string& name, const base::Value& log); | |
| 67 | 92 |
| 68 DISALLOW_COPY_AND_ASSIGN(SavePasswordProgressLogger); | 93 DISALLOW_COPY_AND_ASSIGN(SavePasswordProgressLogger); |
| 69 }; | 94 }; |
| 70 | 95 |
| 71 } // namespace autofill | 96 } // namespace autofill |
| 72 | 97 |
| 73 #endif // COMPONENTS_AUTOFILL_CORE_COMMON_SAVE_PASSWORD_PROGRESS_LOGGER_H_ | 98 #endif // COMPONENTS_AUTOFILL_CORE_COMMON_SAVE_PASSWORD_PROGRESS_LOGGER_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 235623002:
Password manager internals page: Improve security (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src