Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(82)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/ssl/chrome_security_state_model_client.cc

Issue 2424223002: Update devtools security panel for HTTP-bad (Closed)
Patch Set: lgarron comments Created 4 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/app/google_chrome_strings.grd ('k') | chrome/browser/ssl/chrome_security_state_model_client_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" 5 #include "chrome/browser/ssl/chrome_security_state_model_client.h"
6 6
7 #include <openssl/ssl.h> 7 #include <openssl/ssl.h>
8 8
9 #include <vector> 9 #include <vector>
10 10
11 #include "base/command_line.h" 11 #include "base/command_line.h"
12 #include "base/metrics/field_trial.h" 12 #include "base/metrics/field_trial.h"
13 #include "base/metrics/histogram_macros.h" 13 #include "base/metrics/histogram_macros.h"
14 #include "base/strings/string16.h" 14 #include "base/strings/string16.h"
15 #include "base/strings/utf_string_conversions.h" 15 #include "base/strings/utf_string_conversions.h"
16 #include "build/build_config.h" 16 #include "build/build_config.h"
17 #include "chrome/browser/browser_process.h" 17 #include "chrome/browser/browser_process.h"
18 #include "chrome/browser/chromeos/policy/policy_cert_service.h" 18 #include "chrome/browser/chromeos/policy/policy_cert_service.h"
19 #include "chrome/browser/chromeos/policy/policy_cert_service_factory.h" 19 #include "chrome/browser/chromeos/policy/policy_cert_service_factory.h"
20 #include "chrome/browser/profiles/profile.h" 20 #include "chrome/browser/profiles/profile.h"
21 #include "chrome/browser/safe_browsing/safe_browsing_service.h" 21 #include "chrome/browser/safe_browsing/safe_browsing_service.h"
22 #include "chrome/browser/safe_browsing/ui_manager.h" 22 #include "chrome/browser/safe_browsing/ui_manager.h"
23 #include "chrome/grit/chromium_strings.h"
23 #include "chrome/grit/generated_resources.h" 24 #include "chrome/grit/generated_resources.h"
24 #include "content/public/browser/navigation_entry.h" 25 #include "content/public/browser/navigation_entry.h"
25 #include "content/public/browser/navigation_handle.h" 26 #include "content/public/browser/navigation_handle.h"
26 #include "content/public/browser/render_frame_host.h" 27 #include "content/public/browser/render_frame_host.h"
27 #include "content/public/browser/security_style_explanation.h" 28 #include "content/public/browser/security_style_explanation.h"
28 #include "content/public/browser/security_style_explanations.h" 29 #include "content/public/browser/security_style_explanations.h"
29 #include "content/public/browser/ssl_status.h" 30 #include "content/public/browser/ssl_status.h"
30 #include "content/public/browser/web_contents.h" 31 #include "content/public/browser/web_contents.h"
31 #include "content/public/common/origin_util.h" 32 #include "content/public/common/origin_util.h"
32 #include "net/base/net_errors.h" 33 #include "net/base/net_errors.h"
(...skipping 144 matching lines...) Expand 10 before | Expand all | Expand 10 after
177 178
178 ChromeSecurityStateModelClient::~ChromeSecurityStateModelClient() {} 179 ChromeSecurityStateModelClient::~ChromeSecurityStateModelClient() {}
179 180
180 // static 181 // static
181 blink::WebSecurityStyle ChromeSecurityStateModelClient::GetSecurityStyle( 182 blink::WebSecurityStyle ChromeSecurityStateModelClient::GetSecurityStyle(
182 const security_state::SecurityStateModel::SecurityInfo& security_info, 183 const security_state::SecurityStateModel::SecurityInfo& security_info,
183 content::SecurityStyleExplanations* security_style_explanations) { 184 content::SecurityStyleExplanations* security_style_explanations) {
184 const blink::WebSecurityStyle security_style = 185 const blink::WebSecurityStyle security_style =
185 SecurityLevelToSecurityStyle(security_info.security_level); 186 SecurityLevelToSecurityStyle(security_info.security_level);
186 187
188 if (security_info.security_level ==
189 security_state::SecurityStateModel::HTTP_SHOW_WARNING) {
190 // If the HTTP_SHOW_WARNING field trial is in use, display an
191 // unauthenticated explanation explaining why the omnibox warning is
192 // present.
193 security_style_explanations->unauthenticated_explanations.push_back(
194 content::SecurityStyleExplanation(
195 l10n_util::GetStringUTF8(IDS_PRIVATE_USER_DATA_INPUT),
196 l10n_util::GetStringUTF8(IDS_PRIVATE_USER_DATA_INPUT_DESCRIPTION)));
197 } else if (security_info.security_level ==
198 security_state::SecurityStateModel::NONE &&
199 security_info.displayed_private_user_data_input_on_http) {
200 // If the HTTP_SHOW_WARNING field trial isn't in use yet, display an
201 // informational note that the omnibox will contain a warning for
202 // this site in a future version of Chrome.
203 security_style_explanations->info_explanations.push_back(
204 content::SecurityStyleExplanation(
205 l10n_util::GetStringUTF8(IDS_PRIVATE_USER_DATA_INPUT),
206 l10n_util::GetStringUTF8(
207 IDS_PRIVATE_USER_DATA_INPUT_FUTURE_DESCRIPTION)));
208 }
209
187 security_style_explanations->ran_insecure_content_style = 210 security_style_explanations->ran_insecure_content_style =
188 SecurityLevelToSecurityStyle( 211 SecurityLevelToSecurityStyle(
189 SecurityStateModel::kRanInsecureContentLevel); 212 SecurityStateModel::kRanInsecureContentLevel);
190 security_style_explanations->displayed_insecure_content_style = 213 security_style_explanations->displayed_insecure_content_style =
191 SecurityLevelToSecurityStyle( 214 SecurityLevelToSecurityStyle(
192 SecurityStateModel::kDisplayedInsecureContentLevel); 215 SecurityStateModel::kDisplayedInsecureContentLevel);
193 216
194 // Check if the page is HTTP; if so, no explanations are needed. Note 217 // Check if the page is HTTP; if so, no more explanations are needed. Note
195 // that SecurityStyleUnauthenticated does not necessarily mean that 218 // that SecurityStyleUnauthenticated does not necessarily mean that
196 // the page is loaded over HTTP, because the security style merely 219 // the page is loaded over HTTP, because the security style merely
197 // represents how the embedder wishes to display the security state of 220 // represents how the embedder wishes to display the security state of
198 // the page, and the embedder can choose to display HTTPS page as HTTP 221 // the page, and the embedder can choose to display HTTPS page as HTTP
199 // if it wants to (for example, displaying deprecated crypto 222 // if it wants to (for example, displaying deprecated crypto
200 // algorithms with the same UI treatment as HTTP pages). 223 // algorithms with the same UI treatment as HTTP pages).
201 security_style_explanations->scheme_is_cryptographic = 224 security_style_explanations->scheme_is_cryptographic =
202 security_info.scheme_is_cryptographic; 225 security_info.scheme_is_cryptographic;
203 if (!security_info.scheme_is_cryptographic) { 226 if (!security_info.scheme_is_cryptographic) {
204 return security_style; 227 return security_style;
(...skipping 184 matching lines...) Expand 10 before | Expand all | Expand 10 after
389 !!(ssl.content_status & content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS); 412 !!(ssl.content_status & content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS);
390 state->displayed_password_field_on_http = 413 state->displayed_password_field_on_http =
391 !!(ssl.content_status & 414 !!(ssl.content_status &
392 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); 415 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
393 state->displayed_credit_card_field_on_http = 416 state->displayed_credit_card_field_on_http =
394 !!(ssl.content_status & 417 !!(ssl.content_status &
395 content::SSLStatus::DISPLAYED_CREDIT_CARD_FIELD_ON_HTTP); 418 content::SSLStatus::DISPLAYED_CREDIT_CARD_FIELD_ON_HTTP);
396 419
397 CheckSafeBrowsingStatus(entry, web_contents_, state); 420 CheckSafeBrowsingStatus(entry, web_contents_, state);
398 } 421 }
OLDNEW
« no previous file with comments | « chrome/app/google_chrome_strings.grd ('k') | chrome/browser/ssl/chrome_security_state_model_client_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698