Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(202)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/ssl/chrome_security_state_model_client.cc

Issue 2432933004: Adjust HTTP-bad console messages (Closed)
Patch Set: elawrence comment Created 4 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | chrome/browser/ssl/chrome_security_state_model_client_browser_tests.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" 5 #include "chrome/browser/ssl/chrome_security_state_model_client.h"
6 6
7 #include <openssl/ssl.h> 7 #include <openssl/ssl.h>
8 8
9 #include <vector> 9 #include <vector>
10 10
(...skipping 316 matching lines...) Expand 10 before | Expand all | Expand 10 after
327 SecurityStateModel::SecurityInfo* result) const { 327 SecurityStateModel::SecurityInfo* result) const {
328 security_state_model_->GetSecurityInfo(result); 328 security_state_model_->GetSecurityInfo(result);
329 } 329 }
330 330
331 void ChromeSecurityStateModelClient::VisibleSSLStateChanged() { 331 void ChromeSecurityStateModelClient::VisibleSSLStateChanged() {
332 if (logged_http_warning_on_current_navigation_) 332 if (logged_http_warning_on_current_navigation_)
333 return; 333 return;
334 334
335 security_state::SecurityStateModel::SecurityInfo security_info; 335 security_state::SecurityStateModel::SecurityInfo security_info;
336 GetSecurityInfo(&security_info); 336 GetSecurityInfo(&security_info);
337 if (security_info.security_level == 337 if (!security_info.displayed_private_user_data_input_on_http)
338 security_state::SecurityStateModel::HTTP_SHOW_WARNING) { 338 return;
339 web_contents_->GetMainFrame()->AddMessageToConsole( 339
340 content::CONSOLE_MESSAGE_LEVEL_WARNING, 340 std::string warning;
341 "In Chrome M56 (Jan 2017), this page will be marked " 341 switch (security_info.security_level) {
342 "as \"not secure\" in the URL bar. For more " 342 case security_state::SecurityStateModel::HTTP_SHOW_WARNING:
343 "information, see https://goo.gl/zmWq3m"); 343 warning =
lgarron 2016/10/21 00:01:12 I was going to complain that we shouldn't define t
344 logged_http_warning_on_current_navigation_ = true; 344 "This page includes a password or credit card input in a non-secure "
345 "context. A warning has been added to the URL bar. For more "
346 "information, see https://goo.gl/zmWq3m.";
347 break;
348 case security_state::SecurityStateModel::NONE:
349 warning =
350 "This page includes a password or credit card input in a non-secure "
351 "context. A warning will be added to the URL bar in Chrome 56 (Jan "
352 "2017). For more information, see https://goo.gl/zmWq3m.";
353 break;
354 default:
355 return;
345 } 356 }
357
358 logged_http_warning_on_current_navigation_ = true;
359 web_contents_->GetMainFrame()->AddMessageToConsole(
360 content::CONSOLE_MESSAGE_LEVEL_WARNING, warning);
346 } 361 }
347 362
348 void ChromeSecurityStateModelClient::DidFinishNavigation( 363 void ChromeSecurityStateModelClient::DidFinishNavigation(
349 content::NavigationHandle* navigation_handle) { 364 content::NavigationHandle* navigation_handle) {
350 if (navigation_handle->IsInMainFrame() && 365 if (navigation_handle->IsInMainFrame() &&
351 !navigation_handle->IsSynchronousNavigation()) { 366 !navigation_handle->IsSynchronousNavigation()) {
352 // Only reset the console message flag for main-frame navigations, 367 // Only reset the console message flag for main-frame navigations,
353 // and not for synchronous navigations like reference fragments and 368 // and not for synchronous navigations like reference fragments and
354 // pushState. 369 // pushState.
355 logged_http_warning_on_current_navigation_ = false; 370 logged_http_warning_on_current_navigation_ = false;
(...skipping 56 matching lines...) Expand 10 before | Expand all | Expand 10 after
412 !!(ssl.content_status & content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS); 427 !!(ssl.content_status & content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS);
413 state->displayed_password_field_on_http = 428 state->displayed_password_field_on_http =
414 !!(ssl.content_status & 429 !!(ssl.content_status &
415 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP); 430 content::SSLStatus::DISPLAYED_PASSWORD_FIELD_ON_HTTP);
416 state->displayed_credit_card_field_on_http = 431 state->displayed_credit_card_field_on_http =
417 !!(ssl.content_status & 432 !!(ssl.content_status &
418 content::SSLStatus::DISPLAYED_CREDIT_CARD_FIELD_ON_HTTP); 433 content::SSLStatus::DISPLAYED_CREDIT_CARD_FIELD_ON_HTTP);
419 434
420 CheckSafeBrowsingStatus(entry, web_contents_, state); 435 CheckSafeBrowsingStatus(entry, web_contents_, state);
421 } 436 }
OLDNEW
« no previous file with comments | « no previous file | chrome/browser/ssl/chrome_security_state_model_client_browser_tests.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698