diff options
author | palmer <palmer@chromium.org> | 2015-08-04 12:59:34 -0700 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2015-08-04 20:03:10 +0000 |
commit | a6e826b2b782c41e141b1c3ba1e95d85bb6e4d94 (patch) | |
tree | 8841af5a58339fe3049b05aaadc171137212a4af | |
parent | eb2ba9ab7627093f3ef01a3b7cdf44be9bd8ee6c (diff) | |
download | chromium_src-a6e826b2b782c41e141b1c3ba1e95d85bb6e4d94.zip chromium_src-a6e826b2b782c41e141b1c3ba1e95d85bb6e4d94.tar.gz chromium_src-a6e826b2b782c41e141b1c3ba1e95d85bb6e4d94.tar.bz2 |
Mark origins of Dubious security as Neutral.
Softening the UX will reduce ambiguity (Dubious means several things), warning
fatigue, and site operator sadness (which we hope will then incentivize HTTPS
adoption).
BUG=513863
Review URL: https://codereview.chromium.org/1260563002
Cr-Commit-Position: refs/heads/master@{#341773}
5 files changed, 14 insertions, 10 deletions
diff --git a/chrome/android/java/src/org/chromium/chrome/browser/toolbar/CustomTabToolbar.java b/chrome/android/java/src/org/chromium/chrome/browser/toolbar/CustomTabToolbar.java index e988781..da64afc 100644 --- a/chrome/android/java/src/org/chromium/chrome/browser/toolbar/CustomTabToolbar.java +++ b/chrome/android/java/src/org/chromium/chrome/browser/toolbar/CustomTabToolbar.java @@ -170,7 +170,6 @@ public class CustomTabToolbar extends ToolbarLayout implements LocationBar, public boolean shouldEmphasizeHttpsScheme() { int securityLevel = getSecurityLevel(); if (securityLevel == ConnectionSecurityLevel.SECURITY_ERROR - || securityLevel == ConnectionSecurityLevel.SECURITY_WARNING || securityLevel == ConnectionSecurityLevel.SECURITY_POLICY_WARNING) { return true; } diff --git a/chrome/browser/ssl/connection_security.cc b/chrome/browser/ssl/connection_security.cc index 2e53f30..ca63e71 100644 --- a/chrome/browser/ssl/connection_security.cc +++ b/chrome/browser/ssl/connection_security.cc @@ -49,7 +49,7 @@ connection_security::SecurityLevel GetSecurityLevelForNonSecureFieldTrial() { level = connection_security::NONE; } else if (choice == switches::kMarkNonSecureAsDubious) { status = DUBIOUS; - level = connection_security::SECURITY_WARNING; + level = connection_security::NONE; } else if (choice == switches::kMarkNonSecureAsNonSecure) { status = NON_SECURE; level = connection_security::SECURITY_ERROR; @@ -58,7 +58,7 @@ connection_security::SecurityLevel GetSecurityLevelForNonSecureFieldTrial() { level = connection_security::NONE; } else if (group == switches::kMarkNonSecureAsDubious) { status = DUBIOUS; - level = connection_security::SECURITY_WARNING; + level = connection_security::NONE; } else if (group == switches::kMarkNonSecureAsNonSecure) { status = NON_SECURE; level = connection_security::SECURITY_ERROR; @@ -156,18 +156,18 @@ SecurityLevel GetSecurityLevelForWebContents( if (sha1_status == DEPRECATED_SHA1_BROKEN) return SECURITY_ERROR; if (sha1_status == DEPRECATED_SHA1_WARNING) - return SECURITY_WARNING; + return NONE; MixedContentStatus mixed_content_status = GetMixedContentStatus(ssl); // Active mixed content is downgraded to the BROKEN style and // handled above. DCHECK_NE(RAN_MIXED_CONTENT, mixed_content_status); if (mixed_content_status == DISPLAYED_MIXED_CONTENT) - return SECURITY_WARNING; + return NONE; if (net::IsCertStatusError(ssl.cert_status)) { DCHECK(net::IsCertStatusMinorError(ssl.cert_status)); - return SECURITY_WARNING; + return NONE; } if (net::SSLConnectionStatusToVersion(ssl.connection_status) == net::SSL_CONNECTION_VERSION_SSL3) { @@ -196,6 +196,7 @@ void GetSecurityInfoForWebContents(const content::WebContents* web_contents, SecurityLevel security_level = GetSecurityLevelForWebContents(web_contents); switch (security_level) { + case SECURITY_WARNING: case NONE: security_info->security_style = content::SECURITY_STYLE_UNAUTHENTICATED; break; @@ -203,7 +204,6 @@ void GetSecurityInfoForWebContents(const content::WebContents* web_contents, case SECURE: security_info->security_style = content::SECURITY_STYLE_AUTHENTICATED; break; - case SECURITY_WARNING: case SECURITY_POLICY_WARNING: security_info->security_style = content::SECURITY_STYLE_WARNING; break; diff --git a/chrome/browser/ui/browser_browsertest.cc b/chrome/browser/ui/browser_browsertest.cc index 64a6161..54f9d99 100644 --- a/chrome/browser/ui/browser_browsertest.cc +++ b/chrome/browser/ui/browser_browsertest.cc @@ -2950,7 +2950,8 @@ IN_PROC_BROWSER_TEST_F(BrowserTest, SecurityStyleChangedObserver) { GURL mixed_content_url(https_test_server.GetURL(replacement_path)); ui_test_utils::NavigateToURL(browser(), mixed_content_url); - EXPECT_EQ(content::SECURITY_STYLE_WARNING, observer.latest_security_style()); + EXPECT_EQ(content::SECURITY_STYLE_UNAUTHENTICATED, + observer.latest_security_style()); const content::SecurityStyleExplanations& mixed_content_explanation = observer.latest_explanations(); diff --git a/chrome/browser/ui/toolbar/toolbar_model_impl.cc b/chrome/browser/ui/toolbar/toolbar_model_impl.cc index 083b11b..92245a4 100644 --- a/chrome/browser/ui/toolbar/toolbar_model_impl.cc +++ b/chrome/browser/ui/toolbar/toolbar_model_impl.cc @@ -134,7 +134,8 @@ int ToolbarModelImpl::GetIconForSecurityLevel( case connection_security::SECURE: return IDR_OMNIBOX_HTTPS_VALID; case connection_security::SECURITY_WARNING: - return IDR_OMNIBOX_HTTPS_WARNING; + // Surface Dubious as Neutral. + return IDR_LOCATION_BAR_HTTP; case connection_security::SECURITY_POLICY_WARNING: return IDR_OMNIBOX_HTTPS_POLICY_WARNING; case connection_security::SECURITY_ERROR: diff --git a/chrome/browser/ui/views/location_bar/location_bar_view.cc b/chrome/browser/ui/views/location_bar/location_bar_view.cc index 32050e5..ceab3e9 100644 --- a/chrome/browser/ui/views/location_bar/location_bar_view.cc +++ b/chrome/browser/ui/views/location_bar/location_bar_view.cc @@ -357,7 +357,6 @@ SkColor LocationBarView::GetColor( color = SkColorSetRGB(7, 149, 0); break; - case connection_security::SECURITY_WARNING: case connection_security::SECURITY_POLICY_WARNING: return GetColor(security_level, DEEMPHASIZED_TEXT); break; @@ -366,6 +365,10 @@ SkColor LocationBarView::GetColor( color = SkColorSetRGB(162, 0, 0); break; + case connection_security::SECURITY_WARNING: + return GetColor(security_level, TEXT); + break; + default: NOTREACHED(); return GetColor(security_level, TEXT); |