diff options
| author | estark <estark@chromium.org> | 2015-05-12 22:37:38 -0700 |
|---|---|---|
| committer | Commit bot <commit-bot@chromium.org> | 2015-05-13 05:37:52 +0000 |
| commit | ca7c0a3374c21ab10c821f4f3a890afc79182acf (patch) | |
| tree | fe73353e722982ce7bc534017e7de75cb73c6709 | |
| parent | 2579eba5109325886654cef3a87b96f7ba90434d (diff) | |
| download | chromium_src-ca7c0a3374c21ab10c821f4f3a890afc79182acf.zip chromium_src-ca7c0a3374c21ab10c821f4f3a890afc79182acf.tar.gz chromium_src-ca7c0a3374c21ab10c821f4f3a890afc79182acf.tar.bz2 | |
Move SecurityLevel into a class of its own
This CL moves |GetSecurityLevelForWebContents| and the |SecurityLevel|
enum into a class of their own: |ConnectionSecurityHelper| in
//chrome/browser/ssl (since it is applying Chrome-specific security
policy to determine the security level of a page).
Later, we will use the new |ConnectionSecurityHelper| class to compute a
security level for a page to send to the DevTools Security
panel. Specifically, we need to be able to calculate the security level
for a given page, not just the WebContents for the active tab.
BUG=484392
Review URL: https://codereview.chromium.org/1123943002
Cr-Commit-Position: refs/heads/master@{#329591}
24 files changed, 391 insertions, 292 deletions
diff --git a/chrome/android/BUILD.gn b/chrome/android/BUILD.gn index 1f96d90..bb189ea 100644 --- a/chrome/android/BUILD.gn +++ b/chrome/android/BUILD.gn @@ -128,22 +128,22 @@ android_library("chrome_java") { # GYP: //chrome/chrome_browser.gypi:activity_type_ids_java # GYP: //chrome/chrome_browser.gypi:profile_account_management_metrics_java # GYP: //chrome/chrome_browser.gypi:profile_sync_service_model_type_selection_java +# GYP: //chrome/chrome_browser.gypi:connection_security_helper_security_levels_java # GYP: //chrome/chrome_browser.gypi:tab_load_status_java -# GYP: //chrome/chrome_browser.gypi:toolbar_model_security_levels_java java_cpp_enum("chrome_android_java_enums_srcjar") { sources = [ "//chrome/browser/android/activity_type_ids.h", "//chrome/browser/android/tab_android.h", "//chrome/browser/profiles/profile_metrics.h", + "//chrome/browser/ssl/connection_security_helper.h", "//chrome/browser/sync/profile_sync_service_android.cc", - "//chrome/browser/ui/toolbar/toolbar_model.h", ] outputs = [ "org/chromium/chrome/browser/ActivityTypeIds.java", "org/chromium/chrome/browser/TabLoadStatus.java", "org/chromium/chrome/browser/profiles/ProfileAccountManagementMetrics.java", + "org/chromium/chrome/browser/ssl/ConnectionSecurityHelperSecurityLevel.java", "org/chromium/chrome/browser/sync/ModelTypeSelection.java", - "org/chromium/chrome/browser/ui/toolbar/ToolbarModelSecurityLevel.java", ] } diff --git a/chrome/android/java/src/org/chromium/chrome/browser/Tab.java b/chrome/android/java/src/org/chromium/chrome/browser/Tab.java index d41113b..cc51cda 100644 --- a/chrome/android/java/src/org/chromium/chrome/browser/Tab.java +++ b/chrome/android/java/src/org/chromium/chrome/browser/Tab.java @@ -42,13 +42,13 @@ import org.chromium.chrome.browser.metrics.UmaSessionStats; import org.chromium.chrome.browser.metrics.UmaUtils; import org.chromium.chrome.browser.printing.TabPrinter; import org.chromium.chrome.browser.profiles.Profile; +import org.chromium.chrome.browser.ssl.ConnectionSecurityHelper; +import org.chromium.chrome.browser.ssl.ConnectionSecurityHelperSecurityLevel; import org.chromium.chrome.browser.tab.SadTabViewFactory; import org.chromium.chrome.browser.tabmodel.TabModel.TabLaunchType; import org.chromium.chrome.browser.tabmodel.TabModel.TabSelectionType; import org.chromium.chrome.browser.tabmodel.TabModelBase; import org.chromium.chrome.browser.tabmodel.TabModelSelector; -import org.chromium.chrome.browser.toolbar.ToolbarModel; -import org.chromium.chrome.browser.ui.toolbar.ToolbarModelSecurityLevel; import org.chromium.components.navigation_interception.InterceptNavigationDelegate; import org.chromium.content.browser.ContentView; import org.chromium.content.browser.ContentViewClient; @@ -1144,11 +1144,11 @@ public class Tab implements ViewGroup.OnHierarchyChangeListener, } /** - * @return The current {ToolbarModelSecurityLevel} for the tab. + * @return The current {@link ConnectionSecurityHelperSecurityLevel} for the tab. */ // TODO(tedchoc): Remove this and transition all clients to use ToolbarModel directly. public int getSecurityLevel() { - return ToolbarModel.getSecurityLevelForWebContents(getWebContents()); + return ConnectionSecurityHelper.getSecurityLevelForWebContents(getWebContents()); } /** @@ -2450,8 +2450,9 @@ public class Tab implements ViewGroup.OnHierarchyChangeListener, && !url.startsWith(UrlConstants.CHROME_NATIVE_SCHEME); int securityState = getSecurityLevel(); - enableHidingTopControls &= (securityState != ToolbarModelSecurityLevel.SECURITY_ERROR - && securityState != ToolbarModelSecurityLevel.SECURITY_WARNING); + enableHidingTopControls &= + (securityState != ConnectionSecurityHelperSecurityLevel.SECURITY_ERROR + && securityState != ConnectionSecurityHelperSecurityLevel.SECURITY_WARNING); enableHidingTopControls &= !AccessibilityUtil.isAccessibilityEnabled(getApplicationContext()); diff --git a/chrome/android/java/src/org/chromium/chrome/browser/WebsiteSettingsPopup.java b/chrome/android/java/src/org/chromium/chrome/browser/WebsiteSettingsPopup.java index 0fd6bb8..806cb94 100644 --- a/chrome/android/java/src/org/chromium/chrome/browser/WebsiteSettingsPopup.java +++ b/chrome/android/java/src/org/chromium/chrome/browser/WebsiteSettingsPopup.java @@ -41,8 +41,9 @@ import org.chromium.base.CalledByNative; import org.chromium.chrome.R; import org.chromium.chrome.browser.omnibox.OmniboxUrlEmphasizer; import org.chromium.chrome.browser.profiles.Profile; +import org.chromium.chrome.browser.ssl.ConnectionSecurityHelper; +import org.chromium.chrome.browser.ssl.ConnectionSecurityHelperSecurityLevel; import org.chromium.chrome.browser.toolbar.ToolbarModel; -import org.chromium.chrome.browser.ui.toolbar.ToolbarModelSecurityLevel; import org.chromium.content_public.browser.WebContents; import org.chromium.content_public.browser.WebContentsObserver; import org.chromium.ui.base.Clipboard; @@ -243,7 +244,7 @@ public class WebsiteSettingsPopup implements OnClickListener, OnItemSelectedList // chrome://settings page). private boolean mIsInternalPage; - // The security level of the page (a valid ToolbarModelSecurityLevel). + // The security level of the page (a valid ConnectionSecurityHelperSecurityLevel). private int mSecurityLevel; // Whether the security level of the page was deprecated due to SHA-1. @@ -375,7 +376,7 @@ public class WebsiteSettingsPopup implements OnClickListener, OnItemSelectedList mParsedUrl = null; mIsInternalPage = false; } - mSecurityLevel = ToolbarModel.getSecurityLevelForWebContents(mWebContents); + mSecurityLevel = ConnectionSecurityHelper.getSecurityLevelForWebContents(mWebContents); mDeprecatedSHA1Present = ToolbarModel.isDeprecatedSHA1Present(mWebContents); SpannableStringBuilder urlBuilder = new SpannableStringBuilder(mFullUrl); @@ -433,26 +434,26 @@ public class WebsiteSettingsPopup implements OnClickListener, OnItemSelectedList * Gets the message to display in the connection message box for the given security level. Does * not apply to SECURITY_ERROR pages, since these have their own coloured/formatted message. * - * @param toolbarModelSecurityLevel A valid ToolbarModelSecurityLevel, which is the security - * level of the page. + * @param securityLevel A valid ConnectionSecurityHelperSecurityLevel, which is the security + * level of the page. * @param isInternalPage Whether or not this page is an internal chrome page (e.g. the * chrome://settings page). * @return The ID of the message to display in the connection message box. */ - private int getConnectionMessageId(int toolbarModelSecurityLevel, boolean isInternalPage) { + private int getConnectionMessageId(int securityLevel, boolean isInternalPage) { if (isInternalPage) return R.string.page_info_connection_internal_page; - switch (toolbarModelSecurityLevel) { - case ToolbarModelSecurityLevel.NONE: + switch (securityLevel) { + case ConnectionSecurityHelperSecurityLevel.NONE: return R.string.page_info_connection_http; - case ToolbarModelSecurityLevel.SECURE: - case ToolbarModelSecurityLevel.EV_SECURE: + case ConnectionSecurityHelperSecurityLevel.SECURE: + case ConnectionSecurityHelperSecurityLevel.EV_SECURE: return R.string.page_info_connection_https; - case ToolbarModelSecurityLevel.SECURITY_WARNING: - case ToolbarModelSecurityLevel.SECURITY_POLICY_WARNING: + case ConnectionSecurityHelperSecurityLevel.SECURITY_WARNING: + case ConnectionSecurityHelperSecurityLevel.SECURITY_POLICY_WARNING: return R.string.page_info_connection_mixed; default: - assert false : "Invalid security level specified: " + toolbarModelSecurityLevel; + assert false : "Invalid security level specified: " + securityLevel; return R.string.page_info_connection_http; } } @@ -462,7 +463,7 @@ public class WebsiteSettingsPopup implements OnClickListener, OnItemSelectedList * HTTPS connections. */ private boolean isConnectionDetailsLinkVisible() { - return !mIsInternalPage && mSecurityLevel != ToolbarModelSecurityLevel.NONE; + return !mIsInternalPage && mSecurityLevel != ConnectionSecurityHelperSecurityLevel.NONE; } /** @@ -474,7 +475,7 @@ public class WebsiteSettingsPopup implements OnClickListener, OnItemSelectedList if (mDeprecatedSHA1Present) { messageBuilder.append( mContext.getResources().getString(R.string.page_info_connection_sha1)); - } else if (mSecurityLevel != ToolbarModelSecurityLevel.SECURITY_ERROR) { + } else if (mSecurityLevel != ConnectionSecurityHelperSecurityLevel.SECURITY_ERROR) { messageBuilder.append(mContext.getResources().getString( getConnectionMessageId(mSecurityLevel, mIsInternalPage))); } else { diff --git a/chrome/android/java/src/org/chromium/chrome/browser/omnibox/OmniboxUrlEmphasizer.java b/chrome/android/java/src/org/chromium/chrome/browser/omnibox/OmniboxUrlEmphasizer.java index 52b65b7..9cf8e69 100644 --- a/chrome/android/java/src/org/chromium/chrome/browser/omnibox/OmniboxUrlEmphasizer.java +++ b/chrome/android/java/src/org/chromium/chrome/browser/omnibox/OmniboxUrlEmphasizer.java @@ -12,7 +12,7 @@ import android.text.style.StrikethroughSpan; import org.chromium.base.VisibleForTesting; import org.chromium.chrome.R; import org.chromium.chrome.browser.profiles.Profile; -import org.chromium.chrome.browser.ui.toolbar.ToolbarModelSecurityLevel; +import org.chromium.chrome.browser.ssl.ConnectionSecurityHelperSecurityLevel; import java.util.Locale; @@ -135,7 +135,7 @@ public class OmniboxUrlEmphasizer { * modified. * @param resources Resources for the given application context. * @param profile The profile viewing the given URL. - * @param securityLevel A valid ToolbarModelSecurityLevel for the specified + * @param securityLevel A valid ConnectionSecurityHelperSecurityLevel for the specified * web contents. * @param isInternalPage Whether this page is an internal Chrome page. * @param useDarkColors Whether the text colors should be dark (i.e. @@ -164,25 +164,26 @@ public class OmniboxUrlEmphasizer { if (emphasizeResponse.hasScheme()) { int colorId = nonEmphasizedColorId; if (!isInternalPage - && (useDarkColors || securityLevel - == ToolbarModelSecurityLevel.SECURITY_ERROR)) { + && (useDarkColors + || securityLevel + == ConnectionSecurityHelperSecurityLevel.SECURITY_ERROR)) { switch (securityLevel) { - case ToolbarModelSecurityLevel.NONE: + case ConnectionSecurityHelperSecurityLevel.NONE: colorId = nonEmphasizedColorId; break; - case ToolbarModelSecurityLevel.SECURITY_WARNING: + case ConnectionSecurityHelperSecurityLevel.SECURITY_WARNING: colorId = R.color.url_emphasis_start_scheme_security_warning; break; - case ToolbarModelSecurityLevel.SECURITY_ERROR: + case ConnectionSecurityHelperSecurityLevel.SECURITY_ERROR: colorId = R.color.url_emphasis_start_scheme_security_error; UrlEmphasisSecurityErrorSpan ss = new UrlEmphasisSecurityErrorSpan(); url.setSpan(ss, startSchemeIndex, endSchemeIndex, Spannable.SPAN_EXCLUSIVE_EXCLUSIVE); break; - case ToolbarModelSecurityLevel.EV_SECURE: + case ConnectionSecurityHelperSecurityLevel.EV_SECURE: colorId = R.color.url_emphasis_start_scheme_ev_secure; break; - case ToolbarModelSecurityLevel.SECURE: + case ConnectionSecurityHelperSecurityLevel.SECURE: colorId = R.color.url_emphasis_start_scheme_secure; break; default: diff --git a/chrome/android/java/src/org/chromium/chrome/browser/ssl/ConnectionSecurityHelper.java b/chrome/android/java/src/org/chromium/chrome/browser/ssl/ConnectionSecurityHelper.java new file mode 100644 index 0000000..5d9b1b9 --- /dev/null +++ b/chrome/android/java/src/org/chromium/chrome/browser/ssl/ConnectionSecurityHelper.java @@ -0,0 +1,29 @@ +// Copyright 2015 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +package org.chromium.chrome.browser.ssl; + +import org.chromium.content_public.browser.WebContents; + +/** + * Provides a way of accessing helpers for connection security levels. + */ +public class ConnectionSecurityHelper { + /** + * Fetch the security level for a given web contents. + * + * @param webContents The web contents to get the security level for. + * @return The ConnectionSecurityHelperSecurityLevel for the specified web contents. + * + * @see ConnectionSecurityHelperSecurityLevel + */ + public static int getSecurityLevelForWebContents(WebContents webContents) { + if (webContents == null) return ConnectionSecurityHelperSecurityLevel.NONE; + return nativeGetSecurityLevelForWebContents(webContents); + } + + private ConnectionSecurityHelper() {} + + private static native int nativeGetSecurityLevelForWebContents(WebContents webContents); +} diff --git a/chrome/android/java/src/org/chromium/chrome/browser/toolbar/ToolbarModel.java b/chrome/android/java/src/org/chromium/chrome/browser/toolbar/ToolbarModel.java index e8aeac5..6d1d591 100644 --- a/chrome/android/java/src/org/chromium/chrome/browser/toolbar/ToolbarModel.java +++ b/chrome/android/java/src/org/chromium/chrome/browser/toolbar/ToolbarModel.java @@ -5,7 +5,6 @@ package org.chromium.chrome.browser.toolbar; import org.chromium.base.CalledByNative; -import org.chromium.chrome.browser.ui.toolbar.ToolbarModelSecurityLevel; import org.chromium.content_public.browser.WebContents; /** @@ -27,19 +26,6 @@ public class ToolbarModel { private long mNativeToolbarModelAndroid; /** - * Fetch the security level for a given web contents. - * - * @param webContents The web contents to get the security level for. - * @return The ToolbarModelSecurityLevel for the specified web contents. - * - * @see ToolbarModelSecurityLevel - */ - public static int getSecurityLevelForWebContents(WebContents webContents) { - if (webContents == null) return ToolbarModelSecurityLevel.NONE; - return nativeGetSecurityLevelForWebContents(webContents); - } - - /** * @param webContents The web contents to query for deprecated SHA-1 presence. * @return Whether the security level of the page was deprecated due to SHA-1. */ @@ -83,7 +69,6 @@ public class ToolbarModel { return nativeWouldReplaceURL(mNativeToolbarModelAndroid); } - private static native int nativeGetSecurityLevelForWebContents(WebContents webContents); private static native boolean nativeIsDeprecatedSHA1Present(WebContents webContents); private native long nativeInit(ToolbarModelDelegate delegate); diff --git a/chrome/android/javatests_shell/src/org/chromium/chrome/browser/omnibox/OmniboxUrlEmphasizerTest.java b/chrome/android/javatests_shell/src/org/chromium/chrome/browser/omnibox/OmniboxUrlEmphasizerTest.java index 6ce272f..0173353 100644 --- a/chrome/android/javatests_shell/src/org/chromium/chrome/browser/omnibox/OmniboxUrlEmphasizerTest.java +++ b/chrome/android/javatests_shell/src/org/chromium/chrome/browser/omnibox/OmniboxUrlEmphasizerTest.java @@ -17,7 +17,7 @@ import org.chromium.chrome.browser.omnibox.OmniboxUrlEmphasizer.UrlEmphasisColor import org.chromium.chrome.browser.omnibox.OmniboxUrlEmphasizer.UrlEmphasisSecurityErrorSpan; import org.chromium.chrome.browser.omnibox.OmniboxUrlEmphasizer.UrlEmphasisSpan; import org.chromium.chrome.browser.profiles.Profile; -import org.chromium.chrome.browser.ui.toolbar.ToolbarModelSecurityLevel; +import org.chromium.chrome.browser.ssl.ConnectionSecurityHelperSecurityLevel; import org.chromium.chrome.shell.ChromeShellActivity; import org.chromium.chrome.shell.ChromeShellTab; import org.chromium.chrome.shell.ChromeShellTestBase; @@ -125,9 +125,8 @@ public class OmniboxUrlEmphasizerTest extends ChromeShellTestBase { @Feature({"Browser", "Main"}) public void testShortSecureHTTPSUrl() { Spannable url = new SpannableStringBuilder("https://www.google.com/"); - OmniboxUrlEmphasizer.emphasizeUrl(url, mResources, - mProfile, ToolbarModelSecurityLevel.SECURE, false, - true); + OmniboxUrlEmphasizer.emphasizeUrl(url, mResources, mProfile, + ConnectionSecurityHelperSecurityLevel.SECURE, false, true); EmphasizedUrlSpanHelper[] spans = EmphasizedUrlSpanHelper.getSpansForEmphasizedUrl(url); assertEquals("Unexpected number of spans:", 4, spans.length); @@ -150,9 +149,8 @@ public class OmniboxUrlEmphasizerTest extends ChromeShellTestBase { @Feature({"Browser", "Main"}) public void testShortSecureHTTPSUrlWithLightColors() { Spannable url = new SpannableStringBuilder("https://www.google.com/"); - OmniboxUrlEmphasizer.emphasizeUrl(url, mResources, - mProfile, ToolbarModelSecurityLevel.SECURE, false, - false); + OmniboxUrlEmphasizer.emphasizeUrl(url, mResources, mProfile, + ConnectionSecurityHelperSecurityLevel.SECURE, false, false); EmphasizedUrlSpanHelper[] spans = EmphasizedUrlSpanHelper.getSpansForEmphasizedUrl(url); assertEquals("Unexpected number of spans:", 4, spans.length); @@ -176,9 +174,8 @@ public class OmniboxUrlEmphasizerTest extends ChromeShellTestBase { public void testLongInsecureHTTPSUrl() { Spannable url = new SpannableStringBuilder( "https://www.google.com/q?query=abc123&results=1"); - OmniboxUrlEmphasizer.emphasizeUrl(url, mResources, - mProfile, ToolbarModelSecurityLevel.SECURITY_ERROR, false, - true); + OmniboxUrlEmphasizer.emphasizeUrl(url, mResources, mProfile, + ConnectionSecurityHelperSecurityLevel.SECURITY_ERROR, false, true); EmphasizedUrlSpanHelper[] spans = EmphasizedUrlSpanHelper.getSpansForEmphasizedUrl(url); assertEquals("Unexpected number of spans:", 5, spans.length); @@ -202,9 +199,8 @@ public class OmniboxUrlEmphasizerTest extends ChromeShellTestBase { @Feature({"Browser", "Main"}) public void testVeryShortWarningHTTPSUrl() { Spannable url = new SpannableStringBuilder("https://www.dodgysite.com"); - OmniboxUrlEmphasizer.emphasizeUrl(url, mResources, - mProfile, ToolbarModelSecurityLevel.SECURITY_WARNING, false, - true); + OmniboxUrlEmphasizer.emphasizeUrl(url, mResources, mProfile, + ConnectionSecurityHelperSecurityLevel.SECURITY_WARNING, false, true); EmphasizedUrlSpanHelper[] spans = EmphasizedUrlSpanHelper.getSpansForEmphasizedUrl(url); assertEquals("Unexpected number of spans:", 3, spans.length); @@ -225,9 +221,8 @@ public class OmniboxUrlEmphasizerTest extends ChromeShellTestBase { @Feature({"Browser", "Main"}) public void testAboutPageUrl() { Spannable url = new SpannableStringBuilder("about:blank"); - OmniboxUrlEmphasizer.emphasizeUrl(url, mResources, - mProfile, ToolbarModelSecurityLevel.NONE, true, - true); + OmniboxUrlEmphasizer.emphasizeUrl( + url, mResources, mProfile, ConnectionSecurityHelperSecurityLevel.NONE, true, true); EmphasizedUrlSpanHelper[] spans = EmphasizedUrlSpanHelper.getSpansForEmphasizedUrl(url); assertEquals("Unexpected number of spans:", 3, spans.length); @@ -249,9 +244,8 @@ public class OmniboxUrlEmphasizerTest extends ChromeShellTestBase { public void testDataUrl() { Spannable url = new SpannableStringBuilder( "data:text/plain;charset=utf-8;base64,VGVzdCBVUkw="); - OmniboxUrlEmphasizer.emphasizeUrl(url, mResources, - mProfile, ToolbarModelSecurityLevel.NONE, true, - true); + OmniboxUrlEmphasizer.emphasizeUrl( + url, mResources, mProfile, ConnectionSecurityHelperSecurityLevel.NONE, true, true); EmphasizedUrlSpanHelper[] spans = EmphasizedUrlSpanHelper.getSpansForEmphasizedUrl(url); assertEquals("Unexpected number of spans:", 1, spans.length); @@ -268,9 +262,8 @@ public class OmniboxUrlEmphasizerTest extends ChromeShellTestBase { @Feature({"Browser", "Main"}) public void testInternalChromePageUrl() { Spannable url = new SpannableStringBuilder("chrome://bookmarks"); - OmniboxUrlEmphasizer.emphasizeUrl(url, mResources, - mProfile, ToolbarModelSecurityLevel.NONE, true, - true); + OmniboxUrlEmphasizer.emphasizeUrl( + url, mResources, mProfile, ConnectionSecurityHelperSecurityLevel.NONE, true, true); EmphasizedUrlSpanHelper[] spans = EmphasizedUrlSpanHelper.getSpansForEmphasizedUrl(url); assertEquals("Unexpected number of spans:", 3, spans.length); @@ -291,9 +284,8 @@ public class OmniboxUrlEmphasizerTest extends ChromeShellTestBase { @Feature({"Browser", "Main"}) public void testInternalChromeNativePageUrl() { Spannable url = new SpannableStringBuilder("chrome-native://bookmarks"); - OmniboxUrlEmphasizer.emphasizeUrl(url, mResources, - mProfile, ToolbarModelSecurityLevel.NONE, true, - true); + OmniboxUrlEmphasizer.emphasizeUrl( + url, mResources, mProfile, ConnectionSecurityHelperSecurityLevel.NONE, true, true); EmphasizedUrlSpanHelper[] spans = EmphasizedUrlSpanHelper.getSpansForEmphasizedUrl(url); assertEquals("Unexpected number of spans:", 3, spans.length); @@ -314,9 +306,8 @@ public class OmniboxUrlEmphasizerTest extends ChromeShellTestBase { @Feature({"Browser", "Main"}) public void testInvalidUrl() { Spannable url = new SpannableStringBuilder("invalidurl"); - OmniboxUrlEmphasizer.emphasizeUrl(url, mResources, - mProfile, ToolbarModelSecurityLevel.NONE, true, - true); + OmniboxUrlEmphasizer.emphasizeUrl( + url, mResources, mProfile, ConnectionSecurityHelperSecurityLevel.NONE, true, true); EmphasizedUrlSpanHelper[] spans = EmphasizedUrlSpanHelper.getSpansForEmphasizedUrl(url); assertEquals("Unexpected number of spans:", 1, spans.length); diff --git a/chrome/browser/ssl/connection_security_helper.cc b/chrome/browser/ssl/connection_security_helper.cc new file mode 100644 index 0000000..080b85b --- /dev/null +++ b/chrome/browser/ssl/connection_security_helper.cc @@ -0,0 +1,130 @@ +// Copyright 2015 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "chrome/browser/ssl/connection_security_helper.h" + +#include "base/command_line.h" +#include "base/metrics/field_trial.h" +#include "base/prefs/pref_service.h" +#include "chrome/browser/profiles/profile.h" +#include "chrome/browser/ssl/ssl_error_info.h" +#include "chrome/common/chrome_constants.h" +#include "chrome/common/chrome_switches.h" +#include "chrome/common/pref_names.h" +#include "content/public/browser/cert_store.h" +#include "content/public/browser/navigation_controller.h" +#include "content/public/browser/navigation_entry.h" +#include "content/public/browser/web_contents.h" +#include "content/public/common/ssl_status.h" +#include "net/base/net_util.h" +#include "net/cert/cert_status_flags.h" +#include "net/cert/x509_certificate.h" +#include "net/ssl/ssl_connection_status_flags.h" +#include "url/url_constants.h" + +#if defined(OS_CHROMEOS) +#include "chrome/browser/chromeos/policy/policy_cert_service.h" +#include "chrome/browser/chromeos/policy/policy_cert_service_factory.h" +#endif + +namespace { + +ConnectionSecurityHelper::SecurityLevel +GetSecurityLevelForNonSecureFieldTrial() { + std::string choice = + base::CommandLine::ForCurrentProcess()->GetSwitchValueASCII( + switches::kMarkNonSecureAs); + if (choice == switches::kMarkNonSecureAsNeutral) + return ConnectionSecurityHelper::NONE; + if (choice == switches::kMarkNonSecureAsDubious) + return ConnectionSecurityHelper::SECURITY_WARNING; + if (choice == switches::kMarkNonSecureAsNonSecure) + return ConnectionSecurityHelper::SECURITY_ERROR; + + std::string group = base::FieldTrialList::FindFullName("MarkNonSecureAs"); + if (group == switches::kMarkNonSecureAsNeutral) + return ConnectionSecurityHelper::NONE; + if (group == switches::kMarkNonSecureAsDubious) + return ConnectionSecurityHelper::SECURITY_WARNING; + if (group == switches::kMarkNonSecureAsNonSecure) + return ConnectionSecurityHelper::SECURITY_ERROR; + + return ConnectionSecurityHelper::NONE; +} + +} // namespace + +ConnectionSecurityHelper::SecurityLevel +ConnectionSecurityHelper::GetSecurityLevelForWebContents( + content::WebContents* web_contents) { + if (!web_contents) + return NONE; + + content::NavigationEntry* entry = + web_contents->GetController().GetVisibleEntry(); + if (!entry) + return NONE; + + const content::SSLStatus& ssl = entry->GetSSL(); + switch (ssl.security_style) { + case content::SECURITY_STYLE_UNKNOWN: + return NONE; + + case content::SECURITY_STYLE_UNAUTHENTICATED: { + const GURL& url = entry->GetURL(); + if (url.SchemeIs(url::kHttpScheme) || url.SchemeIs(url::kFtpScheme)) + return GetSecurityLevelForNonSecureFieldTrial(); + return NONE; + } + + case content::SECURITY_STYLE_AUTHENTICATION_BROKEN: + return SECURITY_ERROR; + + case content::SECURITY_STYLE_AUTHENTICATED: { +#if defined(OS_CHROMEOS) + policy::PolicyCertService* service = + policy::PolicyCertServiceFactory::GetForProfile( + Profile::FromBrowserContext(web_contents->GetBrowserContext())); + if (service && service->UsedPolicyCertificates()) + return SECURITY_POLICY_WARNING; +#endif + if (ssl.content_status & content::SSLStatus::DISPLAYED_INSECURE_CONTENT) + return SECURITY_WARNING; + scoped_refptr<net::X509Certificate> cert; + if (content::CertStore::GetInstance()->RetrieveCert(ssl.cert_id, &cert) && + (ssl.cert_status & net::CERT_STATUS_SHA1_SIGNATURE_PRESENT)) { + // The internal representation of the dates for UI treatment of SHA-1. + // See http://crbug.com/401365 for details. + static const int64_t kJanuary2017 = INT64_C(13127702400000000); + // kJanuary2016 needs to be kept in sync with + // ToolbarModelAndroid::IsDeprecatedSHA1Present(). + static const int64_t kJanuary2016 = INT64_C(13096080000000000); + if (cert->valid_expiry() >= + base::Time::FromInternalValue(kJanuary2017)) { + return SECURITY_ERROR; + } + if (cert->valid_expiry() >= + base::Time::FromInternalValue(kJanuary2016)) { + return SECURITY_WARNING; + } + } + if (net::IsCertStatusError(ssl.cert_status)) { + DCHECK(net::IsCertStatusMinorError(ssl.cert_status)); + return SECURITY_WARNING; + } + if (net::SSLConnectionStatusToVersion(ssl.connection_status) == + net::SSL_CONNECTION_VERSION_SSL3) { + // SSLv3 will be removed in the future. + return SECURITY_WARNING; + } + if ((ssl.cert_status & net::CERT_STATUS_IS_EV) && cert) + return EV_SECURE; + return SECURE; + } + + default: + NOTREACHED(); + return NONE; + } +} diff --git a/chrome/browser/ssl/connection_security_helper.h b/chrome/browser/ssl/connection_security_helper.h new file mode 100644 index 0000000..68ddd1b --- /dev/null +++ b/chrome/browser/ssl/connection_security_helper.h @@ -0,0 +1,59 @@ +// Copyright 2015 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef CHROME_BROWSER_SSL_CONNECTION_SECURITY_HELPER_H_ +#define CHROME_BROWSER_SSL_CONNECTION_SECURITY_HELPER_H_ + +#include "base/macros.h" + +namespace content { +class WebContents; +} // namespace content + +// This class is responsible for computing the security level of a page. +class ConnectionSecurityHelper { + public: + // TODO(wtc): unify this enum with SecurityStyle. We + // don't need two sets of security UI levels. SECURITY_STYLE_AUTHENTICATED + // needs to be refined into three levels: warning, standard, and EV. + // See crbug.com/425728 + // + // If you reorder, add, or delete values from this enum, you must also + // update the UI icons in ToolbarModelImpl::GetIconForSecurityLevel. + // + // A Java counterpart will be generated for this enum. + // GENERATED_JAVA_ENUM_PACKAGE: org.chromium.chrome.browser.ssl + // GENERATED_JAVA_CLASS_NAME_OVERRIDE: ConnectionSecurityHelperSecurityLevel + enum SecurityLevel { + // HTTP/no URL + NONE, + + // HTTPS with valid EV cert + EV_SECURE, + + // HTTPS (non-EV) + SECURE, + + // HTTPS, but unable to check certificate revocation status or with insecure + // content on the page + SECURITY_WARNING, + + // HTTPS, but the certificate verification chain is anchored on a + // certificate that was installed by the system administrator + SECURITY_POLICY_WARNING, + + // Attempted HTTPS and failed, page not authenticated + SECURITY_ERROR, + }; + + // Returns a security level describing the overall security state of + // the given |WebContents|. + static SecurityLevel GetSecurityLevelForWebContents( + content::WebContents* web_contents); + + private: + DISALLOW_IMPLICIT_CONSTRUCTORS(ConnectionSecurityHelper); +}; + +#endif // CHROME_BROWSER_SSL_CONNECTION_SECURITY_HELPER_H_ diff --git a/chrome/browser/ssl/connection_security_helper_android.cc b/chrome/browser/ssl/connection_security_helper_android.cc new file mode 100644 index 0000000..0a64007 --- /dev/null +++ b/chrome/browser/ssl/connection_security_helper_android.cc @@ -0,0 +1,18 @@ +// Copyright 2015 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "base/android/jni_android.h" +#include "base/logging.h" +#include "chrome/browser/ssl/connection_security_helper.h" +#include "content/public/browser/web_contents.h" + +// static +jint GetSecurityLevelForWebContents(JNIEnv* env, + jclass jcaller, + jobject jweb_contents) { + content::WebContents* web_contents = + content::WebContents::FromJavaWebContents(jweb_contents); + DCHECK(web_contents); + return ConnectionSecurityHelper::GetSecurityLevelForWebContents(web_contents); +} diff --git a/chrome/browser/ui/android/toolbar/toolbar_model_android.cc b/chrome/browser/ui/android/toolbar/toolbar_model_android.cc index d7437c3..2ce0ed4 100644 --- a/chrome/browser/ui/android/toolbar/toolbar_model_android.cc +++ b/chrome/browser/ui/android/toolbar/toolbar_model_android.cc @@ -70,16 +70,6 @@ jlong Init(JNIEnv* env, jobject obj, jobject delegate) { return reinterpret_cast<intptr_t>(toolbar_model); } -// static -jint GetSecurityLevelForWebContents(JNIEnv* env, - jclass jcaller, - jobject jweb_contents) { - content::WebContents* web_contents = - content::WebContents::FromJavaWebContents(jweb_contents); - DCHECK(web_contents); - return ToolbarModelImpl::GetSecurityLevelForWebContents(web_contents); -} - // Temporary method to allow us to surface a SHA-1 deprecation string on Android // in M42. This duplicates a subset of the logic from // ToolbarModelImpl::GetSecurityLevelForWebContents() and diff --git a/chrome/browser/ui/cocoa/location_bar/location_bar_view_mac.mm b/chrome/browser/ui/cocoa/location_bar/location_bar_view_mac.mm index ea1395a..8d7c1b2 100644 --- a/chrome/browser/ui/cocoa/location_bar/location_bar_view_mac.mm +++ b/chrome/browser/ui/cocoa/location_bar/location_bar_view_mac.mm @@ -435,7 +435,7 @@ void LocationBarViewMac::Layout() { selected_keyword_decoration_->SetKeyword(short_name, is_extension_keyword); selected_keyword_decoration_->SetImage(GetKeywordImage(keyword)); } else if ((GetToolbarModel()->GetSecurityLevel(false) == - ToolbarModel::EV_SECURE)) { + ConnectionSecurityHelper::EV_SECURE)) { // Switch from location icon to show the EV bubble instead. location_icon_decoration_->SetVisible(false); ev_bubble_decoration_->SetVisible(true); diff --git a/chrome/browser/ui/cocoa/omnibox/omnibox_view_mac.mm b/chrome/browser/ui/cocoa/omnibox/omnibox_view_mac.mm index 006a7aa..7d296dd 100644 --- a/chrome/browser/ui/cocoa/omnibox/omnibox_view_mac.mm +++ b/chrome/browser/ui/cocoa/omnibox/omnibox_view_mac.mm @@ -512,23 +512,24 @@ void OmniboxViewMac::ApplyTextAttributes(const base::string16& display_text, // TODO(shess): GTK has this as a member var, figure out why. // [Could it be to not change if no change? If so, I'm guessing // AppKit may already handle that.] - const ToolbarModel::SecurityLevel security_level = + const ConnectionSecurityHelper::SecurityLevel security_level = controller()->GetToolbarModel()->GetSecurityLevel(false); // Emphasize the scheme for security UI display purposes (if necessary). if (!model()->user_input_in_progress() && model()->CurrentTextIsURL() && - scheme.is_nonempty() && (security_level != ToolbarModel::NONE)) { + scheme.is_nonempty() && + (security_level != ConnectionSecurityHelper::NONE)) { NSColor* color; - if (security_level == ToolbarModel::EV_SECURE || - security_level == ToolbarModel::SECURE) { + if (security_level == ConnectionSecurityHelper::EV_SECURE || + security_level == ConnectionSecurityHelper::SECURE) { color = SecureSchemeColor(); - } else if (security_level == ToolbarModel::SECURITY_ERROR) { + } else if (security_level == ConnectionSecurityHelper::SECURITY_ERROR) { color = SecurityErrorSchemeColor(); // Add a strikethrough through the scheme. [as addAttribute:NSStrikethroughStyleAttributeName value:[NSNumber numberWithInt:NSUnderlineStyleSingle] range:ComponentToNSRange(scheme)]; - } else if (security_level == ToolbarModel::SECURITY_WARNING) { + } else if (security_level == ConnectionSecurityHelper::SECURITY_WARNING) { color = BaseTextColor(); } else { NOTREACHED(); diff --git a/chrome/browser/ui/toolbar/test_toolbar_model.cc b/chrome/browser/ui/toolbar/test_toolbar_model.cc index 17e71f1..b345a1b 100644 --- a/chrome/browser/ui/toolbar/test_toolbar_model.cc +++ b/chrome/browser/ui/toolbar/test_toolbar_model.cc @@ -9,9 +9,10 @@ TestToolbarModel::TestToolbarModel() : ToolbarModel(), perform_search_term_replacement_(false), - security_level_(NONE), + security_level_(ConnectionSecurityHelper::NONE), icon_(IDR_LOCATION_BAR_HTTP), - should_display_url_(true) {} + should_display_url_(true) { +} TestToolbarModel::~TestToolbarModel() {} @@ -36,7 +37,7 @@ bool TestToolbarModel::WouldPerformSearchTermReplacement( return perform_search_term_replacement_; } -ToolbarModel::SecurityLevel TestToolbarModel::GetSecurityLevel( +ConnectionSecurityHelper::SecurityLevel TestToolbarModel::GetSecurityLevel( bool ignore_editing) const { return security_level_; } @@ -45,12 +46,15 @@ int TestToolbarModel::GetIcon() const { return icon_; } -int TestToolbarModel::GetIconForSecurityLevel(SecurityLevel level) const { +int TestToolbarModel::GetIconForSecurityLevel( + ConnectionSecurityHelper::SecurityLevel level) const { return icon_; } base::string16 TestToolbarModel::GetEVCertName() const { - return (security_level_ == EV_SECURE) ? ev_cert_name_ : base::string16(); + return (security_level_ == ConnectionSecurityHelper::EV_SECURE) + ? ev_cert_name_ + : base::string16(); } bool TestToolbarModel::ShouldDisplayURL() const { diff --git a/chrome/browser/ui/toolbar/test_toolbar_model.h b/chrome/browser/ui/toolbar/test_toolbar_model.h index 614ddc5..d604a80 100644 --- a/chrome/browser/ui/toolbar/test_toolbar_model.h +++ b/chrome/browser/ui/toolbar/test_toolbar_model.h @@ -21,9 +21,11 @@ class TestToolbarModel : public ToolbarModel { base::string16 GetCorpusNameForMobile() const override; GURL GetURL() const override; bool WouldPerformSearchTermReplacement(bool ignore_editing) const override; - SecurityLevel GetSecurityLevel(bool ignore_editing) const override; + ConnectionSecurityHelper::SecurityLevel GetSecurityLevel( + bool ignore_editing) const override; int GetIcon() const override; - int GetIconForSecurityLevel(SecurityLevel level) const override; + int GetIconForSecurityLevel( + ConnectionSecurityHelper::SecurityLevel level) const override; base::string16 GetEVCertName() const override; bool ShouldDisplayURL() const override; @@ -33,7 +35,8 @@ class TestToolbarModel : public ToolbarModel { bool perform_search_term_replacement) { perform_search_term_replacement_ = perform_search_term_replacement; } - void set_security_level(SecurityLevel security_level) { + void set_security_level( + ConnectionSecurityHelper::SecurityLevel security_level) { security_level_ = security_level; } void set_icon(int icon) { icon_ = icon; } @@ -48,7 +51,7 @@ class TestToolbarModel : public ToolbarModel { base::string16 text_; GURL url_; bool perform_search_term_replacement_; - SecurityLevel security_level_; + ConnectionSecurityHelper::SecurityLevel security_level_; int icon_; base::string16 ev_cert_name_; bool should_display_url_; diff --git a/chrome/browser/ui/toolbar/toolbar_model.h b/chrome/browser/ui/toolbar/toolbar_model.h index 735b755..cdc7043 100644 --- a/chrome/browser/ui/toolbar/toolbar_model.h +++ b/chrome/browser/ui/toolbar/toolbar_model.h @@ -9,6 +9,7 @@ #include "base/basictypes.h" #include "base/strings/string16.h" +#include "chrome/browser/ssl/connection_security_helper.h" #include "url/gurl.h" namespace net { @@ -20,37 +21,6 @@ class X509Certificate; // from the navigation controller returned by GetNavigationController(). class ToolbarModel { public: - // TODO(wtc): unify ToolbarModel::SecurityLevel with SecurityStyle. We - // don't need two sets of security UI levels. SECURITY_STYLE_AUTHENTICATED - // needs to be refined into three levels: warning, standard, and EV. - // - // A Java counterpart will be generated for this enum. - // GENERATED_JAVA_ENUM_PACKAGE: org.chromium.chrome.browser.ui.toolbar - // GENERATED_JAVA_CLASS_NAME_OVERRIDE: ToolbarModelSecurityLevel - enum SecurityLevel { - // HTTP/no URL/user is editing - NONE = 0, - - // HTTPS with valid EV cert - EV_SECURE = 1, - - // HTTPS (non-EV) - SECURE = 2, - - // HTTPS, but unable to check certificate revocation status or with insecure - // content on the page - SECURITY_WARNING = 3, - - // HTTPS, but the certificate verification chain is anchored on a - // certificate that was installed by the system administrator - SECURITY_POLICY_WARNING = 4, - - // Attempted HTTPS and failed, page not authenticated - SECURITY_ERROR = 5, - - NUM_SECURITY_LEVELS = 6, - }; - virtual ~ToolbarModel(); // Returns the text to be displayed in the toolbar for the current page. @@ -93,7 +63,8 @@ class ToolbarModel { // |ignore_editing| is true, the result reflects the underlying state of the // page without regard to any user edits that may be in progress in the // omnibox. - virtual SecurityLevel GetSecurityLevel(bool ignore_editing) const = 0; + virtual ConnectionSecurityHelper::SecurityLevel GetSecurityLevel( + bool ignore_editing) const = 0; // Returns the resource_id of the icon to show to the left of the address, // based on the current URL. When search term replacement is active, this @@ -103,7 +74,8 @@ class ToolbarModel { // As |GetIcon()|, but returns the icon only taking into account the security // |level| given, ignoring search term replacement state. - virtual int GetIconForSecurityLevel(SecurityLevel level) const = 0; + virtual int GetIconForSecurityLevel( + ConnectionSecurityHelper::SecurityLevel level) const = 0; // Returns the name of the EV cert holder. This returns an empty string if // the security level is not EV_SECURE. diff --git a/chrome/browser/ui/toolbar/toolbar_model_impl.cc b/chrome/browser/ui/toolbar/toolbar_model_impl.cc index 2bf97bf..1f5491c 100644 --- a/chrome/browser/ui/toolbar/toolbar_model_impl.cc +++ b/chrome/browser/ui/toolbar/toolbar_model_impl.cc @@ -4,8 +4,6 @@ #include "chrome/browser/ui/toolbar/toolbar_model_impl.h" -#include "base/command_line.h" -#include "base/metrics/field_trial.h" #include "base/prefs/pref_service.h" #include "base/strings/utf_string_conversions.h" #include "base/time/time.h" @@ -14,10 +12,8 @@ #include "chrome/browser/autocomplete/chrome_autocomplete_scheme_classifier.h" #include "chrome/browser/profiles/profile.h" #include "chrome/browser/search/search.h" -#include "chrome/browser/ssl/ssl_error_info.h" +#include "chrome/browser/ssl/connection_security_helper.h" #include "chrome/browser/ui/toolbar/toolbar_model_delegate.h" -#include "chrome/common/chrome_constants.h" -#include "chrome/common/chrome_switches.h" #include "chrome/common/pref_names.h" #include "chrome/common/url_constants.h" #include "chrome/grit/generated_resources.h" @@ -39,41 +35,10 @@ #include "net/ssl/ssl_connection_status_flags.h" #include "ui/base/l10n/l10n_util.h" -#if defined(OS_CHROMEOS) -#include "chrome/browser/chromeos/policy/policy_cert_service.h" -#include "chrome/browser/chromeos/policy/policy_cert_service_factory.h" -#endif - using content::NavigationController; using content::NavigationEntry; -using content::SSLStatus; using content::WebContents; -namespace { - -ToolbarModel::SecurityLevel GetSecurityLevelForNonSecureFieldTrial() { - std::string choice = base::CommandLine::ForCurrentProcess()-> - GetSwitchValueASCII(switches::kMarkNonSecureAs); - if (choice == switches::kMarkNonSecureAsNeutral) - return ToolbarModel::NONE; - if (choice == switches::kMarkNonSecureAsDubious) - return ToolbarModel::SECURITY_WARNING; - if (choice == switches::kMarkNonSecureAsNonSecure) - return ToolbarModel::SECURITY_ERROR; - - std::string group = base::FieldTrialList::FindFullName("MarkNonSecureAs"); - if (group == switches::kMarkNonSecureAsNeutral) - return ToolbarModel::NONE; - if (group == switches::kMarkNonSecureAsDubious) - return ToolbarModel::SECURITY_WARNING; - if (group == switches::kMarkNonSecureAsNonSecure) - return ToolbarModel::SECURITY_ERROR; - - return ToolbarModel::NONE; -} - -} // namespace - ToolbarModelImpl::ToolbarModelImpl(ToolbarModelDelegate* delegate) : delegate_(delegate) { } @@ -81,78 +46,6 @@ ToolbarModelImpl::ToolbarModelImpl(ToolbarModelDelegate* delegate) ToolbarModelImpl::~ToolbarModelImpl() { } -// static -ToolbarModel::SecurityLevel ToolbarModelImpl::GetSecurityLevelForWebContents( - content::WebContents* web_contents) { - if (!web_contents) - return NONE; - - NavigationEntry* entry = web_contents->GetController().GetVisibleEntry(); - if (!entry) - return NONE; - - const SSLStatus& ssl = entry->GetSSL(); - switch (ssl.security_style) { - case content::SECURITY_STYLE_UNKNOWN: - return NONE; - - case content::SECURITY_STYLE_UNAUTHENTICATED: { - const GURL& url = entry->GetURL(); - if (url.SchemeIs("http") || url.SchemeIs("ftp")) - return GetSecurityLevelForNonSecureFieldTrial(); - return NONE; - } - - case content::SECURITY_STYLE_AUTHENTICATION_BROKEN: - return SECURITY_ERROR; - - case content::SECURITY_STYLE_AUTHENTICATED: { -#if defined(OS_CHROMEOS) - policy::PolicyCertService* service = - policy::PolicyCertServiceFactory::GetForProfile( - Profile::FromBrowserContext(web_contents->GetBrowserContext())); - if (service && service->UsedPolicyCertificates()) - return SECURITY_POLICY_WARNING; -#endif - if (!!(ssl.content_status & SSLStatus::DISPLAYED_INSECURE_CONTENT)) - return SECURITY_WARNING; - scoped_refptr<net::X509Certificate> cert; - if (content::CertStore::GetInstance()->RetrieveCert(ssl.cert_id, &cert) && - (ssl.cert_status & net::CERT_STATUS_SHA1_SIGNATURE_PRESENT)) { - // The internal representation of the dates for UI treatment of SHA-1. - // See http://crbug.com/401365 for details - static const int64_t kJanuary2017 = INT64_C(13127702400000000); - // kJanuary2016 needs to be kept in sync with - // ToolbarModelAndroid::IsDeprecatedSHA1Present(). - static const int64_t kJanuary2016 = INT64_C(13096080000000000); - if (cert->valid_expiry() >= - base::Time::FromInternalValue(kJanuary2017)) { - return SECURITY_ERROR; - } - if (cert->valid_expiry() >= - base::Time::FromInternalValue(kJanuary2016)) { - return SECURITY_WARNING; - } - } - if (net::IsCertStatusError(ssl.cert_status)) { - DCHECK(net::IsCertStatusMinorError(ssl.cert_status)); - return SECURITY_WARNING; - } - if (net::SSLConnectionStatusToVersion(ssl.connection_status) == - net::SSL_CONNECTION_VERSION_SSL3) { - // SSLv3 will be removed in the future. - return SECURITY_WARNING; - } - if ((ssl.cert_status & net::CERT_STATUS_IS_EV) && cert.get()) - return EV_SECURE; - return SECURE; - } - default: - NOTREACHED(); - return NONE; - } -} - // ToolbarModelImpl Implementation. base::string16 ToolbarModelImpl::GetText() const { base::string16 search_terms(GetSearchTerms(false)); @@ -216,11 +109,13 @@ bool ToolbarModelImpl::WouldPerformSearchTermReplacement( return !GetSearchTerms(ignore_editing).empty(); } -ToolbarModel::SecurityLevel ToolbarModelImpl::GetSecurityLevel( +ConnectionSecurityHelper::SecurityLevel ToolbarModelImpl::GetSecurityLevel( bool ignore_editing) const { // When editing, assume no security style. - return (input_in_progress() && !ignore_editing) ? - NONE : GetSecurityLevelForWebContents(delegate_->GetActiveWebContents()); + return (input_in_progress() && !ignore_editing) + ? ConnectionSecurityHelper::NONE + : ConnectionSecurityHelper::GetSecurityLevelForWebContents( + delegate_->GetActiveWebContents()); } int ToolbarModelImpl::GetIcon() const { @@ -230,21 +125,28 @@ int ToolbarModelImpl::GetIcon() const { return GetIconForSecurityLevel(GetSecurityLevel(false)); } -int ToolbarModelImpl::GetIconForSecurityLevel(SecurityLevel level) const { - static int icon_ids[NUM_SECURITY_LEVELS] = { - IDR_LOCATION_BAR_HTTP, - IDR_OMNIBOX_HTTPS_VALID, - IDR_OMNIBOX_HTTPS_VALID, - IDR_OMNIBOX_HTTPS_WARNING, - IDR_OMNIBOX_HTTPS_POLICY_WARNING, - IDR_OMNIBOX_HTTPS_INVALID, - }; - DCHECK(arraysize(icon_ids) == NUM_SECURITY_LEVELS); - return icon_ids[level]; +int ToolbarModelImpl::GetIconForSecurityLevel( + ConnectionSecurityHelper::SecurityLevel level) const { + switch (level) { + case ConnectionSecurityHelper::NONE: + return IDR_LOCATION_BAR_HTTP; + case ConnectionSecurityHelper::EV_SECURE: + case ConnectionSecurityHelper::SECURE: + return IDR_OMNIBOX_HTTPS_VALID; + case ConnectionSecurityHelper::SECURITY_WARNING: + return IDR_OMNIBOX_HTTPS_WARNING; + case ConnectionSecurityHelper::SECURITY_POLICY_WARNING: + return IDR_OMNIBOX_HTTPS_POLICY_WARNING; + case ConnectionSecurityHelper::SECURITY_ERROR: + return IDR_OMNIBOX_HTTPS_INVALID; + } + + NOTREACHED(); + return IDR_LOCATION_BAR_HTTP; } base::string16 ToolbarModelImpl::GetEVCertName() const { - if (GetSecurityLevel(false) != EV_SECURE) + if (GetSecurityLevel(false) != ConnectionSecurityHelper::EV_SECURE) return base::string16(); // Note: Navigation controller and active entry are guaranteed non-NULL or @@ -337,7 +239,10 @@ base::string16 ToolbarModelImpl::GetSearchTerms(bool ignore_editing) const { // Otherwise, extract search terms for HTTPS pages that do not have a security // error. - ToolbarModel::SecurityLevel security_level = GetSecurityLevel(ignore_editing); - return ((security_level == NONE) || (security_level == SECURITY_ERROR)) ? - base::string16() : search_terms; + ConnectionSecurityHelper::SecurityLevel security_level = + GetSecurityLevel(ignore_editing); + return ((security_level == ConnectionSecurityHelper::NONE) || + (security_level == ConnectionSecurityHelper::SECURITY_ERROR)) + ? base::string16() + : search_terms; } diff --git a/chrome/browser/ui/toolbar/toolbar_model_impl.h b/chrome/browser/ui/toolbar/toolbar_model_impl.h index 0291cf3..0bea045 100644 --- a/chrome/browser/ui/toolbar/toolbar_model_impl.h +++ b/chrome/browser/ui/toolbar/toolbar_model_impl.h @@ -33,9 +33,6 @@ class ToolbarModelImpl : public ToolbarModel { explicit ToolbarModelImpl(ToolbarModelDelegate* delegate); ~ToolbarModelImpl() override; - static SecurityLevel GetSecurityLevelForWebContents( - content::WebContents* web_contents); - private: // ToolbarModel: base::string16 GetText() const override; @@ -43,9 +40,11 @@ class ToolbarModelImpl : public ToolbarModel { base::string16 GetCorpusNameForMobile() const override; GURL GetURL() const override; bool WouldPerformSearchTermReplacement(bool ignore_editing) const override; - SecurityLevel GetSecurityLevel(bool ignore_editing) const override; + ConnectionSecurityHelper::SecurityLevel GetSecurityLevel( + bool ignore_editing) const override; int GetIcon() const override; - int GetIconForSecurityLevel(SecurityLevel level) const override; + int GetIconForSecurityLevel( + ConnectionSecurityHelper::SecurityLevel level) const override; base::string16 GetEVCertName() const override; bool ShouldDisplayURL() const override; diff --git a/chrome/browser/ui/views/location_bar/location_bar_view.cc b/chrome/browser/ui/views/location_bar/location_bar_view.cc index 9a8e18a..3f57927 100644 --- a/chrome/browser/ui/views/location_bar/location_bar_view.cc +++ b/chrome/browser/ui/views/location_bar/location_bar_view.cc @@ -211,9 +211,10 @@ void LocationBarView::Init() { location_height - bubble_vertical_padding)); const SkColor background_color = - GetColor(ToolbarModel::NONE, LocationBarView::BACKGROUND); + GetColor(ConnectionSecurityHelper::NONE, LocationBarView::BACKGROUND); ev_bubble_view_ = new EVBubbleView( - bubble_font_list, GetColor(ToolbarModel::EV_SECURE, SECURITY_TEXT), + bubble_font_list, + GetColor(ConnectionSecurityHelper::EV_SECURE, SECURITY_TEXT), background_color, this); ev_bubble_view_->set_drag_controller(this); AddChildView(ev_bubble_view_); @@ -239,7 +240,7 @@ void LocationBarView::Init() { ime_inline_autocomplete_view_->SetVisible(false); AddChildView(ime_inline_autocomplete_view_); - const SkColor text_color = GetColor(ToolbarModel::NONE, TEXT); + const SkColor text_color = GetColor(ConnectionSecurityHelper::NONE, TEXT); selected_keyword_view_ = new SelectedKeywordView( bubble_font_list, text_color, background_color, profile()); AddChildView(selected_keyword_view_); @@ -248,13 +249,13 @@ void LocationBarView::Init() { suggested_text_view_->SetHorizontalAlignment(gfx::ALIGN_LEFT); suggested_text_view_->SetAutoColorReadabilityEnabled(false); suggested_text_view_->SetEnabledColor(GetColor( - ToolbarModel::NONE, LocationBarView::DEEMPHASIZED_TEXT)); + ConnectionSecurityHelper::NONE, LocationBarView::DEEMPHASIZED_TEXT)); suggested_text_view_->SetVisible(false); AddChildView(suggested_text_view_); keyword_hint_view_ = new KeywordHintView( - profile(), font_list, - GetColor(ToolbarModel::NONE, LocationBarView::DEEMPHASIZED_TEXT), + profile(), font_list, GetColor(ConnectionSecurityHelper::NONE, + LocationBarView::DEEMPHASIZED_TEXT), background_color); AddChildView(keyword_hint_view_); @@ -313,8 +314,9 @@ bool LocationBarView::IsInitialized() const { return omnibox_view_ != NULL; } -SkColor LocationBarView::GetColor(ToolbarModel::SecurityLevel security_level, - ColorKind kind) const { +SkColor LocationBarView::GetColor( + ConnectionSecurityHelper::SecurityLevel security_level, + ColorKind kind) const { const ui::NativeTheme* native_theme = GetNativeTheme(); switch (kind) { case BACKGROUND: @@ -338,17 +340,17 @@ SkColor LocationBarView::GetColor(ToolbarModel::SecurityLevel security_level, case SECURITY_TEXT: { SkColor color; switch (security_level) { - case ToolbarModel::EV_SECURE: - case ToolbarModel::SECURE: + case ConnectionSecurityHelper::EV_SECURE: + case ConnectionSecurityHelper::SECURE: color = SkColorSetRGB(7, 149, 0); break; - case ToolbarModel::SECURITY_WARNING: - case ToolbarModel::SECURITY_POLICY_WARNING: + case ConnectionSecurityHelper::SECURITY_WARNING: + case ConnectionSecurityHelper::SECURITY_POLICY_WARNING: return GetColor(security_level, DEEMPHASIZED_TEXT); break; - case ToolbarModel::SECURITY_ERROR: + case ConnectionSecurityHelper::SECURITY_ERROR: color = SkColorSetRGB(162, 0, 0); break; @@ -998,8 +1000,8 @@ bool LocationBarView::ShouldShowKeywordBubble() const { } bool LocationBarView::ShouldShowEVBubble() const { - return - (GetToolbarModel()->GetSecurityLevel(false) == ToolbarModel::EV_SECURE); + return (GetToolbarModel()->GetSecurityLevel(false) == + ConnectionSecurityHelper::EV_SECURE); } //////////////////////////////////////////////////////////////////////////////// @@ -1220,7 +1222,7 @@ void LocationBarView::OnPaint(gfx::Canvas* canvas) { // the omnibox background, so we can't just blindly fill our entire bounds. gfx::Rect bounds(GetContentsBounds()); bounds.Inset(GetHorizontalEdgeThickness(), vertical_edge_thickness()); - SkColor color(GetColor(ToolbarModel::NONE, BACKGROUND)); + SkColor color(GetColor(ConnectionSecurityHelper::NONE, BACKGROUND)); if (is_popup_mode_) { canvas->FillRect(bounds, color); } else { diff --git a/chrome/browser/ui/views/location_bar/location_bar_view.h b/chrome/browser/ui/views/location_bar/location_bar_view.h index 403388f..11eb05c 100644 --- a/chrome/browser/ui/views/location_bar/location_bar_view.h +++ b/chrome/browser/ui/views/location_bar/location_bar_view.h @@ -146,7 +146,7 @@ class LocationBarView : public LocationBar, // Returns the appropriate color for the desired kind, based on the user's // system theme. - SkColor GetColor(ToolbarModel::SecurityLevel security_level, + SkColor GetColor(ConnectionSecurityHelper::SecurityLevel security_level, ColorKind kind) const; // Returns the delegate. diff --git a/chrome/browser/ui/views/omnibox/omnibox_view_views.cc b/chrome/browser/ui/views/omnibox/omnibox_view_views.cc index b5a2347..56b09d1 100644 --- a/chrome/browser/ui/views/omnibox/omnibox_view_views.cc +++ b/chrome/browser/ui/views/omnibox/omnibox_view_views.cc @@ -137,7 +137,7 @@ OmniboxViewViews::OmniboxViewViews(OmniboxEditController* controller, const gfx::FontList& font_list) : OmniboxView(profile, controller, command_updater), popup_window_mode_(popup_window_mode), - security_level_(ToolbarModel::NONE), + security_level_(ConnectionSecurityHelper::NONE), saved_selection_for_focus_change_(gfx::Range::InvalidRange()), ime_composing_before_change_(false), delete_at_end_pressed_(false), @@ -223,7 +223,8 @@ void OmniboxViewViews::ResetTabState(content::WebContents* web_contents) { } void OmniboxViewViews::Update() { - const ToolbarModel::SecurityLevel old_security_level = security_level_; + const ConnectionSecurityHelper::SecurityLevel old_security_level = + security_level_; security_level_ = controller()->GetToolbarModel()->GetSecurityLevel(false); if (model()->UpdatePermanentText()) { // Something visibly changed. Re-enable URL replacement. @@ -325,7 +326,7 @@ void OmniboxViewViews::OnNativeThemeChanged(const ui::NativeTheme* theme) { views::Textfield::OnNativeThemeChanged(theme); if (location_bar_view_) { SetBackgroundColor(location_bar_view_->GetColor( - ToolbarModel::NONE, LocationBarView::BACKGROUND)); + ConnectionSecurityHelper::NONE, LocationBarView::BACKGROUND)); } EmphasizeURLComponents(); } @@ -631,10 +632,12 @@ void OmniboxViewViews::EmphasizeURLComponents() { // may have incorrectly identified a qualifier as a scheme. SetStyle(gfx::DIAGONAL_STRIKE, false); if (!model()->user_input_in_progress() && model()->CurrentTextIsURL() && - scheme.is_nonempty() && (security_level_ != ToolbarModel::NONE)) { + scheme.is_nonempty() && + (security_level_ != ConnectionSecurityHelper::NONE)) { SkColor security_color = location_bar_view_->GetColor( security_level_, LocationBarView::SECURITY_TEXT); - const bool strike = (security_level_ == ToolbarModel::SECURITY_ERROR); + const bool strike = + (security_level_ == ConnectionSecurityHelper::SECURITY_ERROR); const gfx::Range scheme_range(scheme.begin, scheme.end()); ApplyColor(security_color, scheme_range); ApplyStyle(gfx::DIAGONAL_STRIKE, strike, scheme_range); diff --git a/chrome/browser/ui/views/omnibox/omnibox_view_views.h b/chrome/browser/ui/views/omnibox/omnibox_view_views.h index a469a3f..8a32350 100644 --- a/chrome/browser/ui/views/omnibox/omnibox_view_views.h +++ b/chrome/browser/ui/views/omnibox/omnibox_view_views.h @@ -193,7 +193,7 @@ class OmniboxViewViews scoped_ptr<OmniboxPopupView> popup_view_; - ToolbarModel::SecurityLevel security_level_; + ConnectionSecurityHelper::SecurityLevel security_level_; // Selection persisted across temporary text changes, like popup suggestions. gfx::Range saved_temporary_selection_; diff --git a/chrome/chrome.gyp b/chrome/chrome.gyp index fd701ce..1001ee3 100644 --- a/chrome/chrome.gyp +++ b/chrome/chrome.gyp @@ -577,6 +577,7 @@ 'chrome_resources.gyp:chrome_strings', 'chrome_strings_grd', 'chrome_version_java', + 'connection_security_helper_security_levels_java', 'document_tab_model_info_proto_java', 'profile_account_management_metrics_java', 'content_setting_java', @@ -584,7 +585,6 @@ 'page_info_connection_type_java', 'profile_sync_service_model_type_selection_java', 'resource_id_java', - 'toolbar_model_security_levels_java', 'tab_load_status_java', '../base/base.gyp:base', '../components/components.gyp:bookmarks_java', diff --git a/chrome/chrome_browser.gypi b/chrome/chrome_browser.gypi index 2402756..d6221ac 100644 --- a/chrome/chrome_browser.gypi +++ b/chrome/chrome_browser.gypi @@ -704,6 +704,7 @@ 'browser/speech/tts_platform.cc', 'browser/speech/tts_platform.h', 'browser/speech/tts_win.cc', + 'browser/ssl/connection_security_helper_android.cc', 'browser/status_icons/status_icon.cc', 'browser/status_icons/status_icon.h', 'browser/status_icons/status_icon_menu_model.cc', @@ -1732,6 +1733,7 @@ 'android/java/src/org/chromium/chrome/browser/infobar/SavePasswordInfoBar.java', 'android/java/src/org/chromium/chrome/browser/invalidation/InvalidationServiceFactory.java', 'android/java/src/org/chromium/chrome/browser/metrics/LaunchMetrics.java', + 'android/java/src/org/chromium/chrome/browser/ssl/ConnectionSecurityHelper.java', 'android/java/src/org/chromium/chrome/browser/toolbar/ToolbarModel.java', ], 'chrome_browser_mdns_sources': [ @@ -2675,6 +2677,9 @@ 'browser/ssl/chrome_ssl_host_state_delegate.h', 'browser/ssl/chrome_ssl_host_state_delegate_factory.cc', 'browser/ssl/chrome_ssl_host_state_delegate_factory.h', + 'browser/ssl/connection_security_helper.cc', + 'browser/ssl/connection_security_helper_android.cc', + 'browser/ssl/connection_security_helper.h', 'browser/ssl/ssl_blocking_page.cc', 'browser/ssl/ssl_blocking_page.h', 'browser/ssl/ssl_cert_reporter.h', @@ -3839,10 +3844,10 @@ }, { # GN: //chrome/android:chrome_android_java_enums_srcjar - 'target_name': 'toolbar_model_security_levels_java', + 'target_name': 'connection_security_helper_security_levels_java', 'type': 'none', 'variables': { - 'source_file': 'browser/ui/toolbar/toolbar_model.h', + 'source_file': 'browser/ssl/connection_security_helper.h', }, 'includes': [ '../build/android/java_cpp_enum.gypi' ], }, |