diff options
| author | abarth@chromium.org <abarth@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-05-12 16:21:03 +0000 |
|---|---|---|
| committer | abarth@chromium.org <abarth@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-05-12 16:21:03 +0000 |
| commit | 9ae66cbfa635128767fe693a872acc7bc73bbde7 (patch) | |
| tree | ddd2a2d1f1690d68abf16eedfe746de0419763f1 /chrome/browser/ssl/ssl_host_state.h | |
| parent | 0fe5941ed2050e23611dba1ef09b5319d76ecc08 (diff) | |
| download | chromium_src-9ae66cbfa635128767fe693a872acc7bc73bbde7.zip chromium_src-9ae66cbfa635128767fe693a872acc7bc73bbde7.tar.gz chromium_src-9ae66cbfa635128767fe693a872acc7bc73bbde7.tar.bz2 | |
Be slightly more precise in how we propagate mixed content state.
Mixed content can't really propagate from one process to another, so we don't need to break the lock icon for every tab in the same origin when we see insecure content. We need only break the lock icon for all the tabs in the same process.
R=jcampan
TEST=SSLUITest.TestMixedContentsTwoTabs
Review URL: http://codereview.chromium.org/115230
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@15858 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/browser/ssl/ssl_host_state.h')
| -rw-r--r-- | chrome/browser/ssl/ssl_host_state.h | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/chrome/browser/ssl/ssl_host_state.h b/chrome/browser/ssl/ssl_host_state.h index f66e9bc..a5018c7 100644 --- a/chrome/browser/ssl/ssl_host_state.h +++ b/chrome/browser/ssl/ssl_host_state.h @@ -27,13 +27,14 @@ class SSLHostState : public NonThreadSafe { SSLHostState(); ~SSLHostState(); - // Records that a host is "broken," that is, the origin for that host has been - // contaminated with insecure content, either via HTTP or via HTTPS with a - // bad certificate. - void MarkHostAsBroken(const std::string& host); + // Records that a host is "broken" in a particular render process. That is, + // the origin for that host has been contaminated with insecure content, + // either via HTTP or via HTTPS with a bad certificate. + void MarkHostAsBroken(const std::string& host, int pid); - // Returns whether the specified host was marked as broken. - bool DidMarkHostAsBroken(const std::string& host); + // Returns whether the specified host was marked as broken in a particular + // render process. + bool DidMarkHostAsBroken(const std::string& host, int pid); // Records that |cert| is permitted to be used for |host| in the future. void DenyCertForHost(net::X509Certificate* cert, const std::string& host); @@ -52,8 +53,9 @@ class SSLHostState : public NonThreadSafe { bool DidAllowMixedContentForHost(const std::string& host); private: + typedef std::pair<std::string, int> BrokenHostEntry; // Hosts which have been contaminated with unsafe content. - std::set<std::string> broken_hosts_; + std::set<BrokenHostEntry> broken_hosts_; // Certificate policies for each host. std::map<std::string, net::X509Certificate::Policy> cert_policy_for_host_; |