summaryrefslogtreecommitdiffstats
path: root/chrome/browser/ssl
diff options
context:
space:
mode:
authorabarth@chromium.org <abarth@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2009-05-14 08:47:30 +0000
committerabarth@chromium.org <abarth@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2009-05-14 08:47:30 +0000
commit5edce1ef5502e3dc20f030e108978da0c360fb65 (patch)
tree831153859e0fcbcff99901f2b3b38f68126299bf /chrome/browser/ssl
parent5dc0cc7bf9cb2f5e6b050933d1ebe7852b10baa0 (diff)
downloadchromium_src-5edce1ef5502e3dc20f030e108978da0c360fb65.zip
chromium_src-5edce1ef5502e3dc20f030e108978da0c360fb65.tar.gz
chromium_src-5edce1ef5502e3dc20f030e108978da0c360fb65.tar.bz2
Factor SSLPolicyBackend out of SSLManager.
This reduces the complexity of SSLManager. The idea is eventually to be able to test SSLPolicy by substituting a fake SSLPolicyBackend. TBR=jcampan TEST=No behavior changes. Review URL: http://codereview.chromium.org/113395 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@16048 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/browser/ssl')
-rw-r--r--chrome/browser/ssl/ssl_error_handler.h4
-rw-r--r--chrome/browser/ssl/ssl_manager.cc177
-rw-r--r--chrome/browser/ssl/ssl_manager.h81
-rw-r--r--chrome/browser/ssl/ssl_mixed_content_handler.h2
-rw-r--r--chrome/browser/ssl/ssl_policy.cc41
-rw-r--r--chrome/browser/ssl/ssl_policy.h6
-rw-r--r--chrome/browser/ssl/ssl_policy_backend.cc185
-rw-r--r--chrome/browser/ssl/ssl_policy_backend.h122
-rw-r--r--chrome/browser/ssl/ssl_request_info.h10
9 files changed, 354 insertions, 274 deletions
diff --git a/chrome/browser/ssl/ssl_error_handler.h b/chrome/browser/ssl/ssl_error_handler.h
index 9ef1b04..c891f79 100644
--- a/chrome/browser/ssl/ssl_error_handler.h
+++ b/chrome/browser/ssl/ssl_error_handler.h
@@ -9,6 +9,7 @@
#include "base/basictypes.h"
#include "base/ref_counted.h"
+#include "chrome/browser/ssl/ssl_manager.h"
#include "chrome/browser/renderer_host/resource_dispatcher_host.h"
#include "chrome/common/filter_policy.h"
#include "googleurl/src/gurl.h"
@@ -16,7 +17,6 @@
class MessageLoop;
class SSLCertErrorHandler;
-class SSLManager;
class TabContents;
class URLRequest;
@@ -59,7 +59,7 @@ class SSLErrorHandler : public base::RefCountedThreadSafe<SSLErrorHandler> {
const std::string& main_frame_origin() const { return main_frame_origin_; }
// Call on the UI thread.
- SSLManager* manager() const { return manager_; }
+ SSLPolicyBackend* backend() const { return manager_->backend(); }
// Returns the TabContents this object is associated with. Should be
// called from the UI thread.
diff --git a/chrome/browser/ssl/ssl_manager.cc b/chrome/browser/ssl/ssl_manager.cc
index c46a20b..334eaa4 100644
--- a/chrome/browser/ssl/ssl_manager.cc
+++ b/chrome/browser/ssl/ssl_manager.cc
@@ -43,57 +43,6 @@
#include "chrome/common/temp_scaffolding_stubs.h"
#endif
-using WebKit::WebConsoleMessage;
-
-class SSLInfoBarDelegate : public ConfirmInfoBarDelegate {
- public:
- SSLInfoBarDelegate(TabContents* contents,
- const std::wstring message,
- const std::wstring& button_label,
- Task* task)
- : ConfirmInfoBarDelegate(contents),
- message_(message),
- button_label_(button_label),
- task_(task) {
- }
- virtual ~SSLInfoBarDelegate() {}
-
- // Overridden from ConfirmInfoBarDelegate:
- virtual void InfoBarClosed() {
- delete this;
- }
- virtual std::wstring GetMessageText() const {
- return message_;
- }
- virtual SkBitmap* GetIcon() const {
- return ResourceBundle::GetSharedInstance().GetBitmapNamed(
- IDR_INFOBAR_SSL_WARNING);
- }
- virtual int GetButtons() const {
- return !button_label_.empty() ? BUTTON_OK : BUTTON_NONE;
- }
- virtual std::wstring GetButtonLabel(InfoBarButton button) const {
- return button_label_;
- }
- virtual bool Accept() {
- if (task_.get()) {
- task_->Run();
- task_.reset(); // Ensures we won't run the task again.
- }
- return true;
- }
-
- private:
- // Labels for the InfoBar's message and button.
- std::wstring message_;
- std::wstring button_label_;
-
- // A task to run when the InfoBar is accepted.
- scoped_ptr<Task> task_;
-
- DISALLOW_COPY_AND_ASSIGN(SSLInfoBarDelegate);
-};
-
// static
void SSLManager::RegisterUserPrefs(PrefService* prefs) {
prefs->RegisterIntegerPref(prefs::kMixedContentFiltering,
@@ -102,8 +51,8 @@ void SSLManager::RegisterUserPrefs(PrefService* prefs) {
SSLManager::SSLManager(NavigationController* controller, Delegate* delegate)
: delegate_(delegate),
- controller_(controller),
- ssl_host_state_(controller->profile()->GetSSLHostState()) {
+ backend_(controller),
+ controller_(controller) {
DCHECK(controller_);
// If do delegate is supplied, use the default policy.
@@ -126,102 +75,6 @@ SSLManager::SSLManager(NavigationController* controller, Delegate* delegate)
SSLManager::~SSLManager() {
}
-// Delegate API method.
-void SSLManager::ShowMessage(const std::wstring& msg) {
- ShowMessageWithLink(msg, std::wstring(), NULL);
-}
-
-void SSLManager::ShowMessageWithLink(const std::wstring& msg,
- const std::wstring& link_text,
- Task* task) {
- if (controller_->pending_entry()) {
- // The main frame is currently loading, wait until the load is committed so
- // to show the error on the right page (once the location bar shows the
- // correct url).
- if (std::find(pending_messages_.begin(), pending_messages_.end(), msg) ==
- pending_messages_.end())
- pending_messages_.push_back(SSLMessageInfo(msg, link_text, task));
-
- return;
- }
-
- NavigationEntry* entry = controller_->GetActiveEntry();
- if (!entry)
- return;
-
- // Don't show the message if the user doesn't expect an authenticated session.
- if (entry->ssl().security_style() <= SECURITY_STYLE_UNAUTHENTICATED)
- return;
-
- if (controller_->tab_contents()) {
- controller_->tab_contents()->AddInfoBar(
- new SSLInfoBarDelegate(controller_->tab_contents(), msg, link_text,
- task));
- }
-}
-
-// Delegate API method.
-bool SSLManager::SetMaxSecurityStyle(SecurityStyle style) {
- NavigationEntry* entry = controller_->GetActiveEntry();
- if (!entry) {
- NOTREACHED();
- return false;
- }
-
- if (entry->ssl().security_style() > style) {
- entry->ssl().set_security_style(style);
- return true;
- }
- return false;
-}
-
-// Delegate API method.
-void SSLManager::AddMessageToConsole(const string16& message,
- const WebConsoleMessage::Level& level) {
- controller_->tab_contents()->render_view_host()->AddMessageToConsole(
- string16(), message, level);
-}
-
-// Delegate API method.
-void SSLManager::MarkHostAsBroken(const std::string& host, int pid) {
- ssl_host_state_->MarkHostAsBroken(host, pid);
- DispatchSSLInternalStateChanged();
-}
-
-// Delegate API method.
-bool SSLManager::DidMarkHostAsBroken(const std::string& host, int pid) const {
- return ssl_host_state_->DidMarkHostAsBroken(host, pid);
-}
-
-// Delegate API method.
-void SSLManager::DenyCertForHost(net::X509Certificate* cert,
- const std::string& host) {
- // Remember that we don't like this cert for this host.
- ssl_host_state_->DenyCertForHost(cert, host);
-}
-
-// Delegate API method.
-void SSLManager::AllowCertForHost(net::X509Certificate* cert,
- const std::string& host) {
- ssl_host_state_->AllowCertForHost(cert, host);
-}
-
-// Delegate API method.
-net::X509Certificate::Policy::Judgment SSLManager::QueryPolicy(
- net::X509Certificate* cert, const std::string& host) {
- return ssl_host_state_->QueryPolicy(cert, host);
-}
-
-// Delegate API method.
-void SSLManager::AllowMixedContentForHost(const std::string& host) {
- ssl_host_state_->AllowMixedContentForHost(host);
-}
-
-// Delegate API method.
-bool SSLManager::DidAllowMixedContentForHost(const std::string& host) const {
- return ssl_host_state_->DidAllowMixedContentForHost(host);
-}
-
bool SSLManager::ProcessedSSLErrorFromRequest() const {
NavigationEntry* entry = controller_->GetActiveEntry();
if (!entry) {
@@ -324,13 +177,6 @@ void SSLManager::Observe(NotificationType type,
}
}
-void SSLManager::DispatchSSLInternalStateChanged() {
- NotificationService::current()->Notify(
- NotificationType::SSL_INTERNAL_STATE_CHANGED,
- Source<NavigationController>(controller_),
- NotificationService::NoDetails());
-}
-
void SSLManager::DispatchSSLVisibleStateChanged() {
NotificationService::current()->Notify(
NotificationType::SSL_VISIBLE_STATE_CHANGED,
@@ -346,7 +192,7 @@ void SSLManager::UpdateEntry(NavigationEntry* entry) {
NavigationEntry::SSLStatus original_ssl_status = entry->ssl(); // Copy!
- delegate()->UpdateEntry(this, entry);
+ delegate()->UpdateEntry(backend(), entry);
if (!entry->ssl().Equals(original_ssl_status))
DispatchSSLVisibleStateChanged();
@@ -361,7 +207,7 @@ void SSLManager::DidLoadFromMemoryCache(LoadFromMemoryCacheDetails* details) {
// This resource must have been loaded with FilterPolicy::DONT_FILTER because
// filtered resouces aren't cachable.
scoped_refptr<SSLRequestInfo> info = new SSLRequestInfo(
- this,
+ backend(),
details->url(),
ResourceType::SUB_RESOURCE,
details->frame_origin(),
@@ -425,7 +271,7 @@ void SSLManager::DidStartResourceResponse(ResourceRequestDetails* details) {
DCHECK(details);
scoped_refptr<SSLRequestInfo> info = new SSLRequestInfo(
- this,
+ backend(),
details->url(),
details->resource_type(),
details->frame_origin(),
@@ -449,23 +295,10 @@ void SSLManager::DidReceiveResourceRedirect(ResourceRedirectDetails* details) {
// the HTTP request to https://attacker.com/payload.js.
}
-void SSLManager::ShowPendingMessages() {
- std::vector<SSLMessageInfo>::const_iterator iter;
- for (iter = pending_messages_.begin();
- iter != pending_messages_.end(); ++iter) {
- ShowMessageWithLink(iter->message, iter->link_text, iter->action);
- }
- ClearPendingMessages();
-}
-
void SSLManager::DidChangeSSLInternalState() {
UpdateEntry(controller_->GetActiveEntry());
}
-void SSLManager::ClearPendingMessages() {
- pending_messages_.clear();
-}
-
// static
std::string SSLManager::SerializeSecurityInfo(int cert_id,
int cert_status,
diff --git a/chrome/browser/ssl/ssl_manager.h b/chrome/browser/ssl/ssl_manager.h
index da77c05..d5c4e13 100644
--- a/chrome/browser/ssl/ssl_manager.h
+++ b/chrome/browser/ssl/ssl_manager.h
@@ -13,6 +13,7 @@
#include "base/observer_list.h"
#include "base/ref_counted.h"
#include "chrome/browser/renderer_host/resource_dispatcher_host.h"
+#include "chrome/browser/ssl/ssl_policy_backend.h"
#include "chrome/browser/tab_contents/provisional_load_details.h"
#include "chrome/browser/tab_contents/security_style.h"
#include "chrome/common/notification_observer.h"
@@ -75,7 +76,7 @@ class SSLManager : public NotificationObserver {
virtual void OnRequestStarted(SSLRequestInfo* info) = 0;
// Update the SSL information in |entry| to match the current state.
- virtual void UpdateEntry(SSLManager* manager, NavigationEntry* entry) = 0;
+ virtual void UpdateEntry(SSLPolicyBackend* backend, NavigationEntry* entry) = 0;
};
static void RegisterUserPrefs(PrefService* prefs);
@@ -86,67 +87,13 @@ class SSLManager : public NotificationObserver {
~SSLManager();
- //////////////////////////////////////////////////////////////////////////////
- // Delegate API
- //
- // The SSL manager expects these methods to be called by its delegate. They
- // exist to make Delegates easy to implement.
-
- // Ensure that the specified message is displayed to the user. This will
- // display an InfoBar at the top of the associated tab.
- void ShowMessage(const std::wstring& msg);
-
- // Same as ShowMessage but also contains a link that when clicked run the
- // specified task. The SSL Manager becomes the owner of the task.
- void ShowMessageWithLink(const std::wstring& msg,
- const std::wstring& link_text,
- Task* task);
-
- // Records that a host is "broken," that is, the origin for that host has been
- // contaminated with insecure content, either via HTTP or via HTTPS with a
- // bad certificate.
- void MarkHostAsBroken(const std::string& host, int pid);
-
- // Returns whether the specified host was marked as broken.
- bool DidMarkHostAsBroken(const std::string& host, int pid) const;
-
- // Sets the maximum security style for the page. If the current security
- // style is lower than |style|, this will not have an effect on the security
- // indicators.
- //
- // It will return true if the navigation entry was updated or false if
- // nothing changed. The caller is responsible for broadcasting
- // NOTIFY_SSY_STATE_CHANGED if it returns true.
- bool SetMaxSecurityStyle(SecurityStyle style);
-
- // Logs a message to the console of the page.
- void AddMessageToConsole(const string16& message,
- const WebKit::WebConsoleMessage::Level&);
-
- // Records that |cert| is permitted to be used for |host| in the future.
- void DenyCertForHost(net::X509Certificate* cert, const std::string& host);
-
- // Records that |cert| is not permitted to be used for |host| in the future.
- void AllowCertForHost(net::X509Certificate* cert, const std::string& host);
-
- // Queries whether |cert| is allowed or denied for |host|.
- net::X509Certificate::Policy::Judgment QueryPolicy(
- net::X509Certificate* cert, const std::string& host);
-
- // Allow mixed content to be visible (non filtered).
- void AllowMixedContentForHost(const std::string& host);
-
- // Returns whether the specified host is allowed to show mixed content.
- bool DidAllowMixedContentForHost(const std::string& host) const;
-
- //
- //////////////////////////////////////////////////////////////////////////////
-
// The delegate of the SSLManager. This value may be changed at any time,
// but it is not permissible for it to be NULL.
Delegate* delegate() const { return delegate_; }
void set_delegate(Delegate* delegate) { delegate_ = delegate; }
+ SSLPolicyBackend* backend() { return &backend_; }
+
// Entry point for SSLCertificateErrors. This function begins the process
// of resolving a certificate error during an SSL connection. SSLManager
// will adjust the security UI and either call |Cancel| or
@@ -171,13 +118,14 @@ class SSLManager : public NotificationObserver {
URLRequest* request,
MessageLoop* ui_loop);
- // Called by CertError::Dispatch to kick off processing of the cert error by
- // the SSL manager. The error originated from the ResourceDispatcherHost.
+ // Called by SSLCertErrorHandler::OnDispatch to kick off processing of the
+ // cert error by the SSL manager. The error originated from the
+ // ResourceDispatcherHost.
//
// Called on the UI thread.
void OnCertError(SSLCertErrorHandler* handler);
- // Called by MixedContentHandler::Dispatch to kick off processing of the
+ // Called by SSLMixedContentHandler::OnDispatch to kick off processing of the
// mixed-content resource request. The info originated from the
// ResourceDispatcherHost.
//
@@ -255,9 +203,6 @@ class SSLManager : public NotificationObserver {
void DidReceiveResourceRedirect(ResourceRedirectDetails* details);
void DidChangeSSLInternalState();
- // Dispatch NotificationType::SSL_INTERNAL_STATE_CHANGED notification.
- void DispatchSSLInternalStateChanged();
-
// Dispatch NotificationType::SSL_VISIBLE_STATE_CHANGED notification.
void DispatchSSLVisibleStateChanged();
@@ -274,6 +219,9 @@ class SSLManager : public NotificationObserver {
// Must not be NULL.
Delegate* delegate_;
+ // The backend for the SSLPolicy to actuate its decisions.
+ SSLPolicyBackend backend_;
+
// The NavigationController that owns this SSLManager. We are responsible
// for the security UI of this tab.
NavigationController* controller_;
@@ -281,13 +229,6 @@ class SSLManager : public NotificationObserver {
// Handles registering notifications with the NotificationService.
NotificationRegistrar registrar_;
- // SSL state specific for each host.
- SSLHostState* ssl_host_state_;
-
- // The list of messages that should be displayed (in info bars) when the page
- // currently loading had loaded.
- std::vector<SSLMessageInfo> pending_messages_;
-
DISALLOW_COPY_AND_ASSIGN(SSLManager);
};
diff --git a/chrome/browser/ssl/ssl_mixed_content_handler.h b/chrome/browser/ssl/ssl_mixed_content_handler.h
index c3f9057..1ed2e0c 100644
--- a/chrome/browser/ssl/ssl_mixed_content_handler.h
+++ b/chrome/browser/ssl/ssl_mixed_content_handler.h
@@ -28,7 +28,7 @@ class SSLMixedContentHandler : public SSLErrorHandler {
protected:
virtual void OnDispatchFailed() { TakeNoAction(); }
- virtual void OnDispatched() { manager()->OnMixedContent(this); }
+ virtual void OnDispatched() { manager_->OnMixedContent(this); }
private:
int pid_;
diff --git a/chrome/browser/ssl/ssl_policy.cc b/chrome/browser/ssl/ssl_policy.cc
index 9c37117..6c9ac63 100644
--- a/chrome/browser/ssl/ssl_policy.cc
+++ b/chrome/browser/ssl/ssl_policy.cc
@@ -30,48 +30,47 @@
#include "net/base/ssl_info.h"
#include "webkit/glue/resource_type.h"
-
using WebKit::WebConsoleMessage;
// Wrap all these helper classes in an anonymous namespace.
namespace {
-static void MarkOriginAsBroken(SSLManager* manager,
+static void MarkOriginAsBroken(SSLPolicyBackend* backend,
const std::string& origin,
int pid) {
GURL parsed_origin(origin);
if (!parsed_origin.SchemeIsSecure())
return;
- manager->MarkHostAsBroken(parsed_origin.host(), pid);
+ backend->MarkHostAsBroken(parsed_origin.host(), pid);
}
-static void AllowMixedContentForOrigin(SSLManager* manager,
+static void AllowMixedContentForOrigin(SSLPolicyBackend* backend,
const std::string& origin) {
GURL parsed_origin(origin);
if (!parsed_origin.SchemeIsSecure())
return;
- manager->AllowMixedContentForHost(parsed_origin.host());
+ backend->AllowMixedContentForHost(parsed_origin.host());
}
static void UpdateStateForMixedContent(SSLRequestInfo* info) {
if (info->resource_type() != ResourceType::MAIN_FRAME ||
info->resource_type() != ResourceType::SUB_FRAME) {
// The frame's origin now contains mixed content and therefore is broken.
- MarkOriginAsBroken(info->manager(), info->frame_origin(), info->pid());
+ MarkOriginAsBroken(info->backend(), info->frame_origin(), info->pid());
}
if (info->resource_type() != ResourceType::MAIN_FRAME) {
// The main frame now contains a frame with mixed content. Therefore, we
// mark the main frame's origin as broken too.
- MarkOriginAsBroken(info->manager(), info->main_frame_origin(), info->pid());
+ MarkOriginAsBroken(info->backend(), info->main_frame_origin(), info->pid());
}
}
static void UpdateStateForUnsafeContent(SSLRequestInfo* info) {
// This request as a broken cert, which means its host is broken.
- info->manager()->MarkHostAsBroken(info->url().host(), info->pid());
+ info->backend()->MarkHostAsBroken(info->url().host(), info->pid());
UpdateStateForMixedContent(info);
}
@@ -97,10 +96,10 @@ ShowMixedContentTask::~ShowMixedContentTask() {
}
void ShowMixedContentTask::Run() {
- AllowMixedContentForOrigin(handler_->manager(), handler_->frame_origin());
- AllowMixedContentForOrigin(handler_->manager(),
+ AllowMixedContentForOrigin(handler_->backend(), handler_->frame_origin());
+ AllowMixedContentForOrigin(handler_->backend(),
handler_->main_frame_origin());
- handler_->manager()->controller()->Reload(true);
+ handler_->backend()->Reload();
}
static void ShowErrorPage(SSLPolicy* policy, SSLCertErrorHandler* handler) {
@@ -161,7 +160,7 @@ static void AddMixedContentWarningToConsole(SSLMixedContentHandler* handler) {
IDS_MIXED_CONTENT_LOG_MESSAGE,
UTF8ToWide(handler->frame_origin()),
UTF8ToWide(handler->request_url().spec()));
- handler->manager()->AddMessageToConsole(
+ handler->backend()->AddMessageToConsole(
WideToUTF16Hack(text), WebConsoleMessage::LevelWarning);
}
@@ -177,7 +176,7 @@ SSLPolicy* SSLPolicy::GetDefaultPolicy() {
void SSLPolicy::OnCertError(SSLCertErrorHandler* handler) {
// First we check if we know the policy for this error.
net::X509Certificate::Policy::Judgment judgment =
- handler->manager()->QueryPolicy(handler->ssl_info().cert,
+ handler->backend()->QueryPolicy(handler->ssl_info().cert,
handler->request_url().host());
if (judgment == net::X509Certificate::Policy::ALLOWED) {
@@ -202,7 +201,7 @@ void SSLPolicy::OnCertError(SSLCertErrorHandler* handler) {
case net::ERR_CERT_UNABLE_TO_CHECK_REVOCATION:
// We ignore this error and display an infobar.
handler->ContinueRequest();
- handler->manager()->ShowMessage(l10n_util::GetString(
+ handler->backend()->ShowMessage(l10n_util::GetString(
IDS_CERT_ERROR_UNABLE_TO_CHECK_REVOCATION_INFO_BAR));
break;
case net::ERR_CERT_CONTAINS_ERRORS:
@@ -225,12 +224,12 @@ void SSLPolicy::OnMixedContent(SSLMixedContentHandler* handler) {
// If the user has added an exception, doctor the |filter_policy|.
std::string host = GURL(handler->main_frame_origin()).host();
- if (handler->manager()->DidAllowMixedContentForHost(host) ||
- handler->manager()->DidMarkHostAsBroken(host, handler->pid()))
+ if (handler->backend()->DidAllowMixedContentForHost(host) ||
+ handler->backend()->DidMarkHostAsBroken(host, handler->pid()))
filter_policy = FilterPolicy::DONT_FILTER;
if (filter_policy != FilterPolicy::DONT_FILTER) {
- handler->manager()->ShowMessageWithLink(
+ handler->backend()->ShowMessageWithLink(
l10n_util::GetString(IDS_SSL_INFO_BAR_FILTERED_CONTENT),
l10n_util::GetString(IDS_SSL_INFO_BAR_SHOW_CONTENT),
new ShowMixedContentTask(handler));
@@ -251,7 +250,7 @@ void SSLPolicy::OnRequestStarted(SSLRequestInfo* info) {
UpdateStateForMixedContent(info);
}
-void SSLPolicy::UpdateEntry(SSLManager* manager, NavigationEntry* entry) {
+void SSLPolicy::UpdateEntry(SSLPolicyBackend* backend, NavigationEntry* entry) {
DCHECK(entry);
InitializeEntryIfNeeded(entry);
@@ -272,7 +271,7 @@ void SSLPolicy::UpdateEntry(SSLManager* manager, NavigationEntry* entry) {
return;
}
- if (manager->DidMarkHostAsBroken(entry->url().host(),
+ if (backend->DidMarkHostAsBroken(entry->url().host(),
entry->site_instance()->GetProcess()->pid()))
entry->ssl().set_has_mixed_content();
}
@@ -322,7 +321,7 @@ void SSLPolicy::OnDenyCertificate(SSLCertErrorHandler* handler) {
// While DenyCertForHost() executes synchronously on this thread,
// CancelRequest() gets posted to a different thread. Calling
// DenyCertForHost() first ensures deterministic ordering.
- handler->manager()->DenyCertForHost(handler->ssl_info().cert,
+ handler->backend()->DenyCertForHost(handler->ssl_info().cert,
handler->request_url().host());
handler->CancelRequest();
}
@@ -338,7 +337,7 @@ void SSLPolicy::OnAllowCertificate(SSLCertErrorHandler* handler) {
// While AllowCertForHost() executes synchronously on this thread,
// ContinueRequest() gets posted to a different thread. Calling
// AllowCertForHost() first ensures deterministic ordering.
- handler->manager()->AllowCertForHost(handler->ssl_info().cert,
+ handler->backend()->AllowCertForHost(handler->ssl_info().cert,
handler->request_url().host());
handler->ContinueRequest();
}
diff --git a/chrome/browser/ssl/ssl_policy.h b/chrome/browser/ssl/ssl_policy.h
index 204a96e..117120d 100644
--- a/chrome/browser/ssl/ssl_policy.h
+++ b/chrome/browser/ssl/ssl_policy.h
@@ -12,8 +12,8 @@
// SSLPolicy
//
// This class is responsible for making the security decisions that concern the
-// SSL trust indicators. It relies on the SSLManager to actually enact the
-// decisions it reaches.
+// SSL trust indicators. It relies on the SSLPolicyBackend to actually enact
+// the decisions it reaches.
//
class SSLPolicy : public SSLManager::Delegate,
public SSLBlockingPage::Delegate {
@@ -25,7 +25,7 @@ class SSLPolicy : public SSLManager::Delegate,
virtual void OnCertError(SSLCertErrorHandler* handler);
virtual void OnMixedContent(SSLMixedContentHandler* handler);
virtual void OnRequestStarted(SSLRequestInfo* info);
- virtual void UpdateEntry(SSLManager* manager, NavigationEntry* entry);
+ virtual void UpdateEntry(SSLPolicyBackend* backend, NavigationEntry* entry);
// This method is static because it is called from both the UI and the IO
// threads.
diff --git a/chrome/browser/ssl/ssl_policy_backend.cc b/chrome/browser/ssl/ssl_policy_backend.cc
new file mode 100644
index 0000000..96cc8ce
--- /dev/null
+++ b/chrome/browser/ssl/ssl_policy_backend.cc
@@ -0,0 +1,185 @@
+// Copyright (c) 2009 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/ssl/ssl_policy_backend.h"
+
+#include "app/resource_bundle.h"
+#include "chrome/browser/ssl/ssl_host_state.h"
+#include "chrome/browser/tab_contents/infobar_delegate.h"
+#include "chrome/browser/tab_contents/navigation_controller.h"
+#include "chrome/browser/tab_contents/navigation_entry.h"
+#include "chrome/browser/tab_contents/tab_contents.h"
+#include "chrome/common/notification_service.h"
+#include "grit/generated_resources.h"
+#include "grit/theme_resources.h"
+
+using WebKit::WebConsoleMessage;
+
+class SSLInfoBarDelegate : public ConfirmInfoBarDelegate {
+ public:
+ SSLInfoBarDelegate(TabContents* contents,
+ const std::wstring message,
+ const std::wstring& button_label,
+ Task* task)
+ : ConfirmInfoBarDelegate(contents),
+ message_(message),
+ button_label_(button_label),
+ task_(task) {
+ }
+ virtual ~SSLInfoBarDelegate() {}
+
+ // Overridden from ConfirmInfoBarDelegate:
+ virtual void InfoBarClosed() {
+ delete this;
+ }
+ virtual std::wstring GetMessageText() const {
+ return message_;
+ }
+ virtual SkBitmap* GetIcon() const {
+ return ResourceBundle::GetSharedInstance().GetBitmapNamed(
+ IDR_INFOBAR_SSL_WARNING);
+ }
+ virtual int GetButtons() const {
+ return !button_label_.empty() ? BUTTON_OK : BUTTON_NONE;
+ }
+ virtual std::wstring GetButtonLabel(InfoBarButton button) const {
+ return button_label_;
+ }
+ virtual bool Accept() {
+ if (task_.get()) {
+ task_->Run();
+ task_.reset(); // Ensures we won't run the task again.
+ }
+ return true;
+ }
+
+ private:
+ // Labels for the InfoBar's message and button.
+ std::wstring message_;
+ std::wstring button_label_;
+
+ // A task to run when the InfoBar is accepted.
+ scoped_ptr<Task> task_;
+
+ DISALLOW_COPY_AND_ASSIGN(SSLInfoBarDelegate);
+};
+
+SSLPolicyBackend::SSLPolicyBackend(NavigationController* controller)
+ : controller_(controller),
+ ssl_host_state_(controller->profile()->GetSSLHostState()) {
+ DCHECK(controller_);
+ DCHECK(ssl_host_state_);
+}
+
+void SSLPolicyBackend::ShowMessage(const std::wstring& msg) {
+ ShowMessageWithLink(msg, std::wstring(), NULL);
+}
+
+void SSLPolicyBackend::ShowMessageWithLink(const std::wstring& msg,
+ const std::wstring& link_text,
+ Task* task) {
+ if (controller_->pending_entry()) {
+ // The main frame is currently loading, wait until the load is committed so
+ // to show the error on the right page (once the location bar shows the
+ // correct url).
+ if (std::find(pending_messages_.begin(), pending_messages_.end(), msg) ==
+ pending_messages_.end())
+ pending_messages_.push_back(SSLMessageInfo(msg, link_text, task));
+
+ return;
+ }
+
+ NavigationEntry* entry = controller_->GetActiveEntry();
+ if (!entry)
+ return;
+
+ // Don't show the message if the user doesn't expect an authenticated session.
+ if (entry->ssl().security_style() <= SECURITY_STYLE_UNAUTHENTICATED)
+ return;
+
+ if (controller_->tab_contents()) {
+ controller_->tab_contents()->AddInfoBar(
+ new SSLInfoBarDelegate(controller_->tab_contents(), msg, link_text,
+ task));
+ }
+}
+
+bool SSLPolicyBackend::SetMaxSecurityStyle(SecurityStyle style) {
+ NavigationEntry* entry = controller_->GetActiveEntry();
+ if (!entry) {
+ NOTREACHED();
+ return false;
+ }
+
+ if (entry->ssl().security_style() > style) {
+ entry->ssl().set_security_style(style);
+ return true;
+ }
+ return false;
+}
+
+void SSLPolicyBackend::AddMessageToConsole(
+ const string16& message, const WebConsoleMessage::Level& level) {
+ controller_->tab_contents()->render_view_host()->AddMessageToConsole(
+ string16(), message, level);
+}
+
+void SSLPolicyBackend::MarkHostAsBroken(const std::string& host, int pid) {
+ ssl_host_state_->MarkHostAsBroken(host, pid);
+ DispatchSSLInternalStateChanged();
+}
+
+bool SSLPolicyBackend::DidMarkHostAsBroken(const std::string& host,
+ int pid) const {
+ return ssl_host_state_->DidMarkHostAsBroken(host, pid);
+}
+
+void SSLPolicyBackend::DenyCertForHost(net::X509Certificate* cert,
+ const std::string& host) {
+ // Remember that we don't like this cert for this host.
+ ssl_host_state_->DenyCertForHost(cert, host);
+}
+
+void SSLPolicyBackend::AllowCertForHost(net::X509Certificate* cert,
+ const std::string& host) {
+ ssl_host_state_->AllowCertForHost(cert, host);
+}
+
+net::X509Certificate::Policy::Judgment SSLPolicyBackend::QueryPolicy(
+ net::X509Certificate* cert, const std::string& host) {
+ return ssl_host_state_->QueryPolicy(cert, host);
+}
+
+void SSLPolicyBackend::AllowMixedContentForHost(const std::string& host) {
+ ssl_host_state_->AllowMixedContentForHost(host);
+}
+
+bool SSLPolicyBackend::DidAllowMixedContentForHost(
+ const std::string& host) const {
+ return ssl_host_state_->DidAllowMixedContentForHost(host);
+}
+
+void SSLPolicyBackend::Reload() {
+ controller_->Reload(true);
+}
+
+void SSLPolicyBackend::DispatchSSLInternalStateChanged() {
+ NotificationService::current()->Notify(
+ NotificationType::SSL_INTERNAL_STATE_CHANGED,
+ Source<NavigationController>(controller_),
+ NotificationService::NoDetails());
+}
+
+void SSLPolicyBackend::ShowPendingMessages() {
+ std::vector<SSLMessageInfo>::const_iterator iter;
+ for (iter = pending_messages_.begin();
+ iter != pending_messages_.end(); ++iter) {
+ ShowMessageWithLink(iter->message, iter->link_text, iter->action);
+ }
+ ClearPendingMessages();
+}
+
+void SSLPolicyBackend::ClearPendingMessages() {
+ pending_messages_.clear();
+}
diff --git a/chrome/browser/ssl/ssl_policy_backend.h b/chrome/browser/ssl/ssl_policy_backend.h
new file mode 100644
index 0000000..b0af806
--- /dev/null
+++ b/chrome/browser/ssl/ssl_policy_backend.h
@@ -0,0 +1,122 @@
+// Copyright (c) 2009 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CHROME_BROWSER_SSL_SSL_POLICY_BACKEND_H_
+#define CHROME_BROWSER_SSL_SSL_POLICY_BACKEND_H_
+
+#include <string>
+#include <vector>
+
+#include "base/basictypes.h"
+#include "chrome/browser/tab_contents/security_style.h"
+#include "net/base/x509_certificate.h"
+#include "webkit/api/public/WebConsoleMessage.h"
+
+class NavigationController;
+class SSLHostState;
+class Task;
+
+class SSLPolicyBackend {
+ public:
+ explicit SSLPolicyBackend(NavigationController* controller);
+
+ // Ensure that the specified message is displayed to the user. This will
+ // display an InfoBar at the top of the associated tab.
+ void ShowMessage(const std::wstring& msg);
+
+ // Same as ShowMessage but also contains a link that when clicked run the
+ // specified task. The SSL Manager becomes the owner of the task.
+ void ShowMessageWithLink(const std::wstring& msg,
+ const std::wstring& link_text,
+ Task* task);
+
+ // Records that a host is "broken," that is, the origin for that host has been
+ // contaminated with insecure content, either via HTTP or via HTTPS with a
+ // bad certificate.
+ void MarkHostAsBroken(const std::string& host, int pid);
+
+ // Returns whether the specified host was marked as broken.
+ bool DidMarkHostAsBroken(const std::string& host, int pid) const;
+
+ // Sets the maximum security style for the page. If the current security
+ // style is lower than |style|, this will not have an effect on the security
+ // indicators.
+ //
+ // It will return true if the navigation entry was updated or false if
+ // nothing changed. The caller is responsible for broadcasting
+ // NOTIFY_SSY_STATE_CHANGED if it returns true.
+ bool SetMaxSecurityStyle(SecurityStyle style);
+
+ // Logs a message to the console of the page.
+ void AddMessageToConsole(const string16& message,
+ const WebKit::WebConsoleMessage::Level&);
+
+ // Records that |cert| is permitted to be used for |host| in the future.
+ void DenyCertForHost(net::X509Certificate* cert, const std::string& host);
+
+ // Records that |cert| is not permitted to be used for |host| in the future.
+ void AllowCertForHost(net::X509Certificate* cert, const std::string& host);
+
+ // Queries whether |cert| is allowed or denied for |host|.
+ net::X509Certificate::Policy::Judgment QueryPolicy(
+ net::X509Certificate* cert, const std::string& host);
+
+ // Allow mixed content to be visible (non filtered).
+ void AllowMixedContentForHost(const std::string& host);
+
+ // Returns whether the specified host is allowed to show mixed content.
+ bool DidAllowMixedContentForHost(const std::string& host) const;
+
+ // Reloads the tab.
+ void Reload();
+
+ private:
+ // SSLMessageInfo contains the information necessary for displaying a message
+ // in an info-bar.
+ struct SSLMessageInfo {
+ public:
+ explicit SSLMessageInfo(const std::wstring& text)
+ : message(text),
+ action(NULL) { }
+
+ SSLMessageInfo(const std::wstring& message,
+ const std::wstring& link_text,
+ Task* action)
+ : message(message), link_text(link_text), action(action) { }
+
+ // Overridden so that std::find works.
+ bool operator==(const std::wstring& other_message) const {
+ // We are uniquing SSLMessageInfo by their message only.
+ return message == other_message;
+ }
+
+ std::wstring message;
+ std::wstring link_text;
+ Task* action;
+ };
+
+ // Dispatch NotificationType::SSL_INTERNAL_STATE_CHANGED notification.
+ void DispatchSSLInternalStateChanged();
+
+ // Shows the pending messages (in info-bars) if any.
+ void ShowPendingMessages();
+
+ // Clears any pending messages.
+ void ClearPendingMessages();
+
+ // The NavigationController that owns this SSLManager. We are responsible
+ // for the security UI of this tab.
+ NavigationController* controller_;
+
+ // SSL state specific for each host.
+ SSLHostState* ssl_host_state_;
+
+ // The list of messages that should be displayed (in info bars) when the page
+ // currently loading had loaded.
+ std::vector<SSLMessageInfo> pending_messages_;
+
+ DISALLOW_COPY_AND_ASSIGN(SSLPolicyBackend);
+};
+
+#endif // CHROME_BROWSER_SSL_SSL_POLICY_BACKEND_H_
diff --git a/chrome/browser/ssl/ssl_request_info.h b/chrome/browser/ssl/ssl_request_info.h
index bd1544a..9128e97 100644
--- a/chrome/browser/ssl/ssl_request_info.h
+++ b/chrome/browser/ssl/ssl_request_info.h
@@ -11,14 +11,14 @@
#include "googleurl/src/gurl.h"
#include "webkit/glue/resource_type.h"
-class SSLManager;
+class SSLPolicyBackend;
// SSLRequestInfo wraps up the information SSLPolicy needs about a request in
// order to update our security IU. SSLRequestInfo is RefCounted in case we
// need to deal with the request asynchronously.
class SSLRequestInfo : public base::RefCounted<SSLRequestInfo> {
public:
- SSLRequestInfo(SSLManager* manager,
+ SSLRequestInfo(SSLPolicyBackend* backend,
const GURL& url,
ResourceType::Type resource_type,
const std::string& frame_origin,
@@ -27,7 +27,7 @@ class SSLRequestInfo : public base::RefCounted<SSLRequestInfo> {
int pid,
int ssl_cert_id,
int ssl_cert_status)
- : manager_(manager),
+ : backend_(backend),
url_(url),
resource_type_(resource_type),
frame_origin_(frame_origin),
@@ -38,7 +38,7 @@ class SSLRequestInfo : public base::RefCounted<SSLRequestInfo> {
ssl_cert_status_(ssl_cert_status) {
}
- SSLManager* manager() const { return manager_; }
+ SSLPolicyBackend* backend() const { return backend_; }
const GURL& url() const { return url_; }
ResourceType::Type resource_type() const { return resource_type_; }
const std::string& frame_origin() const { return frame_origin_; }
@@ -49,7 +49,7 @@ class SSLRequestInfo : public base::RefCounted<SSLRequestInfo> {
int ssl_cert_status() const { return ssl_cert_status_; }
private:
- SSLManager* manager_;
+ SSLPolicyBackend* backend_;
GURL url_;
ResourceType::Type resource_type_;
std::string frame_origin_;