diff options
| author | pkasting@chromium.org <pkasting@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-05-17 17:38:47 +0000 |
|---|---|---|
| committer | pkasting@chromium.org <pkasting@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-05-17 17:38:47 +0000 |
| commit | f17a0ee61359bdf6633e164501f3370fa2f98164 (patch) | |
| tree | 64ec900e4089bd99475fe4d10432bca5f138d080 /chrome/browser/tab_contents | |
| parent | 1274a4f5664d879b1e2d12f4113daf0b1dedfa40 (diff) | |
| download | chromium_src-f17a0ee61359bdf6633e164501f3370fa2f98164.zip chromium_src-f17a0ee61359bdf6633e164501f3370fa2f98164.tar.gz chromium_src-f17a0ee61359bdf6633e164501f3370fa2f98164.tar.bz2 | |
Reland r47347 [was reverted in r47357], this time without re-enabling a DISABLED test that times out on Mac. (Original patch reviewed at http://codereview.chromium.org/2067003 )
Track "display" and "run" separately for mixed content, and make the latter downgrade the SSL state to "authentication broken".
Make the "display" state only affect the current tab (not the entire host).
Fix an SSL browser test by supplying the appropriate SiteInstance*.
Move a test from "disabled" to "flaky" since it at least passes for me.
Make the SSLManager header and .cc files put functions in the same order, and make that order somewhat saner.
BUG=15072, 18626, 40932, 42758
TEST=Covered by browser tests
Review URL: http://codereview.chromium.org/2063008
Review URL: http://codereview.chromium.org/2126005
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@47428 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/browser/tab_contents')
| -rw-r--r-- | chrome/browser/tab_contents/navigation_entry.h | 30 | ||||
| -rw-r--r-- | chrome/browser/tab_contents/navigation_entry_unittest.cc | 14 | ||||
| -rw-r--r-- | chrome/browser/tab_contents/tab_contents.cc | 8 | ||||
| -rw-r--r-- | chrome/browser/tab_contents/tab_contents.h | 7 |
4 files changed, 45 insertions, 14 deletions
diff --git a/chrome/browser/tab_contents/navigation_entry.h b/chrome/browser/tab_contents/navigation_entry.h index 7aaa5e0..833107c 100644 --- a/chrome/browser/tab_contents/navigation_entry.h +++ b/chrome/browser/tab_contents/navigation_entry.h @@ -37,8 +37,17 @@ class NavigationEntry { public: // Flags used for the page security content status. enum ContentStatusFlags { - NORMAL_CONTENT = 0, // No mixed content. - MIXED_CONTENT = 1 << 0, // https page containing http resources. + // HTTP page, or HTTPS page with no insecure content. + NORMAL_CONTENT = 0, + + // HTTPS page containing "displayed" HTTP resources (e.g. images, CSS). + DISPLAYED_MIXED_CONTENT = 1 << 0, + + // HTTPS page containing "executed" HTTP resources (i.e. script). + // Also currently used for HTTPS page containing broken-HTTPS resources; + // this is wrong and should be fixed (see comments in + // SSLPolicy::OnRequestStarted()). + RAN_MIXED_CONTENT = 1 << 1, }; SSLStatus(); @@ -79,13 +88,18 @@ class NavigationEntry { return security_bits_; } - // Mixed content means that this page which is served over https contains - // http sub-resources. - void set_has_mixed_content() { - content_status_ |= MIXED_CONTENT; + void set_displayed_mixed_content() { + content_status_ |= DISPLAYED_MIXED_CONTENT; + } + bool displayed_mixed_content() const { + return (content_status_ & DISPLAYED_MIXED_CONTENT) != 0; + } + + void set_ran_mixed_content() { + content_status_ |= RAN_MIXED_CONTENT; } - bool has_mixed_content() const { - return (content_status_ & MIXED_CONTENT) != 0; + bool ran_mixed_content() const { + return (content_status_ & RAN_MIXED_CONTENT) != 0; } // Raw accessors for all the content status flags. This contains a diff --git a/chrome/browser/tab_contents/navigation_entry_unittest.cc b/chrome/browser/tab_contents/navigation_entry_unittest.cc index 8fde535..ef37b11 100644 --- a/chrome/browser/tab_contents/navigation_entry_unittest.cc +++ b/chrome/browser/tab_contents/navigation_entry_unittest.cc @@ -101,23 +101,27 @@ TEST_F(NavigationEntryTest, NavigationEntrySSLStatus) { EXPECT_EQ(0, entry1_.get()->ssl().cert_id()); EXPECT_EQ(0, entry1_.get()->ssl().cert_status()); EXPECT_EQ(-1, entry1_.get()->ssl().security_bits()); - EXPECT_FALSE(entry1_.get()->ssl().has_mixed_content()); + EXPECT_FALSE(entry1_.get()->ssl().displayed_mixed_content()); + EXPECT_FALSE(entry1_.get()->ssl().ran_mixed_content()); // Change from the defaults entry2_.get()->ssl().set_security_style(SECURITY_STYLE_AUTHENTICATED); entry2_.get()->ssl().set_cert_id(4); entry2_.get()->ssl().set_cert_status(1); entry2_.get()->ssl().set_security_bits(0); + entry2_.get()->ssl().set_displayed_mixed_content(); EXPECT_EQ(SECURITY_STYLE_AUTHENTICATED, entry2_.get()->ssl().security_style()); EXPECT_EQ(4, entry2_.get()->ssl().cert_id()); EXPECT_EQ(1, entry2_.get()->ssl().cert_status()); EXPECT_EQ(0, entry2_.get()->ssl().security_bits()); + EXPECT_TRUE(entry2_.get()->ssl().displayed_mixed_content()); - // Mixed content unaffected by unsafe content - EXPECT_FALSE(entry2_.get()->ssl().has_mixed_content()); - entry2_.get()->ssl().set_has_mixed_content(); - EXPECT_TRUE(entry2_.get()->ssl().has_mixed_content()); + entry2_.get()->ssl().set_security_style(SECURITY_STYLE_AUTHENTICATION_BROKEN); + entry2_.get()->ssl().set_ran_mixed_content(); + EXPECT_EQ(SECURITY_STYLE_AUTHENTICATION_BROKEN, + entry2_.get()->ssl().security_style()); + EXPECT_TRUE(entry2_.get()->ssl().ran_mixed_content()); } // Test other basic accessors diff --git a/chrome/browser/tab_contents/tab_contents.cc b/chrome/browser/tab_contents/tab_contents.cc index 8b29480..1f7dd3d 100644 --- a/chrome/browser/tab_contents/tab_contents.cc +++ b/chrome/browser/tab_contents/tab_contents.cc @@ -270,6 +270,7 @@ TabContents::TabContents(Profile* profile, encoding_(), blocked_popups_(NULL), dont_notify_render_view_(false), + displayed_insecure_content_(false), infobar_delegates_(), find_ui_active_(false), find_op_aborted_(false), @@ -1582,6 +1583,10 @@ void TabContents::DidNavigateMainFramePostCommit( geolocation_settings_state_.DidNavigate(details); if (delegate_) delegate_->OnContentSettingsChange(this); + + // Once the main frame is navigated, we're no longer considered to have + // displayed insecure content. + displayed_insecure_content_ = false; } // Close constrained windows if necessary. @@ -2051,7 +2056,8 @@ void TabContents::DidLoadResourceFromMemoryCache( } void TabContents::DidDisplayInsecureContent() { - controller_.ssl_manager()->DidDisplayInsecureContent(); + displayed_insecure_content_ = true; + SSLManager::NotifySSLInternalStateChanged(); } void TabContents::DidRunInsecureContent(const std::string& security_origin) { diff --git a/chrome/browser/tab_contents/tab_contents.h b/chrome/browser/tab_contents/tab_contents.h index 78465ec..c657d55 100644 --- a/chrome/browser/tab_contents/tab_contents.h +++ b/chrome/browser/tab_contents/tab_contents.h @@ -298,6 +298,10 @@ class TabContents : public PageNavigator, // navigation state change to trigger repaint of title. void SetAppIcon(const SkBitmap& app_icon); + bool displayed_insecure_content() const { + return displayed_insecure_content_; + } + // Internal state ------------------------------------------------------------ // This flag indicates whether the tab contents is currently being @@ -1135,6 +1139,9 @@ class TabContents : public PageNavigator, // Stores which content setting types actually have blocked content. bool content_blocked_[CONTENT_SETTINGS_NUM_TYPES]; + // True if this is a secure page which displayed insecure content. + bool displayed_insecure_content_; + // Data for shelves and stuff ------------------------------------------------ // Delegates for InfoBars associated with this TabContents. |