diff options
| author | pkasting@chromium.org <pkasting@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-05-18 18:28:48 +0000 |
|---|---|---|
| committer | pkasting@chromium.org <pkasting@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-05-18 18:28:48 +0000 |
| commit | b4e75c12dacc0922694b12b687a48dd2d973b595 (patch) | |
| tree | 23d65e13ccf2fd9535ffb7ad965c5f2826efd6cc /chrome | |
| parent | 15ad5dcb44ab2049103f738625e4e5f2483d85da (diff) | |
| download | chromium_src-b4e75c12dacc0922694b12b687a48dd2d973b595.zip chromium_src-b4e75c12dacc0922694b12b687a48dd2d973b595.tar.gz chromium_src-b4e75c12dacc0922694b12b687a48dd2d973b595.tar.bz2 | |
Rename "mixed content" to "insecure content" in as many places as possible, to standardize on a consistent naming scheme.
BUG=none
TEST=none
Review URL: http://codereview.chromium.org/2069005
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@47531 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome')
28 files changed, 144 insertions, 161 deletions
diff --git a/chrome/app/generated_resources.grd b/chrome/app/generated_resources.grd index 475a77b..7b10ab2 100644 --- a/chrome/app/generated_resources.grd +++ b/chrome/app/generated_resources.grd @@ -5050,10 +5050,10 @@ Keep your key file in a safe place. You will need it to create new versions of y <message name="IDS_PAGE_INFO_SECURITY_TAB_NOT_ENCRYPTED_CONNECTION_TEXT" desc="The text of the connection section when the connection is not encrypted."> Your connection to <ph name="DOMAIN">$1<ex>www.google.com</ex></ph> is not encrypted. </message> - <message name="IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_MIXED_CONTENT_WARNING" desc="Some extra text of the connection section when the connection is encrypted and the page contains mixed content which has been displayed (e.g. images, CSS)."> + <message name="IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_INSECURE_CONTENT_WARNING" desc="Some extra text of the connection section when the connection is encrypted and the page contains insecure content which has been displayed (e.g. images, CSS)."> However, this page includes other resources which are not secure. These resources can be viewed by others while in transit, and can be modified by an attacker to change the look of the page. </message> - <message name="IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_MIXED_CONTENT_ERROR" desc="Some extra text of the connection section when the connection is encrypted and the page contains mixed content which has been run (e.g. script)."> + <message name="IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_INSECURE_CONTENT_ERROR" desc="Some extra text of the connection section when the connection is encrypted and the page contains insecure content which has been run (e.g. script)."> However, this page includes other resources which are not secure. These resources can be viewed by others while in transit, and can be modified by an attacker to change the behavior of the page. </message> <message name="IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_SENTENCE_LINK" desc="Linking 2 sentences in 1 paragraph."> @@ -5091,7 +5091,7 @@ Keep your key file in a safe place. You will need it to create new versions of y <message name="IDS_UNSAFE_FRAME_MESSAGE" desc="The text displayed in the content that is subsituted to an unsafe frame."> This frame was blocked because it contains some insecure content. </message> - <message name="IDS_MIXED_CONTENT_LOG_MESSAGE" desc="The text displayed in the log message of a page that contains insecure content."> + <message name="IDS_INSECURE_CONTENT_LOG_MESSAGE" desc="The text displayed in the log message of a page that contains insecure content."> The page at <ph name="SECURE_PAGE_URL">$1<ex>https://www.google.com/</ex></ph> contains insecure content from <ph name="INSECURE_RESOURCE_URL">$2<ex>http://www.google.com/</ex></ph>. </message> diff --git a/chrome/browser/automation/automation_provider.cc b/chrome/browser/automation/automation_provider.cc index 8815104..4dc12d3 100644 --- a/chrome/browser/automation/automation_provider.cc +++ b/chrome/browser/automation/automation_provider.cc @@ -2441,19 +2441,19 @@ void AutomationProvider::WaitForTabToBeRestored(int tab_handle, void AutomationProvider::GetSecurityState(int handle, bool* success, SecurityStyle* security_style, int* ssl_cert_status, - int* mixed_content_status) { + int* insecure_content_status) { if (tab_tracker_->ContainsHandle(handle)) { NavigationController* tab = tab_tracker_->GetResource(handle); NavigationEntry* entry = tab->GetActiveEntry(); *success = true; *security_style = entry->ssl().security_style(); *ssl_cert_status = entry->ssl().cert_status(); - *mixed_content_status = entry->ssl().content_status(); + *insecure_content_status = entry->ssl().content_status(); } else { *success = false; *security_style = SECURITY_STYLE_UNKNOWN; *ssl_cert_status = 0; - *mixed_content_status = 0; + *insecure_content_status = 0; } } diff --git a/chrome/browser/automation/automation_provider.h b/chrome/browser/automation/automation_provider.h index 61f0f0f..fb23506 100644 --- a/chrome/browser/automation/automation_provider.h +++ b/chrome/browser/automation/automation_provider.h @@ -548,7 +548,7 @@ class AutomationProvider : public base::RefCounted<AutomationProvider>, // Gets the security state for the tab associated to the specified |handle|. void GetSecurityState(int handle, bool* success, SecurityStyle* security_style, int* ssl_cert_status, - int* mixed_content_status); + int* insecure_content_status); // Gets the page type for the tab associated to the specified |handle|. void GetPageType(int handle, bool* success, diff --git a/chrome/browser/browser_prefs.cc b/chrome/browser/browser_prefs.cc index a6556c8..891d1f5 100644 --- a/chrome/browser/browser_prefs.cc +++ b/chrome/browser/browser_prefs.cc @@ -96,7 +96,6 @@ void RegisterUserPrefs(PrefService* user_prefs) { PasswordManager::RegisterUserPrefs(user_prefs); chrome_browser_net::RegisterUserPrefs(user_prefs); DownloadManager::RegisterUserPrefs(user_prefs); - SSLManager::RegisterUserPrefs(user_prefs); bookmark_utils::RegisterUserPrefs(user_prefs); TabContents::RegisterUserPrefs(user_prefs); TemplateURLPrepopulateData::RegisterUserPrefs(user_prefs); diff --git a/chrome/browser/cocoa/page_info_window_mac_unittest.mm b/chrome/browser/cocoa/page_info_window_mac_unittest.mm index 30becc4..ab9fdbe 100644 --- a/chrome/browser/cocoa/page_info_window_mac_unittest.mm +++ b/chrome/browser/cocoa/page_info_window_mac_unittest.mm @@ -172,7 +172,7 @@ TEST_F(PageInfoWindowMacTest, NoHistoryMixedSecurity) { ASCIIToUTF16("chrome.google.com"), IntToString16(1024)), l10n_util::GetStringUTF16( - IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_MIXED_CONTENT_WARNING))); + IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_INSECURE_CONTENT_WARNING))); bridge_->ModelChanged(); diff --git a/chrome/browser/external_tab_container.cc b/chrome/browser/external_tab_container.cc index c651892..e9edb11 100644 --- a/chrome/browser/external_tab_container.cc +++ b/chrome/browser/external_tab_container.cc @@ -750,8 +750,9 @@ bool ExternalTabContainer::InitNavigationInfo(IPC::NavigationInfo* nav_info, nav_info->title = UTF8ToWide(nav_info->url.spec()); nav_info->security_style = entry->ssl().security_style(); - nav_info->displayed_mixed_content = entry->ssl().displayed_mixed_content(); - nav_info->ran_mixed_content = entry->ssl().ran_mixed_content(); + nav_info->displayed_insecure_content = + entry->ssl().displayed_insecure_content(); + nav_info->ran_insecure_content = entry->ssl().ran_insecure_content(); return true; } diff --git a/chrome/browser/options_util.cc b/chrome/browser/options_util.cc index 99f6d1e..d1c7c964 100644 --- a/chrome/browser/options_util.cc +++ b/chrome/browser/options_util.cc @@ -48,7 +48,6 @@ void OptionsUtil::ResetToDefaults(Profile* profile) { prefs::kAutoFillEnabled, prefs::kHomePage, prefs::kHomePageIsNewTabPage, - prefs::kMixedContentFiltering, prefs::kPrivacyFilterRules, prefs::kPromptForDownload, prefs::kPasswordManagerEnabled, diff --git a/chrome/browser/page_info_model.cc b/chrome/browser/page_info_model.cc index 381008c..1a29e42 100644 --- a/chrome/browser/page_info_model.cc +++ b/chrome/browser/page_info_model.cc @@ -122,31 +122,27 @@ PageInfoModel::PageInfoModel(Profile* profile, description.clear(); if (ssl.security_bits() <= 0) { state = false; - description.assign( - l10n_util::GetStringFUTF16( - IDS_PAGE_INFO_SECURITY_TAB_NOT_ENCRYPTED_CONNECTION_TEXT, - subject_name)); + description.assign(l10n_util::GetStringFUTF16( + IDS_PAGE_INFO_SECURITY_TAB_NOT_ENCRYPTED_CONNECTION_TEXT, + subject_name)); } else if (ssl.security_bits() < 80) { state = false; - description.assign( - l10n_util::GetStringFUTF16( - IDS_PAGE_INFO_SECURITY_TAB_WEAK_ENCRYPTION_CONNECTION_TEXT, - subject_name)); + description.assign(l10n_util::GetStringFUTF16( + IDS_PAGE_INFO_SECURITY_TAB_WEAK_ENCRYPTION_CONNECTION_TEXT, + subject_name)); } else { - description.assign( - l10n_util::GetStringFUTF16( - IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_CONNECTION_TEXT, - subject_name, - IntToString16(ssl.security_bits()))); - if (ssl.displayed_mixed_content() || ssl.ran_mixed_content()) { + description.assign(l10n_util::GetStringFUTF16( + IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_CONNECTION_TEXT, + subject_name, + IntToString16(ssl.security_bits()))); + if (ssl.displayed_insecure_content() || ssl.ran_insecure_content()) { state = false; - description.assign( - l10n_util::GetStringFUTF16( - IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_SENTENCE_LINK, - description, - l10n_util::GetStringUTF16(ssl.ran_mixed_content() ? - IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_MIXED_CONTENT_ERROR : - IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_MIXED_CONTENT_WARNING))); + description.assign(l10n_util::GetStringFUTF16( + IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_SENTENCE_LINK, + description, + l10n_util::GetStringUTF16(ssl.ran_insecure_content() ? + IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_INSECURE_CONTENT_ERROR : + IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_INSECURE_CONTENT_WARNING))); } } sections_.push_back(SectionInfo( diff --git a/chrome/browser/ssl/ssl_browser_tests.cc b/chrome/browser/ssl/ssl_browser_tests.cc index c02fe01..60abe55 100644 --- a/chrome/browser/ssl/ssl_browser_tests.cc +++ b/chrome/browser/ssl/ssl_browser_tests.cc @@ -34,14 +34,15 @@ class SSLUITest : public InProcessBrowserTest { } void CheckAuthenticatedState(TabContents* tab, - bool displayed_mixed_content) { + bool displayed_insecure_content) { NavigationEntry* entry = tab->controller().GetActiveEntry(); ASSERT_TRUE(entry); EXPECT_EQ(NavigationEntry::NORMAL_PAGE, entry->page_type()); EXPECT_EQ(SECURITY_STYLE_AUTHENTICATED, entry->ssl().security_style()); EXPECT_EQ(0, entry->ssl().cert_status() & net::CERT_STATUS_ALL_ERRORS); - EXPECT_EQ(displayed_mixed_content, entry->ssl().displayed_mixed_content()); - EXPECT_FALSE(entry->ssl().ran_mixed_content()); + EXPECT_EQ(displayed_insecure_content, + entry->ssl().displayed_insecure_content()); + EXPECT_FALSE(entry->ssl().ran_insecure_content()); } void CheckUnauthenticatedState(TabContents* tab) { @@ -50,13 +51,13 @@ class SSLUITest : public InProcessBrowserTest { EXPECT_EQ(NavigationEntry::NORMAL_PAGE, entry->page_type()); EXPECT_EQ(SECURITY_STYLE_UNAUTHENTICATED, entry->ssl().security_style()); EXPECT_EQ(0, entry->ssl().cert_status() & net::CERT_STATUS_ALL_ERRORS); - EXPECT_FALSE(entry->ssl().displayed_mixed_content()); - EXPECT_FALSE(entry->ssl().ran_mixed_content()); + EXPECT_FALSE(entry->ssl().displayed_insecure_content()); + EXPECT_FALSE(entry->ssl().ran_insecure_content()); } void CheckAuthenticationBrokenState(TabContents* tab, int error, - bool ran_mixed_content, + bool ran_insecure_content, bool interstitial) { NavigationEntry* entry = tab->controller().GetActiveEntry(); ASSERT_TRUE(entry); @@ -69,8 +70,8 @@ class SSLUITest : public InProcessBrowserTest { // to SECURITY_STYLE_AUTHENTICATION_BROKEN. ASSERT_NE(net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION, error); EXPECT_EQ(error, entry->ssl().cert_status() & net::CERT_STATUS_ALL_ERRORS); - EXPECT_FALSE(entry->ssl().displayed_mixed_content()); - EXPECT_EQ(ran_mixed_content, entry->ssl().ran_mixed_content()); + EXPECT_FALSE(entry->ssl().displayed_insecure_content()); + EXPECT_EQ(ran_insecure_content, entry->ssl().ran_insecure_content()); } void CheckWorkerLoadResult(TabContents* tab, bool expectLoaded) { @@ -369,34 +370,34 @@ IN_PROC_BROWSER_TEST_F(SSLUITest, TestHTTPSErrorWithNoNavEntry) { } // -// Mixed contents +// Insecure content // -// Visits a page that displays mixed content. -IN_PROC_BROWSER_TEST_F(SSLUITest, TestDisplaysMixedContent) { +// Visits a page that displays insecure content. +IN_PROC_BROWSER_TEST_F(SSLUITest, TestDisplaysInsecureContent) { scoped_refptr<HTTPSTestServer> https_server = GoodCertServer(); ASSERT_TRUE(https_server.get() != NULL); scoped_refptr<HTTPTestServer> http_server = PlainServer(); ASSERT_TRUE(http_server.get() != NULL); - // Load a page that displays mixed content. + // Load a page that displays insecure content. ui_test_utils::NavigateToURL(browser(), https_server->TestServerPage( - "files/ssl/page_displays_mixed_content.html")); + "files/ssl/page_displays_insecure_content.html")); CheckAuthenticatedState(browser()->GetSelectedTabContents(), true); } -// Visits a page that runs mixed content and tries to suppress the mixed content -// warnings by randomizing location.hash. +// Visits a page that runs insecure content and tries to suppress the insecure +// content warnings by randomizing location.hash. // Based on http://crbug.com/8706 -IN_PROC_BROWSER_TEST_F(SSLUITest, TestRunsMixedContentRandomizeHash) { +IN_PROC_BROWSER_TEST_F(SSLUITest, TestRunsInsecuredContentRandomizeHash) { scoped_refptr<HTTPSTestServer> https_server = GoodCertServer(); ASSERT_TRUE(https_server.get() != NULL); scoped_refptr<HTTPTestServer> http_server = PlainServer(); ASSERT_TRUE(http_server.get() != NULL); - ui_test_utils::NavigateToURL(browser(), - https_server->TestServerPage("files/ssl/page_runs_mixed_content.html")); + ui_test_utils::NavigateToURL(browser(), https_server->TestServerPage( + "files/ssl/page_runs_insecure_content.html")); CheckAuthenticationBrokenState(browser()->GetSelectedTabContents(), 0, true, false); @@ -443,15 +444,16 @@ IN_PROC_BROWSER_TEST_F(SSLUITest, FLAKY_TestUnsafeContents) { EXPECT_FALSE(js_result); } -// Visits a page with mixed content loaded by JS (after the initial page load). -IN_PROC_BROWSER_TEST_F(SSLUITest, TestDisplaysMixedContentLoadedFromJS) { +// Visits a page with insecure content loaded by JS (after the initial page +// load). +IN_PROC_BROWSER_TEST_F(SSLUITest, TestDisplaysInsecureContentLoadedFromJS) { scoped_refptr<HTTPSTestServer> https_server = GoodCertServer(); ASSERT_TRUE(https_server.get() != NULL); scoped_refptr<HTTPTestServer> http_server = PlainServer(); ASSERT_TRUE(http_server.get() != NULL); ui_test_utils::NavigateToURL(browser(), https_server->TestServerPage( - "files/ssl/page_with_dynamic_mixed_contents.html")); + "files/ssl/page_with_dynamic_insecure_content.html")); TabContents* tab = browser()->GetSelectedTabContents(); CheckAuthenticatedState(tab, false); @@ -462,14 +464,14 @@ IN_PROC_BROWSER_TEST_F(SSLUITest, TestDisplaysMixedContentLoadedFromJS) { tab->render_view_host(), std::wstring(), L"loadBadImage();", &js_result)); EXPECT_TRUE(js_result); - // We should now have mixed-contents. + // We should now have insecure content. CheckAuthenticatedState(tab, true); } -// Visits two pages from the same origin: one that displays mixed content and -// one that doesn't. The test checks that we do not propagate the mixed content -// state from one to the other. -IN_PROC_BROWSER_TEST_F(SSLUITest, TestDisplaysMixedContentTwoTabs) { +// Visits two pages from the same origin: one that displays insecure content and +// one that doesn't. The test checks that we do not propagate the insecure +// content state from one to the other. +IN_PROC_BROWSER_TEST_F(SSLUITest, TestDisplaysInsecureContentTwoTabs) { scoped_refptr<HTTPSTestServer> https_server = GoodCertServer(); ASSERT_TRUE(https_server.get() != NULL); scoped_refptr<HTTPTestServer> http_server = PlainServer(); @@ -485,23 +487,23 @@ IN_PROC_BROWSER_TEST_F(SSLUITest, TestDisplaysMixedContentTwoTabs) { // Create a new tab. GURL url = https_server->TestServerPage( - "files/ssl/page_displays_mixed_content.html"); + "files/ssl/page_displays_insecure_content.html"); TabContents* tab2 = browser()->AddTabWithURL(url, GURL(), PageTransition::TYPED, 0, Browser::ADD_SELECTED, tab1->GetSiteInstance(), std::string()); ui_test_utils::WaitForNavigation(&(tab2->controller())); - // The new tab has mixed content. + // The new tab has insecure content. CheckAuthenticatedState(tab2, true); // The original tab should not be contaminated. CheckAuthenticatedState(tab1, false); } -// Visits two pages from the same origin: one that runs mixed content and one -// that doesn't. The test checks that we propagate the mixed content state from -// one to the other. -IN_PROC_BROWSER_TEST_F(SSLUITest, TestRunsMixedContentTwoTabs) { +// Visits two pages from the same origin: one that runs insecure content and one +// that doesn't. The test checks that we propagate the insecure content state +// from one to the other. +IN_PROC_BROWSER_TEST_F(SSLUITest, TestRunsInsecureContentTwoTabs) { scoped_refptr<HTTPSTestServer> https_server = GoodCertServer(); ASSERT_TRUE(https_server.get() != NULL); scoped_refptr<HTTPTestServer> http_server = PlainServer(); @@ -517,59 +519,59 @@ IN_PROC_BROWSER_TEST_F(SSLUITest, TestRunsMixedContentTwoTabs) { // Create a new tab. GURL url = - https_server->TestServerPage("files/ssl/page_runs_mixed_content.html"); + https_server->TestServerPage("files/ssl/page_runs_insecure_content.html"); TabContents* tab2 = browser()->AddTabWithURL(url, GURL(), PageTransition::TYPED, 0, Browser::ADD_SELECTED, tab1->GetSiteInstance(), std::string()); ui_test_utils::WaitForNavigation(&(tab2->controller())); - // The new tab has mixed content. + // The new tab has insecure content. CheckAuthenticationBrokenState(tab2, 0, true, false); // Which means the origin for the first tab has also been contaminated with - // mixed content. + // insecure content. CheckAuthenticationBrokenState(tab1, 0, true, false); } // Visits a page with an image over http. Visits another page over https // referencing that same image over http (hoping it is coming from the webcore // memory cache). -IN_PROC_BROWSER_TEST_F(SSLUITest, TestDisplaysCachedMixedContent) { +IN_PROC_BROWSER_TEST_F(SSLUITest, TestDisplaysCachedInsecureContent) { scoped_refptr<HTTPSTestServer> https_server = GoodCertServer(); ASSERT_TRUE(https_server.get() != NULL); scoped_refptr<HTTPTestServer> http_server = PlainServer(); ASSERT_TRUE(http_server.get() != NULL); ui_test_utils::NavigateToURL(browser(), http_server->TestServerPage( - "files/ssl/page_displays_mixed_content.html")); + "files/ssl/page_displays_insecure_content.html")); TabContents* tab = browser()->GetSelectedTabContents(); CheckUnauthenticatedState(tab); - // Load again but over SSL. It should be marked as displaying mixed content - // (even though the image comes from the WebCore memory cache). + // Load again but over SSL. It should be marked as displaying insecure + // content (even though the image comes from the WebCore memory cache). ui_test_utils::NavigateToURL(browser(), https_server->TestServerPage( - "files/ssl/page_displays_mixed_content.html")); + "files/ssl/page_displays_insecure_content.html")); CheckAuthenticatedState(tab, true); } // Visits a page with script over http. Visits another page over https // referencing that same script over http (hoping it is coming from the webcore // memory cache). -IN_PROC_BROWSER_TEST_F(SSLUITest, TestRunsCachedMixedContent) { +IN_PROC_BROWSER_TEST_F(SSLUITest, TestRunsCachedInsecureContent) { scoped_refptr<HTTPSTestServer> https_server = GoodCertServer(); ASSERT_TRUE(https_server.get() != NULL); scoped_refptr<HTTPTestServer> http_server = PlainServer(); ASSERT_TRUE(http_server.get() != NULL); ui_test_utils::NavigateToURL(browser(), - http_server->TestServerPage("files/ssl/page_runs_mixed_content.html")); + http_server->TestServerPage("files/ssl/page_runs_insecure_content.html")); TabContents* tab = browser()->GetSelectedTabContents(); CheckUnauthenticatedState(tab); - // Load again but over SSL. It should be marked as displaying mixed content - // (even though the image comes from the WebCore memory cache). - ui_test_utils::NavigateToURL(browser(), - https_server->TestServerPage("files/ssl/page_runs_mixed_content.html")); + // Load again but over SSL. It should be marked as displaying insecure + // content (even though the image comes from the WebCore memory cache). + ui_test_utils::NavigateToURL(browser(), https_server->TestServerPage( + "files/ssl/page_runs_insecure_content.html")); CheckAuthenticationBrokenState(tab, 0, true, false); } @@ -808,8 +810,8 @@ IN_PROC_BROWSER_TEST_F(SSLUITest, TestConnectToBadPort) { // - navigate to an OK HTTPS frame // - navigate to a bad HTTPS (expect unsafe content and filtered frame), then // back -// - navigate to HTTP (expect mixed content), then back -IN_PROC_BROWSER_TEST_F(SSLUITest, DISABLED_TestGoodFrameNavigation) { +// - navigate to HTTP (expect insecure content), then back +IN_PROC_BROWSER_TEST_F(SSLUITest, FLAKY_TestGoodFrameNavigation) { scoped_refptr<HTTPTestServer> http_server = PlainServer(); ASSERT_TRUE(http_server.get() != NULL); scoped_refptr<HTTPSTestServer> good_https_server = GoodCertServer(); @@ -869,7 +871,7 @@ IN_PROC_BROWSER_TEST_F(SSLUITest, DISABLED_TestGoodFrameNavigation) { EXPECT_TRUE(success); ui_test_utils::WaitForNavigation(&tab->controller()); - // Our state should be mixed-content. + // Our state should be insecure. CheckAuthenticatedState(tab, true); // Go back, our state should be unchanged. @@ -972,7 +974,7 @@ IN_PROC_BROWSER_TEST_F(SSLUITest, FLAKY_TestUnsafeContentsInWorkerFiltered) { ui_test_utils::NavigateToURL(browser(), good_https_server->TestServerPage( "files/ssl/page_with_unsafe_worker.html")); TabContents* tab = browser()->GetSelectedTabContents(); - // Expect Worker not to load mixed content. + // Expect Worker not to load insecure content. CheckWorkerLoadResult(tab, false); // The bad content is filtered, expect the state to be authenticated. CheckAuthenticatedState(tab, false); @@ -997,11 +999,11 @@ IN_PROC_BROWSER_TEST_F(SSLUITest, FLAKY_TestUnsafeContentsInWorker) { false); // No Interstitial // Navigate to safe page that has Worker loading unsafe content. - // Expect content to load but be marked as auth broken due to running mixed + // Expect content to load but be marked as auth broken due to running insecure // content. ui_test_utils::NavigateToURL(browser(), good_https_server->TestServerPage( "files/ssl/page_with_unsafe_worker.html")); - CheckWorkerLoadResult(tab, true); // Worker loads mixed content + CheckWorkerLoadResult(tab, true); // Worker loads insecure content CheckAuthenticationBrokenState(tab, 0, true, false); } @@ -1009,9 +1011,9 @@ IN_PROC_BROWSER_TEST_F(SSLUITest, FLAKY_TestUnsafeContentsInWorker) { // Visit a page over https that contains a frame with a redirect. -// XMLHttpRequest mixed in synchronous mode. +// XMLHttpRequest insecure content in synchronous mode. -// XMLHttpRequest mixed in asynchronous mode. +// XMLHttpRequest insecure content in asynchronous mode. // XMLHttpRequest over bad ssl in synchronous mode. diff --git a/chrome/browser/ssl/ssl_manager.cc b/chrome/browser/ssl/ssl_manager.cc index 99729b6..333d8b2 100644 --- a/chrome/browser/ssl/ssl_manager.cc +++ b/chrome/browser/ssl/ssl_manager.cc @@ -23,12 +23,6 @@ #include "net/base/cert_status_flags.h" // static -void SSLManager::RegisterUserPrefs(PrefService* prefs) { - prefs->RegisterIntegerPref(prefs::kMixedContentFiltering, - FilterPolicy::DONT_FILTER); -} - -// static void SSLManager::OnSSLCertificateError(ResourceDispatcherHost* rdh, URLRequest* request, int cert_error, @@ -256,11 +250,11 @@ void SSLManager::DidStartResourceResponse(ResourceRequestDetails* details) { } void SSLManager::DidReceiveResourceRedirect(ResourceRedirectDetails* details) { - // TODO(abarth): Make sure our redirect behavior is correct. If we ever see - // a non-HTTPS resource in the redirect chain, we want to - // trigger mixed content, even if the redirect chain goes back - // to HTTPS. This is because the network attacker can redirect - // the HTTP request to https://attacker.com/payload.js. + // TODO(abarth): Make sure our redirect behavior is correct. If we ever see a + // non-HTTPS resource in the redirect chain, we want to trigger + // insecure content, even if the redirect chain goes back to + // HTTPS. This is because the network attacker can redirect the + // HTTP request to https://attacker.com/payload.js. } void SSLManager::DidChangeSSLInternalState() { diff --git a/chrome/browser/ssl/ssl_manager.h b/chrome/browser/ssl/ssl_manager.h index 7d6c134..7ee110e 100644 --- a/chrome/browser/ssl/ssl_manager.h +++ b/chrome/browser/ssl/ssl_manager.h @@ -38,8 +38,6 @@ class URLRequest; class SSLManager : public NotificationObserver { public: - static void RegisterUserPrefs(PrefService* prefs); - // Entry point for SSLCertificateErrors. This function begins the process // of resolving a certificate error during an SSL connection. SSLManager // will adjust the security UI and either call |Cancel| or @@ -84,7 +82,7 @@ class SSLManager : public NotificationObserver { // are notified of this event. void DidCommitProvisionalLoad(const NotificationDetails& details); - // Mixed content entry point. + // Insecure content entry point. void DidRunInsecureContent(const std::string& security_origin); // Called to determine if there were any processed SSL errors from request. diff --git a/chrome/browser/ssl/ssl_policy.cc b/chrome/browser/ssl/ssl_policy.cc index 4405972..768422f 100644 --- a/chrome/browser/ssl/ssl_policy.cc +++ b/chrome/browser/ssl/ssl_policy.cc @@ -125,13 +125,13 @@ void SSLPolicy::OnRequestStarted(SSLRequestInfo* info) { if (info->resource_type() != ResourceType::MAIN_FRAME && info->resource_type() != ResourceType::SUB_FRAME) { - // The frame's origin now contains mixed content and therefore is broken. + // The frame's origin now contains insecure content. OriginRanInsecureContent(info->frame_origin(), info->child_id()); } if (info->resource_type() != ResourceType::MAIN_FRAME) { - // The main frame now contains a frame with mixed content. Therefore, we - // mark the main frame's origin as broken too. + // The main frame now contains a frame with insecure content. Therefore, + // we mark the main frame's origin as broken too. OriginRanInsecureContent(info->main_frame_origin(), info->child_id()); } } @@ -165,17 +165,17 @@ void SSLPolicy::UpdateEntry(NavigationEntry* entry, TabContents* tab_contents) { SiteInstance* site_instance = entry->site_instance(); // Note that |site_instance| can be NULL here because NavigationEntries don't // necessarily have site instances. Without a process, the entry can't - // possibly have mixed content. See bug http://crbug.com/12423. + // possibly have insecure content. See bug http://crbug.com/12423. if (site_instance && backend_->DidHostRunInsecureContent(entry->url().host(), site_instance->GetProcess()->id())) { entry->ssl().set_security_style(SECURITY_STYLE_AUTHENTICATION_BROKEN); - entry->ssl().set_ran_mixed_content(); + entry->ssl().set_ran_insecure_content(); return; } if (tab_contents->displayed_insecure_content()) - entry->ssl().set_displayed_mixed_content(); + entry->ssl().set_displayed_insecure_content(); } //////////////////////////////////////////////////////////////////////////////// diff --git a/chrome/browser/tab_contents/navigation_entry.h b/chrome/browser/tab_contents/navigation_entry.h index 833107c..1faee15 100644 --- a/chrome/browser/tab_contents/navigation_entry.h +++ b/chrome/browser/tab_contents/navigation_entry.h @@ -38,16 +38,16 @@ class NavigationEntry { // Flags used for the page security content status. enum ContentStatusFlags { // HTTP page, or HTTPS page with no insecure content. - NORMAL_CONTENT = 0, + NORMAL_CONTENT = 0, // HTTPS page containing "displayed" HTTP resources (e.g. images, CSS). - DISPLAYED_MIXED_CONTENT = 1 << 0, + DISPLAYED_INSECURE_CONTENT = 1 << 0, // HTTPS page containing "executed" HTTP resources (i.e. script). // Also currently used for HTTPS page containing broken-HTTPS resources; // this is wrong and should be fixed (see comments in // SSLPolicy::OnRequestStarted()). - RAN_MIXED_CONTENT = 1 << 1, + RAN_INSECURE_CONTENT = 1 << 1, }; SSLStatus(); @@ -88,18 +88,18 @@ class NavigationEntry { return security_bits_; } - void set_displayed_mixed_content() { - content_status_ |= DISPLAYED_MIXED_CONTENT; + void set_displayed_insecure_content() { + content_status_ |= DISPLAYED_INSECURE_CONTENT; } - bool displayed_mixed_content() const { - return (content_status_ & DISPLAYED_MIXED_CONTENT) != 0; + bool displayed_insecure_content() const { + return (content_status_ & DISPLAYED_INSECURE_CONTENT) != 0; } - void set_ran_mixed_content() { - content_status_ |= RAN_MIXED_CONTENT; + void set_ran_insecure_content() { + content_status_ |= RAN_INSECURE_CONTENT; } - bool ran_mixed_content() const { - return (content_status_ & RAN_MIXED_CONTENT) != 0; + bool ran_insecure_content() const { + return (content_status_ & RAN_INSECURE_CONTENT) != 0; } // Raw accessors for all the content status flags. This contains a diff --git a/chrome/browser/tab_contents/navigation_entry_unittest.cc b/chrome/browser/tab_contents/navigation_entry_unittest.cc index ef37b11..d742d3e 100644 --- a/chrome/browser/tab_contents/navigation_entry_unittest.cc +++ b/chrome/browser/tab_contents/navigation_entry_unittest.cc @@ -101,27 +101,27 @@ TEST_F(NavigationEntryTest, NavigationEntrySSLStatus) { EXPECT_EQ(0, entry1_.get()->ssl().cert_id()); EXPECT_EQ(0, entry1_.get()->ssl().cert_status()); EXPECT_EQ(-1, entry1_.get()->ssl().security_bits()); - EXPECT_FALSE(entry1_.get()->ssl().displayed_mixed_content()); - EXPECT_FALSE(entry1_.get()->ssl().ran_mixed_content()); + EXPECT_FALSE(entry1_.get()->ssl().displayed_insecure_content()); + EXPECT_FALSE(entry1_.get()->ssl().ran_insecure_content()); // Change from the defaults entry2_.get()->ssl().set_security_style(SECURITY_STYLE_AUTHENTICATED); entry2_.get()->ssl().set_cert_id(4); entry2_.get()->ssl().set_cert_status(1); entry2_.get()->ssl().set_security_bits(0); - entry2_.get()->ssl().set_displayed_mixed_content(); + entry2_.get()->ssl().set_displayed_insecure_content(); EXPECT_EQ(SECURITY_STYLE_AUTHENTICATED, entry2_.get()->ssl().security_style()); EXPECT_EQ(4, entry2_.get()->ssl().cert_id()); EXPECT_EQ(1, entry2_.get()->ssl().cert_status()); EXPECT_EQ(0, entry2_.get()->ssl().security_bits()); - EXPECT_TRUE(entry2_.get()->ssl().displayed_mixed_content()); + EXPECT_TRUE(entry2_.get()->ssl().displayed_insecure_content()); entry2_.get()->ssl().set_security_style(SECURITY_STYLE_AUTHENTICATION_BROKEN); - entry2_.get()->ssl().set_ran_mixed_content(); + entry2_.get()->ssl().set_ran_insecure_content(); EXPECT_EQ(SECURITY_STYLE_AUTHENTICATION_BROKEN, entry2_.get()->ssl().security_style()); - EXPECT_TRUE(entry2_.get()->ssl().ran_mixed_content()); + EXPECT_TRUE(entry2_.get()->ssl().ran_insecure_content()); } // Test other basic accessors diff --git a/chrome/browser/toolbar_model.cc b/chrome/browser/toolbar_model.cc index 61c121f..a591e5c 100644 --- a/chrome/browser/toolbar_model.cc +++ b/chrome/browser/toolbar_model.cc @@ -79,7 +79,7 @@ ToolbarModel::SecurityLevel ToolbarModel::GetSecurityLevel() const { return SECURITY_ERROR; case SECURITY_STYLE_AUTHENTICATED: - if (ssl.displayed_mixed_content()) + if (ssl.displayed_insecure_content()) return SECURITY_WARNING; if (net::IsCertStatusError(ssl.cert_status())) { DCHECK_EQ(ssl.cert_status() & net::CERT_STATUS_ALL_ERRORS, diff --git a/chrome/browser/toolbar_model.h b/chrome/browser/toolbar_model.h index a4959e6fd..5773e3c 100644 --- a/chrome/browser/toolbar_model.h +++ b/chrome/browser/toolbar_model.h @@ -26,7 +26,7 @@ class ToolbarModel { EV_SECURE, // HTTPS with valid EV cert SECURE, // HTTPS (non-EV) SECURITY_WARNING, // HTTPS, but unable to check certificate revocation - // status or with mixed content on the page + // status or with insecure content on the page SECURITY_ERROR, // Attempted HTTPS and failed, page not authenticated NUM_SECURITY_LEVELS, }; diff --git a/chrome/common/filter_policy.h b/chrome/common/filter_policy.h index 51ba1e4..7bf17d2 100644 --- a/chrome/common/filter_policy.h +++ b/chrome/common/filter_policy.h @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -7,10 +7,10 @@ #include "base/basictypes.h" -// When an insecure resource (mixed content or bad HTTPS) is loaded, the browser -// can decide to filter it. The filtering is done in the renderer. This class -// enumerates the different policy that can be used for the filtering. It is -// passed along with resource response messages. +// When an insecure resource (insecure content or bad HTTPS) is loaded, the +// browser can decide to filter it. The filtering is done in the renderer. +// This class enumerates the different policy that can be used for the +// filtering. It is passed along with resource response messages. // It can be used for content post-processing, like message replacement within // extension css files. class FilterPolicy { diff --git a/chrome/common/pref_names.cc b/chrome/common/pref_names.cc index b7dc105..9ac99fd 100644 --- a/chrome/common/pref_names.cc +++ b/chrome/common/pref_names.cc @@ -124,11 +124,6 @@ const wchar_t kSearchSuggestEnabled[] = L"search.suggest_enabled"; // 2 - block all cookies const wchar_t kCookieBehavior[] = L"security.cookie_behavior"; -// Boolean that is true if mixed content should be filtered. -// TODO(jcampan): http://b/1084034: at some point this will become an enum -// (int): don't filter, filter everything, filter images only. -const wchar_t kMixedContentFiltering[] = L"security.mixed_content_filtering"; - // The URL (as understood by TemplateURLRef) the default search provider uses // for searches. const wchar_t kDefaultSearchProviderSearchURL[] = diff --git a/chrome/common/pref_names.h b/chrome/common/pref_names.h index ce72ef7..360c9f4 100644 --- a/chrome/common/pref_names.h +++ b/chrome/common/pref_names.h @@ -49,7 +49,6 @@ extern const wchar_t kFormAutofillEnabled[]; // OBSOLETE extern const wchar_t kSafeBrowsingEnabled[]; extern const wchar_t kSearchSuggestEnabled[]; extern const wchar_t kCookieBehavior[]; // OBSOLETE -extern const wchar_t kMixedContentFiltering[]; extern const wchar_t kDefaultSearchProviderSearchURL[]; extern const wchar_t kDefaultSearchProviderSuggestURL[]; extern const wchar_t kDefaultSearchProviderName[]; diff --git a/chrome/common/render_messages.h b/chrome/common/render_messages.h index ca7659d..1b546e2 100644 --- a/chrome/common/render_messages.h +++ b/chrome/common/render_messages.h @@ -323,11 +323,11 @@ struct ViewHostMsg_Resource_Request { GURL referrer; // The origin of the frame that is associated with this request. This is used - // to update our mixed content state. + // to update our insecure content state. std::string frame_origin; // The origin of the main frame (top-level frame) that is associated with this - // request. This is used to update our mixed content state. + // request. This is used to update our insecure content state. std::string main_frame_origin; // Additional HTTP request headers. diff --git a/chrome/renderer/render_thread.cc b/chrome/renderer/render_thread.cc index 92b4b80..fad5130 100644 --- a/chrome/renderer/render_thread.cc +++ b/chrome/renderer/render_thread.cc @@ -796,7 +796,7 @@ void RenderThread::EnsureWebKitInitialized() { WebSecurityPolicy::registerURLSchemeAsLocal(chrome_ui_scheme); WebSecurityPolicy::registerURLSchemeAsNoAccess(chrome_ui_scheme); - // chrome-extension: resources shouldn't trigger mixed content warnings. + // chrome-extension: resources shouldn't trigger insecure content warnings. WebString extension_scheme(ASCIIToUTF16(chrome::kExtensionScheme)); WebSecurityPolicy::registerURLSchemeAsSecure(extension_scheme); diff --git a/chrome/test/automation/automation_messages.h b/chrome/test/automation/automation_messages.h index d2fff4b..307fab1 100644 --- a/chrome/test/automation/automation_messages.h +++ b/chrome/test/automation/automation_messages.h @@ -452,8 +452,8 @@ struct NavigationInfo { std::wstring title; GURL url; SecurityStyle security_style; - bool displayed_mixed_content; - bool ran_mixed_content; + bool displayed_insecure_content; + bool ran_insecure_content; }; // Traits for NavigationInfo structure to pack/unpack. @@ -467,8 +467,8 @@ struct ParamTraits<NavigationInfo> { WriteParam(m, p.title); WriteParam(m, p.url); WriteParam(m, p.security_style); - WriteParam(m, p.displayed_mixed_content); - WriteParam(m, p.ran_mixed_content); + WriteParam(m, p.displayed_insecure_content); + WriteParam(m, p.ran_insecure_content); } static bool Read(const Message* m, void** iter, param_type* p) { return ReadParam(m, iter, &p->navigation_type) && @@ -477,8 +477,8 @@ struct ParamTraits<NavigationInfo> { ReadParam(m, iter, &p->title) && ReadParam(m, iter, &p->url) && ReadParam(m, iter, &p->security_style) && - ReadParam(m, iter, &p->displayed_mixed_content) && - ReadParam(m, iter, &p->ran_mixed_content); + ReadParam(m, iter, &p->displayed_insecure_content) && + ReadParam(m, iter, &p->ran_insecure_content); } static void Log(const param_type& p, std::wstring* l) { l->append(L"("); @@ -494,9 +494,9 @@ struct ParamTraits<NavigationInfo> { l->append(L", "); LogParam(p.security_style, l); l->append(L", "); - LogParam(p.displayed_mixed_content, l); + LogParam(p.displayed_insecure_content, l); l->append(L", "); - LogParam(p.ran_mixed_content, l); + LogParam(p.ran_insecure_content, l); l->append(L")"); } }; diff --git a/chrome/test/automation/automation_messages_internal.h b/chrome/test/automation/automation_messages_internal.h index 77f9d56..ee725c8 100644 --- a/chrome/test/automation/automation_messages_internal.h +++ b/chrome/test/automation/automation_messages_internal.h @@ -596,7 +596,7 @@ IPC_BEGIN_MESSAGES(Automation) // - SecurityStyle: the security style of the tab. // - int: the status of the server's ssl cert (0 means no errors or no ssl // was used). - // - int: the mixed content state, 0 means no mixed/unsafe contents. + // - int: the insecure content state, 0 means no insecure contents. IPC_SYNC_MESSAGE_ROUTED1_4(AutomationMsg_GetSecurityState, int, diff --git a/chrome/test/automation/tab_proxy.cc b/chrome/test/automation/tab_proxy.cc index 0c2c27f..8e31e00 100644 --- a/chrome/test/automation/tab_proxy.cc +++ b/chrome/test/automation/tab_proxy.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Copyright (c) 2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -564,8 +564,8 @@ bool TabProxy::WaitForTabToBeRestored(uint32 timeout_ms) { bool TabProxy::GetSecurityState(SecurityStyle* security_style, int* ssl_cert_status, - int* mixed_content_state) { - DCHECK(security_style && ssl_cert_status && mixed_content_state); + int* insecure_content_status) { + DCHECK(security_style && ssl_cert_status && insecure_content_status); if (!is_valid()) return false; @@ -574,7 +574,7 @@ bool TabProxy::GetSecurityState(SecurityStyle* security_style, sender_->Send(new AutomationMsg_GetSecurityState( 0, handle_, &succeeded, security_style, ssl_cert_status, - mixed_content_state)); + insecure_content_status)); return succeeded; } diff --git a/chrome/test/automation/tab_proxy.h b/chrome/test/automation/tab_proxy.h index 3929213..fbe2573 100644 --- a/chrome/test/automation/tab_proxy.h +++ b/chrome/test/automation/tab_proxy.h @@ -1,4 +1,4 @@ -// Copyright (c) 2009 The Chromium Authors. All rights reserved. +// Copyright (c) 2010 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -306,7 +306,7 @@ class TabProxy : public AutomationResourceProxy, // Retrieves the different security states for the current tab. bool GetSecurityState(SecurityStyle* security_style, int* ssl_cert_status, - int* mixed_content_state) WARN_UNUSED_RESULT; + int* insecure_content_status) WARN_UNUSED_RESULT; // Returns the type of the page currently showing (normal, interstitial, // error). diff --git a/chrome/test/data/ssl/page_displays_mixed_content.html b/chrome/test/data/ssl/page_displays_insecure_content.html index 479fb3b..626261b 100644 --- a/chrome/test/data/ssl/page_displays_mixed_content.html +++ b/chrome/test/data/ssl/page_displays_insecure_content.html @@ -1,5 +1,5 @@ <html> -<head><title>Page that displays mixed content</title> +<head><title>Page that displays insecure content</title> <script> function ImageWidth() { return document.getElementById("bad_image").width; @@ -8,7 +8,7 @@ </head> <body> This page contains an image which is served over an http connection, -causing mixed contents (when this page is loaded over https).<br> +causing insecure content (when this page is loaded over https).<br> <img id="bad_image" src="http://localhost:1337/files/ssl/google_files/logo.gif"/> </body> diff --git a/chrome/test/data/ssl/page_runs_mixed_content.html b/chrome/test/data/ssl/page_runs_insecure_content.html index 9e8f18e..6893197 100644 --- a/chrome/test/data/ssl/page_runs_mixed_content.html +++ b/chrome/test/data/ssl/page_runs_insecure_content.html @@ -1,8 +1,8 @@ <html> -<head><title>Page that runs mixed content</title></head> +<head><title>Page that runs insecure content</title></head> <body> This page contains an script which is served over an http connection, -causing mixed contents (when this page is loaded over https).<br> +causing insecure content (when this page is loaded over https).<br> <script src="http://localhost:1337/files/ssl/randomize_hash.js"></script> </body> </html> diff --git a/chrome/test/data/ssl/page_with_dynamic_mixed_contents.html b/chrome/test/data/ssl/page_with_dynamic_insecure_content.html index 9ff73bb..110b073 100644 --- a/chrome/test/data/ssl/page_with_dynamic_mixed_contents.html +++ b/chrome/test/data/ssl/page_with_dynamic_insecure_content.html @@ -1,5 +1,5 @@ <html> -<head><title>Page with dynamic mixed contents</title> +<head><title>Page with dynamic insecure content</title> <script> function loadBadImage() { @@ -22,7 +22,7 @@ </head> <body> -This page has some java-script that loads some mixed contents. +This page has some java-script that loads some insecure content. <br><br> You can also press the button below to load the image. <br> |