diff options
| author | wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-03-29 18:02:36 +0000 |
|---|---|---|
| committer | wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-03-29 18:02:36 +0000 |
| commit | d7f166387b66955c2e5b967a3cc7467fad072e73 (patch) | |
| tree | 7a5c47a5e65f90afb2eca5bbb4c0d6c08f5dc625 /net/http/url_security_manager.h | |
| parent | 5452d7e80ce2df298e15e6a5e17effcb26a51bf2 (diff) | |
| download | chromium_src-d7f166387b66955c2e5b967a3cc7467fad072e73.zip chromium_src-d7f166387b66955c2e5b967a3cc7467fad072e73.tar.gz chromium_src-d7f166387b66955c2e5b967a3cc7467fad072e73.tar.bz2 | |
On Windows, use IInternetSecurityManager to determine if it's OK
to send the default credentials to a server, without prompting the
user for permission, for HTTP NTLM or Negotiate authentication.
It is always OK to send the default credentials to a proxy without
prompting the user.
Rename the AllowDefaultCredentials method of HttpAuthHandler to
SupportsDefaultCredentials and redefine it to simply return if
the authentication scheme supports the use of default credentials,
as opposed to whether we may use the default credentials for a
particular server or proxy.
This CL contains the changes by cbentzel in
http://codereview.chromium.org/1082001.
R=cbentzel,cpu,stoyan
BUG=29596
TEST=none
Review URL: http://codereview.chromium.org/1343003
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@42960 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/http/url_security_manager.h')
| -rw-r--r-- | net/http/url_security_manager.h | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/net/http/url_security_manager.h b/net/http/url_security_manager.h new file mode 100644 index 0000000..7309fef --- /dev/null +++ b/net/http/url_security_manager.h @@ -0,0 +1,34 @@ +// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef NET_HTTP_URL_SECURITY_MANAGER_H_ +#define NET_HTTP_URL_SECURITY_MANAGER_H_ + +class GURL; + +namespace net { + +// The URL security manager controls the policies (allow, deny, prompt user) +// regarding URL actions (e.g., sending the default credentials to a server). +// +// On Windows, we honor the WinINet/IE settings and group policy related to +// URL Security Zones. See the Microsoft Knowledge Base article 182569 +// "Internet Explorer security zones registry entries for advanced users" +// (http://support.microsoft.com/kb/182569) for more info on these registry +// keys. +class URLSecurityManager { + public: + virtual ~URLSecurityManager() {} + + // Creates a platform-dependent instance of URLSecurityManager. + static URLSecurityManager* Create(); + + // Returns true if we can send the default credentials to the server at + // |auth_origin| for HTTP NTLM or Negotiate authentication. + virtual bool CanUseDefaultCredentials(const GURL& auth_origin) const = 0; +}; + +} // namespace net + +#endif // NET_HTTP_URL_SECURITY_MANAGER_H_ |