diff options
| -rw-r--r-- | chrome/browser/ssl_policy.cc | 19 |
1 files changed, 5 insertions, 14 deletions
diff --git a/chrome/browser/ssl_policy.cc b/chrome/browser/ssl_policy.cc index dbcfb75..d75b895 100644 --- a/chrome/browser/ssl_policy.cc +++ b/chrome/browser/ssl_policy.cc @@ -284,20 +284,11 @@ class DefaultPolicy : public SSLPolicy { // page is shown to the user every time he comes back to the page. case net::X509Certificate::Policy::UNKNOWN: if (error->resource_type() != ResourceType::MAIN_FRAME) { - if (main_frame_url.SchemeIsSecure() && - !error->manager()->CanShowInsecureContent(main_frame_url)) { - error->manager()->ShowMessageWithLink( - l10n_util::GetString(IDS_SSL_INFO_BAR_FILTERED_CONTENT), - l10n_util::GetString(IDS_SSL_INFO_BAR_SHOW_CONTENT), - new ShowUnsafeContentTask(main_frame_url, error)); - error->DenyRequest(); - } else { - // TODO(jcampan): if we get a bad HTTPS resource from a secure - // frame in an insecure page, it might compromise any other page - // from the secure frame domain, we should change their style to - // insecure, or just filter the resource and show an info-bar. - error->ContinueRequest(); - } + // A sub-resource has a certificate error. The user doesn't really + // have a context for making the right decision, so block the + // request hard, without an info bar to allow showing the insecure + // content. + error->DenyRequest(); break; } // We don't know how to handle this error. Ask our sub-policies. |