diff options
Diffstat (limited to 'chrome')
| -rw-r--r-- | chrome/browser/ssl_policy.cc | 41 | 
1 files changed, 20 insertions, 21 deletions
| diff --git a/chrome/browser/ssl_policy.cc b/chrome/browser/ssl_policy.cc index beb2978..dbcfb75 100644 --- a/chrome/browser/ssl_policy.cc +++ b/chrome/browser/ssl_policy.cc @@ -160,7 +160,7 @@ class AuthorityInvalidPolicy : public SSLPolicy {  class ContainsErrorsPolicy : public SSLPolicy {   public:    static SSLPolicy* GetInstance() { -    return Singleton<ContainsErrorsPolicy>::get();; +    return Singleton<ContainsErrorsPolicy>::get();    }    void OnCertError(const GURL& main_frame_url, @@ -217,7 +217,7 @@ class RevokedPolicy : public SSLPolicy {  class InvalidPolicy : public SSLPolicy {   public:    static SSLPolicy* GetInstance() { -    return Singleton<InvalidPolicy>::get();; +    return Singleton<InvalidPolicy>::get();    }    void OnCertError(const GURL& main_frame_url, @@ -261,24 +261,6 @@ class DefaultPolicy : public SSLPolicy {        return;      } -    if (error->resource_type() != ResourceType::MAIN_FRAME) { -      if (main_frame_url.SchemeIsSecure() && -          !error->manager()->CanShowInsecureContent(main_frame_url)) { -        error->manager()->ShowMessageWithLink( -            l10n_util::GetString(IDS_SSL_INFO_BAR_FILTERED_CONTENT), -            l10n_util::GetString(IDS_SSL_INFO_BAR_SHOW_CONTENT), -            new ShowUnsafeContentTask(main_frame_url, error)); -        error->DenyRequest(); -      } else { -        // TODO (jcampan): if we get a bad HTTPS resource from a secure frame in -        // an insecure page, it might compromise any other page from the secure -        // frame domain, we should change their style to insecure, or just -        // filter the resource and show an info-bar. -        error->ContinueRequest(); -      } -      return; -    } -      // First we check if we know the policy for this error.      net::X509Certificate::Policy::Judgment judgment =          error->manager()->QueryPolicy(error->ssl_info().cert, @@ -301,6 +283,23 @@ class DefaultPolicy : public SSLPolicy {          // For now we handle the DENIED as the UNKNOWN, which means a blocking          // page is shown to the user every time he comes back to the page.        case net::X509Certificate::Policy::UNKNOWN: +        if (error->resource_type() != ResourceType::MAIN_FRAME) { +          if (main_frame_url.SchemeIsSecure() && +              !error->manager()->CanShowInsecureContent(main_frame_url)) { +            error->manager()->ShowMessageWithLink( +                l10n_util::GetString(IDS_SSL_INFO_BAR_FILTERED_CONTENT), +                l10n_util::GetString(IDS_SSL_INFO_BAR_SHOW_CONTENT), +                new ShowUnsafeContentTask(main_frame_url, error)); +            error->DenyRequest(); +          } else { +            // TODO(jcampan): if we get a bad HTTPS resource from a secure +            // frame in an insecure page, it might compromise any other page +            // from the secure frame domain, we should change their style to +            // insecure, or just filter the resource and show an info-bar. +            error->ContinueRequest(); +          } +          break; +        }          // We don't know how to handle this error.  Ask our sub-policies.          sub_policies_[index]->OnCertError(main_frame_url, error);          break; @@ -364,7 +363,7 @@ class DefaultPolicy : public SSLPolicy {    SSLPolicy* sub_policies_[net::ERR_CERT_BEGIN - net::ERR_CERT_END];  }; -} // namespace +}  // namespace  SSLPolicy* SSLPolicy::GetDefaultPolicy() {    // Lazily initialize our default policy instance. | 
