// Copyright (c) 2012 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifndef CHROME_BROWSER_SSL_SSL_BLOCKING_PAGE_H_ #define CHROME_BROWSER_SSL_SSL_BLOCKING_PAGE_H_ #include #include #include "base/callback.h" #include "base/strings/string16.h" #include "base/task/cancelable_task_tracker.h" #include "base/time/time.h" #include "chrome/browser/history/history_service.h" #include "content/public/browser/interstitial_page_delegate.h" #include "net/ssl/ssl_info.h" #include "url/gurl.h" namespace base { class DictionaryValue; } namespace content { class InterstitialPage; class WebContents; } #if defined(ENABLE_EXTENSIONS) namespace extensions { class ExperienceSamplingEvent; } #endif class SSLErrorClassification; // This class is responsible for showing/hiding the interstitial page that is // shown when a certificate error happens. // It deletes itself when the interstitial page is closed. class SSLBlockingPage : public content::InterstitialPageDelegate { public: // These represent the commands sent from the interstitial JavaScript. They // are defined in chrome/browser/resources/ssl/ssl_errors_common.js. // DO NOT reorder or change these without also changing the JavaScript! enum SSLBlockingPageCommands { CMD_DONT_PROCEED = 0, CMD_PROCEED = 1, CMD_MORE = 2, CMD_RELOAD = 3, CMD_HELP = 4, CMD_CLOCK = 5 }; enum SSLBlockingPageOptionsMask { OVERRIDABLE = 1 << 0, STRICT_ENFORCEMENT = 1 << 1, EXPIRED_BUT_PREVIOUSLY_ALLOWED = 1 << 2 }; ~SSLBlockingPage() override; // Create an interstitial and show it. void Show(); // Creates an SSL blocking page. If the blocking page isn't shown, the caller // is responsible for cleaning up the blocking page, otherwise the // interstitial takes ownership when shown. |options_mask| must be a bitwise // mask of SSLBlockingPageOptionsMask values. SSLBlockingPage(content::WebContents* web_contents, int cert_error, const net::SSLInfo& ssl_info, const GURL& request_url, int options_mask, const base::Callback& callback); // A method that sets strings in the specified dictionary from the passed // vector so that they can be used to resource the ssl_roadblock.html/ // ssl_error.html files. // Note: there can be up to 5 strings in |extra_info|. static void SetExtraInfo(base::DictionaryValue* strings, const std::vector& extra_info); protected: // InterstitialPageDelegate implementation. std::string GetHTMLContents() override; void CommandReceived(const std::string& command) override; void OverrideEntry(content::NavigationEntry* entry) override; void OverrideRendererPrefs(content::RendererPreferences* prefs) override; void OnProceed() override; void OnDontProceed() override; private: void NotifyDenyCertificate(); void NotifyAllowCertificate(); // Used to query the HistoryService to see if the URL is in history. For UMA. void OnGotHistoryCount(bool success, int num_visits, base::Time first_visit); base::Callback callback_; content::WebContents* web_contents_; const int cert_error_; const net::SSLInfo ssl_info_; const GURL request_url_; // Could the user successfully override the error? // overridable_ will be set to false if strict_enforcement_ is true. const bool overridable_; // Has the site requested strict enforcement of certificate errors? const bool strict_enforcement_; content::InterstitialPage* interstitial_page_; // Owns us. // Is the hostname for an internal network? bool internal_; // How many times is this same URL in history? int num_visits_; // Used for getting num_visits_. base::CancelableTaskTracker request_tracker_; // Did the user previously allow a bad certificate but the decision has now // expired? const bool expired_but_previously_allowed_; scoped_ptr ssl_error_classification_; #if defined(ENABLE_EXTENSIONS) // For Chrome Experience Sampling Platform: this maintains event state. scoped_ptr sampling_event_; #endif content::NotificationRegistrar registrar_; DISALLOW_COPY_AND_ASSIGN(SSLBlockingPage); }; #endif // CHROME_BROWSER_SSL_SSL_BLOCKING_PAGE_H_