1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
|
// Copyright 2015 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CHROME_BROWSER_SSL_CONNECTION_SECURITY_H_
#define CHROME_BROWSER_SSL_CONNECTION_SECURITY_H_
#include "base/macros.h"
#include "content/public/common/security_style.h"
#include "net/cert/cert_status_flags.h"
namespace content {
class WebContents;
} // namespace content
// This namespace contains functions responsible for computing the
// connection security status of a page.
namespace connection_security {
// TODO(wtc): unify this enum with SecurityStyle. We
// don't need two sets of security UI levels. SECURITY_STYLE_AUTHENTICATED
// needs to be refined into three levels: warning, standard, and EV.
// See crbug.com/425728
//
// If you reorder, add, or delete values from this enum, you must also
// update the UI icons in ToolbarModelImpl::GetIconForSecurityLevel.
//
// A Java counterpart will be generated for this enum.
// GENERATED_JAVA_ENUM_PACKAGE: org.chromium.chrome.browser.ssl
// GENERATED_JAVA_CLASS_NAME_OVERRIDE: ConnectionSecurityLevel
enum SecurityLevel {
// HTTP/no URL
NONE,
// HTTPS with valid EV cert
EV_SECURE,
// HTTPS (non-EV)
SECURE,
// HTTPS, but unable to check certificate revocation status or with insecure
// content on the page
SECURITY_WARNING,
// HTTPS, but the certificate verification chain is anchored on a
// certificate that was installed by the system administrator
SECURITY_POLICY_WARNING,
// Attempted HTTPS and failed, page not authenticated
SECURITY_ERROR,
};
// Describes how the SHA1 deprecation policy applies to an HTTPS
// connection.
enum SHA1DeprecationStatus {
// No SHA1 deprecation policy applies.
NO_DEPRECATED_SHA1,
// The connection used a certificate with a SHA1 signature in the
// chain, and policy says that the connection should be treated as
// broken HTTPS.
DEPRECATED_SHA1_BROKEN,
// The connection used a certificate with a SHA1 signature in the
// chain, and policy says that the connection should be treated with a
// warning.
DEPRECATED_SHA1_WARNING,
};
// Describes the type of mixed content (if any) that a site
// displayed/ran.
enum MixedContentStatus {
NO_MIXED_CONTENT,
// The site displayed nonsecure resources (passive mixed content).
DISPLAYED_MIXED_CONTENT,
// The site ran nonsecure resources (active mixed content).
RAN_MIXED_CONTENT,
};
// Contains information about a page's security status, including a
// SecurityStyle and the information that was used to decide which
// SecurityStyle to assign.
struct SecurityInfo {
content::SecurityStyle security_style;
SHA1DeprecationStatus sha1_deprecation_status;
MixedContentStatus mixed_content_status;
net::CertStatus cert_status;
};
// Returns a security level describing the overall security state of
// the given |WebContents|.
SecurityLevel GetSecurityLevelForWebContents(
const content::WebContents* web_contents);
// Populates |security_info| with information describing the given
// |web_contents|, including a content::SecurityStyle value and security
// properties that caused that value to be chosen.
//
// Note: This is a lossy operation. Not all of the policies
// that can be expressed by a SecurityLevel (a //chrome concept) can
// be expressed by a content::SecurityStyle.
// In general, code in //chrome should prefer to use
// GetSecurityLevelForWebContents() to determine security policy, and
// only use this function when policy needs to be supplied back to
// layers in //content.
void GetSecurityInfoForWebContents(const content::WebContents* web_contents,
SecurityInfo* security_info);
} // namespace connection_security
#endif // CHROME_BROWSER_SSL_CONNECTION_SECURITY_H_
|
