1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
|
// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CONTENT_PUBLIC_BROWSER_SSL_STATUS_H_
#define CONTENT_PUBLIC_BROWSER_SSL_STATUS_H_
#include <stdint.h>
#include <memory>
#include <vector>
#include "content/common/content_export.h"
#include "net/cert/cert_status_flags.h"
#include "net/cert/ct_policy_status.h"
#include "net/cert/sct_status_flags.h"
#include "net/cert/x509_certificate.h"
namespace net {
class SSLInfo;
}
namespace content {
// Collects the SSL information for this NavigationEntry.
struct CONTENT_EXPORT SSLStatus {
// SSLStatus consumers can attach instances of derived UserData classes to an
// SSLStatus. This allows an embedder to attach data to the NavigationEntry
// without SSLStatus having to know about it. Derived UserData classes have to
// be cloneable since NavigationEntrys are cloned during navigations.
class UserData {
public:
UserData() {}
virtual ~UserData() = default;
virtual std::unique_ptr<UserData> Clone() = 0;
private:
DISALLOW_COPY_AND_ASSIGN(UserData);
};
// Flags used for the page security content status.
enum ContentStatusFlags {
// HTTP page, or HTTPS page with no insecure content.
NORMAL_CONTENT = 0,
// HTTPS page containing "displayed" HTTP resources (e.g. images, CSS).
DISPLAYED_INSECURE_CONTENT = 1 << 0,
// HTTPS page containing "executed" HTTP resources (i.e. script).
RAN_INSECURE_CONTENT = 1 << 1,
// HTTPS page containing "displayed" HTTPS resources (e.g. images,
// CSS) loaded with certificate errors.
DISPLAYED_CONTENT_WITH_CERT_ERRORS = 1 << 2,
// HTTPS page containing "executed" HTTPS resources (i.e. script)
// loaded with certificate errors.
RAN_CONTENT_WITH_CERT_ERRORS = 1 << 3,
// HTTPS page containing a form targeting an insecure action url.
DISPLAYED_FORM_WITH_INSECURE_ACTION = 1 << 6,
};
SSLStatus();
explicit SSLStatus(const net::SSLInfo& ssl_info);
SSLStatus(const SSLStatus& other);
SSLStatus& operator=(SSLStatus other);
~SSLStatus();
bool initialized;
scoped_refptr<net::X509Certificate> certificate;
net::CertStatus cert_status;
// The hashes of the SubjectPublicKeyInfos from each certificate in
// |certificate|. This field is not necessarily populated, e.g. for responses
// served from disk cache.
net::HashValueVector public_key_hashes;
uint16_t key_exchange_group;
uint16_t peer_signature_algorithm;
int connection_status;
// A combination of the ContentStatusFlags above. Flags are cleared when a
// navigation commits.
int content_status;
// True if PKP was bypassed due to a local trust anchor.
bool pkp_bypassed;
// Whether the page's main resource complied with the Certificate Transparency
// policy.
net::ct::CTPolicyCompliance ct_policy_compliance;
// Embedder-specific data attached to the SSLStatus is cloned when an
// |SSLStatus| is assigned or copy-constructed, and is cleared when a
// navigation commits.
std::unique_ptr<UserData> user_data;
// If you add new fields here, be sure to add them in the copy constructor and
// copy assignment operator definitions in ssl_status.cc.
};
} // namespace content
#endif // CONTENT_PUBLIC_BROWSER_SSL_STATUS_H_
|
