Home | History | Annotate | Download | only in ssl
      1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef CHROME_BROWSER_SSL_SSL_POLICY_H_
      6 #define CHROME_BROWSER_SSL_SSL_POLICY_H_
      7 #pragma once
      8 
      9 #include <string>
     10 
     11 #include "chrome/browser/ssl/ssl_blocking_page.h"
     12 #include "webkit/glue/resource_type.h"
     13 
     14 class NavigationEntry;
     15 class SSLCertErrorHandler;
     16 class SSLPolicyBackend;
     17 class SSLRequestInfo;
     18 
     19 // SSLPolicy
     20 //
     21 // This class is responsible for making the security decisions that concern the
     22 // SSL trust indicators.  It relies on the SSLPolicyBackend to actually enact
     23 // the decisions it reaches.
     24 //
     25 class SSLPolicy : public SSLBlockingPage::Delegate {
     26  public:
     27   explicit SSLPolicy(SSLPolicyBackend* backend);
     28 
     29   // An error occurred with the certificate in an SSL connection.
     30   void OnCertError(SSLCertErrorHandler* handler);
     31 
     32   void DidRunInsecureContent(NavigationEntry* entry,
     33                              const std::string& security_origin);
     34 
     35   // We have started a resource request with the given info.
     36   void OnRequestStarted(SSLRequestInfo* info);
     37 
     38   // Update the SSL information in |entry| to match the current state.
     39   // |tab_contents| is the TabContents associated with this entry.
     40   void UpdateEntry(NavigationEntry* entry, TabContents* tab_contents);
     41 
     42   SSLPolicyBackend* backend() const { return backend_; }
     43 
     44   // SSLBlockingPage::Delegate methods.
     45   virtual SSLErrorInfo GetSSLErrorInfo(SSLCertErrorHandler* handler);
     46   virtual void OnDenyCertificate(SSLCertErrorHandler* handler);
     47   virtual void OnAllowCertificate(SSLCertErrorHandler* handler);
     48 
     49  private:
     50   // Helper method for derived classes handling certificate errors.
     51   // If the error can be overridden by the user, show a blocking page that
     52   // lets the user continue or cancel the request.
     53   // For fatal certificate errors, show a blocking page that only lets the
     54   // user cancel the request.
     55   void OnCertErrorInternal(SSLCertErrorHandler* handler,
     56                            SSLBlockingPage::ErrorLevel error_level);
     57 
     58   // If the security style of |entry| has not been initialized, then initialize
     59   // it with the default style for its URL.
     60   void InitializeEntryIfNeeded(NavigationEntry* entry);
     61 
     62   // Mark |origin| as having run insecure content in the process with ID |pid|.
     63   void OriginRanInsecureContent(const std::string& origin, int pid);
     64 
     65   // The backend we use to enact our decisions.
     66   SSLPolicyBackend* backend_;
     67 
     68   DISALLOW_COPY_AND_ASSIGN(SSLPolicy);
     69 };
     70 
     71 #endif  // CHROME_BROWSER_SSL_SSL_POLICY_H_
     72