1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CONTENT_BROWSER_SSL_SSL_POLICY_BACKEND_H_ 6 #define CONTENT_BROWSER_SSL_SSL_POLICY_BACKEND_H_ 7 8 #include <string> 9 #include <vector> 10 11 #include "base/basictypes.h" 12 #include "base/strings/string16.h" 13 #include "net/cert/cert_status_flags.h" 14 #include "net/cert/x509_certificate.h" 15 16 namespace content { 17 class NavigationControllerImpl; 18 class SSLHostState; 19 20 class SSLPolicyBackend { 21 public: 22 explicit SSLPolicyBackend(NavigationControllerImpl* controller); 23 24 // Records that a host has run insecure content. 25 void HostRanInsecureContent(const std::string& host, int pid); 26 27 // Returns whether the specified host ran insecure content. 28 bool DidHostRunInsecureContent(const std::string& host, int pid) const; 29 30 // Records that |cert| is not permitted to be used for |host| in the future, 31 // for a specific error type. 32 void DenyCertForHost(net::X509Certificate* cert, 33 const std::string& host, 34 net::CertStatus error); 35 36 // Records that |cert| is permitted to be used for |host| in the future, for 37 // a specific error type. 38 void AllowCertForHost(net::X509Certificate* cert, 39 const std::string& host, 40 net::CertStatus error); 41 42 // Queries whether |cert| is allowed or denied for |host|. 43 net::CertPolicy::Judgment QueryPolicy(net::X509Certificate* cert, 44 const std::string& host, 45 net::CertStatus error); 46 47 private: 48 // SSL state specific for each host. 49 SSLHostState* ssl_host_state_; 50 51 NavigationControllerImpl* controller_; 52 53 DISALLOW_COPY_AND_ASSIGN(SSLPolicyBackend); 54 }; 55 56 } // namespace content 57 58 #endif // CONTENT_BROWSER_SSL_SSL_POLICY_BACKEND_H_ 59
