1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CHROME_BROWSER_UI_WEBSITE_SETTINGS_WEBSITE_SETTINGS_H_ 6 #define CHROME_BROWSER_UI_WEBSITE_SETTINGS_WEBSITE_SETTINGS_H_ 7 8 #include "base/memory/scoped_ptr.h" 9 #include "base/strings/string16.h" 10 #include "base/task/cancelable_task_tracker.h" 11 #include "base/time/time.h" 12 #include "chrome/browser/content_settings/tab_specific_content_settings.h" 13 #include "chrome/browser/history/history_service.h" 14 #include "components/content_settings/core/common/content_settings.h" 15 #include "components/content_settings/core/common/content_settings_types.h" 16 #include "content/public/common/signed_certificate_timestamp_id_and_status.h" 17 #include "ui/gfx/native_widget_types.h" 18 #include "url/gurl.h" 19 20 namespace content { 21 class CertStore; 22 struct SSLStatus; 23 } 24 25 class ChromeSSLHostStateDelegate; 26 class InfoBarService; 27 class HostContentSettingsMap; 28 class Profile; 29 class WebsiteSettingsUI; 30 31 // The |WebsiteSettings| provides information about a website's permissions, 32 // connection state and its identity. It owns a UI that displays the 33 // information and allows users to change the permissions. |WebsiteSettings| 34 // objects must be created on the heap. They destroy themselves after the UI is 35 // closed. 36 class WebsiteSettings : public TabSpecificContentSettings::SiteDataObserver { 37 public: 38 // Status of a connection to a website. 39 enum SiteConnectionStatus { 40 SITE_CONNECTION_STATUS_UNKNOWN = 0, // No status available. 41 SITE_CONNECTION_STATUS_ENCRYPTED, // Connection is encrypted. 42 SITE_CONNECTION_STATUS_MIXED_CONTENT, // Site has unencrypted content. 43 SITE_CONNECTION_STATUS_UNENCRYPTED, // Connection is not encrypted. 44 SITE_CONNECTION_STATUS_ENCRYPTED_ERROR, // Connection error occured. 45 SITE_CONNECTION_STATUS_INTERNAL_PAGE, // Internal site. 46 }; 47 48 // Validation status of a website's identity. 49 enum SiteIdentityStatus { 50 // No status about the website's identity available. 51 SITE_IDENTITY_STATUS_UNKNOWN = 0, 52 // The website provided a valid certificate. 53 SITE_IDENTITY_STATUS_CERT, 54 // The website provided a valid EV certificate. 55 SITE_IDENTITY_STATUS_EV_CERT, 56 // The website provided a valid certificate but no revocation check could be 57 // performed. 58 SITE_IDENTITY_STATUS_CERT_REVOCATION_UNKNOWN, 59 // Site identity could not be verified because the site did not provide a 60 // certificate. This is the expected state for HTTP connections. 61 SITE_IDENTITY_STATUS_NO_CERT, 62 // An error occured while verifying the site identity. 63 SITE_IDENTITY_STATUS_ERROR, 64 // The site is a trusted internal chrome page. 65 SITE_IDENTITY_STATUS_INTERNAL_PAGE, 66 // The profile has accessed data using an administrator-provided 67 // certificate, so the site might be able to intercept data. 68 SITE_IDENTITY_STATUS_ADMIN_PROVIDED_CERT, 69 // The website provided a valid certificate, but the certificate or chain 70 // is using a deprecated signature algorithm. 71 SITE_IDENTITY_STATUS_DEPRECATED_SIGNATURE_ALGORITHM, 72 }; 73 74 // Creates a WebsiteSettings for the passed |url| using the given |ssl| status 75 // object to determine the status of the site's connection. The 76 // |WebsiteSettings| takes ownership of the |ui|. 77 WebsiteSettings(WebsiteSettingsUI* ui, 78 Profile* profile, 79 TabSpecificContentSettings* tab_specific_content_settings, 80 InfoBarService* infobar_service, 81 const GURL& url, 82 const content::SSLStatus& ssl, 83 content::CertStore* cert_store); 84 virtual ~WebsiteSettings(); 85 86 // This method is called when ever a permission setting is changed. 87 void OnSitePermissionChanged(ContentSettingsType type, 88 ContentSetting value); 89 90 // Callback used for requests to fetch the number of page visits from history 91 // service and the time of the first visit. 92 void OnGotVisitCountToHost(bool found_visits, 93 int visit_count, 94 base::Time first_visit); 95 96 // This method is called by the UI when the UI is closing. 97 void OnUIClosing(); 98 99 // This method is called when the revoke SSL error bypass button is pressed. 100 void OnRevokeSSLErrorBypassButtonPressed(); 101 102 // Accessors. 103 SiteConnectionStatus site_connection_status() const { 104 return site_connection_status_; 105 } 106 107 const GURL& site_url() const { return site_url_; } 108 109 SiteIdentityStatus site_identity_status() const { 110 return site_identity_status_; 111 } 112 113 base::string16 site_connection_details() const { 114 return site_connection_details_; 115 } 116 117 base::string16 site_identity_details() const { 118 return site_identity_details_; 119 } 120 121 base::string16 organization_name() const { 122 return organization_name_; 123 } 124 125 // SiteDataObserver implementation. 126 virtual void OnSiteDataAccessed() OVERRIDE; 127 128 private: 129 // Initializes the |WebsiteSettings|. 130 void Init(Profile* profile, 131 const GURL& url, 132 const content::SSLStatus& ssl); 133 134 // Sets (presents) the information about the site's permissions in the |ui_|. 135 void PresentSitePermissions(); 136 137 // Sets (presents) the information about the site's data in the |ui_|. 138 void PresentSiteData(); 139 140 // Sets (presents) the information about the site's identity and connection 141 // in the |ui_|. 142 void PresentSiteIdentity(); 143 144 // Sets (presents) history information about the site in the |ui_|. Passing 145 // base::Time() as value for |first_visit| will clear the history information 146 // in the UI. 147 void PresentHistoryInfo(base::Time first_visit); 148 149 // The website settings UI displays information and controls for site 150 // specific data (local stored objects like cookies), site specific 151 // permissions (location, popup, plugin, etc. permissions) and site specific 152 // information (identity, connection status, etc.). 153 WebsiteSettingsUI* ui_; 154 155 // The infobar service of the active tab. 156 InfoBarService* infobar_service_; 157 158 // The flag that controls whether an infobar is displayed after the website 159 // settings UI is closed or not. 160 bool show_info_bar_; 161 162 // The Omnibox URL of the website for which to display site permissions and 163 // site information. 164 GURL site_url_; 165 166 // Status of the website's identity verification check. 167 SiteIdentityStatus site_identity_status_; 168 169 // For secure connection |cert_id_| is set to the ID of the server 170 // certificate. For non secure connections |cert_id_| is 0. 171 int cert_id_; 172 // For secure connection, |signed_certificate_timestamp_ids_| is the list of 173 // all Signed Certificate Timestamps and their validation status. 174 // Empty if no SCTs accompanied the certificate 175 content::SignedCertificateTimestampIDStatusList 176 signed_certificate_timestamp_ids_; 177 178 // Status of the connection to the website. 179 SiteConnectionStatus site_connection_status_; 180 181 // TODO(markusheintz): Move the creation of all the base::string16 typed UI 182 // strings below to the corresponding UI code, in order to prevent 183 // unnecessary UTF-8 string conversions. 184 185 // Details about the website's identity. If the website's identity has been 186 // verified then |site_identity_details_| contains who verified the identity. 187 // This string will be displayed in the UI. 188 base::string16 site_identity_details_; 189 190 // Set when the user has explicitly bypassed an SSL error for this host or 191 // explicitly denied it (the latter of which is not currently possible in the 192 // Chrome UI) and has a flag set to remember ssl decisions (explicit flag or 193 // in the experimental group). When |show_ssl_decision_revoke_button| is 194 // true, the connection area of the page info will include an option for the 195 // user to revoke their decision to bypass the SSL error for this host. 196 bool show_ssl_decision_revoke_button_; 197 198 // Details about the connection to the website. In case of an encrypted 199 // connection |site_connection_details_| contains encryption details, like 200 // encryption strength and ssl protocol version. This string will be 201 // displayed in the UI. 202 base::string16 site_connection_details_; 203 204 // For websites that provided an EV certificate |orgainization_name_| 205 // contains the organization name of the certificate. In all other cases 206 // |organization_name| is an empty string. This string will be displayed in 207 // the UI. 208 base::string16 organization_name_; 209 210 // The |CertStore| provides all X509Certificates. 211 content::CertStore* cert_store_; 212 213 // The |HostContentSettingsMap| is the service that provides and manages 214 // content settings (aka. site permissions). 215 HostContentSettingsMap* content_settings_; 216 217 // Used to request the number of page visits. 218 base::CancelableTaskTracker visit_count_task_tracker_; 219 220 // Service for managing SSL error page bypasses. Used to revoke bypass 221 // decisions by users. 222 ChromeSSLHostStateDelegate* chrome_ssl_host_state_delegate_; 223 224 bool did_revoke_user_ssl_decisions_; 225 226 DISALLOW_COPY_AND_ASSIGN(WebsiteSettings); 227 }; 228 229 #endif // CHROME_BROWSER_UI_WEBSITE_SETTINGS_WEBSITE_SETTINGS_H_ 230
