blob: cc96c0ff36516126e8b87b57b6d9248105f00911 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
|
// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CONTENT_PUBLIC_BROWSER_SSL_STATUS_H_
#define CONTENT_PUBLIC_BROWSER_SSL_STATUS_H_
#include <stdint.h>
#include <vector>
#include "content/common/content_export.h"
#include "net/cert/cert_status_flags.h"
#include "net/cert/sct_status_flags.h"
#include "net/cert/x509_certificate.h"
namespace net {
class SSLInfo;
}
namespace content {
// Collects the SSL information for this NavigationEntry.
struct CONTENT_EXPORT SSLStatus {
// Flags used for the page security content status.
enum ContentStatusFlags {
// HTTP page, or HTTPS page with no insecure content.
NORMAL_CONTENT = 0,
// HTTPS page containing "displayed" HTTP resources (e.g. images, CSS).
DISPLAYED_INSECURE_CONTENT = 1 << 0,
// HTTPS page containing "executed" HTTP resources (i.e. script).
RAN_INSECURE_CONTENT = 1 << 1,
// HTTPS page containing "displayed" HTTPS resources (e.g. images,
// CSS) loaded with certificate errors.
DISPLAYED_CONTENT_WITH_CERT_ERRORS = 1 << 2,
// HTTPS page containing "executed" HTTPS resources (i.e. script)
// loaded with certificate errors.
RAN_CONTENT_WITH_CERT_ERRORS = 1 << 3,
// HTTP page containing a password input. Embedders may use this to
// adjust UI on nonsecure pages that collect sensitive data.
DISPLAYED_PASSWORD_FIELD_ON_HTTP = 1 << 4,
// HTTP page containing a credit card input. Embedders may use this to
// adjust UI on nonsecure pages that collect sensitive data.
DISPLAYED_CREDIT_CARD_FIELD_ON_HTTP = 1 << 5,
// HTTPS page containing a form targeting an insecure action url.
DISPLAYED_FORM_WITH_INSECURE_ACTION = 1 << 6,
};
SSLStatus();
SSLStatus(const net::SSLInfo& ssl_info);
SSLStatus(const SSLStatus& other);
~SSLStatus();
bool Equals(const SSLStatus& status) const {
return initialized == status.initialized &&
!!certificate == !!status.certificate &&
(certificate ? certificate->Equals(status.certificate.get())
: true) &&
cert_status == status.cert_status &&
security_bits == status.security_bits &&
key_exchange_group == status.key_exchange_group &&
connection_status == status.connection_status &&
content_status == status.content_status &&
sct_statuses == status.sct_statuses &&
pkp_bypassed == status.pkp_bypassed;
}
bool initialized;
scoped_refptr<net::X509Certificate> certificate;
net::CertStatus cert_status;
int security_bits;
uint16_t key_exchange_group;
int connection_status;
// A combination of the ContentStatusFlags above.
int content_status;
// The validation statuses of the Signed Certificate Timestamps (SCTs)
// of Certificate Transparency (CT) that were served with the
// main resource.
std::vector<net::ct::SCTVerifyStatus> sct_statuses;
// True if PKP was bypassed due to a local trust anchor.
bool pkp_bypassed;
};
} // namespace content
#endif // CONTENT_PUBLIC_BROWSER_SSL_STATUS_H_
|
