1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CHROME_BROWSER_SSL_SSL_POLICY_H_ 6 #define CHROME_BROWSER_SSL_SSL_POLICY_H_ 7 #pragma once 8 9 #include <string> 10 11 #include "chrome/browser/ssl/ssl_blocking_page.h" 12 #include "webkit/glue/resource_type.h" 13 14 class NavigationEntry; 15 class SSLCertErrorHandler; 16 class SSLPolicyBackend; 17 class SSLRequestInfo; 18 19 // SSLPolicy 20 // 21 // This class is responsible for making the security decisions that concern the 22 // SSL trust indicators. It relies on the SSLPolicyBackend to actually enact 23 // the decisions it reaches. 24 // 25 class SSLPolicy : public SSLBlockingPage::Delegate { 26 public: 27 explicit SSLPolicy(SSLPolicyBackend* backend); 28 29 // An error occurred with the certificate in an SSL connection. 30 void OnCertError(SSLCertErrorHandler* handler); 31 32 void DidRunInsecureContent(NavigationEntry* entry, 33 const std::string& security_origin); 34 35 // We have started a resource request with the given info. 36 void OnRequestStarted(SSLRequestInfo* info); 37 38 // Update the SSL information in |entry| to match the current state. 39 // |tab_contents| is the TabContents associated with this entry. 40 void UpdateEntry(NavigationEntry* entry, TabContents* tab_contents); 41 backend()42 SSLPolicyBackend* backend() const { return backend_; } 43 44 // SSLBlockingPage::Delegate methods. 45 virtual SSLErrorInfo GetSSLErrorInfo(SSLCertErrorHandler* handler); 46 virtual void OnDenyCertificate(SSLCertErrorHandler* handler); 47 virtual void OnAllowCertificate(SSLCertErrorHandler* handler); 48 49 private: 50 // Helper method for derived classes handling certificate errors. 51 // If the error can be overridden by the user, show a blocking page that 52 // lets the user continue or cancel the request. 53 // For fatal certificate errors, show a blocking page that only lets the 54 // user cancel the request. 55 void OnCertErrorInternal(SSLCertErrorHandler* handler, 56 SSLBlockingPage::ErrorLevel error_level); 57 58 // If the security style of |entry| has not been initialized, then initialize 59 // it with the default style for its URL. 60 void InitializeEntryIfNeeded(NavigationEntry* entry); 61 62 // Mark |origin| as having run insecure content in the process with ID |pid|. 63 void OriginRanInsecureContent(const std::string& origin, int pid); 64 65 // The backend we use to enact our decisions. 66 SSLPolicyBackend* backend_; 67 68 DISALLOW_COPY_AND_ASSIGN(SSLPolicy); 69 }; 70 71 #endif // CHROME_BROWSER_SSL_SSL_POLICY_H_ 72