1// Copyright (c) 2010 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef CHROME_BROWSER_SSL_SSL_POLICY_H_ 6#define CHROME_BROWSER_SSL_SSL_POLICY_H_ 7#pragma once 8 9#include <string> 10 11#include "chrome/browser/ssl/ssl_blocking_page.h" 12#include "webkit/glue/resource_type.h" 13 14class NavigationEntry; 15class SSLCertErrorHandler; 16class SSLPolicyBackend; 17class SSLRequestInfo; 18 19// SSLPolicy 20// 21// This class is responsible for making the security decisions that concern the 22// SSL trust indicators. It relies on the SSLPolicyBackend to actually enact 23// the decisions it reaches. 24// 25class SSLPolicy : public SSLBlockingPage::Delegate { 26 public: 27 explicit SSLPolicy(SSLPolicyBackend* backend); 28 29 // An error occurred with the certificate in an SSL connection. 30 void OnCertError(SSLCertErrorHandler* handler); 31 32 void DidRunInsecureContent(NavigationEntry* entry, 33 const std::string& security_origin); 34 35 // We have started a resource request with the given info. 36 void OnRequestStarted(SSLRequestInfo* info); 37 38 // Update the SSL information in |entry| to match the current state. 39 // |tab_contents| is the TabContents associated with this entry. 40 void UpdateEntry(NavigationEntry* entry, TabContents* tab_contents); 41 42 SSLPolicyBackend* backend() const { return backend_; } 43 44 // SSLBlockingPage::Delegate methods. 45 virtual SSLErrorInfo GetSSLErrorInfo(SSLCertErrorHandler* handler); 46 virtual void OnDenyCertificate(SSLCertErrorHandler* handler); 47 virtual void OnAllowCertificate(SSLCertErrorHandler* handler); 48 49 private: 50 // Helper method for derived classes handling certificate errors. 51 // If the error can be overridden by the user, show a blocking page that 52 // lets the user continue or cancel the request. 53 // For fatal certificate errors, show a blocking page that only lets the 54 // user cancel the request. 55 void OnCertErrorInternal(SSLCertErrorHandler* handler, 56 SSLBlockingPage::ErrorLevel error_level); 57 58 // If the security style of |entry| has not been initialized, then initialize 59 // it with the default style for its URL. 60 void InitializeEntryIfNeeded(NavigationEntry* entry); 61 62 // Mark |origin| as having run insecure content in the process with ID |pid|. 63 void OriginRanInsecureContent(const std::string& origin, int pid); 64 65 // The backend we use to enact our decisions. 66 SSLPolicyBackend* backend_; 67 68 DISALLOW_COPY_AND_ASSIGN(SSLPolicy); 69}; 70 71#endif // CHROME_BROWSER_SSL_SSL_POLICY_H_ 72