1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef CONTENT_BROWSER_SSL_SSL_POLICY_BACKEND_H_ 6#define CONTENT_BROWSER_SSL_SSL_POLICY_BACKEND_H_ 7 8#include <string> 9#include <vector> 10 11#include "base/basictypes.h" 12#include "base/strings/string16.h" 13#include "net/cert/cert_status_flags.h" 14#include "net/cert/x509_certificate.h" 15 16namespace content { 17class NavigationControllerImpl; 18class SSLHostState; 19 20class SSLPolicyBackend { 21 public: 22 explicit SSLPolicyBackend(NavigationControllerImpl* controller); 23 24 // Records that a host has run insecure content. 25 void HostRanInsecureContent(const std::string& host, int pid); 26 27 // Returns whether the specified host ran insecure content. 28 bool DidHostRunInsecureContent(const std::string& host, int pid) const; 29 30 // Records that |cert| is not permitted to be used for |host| in the future, 31 // for a specific error type. 32 void DenyCertForHost(net::X509Certificate* cert, 33 const std::string& host, 34 net::CertStatus error); 35 36 // Records that |cert| is permitted to be used for |host| in the future, for 37 // a specific error type. 38 void AllowCertForHost(net::X509Certificate* cert, 39 const std::string& host, 40 net::CertStatus error); 41 42 // Queries whether |cert| is allowed or denied for |host|. 43 net::CertPolicy::Judgment QueryPolicy(net::X509Certificate* cert, 44 const std::string& host, 45 net::CertStatus error); 46 47 private: 48 // SSL state specific for each host. 49 SSLHostState* ssl_host_state_; 50 51 NavigationControllerImpl* controller_; 52 53 DISALLOW_COPY_AND_ASSIGN(SSLPolicyBackend); 54}; 55 56} // namespace content 57 58#endif // CONTENT_BROWSER_SSL_SSL_POLICY_BACKEND_H_ 59