1// Copyright (c) 2012 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef CONTENT_BROWSER_SSL_SSL_MANAGER_H_
6#define CONTENT_BROWSER_SSL_SSL_MANAGER_H_
7
8#include <string>
9
10#include "base/basictypes.h"
11#include "base/memory/scoped_ptr.h"
12#include "base/memory/weak_ptr.h"
13#include "content/browser/ssl/ssl_error_handler.h"
14#include "content/browser/ssl/ssl_policy_backend.h"
15#include "content/common/content_export.h"
16#include "content/public/browser/global_request_id.h"
17#include "net/base/net_errors.h"
18#include "net/cert/cert_status_flags.h"
19#include "url/gurl.h"
20
21namespace net {
22class SSLInfo;
23}
24
25namespace content {
26class BrowserContext;
27class NavigationEntryImpl;
28class NavigationControllerImpl;
29class SSLPolicy;
30struct LoadCommittedDetails;
31struct LoadFromMemoryCacheDetails;
32struct ResourceRedirectDetails;
33struct ResourceRequestDetails;
34
35// The SSLManager SSLManager controls the SSL UI elements in a WebContents.  It
36// listens for various events that influence when these elements should or
37// should not be displayed and adjusts them accordingly.
38//
39// There is one SSLManager per tab.
40// The security state (secure/insecure) is stored in the navigation entry.
41// Along with it are stored any SSL error code and the associated cert.
42
43class SSLManager {
44 public:
45  // Entry point for SSLCertificateErrors.  This function begins the process
46  // of resolving a certificate error during an SSL connection.  SSLManager
47  // will adjust the security UI and either call |CancelSSLRequest| or
48  // |ContinueSSLRequest| of |delegate| with |id| as the first argument.
49  //
50  // Called on the IO thread.
51  static void OnSSLCertificateError(
52      const base::WeakPtr<SSLErrorHandler::Delegate>& delegate,
53      const GlobalRequestID& id,
54      ResourceType resource_type,
55      const GURL& url,
56      int render_process_id,
57      int render_frame_id,
58      const net::SSLInfo& ssl_info,
59      bool fatal);
60
61  // Called when SSL state for a host or tab changes.
62  static void NotifySSLInternalStateChanged(BrowserContext* context);
63
64  // Construct an SSLManager for the specified tab.
65  // If |delegate| is NULL, SSLPolicy::GetDefaultPolicy() is used.
66  explicit SSLManager(NavigationControllerImpl* controller);
67  virtual ~SSLManager();
68
69  SSLPolicy* policy() { return policy_.get(); }
70  SSLPolicyBackend* backend() { return &backend_; }
71
72  // The navigation controller associated with this SSLManager.  The
73  // NavigationController is guaranteed to outlive the SSLManager.
74  NavigationControllerImpl* controller() { return controller_; }
75
76  void DidCommitProvisionalLoad(const LoadCommittedDetails& details);
77  void DidLoadFromMemoryCache(const LoadFromMemoryCacheDetails& details);
78  void DidStartResourceResponse(const ResourceRequestDetails& details);
79  void DidReceiveResourceRedirect(const ResourceRedirectDetails& details);
80
81  // Insecure content entry point.
82  void DidDisplayInsecureContent();
83  void DidRunInsecureContent(const std::string& security_origin);
84
85 private:
86  // Update the NavigationEntry with our current state.
87  void UpdateEntry(NavigationEntryImpl* entry);
88
89  // The backend for the SSLPolicy to actuate its decisions.
90  SSLPolicyBackend backend_;
91
92  // The SSLPolicy instance for this manager.
93  scoped_ptr<SSLPolicy> policy_;
94
95  // The NavigationController that owns this SSLManager.  We are responsible
96  // for the security UI of this tab.
97  NavigationControllerImpl* controller_;
98
99  DISALLOW_COPY_AND_ASSIGN(SSLManager);
100};
101
102}  // namespace content
103
104#endif  // CONTENT_BROWSER_SSL_SSL_MANAGER_H_
105