1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef CONTENT_BROWSER_SSL_SSL_POLICY_BACKEND_H_ 6#define CONTENT_BROWSER_SSL_SSL_POLICY_BACKEND_H_ 7 8#include <string> 9#include <vector> 10 11#include "base/basictypes.h" 12#include "base/strings/string16.h" 13#include "content/public/browser/ssl_host_state_delegate.h" 14#include "net/cert/cert_status_flags.h" 15#include "net/cert/x509_certificate.h" 16 17namespace content { 18class NavigationControllerImpl; 19 20class SSLPolicyBackend { 21 public: 22 explicit SSLPolicyBackend(NavigationControllerImpl* controller); 23 24 // Records that a host has run insecure content. 25 void HostRanInsecureContent(const std::string& host, int pid); 26 27 // Returns whether the specified host ran insecure content. 28 bool DidHostRunInsecureContent(const std::string& host, int pid) const; 29 30 // Records that |cert| is permitted to be used for |host| in the future, for 31 // a specific error type. 32 void AllowCertForHost(const net::X509Certificate& cert, 33 const std::string& host, 34 net::CertStatus error); 35 36 // Queries whether |cert| is allowed for |host|. Returns true in 37 // |expired_previous_decision| if a user decision had been made previously but 38 // that decision has expired, otherwise false. 39 SSLHostStateDelegate::CertJudgment QueryPolicy( 40 const net::X509Certificate& cert, 41 const std::string& host, 42 net::CertStatus error, 43 bool* expired_previous_decision); 44 45 private: 46 // SSL state delegate specific for each host. 47 SSLHostStateDelegate* ssl_host_state_delegate_; 48 49 NavigationControllerImpl* controller_; 50 51 DISALLOW_COPY_AND_ASSIGN(SSLPolicyBackend); 52}; 53 54} // namespace content 55 56#endif // CONTENT_BROWSER_SSL_SSL_POLICY_BACKEND_H_ 57