Deperecate AtomSecurityStateModelClient with SecurityStateTabHelper

This commit is contained in:
Cheng Zhao 2017-01-24 10:51:11 +09:00 committed by Kevin Sawicki
parent 3224c39371
commit 13a1d79ca6
7 changed files with 298 additions and 247 deletions

View file

@ -13,7 +13,6 @@
#include "atom/browser/atom_browser_client.h"
#include "atom/browser/atom_browser_context.h"
#include "atom/browser/atom_browser_main_parts.h"
#include "atom/browser/atom_security_state_model_client.h"
#include "atom/browser/lib/bluetooth_chooser.h"
#include "atom/browser/native_window.h"
#include "atom/browser/net/atom_network_delegate.h"
@ -45,6 +44,7 @@
#include "brightray/browser/inspectable_web_contents_view.h"
#include "chrome/browser/printing/print_preview_message_handler.h"
#include "chrome/browser/printing/print_view_manager_basic.h"
#include "chrome/browser/ssl/security_state_tab_helper.h"
#include "content/browser/renderer_host/render_widget_host_impl.h"
#include "content/browser/web_contents/web_contents_impl.h"
#include "content/common/view_messages.h"
@ -336,7 +336,7 @@ void WebContents::InitWithSessionAndOptions(v8::Isolate* isolate,
// Intialize permission helper.
WebContentsPermissionHelper::CreateForWebContents(web_contents);
// Intialize security state client.
AtomSecurityStateModelClient::CreateForWebContents(web_contents);
SecurityStateTabHelper::CreateForWebContents(web_contents);
web_contents->SetUserAgentOverride(GetBrowserContext()->GetUserAgent());

View file

@ -1,106 +0,0 @@
// Copyright (c) 2016 GitHub, Inc.
// Use of this source code is governed by the MIT license that can be
// found in the LICENSE file.
#include "atom/browser/atom_security_state_model_client.h"
#include "content/public/browser/cert_store.h"
#include "content/public/browser/navigation_entry.h"
#include "content/public/browser/web_contents.h"
#include "content/public/common/origin_util.h"
#include "content/public/common/ssl_status.h"
#include "net/cert/x509_certificate.h"
DEFINE_WEB_CONTENTS_USER_DATA_KEY(atom::AtomSecurityStateModelClient);
using security_state::SecurityStateModel;
namespace atom {
namespace {
SecurityStateModel::SecurityLevel GetSecurityLevelForSecurityStyle(
content::SecurityStyle style) {
switch (style) {
case content::SECURITY_STYLE_UNKNOWN:
return SecurityStateModel::NONE;
case content::SECURITY_STYLE_UNAUTHENTICATED:
return SecurityStateModel::NONE;
case content::SECURITY_STYLE_AUTHENTICATION_BROKEN:
return SecurityStateModel::SECURITY_ERROR;
case content::SECURITY_STYLE_WARNING:
return SecurityStateModel::SECURITY_WARNING;
case content::SECURITY_STYLE_AUTHENTICATED:
return SecurityStateModel::SECURE;
}
return SecurityStateModel::NONE;
}
} // namespace
AtomSecurityStateModelClient::AtomSecurityStateModelClient(
content::WebContents* web_contents)
: web_contents_(web_contents),
security_state_model_(new SecurityStateModel()) {
security_state_model_->SetClient(this);
}
AtomSecurityStateModelClient::~AtomSecurityStateModelClient() {
}
const SecurityStateModel::SecurityInfo&
AtomSecurityStateModelClient::GetSecurityInfo() const {
return security_state_model_->GetSecurityInfo();
}
bool AtomSecurityStateModelClient::RetrieveCert(
scoped_refptr<net::X509Certificate>* cert) {
content::NavigationEntry* entry =
web_contents_->GetController().GetVisibleEntry();
if (!entry)
return false;
return content::CertStore::GetInstance()->RetrieveCert(
entry->GetSSL().cert_id, cert);
}
bool AtomSecurityStateModelClient::UsedPolicyInstalledCertificate() {
return false;
}
bool AtomSecurityStateModelClient::IsOriginSecure(const GURL& url) {
return content::IsOriginSecure(url);
}
void AtomSecurityStateModelClient::GetVisibleSecurityState(
SecurityStateModel::VisibleSecurityState* state) {
content::NavigationEntry* entry =
web_contents_->GetController().GetVisibleEntry();
if (!entry ||
entry->GetSSL().security_style == content::SECURITY_STYLE_UNKNOWN) {
*state = SecurityStateModel::VisibleSecurityState();
return;
}
state->connection_info_initialized = true;
state->url = entry->GetURL();
const content::SSLStatus& ssl = entry->GetSSL();
state->initial_security_level =
GetSecurityLevelForSecurityStyle(ssl.security_style);
state->cert_id = ssl.cert_id;
state->cert_status = ssl.cert_status;
state->connection_status = ssl.connection_status;
state->security_bits = ssl.security_bits;
state->sct_verify_statuses.clear();
state->sct_verify_statuses.insert(state->sct_verify_statuses.begin(),
ssl.sct_statuses.begin(),
ssl.sct_statuses.end());
state->displayed_mixed_content =
(ssl.content_status & content::SSLStatus::DISPLAYED_INSECURE_CONTENT)
? true
: false;
state->ran_mixed_content =
(ssl.content_status & content::SSLStatus::RAN_INSECURE_CONTENT) ? true
: false;
}
} // namespace atom

View file

@ -1,42 +0,0 @@
// Copyright (c) 2016 GitHub, Inc.
// Use of this source code is governed by the MIT license that can be
// found in the LICENSE file.
#ifndef ATOM_BROWSER_ATOM_SECURITY_STATE_MODEL_CLIENT_H_
#define ATOM_BROWSER_ATOM_SECURITY_STATE_MODEL_CLIENT_H_
#include "components/security_state/security_state_model.h"
#include "components/security_state/security_state_model_client.h"
#include "content/public/browser/web_contents_user_data.h"
namespace atom {
class AtomSecurityStateModelClient
: public security_state::SecurityStateModelClient,
public content::WebContentsUserData<AtomSecurityStateModelClient> {
public:
~AtomSecurityStateModelClient() override;
const security_state::SecurityStateModel::SecurityInfo&
GetSecurityInfo() const;
// security_state::SecurityStateModelClient:
void GetVisibleSecurityState(
security_state::SecurityStateModel::VisibleSecurityState* state) override;
bool RetrieveCert(scoped_refptr<net::X509Certificate>* cert) override;
bool UsedPolicyInstalledCertificate() override;
bool IsOriginSecure(const GURL& url) override;
private:
explicit AtomSecurityStateModelClient(content::WebContents* web_contents);
friend class content::WebContentsUserData<AtomSecurityStateModelClient>;
content::WebContents* web_contents_;
std::unique_ptr<security_state::SecurityStateModel> security_state_model_;
DISALLOW_COPY_AND_ASSIGN(AtomSecurityStateModelClient);
};
} // namespace atom
#endif // ATOM_BROWSER_ATOM_SECURITY_STATE_MODEL_CLIENT_H_

View file

@ -10,7 +10,6 @@
#include "atom/browser/atom_browser_context.h"
#include "atom/browser/atom_javascript_dialog_manager.h"
#include "atom/browser/atom_security_state_model_client.h"
#include "atom/browser/native_window.h"
#include "atom/browser/ui/file_dialog.h"
#include "atom/browser/web_dialog_helper.h"
@ -18,10 +17,13 @@
#include "base/files/file_util.h"
#include "chrome/browser/printing/print_preview_message_handler.h"
#include "chrome/browser/printing/print_view_manager_basic.h"
#include "chrome/browser/ssl/security_state_tab_helper.h"
#include "chrome/browser/ui/browser_dialogs.h"
#include "chrome/common/pref_names.h"
#include "components/prefs/pref_service.h"
#include "components/prefs/scoped_user_pref_update.h"
#include "components/security_state/content/content_utils.h"
#include "components/security_state/core/security_state.h"
#include "content/public/browser/browser_thread.h"
#include "content/public/browser/child_process_security_policy.h"
#include "content/public/browser/render_process_host.h"
@ -32,7 +34,6 @@
#include "storage/browser/fileapi/isolated_context.h"
using content::BrowserThread;
using security_state::SecurityStateModel;
namespace atom {
@ -144,26 +145,6 @@ bool IsDevToolsFileSystemAdded(
return file_system_paths.find(file_system_path) != file_system_paths.end();
}
blink::WebSecurityStyle SecurityLevelToSecurityStyle(
security_state::SecurityLevel security_level) {
switch (security_level) {
case security_state::NONE:
case security_state::HTTP_SHOW_WARNING:
return blink::WebSecurityStyleUnauthenticated;
case security_state::SECURITY_WARNING:
case security_state::SECURE_WITH_POLICY_INSTALLED_CERT:
return blink::WebSecurityStyleWarning;
case security_state::EV_SECURE:
case security_state::SECURE:
return blink::WebSecurityStyleAuthenticated;
case security_state::DANGEROUS:
return blink::WebSecurityStyleAuthenticationBroken;
}
NOTREACHED();
return blink::WebSecurityStyleUnknown;
}
} // namespace
CommonWebContentsDelegate::CommonWebContentsDelegate()
@ -294,79 +275,14 @@ bool CommonWebContentsDelegate::IsFullscreenForTabOrPending(
blink::WebSecurityStyle CommonWebContentsDelegate::GetSecurityStyle(
content::WebContents* web_contents,
content::SecurityStyleExplanations* explanations) {
auto model_client =
AtomSecurityStateModelClient::FromWebContents(web_contents);
const SecurityStateModel::SecurityInfo& security_info =
model_client->GetSecurityInfo();
const blink::WebSecurityStyle security_style =
SecurityLevelToSecurityStyle(security_info.security_level);
explanations->ran_insecure_content_style =
SecurityLevelToSecurityStyle(
SecurityStateModel::kRanInsecureContentLevel);
explanations->displayed_insecure_content_style =
SecurityLevelToSecurityStyle(
SecurityStateModel::kDisplayedInsecureContentLevel);
explanations->scheme_is_cryptographic = security_info.scheme_is_cryptographic;
if (!security_info.scheme_is_cryptographic)
return security_style;
if (security_info.sha1_deprecation_status ==
SecurityStateModel::DEPRECATED_SHA1_MAJOR) {
explanations->broken_explanations.push_back(
content::SecurityStyleExplanation(
kSHA1Certificate,
kSHA1MajorDescription,
security_info.cert_id));
} else if (security_info.sha1_deprecation_status ==
SecurityStateModel::DEPRECATED_SHA1_MINOR) {
explanations->unauthenticated_explanations.push_back(
content::SecurityStyleExplanation(
kSHA1Certificate,
kSHA1MinorDescription,
security_info.cert_id));
}
explanations->ran_insecure_content =
security_info.mixed_content_status ==
security_state::SecurityStateModel::CONTENT_STATUS_RAN ||
security_info.mixed_content_status ==
security_state::SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN;
explanations->displayed_insecure_content =
security_info.mixed_content_status ==
security_state::SecurityStateModel::CONTENT_STATUS_DISPLAYED ||
security_info.mixed_content_status ==
security_state::SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN;
if (net::IsCertStatusError(security_info.cert_status)) {
std::string error_string = net::ErrorToString(
net::MapCertStatusToNetError(security_info.cert_status));
content::SecurityStyleExplanation explanation(
kCertificateError,
"There are issues with the site's certificate chain " + error_string,
security_info.cert_id);
if (net::IsCertStatusMinorError(security_info.cert_status))
explanations->unauthenticated_explanations.push_back(explanation);
else
explanations->broken_explanations.push_back(explanation);
} else {
if (security_info.sha1_deprecation_status ==
SecurityStateModel::NO_DEPRECATED_SHA1) {
explanations->secure_explanations.push_back(
content::SecurityStyleExplanation(
kValidCertificate,
kValidCertificateDescription,
security_info.cert_id));
}
}
return security_style;
content::SecurityStyleExplanations* security_style_explanations) {
SecurityStateTabHelper* helper =
SecurityStateTabHelper::FromWebContents(web_contents);
DCHECK(helper);
security_state::SecurityInfo security_info;
helper->GetSecurityInfo(&security_info);
return security_state::GetSecurityStyle(security_info,
security_style_explanations);
}
void CommonWebContentsDelegate::DevToolsSaveToFile(