Deperecate AtomSecurityStateModelClient with SecurityStateTabHelper

2017-01-24 10:51:11 +09:00 · 2017-01-24 10:51:11 +09:00 · 13a1d79ca6
commit 13a1d79ca6
parent 3224c39371
7 changed files with 298 additions and 247 deletions
--- a/atom/browser/api/atom_api_web_contents.cc
+++ b/atom/browser/api/atom_api_web_contents.cc
@ -13,7 +13,6 @@
 #include "atom/browser/atom_browser_client.h"
 #include "atom/browser/atom_browser_context.h"
 #include "atom/browser/atom_browser_main_parts.h"
 #include "atom/browser/atom_security_state_model_client.h"
 #include "atom/browser/lib/bluetooth_chooser.h"
 #include "atom/browser/native_window.h"
 #include "atom/browser/net/atom_network_delegate.h"
@ -45,6 +44,7 @@
 #include "brightray/browser/inspectable_web_contents_view.h"
 #include "chrome/browser/printing/print_preview_message_handler.h"
 #include "chrome/browser/printing/print_view_manager_basic.h"
 #include "chrome/browser/ssl/security_state_tab_helper.h"
 #include "content/browser/renderer_host/render_widget_host_impl.h"
 #include "content/browser/web_contents/web_contents_impl.h"
 #include "content/common/view_messages.h"
@ -336,7 +336,7 @@ void WebContents::InitWithSessionAndOptions(v8::Isolate* isolate,
  // Intialize permission helper.
  WebContentsPermissionHelper::CreateForWebContents(web_contents);
  // Intialize security state client.
-  AtomSecurityStateModelClient::CreateForWebContents(web_contents);
+  SecurityStateTabHelper::CreateForWebContents(web_contents);
  web_contents->SetUserAgentOverride(GetBrowserContext()->GetUserAgent());
--- a/atom/browser/atom_security_state_model_client.cc
+++ b/atom/browser/atom_security_state_model_client.cc
@ -1,106 +0,0 @@
 // Copyright (c) 2016 GitHub, Inc.
 // Use of this source code is governed by the MIT license that can be
 // found in the LICENSE file.
 #include "atom/browser/atom_security_state_model_client.h"
 #include "content/public/browser/cert_store.h"
 #include "content/public/browser/navigation_entry.h"
 #include "content/public/browser/web_contents.h"
 #include "content/public/common/origin_util.h"
 #include "content/public/common/ssl_status.h"
 #include "net/cert/x509_certificate.h"
 DEFINE_WEB_CONTENTS_USER_DATA_KEY(atom::AtomSecurityStateModelClient);
 using security_state::SecurityStateModel;
 namespace atom {
 namespace {
 SecurityStateModel::SecurityLevel GetSecurityLevelForSecurityStyle(
    content::SecurityStyle style) {
  switch (style) {
    case content::SECURITY_STYLE_UNKNOWN:
      return SecurityStateModel::NONE;
    case content::SECURITY_STYLE_UNAUTHENTICATED:
      return SecurityStateModel::NONE;
    case content::SECURITY_STYLE_AUTHENTICATION_BROKEN:
      return SecurityStateModel::SECURITY_ERROR;
    case content::SECURITY_STYLE_WARNING:
      return SecurityStateModel::SECURITY_WARNING;
    case content::SECURITY_STYLE_AUTHENTICATED:
      return SecurityStateModel::SECURE;
  }
  return SecurityStateModel::NONE;
 }
 }  // namespace
 AtomSecurityStateModelClient::AtomSecurityStateModelClient(
    content::WebContents* web_contents)
    : web_contents_(web_contents),
      security_state_model_(new SecurityStateModel()) {
  security_state_model_->SetClient(this);
 }
 AtomSecurityStateModelClient::~AtomSecurityStateModelClient() {
 }
 const SecurityStateModel::SecurityInfo&
 AtomSecurityStateModelClient::GetSecurityInfo() const {
  return security_state_model_->GetSecurityInfo();
 }
 bool AtomSecurityStateModelClient::RetrieveCert(
    scoped_refptr<net::X509Certificate>* cert) {
  content::NavigationEntry* entry =
      web_contents_->GetController().GetVisibleEntry();
  if (!entry)
    return false;
  return content::CertStore::GetInstance()->RetrieveCert(
      entry->GetSSL().cert_id, cert);
 }
 bool AtomSecurityStateModelClient::UsedPolicyInstalledCertificate() {
  return false;
 }
 bool AtomSecurityStateModelClient::IsOriginSecure(const GURL& url) {
  return content::IsOriginSecure(url);
 }
 void AtomSecurityStateModelClient::GetVisibleSecurityState(
    SecurityStateModel::VisibleSecurityState* state) {
  content::NavigationEntry* entry =
      web_contents_->GetController().GetVisibleEntry();
  if (!entry ||
      entry->GetSSL().security_style == content::SECURITY_STYLE_UNKNOWN) {
    *state = SecurityStateModel::VisibleSecurityState();
    return;
  }
  state->connection_info_initialized = true;
  state->url = entry->GetURL();
  const content::SSLStatus& ssl = entry->GetSSL();
  state->initial_security_level =
      GetSecurityLevelForSecurityStyle(ssl.security_style);
  state->cert_id = ssl.cert_id;
  state->cert_status = ssl.cert_status;
  state->connection_status = ssl.connection_status;
  state->security_bits = ssl.security_bits;
  state->sct_verify_statuses.clear();
  state->sct_verify_statuses.insert(state->sct_verify_statuses.begin(),
                                    ssl.sct_statuses.begin(),
                                    ssl.sct_statuses.end());
  state->displayed_mixed_content =
      (ssl.content_status & content::SSLStatus::DISPLAYED_INSECURE_CONTENT)
          ? true
          : false;
  state->ran_mixed_content =
      (ssl.content_status & content::SSLStatus::RAN_INSECURE_CONTENT) ? true
                                                                      : false;
 }
 }  // namespace atom
--- a/atom/browser/atom_security_state_model_client.h
+++ b/atom/browser/atom_security_state_model_client.h
@ -1,42 +0,0 @@
 // Copyright (c) 2016 GitHub, Inc.
 // Use of this source code is governed by the MIT license that can be
 // found in the LICENSE file.
 #ifndef ATOM_BROWSER_ATOM_SECURITY_STATE_MODEL_CLIENT_H_
 #define ATOM_BROWSER_ATOM_SECURITY_STATE_MODEL_CLIENT_H_
 #include "components/security_state/security_state_model.h"
 #include "components/security_state/security_state_model_client.h"
 #include "content/public/browser/web_contents_user_data.h"
 namespace atom {
 class AtomSecurityStateModelClient
    : public security_state::SecurityStateModelClient,
      public content::WebContentsUserData<AtomSecurityStateModelClient> {
 public:
  ~AtomSecurityStateModelClient() override;
  const security_state::SecurityStateModel::SecurityInfo&
  GetSecurityInfo() const;
  // security_state::SecurityStateModelClient:
  void GetVisibleSecurityState(
      security_state::SecurityStateModel::VisibleSecurityState* state) override;
  bool RetrieveCert(scoped_refptr<net::X509Certificate>* cert) override;
  bool UsedPolicyInstalledCertificate() override;
  bool IsOriginSecure(const GURL& url) override;
 private:
  explicit AtomSecurityStateModelClient(content::WebContents* web_contents);
  friend class content::WebContentsUserData<AtomSecurityStateModelClient>;
  content::WebContents* web_contents_;
  std::unique_ptr<security_state::SecurityStateModel> security_state_model_;
  DISALLOW_COPY_AND_ASSIGN(AtomSecurityStateModelClient);
 };
 }  // namespace atom
 #endif  // ATOM_BROWSER_ATOM_SECURITY_STATE_MODEL_CLIENT_H_
--- a/atom/browser/common_web_contents_delegate.cc
+++ b/atom/browser/common_web_contents_delegate.cc
@ -10,7 +10,6 @@
 #include "atom/browser/atom_browser_context.h"
 #include "atom/browser/atom_javascript_dialog_manager.h"
 #include "atom/browser/atom_security_state_model_client.h"
 #include "atom/browser/native_window.h"
 #include "atom/browser/ui/file_dialog.h"
 #include "atom/browser/web_dialog_helper.h"
@ -18,10 +17,13 @@
 #include "base/files/file_util.h"
 #include "chrome/browser/printing/print_preview_message_handler.h"
 #include "chrome/browser/printing/print_view_manager_basic.h"
 #include "chrome/browser/ssl/security_state_tab_helper.h"
 #include "chrome/browser/ui/browser_dialogs.h"
 #include "chrome/common/pref_names.h"
 #include "components/prefs/pref_service.h"
 #include "components/prefs/scoped_user_pref_update.h"
 #include "components/security_state/content/content_utils.h"
 #include "components/security_state/core/security_state.h"
 #include "content/public/browser/browser_thread.h"
 #include "content/public/browser/child_process_security_policy.h"
 #include "content/public/browser/render_process_host.h"
@ -32,7 +34,6 @@
 #include "storage/browser/fileapi/isolated_context.h"
 using content::BrowserThread;
 using security_state::SecurityStateModel;
 namespace atom {
@ -144,26 +145,6 @@ bool IsDevToolsFileSystemAdded(
  return file_system_paths.find(file_system_path) != file_system_paths.end();
 }
 blink::WebSecurityStyle SecurityLevelToSecurityStyle(
    security_state::SecurityLevel security_level) {
  switch (security_level) {
    case security_state::NONE:
    case security_state::HTTP_SHOW_WARNING:
      return blink::WebSecurityStyleUnauthenticated;
    case security_state::SECURITY_WARNING:
    case security_state::SECURE_WITH_POLICY_INSTALLED_CERT:
      return blink::WebSecurityStyleWarning;
    case security_state::EV_SECURE:
    case security_state::SECURE:
      return blink::WebSecurityStyleAuthenticated;
    case security_state::DANGEROUS:
      return blink::WebSecurityStyleAuthenticationBroken;
  }
  NOTREACHED();
  return blink::WebSecurityStyleUnknown;
 }
 }  // namespace
 CommonWebContentsDelegate::CommonWebContentsDelegate()
@ -294,79 +275,14 @@ bool CommonWebContentsDelegate::IsFullscreenForTabOrPending(
 blink::WebSecurityStyle CommonWebContentsDelegate::GetSecurityStyle(
    content::WebContents* web_contents,
-    content::SecurityStyleExplanations* explanations) {
+    content::SecurityStyleExplanations* security_style_explanations) {
-  auto model_client =
+  SecurityStateTabHelper* helper =
-      AtomSecurityStateModelClient::FromWebContents(web_contents);
+      SecurityStateTabHelper::FromWebContents(web_contents);
-
+  DCHECK(helper);
-  const SecurityStateModel::SecurityInfo& security_info =
+  security_state::SecurityInfo security_info;
-      model_client->GetSecurityInfo();
+  helper->GetSecurityInfo(&security_info);
-
+  return security_state::GetSecurityStyle(security_info,
-  const blink::WebSecurityStyle security_style =
+                                          security_style_explanations);
      SecurityLevelToSecurityStyle(security_info.security_level);
  explanations->ran_insecure_content_style =
      SecurityLevelToSecurityStyle(
          SecurityStateModel::kRanInsecureContentLevel);
  explanations->displayed_insecure_content_style =
      SecurityLevelToSecurityStyle(
          SecurityStateModel::kDisplayedInsecureContentLevel);
  explanations->scheme_is_cryptographic = security_info.scheme_is_cryptographic;
  if (!security_info.scheme_is_cryptographic)
    return security_style;
  if (security_info.sha1_deprecation_status ==
      SecurityStateModel::DEPRECATED_SHA1_MAJOR) {
    explanations->broken_explanations.push_back(
        content::SecurityStyleExplanation(
            kSHA1Certificate,
            kSHA1MajorDescription,
            security_info.cert_id));
  } else if (security_info.sha1_deprecation_status ==
                SecurityStateModel::DEPRECATED_SHA1_MINOR) {
    explanations->unauthenticated_explanations.push_back(
        content::SecurityStyleExplanation(
            kSHA1Certificate,
            kSHA1MinorDescription,
            security_info.cert_id));
  }
  explanations->ran_insecure_content =
      security_info.mixed_content_status ==
          security_state::SecurityStateModel::CONTENT_STATUS_RAN ||
      security_info.mixed_content_status ==
          security_state::SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN;
  explanations->displayed_insecure_content =
      security_info.mixed_content_status ==
          security_state::SecurityStateModel::CONTENT_STATUS_DISPLAYED ||
      security_info.mixed_content_status ==
          security_state::SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN;
  if (net::IsCertStatusError(security_info.cert_status)) {
    std::string error_string = net::ErrorToString(
        net::MapCertStatusToNetError(security_info.cert_status));
    content::SecurityStyleExplanation explanation(
        kCertificateError,
        "There are issues with the site's certificate chain " + error_string,
        security_info.cert_id);
    if (net::IsCertStatusMinorError(security_info.cert_status))
      explanations->unauthenticated_explanations.push_back(explanation);
    else
      explanations->broken_explanations.push_back(explanation);
  } else {
    if (security_info.sha1_deprecation_status ==
        SecurityStateModel::NO_DEPRECATED_SHA1) {
      explanations->secure_explanations.push_back(
          content::SecurityStyleExplanation(
              kValidCertificate,
              kValidCertificateDescription,
              security_info.cert_id));
    }
  }
  return security_style;
 }
 void CommonWebContentsDelegate::DevToolsSaveToFile(
--- a/chromium_src/chrome/browser/ssl/security_state_tab_helper.cc
+++ b/chromium_src/chrome/browser/ssl/security_state_tab_helper.cc
@ -0,0 +1,213 @@
 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 #include "chrome/browser/ssl/security_state_tab_helper.h"
 #include "base/bind.h"
 #include "base/metrics/histogram_macros.h"
 #include "base/time/time.h"
 #include "build/build_config.h"
 #if 0
 #include "chrome/browser/browser_process.h"
 #include "chrome/browser/chromeos/policy/policy_cert_service.h"
 #include "chrome/browser/chromeos/policy/policy_cert_service_factory.h"
 #include "chrome/browser/profiles/profile.h"
 #include "chrome/browser/safe_browsing/safe_browsing_service.h"
 #include "chrome/browser/safe_browsing/ui_manager.h"
 #endif
 #include "components/prefs/pref_service.h"
 #include "components/security_state/content/content_utils.h"
 #include "components/ssl_config/ssl_config_prefs.h"
 #include "content/public/browser/navigation_entry.h"
 #include "content/public/browser/navigation_handle.h"
 #include "content/public/browser/render_frame_host.h"
 #include "content/public/browser/web_contents.h"
 #include "content/public/common/origin_util.h"
 #include "net/base/net_errors.h"
 #include "net/cert/x509_certificate.h"
 #include "net/ssl/ssl_cipher_suite_names.h"
 #include "net/ssl/ssl_connection_status_flags.h"
 #include "third_party/boringssl/src/include/openssl/ssl.h"
 #include "ui/base/l10n/l10n_util.h"
 DEFINE_WEB_CONTENTS_USER_DATA_KEY(SecurityStateTabHelper);
 #if 0
 using safe_browsing::SafeBrowsingUIManager;
 #endif
 SecurityStateTabHelper::SecurityStateTabHelper(
    content::WebContents* web_contents)
    : content::WebContentsObserver(web_contents),
      logged_http_warning_on_current_navigation_(false) {}
 SecurityStateTabHelper::~SecurityStateTabHelper() {}
 void SecurityStateTabHelper::GetSecurityInfo(
    security_state::SecurityInfo* result) const {
  security_state::GetSecurityInfo(GetVisibleSecurityState(),
                                  UsedPolicyInstalledCertificate(),
                                  base::Bind(&content::IsOriginSecure), result);
 }
 void SecurityStateTabHelper::VisibleSecurityStateChanged() {
  if (logged_http_warning_on_current_navigation_)
    return;
  security_state::SecurityInfo security_info;
  GetSecurityInfo(&security_info);
  if (!security_info.displayed_password_field_on_http &&
      !security_info.displayed_credit_card_field_on_http) {
    return;
  }
  DCHECK(time_of_http_warning_on_current_navigation_.is_null());
  time_of_http_warning_on_current_navigation_ = base::Time::Now();
  std::string warning;
  bool warning_is_user_visible = false;
  switch (security_info.security_level) {
    case security_state::HTTP_SHOW_WARNING:
      warning =
          "This page includes a password or credit card input in a non-secure "
          "context. A warning has been added to the URL bar. For more "
          "information, see https://goo.gl/zmWq3m.";
      warning_is_user_visible = true;
      break;
    case security_state::NONE:
    case security_state::DANGEROUS:
      warning =
          "This page includes a password or credit card input in a non-secure "
          "context. A warning will be added to the URL bar in Chrome 56 (Jan "
          "2017). For more information, see https://goo.gl/zmWq3m.";
      break;
    default:
      return;
  }
  logged_http_warning_on_current_navigation_ = true;
  web_contents()->GetMainFrame()->AddMessageToConsole(
      content::CONSOLE_MESSAGE_LEVEL_WARNING, warning);
  if (security_info.displayed_credit_card_field_on_http) {
    UMA_HISTOGRAM_BOOLEAN(
        "Security.HTTPBad.UserWarnedAboutSensitiveInput.CreditCard",
        warning_is_user_visible);
  }
  if (security_info.displayed_password_field_on_http) {
    UMA_HISTOGRAM_BOOLEAN(
        "Security.HTTPBad.UserWarnedAboutSensitiveInput.Password",
        warning_is_user_visible);
  }
 }
 void SecurityStateTabHelper::DidStartNavigation(
    content::NavigationHandle* navigation_handle) {
  if (time_of_http_warning_on_current_navigation_.is_null() ||
      !navigation_handle->IsInMainFrame() || navigation_handle->IsSamePage()) {
    return;
  }
  // Record how quickly a user leaves a site after encountering an
  // HTTP-bad warning. A navigation here only counts if it is a
  // main-frame, not-same-page navigation, since it aims to measure how
  // quickly a user leaves a site after seeing the HTTP warning.
  UMA_HISTOGRAM_LONG_TIMES(
      "Security.HTTPBad.NavigationStartedAfterUserWarnedAboutSensitiveInput",
      base::Time::Now() - time_of_http_warning_on_current_navigation_);
  // After recording the histogram, clear the time of the warning. A
  // timing histogram will not be recorded again on this page, because
  // the time is only set the first time the HTTP-bad warning is shown
  // per page.
  time_of_http_warning_on_current_navigation_ = base::Time();
 }
 void SecurityStateTabHelper::DidFinishNavigation(
    content::NavigationHandle* navigation_handle) {
  if (navigation_handle->IsInMainFrame() && !navigation_handle->IsSamePage()) {
    // Only reset the console message flag for main-frame navigations,
    // and not for same-page navigations like reference fragments and pushState.
    logged_http_warning_on_current_navigation_ = false;
  }
 }
 void SecurityStateTabHelper::WebContentsDestroyed() {
  if (time_of_http_warning_on_current_navigation_.is_null()) {
    return;
  }
  // Record how quickly the tab is closed after a user encounters an
  // HTTP-bad warning. This histogram will only be recorded if the
  // WebContents is destroyed before another navigation begins.
  UMA_HISTOGRAM_LONG_TIMES(
      "Security.HTTPBad.WebContentsDestroyedAfterUserWarnedAboutSensitiveInput",
      base::Time::Now() - time_of_http_warning_on_current_navigation_);
 }
 bool SecurityStateTabHelper::UsedPolicyInstalledCertificate() const {
 #if defined(OS_CHROMEOS)
  policy::PolicyCertService* service =
      policy::PolicyCertServiceFactory::GetForProfile(
          Profile::FromBrowserContext(web_contents()->GetBrowserContext()));
  if (service && service->UsedPolicyCertificates())
    return true;
 #endif
  return false;
 }
 #if 0
 security_state::MaliciousContentStatus
 SecurityStateTabHelper::GetMaliciousContentStatus() const {
  content::NavigationEntry* entry =
      web_contents()->GetController().GetVisibleEntry();
  if (!entry)
    return security_state::MALICIOUS_CONTENT_STATUS_NONE;
  safe_browsing::SafeBrowsingService* sb_service =
      g_browser_process->safe_browsing_service();
  if (!sb_service)
    return security_state::MALICIOUS_CONTENT_STATUS_NONE;
  scoped_refptr<SafeBrowsingUIManager> sb_ui_manager = sb_service->ui_manager();
  safe_browsing::SBThreatType threat_type;
  if (sb_ui_manager->IsUrlWhitelistedOrPendingForWebContents(
          entry->GetURL(), false, entry, web_contents(), false, &threat_type)) {
    switch (threat_type) {
      case safe_browsing::SB_THREAT_TYPE_UNUSED:
      case safe_browsing::SB_THREAT_TYPE_SAFE:
        break;
      case safe_browsing::SB_THREAT_TYPE_URL_PHISHING:
      case safe_browsing::SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL:
        return security_state::MALICIOUS_CONTENT_STATUS_SOCIAL_ENGINEERING;
        break;
      case safe_browsing::SB_THREAT_TYPE_URL_MALWARE:
      case safe_browsing::SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL:
        return security_state::MALICIOUS_CONTENT_STATUS_MALWARE;
        break;
      case safe_browsing::SB_THREAT_TYPE_URL_UNWANTED:
        return security_state::MALICIOUS_CONTENT_STATUS_UNWANTED_SOFTWARE;
        break;
      case safe_browsing::SB_THREAT_TYPE_BINARY_MALWARE_URL:
      case safe_browsing::SB_THREAT_TYPE_EXTENSION:
      case safe_browsing::SB_THREAT_TYPE_BLACKLISTED_RESOURCE:
      case safe_browsing::SB_THREAT_TYPE_API_ABUSE:
        // These threat types are not currently associated with
        // interstitials, and thus resources with these threat types are
        // not ever whitelisted or pending whitelisting.
        NOTREACHED();
        break;
    }
  }
  return security_state::MALICIOUS_CONTENT_STATUS_NONE;
 }
 #endif
 std::unique_ptr<security_state::VisibleSecurityState>
 SecurityStateTabHelper::GetVisibleSecurityState() const {
  auto state = security_state::GetVisibleSecurityState(web_contents());
 #if 0
  // Malware status might already be known even if connection security
  // information is still being initialized, thus no need to check for that.
  state->malicious_content_status = GetMaliciousContentStatus();
 #endif
  return state;
 }
--- a/chromium_src/chrome/browser/ssl/security_state_tab_helper.h
+++ b/chromium_src/chrome/browser/ssl/security_state_tab_helper.h
@ -0,0 +1,70 @@
 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 #ifndef CHROME_BROWSER_SSL_SECURITY_STATE_TAB_HELPER_H_
 #define CHROME_BROWSER_SSL_SECURITY_STATE_TAB_HELPER_H_
 #include <memory>
 #include "base/macros.h"
 #include "components/security_state/core/security_state.h"
 #include "content/public/browser/web_contents_observer.h"
 #include "content/public/browser/web_contents_user_data.h"
 #include "third_party/WebKit/public/platform/WebSecurityStyle.h"
 namespace content {
 class NavigationHandle;
 class WebContents;
 }  // namespace content
 // Tab helper provides the page's security status. Also logs console warnings
 // for private data on insecure pages.
 class SecurityStateTabHelper
    : public content::WebContentsObserver,
      public content::WebContentsUserData<SecurityStateTabHelper> {
 public:
  ~SecurityStateTabHelper() override;
  // See security_state::GetSecurityInfo.
  void GetSecurityInfo(
      security_state::SecurityInfo* result) const;
  // Called when the NavigationEntry's SSLStatus or other security
  // information changes.
  void VisibleSecurityStateChanged();
  // content::WebContentsObserver:
  void DidStartNavigation(
      content::NavigationHandle* navigation_handle) override;
  void DidFinishNavigation(
      content::NavigationHandle* navigation_handle) override;
  void WebContentsDestroyed() override;
 private:
  explicit SecurityStateTabHelper(content::WebContents* web_contents);
  friend class content::WebContentsUserData<SecurityStateTabHelper>;
  bool UsedPolicyInstalledCertificate() const;
 #if 0
  security_state::MaliciousContentStatus GetMaliciousContentStatus() const;
 #endif
  std::unique_ptr<security_state::VisibleSecurityState>
  GetVisibleSecurityState() const;
  // True if a console message has been logged about an omnibox warning that
  // will be shown in future versions of Chrome for insecure HTTP pages. This
  // message should only be logged once per main-frame navigation.
  bool logged_http_warning_on_current_navigation_;
  // The time that a console or omnibox warning was shown for insecure
  // HTTP pages that contain password or credit card fields. This is set
  // at most once per main-frame navigation (the first time that an HTTP
  // warning triggers on that navigation) and is used for UMA
  // histogramming.
  base::Time time_of_http_warning_on_current_navigation_;
  DISALLOW_COPY_AND_ASSIGN(SecurityStateTabHelper);
 };
 #endif  // CHROME_BROWSER_SSL_SECURITY_STATE_TAB_HELPER_H_
--- a/filenames.gypi
+++ b/filenames.gypi
@ -189,8 +189,6 @@
      'atom/browser/atom_quota_permission_context.h',
      'atom/browser/atom_resource_dispatcher_host_delegate.cc',
      'atom/browser/atom_resource_dispatcher_host_delegate.h',
      'atom/browser/atom_security_state_model_client.cc',
      'atom/browser/atom_security_state_model_client.h',
      'atom/browser/atom_speech_recognition_manager_delegate.cc',
      'atom/browser/atom_speech_recognition_manager_delegate.h',
      'atom/browser/bridge_task_runner.cc',
@ -539,6 +537,8 @@
      'chromium_src/chrome/browser/speech/tts_platform.cc',
      'chromium_src/chrome/browser/speech/tts_platform.h',
      'chromium_src/chrome/browser/speech/tts_win.cc',
      'chromium_src/chrome/browser/ssl/security_state_tab_helper.cc',
      'chromium_src/chrome/browser/ssl/security_state_tab_helper.h',
      'chromium_src/chrome/browser/ui/browser_dialogs.h',
      'chromium_src/chrome/browser/ui/cocoa/color_chooser_mac.mm',
      'chromium_src/chrome/browser/ui/views/color_chooser_aura.cc',