#include "atom/browser/atom_browser_client.h"
#include "atom/browser/atom_browser_context.h"
#include "atom/browser/atom_browser_main_parts.h"
-#include "atom/browser/atom_security_state_model_client.h"
#include "atom/browser/lib/bluetooth_chooser.h"
#include "atom/browser/native_window.h"
#include "atom/browser/net/atom_network_delegate.h"
#include "brightray/browser/inspectable_web_contents_view.h"
#include "chrome/browser/printing/print_preview_message_handler.h"
#include "chrome/browser/printing/print_view_manager_basic.h"
+#include "chrome/browser/ssl/security_state_tab_helper.h"
#include "content/browser/renderer_host/render_widget_host_impl.h"
#include "content/browser/web_contents/web_contents_impl.h"
#include "content/common/view_messages.h"
// Intialize permission helper.
WebContentsPermissionHelper::CreateForWebContents(web_contents);
// Intialize security state client.
- AtomSecurityStateModelClient::CreateForWebContents(web_contents);
+ SecurityStateTabHelper::CreateForWebContents(web_contents);
web_contents->SetUserAgentOverride(GetBrowserContext()->GetUserAgent());
+++ /dev/null
-// Copyright (c) 2016 GitHub, Inc.
-// Use of this source code is governed by the MIT license that can be
-// found in the LICENSE file.
-
-#include "atom/browser/atom_security_state_model_client.h"
-
-#include "content/public/browser/cert_store.h"
-#include "content/public/browser/navigation_entry.h"
-#include "content/public/browser/web_contents.h"
-#include "content/public/common/origin_util.h"
-#include "content/public/common/ssl_status.h"
-#include "net/cert/x509_certificate.h"
-
-DEFINE_WEB_CONTENTS_USER_DATA_KEY(atom::AtomSecurityStateModelClient);
-
-using security_state::SecurityStateModel;
-
-namespace atom {
-
-namespace {
-
-SecurityStateModel::SecurityLevel GetSecurityLevelForSecurityStyle(
- content::SecurityStyle style) {
- switch (style) {
- case content::SECURITY_STYLE_UNKNOWN:
- return SecurityStateModel::NONE;
- case content::SECURITY_STYLE_UNAUTHENTICATED:
- return SecurityStateModel::NONE;
- case content::SECURITY_STYLE_AUTHENTICATION_BROKEN:
- return SecurityStateModel::SECURITY_ERROR;
- case content::SECURITY_STYLE_WARNING:
- return SecurityStateModel::SECURITY_WARNING;
- case content::SECURITY_STYLE_AUTHENTICATED:
- return SecurityStateModel::SECURE;
- }
- return SecurityStateModel::NONE;
-}
-
-} // namespace
-
-AtomSecurityStateModelClient::AtomSecurityStateModelClient(
- content::WebContents* web_contents)
- : web_contents_(web_contents),
- security_state_model_(new SecurityStateModel()) {
- security_state_model_->SetClient(this);
-}
-
-AtomSecurityStateModelClient::~AtomSecurityStateModelClient() {
-}
-
-const SecurityStateModel::SecurityInfo&
-AtomSecurityStateModelClient::GetSecurityInfo() const {
- return security_state_model_->GetSecurityInfo();
-}
-
-bool AtomSecurityStateModelClient::RetrieveCert(
- scoped_refptr<net::X509Certificate>* cert) {
- content::NavigationEntry* entry =
- web_contents_->GetController().GetVisibleEntry();
- if (!entry)
- return false;
- return content::CertStore::GetInstance()->RetrieveCert(
- entry->GetSSL().cert_id, cert);
-}
-
-bool AtomSecurityStateModelClient::UsedPolicyInstalledCertificate() {
- return false;
-}
-
-bool AtomSecurityStateModelClient::IsOriginSecure(const GURL& url) {
- return content::IsOriginSecure(url);
-}
-
-void AtomSecurityStateModelClient::GetVisibleSecurityState(
- SecurityStateModel::VisibleSecurityState* state) {
- content::NavigationEntry* entry =
- web_contents_->GetController().GetVisibleEntry();
- if (!entry ||
- entry->GetSSL().security_style == content::SECURITY_STYLE_UNKNOWN) {
- *state = SecurityStateModel::VisibleSecurityState();
- return;
- }
-
- state->connection_info_initialized = true;
- state->url = entry->GetURL();
- const content::SSLStatus& ssl = entry->GetSSL();
- state->initial_security_level =
- GetSecurityLevelForSecurityStyle(ssl.security_style);
- state->cert_id = ssl.cert_id;
- state->cert_status = ssl.cert_status;
- state->connection_status = ssl.connection_status;
- state->security_bits = ssl.security_bits;
- state->sct_verify_statuses.clear();
- state->sct_verify_statuses.insert(state->sct_verify_statuses.begin(),
- ssl.sct_statuses.begin(),
- ssl.sct_statuses.end());
- state->displayed_mixed_content =
- (ssl.content_status & content::SSLStatus::DISPLAYED_INSECURE_CONTENT)
- ? true
- : false;
- state->ran_mixed_content =
- (ssl.content_status & content::SSLStatus::RAN_INSECURE_CONTENT) ? true
- : false;
-}
-
-} // namespace atom
+++ /dev/null
-// Copyright (c) 2016 GitHub, Inc.
-// Use of this source code is governed by the MIT license that can be
-// found in the LICENSE file.
-
-#ifndef ATOM_BROWSER_ATOM_SECURITY_STATE_MODEL_CLIENT_H_
-#define ATOM_BROWSER_ATOM_SECURITY_STATE_MODEL_CLIENT_H_
-
-#include "components/security_state/security_state_model.h"
-#include "components/security_state/security_state_model_client.h"
-#include "content/public/browser/web_contents_user_data.h"
-
-namespace atom {
-
-class AtomSecurityStateModelClient
- : public security_state::SecurityStateModelClient,
- public content::WebContentsUserData<AtomSecurityStateModelClient> {
- public:
- ~AtomSecurityStateModelClient() override;
-
- const security_state::SecurityStateModel::SecurityInfo&
- GetSecurityInfo() const;
-
- // security_state::SecurityStateModelClient:
- void GetVisibleSecurityState(
- security_state::SecurityStateModel::VisibleSecurityState* state) override;
- bool RetrieveCert(scoped_refptr<net::X509Certificate>* cert) override;
- bool UsedPolicyInstalledCertificate() override;
- bool IsOriginSecure(const GURL& url) override;
-
- private:
- explicit AtomSecurityStateModelClient(content::WebContents* web_contents);
- friend class content::WebContentsUserData<AtomSecurityStateModelClient>;
-
- content::WebContents* web_contents_;
- std::unique_ptr<security_state::SecurityStateModel> security_state_model_;
-
- DISALLOW_COPY_AND_ASSIGN(AtomSecurityStateModelClient);
-};
-
-} // namespace atom
-
-#endif // ATOM_BROWSER_ATOM_SECURITY_STATE_MODEL_CLIENT_H_
#include "atom/browser/atom_browser_context.h"
#include "atom/browser/atom_javascript_dialog_manager.h"
-#include "atom/browser/atom_security_state_model_client.h"
#include "atom/browser/native_window.h"
#include "atom/browser/ui/file_dialog.h"
#include "atom/browser/web_dialog_helper.h"
#include "base/files/file_util.h"
#include "chrome/browser/printing/print_preview_message_handler.h"
#include "chrome/browser/printing/print_view_manager_basic.h"
+#include "chrome/browser/ssl/security_state_tab_helper.h"
#include "chrome/browser/ui/browser_dialogs.h"
#include "chrome/common/pref_names.h"
#include "components/prefs/pref_service.h"
#include "components/prefs/scoped_user_pref_update.h"
+#include "components/security_state/content/content_utils.h"
+#include "components/security_state/core/security_state.h"
#include "content/public/browser/browser_thread.h"
#include "content/public/browser/child_process_security_policy.h"
#include "content/public/browser/render_process_host.h"
#include "storage/browser/fileapi/isolated_context.h"
using content::BrowserThread;
-using security_state::SecurityStateModel;
namespace atom {
return file_system_paths.find(file_system_path) != file_system_paths.end();
}
-blink::WebSecurityStyle SecurityLevelToSecurityStyle(
- security_state::SecurityLevel security_level) {
- switch (security_level) {
- case security_state::NONE:
- case security_state::HTTP_SHOW_WARNING:
- return blink::WebSecurityStyleUnauthenticated;
- case security_state::SECURITY_WARNING:
- case security_state::SECURE_WITH_POLICY_INSTALLED_CERT:
- return blink::WebSecurityStyleWarning;
- case security_state::EV_SECURE:
- case security_state::SECURE:
- return blink::WebSecurityStyleAuthenticated;
- case security_state::DANGEROUS:
- return blink::WebSecurityStyleAuthenticationBroken;
- }
-
- NOTREACHED();
- return blink::WebSecurityStyleUnknown;
-}
-
} // namespace
CommonWebContentsDelegate::CommonWebContentsDelegate()
blink::WebSecurityStyle CommonWebContentsDelegate::GetSecurityStyle(
content::WebContents* web_contents,
- content::SecurityStyleExplanations* explanations) {
- auto model_client =
- AtomSecurityStateModelClient::FromWebContents(web_contents);
-
- const SecurityStateModel::SecurityInfo& security_info =
- model_client->GetSecurityInfo();
-
- const blink::WebSecurityStyle security_style =
- SecurityLevelToSecurityStyle(security_info.security_level);
-
- explanations->ran_insecure_content_style =
- SecurityLevelToSecurityStyle(
- SecurityStateModel::kRanInsecureContentLevel);
- explanations->displayed_insecure_content_style =
- SecurityLevelToSecurityStyle(
- SecurityStateModel::kDisplayedInsecureContentLevel);
-
- explanations->scheme_is_cryptographic = security_info.scheme_is_cryptographic;
- if (!security_info.scheme_is_cryptographic)
- return security_style;
-
- if (security_info.sha1_deprecation_status ==
- SecurityStateModel::DEPRECATED_SHA1_MAJOR) {
- explanations->broken_explanations.push_back(
- content::SecurityStyleExplanation(
- kSHA1Certificate,
- kSHA1MajorDescription,
- security_info.cert_id));
- } else if (security_info.sha1_deprecation_status ==
- SecurityStateModel::DEPRECATED_SHA1_MINOR) {
- explanations->unauthenticated_explanations.push_back(
- content::SecurityStyleExplanation(
- kSHA1Certificate,
- kSHA1MinorDescription,
- security_info.cert_id));
- }
-
- explanations->ran_insecure_content =
- security_info.mixed_content_status ==
- security_state::SecurityStateModel::CONTENT_STATUS_RAN ||
- security_info.mixed_content_status ==
- security_state::SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN;
- explanations->displayed_insecure_content =
- security_info.mixed_content_status ==
- security_state::SecurityStateModel::CONTENT_STATUS_DISPLAYED ||
- security_info.mixed_content_status ==
- security_state::SecurityStateModel::CONTENT_STATUS_DISPLAYED_AND_RAN;
-
- if (net::IsCertStatusError(security_info.cert_status)) {
- std::string error_string = net::ErrorToString(
- net::MapCertStatusToNetError(security_info.cert_status));
-
- content::SecurityStyleExplanation explanation(
- kCertificateError,
- "There are issues with the site's certificate chain " + error_string,
- security_info.cert_id);
-
- if (net::IsCertStatusMinorError(security_info.cert_status))
- explanations->unauthenticated_explanations.push_back(explanation);
- else
- explanations->broken_explanations.push_back(explanation);
- } else {
- if (security_info.sha1_deprecation_status ==
- SecurityStateModel::NO_DEPRECATED_SHA1) {
- explanations->secure_explanations.push_back(
- content::SecurityStyleExplanation(
- kValidCertificate,
- kValidCertificateDescription,
- security_info.cert_id));
- }
- }
-
- return security_style;
+ content::SecurityStyleExplanations* security_style_explanations) {
+ SecurityStateTabHelper* helper =
+ SecurityStateTabHelper::FromWebContents(web_contents);
+ DCHECK(helper);
+ security_state::SecurityInfo security_info;
+ helper->GetSecurityInfo(&security_info);
+ return security_state::GetSecurityStyle(security_info,
+ security_style_explanations);
}
void CommonWebContentsDelegate::DevToolsSaveToFile(
--- /dev/null
+// Copyright 2015 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/ssl/security_state_tab_helper.h"
+
+#include "base/bind.h"
+#include "base/metrics/histogram_macros.h"
+#include "base/time/time.h"
+#include "build/build_config.h"
+#if 0
+#include "chrome/browser/browser_process.h"
+#include "chrome/browser/chromeos/policy/policy_cert_service.h"
+#include "chrome/browser/chromeos/policy/policy_cert_service_factory.h"
+#include "chrome/browser/profiles/profile.h"
+#include "chrome/browser/safe_browsing/safe_browsing_service.h"
+#include "chrome/browser/safe_browsing/ui_manager.h"
+#endif
+#include "components/prefs/pref_service.h"
+#include "components/security_state/content/content_utils.h"
+#include "components/ssl_config/ssl_config_prefs.h"
+#include "content/public/browser/navigation_entry.h"
+#include "content/public/browser/navigation_handle.h"
+#include "content/public/browser/render_frame_host.h"
+#include "content/public/browser/web_contents.h"
+#include "content/public/common/origin_util.h"
+#include "net/base/net_errors.h"
+#include "net/cert/x509_certificate.h"
+#include "net/ssl/ssl_cipher_suite_names.h"
+#include "net/ssl/ssl_connection_status_flags.h"
+#include "third_party/boringssl/src/include/openssl/ssl.h"
+#include "ui/base/l10n/l10n_util.h"
+
+DEFINE_WEB_CONTENTS_USER_DATA_KEY(SecurityStateTabHelper);
+
+#if 0
+using safe_browsing::SafeBrowsingUIManager;
+#endif
+
+SecurityStateTabHelper::SecurityStateTabHelper(
+ content::WebContents* web_contents)
+ : content::WebContentsObserver(web_contents),
+ logged_http_warning_on_current_navigation_(false) {}
+
+SecurityStateTabHelper::~SecurityStateTabHelper() {}
+
+void SecurityStateTabHelper::GetSecurityInfo(
+ security_state::SecurityInfo* result) const {
+ security_state::GetSecurityInfo(GetVisibleSecurityState(),
+ UsedPolicyInstalledCertificate(),
+ base::Bind(&content::IsOriginSecure), result);
+}
+
+void SecurityStateTabHelper::VisibleSecurityStateChanged() {
+ if (logged_http_warning_on_current_navigation_)
+ return;
+
+ security_state::SecurityInfo security_info;
+ GetSecurityInfo(&security_info);
+ if (!security_info.displayed_password_field_on_http &&
+ !security_info.displayed_credit_card_field_on_http) {
+ return;
+ }
+
+ DCHECK(time_of_http_warning_on_current_navigation_.is_null());
+ time_of_http_warning_on_current_navigation_ = base::Time::Now();
+
+ std::string warning;
+ bool warning_is_user_visible = false;
+ switch (security_info.security_level) {
+ case security_state::HTTP_SHOW_WARNING:
+ warning =
+ "This page includes a password or credit card input in a non-secure "
+ "context. A warning has been added to the URL bar. For more "
+ "information, see https://goo.gl/zmWq3m.";
+ warning_is_user_visible = true;
+ break;
+ case security_state::NONE:
+ case security_state::DANGEROUS:
+ warning =
+ "This page includes a password or credit card input in a non-secure "
+ "context. A warning will be added to the URL bar in Chrome 56 (Jan "
+ "2017). For more information, see https://goo.gl/zmWq3m.";
+ break;
+ default:
+ return;
+ }
+
+ logged_http_warning_on_current_navigation_ = true;
+ web_contents()->GetMainFrame()->AddMessageToConsole(
+ content::CONSOLE_MESSAGE_LEVEL_WARNING, warning);
+
+ if (security_info.displayed_credit_card_field_on_http) {
+ UMA_HISTOGRAM_BOOLEAN(
+ "Security.HTTPBad.UserWarnedAboutSensitiveInput.CreditCard",
+ warning_is_user_visible);
+ }
+ if (security_info.displayed_password_field_on_http) {
+ UMA_HISTOGRAM_BOOLEAN(
+ "Security.HTTPBad.UserWarnedAboutSensitiveInput.Password",
+ warning_is_user_visible);
+ }
+}
+
+void SecurityStateTabHelper::DidStartNavigation(
+ content::NavigationHandle* navigation_handle) {
+ if (time_of_http_warning_on_current_navigation_.is_null() ||
+ !navigation_handle->IsInMainFrame() || navigation_handle->IsSamePage()) {
+ return;
+ }
+ // Record how quickly a user leaves a site after encountering an
+ // HTTP-bad warning. A navigation here only counts if it is a
+ // main-frame, not-same-page navigation, since it aims to measure how
+ // quickly a user leaves a site after seeing the HTTP warning.
+ UMA_HISTOGRAM_LONG_TIMES(
+ "Security.HTTPBad.NavigationStartedAfterUserWarnedAboutSensitiveInput",
+ base::Time::Now() - time_of_http_warning_on_current_navigation_);
+ // After recording the histogram, clear the time of the warning. A
+ // timing histogram will not be recorded again on this page, because
+ // the time is only set the first time the HTTP-bad warning is shown
+ // per page.
+ time_of_http_warning_on_current_navigation_ = base::Time();
+}
+
+void SecurityStateTabHelper::DidFinishNavigation(
+ content::NavigationHandle* navigation_handle) {
+ if (navigation_handle->IsInMainFrame() && !navigation_handle->IsSamePage()) {
+ // Only reset the console message flag for main-frame navigations,
+ // and not for same-page navigations like reference fragments and pushState.
+ logged_http_warning_on_current_navigation_ = false;
+ }
+}
+
+void SecurityStateTabHelper::WebContentsDestroyed() {
+ if (time_of_http_warning_on_current_navigation_.is_null()) {
+ return;
+ }
+ // Record how quickly the tab is closed after a user encounters an
+ // HTTP-bad warning. This histogram will only be recorded if the
+ // WebContents is destroyed before another navigation begins.
+ UMA_HISTOGRAM_LONG_TIMES(
+ "Security.HTTPBad.WebContentsDestroyedAfterUserWarnedAboutSensitiveInput",
+ base::Time::Now() - time_of_http_warning_on_current_navigation_);
+}
+
+bool SecurityStateTabHelper::UsedPolicyInstalledCertificate() const {
+#if defined(OS_CHROMEOS)
+ policy::PolicyCertService* service =
+ policy::PolicyCertServiceFactory::GetForProfile(
+ Profile::FromBrowserContext(web_contents()->GetBrowserContext()));
+ if (service && service->UsedPolicyCertificates())
+ return true;
+#endif
+ return false;
+}
+
+#if 0
+security_state::MaliciousContentStatus
+SecurityStateTabHelper::GetMaliciousContentStatus() const {
+ content::NavigationEntry* entry =
+ web_contents()->GetController().GetVisibleEntry();
+ if (!entry)
+ return security_state::MALICIOUS_CONTENT_STATUS_NONE;
+ safe_browsing::SafeBrowsingService* sb_service =
+ g_browser_process->safe_browsing_service();
+ if (!sb_service)
+ return security_state::MALICIOUS_CONTENT_STATUS_NONE;
+ scoped_refptr<SafeBrowsingUIManager> sb_ui_manager = sb_service->ui_manager();
+ safe_browsing::SBThreatType threat_type;
+ if (sb_ui_manager->IsUrlWhitelistedOrPendingForWebContents(
+ entry->GetURL(), false, entry, web_contents(), false, &threat_type)) {
+ switch (threat_type) {
+ case safe_browsing::SB_THREAT_TYPE_UNUSED:
+ case safe_browsing::SB_THREAT_TYPE_SAFE:
+ break;
+ case safe_browsing::SB_THREAT_TYPE_URL_PHISHING:
+ case safe_browsing::SB_THREAT_TYPE_CLIENT_SIDE_PHISHING_URL:
+ return security_state::MALICIOUS_CONTENT_STATUS_SOCIAL_ENGINEERING;
+ break;
+ case safe_browsing::SB_THREAT_TYPE_URL_MALWARE:
+ case safe_browsing::SB_THREAT_TYPE_CLIENT_SIDE_MALWARE_URL:
+ return security_state::MALICIOUS_CONTENT_STATUS_MALWARE;
+ break;
+ case safe_browsing::SB_THREAT_TYPE_URL_UNWANTED:
+ return security_state::MALICIOUS_CONTENT_STATUS_UNWANTED_SOFTWARE;
+ break;
+ case safe_browsing::SB_THREAT_TYPE_BINARY_MALWARE_URL:
+ case safe_browsing::SB_THREAT_TYPE_EXTENSION:
+ case safe_browsing::SB_THREAT_TYPE_BLACKLISTED_RESOURCE:
+ case safe_browsing::SB_THREAT_TYPE_API_ABUSE:
+ // These threat types are not currently associated with
+ // interstitials, and thus resources with these threat types are
+ // not ever whitelisted or pending whitelisting.
+ NOTREACHED();
+ break;
+ }
+ }
+ return security_state::MALICIOUS_CONTENT_STATUS_NONE;
+}
+#endif
+
+std::unique_ptr<security_state::VisibleSecurityState>
+SecurityStateTabHelper::GetVisibleSecurityState() const {
+ auto state = security_state::GetVisibleSecurityState(web_contents());
+
+#if 0
+ // Malware status might already be known even if connection security
+ // information is still being initialized, thus no need to check for that.
+ state->malicious_content_status = GetMaliciousContentStatus();
+#endif
+
+ return state;
+}
--- /dev/null
+// Copyright 2015 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CHROME_BROWSER_SSL_SECURITY_STATE_TAB_HELPER_H_
+#define CHROME_BROWSER_SSL_SECURITY_STATE_TAB_HELPER_H_
+
+#include <memory>
+
+#include "base/macros.h"
+#include "components/security_state/core/security_state.h"
+#include "content/public/browser/web_contents_observer.h"
+#include "content/public/browser/web_contents_user_data.h"
+#include "third_party/WebKit/public/platform/WebSecurityStyle.h"
+
+namespace content {
+class NavigationHandle;
+class WebContents;
+} // namespace content
+
+// Tab helper provides the page's security status. Also logs console warnings
+// for private data on insecure pages.
+class SecurityStateTabHelper
+ : public content::WebContentsObserver,
+ public content::WebContentsUserData<SecurityStateTabHelper> {
+ public:
+ ~SecurityStateTabHelper() override;
+
+ // See security_state::GetSecurityInfo.
+ void GetSecurityInfo(
+ security_state::SecurityInfo* result) const;
+
+ // Called when the NavigationEntry's SSLStatus or other security
+ // information changes.
+ void VisibleSecurityStateChanged();
+
+ // content::WebContentsObserver:
+ void DidStartNavigation(
+ content::NavigationHandle* navigation_handle) override;
+ void DidFinishNavigation(
+ content::NavigationHandle* navigation_handle) override;
+ void WebContentsDestroyed() override;
+
+ private:
+ explicit SecurityStateTabHelper(content::WebContents* web_contents);
+ friend class content::WebContentsUserData<SecurityStateTabHelper>;
+
+ bool UsedPolicyInstalledCertificate() const;
+#if 0
+ security_state::MaliciousContentStatus GetMaliciousContentStatus() const;
+#endif
+ std::unique_ptr<security_state::VisibleSecurityState>
+ GetVisibleSecurityState() const;
+
+ // True if a console message has been logged about an omnibox warning that
+ // will be shown in future versions of Chrome for insecure HTTP pages. This
+ // message should only be logged once per main-frame navigation.
+ bool logged_http_warning_on_current_navigation_;
+
+ // The time that a console or omnibox warning was shown for insecure
+ // HTTP pages that contain password or credit card fields. This is set
+ // at most once per main-frame navigation (the first time that an HTTP
+ // warning triggers on that navigation) and is used for UMA
+ // histogramming.
+ base::Time time_of_http_warning_on_current_navigation_;
+
+ DISALLOW_COPY_AND_ASSIGN(SecurityStateTabHelper);
+};
+
+#endif // CHROME_BROWSER_SSL_SECURITY_STATE_TAB_HELPER_H_
'atom/browser/atom_quota_permission_context.h',
'atom/browser/atom_resource_dispatcher_host_delegate.cc',
'atom/browser/atom_resource_dispatcher_host_delegate.h',
- 'atom/browser/atom_security_state_model_client.cc',
- 'atom/browser/atom_security_state_model_client.h',
'atom/browser/atom_speech_recognition_manager_delegate.cc',
'atom/browser/atom_speech_recognition_manager_delegate.h',
'atom/browser/bridge_task_runner.cc',
'chromium_src/chrome/browser/speech/tts_platform.cc',
'chromium_src/chrome/browser/speech/tts_platform.h',
'chromium_src/chrome/browser/speech/tts_win.cc',
+ 'chromium_src/chrome/browser/ssl/security_state_tab_helper.cc',
+ 'chromium_src/chrome/browser/ssl/security_state_tab_helper.h',
'chromium_src/chrome/browser/ui/browser_dialogs.h',
'chromium_src/chrome/browser/ui/cocoa/color_chooser_mac.mm',
'chromium_src/chrome/browser/ui/views/color_chooser_aura.cc',