1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CHROME_BROWSER_SSL_SSL_BLOCKING_PAGE_H_
6 #define CHROME_BROWSER_SSL_SSL_BLOCKING_PAGE_H_
11 #include "base/callback.h"
12 #include "base/strings/string16.h"
13 #include "base/task/cancelable_task_tracker.h"
14 #include "base/time/time.h"
15 #include "chrome/browser/history/history_service.h"
16 #include "content/public/browser/interstitial_page_delegate.h"
17 #include "net/ssl/ssl_info.h"
21 class DictionaryValue;
25 class InterstitialPage;
29 #if defined(ENABLE_EXTENSIONS)
30 namespace extensions {
31 class ExperienceSamplingEvent;
35 class SSLErrorClassification;
37 // This class is responsible for showing/hiding the interstitial page that is
38 // shown when a certificate error happens.
39 // It deletes itself when the interstitial page is closed.
40 class SSLBlockingPage : public content::InterstitialPageDelegate {
42 // These represent the commands sent from the interstitial JavaScript. They
43 // are defined in chrome/browser/resources/ssl/ssl_errors_common.js.
44 // DO NOT reorder or change these without also changing the JavaScript!
45 enum SSLBlockingPageCommands {
54 enum SSLBlockingPageOptionsMask {
56 STRICT_ENFORCEMENT = 1 << 1,
57 EXPIRED_BUT_PREVIOUSLY_ALLOWED = 1 << 2
60 ~SSLBlockingPage() override;
62 // Create an interstitial and show it.
65 // Creates an SSL blocking page. If the blocking page isn't shown, the caller
66 // is responsible for cleaning up the blocking page, otherwise the
67 // interstitial takes ownership when shown. |options_mask| must be a bitwise
68 // mask of SSLBlockingPageOptionsMask values.
69 SSLBlockingPage(content::WebContents* web_contents,
71 const net::SSLInfo& ssl_info,
72 const GURL& request_url,
74 const base::Callback<void(bool)>& callback);
76 // A method that sets strings in the specified dictionary from the passed
77 // vector so that they can be used to resource the ssl_roadblock.html/
78 // ssl_error.html files.
79 // Note: there can be up to 5 strings in |extra_info|.
80 static void SetExtraInfo(base::DictionaryValue* strings,
81 const std::vector<base::string16>& extra_info);
84 // InterstitialPageDelegate implementation.
85 std::string GetHTMLContents() override;
86 void CommandReceived(const std::string& command) override;
87 void OverrideEntry(content::NavigationEntry* entry) override;
88 void OverrideRendererPrefs(content::RendererPreferences* prefs) override;
89 void OnProceed() override;
90 void OnDontProceed() override;
93 void NotifyDenyCertificate();
94 void NotifyAllowCertificate();
96 // Used to query the HistoryService to see if the URL is in history. For UMA.
97 void OnGotHistoryCount(bool success, int num_visits, base::Time first_visit);
99 base::Callback<void(bool)> callback_;
101 content::WebContents* web_contents_;
102 const int cert_error_;
103 const net::SSLInfo ssl_info_;
104 const GURL request_url_;
105 // There are two ways for the user to override an interstitial:
107 // overridable_) By clicking on "Advanced" and then "Proceed".
108 // - This corresponds to "the user can override using the UI".
109 // danger_overridable_) By typing the word "danger".
110 // - This is an undocumented workaround.
111 // - This can be set to "false" dynamically to prevent the behaviour.
112 const bool overridable_;
113 bool danger_overridable_;
114 // Has the site requested strict enforcement of certificate errors?
115 const bool strict_enforcement_;
116 content::InterstitialPage* interstitial_page_; // Owns us.
117 // Is the hostname for an internal network?
119 // How many times is this same URL in history?
121 // Used for getting num_visits_.
122 base::CancelableTaskTracker request_tracker_;
123 // Did the user previously allow a bad certificate but the decision has now
125 const bool expired_but_previously_allowed_;
126 scoped_ptr<SSLErrorClassification> ssl_error_classification_;
128 #if defined(ENABLE_EXTENSIONS)
129 // For Chrome Experience Sampling Platform: this maintains event state.
130 scoped_ptr<extensions::ExperienceSamplingEvent> sampling_event_;
133 content::NotificationRegistrar registrar_;
135 DISALLOW_COPY_AND_ASSIGN(SSLBlockingPage);
138 #endif // CHROME_BROWSER_SSL_SSL_BLOCKING_PAGE_H_