1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef CONTENT_PUBLIC_BROWSER_SSL_HOST_STATE_DELEGATE_H_
6 #define CONTENT_PUBLIC_BROWSER_SSL_HOST_STATE_DELEGATE_H_
7 
8 #include <memory>
9 
10 #include "base/callback_forward.h"
11 #include "base/memory/ref_counted.h"
12 #include "content/common/content_export.h"
13 #include "net/cert/x509_certificate.h"
14 
15 namespace content {
16 
17 class WebContents;
18 
19 // The SSLHostStateDelegate encapulates the host-specific state for SSL errors.
20 // For example, SSLHostStateDelegate remembers whether the user has whitelisted
21 // a particular broken cert for use with particular host.  We separate this
22 // state from the SSLManager because this state is shared across many navigation
23 // controllers.
24 //
25 // SSLHostStateDelegate may be implemented by the embedder to provide a storage
26 // strategy for certificate decisions or it may be left unimplemented to use a
27 // default strategy of not remembering decisions at all.
28 class SSLHostStateDelegate {
29  public:
30   // The judgements that can be reached by a user for invalid certificates.
31   enum CertJudgment {
32     DENIED,
33     ALLOWED
34   };
35 
36   // The types of nonsecure subresources that this class keeps track of.
37   enum InsecureContentType {
38     // A  MIXED subresource was loaded over HTTP on an HTTPS page.
39     MIXED_CONTENT,
40     // A CERT_ERRORS subresource was loaded over HTTPS with certificate
41     // errors on an HTTPS page.
42     CERT_ERRORS_CONTENT,
43   };
44 
45   // Records that |cert| is permitted to be used for |host| in the future, for
46   // a specified |error| type.
47   virtual void AllowCert(const std::string&,
48                          const net::X509Certificate& cert,
49                          int error,
50                          WebContents* web_contents) = 0;
51 
52   // Clear allow preferences matched by |host_filter|. If the filter is null,
53   // clear all preferences.
54   virtual void Clear(
55       base::RepeatingCallback<bool(const std::string&)> host_filter) = 0;
56 
57   // Queries whether |cert| is allowed for |host| and |error|. Returns true in
58   virtual CertJudgment QueryPolicy(const std::string& host,
59                                    const net::X509Certificate& cert,
60                                    int error,
61                                    WebContents* web_contents) = 0;
62 
63   // Records that a host has run insecure content of the given |content_type|.
64   virtual void HostRanInsecureContent(const std::string& host,
65                                       int child_id,
66                                       InsecureContentType content_type) = 0;
67 
68   // Returns whether the specified host ran insecure content of the given
69   // |content_type|.
70   virtual bool DidHostRunInsecureContent(const std::string& host,
71                                          int child_id,
72                                          InsecureContentType content_type) = 0;
73 
74   // Revokes all SSL certificate error allow exceptions made by the user for
75   // |host|.
76   virtual void RevokeUserAllowExceptions(const std::string& host) = 0;
77 
78   // Returns whether the user has allowed a certificate error exception for
79   // |host|. This does not mean that *all* certificate errors are allowed, just
80   // that there exists an exception. To see if a particular certificate and
81   // error combination exception is allowed, use QueryPolicy().
82   virtual bool HasAllowException(const std::string& host,
83                                  WebContents* web_contents) = 0;
84 
85  protected:
~SSLHostStateDelegate()86   virtual ~SSLHostStateDelegate() {}
87 };
88 
89 }  // namespace content
90 
91 #endif  // CONTENT_PUBLIC_BROWSER_SSL_HOST_STATE_DELEGATE_H_
92