Add new certificateProvider extension API.
[chromium-blink-merge.git] / chrome / browser / ui / website_settings / website_settings.h
blobfa0cf6db99ba4ea295156eb37e00ecae71187db1
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CHROME_BROWSER_UI_WEBSITE_SETTINGS_WEBSITE_SETTINGS_H_
6 #define CHROME_BROWSER_UI_WEBSITE_SETTINGS_WEBSITE_SETTINGS_H_
8 #include "base/strings/string16.h"
9 #include "chrome/browser/content_settings/tab_specific_content_settings.h"
10 #include "components/content_settings/core/common/content_settings.h"
11 #include "components/content_settings/core/common/content_settings_types.h"
12 #include "content/public/common/signed_certificate_timestamp_id_and_status.h"
13 #include "url/gurl.h"
15 namespace content {
16 class CertStore;
17 struct SSLStatus;
18 class WebContents;
21 class ChromeSSLHostStateDelegate;
22 class HostContentSettingsMap;
23 class Profile;
24 class WebsiteSettingsUI;
26 // The |WebsiteSettings| provides information about a website's permissions,
27 // connection state and its identity. It owns a UI that displays the
28 // information and allows users to change the permissions. |WebsiteSettings|
29 // objects must be created on the heap. They destroy themselves after the UI is
30 // closed.
31 class WebsiteSettings : public TabSpecificContentSettings::SiteDataObserver {
32 public:
33 // TODO(palmer): Figure out if it is possible to unify SiteConnectionStatus
34 // and SiteIdentityStatus.
36 // Status of a connection to a website.
37 enum SiteConnectionStatus {
38 SITE_CONNECTION_STATUS_UNKNOWN = 0, // No status available.
39 SITE_CONNECTION_STATUS_ENCRYPTED, // Connection is encrypted.
40 SITE_CONNECTION_STATUS_MIXED_CONTENT, // Non-secure passive content.
41 SITE_CONNECTION_STATUS_MIXED_SCRIPT, // Non-secure active content.
42 SITE_CONNECTION_STATUS_UNENCRYPTED, // Connection is not encrypted.
43 SITE_CONNECTION_STATUS_ENCRYPTED_ERROR, // Connection error occurred.
44 SITE_CONNECTION_STATUS_INTERNAL_PAGE, // Internal site.
47 // Validation status of a website's identity.
48 enum SiteIdentityStatus {
49 // No status about the website's identity available.
50 SITE_IDENTITY_STATUS_UNKNOWN = 0,
51 // The website provided a valid certificate.
52 SITE_IDENTITY_STATUS_CERT,
53 // The website provided a valid EV certificate.
54 SITE_IDENTITY_STATUS_EV_CERT,
55 // The website provided a valid certificate but no revocation check could be
56 // performed.
57 SITE_IDENTITY_STATUS_CERT_REVOCATION_UNKNOWN,
58 // Site identity could not be verified because the site did not provide a
59 // certificate. This is the expected state for HTTP connections.
60 SITE_IDENTITY_STATUS_NO_CERT,
61 // An error occured while verifying the site identity.
62 SITE_IDENTITY_STATUS_ERROR,
63 // The site is a trusted internal chrome page.
64 SITE_IDENTITY_STATUS_INTERNAL_PAGE,
65 // The profile has accessed data using an administrator-provided
66 // certificate, so the administrator might be able to intercept data.
67 SITE_IDENTITY_STATUS_ADMIN_PROVIDED_CERT,
68 // The website provided a valid certificate, but the certificate or chain
69 // is using a deprecated signature algorithm.
70 SITE_IDENTITY_STATUS_DEPRECATED_SIGNATURE_ALGORITHM,
73 // UMA statistics for WebsiteSettings. Do not reorder or remove existing
74 // fields.
75 enum WebsiteSettingsAction {
76 WEBSITE_SETTINGS_OPENED = 0,
77 WEBSITE_SETTINGS_PERMISSIONS_TAB_SELECTED = 1,
78 WEBSITE_SETTINGS_CONNECTION_TAB_SELECTED = 2,
79 WEBSITE_SETTINGS_CONNECTION_TAB_SHOWN_IMMEDIATELY = 3,
80 WEBSITE_SETTINGS_COOKIES_DIALOG_OPENED = 4,
81 WEBSITE_SETTINGS_CHANGED_PERMISSION = 5,
82 WEBSITE_SETTINGS_CERTIFICATE_DIALOG_OPENED = 6,
83 // No longer used; indicated a UI viewer for SCTs.
84 // WEBSITE_SETTINGS_TRANSPARENCY_VIEWER_OPENED = 7,
85 WEBSITE_SETTINGS_CONNECTION_HELP_OPENED = 8,
86 WEBSITE_SETTINGS_SITE_SETTINGS_OPENED = 9,
87 WEBSITE_SETTINGS_COUNT
90 // Creates a WebsiteSettings for the passed |url| using the given |ssl| status
91 // object to determine the status of the site's connection. The
92 // |WebsiteSettings| takes ownership of the |ui|.
93 WebsiteSettings(WebsiteSettingsUI* ui,
94 Profile* profile,
95 TabSpecificContentSettings* tab_specific_content_settings,
96 content::WebContents* web_contents,
97 const GURL& url,
98 const content::SSLStatus& ssl,
99 content::CertStore* cert_store);
100 ~WebsiteSettings() override;
102 void RecordWebsiteSettingsAction(WebsiteSettingsAction action);
104 // This method is called when ever a permission setting is changed.
105 void OnSitePermissionChanged(ContentSettingsType type,
106 ContentSetting value);
108 // This method is called by the UI when the UI is closing.
109 void OnUIClosing();
111 // This method is called when the revoke SSL error bypass button is pressed.
112 void OnRevokeSSLErrorBypassButtonPressed();
114 // Accessors.
115 SiteConnectionStatus site_connection_status() const {
116 return site_connection_status_;
119 const GURL& site_url() const { return site_url_; }
121 SiteIdentityStatus site_identity_status() const {
122 return site_identity_status_;
125 base::string16 site_connection_details() const {
126 return site_connection_details_;
129 base::string16 site_identity_details() const {
130 return site_identity_details_;
133 base::string16 organization_name() const {
134 return organization_name_;
137 // SiteDataObserver implementation.
138 void OnSiteDataAccessed() override;
140 private:
141 // Initializes the |WebsiteSettings|.
142 void Init(Profile* profile,
143 const GURL& url,
144 const content::SSLStatus& ssl);
146 // Sets (presents) the information about the site's permissions in the |ui_|.
147 void PresentSitePermissions();
149 // Sets (presents) the information about the site's data in the |ui_|.
150 void PresentSiteData();
152 // Sets (presents) the information about the site's identity and connection
153 // in the |ui_|.
154 void PresentSiteIdentity();
156 // The website settings UI displays information and controls for site-
157 // specific data (local stored objects like cookies), site-specific
158 // permissions (location, pop-up, plugin, etc. permissions) and site-specific
159 // information (identity, connection status, etc.).
160 WebsiteSettingsUI* ui_;
162 // The WebContents of the active tab.
163 content::WebContents* web_contents_;
165 // The flag that controls whether an infobar is displayed after the website
166 // settings UI is closed or not.
167 bool show_info_bar_;
169 // The Omnibox URL of the website for which to display site permissions and
170 // site information.
171 GURL site_url_;
173 // Status of the website's identity verification check.
174 SiteIdentityStatus site_identity_status_;
176 // For secure connection |cert_id_| is set to the ID of the server
177 // certificate. For non secure connections |cert_id_| is 0.
178 int cert_id_;
179 // For secure connection, |signed_certificate_timestamp_ids_| is the list of
180 // all Signed Certificate Timestamps and their validation status.
181 // Empty if no SCTs accompanied the certificate
182 content::SignedCertificateTimestampIDStatusList
183 signed_certificate_timestamp_ids_;
185 // Status of the connection to the website.
186 SiteConnectionStatus site_connection_status_;
188 // TODO(markusheintz): Move the creation of all the base::string16 typed UI
189 // strings below to the corresponding UI code, in order to prevent
190 // unnecessary UTF-8 string conversions.
192 // Details about the website's identity. If the website's identity has been
193 // verified then |site_identity_details_| contains who verified the identity.
194 // This string will be displayed in the UI.
195 base::string16 site_identity_details_;
197 // Set when the user has explicitly bypassed an SSL error for this host or
198 // explicitly denied it (the latter of which is not currently possible in the
199 // Chrome UI). When |show_ssl_decision_revoke_button| is true, the connection
200 // area of the page info will include an option for the user to revoke their
201 // decision to bypass the SSL error for this host.
202 bool show_ssl_decision_revoke_button_;
204 // Details about the connection to the website. In case of an encrypted
205 // connection |site_connection_details_| contains encryption details, like
206 // encryption strength and ssl protocol version. This string will be
207 // displayed in the UI.
208 base::string16 site_connection_details_;
210 // For websites that provided an EV certificate |orgainization_name_|
211 // contains the organization name of the certificate. In all other cases
212 // |organization_name| is an empty string. This string will be displayed in
213 // the UI.
214 base::string16 organization_name_;
216 // The |CertStore| provides all X509Certificates.
217 content::CertStore* cert_store_;
219 // The |HostContentSettingsMap| is the service that provides and manages
220 // content settings (aka. site permissions).
221 HostContentSettingsMap* content_settings_;
223 // Service for managing SSL error page bypasses. Used to revoke bypass
224 // decisions by users.
225 ChromeSSLHostStateDelegate* chrome_ssl_host_state_delegate_;
227 bool did_revoke_user_ssl_decisions_;
229 DISALLOW_COPY_AND_ASSIGN(WebsiteSettings);
232 #endif // CHROME_BROWSER_UI_WEBSITE_SETTINGS_WEBSITE_SETTINGS_H_