1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CHROME_BROWSER_UI_WEBSITE_SETTINGS_WEBSITE_SETTINGS_H_
6 #define CHROME_BROWSER_UI_WEBSITE_SETTINGS_WEBSITE_SETTINGS_H_
8 #include "base/strings/string16.h"
9 #include "chrome/browser/content_settings/tab_specific_content_settings.h"
10 #include "components/content_settings/core/common/content_settings.h"
11 #include "components/content_settings/core/common/content_settings_types.h"
12 #include "content/public/common/signed_certificate_timestamp_id_and_status.h"
21 class ChromeSSLHostStateDelegate
;
22 class HostContentSettingsMap
;
24 class WebsiteSettingsUI
;
26 // The |WebsiteSettings| provides information about a website's permissions,
27 // connection state and its identity. It owns a UI that displays the
28 // information and allows users to change the permissions. |WebsiteSettings|
29 // objects must be created on the heap. They destroy themselves after the UI is
31 class WebsiteSettings
: public TabSpecificContentSettings::SiteDataObserver
{
33 // TODO(palmer): Figure out if it is possible to unify SiteConnectionStatus
34 // and SiteIdentityStatus.
36 // Status of a connection to a website.
37 enum SiteConnectionStatus
{
38 SITE_CONNECTION_STATUS_UNKNOWN
= 0, // No status available.
39 SITE_CONNECTION_STATUS_ENCRYPTED
, // Connection is encrypted.
40 SITE_CONNECTION_STATUS_MIXED_CONTENT
, // Non-secure passive content.
41 SITE_CONNECTION_STATUS_MIXED_SCRIPT
, // Non-secure active content.
42 SITE_CONNECTION_STATUS_UNENCRYPTED
, // Connection is not encrypted.
43 SITE_CONNECTION_STATUS_ENCRYPTED_ERROR
, // Connection error occurred.
44 SITE_CONNECTION_STATUS_INTERNAL_PAGE
, // Internal site.
47 // Validation status of a website's identity.
48 enum SiteIdentityStatus
{
49 // No status about the website's identity available.
50 SITE_IDENTITY_STATUS_UNKNOWN
= 0,
51 // The website provided a valid certificate.
52 SITE_IDENTITY_STATUS_CERT
,
53 // The website provided a valid EV certificate.
54 SITE_IDENTITY_STATUS_EV_CERT
,
55 // The website provided a valid certificate but no revocation check could be
57 SITE_IDENTITY_STATUS_CERT_REVOCATION_UNKNOWN
,
58 // Site identity could not be verified because the site did not provide a
59 // certificate. This is the expected state for HTTP connections.
60 SITE_IDENTITY_STATUS_NO_CERT
,
61 // An error occured while verifying the site identity.
62 SITE_IDENTITY_STATUS_ERROR
,
63 // The site is a trusted internal chrome page.
64 SITE_IDENTITY_STATUS_INTERNAL_PAGE
,
65 // The profile has accessed data using an administrator-provided
66 // certificate, so the administrator might be able to intercept data.
67 SITE_IDENTITY_STATUS_ADMIN_PROVIDED_CERT
,
68 // The website provided a valid certificate, but the certificate or chain
69 // is using a deprecated signature algorithm.
70 SITE_IDENTITY_STATUS_DEPRECATED_SIGNATURE_ALGORITHM
,
73 // UMA statistics for WebsiteSettings. Do not reorder or remove existing
75 enum WebsiteSettingsAction
{
76 WEBSITE_SETTINGS_OPENED
= 0,
77 WEBSITE_SETTINGS_PERMISSIONS_TAB_SELECTED
= 1,
78 WEBSITE_SETTINGS_CONNECTION_TAB_SELECTED
= 2,
79 WEBSITE_SETTINGS_CONNECTION_TAB_SHOWN_IMMEDIATELY
= 3,
80 WEBSITE_SETTINGS_COOKIES_DIALOG_OPENED
= 4,
81 WEBSITE_SETTINGS_CHANGED_PERMISSION
= 5,
82 WEBSITE_SETTINGS_CERTIFICATE_DIALOG_OPENED
= 6,
83 // No longer used; indicated a UI viewer for SCTs.
84 // WEBSITE_SETTINGS_TRANSPARENCY_VIEWER_OPENED = 7,
85 WEBSITE_SETTINGS_CONNECTION_HELP_OPENED
= 8,
86 WEBSITE_SETTINGS_SITE_SETTINGS_OPENED
= 9,
87 WEBSITE_SETTINGS_COUNT
90 // Creates a WebsiteSettings for the passed |url| using the given |ssl| status
91 // object to determine the status of the site's connection. The
92 // |WebsiteSettings| takes ownership of the |ui|.
93 WebsiteSettings(WebsiteSettingsUI
* ui
,
95 TabSpecificContentSettings
* tab_specific_content_settings
,
96 content::WebContents
* web_contents
,
98 const content::SSLStatus
& ssl
,
99 content::CertStore
* cert_store
);
100 ~WebsiteSettings() override
;
102 void RecordWebsiteSettingsAction(WebsiteSettingsAction action
);
104 // This method is called when ever a permission setting is changed.
105 void OnSitePermissionChanged(ContentSettingsType type
,
106 ContentSetting value
);
108 // This method is called by the UI when the UI is closing.
111 // This method is called when the revoke SSL error bypass button is pressed.
112 void OnRevokeSSLErrorBypassButtonPressed();
115 SiteConnectionStatus
site_connection_status() const {
116 return site_connection_status_
;
119 const GURL
& site_url() const { return site_url_
; }
121 SiteIdentityStatus
site_identity_status() const {
122 return site_identity_status_
;
125 base::string16
site_connection_details() const {
126 return site_connection_details_
;
129 base::string16
site_identity_details() const {
130 return site_identity_details_
;
133 base::string16
organization_name() const {
134 return organization_name_
;
137 // SiteDataObserver implementation.
138 void OnSiteDataAccessed() override
;
141 // Initializes the |WebsiteSettings|.
142 void Init(Profile
* profile
,
144 const content::SSLStatus
& ssl
);
146 // Sets (presents) the information about the site's permissions in the |ui_|.
147 void PresentSitePermissions();
149 // Sets (presents) the information about the site's data in the |ui_|.
150 void PresentSiteData();
152 // Sets (presents) the information about the site's identity and connection
154 void PresentSiteIdentity();
156 // The website settings UI displays information and controls for site-
157 // specific data (local stored objects like cookies), site-specific
158 // permissions (location, pop-up, plugin, etc. permissions) and site-specific
159 // information (identity, connection status, etc.).
160 WebsiteSettingsUI
* ui_
;
162 // The WebContents of the active tab.
163 content::WebContents
* web_contents_
;
165 // The flag that controls whether an infobar is displayed after the website
166 // settings UI is closed or not.
169 // The Omnibox URL of the website for which to display site permissions and
173 // Status of the website's identity verification check.
174 SiteIdentityStatus site_identity_status_
;
176 // For secure connection |cert_id_| is set to the ID of the server
177 // certificate. For non secure connections |cert_id_| is 0.
179 // For secure connection, |signed_certificate_timestamp_ids_| is the list of
180 // all Signed Certificate Timestamps and their validation status.
181 // Empty if no SCTs accompanied the certificate
182 content::SignedCertificateTimestampIDStatusList
183 signed_certificate_timestamp_ids_
;
185 // Status of the connection to the website.
186 SiteConnectionStatus site_connection_status_
;
188 // TODO(markusheintz): Move the creation of all the base::string16 typed UI
189 // strings below to the corresponding UI code, in order to prevent
190 // unnecessary UTF-8 string conversions.
192 // Details about the website's identity. If the website's identity has been
193 // verified then |site_identity_details_| contains who verified the identity.
194 // This string will be displayed in the UI.
195 base::string16 site_identity_details_
;
197 // Set when the user has explicitly bypassed an SSL error for this host or
198 // explicitly denied it (the latter of which is not currently possible in the
199 // Chrome UI). When |show_ssl_decision_revoke_button| is true, the connection
200 // area of the page info will include an option for the user to revoke their
201 // decision to bypass the SSL error for this host.
202 bool show_ssl_decision_revoke_button_
;
204 // Details about the connection to the website. In case of an encrypted
205 // connection |site_connection_details_| contains encryption details, like
206 // encryption strength and ssl protocol version. This string will be
207 // displayed in the UI.
208 base::string16 site_connection_details_
;
210 // For websites that provided an EV certificate |orgainization_name_|
211 // contains the organization name of the certificate. In all other cases
212 // |organization_name| is an empty string. This string will be displayed in
214 base::string16 organization_name_
;
216 // The |CertStore| provides all X509Certificates.
217 content::CertStore
* cert_store_
;
219 // The |HostContentSettingsMap| is the service that provides and manages
220 // content settings (aka. site permissions).
221 HostContentSettingsMap
* content_settings_
;
223 // Service for managing SSL error page bypasses. Used to revoke bypass
224 // decisions by users.
225 ChromeSSLHostStateDelegate
* chrome_ssl_host_state_delegate_
;
227 bool did_revoke_user_ssl_decisions_
;
229 DISALLOW_COPY_AND_ASSIGN(WebsiteSettings
);
232 #endif // CHROME_BROWSER_UI_WEBSITE_SETTINGS_WEBSITE_SETTINGS_H_