search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge Chromium + Blink git repositories
[chromium-blink-merge.git] / chrome / browser / ui / website_settings / website_settings.h
blobe284ef7e7f21117681eee8fb8bc3f506c2ff59e0
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #ifndef CHROME_BROWSER_UI_WEBSITE_SETTINGS_WEBSITE_SETTINGS_H_
6 #define CHROME_BROWSER_UI_WEBSITE_SETTINGS_WEBSITE_SETTINGS_H_
7
8 #include "base/strings/string16.h"
9 #include "chrome/browser/content_settings/tab_specific_content_settings.h"
10 #include "chrome/browser/ssl/security_state_model.h"
11 #include "components/content_settings/core/common/content_settings.h"
12 #include "components/content_settings/core/common/content_settings_types.h"
13 #include "content/public/common/signed_certificate_timestamp_id_and_status.h"
14 #include "url/gurl.h"
15
16 namespace content {
17 class CertStore;
18 class WebContents;
19 }
20
21 class ChromeSSLHostStateDelegate;
22 class HostContentSettingsMap;
23 class Profile;
24 class WebsiteSettingsUI;
25
26 // The |WebsiteSettings| provides information about a website's permissions,
27 // connection state and its identity. It owns a UI that displays the
28 // information and allows users to change the permissions. |WebsiteSettings|
29 // objects must be created on the heap. They destroy themselves after the UI is
30 // closed.
31 class WebsiteSettings : public TabSpecificContentSettings::SiteDataObserver {
32 public:
33 // TODO(palmer): Figure out if it is possible to unify SiteConnectionStatus
34 // and SiteIdentityStatus.
35 //
36 // Status of a connection to a website.
37 enum SiteConnectionStatus {
38 SITE_CONNECTION_STATUS_UNKNOWN = 0, // No status available.
39 SITE_CONNECTION_STATUS_ENCRYPTED, // Connection is encrypted.
40 SITE_CONNECTION_STATUS_MIXED_CONTENT, // Non-secure passive content.
41 SITE_CONNECTION_STATUS_MIXED_SCRIPT, // Non-secure active content.
42 SITE_CONNECTION_STATUS_UNENCRYPTED, // Connection is not encrypted.
43 SITE_CONNECTION_STATUS_ENCRYPTED_ERROR, // Connection error occurred.
44 SITE_CONNECTION_STATUS_INTERNAL_PAGE, // Internal site.
45 };
46
47 // Validation status of a website's identity.
48 enum SiteIdentityStatus {
49 // No status about the website's identity available.
50 SITE_IDENTITY_STATUS_UNKNOWN = 0,
51 // The website provided a valid certificate.
52 SITE_IDENTITY_STATUS_CERT,
53 // The website provided a valid EV certificate.
54 SITE_IDENTITY_STATUS_EV_CERT,
55 // The website provided a valid certificate but no revocation check could be
56 // performed.
57 SITE_IDENTITY_STATUS_CERT_REVOCATION_UNKNOWN,
58 // Site identity could not be verified because the site did not provide a
59 // certificate. This is the expected state for HTTP connections.
60 SITE_IDENTITY_STATUS_NO_CERT,
61 // An error occured while verifying the site identity.
62 SITE_IDENTITY_STATUS_ERROR,
63 // The site is a trusted internal chrome page.
64 SITE_IDENTITY_STATUS_INTERNAL_PAGE,
65 // The profile has accessed data using an administrator-provided
66 // certificate, so the administrator might be able to intercept data.
67 SITE_IDENTITY_STATUS_ADMIN_PROVIDED_CERT,
68 // The website provided a valid certificate, but the certificate or chain
69 // is using a deprecated signature algorithm.
70 SITE_IDENTITY_STATUS_DEPRECATED_SIGNATURE_ALGORITHM,
71 };
72
73 // UMA statistics for WebsiteSettings. Do not reorder or remove existing
74 // fields.
75 enum WebsiteSettingsAction {
76 WEBSITE_SETTINGS_OPENED = 0,
77 WEBSITE_SETTINGS_PERMISSIONS_TAB_SELECTED = 1,
78 WEBSITE_SETTINGS_CONNECTION_TAB_SELECTED = 2,
79 WEBSITE_SETTINGS_CONNECTION_TAB_SHOWN_IMMEDIATELY = 3,
80 WEBSITE_SETTINGS_COOKIES_DIALOG_OPENED = 4,
81 WEBSITE_SETTINGS_CHANGED_PERMISSION = 5,
82 WEBSITE_SETTINGS_CERTIFICATE_DIALOG_OPENED = 6,
83 // No longer used; indicated a UI viewer for SCTs.
84 // WEBSITE_SETTINGS_TRANSPARENCY_VIEWER_OPENED = 7,
85 WEBSITE_SETTINGS_CONNECTION_HELP_OPENED = 8,
86 WEBSITE_SETTINGS_SITE_SETTINGS_OPENED = 9,
87 WEBSITE_SETTINGS_COUNT
88 };
89
90 // Creates a WebsiteSettings for the passed |url| using the given |ssl| status
91 // object to determine the status of the site's connection. The
92 // |WebsiteSettings| takes ownership of the |ui|.
93 WebsiteSettings(WebsiteSettingsUI* ui,
94 Profile* profile,
95 TabSpecificContentSettings* tab_specific_content_settings,
96 content::WebContents* web_contents,
97 const GURL& url,
98 const SecurityStateModel::SecurityInfo& security_info,
99 content::CertStore* cert_store);
100 ~WebsiteSettings() override;
101
102 void RecordWebsiteSettingsAction(WebsiteSettingsAction action);
103
104 // This method is called when ever a permission setting is changed.
105 void OnSitePermissionChanged(ContentSettingsType type,
106 ContentSetting value);
107
108 // This method is called by the UI when the UI is closing.
109 void OnUIClosing();
110
111 // This method is called when the revoke SSL error bypass button is pressed.
112 void OnRevokeSSLErrorBypassButtonPressed();
113
114 // Accessors.
115 SiteConnectionStatus site_connection_status() const {
116 return site_connection_status_;
117 }
118
119 const GURL& site_url() const { return site_url_; }
120
121 SiteIdentityStatus site_identity_status() const {
122 return site_identity_status_;
123 }
124
125 base::string16 site_connection_details() const {
126 return site_connection_details_;
127 }
128
129 base::string16 site_identity_details() const {
130 return site_identity_details_;
131 }
132
133 base::string16 organization_name() const {
134 return organization_name_;
135 }
136
137 // SiteDataObserver implementation.
138 void OnSiteDataAccessed() override;
139
140 private:
141 // Initializes the |WebsiteSettings|.
142 void Init(const GURL& url,
143 const SecurityStateModel::SecurityInfo& security_info);
144
145 // Sets (presents) the information about the site's permissions in the |ui_|.
146 void PresentSitePermissions();
147
148 // Sets (presents) the information about the site's data in the |ui_|.
149 void PresentSiteData();
150
151 // Sets (presents) the information about the site's identity and connection
152 // in the |ui_|.
153 void PresentSiteIdentity();
154
155 // The website settings UI displays information and controls for site-
156 // specific data (local stored objects like cookies), site-specific
157 // permissions (location, pop-up, plugin, etc. permissions) and site-specific
158 // information (identity, connection status, etc.).
159 WebsiteSettingsUI* ui_;
160
161 // The WebContents of the active tab.
162 content::WebContents* web_contents_;
163
164 // The flag that controls whether an infobar is displayed after the website
165 // settings UI is closed or not.
166 bool show_info_bar_;
167
168 // The Omnibox URL of the website for which to display site permissions and
169 // site information.
170 GURL site_url_;
171
172 // Status of the website's identity verification check.
173 SiteIdentityStatus site_identity_status_;
174
175 // For secure connection |cert_id_| is set to the ID of the server
176 // certificate. For non secure connections |cert_id_| is 0.
177 int cert_id_;
178 // For secure connection, |signed_certificate_timestamp_ids_| is the list of
179 // all Signed Certificate Timestamps and their validation status.
180 // Empty if no SCTs accompanied the certificate
181 content::SignedCertificateTimestampIDStatusList
182 signed_certificate_timestamp_ids_;
183
184 // Status of the connection to the website.
185 SiteConnectionStatus site_connection_status_;
186
187 // TODO(markusheintz): Move the creation of all the base::string16 typed UI
188 // strings below to the corresponding UI code, in order to prevent
189 // unnecessary UTF-8 string conversions.
190
191 // Details about the website's identity. If the website's identity has been
192 // verified then |site_identity_details_| contains who verified the identity.
193 // This string will be displayed in the UI.
194 base::string16 site_identity_details_;
195
196 // Set when the user has explicitly bypassed an SSL error for this host or
197 // explicitly denied it (the latter of which is not currently possible in the
198 // Chrome UI). When |show_ssl_decision_revoke_button| is true, the connection
199 // area of the page info will include an option for the user to revoke their
200 // decision to bypass the SSL error for this host.
201 bool show_ssl_decision_revoke_button_;
202
203 // Details about the connection to the website. In case of an encrypted
204 // connection |site_connection_details_| contains encryption details, like
205 // encryption strength and ssl protocol version. This string will be
206 // displayed in the UI.
207 base::string16 site_connection_details_;
208
209 // For websites that provided an EV certificate |orgainization_name_|
210 // contains the organization name of the certificate. In all other cases
211 // |organization_name| is an empty string. This string will be displayed in
212 // the UI.
213 base::string16 organization_name_;
214
215 // The |CertStore| provides all X509Certificates.
216 content::CertStore* cert_store_;
217
218 // The |HostContentSettingsMap| is the service that provides and manages
219 // content settings (aka. site permissions).
220 HostContentSettingsMap* content_settings_;
221
222 // Service for managing SSL error page bypasses. Used to revoke bypass
223 // decisions by users.
224 ChromeSSLHostStateDelegate* chrome_ssl_host_state_delegate_;
225
226 bool did_revoke_user_ssl_decisions_;
227
228 Profile* profile_;
229
230 DISALLOW_COPY_AND_ASSIGN(WebsiteSettings);
231 };
232
233 #endif // CHROME_BROWSER_UI_WEBSITE_SETTINGS_WEBSITE_SETTINGS_H_