content/browser/ssl/ssl_policy_backend.h

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef CONTENT_BROWSER_SSL_SSL_POLICY_BACKEND_H_
   6 #define CONTENT_BROWSER_SSL_SSL_POLICY_BACKEND_H_
   7
   8 #include <string>
   9 #include <vector>
  10
  11 #include "base/basictypes.h"
  12 #include "base/strings/string16.h"
  13 #include "content/public/browser/ssl_host_state_delegate.h"
  14 #include "net/cert/cert_status_flags.h"
  15 #include "net/cert/x509_certificate.h"
  16
  17 namespace content {
  18 class NavigationControllerImpl;
  19
  20 class CONTENT_EXPORT SSLPolicyBackend {
  21  public:
  22   explicit SSLPolicyBackend(NavigationControllerImpl* controller);
  23
  24   // Records that a host has run insecure content.
  25   void HostRanInsecureContent(const std::string& host, int pid);
  26
  27   // Returns whether the specified host ran insecure content.
  28   bool DidHostRunInsecureContent(const std::string& host, int pid) const;
  29
  30   // Revokes all allow exceptions by the user for |host|.
  31   void RevokeUserAllowExceptions(const std::string& host);
  32
  33   // Returns true if and only if a user exception has previously been made for
  34   // |host|.
  35   bool HasAllowException(const std::string& host);
  36
  37   // Records that |cert| is permitted to be used for |host| in the future, for
  38   // a specific error type.
  39   void AllowCertForHost(const net::X509Certificate& cert,
  40                         const std::string& host,
  41                         net::CertStatus error);
  42
  43   // Queries whether |cert| is allowed for |host|. Returns true in
  44   // |expired_previous_decision| if a user decision had been made previously but
  45   // that decision has expired, otherwise false.
  46   SSLHostStateDelegate::CertJudgment QueryPolicy(
  47       const net::X509Certificate& cert,
  48       const std::string& host,
  49       net::CertStatus error,
  50       bool* expired_previous_decision);
  51
  52  private:
  53   // SSL state delegate specific for each host.
  54   SSLHostStateDelegate* ssl_host_state_delegate_;
  55
  56   NavigationControllerImpl* controller_;
  57
  58   DISALLOW_COPY_AND_ASSIGN(SSLPolicyBackend);
  59 };
  60
  61 }  // namespace content
  62
  63 #endif  // CONTENT_BROWSER_SSL_SSL_POLICY_BACKEND_H_