[epiphany] Display insecure content warning on all insecure pages
- From: Michael Catanzaro <mcatanzaro src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [epiphany] Display insecure content warning on all insecure pages
- Date: Wed, 9 Dec 2015 10:59:13 +0000 (UTC)
commit 759a59a00e5c798e11044264b2c1d4c90bfa865c
Author: Michael Catanzaro <mcatanzaro gnome org>
Date: Thu Feb 5 19:39:36 2015 -0600
Display insecure content warning on all insecure pages
We used to do this:
* HTTP pages -> no security indicator
* HTTPS pages with mixed content -> insecure warning icon
* HTTPS pages with no mixed content -> secure lock icon
Now we do this:
* HTTP pages and HTTPS pages with mixed content -> insecure warning icon
* HTTPS pages with no mixed content -> secure lock icon
https://bugzilla.gnome.org/show_bug.cgi?id=744064
embed/ephy-web-view.c | 68 ++++++++++-----
lib/ephy-security-levels.c | 10 +-
lib/ephy-security-levels.h | 12 +++-
lib/widgets/ephy-certificate-dialog.c | 75 +++++++++++++---
lib/widgets/ephy-certificate-dialog.h | 5 +-
lib/widgets/ephy-certificate-popover.c | 149 ++++++++++++++++++--------------
lib/widgets/ephy-location-entry.c | 2 +-
src/ephy-title-box.c | 7 +-
8 files changed, 215 insertions(+), 113 deletions(-)
---
diff --git a/embed/ephy-web-view.c b/embed/ephy-web-view.c
index 2af0cae..d01ca1f 100644
--- a/embed/ephy-web-view.c
+++ b/embed/ephy-web-view.c
@@ -980,7 +980,7 @@ ephy_web_view_class_init (EphyWebViewClass *klass)
"Security Level",
"The view's security level",
EPHY_TYPE_SECURITY_LEVEL,
- EPHY_SECURITY_LEVEL_NO_SECURITY,
+ EPHY_SECURITY_LEVEL_TO_BE_DETERMINED,
G_PARAM_READABLE | G_PARAM_STATIC_NAME |
G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB));
/**
@@ -1546,6 +1546,45 @@ ephy_web_view_location_changed (EphyWebView *view,
}
static void
+update_security_status_for_committed_load (EphyWebView *view,
+ const char *uri)
+{
+ EphySecurityLevel security_level = EPHY_SECURITY_LEVEL_NO_SECURITY;
+ EphyEmbed *embed;
+ WebKitWebContext *web_context;
+ WebKitSecurityManager *security_manager;
+ SoupURI *soup_uri;
+
+ if (view->loading_tls_error_page) {
+ view->loading_tls_error_page = FALSE;
+ return;
+ }
+
+ embed = EPHY_GET_EMBED_FROM_EPHY_WEB_VIEW (view);
+ web_context = webkit_web_view_get_context (WEBKIT_WEB_VIEW (view));
+ security_manager = webkit_web_context_get_security_manager (web_context);
+ soup_uri = soup_uri_new (uri);
+
+ g_clear_object (&view->certificate);
+ g_clear_pointer (&view->tls_error_failing_uri, g_free);
+
+ if (webkit_security_manager_uri_scheme_is_local (security_manager, soup_uri->scheme)) {
+ g_assert (!view->certificate);
+ security_level = EPHY_SECURITY_LEVEL_LOCAL_PAGE;
+ } else if (webkit_web_view_get_tls_info (WEBKIT_WEB_VIEW (view), &view->certificate, &view->tls_errors)) {
+ g_object_ref (view->certificate);
+ security_level = view->tls_errors == 0 ?
+ EPHY_SECURITY_LEVEL_STRONG_SECURITY : EPHY_SECURITY_LEVEL_UNACCEPTABLE_CERTIFICATE;
+ } else if (ephy_embed_has_load_pending (embed)) {
+ security_level = EPHY_SECURITY_LEVEL_TO_BE_DETERMINED;
+ }
+
+ ephy_web_view_set_security_level (view, security_level);
+
+ soup_uri_free (soup_uri);
+}
+
+static void
load_changed_cb (WebKitWebView *web_view,
WebKitLoadEvent load_event,
gpointer user_data)
@@ -1586,30 +1625,13 @@ load_changed_cb (WebKitWebView *web_view,
/* TODO: Update the loading uri */
break;
case WEBKIT_LOAD_COMMITTED: {
- const char* uri;
- EphySecurityLevel security_level = EPHY_SECURITY_LEVEL_NO_SECURITY;
-
+ const char *uri;
view->ever_committed = TRUE;
/* Title and location. */
uri = webkit_web_view_get_uri (web_view);
ephy_web_view_location_changed (view, uri);
-
- /* Security status. */
- if (view->loading_tls_error_page) {
- view->loading_tls_error_page = FALSE;
- } else {
- g_clear_object (&view->certificate);
- g_clear_pointer (&view->tls_error_failing_uri, g_free);
-
- if (webkit_web_view_get_tls_info (web_view, &view->certificate, &view->tls_errors)) {
- g_object_ref (view->certificate);
- security_level = view->tls_errors == 0 ?
- EPHY_SECURITY_LEVEL_STRONG_SECURITY : EPHY_SECURITY_LEVEL_BROKEN_SECURITY;
- }
-
- ephy_web_view_set_security_level (EPHY_WEB_VIEW (web_view), security_level);
- }
+ update_security_status_for_committed_load (view, uri);
/* History. */
if (!ephy_web_view_is_history_frozen (view)) {
@@ -2020,7 +2042,7 @@ load_failed_with_tls_error_cb (WebKitWebView *web_view,
view->certificate = g_object_ref (certificate);
view->tls_errors = errors;
view->tls_error_failing_uri = g_strdup (uri);
- ephy_web_view_set_security_level (EPHY_WEB_VIEW (web_view), EPHY_SECURITY_LEVEL_BROKEN_SECURITY);
+ ephy_web_view_set_security_level (view, EPHY_SECURITY_LEVEL_UNACCEPTABLE_CERTIFICATE);
ephy_web_view_load_error_page (EPHY_WEB_VIEW (web_view), uri,
EPHY_WEB_VIEW_ERROR_INVALID_TLS_CERTIFICATE, NULL);
@@ -2034,7 +2056,7 @@ mixed_content_detected_cb (WebKitWebView *web_view,
{
EphyWebView *view = EPHY_WEB_VIEW (web_view);
- if (view->security_level != EPHY_SECURITY_LEVEL_BROKEN_SECURITY)
+ if (view->security_level != EPHY_SECURITY_LEVEL_UNACCEPTABLE_CERTIFICATE)
ephy_web_view_set_security_level (view, EPHY_SECURITY_LEVEL_MIXED_CONTENT);
}
@@ -2082,7 +2104,7 @@ ephy_web_view_init (EphyWebView *web_view)
web_view->is_blank = TRUE;
web_view->ever_committed = FALSE;
web_view->document_type = EPHY_WEB_VIEW_DOCUMENT_HTML;
- web_view->security_level = EPHY_SECURITY_LEVEL_NO_SECURITY;
+ web_view->security_level = EPHY_SECURITY_LEVEL_TO_BE_DETERMINED;
web_view->file_monitor = ephy_file_monitor_new (web_view);
diff --git a/lib/ephy-security-levels.c b/lib/ephy-security-levels.c
index d67949b..37c4fec 100644
--- a/lib/ephy-security-levels.c
+++ b/lib/ephy-security-levels.c
@@ -33,14 +33,14 @@ ephy_security_level_to_icon_name (EphySecurityLevel level)
const char *result;
switch (level) {
- case EPHY_SECURITY_LEVEL_NO_SECURITY:
+ case EPHY_SECURITY_LEVEL_LOCAL_PAGE:
+ case EPHY_SECURITY_LEVEL_TO_BE_DETERMINED:
result = NULL;
break;
- case EPHY_SECURITY_LEVEL_BROKEN_SECURITY:
- result = "channel-insecure-symbolic";
- break;
+ case EPHY_SECURITY_LEVEL_NO_SECURITY:
case EPHY_SECURITY_LEVEL_MIXED_CONTENT:
- result = "dialog-warning-symbolic";
+ case EPHY_SECURITY_LEVEL_UNACCEPTABLE_CERTIFICATE:
+ result = "channel-insecure-symbolic";
break;
case EPHY_SECURITY_LEVEL_STRONG_SECURITY:
result = "channel-secure-symbolic";
diff --git a/lib/ephy-security-levels.h b/lib/ephy-security-levels.h
index 3d60c41..dac2cd0 100644
--- a/lib/ephy-security-levels.h
+++ b/lib/ephy-security-levels.h
@@ -28,12 +28,22 @@
G_BEGIN_DECLS
+#if 0
+TODO: EPHY_SECURITY_LEVEL_WEAK_SECURITY should be implemented for e.g. certs
+that use SHA1 or RSA 1024, connections that use RC4, connections that required
+protocol version fallback, servers that did not send the safe renegotiation
+extension, servers that picked weak DH primes, whatever else turns out to be bad
+next year, etc. etc.
+#endif
+
typedef enum
{
+ EPHY_SECURITY_LEVEL_TO_BE_DETERMINED,
EPHY_SECURITY_LEVEL_NO_SECURITY,
- EPHY_SECURITY_LEVEL_BROKEN_SECURITY,
+ EPHY_SECURITY_LEVEL_UNACCEPTABLE_CERTIFICATE,
EPHY_SECURITY_LEVEL_MIXED_CONTENT,
EPHY_SECURITY_LEVEL_STRONG_SECURITY,
+ EPHY_SECURITY_LEVEL_LOCAL_PAGE
} EphySecurityLevel;
const char *ephy_security_level_to_icon_name (EphySecurityLevel level);
diff --git a/lib/widgets/ephy-certificate-dialog.c b/lib/widgets/ephy-certificate-dialog.c
index d50188e..5f70573 100644
--- a/lib/widgets/ephy-certificate-dialog.c
+++ b/lib/widgets/ephy-certificate-dialog.c
@@ -18,6 +18,8 @@
#include "config.h"
#include "ephy-certificate-dialog.h"
+#include "ephy-lib-type-builtins.h"
+
#define GCR_API_SUBJECT_TO_CHANGE
#include <gcr/gcr.h>
#include <glib/gi18n.h>
@@ -35,6 +37,7 @@ enum
PROP_0,
PROP_ADDRESS,
PROP_CERTIFICATE,
+ PROP_SECURITY_LEVEL,
PROP_TLS_ERRORS
};
@@ -43,6 +46,8 @@ struct _EphyCertificateDialogPrivate
GtkWidget *icon;
GtkWidget *title;
GtkWidget *text;
+ GTlsCertificateFlags tls_errors;
+ EphySecurityLevel security_level;
};
G_DEFINE_TYPE (EphyCertificateDialog, ephy_certificate_dialog, GTK_TYPE_DIALOG)
@@ -129,34 +134,49 @@ get_error_messages_from_tls_errors (GTlsCertificateFlags tls_errors)
}
static void
-ephy_certificate_dialog_set_tls_errors (EphyCertificateDialog *dialog,
- GTlsCertificateFlags tls_errors)
+ephy_certificate_dialog_constructed (GObject *object)
{
+ EphyCertificateDialog *dialog = EPHY_CERTIFICATE_DIALOG (object);
EphyCertificateDialogPrivate *priv = dialog->priv;
GIcon *icon;
+ const char *icon_name;
char *markup;
- icon = tls_errors == 0 ?
- g_themed_icon_new_with_default_fallbacks ("channel-secure-symbolic") :
- g_themed_icon_new_with_default_fallbacks ("channel-insecure-symbolic");
- gtk_image_set_from_gicon (GTK_IMAGE (priv->icon), icon, GTK_ICON_SIZE_DIALOG);
- g_object_unref (icon);
+ G_OBJECT_CLASS (ephy_certificate_dialog_parent_class)->constructed (object);
+
+ icon_name = ephy_security_level_to_icon_name (priv->security_level);
+ if (icon_name) {
+ icon = g_themed_icon_new_with_default_fallbacks (icon_name);
+ gtk_image_set_from_gicon (GTK_IMAGE (priv->icon), icon, GTK_ICON_SIZE_DIALOG);
+ g_object_unref (icon);
+ }
markup = g_strdup_printf ("<span weight=\"bold\" size=\"large\">%s</span>",
- tls_errors == 0 ?
+ priv->tls_errors == 0 ?
_("The identity of this website has been verified.") :
_("The identity of this website has not been verified."));
gtk_label_set_markup (GTK_LABEL (priv->title), markup);
g_free (markup);
- if (tls_errors) {
- char *text = get_error_messages_from_tls_errors (tls_errors);
-
+ if (priv->tls_errors) {
+ char *text = get_error_messages_from_tls_errors (priv->tls_errors);
gtk_label_set_text (GTK_LABEL (priv->text), text);
g_free (text);
-
- gtk_widget_show (priv->text);
+ } else {
+ switch (priv->security_level) {
+ case EPHY_SECURITY_LEVEL_STRONG_SECURITY:
+ /* Message on certificte dialog ertificate dialog */
+ gtk_label_set_text (GTK_LABEL (priv->text), _("No problems have been detected with your connection."));
+ break;
+ case EPHY_SECURITY_LEVEL_MIXED_CONTENT:
+ gtk_label_set_text (GTK_LABEL (priv->text), _("This certificate is valid. However, "
+ "resources on this page were sent insecurely."));
+ break;
+ default:
+ g_assert_not_reached ();
+ }
}
+ gtk_widget_show (priv->text);
}
static void
@@ -166,6 +186,7 @@ ephy_certificate_dialog_set_property (GObject *object,
GParamSpec *pspec)
{
EphyCertificateDialog *dialog = EPHY_CERTIFICATE_DIALOG (object);
+ EphyCertificateDialogPrivate *priv = dialog->priv;
switch (prop_id) {
case PROP_ADDRESS:
@@ -174,8 +195,11 @@ ephy_certificate_dialog_set_property (GObject *object,
case PROP_CERTIFICATE:
ephy_certificate_dialog_set_certificate (dialog, g_value_get_object (value));
break;
+ case PROP_SECURITY_LEVEL:
+ priv->security_level = g_value_get_enum (value);
+ break;
case PROP_TLS_ERRORS:
- ephy_certificate_dialog_set_tls_errors (dialog, g_value_get_flags (value));
+ priv->tls_errors = g_value_get_flags (value);
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
@@ -187,6 +211,7 @@ ephy_certificate_dialog_class_init (EphyCertificateDialogClass *klass)
{
GObjectClass *object_class = G_OBJECT_CLASS (klass);
+ object_class->constructed = ephy_certificate_dialog_constructed;
object_class->set_property = ephy_certificate_dialog_set_property;
/**
@@ -224,6 +249,24 @@ ephy_certificate_dialog_class_init (EphyCertificateDialogClass *klass)
G_PARAM_STATIC_BLURB));
/**
+ * EphySecurityLevel:security-level:
+ *
+ * Indicates whether something is wrong with the connection.
+ */
+ g_object_class_install_property (object_class,
+ PROP_SECURITY_LEVEL,
+ g_param_spec_enum ("security-level",
+ "Security Level",
+ "Indicates whether something is wrong with the
connection",
+ EPHY_TYPE_SECURITY_LEVEL,
+ EPHY_SECURITY_LEVEL_TO_BE_DETERMINED,
+ G_PARAM_WRITABLE |
+ G_PARAM_CONSTRUCT_ONLY |
+ G_PARAM_STATIC_NAME |
+ G_PARAM_STATIC_NICK |
+ G_PARAM_STATIC_BLURB));
+
+ /**
* EphyCertificateDialog:tls-errors:
*
* The verification errors on the TLS certificate.
@@ -304,7 +347,8 @@ GtkWidget *
ephy_certificate_dialog_new (GtkWindow *parent,
const char *address,
GTlsCertificate *certificate,
- GTlsCertificateFlags tls_errors)
+ GTlsCertificateFlags tls_errors,
+ EphySecurityLevel security_level)
{
GtkWidget *dialog;
@@ -314,6 +358,7 @@ ephy_certificate_dialog_new (GtkWindow *parent,
dialog = GTK_WIDGET (g_object_new (EPHY_TYPE_CERTIFICATE_DIALOG,
"address", address,
"certificate", certificate,
+ "security-level", security_level,
"tls-errors", tls_errors,
"modal", TRUE,
"use-header-bar", TRUE,
diff --git a/lib/widgets/ephy-certificate-dialog.h b/lib/widgets/ephy-certificate-dialog.h
index 6551a7b..af55ba3 100644
--- a/lib/widgets/ephy-certificate-dialog.h
+++ b/lib/widgets/ephy-certificate-dialog.h
@@ -22,6 +22,8 @@
#ifndef EPHY_CERTIFICATE_DIALOG_H
#define EPHY_CERTIFICATE_DIALOG_H
+#include "ephy-security-levels.h"
+
#include <gio/gio.h>
#include <gtk/gtk.h>
@@ -56,7 +58,8 @@ GType ephy_certificate_dialog_get_type (void);
GtkWidget *ephy_certificate_dialog_new (GtkWindow *parent,
const char *address,
GTlsCertificate *certificate,
- GTlsCertificateFlags tls_errors);
+ GTlsCertificateFlags tls_errors,
+ EphySecurityLevel security_level);
G_END_DECLS
diff --git a/lib/widgets/ephy-certificate-popover.c b/lib/widgets/ephy-certificate-popover.c
index 5dc1088..3759f00 100644
--- a/lib/widgets/ephy-certificate-popover.c
+++ b/lib/widgets/ephy-certificate-popover.c
@@ -49,8 +49,10 @@ struct _EphyCertificatePopoverPrivate
GtkWidget *lock_image;
GtkWidget *host_label;
GtkWidget *security_label;
+ GtkWidget *grid;
GTlsCertificate *certificate;
GTlsCertificateFlags tls_errors;
+ EphySecurityLevel security_level;
};
G_DEFINE_TYPE_WITH_PRIVATE (EphyCertificatePopover, ephy_certificate_popover, GTK_TYPE_POPOVER)
@@ -84,16 +86,8 @@ ephy_certificate_popover_set_certificate (EphyCertificatePopover *popover,
{
EphyCertificatePopoverPrivate *priv = popover->priv;
- priv->certificate = g_object_ref (certificate);
-}
-
-static void
-ephy_certificate_popover_set_tls_errors (EphyCertificatePopover *popover,
- GTlsCertificateFlags tls_errors)
-{
- EphyCertificatePopoverPrivate *priv = popover->priv;
-
- priv->tls_errors = tls_errors;
+ if (certificate)
+ priv->certificate = g_object_ref (certificate);
}
static void
@@ -102,45 +96,102 @@ ephy_certificate_popover_set_security_level (EphyCertificatePopover *popover,
{
EphyCertificatePopoverPrivate *priv = popover->priv;
GIcon *icon;
- char *label_text;
char *address_text;
+ char *label_text = NULL;
+
+ priv->security_level = security_level;
+
+ address_text = g_markup_printf_escaped ("<span weight=\"bold\">%s</span>", priv->hostname);
switch (security_level) {
- case EPHY_SECURITY_LEVEL_BROKEN_SECURITY:
- address_text = g_markup_printf_escaped ("<span weight=\"bold\">%s</span>", priv->hostname);
+ case EPHY_SECURITY_LEVEL_UNACCEPTABLE_CERTIFICATE:
/* Label in certificate popover when site is untrusted. %s is a URL. */
label_text = g_strdup_printf (_("This web site’s digital identification is not trusted. "
"You may have connected to an attacker pretending to be %s."),
address_text);
gtk_label_set_markup (GTK_LABEL (priv->security_label), label_text);
gtk_widget_hide (priv->host_label);
- g_free (label_text);
- g_free (address_text);
+ break;
+ case EPHY_SECURITY_LEVEL_NO_SECURITY:
+ /* Label in certificate popover when site uses HTTP. %s is a URL. */
+ label_text = g_strdup_printf (_("%s has no security. An attacker could see any information "
+ "you send, or control the content that you see."),
+ address_text);
+ gtk_label_set_markup (GTK_LABEL (priv->security_label), label_text);
+ gtk_widget_hide (priv->host_label);
break;
case EPHY_SECURITY_LEVEL_MIXED_CONTENT:
gtk_label_set_text (GTK_LABEL (priv->security_label),
/* Label in certificate popover when site sends mixed content. */
- _("Part of this page is insecure."));
+ _("This web site did not properly secure your connection."));
gtk_widget_show (priv->host_label);
break;
case EPHY_SECURITY_LEVEL_STRONG_SECURITY:
gtk_label_set_text (GTK_LABEL (priv->security_label),
/* Label in certificate popover on secure sites. */
- _("Your connection is secure."));
+ _("Your connection seems to be secure."));
gtk_widget_show (priv->host_label);
break;
- case EPHY_SECURITY_LEVEL_NO_SECURITY:
- /* How did we get to this popover? Fall through. */
default:
g_assert_not_reached ();
}
icon = g_themed_icon_new_with_default_fallbacks (ephy_security_level_to_icon_name (security_level));
gtk_image_set_from_gicon (GTK_IMAGE (priv->lock_image), icon, GTK_ICON_SIZE_DIALOG);
+
+ g_free (address_text);
+ g_free (label_text);
g_object_unref (icon);
}
static void
+certificate_button_clicked_cb (GtkButton *button,
+ gpointer user_data)
+{
+ EphyCertificatePopover *popover = EPHY_CERTIFICATE_POPOVER (user_data);
+ EphyCertificatePopoverPrivate *priv = popover->priv;
+ GtkWidget *dialog;
+
+ dialog = ephy_certificate_dialog_new (GTK_WINDOW (gtk_widget_get_toplevel (GTK_WIDGET (popover))),
+ priv->address,
+ priv->certificate,
+ priv->tls_errors,
+ priv->security_level);
+ gtk_window_set_destroy_with_parent (GTK_WINDOW (dialog), TRUE);
+ g_signal_connect (dialog, "response",
+ G_CALLBACK (gtk_widget_destroy),
+ NULL);
+
+ gtk_widget_hide (GTK_WIDGET (popover));
+ gtk_widget_show (dialog);
+}
+
+static void
+ephy_certificate_popover_constructed (GObject *object)
+{
+ EphyCertificatePopover *popover = EPHY_CERTIFICATE_POPOVER (object);
+ EphyCertificatePopoverPrivate *priv = popover->priv;
+ GtkWidget *certificate_button;
+
+ G_OBJECT_CLASS (ephy_certificate_popover_parent_class)->constructed (object);
+
+ if (!priv->certificate)
+ return;
+
+ certificate_button = gtk_button_new_with_mnemonic (_("_View Certificate…"));
+ gtk_widget_set_halign (certificate_button, GTK_ALIGN_CENTER);
+ gtk_widget_set_valign (certificate_button, GTK_ALIGN_END);
+ gtk_widget_set_margin_top (certificate_button, 5);
+ gtk_widget_set_receives_default (certificate_button, FALSE);
+ gtk_widget_show (certificate_button);
+ g_signal_connect (certificate_button, "clicked",
+ G_CALLBACK (certificate_button_clicked_cb),
+ popover);
+
+ gtk_grid_attach (GTK_GRID (priv->grid), certificate_button, 2, 1, 1, 1);
+}
+
+static void
ephy_certificate_popover_dispose (GObject *object)
{
EphyCertificatePopover *popover = EPHY_CERTIFICATE_POPOVER (object);
@@ -170,6 +221,7 @@ ephy_certificate_popover_set_property (GObject *object,
GParamSpec *pspec)
{
EphyCertificatePopover *popover = EPHY_CERTIFICATE_POPOVER (object);
+ EphyCertificatePopoverPrivate *priv = popover->priv;
switch (prop_id) {
case PROP_ADDRESS:
@@ -182,7 +234,7 @@ ephy_certificate_popover_set_property (GObject *object,
ephy_certificate_popover_set_security_level (popover, g_value_get_enum (value));
break;
case PROP_TLS_ERRORS:
- ephy_certificate_popover_set_tls_errors (popover, g_value_get_flags (value));
+ priv->tls_errors = g_value_get_flags (value);
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
@@ -203,32 +255,12 @@ ephy_certificate_popover_get_preferred_width (GtkWidget *widget,
}
static void
-certificate_button_clicked_cb (GtkButton *button,
- gpointer user_data)
-{
- EphyCertificatePopover *popover = EPHY_CERTIFICATE_POPOVER (user_data);
- EphyCertificatePopoverPrivate *priv = popover->priv;
- GtkWidget *dialog;
-
- dialog = ephy_certificate_dialog_new (GTK_WINDOW (gtk_widget_get_toplevel (GTK_WIDGET (popover))),
- priv->address,
- priv->certificate,
- priv->tls_errors);
- gtk_window_set_destroy_with_parent (GTK_WINDOW (dialog), TRUE);
- g_signal_connect (dialog, "response",
- G_CALLBACK (gtk_widget_destroy),
- NULL);
-
- gtk_widget_hide (GTK_WIDGET (popover));
- gtk_widget_show (dialog);
-}
-
-static void
ephy_certificate_popover_class_init (EphyCertificatePopoverClass *klass)
{
GObjectClass *object_class = G_OBJECT_CLASS (klass);
GtkWidgetClass *widget_class = GTK_WIDGET_CLASS (klass);
+ object_class->constructed = ephy_certificate_popover_constructed;
object_class->dispose = ephy_certificate_popover_dispose;
object_class->finalize = ephy_certificate_popover_finalize;
object_class->set_property = ephy_certificate_popover_set_property;
@@ -259,7 +291,7 @@ ephy_certificate_popover_class_init (EphyCertificatePopoverClass *klass)
PROP_CERTIFICATE,
g_param_spec_object ("certificate",
"Certificate",
- "The certificate of the website",
+ "The certificate of the website, if HTTPS",
G_TYPE_TLS_CERTIFICATE,
G_PARAM_WRITABLE |
G_PARAM_CONSTRUCT_ONLY |
@@ -274,7 +306,7 @@ ephy_certificate_popover_class_init (EphyCertificatePopoverClass *klass)
PROP_TLS_ERRORS,
g_param_spec_flags ("tls-errors",
"TLS Errors",
- "Issues with the security of the website",
+ "Issues with the security of the website, if HTTPS",
G_TYPE_TLS_CERTIFICATE_FLAGS,
0,
G_PARAM_WRITABLE |
@@ -292,7 +324,7 @@ ephy_certificate_popover_class_init (EphyCertificatePopoverClass *klass)
"Security Level",
"Determines what type of information to display",
EPHY_TYPE_SECURITY_LEVEL,
- 0,
+ EPHY_SECURITY_LEVEL_TO_BE_DETERMINED,
G_PARAM_WRITABLE |
G_PARAM_CONSTRUCT_ONLY |
G_PARAM_STATIC_STRINGS));
@@ -302,27 +334,16 @@ static void
ephy_certificate_popover_init (EphyCertificatePopover *popover)
{
EphyCertificatePopoverPrivate *priv;
- GtkWidget *grid;
- GtkWidget *certificate_button;
popover->priv = ephy_certificate_popover_get_instance_private (popover);
priv = popover->priv;
- grid = gtk_grid_new ();
- gtk_grid_set_column_spacing (GTK_GRID (grid), 15);
- g_object_set (grid, "margin", 10, NULL);
+ priv->grid = gtk_grid_new ();
+ gtk_grid_set_column_spacing (GTK_GRID (priv->grid), 15);
+ g_object_set (priv->grid, "margin", 10, NULL);
priv->lock_image = gtk_image_new ();
- certificate_button = gtk_button_new_with_mnemonic (_("_View Certificate…"));
- gtk_widget_set_halign (certificate_button, GTK_ALIGN_CENTER);
- gtk_widget_set_valign (certificate_button, GTK_ALIGN_END);
- gtk_widget_set_margin_top (certificate_button, 5);
- gtk_widget_set_receives_default (certificate_button, FALSE);
- g_signal_connect (certificate_button, "clicked",
- G_CALLBACK (certificate_button_clicked_cb),
- popover);
-
priv->host_label = gtk_label_new (NULL);
gtk_widget_set_halign (priv->host_label, GTK_ALIGN_START);
@@ -331,13 +352,12 @@ ephy_certificate_popover_init (EphyCertificatePopover *popover)
/* We must use deprecated GtkMisc, not halign, as GTK_ALIGN_START fails for labels with line wrap. */
gtk_misc_set_alignment (GTK_MISC (priv->security_label), 0.0, 0.5);
- gtk_grid_attach (GTK_GRID (grid), priv->lock_image, 0, 0, 1, 2);
- gtk_grid_attach (GTK_GRID (grid), priv->host_label, 1, 0, 1, 1);
- gtk_grid_attach (GTK_GRID (grid), priv->security_label, 1, 1, 1, 1);
- gtk_grid_attach (GTK_GRID (grid), certificate_button, 2, 1, 1, 1);
+ gtk_grid_attach (GTK_GRID (priv->grid), priv->lock_image, 0, 0, 1, 2);
+ gtk_grid_attach (GTK_GRID (priv->grid), priv->host_label, 1, 0, 1, 1);
+ gtk_grid_attach (GTK_GRID (priv->grid), priv->security_label, 1, 1, 1, 1);
- gtk_container_add (GTK_CONTAINER (popover), grid);
- gtk_widget_show_all (grid);
+ gtk_container_add (GTK_CONTAINER (popover), priv->grid);
+ gtk_widget_show_all (priv->grid);
}
GtkWidget *ephy_certificate_popover_new (GtkWidget *relative_to,
@@ -347,7 +367,6 @@ GtkWidget *ephy_certificate_popover_new (GtkWidget *relative_to,
EphySecurityLevel security_level)
{
g_return_val_if_fail (address != NULL, NULL);
- g_return_val_if_fail (G_IS_TLS_CERTIFICATE (certificate), NULL);
return GTK_WIDGET (g_object_new (EPHY_TYPE_CERTIFICATE_POPOVER,
"address", address,
diff --git a/lib/widgets/ephy-location-entry.c b/lib/widgets/ephy-location-entry.c
index 2186f17..5cb2ac8 100644
--- a/lib/widgets/ephy-location-entry.c
+++ b/lib/widgets/ephy-location-entry.c
@@ -250,7 +250,7 @@ ephy_location_entry_class_init (EphyLocationEntryClass *klass)
"Security level",
"State of the security icon",
EPHY_TYPE_SECURITY_LEVEL,
- EPHY_SECURITY_LEVEL_NO_SECURITY,
+ EPHY_SECURITY_LEVEL_TO_BE_DETERMINED,
G_PARAM_WRITABLE | G_PARAM_STATIC_NAME |
G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB));
g_object_class_install_property (object_class,
diff --git a/src/ephy-title-box.c b/src/ephy-title-box.c
index 7815a2a..d1c8a68 100644
--- a/src/ephy-title-box.c
+++ b/src/ephy-title-box.c
@@ -638,16 +638,19 @@ ephy_title_box_set_security_level (EphyTitleBox *title_box,
EphySecurityLevel security_level)
{
EphyTitleBoxPrivate *priv;
+ const char *icon_name;
g_return_if_fail (EPHY_IS_TITLE_BOX (title_box));
priv = ephy_title_box_get_instance_private (title_box);
+ icon_name = ephy_security_level_to_icon_name (security_level);
g_object_set (priv->lock_image,
- "icon-name", ephy_security_level_to_icon_name (security_level),
+ "icon-name", icon_name,
NULL);
- gtk_widget_set_visible (priv->lock_image, security_level != EPHY_SECURITY_LEVEL_NO_SECURITY);
+ gtk_widget_set_visible (priv->lock_image, icon_name != NULL);
+
ephy_location_entry_set_security_level (EPHY_LOCATION_ENTRY (priv->entry), security_level);
}
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]