[epiphany] Display insecure content warning on all insecure pages



commit 759a59a00e5c798e11044264b2c1d4c90bfa865c
Author: Michael Catanzaro <mcatanzaro gnome org>
Date:   Thu Feb 5 19:39:36 2015 -0600

    Display insecure content warning on all insecure pages
    
    We used to do this:
    
    * HTTP pages -> no security indicator
    * HTTPS pages with mixed content -> insecure warning icon
    * HTTPS pages with no mixed content -> secure lock icon
    
    Now we do this:
    
    * HTTP pages and HTTPS pages with mixed content -> insecure warning icon
    * HTTPS pages with no mixed content -> secure lock icon
    
    https://bugzilla.gnome.org/show_bug.cgi?id=744064

 embed/ephy-web-view.c                  |   68 ++++++++++-----
 lib/ephy-security-levels.c             |   10 +-
 lib/ephy-security-levels.h             |   12 +++-
 lib/widgets/ephy-certificate-dialog.c  |   75 +++++++++++++---
 lib/widgets/ephy-certificate-dialog.h  |    5 +-
 lib/widgets/ephy-certificate-popover.c |  149 ++++++++++++++++++--------------
 lib/widgets/ephy-location-entry.c      |    2 +-
 src/ephy-title-box.c                   |    7 +-
 8 files changed, 215 insertions(+), 113 deletions(-)
---
diff --git a/embed/ephy-web-view.c b/embed/ephy-web-view.c
index 2af0cae..d01ca1f 100644
--- a/embed/ephy-web-view.c
+++ b/embed/ephy-web-view.c
@@ -980,7 +980,7 @@ ephy_web_view_class_init (EphyWebViewClass *klass)
                                                       "Security Level",
                                                       "The view's security level",
                                                       EPHY_TYPE_SECURITY_LEVEL,
-                                                      EPHY_SECURITY_LEVEL_NO_SECURITY,
+                                                      EPHY_SECURITY_LEVEL_TO_BE_DETERMINED,
                                                       G_PARAM_READABLE | G_PARAM_STATIC_NAME | 
G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB));
 
 /**
@@ -1546,6 +1546,45 @@ ephy_web_view_location_changed (EphyWebView *view,
 }
 
 static void
+update_security_status_for_committed_load (EphyWebView *view,
+                                           const char *uri)
+{
+  EphySecurityLevel security_level = EPHY_SECURITY_LEVEL_NO_SECURITY;
+  EphyEmbed *embed;
+  WebKitWebContext *web_context;
+  WebKitSecurityManager *security_manager;
+  SoupURI *soup_uri;
+
+  if (view->loading_tls_error_page) {
+    view->loading_tls_error_page = FALSE;
+    return;
+  }
+
+  embed = EPHY_GET_EMBED_FROM_EPHY_WEB_VIEW (view);
+  web_context = webkit_web_view_get_context (WEBKIT_WEB_VIEW (view));
+  security_manager = webkit_web_context_get_security_manager (web_context);
+  soup_uri = soup_uri_new (uri);
+
+  g_clear_object (&view->certificate);
+  g_clear_pointer (&view->tls_error_failing_uri, g_free);
+
+  if (webkit_security_manager_uri_scheme_is_local (security_manager, soup_uri->scheme)) {
+    g_assert (!view->certificate);
+    security_level = EPHY_SECURITY_LEVEL_LOCAL_PAGE;
+  } else if (webkit_web_view_get_tls_info (WEBKIT_WEB_VIEW (view), &view->certificate, &view->tls_errors)) {
+    g_object_ref (view->certificate);
+    security_level = view->tls_errors == 0 ?
+      EPHY_SECURITY_LEVEL_STRONG_SECURITY : EPHY_SECURITY_LEVEL_UNACCEPTABLE_CERTIFICATE;
+  } else if (ephy_embed_has_load_pending (embed)) {
+    security_level = EPHY_SECURITY_LEVEL_TO_BE_DETERMINED;
+  }
+
+  ephy_web_view_set_security_level (view, security_level);
+
+  soup_uri_free (soup_uri);
+}
+
+static void
 load_changed_cb (WebKitWebView *web_view,
                  WebKitLoadEvent load_event,
                  gpointer user_data)
@@ -1586,30 +1625,13 @@ load_changed_cb (WebKitWebView *web_view,
     /* TODO: Update the loading uri */
     break;
   case WEBKIT_LOAD_COMMITTED: {
-    const char* uri;
-    EphySecurityLevel security_level = EPHY_SECURITY_LEVEL_NO_SECURITY;
-
+    const char *uri;
     view->ever_committed = TRUE;
 
     /* Title and location. */
     uri = webkit_web_view_get_uri (web_view);
     ephy_web_view_location_changed (view, uri);
-
-    /* Security status. */
-    if (view->loading_tls_error_page) {
-      view->loading_tls_error_page = FALSE;
-    } else {
-      g_clear_object (&view->certificate);
-      g_clear_pointer (&view->tls_error_failing_uri, g_free);
-
-      if (webkit_web_view_get_tls_info (web_view, &view->certificate, &view->tls_errors)) {
-        g_object_ref (view->certificate);
-        security_level = view->tls_errors == 0 ?
-          EPHY_SECURITY_LEVEL_STRONG_SECURITY : EPHY_SECURITY_LEVEL_BROKEN_SECURITY;
-      }
-
-      ephy_web_view_set_security_level (EPHY_WEB_VIEW (web_view), security_level);
-    }
+    update_security_status_for_committed_load (view, uri);
 
     /* History. */
     if (!ephy_web_view_is_history_frozen (view)) {
@@ -2020,7 +2042,7 @@ load_failed_with_tls_error_cb (WebKitWebView *web_view,
   view->certificate = g_object_ref (certificate);
   view->tls_errors = errors;
   view->tls_error_failing_uri = g_strdup (uri);
-  ephy_web_view_set_security_level (EPHY_WEB_VIEW (web_view), EPHY_SECURITY_LEVEL_BROKEN_SECURITY);
+  ephy_web_view_set_security_level (view, EPHY_SECURITY_LEVEL_UNACCEPTABLE_CERTIFICATE);
   ephy_web_view_load_error_page (EPHY_WEB_VIEW (web_view), uri,
                                  EPHY_WEB_VIEW_ERROR_INVALID_TLS_CERTIFICATE, NULL);
 
@@ -2034,7 +2056,7 @@ mixed_content_detected_cb (WebKitWebView *web_view,
 {
   EphyWebView *view = EPHY_WEB_VIEW (web_view);
 
-  if (view->security_level != EPHY_SECURITY_LEVEL_BROKEN_SECURITY)
+  if (view->security_level != EPHY_SECURITY_LEVEL_UNACCEPTABLE_CERTIFICATE)
     ephy_web_view_set_security_level (view, EPHY_SECURITY_LEVEL_MIXED_CONTENT);
 }
 
@@ -2082,7 +2104,7 @@ ephy_web_view_init (EphyWebView *web_view)
   web_view->is_blank = TRUE;
   web_view->ever_committed = FALSE;
   web_view->document_type = EPHY_WEB_VIEW_DOCUMENT_HTML;
-  web_view->security_level = EPHY_SECURITY_LEVEL_NO_SECURITY;
+  web_view->security_level = EPHY_SECURITY_LEVEL_TO_BE_DETERMINED;
 
   web_view->file_monitor = ephy_file_monitor_new (web_view);
 
diff --git a/lib/ephy-security-levels.c b/lib/ephy-security-levels.c
index d67949b..37c4fec 100644
--- a/lib/ephy-security-levels.c
+++ b/lib/ephy-security-levels.c
@@ -33,14 +33,14 @@ ephy_security_level_to_icon_name (EphySecurityLevel level)
   const char *result;
 
   switch (level) {
-  case EPHY_SECURITY_LEVEL_NO_SECURITY:
+  case EPHY_SECURITY_LEVEL_LOCAL_PAGE:
+  case EPHY_SECURITY_LEVEL_TO_BE_DETERMINED:
     result = NULL;
     break;
-  case EPHY_SECURITY_LEVEL_BROKEN_SECURITY:
-    result = "channel-insecure-symbolic";
-    break;
+  case EPHY_SECURITY_LEVEL_NO_SECURITY:
   case EPHY_SECURITY_LEVEL_MIXED_CONTENT:
-    result = "dialog-warning-symbolic";
+  case EPHY_SECURITY_LEVEL_UNACCEPTABLE_CERTIFICATE:
+    result = "channel-insecure-symbolic";
     break;
   case EPHY_SECURITY_LEVEL_STRONG_SECURITY:
     result = "channel-secure-symbolic";
diff --git a/lib/ephy-security-levels.h b/lib/ephy-security-levels.h
index 3d60c41..dac2cd0 100644
--- a/lib/ephy-security-levels.h
+++ b/lib/ephy-security-levels.h
@@ -28,12 +28,22 @@
 
 G_BEGIN_DECLS
 
+#if 0
+TODO: EPHY_SECURITY_LEVEL_WEAK_SECURITY should be implemented for e.g. certs
+that use SHA1 or RSA 1024, connections that use RC4, connections that required
+protocol version fallback, servers that did not send the safe renegotiation
+extension, servers that picked weak DH primes, whatever else turns out to be bad
+next year, etc. etc.
+#endif
+
 typedef enum
 {
+  EPHY_SECURITY_LEVEL_TO_BE_DETERMINED,
   EPHY_SECURITY_LEVEL_NO_SECURITY,
-  EPHY_SECURITY_LEVEL_BROKEN_SECURITY,
+  EPHY_SECURITY_LEVEL_UNACCEPTABLE_CERTIFICATE,
   EPHY_SECURITY_LEVEL_MIXED_CONTENT,
   EPHY_SECURITY_LEVEL_STRONG_SECURITY,
+  EPHY_SECURITY_LEVEL_LOCAL_PAGE
 } EphySecurityLevel;
 
 const char *ephy_security_level_to_icon_name (EphySecurityLevel level);
diff --git a/lib/widgets/ephy-certificate-dialog.c b/lib/widgets/ephy-certificate-dialog.c
index d50188e..5f70573 100644
--- a/lib/widgets/ephy-certificate-dialog.c
+++ b/lib/widgets/ephy-certificate-dialog.c
@@ -18,6 +18,8 @@
 #include "config.h"
 #include "ephy-certificate-dialog.h"
 
+#include "ephy-lib-type-builtins.h"
+
 #define GCR_API_SUBJECT_TO_CHANGE
 #include <gcr/gcr.h>
 #include <glib/gi18n.h>
@@ -35,6 +37,7 @@ enum
   PROP_0,
   PROP_ADDRESS,
   PROP_CERTIFICATE,
+  PROP_SECURITY_LEVEL,
   PROP_TLS_ERRORS
 };
 
@@ -43,6 +46,8 @@ struct _EphyCertificateDialogPrivate
   GtkWidget *icon;
   GtkWidget *title;
   GtkWidget *text;
+  GTlsCertificateFlags tls_errors;
+  EphySecurityLevel security_level;
 };
 
 G_DEFINE_TYPE (EphyCertificateDialog, ephy_certificate_dialog, GTK_TYPE_DIALOG)
@@ -129,34 +134,49 @@ get_error_messages_from_tls_errors (GTlsCertificateFlags tls_errors)
 }
 
 static void
-ephy_certificate_dialog_set_tls_errors (EphyCertificateDialog *dialog,
-                                        GTlsCertificateFlags tls_errors)
+ephy_certificate_dialog_constructed (GObject *object)
 {
+  EphyCertificateDialog *dialog = EPHY_CERTIFICATE_DIALOG (object);
   EphyCertificateDialogPrivate *priv = dialog->priv;
   GIcon *icon;
+  const char *icon_name;
   char *markup;
 
-  icon = tls_errors == 0 ?
-    g_themed_icon_new_with_default_fallbacks ("channel-secure-symbolic") :
-    g_themed_icon_new_with_default_fallbacks ("channel-insecure-symbolic");
-  gtk_image_set_from_gicon (GTK_IMAGE (priv->icon), icon, GTK_ICON_SIZE_DIALOG);
-  g_object_unref (icon);
+  G_OBJECT_CLASS (ephy_certificate_dialog_parent_class)->constructed (object);
+
+  icon_name = ephy_security_level_to_icon_name (priv->security_level);
+  if (icon_name) {
+    icon = g_themed_icon_new_with_default_fallbacks (icon_name);
+    gtk_image_set_from_gicon (GTK_IMAGE (priv->icon), icon, GTK_ICON_SIZE_DIALOG);
+    g_object_unref (icon);
+  }
 
   markup = g_strdup_printf ("<span weight=\"bold\" size=\"large\">%s</span>",
-                           tls_errors == 0 ?
+                           priv->tls_errors == 0 ?
                            _("The identity of this website has been verified.") :
                            _("The identity of this website has not been verified."));
   gtk_label_set_markup (GTK_LABEL (priv->title), markup);
   g_free (markup);
 
-  if (tls_errors) {
-    char *text = get_error_messages_from_tls_errors (tls_errors);
-
+  if (priv->tls_errors) {
+    char *text = get_error_messages_from_tls_errors (priv->tls_errors);
     gtk_label_set_text (GTK_LABEL (priv->text), text);
     g_free (text);
-
-    gtk_widget_show (priv->text);
+  } else {
+    switch (priv->security_level) {
+    case EPHY_SECURITY_LEVEL_STRONG_SECURITY:
+      /* Message on certificte dialog ertificate dialog */
+      gtk_label_set_text (GTK_LABEL (priv->text), _("No problems have been detected with your connection."));
+      break;
+    case EPHY_SECURITY_LEVEL_MIXED_CONTENT:
+      gtk_label_set_text (GTK_LABEL (priv->text), _("This certificate is valid. However, "
+                                                    "resources on this page were sent insecurely."));
+      break;
+    default:
+      g_assert_not_reached ();
+    }
   }
+  gtk_widget_show (priv->text);
 }
 
 static void
@@ -166,6 +186,7 @@ ephy_certificate_dialog_set_property (GObject *object,
                                       GParamSpec *pspec)
 {
   EphyCertificateDialog *dialog = EPHY_CERTIFICATE_DIALOG (object);
+  EphyCertificateDialogPrivate *priv = dialog->priv;
 
   switch (prop_id) {
   case PROP_ADDRESS:
@@ -174,8 +195,11 @@ ephy_certificate_dialog_set_property (GObject *object,
   case PROP_CERTIFICATE:
     ephy_certificate_dialog_set_certificate (dialog, g_value_get_object (value));
     break;
+  case PROP_SECURITY_LEVEL:
+    priv->security_level = g_value_get_enum (value);
+    break;
   case PROP_TLS_ERRORS:
-    ephy_certificate_dialog_set_tls_errors (dialog, g_value_get_flags (value));
+    priv->tls_errors = g_value_get_flags (value);
     break;
   default:
     G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
@@ -187,6 +211,7 @@ ephy_certificate_dialog_class_init (EphyCertificateDialogClass *klass)
 {
   GObjectClass *object_class = G_OBJECT_CLASS (klass);
 
+  object_class->constructed = ephy_certificate_dialog_constructed;
   object_class->set_property = ephy_certificate_dialog_set_property;
 
   /**
@@ -224,6 +249,24 @@ ephy_certificate_dialog_class_init (EphyCertificateDialogClass *klass)
                                                        G_PARAM_STATIC_BLURB));
 
   /**
+   * EphySecurityLevel:security-level:
+   *
+   * Indicates whether something is wrong with the connection.
+   */
+  g_object_class_install_property (object_class,
+                                  PROP_SECURITY_LEVEL,
+                                  g_param_spec_enum ("security-level",
+                                                     "Security Level",
+                                                     "Indicates whether something is wrong with the 
connection",
+                                                     EPHY_TYPE_SECURITY_LEVEL,
+                                                     EPHY_SECURITY_LEVEL_TO_BE_DETERMINED,
+                                                     G_PARAM_WRITABLE |
+                                                     G_PARAM_CONSTRUCT_ONLY |
+                                                     G_PARAM_STATIC_NAME |
+                                                     G_PARAM_STATIC_NICK |
+                                                     G_PARAM_STATIC_BLURB));
+
+  /**
    * EphyCertificateDialog:tls-errors:
    *
    * The verification errors on the TLS certificate.
@@ -304,7 +347,8 @@ GtkWidget *
 ephy_certificate_dialog_new (GtkWindow *parent,
                              const char *address,
                              GTlsCertificate *certificate,
-                             GTlsCertificateFlags tls_errors)
+                             GTlsCertificateFlags tls_errors,
+                             EphySecurityLevel security_level)
 {
   GtkWidget *dialog;
 
@@ -314,6 +358,7 @@ ephy_certificate_dialog_new (GtkWindow *parent,
   dialog = GTK_WIDGET (g_object_new (EPHY_TYPE_CERTIFICATE_DIALOG,
                                     "address", address,
                                     "certificate", certificate,
+                                    "security-level", security_level,
                                     "tls-errors", tls_errors,
                                      "modal", TRUE,
                                      "use-header-bar", TRUE,
diff --git a/lib/widgets/ephy-certificate-dialog.h b/lib/widgets/ephy-certificate-dialog.h
index 6551a7b..af55ba3 100644
--- a/lib/widgets/ephy-certificate-dialog.h
+++ b/lib/widgets/ephy-certificate-dialog.h
@@ -22,6 +22,8 @@
 #ifndef EPHY_CERTIFICATE_DIALOG_H
 #define EPHY_CERTIFICATE_DIALOG_H
 
+#include "ephy-security-levels.h"
+
 #include <gio/gio.h>
 #include <gtk/gtk.h>
 
@@ -56,7 +58,8 @@ GType      ephy_certificate_dialog_get_type (void);
 GtkWidget *ephy_certificate_dialog_new      (GtkWindow           *parent,
                                              const char          *address,
                                              GTlsCertificate     *certificate,
-                                             GTlsCertificateFlags tls_errors);
+                                             GTlsCertificateFlags tls_errors,
+                                             EphySecurityLevel    security_level);
 
 G_END_DECLS
 
diff --git a/lib/widgets/ephy-certificate-popover.c b/lib/widgets/ephy-certificate-popover.c
index 5dc1088..3759f00 100644
--- a/lib/widgets/ephy-certificate-popover.c
+++ b/lib/widgets/ephy-certificate-popover.c
@@ -49,8 +49,10 @@ struct _EphyCertificatePopoverPrivate
   GtkWidget *lock_image;
   GtkWidget *host_label;
   GtkWidget *security_label;
+  GtkWidget *grid;
   GTlsCertificate *certificate;
   GTlsCertificateFlags tls_errors;
+  EphySecurityLevel security_level;
 };
 
 G_DEFINE_TYPE_WITH_PRIVATE (EphyCertificatePopover, ephy_certificate_popover, GTK_TYPE_POPOVER)
@@ -84,16 +86,8 @@ ephy_certificate_popover_set_certificate (EphyCertificatePopover *popover,
 {
   EphyCertificatePopoverPrivate *priv = popover->priv;
 
-  priv->certificate = g_object_ref (certificate);
-}
-
-static void
-ephy_certificate_popover_set_tls_errors (EphyCertificatePopover *popover,
-                                         GTlsCertificateFlags tls_errors)
-{
-  EphyCertificatePopoverPrivate *priv = popover->priv;
-
-  priv->tls_errors = tls_errors;
+  if (certificate)
+    priv->certificate = g_object_ref (certificate);
 }
 
 static void
@@ -102,45 +96,102 @@ ephy_certificate_popover_set_security_level (EphyCertificatePopover *popover,
 {
   EphyCertificatePopoverPrivate *priv = popover->priv;
   GIcon *icon;
-  char *label_text;
   char *address_text;
+  char *label_text = NULL;
+
+  priv->security_level = security_level;
+
+  address_text = g_markup_printf_escaped ("<span weight=\"bold\">%s</span>", priv->hostname);
 
   switch (security_level) {
-  case EPHY_SECURITY_LEVEL_BROKEN_SECURITY:
-    address_text = g_markup_printf_escaped ("<span weight=\"bold\">%s</span>", priv->hostname);
+  case EPHY_SECURITY_LEVEL_UNACCEPTABLE_CERTIFICATE:
     /* Label in certificate popover when site is untrusted. %s is a URL. */
     label_text = g_strdup_printf (_("This web site’s digital identification is not trusted. "
                                     "You may have connected to an attacker pretending to be %s."),
                                   address_text);
     gtk_label_set_markup (GTK_LABEL (priv->security_label), label_text);
     gtk_widget_hide (priv->host_label);
-    g_free (label_text);
-    g_free (address_text);
+    break;
+  case EPHY_SECURITY_LEVEL_NO_SECURITY:
+    /* Label in certificate popover when site uses HTTP. %s is a URL. */
+    label_text = g_strdup_printf (_("%s has no security. An attacker could see any information "
+                                    "you send, or control the content that you see."),
+                                  address_text);
+    gtk_label_set_markup (GTK_LABEL (priv->security_label), label_text);
+    gtk_widget_hide (priv->host_label);
     break;
   case EPHY_SECURITY_LEVEL_MIXED_CONTENT:
     gtk_label_set_text (GTK_LABEL (priv->security_label),
                         /* Label in certificate popover when site sends mixed content. */
-                        _("Part of this page is insecure."));
+                        _("This web site did not properly secure your connection."));
     gtk_widget_show (priv->host_label);
     break;
   case EPHY_SECURITY_LEVEL_STRONG_SECURITY:
     gtk_label_set_text (GTK_LABEL (priv->security_label),
                         /* Label in certificate popover on secure sites. */
-                        _("Your connection is secure."));
+                        _("Your connection seems to be secure."));
     gtk_widget_show (priv->host_label);
     break;
-  case EPHY_SECURITY_LEVEL_NO_SECURITY:
-    /* How did we get to this popover? Fall through. */
   default:
     g_assert_not_reached ();
   }
 
   icon = g_themed_icon_new_with_default_fallbacks (ephy_security_level_to_icon_name (security_level));
   gtk_image_set_from_gicon (GTK_IMAGE (priv->lock_image), icon, GTK_ICON_SIZE_DIALOG);
+
+  g_free (address_text);
+  g_free (label_text);
   g_object_unref (icon);
 }
 
 static void
+certificate_button_clicked_cb (GtkButton *button,
+                               gpointer user_data)
+{
+  EphyCertificatePopover *popover = EPHY_CERTIFICATE_POPOVER (user_data);
+  EphyCertificatePopoverPrivate *priv = popover->priv;
+  GtkWidget *dialog;
+
+  dialog = ephy_certificate_dialog_new (GTK_WINDOW (gtk_widget_get_toplevel (GTK_WIDGET (popover))),
+                                        priv->address,
+                                        priv->certificate,
+                                        priv->tls_errors,
+                                        priv->security_level);
+  gtk_window_set_destroy_with_parent (GTK_WINDOW (dialog), TRUE);
+  g_signal_connect (dialog, "response",
+                    G_CALLBACK (gtk_widget_destroy),
+                    NULL);
+
+  gtk_widget_hide (GTK_WIDGET (popover));
+  gtk_widget_show (dialog);
+}
+
+static void
+ephy_certificate_popover_constructed (GObject *object)
+{
+  EphyCertificatePopover *popover = EPHY_CERTIFICATE_POPOVER (object);
+  EphyCertificatePopoverPrivate *priv = popover->priv;
+  GtkWidget *certificate_button;
+
+  G_OBJECT_CLASS (ephy_certificate_popover_parent_class)->constructed (object);
+
+  if (!priv->certificate)
+    return;
+
+  certificate_button = gtk_button_new_with_mnemonic (_("_View Certificate…"));
+  gtk_widget_set_halign (certificate_button, GTK_ALIGN_CENTER);
+  gtk_widget_set_valign (certificate_button, GTK_ALIGN_END);
+  gtk_widget_set_margin_top (certificate_button, 5);
+  gtk_widget_set_receives_default (certificate_button, FALSE);
+  gtk_widget_show (certificate_button);
+  g_signal_connect (certificate_button, "clicked",
+                    G_CALLBACK (certificate_button_clicked_cb),
+                    popover);
+
+  gtk_grid_attach (GTK_GRID (priv->grid), certificate_button, 2, 1, 1, 1);
+}
+
+static void
 ephy_certificate_popover_dispose (GObject *object)
 {
   EphyCertificatePopover *popover = EPHY_CERTIFICATE_POPOVER (object);
@@ -170,6 +221,7 @@ ephy_certificate_popover_set_property (GObject *object,
                                        GParamSpec *pspec)
 {
   EphyCertificatePopover *popover = EPHY_CERTIFICATE_POPOVER (object);
+  EphyCertificatePopoverPrivate *priv = popover->priv;
 
   switch (prop_id) {
   case PROP_ADDRESS:
@@ -182,7 +234,7 @@ ephy_certificate_popover_set_property (GObject *object,
     ephy_certificate_popover_set_security_level (popover, g_value_get_enum (value));
     break;
   case PROP_TLS_ERRORS:
-    ephy_certificate_popover_set_tls_errors (popover, g_value_get_flags (value));
+    priv->tls_errors = g_value_get_flags (value);
     break;
   default:
     G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
@@ -203,32 +255,12 @@ ephy_certificate_popover_get_preferred_width (GtkWidget *widget,
 }
 
 static void
-certificate_button_clicked_cb (GtkButton *button,
-                               gpointer user_data)
-{
-  EphyCertificatePopover *popover = EPHY_CERTIFICATE_POPOVER (user_data);
-  EphyCertificatePopoverPrivate *priv = popover->priv;
-  GtkWidget *dialog;
-
-  dialog = ephy_certificate_dialog_new (GTK_WINDOW (gtk_widget_get_toplevel (GTK_WIDGET (popover))),
-                                        priv->address,
-                                        priv->certificate,
-                                        priv->tls_errors);
-  gtk_window_set_destroy_with_parent (GTK_WINDOW (dialog), TRUE);
-  g_signal_connect (dialog, "response",
-                    G_CALLBACK (gtk_widget_destroy),
-                    NULL);
-
-  gtk_widget_hide (GTK_WIDGET (popover));
-  gtk_widget_show (dialog);
-}
-
-static void
 ephy_certificate_popover_class_init (EphyCertificatePopoverClass *klass)
 {
   GObjectClass *object_class = G_OBJECT_CLASS (klass);
   GtkWidgetClass *widget_class = GTK_WIDGET_CLASS (klass);
 
+  object_class->constructed = ephy_certificate_popover_constructed;
   object_class->dispose = ephy_certificate_popover_dispose;
   object_class->finalize = ephy_certificate_popover_finalize;
   object_class->set_property = ephy_certificate_popover_set_property;
@@ -259,7 +291,7 @@ ephy_certificate_popover_class_init (EphyCertificatePopoverClass *klass)
                                    PROP_CERTIFICATE,
                                    g_param_spec_object ("certificate",
                                                         "Certificate",
-                                                        "The certificate of the website",
+                                                        "The certificate of the website, if HTTPS",
                                                         G_TYPE_TLS_CERTIFICATE,
                                                         G_PARAM_WRITABLE |
                                                         G_PARAM_CONSTRUCT_ONLY |
@@ -274,7 +306,7 @@ ephy_certificate_popover_class_init (EphyCertificatePopoverClass *klass)
                                    PROP_TLS_ERRORS,
                                    g_param_spec_flags ("tls-errors",
                                                        "TLS Errors",
-                                                       "Issues with the security of the website",
+                                                       "Issues with the security of the website, if HTTPS",
                                                        G_TYPE_TLS_CERTIFICATE_FLAGS,
                                                        0,
                                                        G_PARAM_WRITABLE |
@@ -292,7 +324,7 @@ ephy_certificate_popover_class_init (EphyCertificatePopoverClass *klass)
                                                       "Security Level",
                                                       "Determines what type of information to display",
                                                       EPHY_TYPE_SECURITY_LEVEL,
-                                                      0,
+                                                      EPHY_SECURITY_LEVEL_TO_BE_DETERMINED,
                                                       G_PARAM_WRITABLE |
                                                       G_PARAM_CONSTRUCT_ONLY |
                                                       G_PARAM_STATIC_STRINGS));
@@ -302,27 +334,16 @@ static void
 ephy_certificate_popover_init (EphyCertificatePopover *popover)
 {
   EphyCertificatePopoverPrivate *priv;
-  GtkWidget *grid;
-  GtkWidget *certificate_button;
 
   popover->priv = ephy_certificate_popover_get_instance_private (popover);
   priv = popover->priv;
 
-  grid = gtk_grid_new ();
-  gtk_grid_set_column_spacing (GTK_GRID (grid), 15);
-  g_object_set (grid, "margin", 10, NULL);
+  priv->grid = gtk_grid_new ();
+  gtk_grid_set_column_spacing (GTK_GRID (priv->grid), 15);
+  g_object_set (priv->grid, "margin", 10, NULL);
 
   priv->lock_image = gtk_image_new ();
 
-  certificate_button = gtk_button_new_with_mnemonic (_("_View Certificate…"));
-  gtk_widget_set_halign (certificate_button, GTK_ALIGN_CENTER);
-  gtk_widget_set_valign (certificate_button, GTK_ALIGN_END);
-  gtk_widget_set_margin_top (certificate_button, 5);
-  gtk_widget_set_receives_default (certificate_button, FALSE);
-  g_signal_connect (certificate_button, "clicked",
-                    G_CALLBACK (certificate_button_clicked_cb),
-                    popover);
-
   priv->host_label = gtk_label_new (NULL);
   gtk_widget_set_halign (priv->host_label, GTK_ALIGN_START);
 
@@ -331,13 +352,12 @@ ephy_certificate_popover_init (EphyCertificatePopover *popover)
   /* We must use deprecated GtkMisc, not halign, as GTK_ALIGN_START fails for labels with line wrap. */
   gtk_misc_set_alignment (GTK_MISC (priv->security_label), 0.0, 0.5);
 
-  gtk_grid_attach (GTK_GRID (grid), priv->lock_image, 0, 0, 1, 2);
-  gtk_grid_attach (GTK_GRID (grid), priv->host_label, 1, 0, 1, 1);
-  gtk_grid_attach (GTK_GRID (grid), priv->security_label, 1, 1, 1, 1);
-  gtk_grid_attach (GTK_GRID (grid), certificate_button, 2, 1, 1, 1);
+  gtk_grid_attach (GTK_GRID (priv->grid), priv->lock_image, 0, 0, 1, 2);
+  gtk_grid_attach (GTK_GRID (priv->grid), priv->host_label, 1, 0, 1, 1);
+  gtk_grid_attach (GTK_GRID (priv->grid), priv->security_label, 1, 1, 1, 1);
 
-  gtk_container_add (GTK_CONTAINER (popover), grid);
-  gtk_widget_show_all (grid);
+  gtk_container_add (GTK_CONTAINER (popover), priv->grid);
+  gtk_widget_show_all (priv->grid);
 }
 
 GtkWidget *ephy_certificate_popover_new (GtkWidget *relative_to,
@@ -347,7 +367,6 @@ GtkWidget *ephy_certificate_popover_new (GtkWidget *relative_to,
                                          EphySecurityLevel security_level)
 {
   g_return_val_if_fail (address != NULL, NULL);
-  g_return_val_if_fail (G_IS_TLS_CERTIFICATE (certificate), NULL);
 
   return GTK_WIDGET (g_object_new (EPHY_TYPE_CERTIFICATE_POPOVER,
                                    "address", address,
diff --git a/lib/widgets/ephy-location-entry.c b/lib/widgets/ephy-location-entry.c
index 2186f17..5cb2ac8 100644
--- a/lib/widgets/ephy-location-entry.c
+++ b/lib/widgets/ephy-location-entry.c
@@ -250,7 +250,7 @@ ephy_location_entry_class_init (EphyLocationEntryClass *klass)
                                                             "Security level",
                                                             "State of the security icon",
                                                             EPHY_TYPE_SECURITY_LEVEL,
-                                                            EPHY_SECURITY_LEVEL_NO_SECURITY,
+                                                            EPHY_SECURITY_LEVEL_TO_BE_DETERMINED,
                                                             G_PARAM_WRITABLE | G_PARAM_STATIC_NAME | 
G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB));
 
        g_object_class_install_property (object_class,
diff --git a/src/ephy-title-box.c b/src/ephy-title-box.c
index 7815a2a..d1c8a68 100644
--- a/src/ephy-title-box.c
+++ b/src/ephy-title-box.c
@@ -638,16 +638,19 @@ ephy_title_box_set_security_level (EphyTitleBox         *title_box,
                                    EphySecurityLevel     security_level)
 {
   EphyTitleBoxPrivate *priv;
+  const char *icon_name;
 
   g_return_if_fail (EPHY_IS_TITLE_BOX (title_box));
 
   priv = ephy_title_box_get_instance_private (title_box);
+  icon_name = ephy_security_level_to_icon_name (security_level);
 
   g_object_set (priv->lock_image,
-                "icon-name", ephy_security_level_to_icon_name (security_level),
+                "icon-name", icon_name,
                 NULL);
 
-  gtk_widget_set_visible (priv->lock_image, security_level != EPHY_SECURITY_LEVEL_NO_SECURITY);
+  gtk_widget_set_visible (priv->lock_image, icon_name != NULL);
+
   ephy_location_entry_set_security_level (EPHY_LOCATION_ENTRY (priv->entry), security_level);
 }
 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]