[epiphany] Display warning icon if mixed content is detected

From: Michael Catanzaro <mcatanzaro src gnome org>
To: commits-list gnome org
Cc:
Subject: [epiphany] Display warning icon if mixed content is detected
Date: Wed, 13 Aug 2014 02:57:45 +0000 (UTC)
commit 6b59dd4a9663a5c58b752e9bdcf00b1ac5db86e3
Author: Michael Catanzaro <mcatanzaro igalia com>
Date:   Thu Jul 10 21:28:28 2014 -0500

    Display warning icon if mixed content is detected
    
    Since an attacker can modify some contents of these pages, we should
    display a warning icon instead of a secure lock, following the convention
    of major browsers.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=666808

 embed/ephy-web-view.c             |   14 +++++++++
 lib/Makefile.am                   |    1 +
 lib/ephy-security-levels.c        |   55 +++++++++++++++++++++++++++++++++++++
 lib/ephy-security-levels.h        |    3 ++
 lib/widgets/ephy-location-entry.c |   28 +++++++-----------
 src/ephy-title-box.c              |    6 ++--
 6 files changed, 87 insertions(+), 20 deletions(-)
---
diff --git a/embed/ephy-web-view.c b/embed/ephy-web-view.c
index c9442dd..b2c6e88 100644
--- a/embed/ephy-web-view.c
+++ b/embed/ephy-web-view.c
@@ -2041,6 +2041,16 @@ load_failed_with_tls_error_cb (WebKitWebView *web_view,
 }
 
 static void
+mixed_content_detected_cb (WebKitWebView *web_view,
+                           WebKitInsecureContentEvent event,
+                           gpointer user_data)
+{
+  EphyWebView *view = EPHY_WEB_VIEW (web_view);
+
+  ephy_web_view_set_security_level (view, EPHY_SECURITY_LEVEL_MIXED_CONTENT);
+}
+
+static void
 close_web_view_cb (WebKitWebView *web_view,
                    gpointer user_data)
 
@@ -2123,6 +2133,10 @@ ephy_web_view_init (EphyWebView *web_view)
                     G_CALLBACK (load_failed_with_tls_error_cb),
                     NULL);
 
+  g_signal_connect (web_view, "insecure-content-detected",
+                    G_CALLBACK (mixed_content_detected_cb),
+                    NULL);
+
   g_signal_connect (web_view, "notify::zoom-level",
                     G_CALLBACK (zoom_changed_cb),
                     NULL);
diff --git a/lib/Makefile.am b/lib/Makefile.am
index e3695d1..7c3894d 100644
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -59,6 +59,7 @@ libephymisc_la_SOURCES = \
        ephy-prefs.h                            \
        ephy-profile-utils.c                    \
        ephy-profile-utils.h                    \
+       ephy-security-levels.c                  \
        ephy-settings.c                         \
        ephy-signal-accumulator.c               \
        ephy-smaps.c                            \
diff --git a/lib/ephy-security-levels.c b/lib/ephy-security-levels.c
new file mode 100644
index 0000000..1ea9b0e
--- /dev/null
+++ b/lib/ephy-security-levels.c
@@ -0,0 +1,55 @@
+/* -*- Mode: C; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set sw=2 ts=2 sts=2 et: */
+/*
+ *  Copyright © 2014 Igalia S.L.
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; either version 2, or (at your option)
+ *  any later version.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ */
+
+#include "config.h"
+#include "ephy-security-levels.h"
+
+/**
+ * ephy_security_level_to_icon_name:
+ * @level: an #EphySecurityLevel
+ *
+ * Returns: the icon name corresponding to this security level,
+ *   or NULL if no icon should be shown.
+ */
+const char *
+ephy_security_level_to_icon_name (EphySecurityLevel level)
+{
+       const char *result;
+
+       switch (level) {
+       case EPHY_SECURITY_LEVEL_NO_SECURITY:
+               result = NULL;
+               break;
+       case EPHY_SECURITY_LEVEL_BROKEN_SECURITY:
+               result = "channel-insecure-symbolic";
+               break;
+       case EPHY_SECURITY_LEVEL_MIXED_CONTENT:
+               result = "dialog-warning-symbolic";
+               break;
+       case EPHY_SECURITY_LEVEL_STRONG_SECURITY:
+               result = "channel-secure-symbolic";
+               break;
+       default:
+               g_assert_not_reached ();
+       }
+
+       return result;
+}
diff --git a/lib/ephy-security-levels.h b/lib/ephy-security-levels.h
index 759120b..22c4bcb 100644
--- a/lib/ephy-security-levels.h
+++ b/lib/ephy-security-levels.h
@@ -34,9 +34,12 @@ typedef enum
 {
   EPHY_SECURITY_LEVEL_NO_SECURITY,
   EPHY_SECURITY_LEVEL_BROKEN_SECURITY,
+  EPHY_SECURITY_LEVEL_MIXED_CONTENT,
   EPHY_SECURITY_LEVEL_STRONG_SECURITY,
 } EphySecurityLevel;
 
+const char         *ephy_security_level_to_icon_name    (EphySecurityLevel level);
+
 G_END_DECLS
 
 #endif
diff --git a/lib/widgets/ephy-location-entry.c b/lib/widgets/ephy-location-entry.c
index 839a0be..1e4b232 100644
--- a/lib/widgets/ephy-location-entry.c
+++ b/lib/widgets/ephy-location-entry.c
@@ -1586,30 +1586,24 @@ ephy_location_entry_set_security_level (EphyLocationEntry *entry,
 
 {
        EphyLocationEntryPrivate *priv;
+       const char *icon_name;
 
        g_return_if_fail (EPHY_IS_LOCATION_ENTRY (entry));
 
        priv = entry->priv;
 
-       if (priv->lock_gicon)
-               g_object_unref (priv->lock_gicon);
+       g_clear_object (&priv->lock_gicon);
 
-       switch (security_level) {
-       case EPHY_SECURITY_LEVEL_NO_SECURITY:
-               /* Fall through, but this icon should not be displayed... */
-       case EPHY_SECURITY_LEVEL_BROKEN_SECURITY:
-               priv->lock_gicon = g_themed_icon_new_with_default_fallbacks ("channel-insecure-symbolic");
-               break;
-       case EPHY_SECURITY_LEVEL_STRONG_SECURITY:
-               priv->lock_gicon = g_themed_icon_new_with_default_fallbacks ("channel-secure-symbolic");
-               break;
-       }
+       icon_name = ephy_security_level_to_icon_name (security_level);
+       if (icon_name == NULL)
+               return;
 
-       if (security_level != EPHY_SECURITY_LEVEL_NO_SECURITY) {
-               gtk_entry_set_icon_from_gicon (GTK_ENTRY (entry),
-                                              GTK_ENTRY_ICON_SECONDARY,
-                                              priv->lock_gicon);
-       }
+       g_return_if_fail (security_level != EPHY_SECURITY_LEVEL_NO_SECURITY);
+
+       priv->lock_gicon = g_themed_icon_new_with_default_fallbacks (icon_name);
+       gtk_entry_set_icon_from_gicon (GTK_ENTRY (entry),
+                                      GTK_ENTRY_ICON_SECONDARY,
+                                      priv->lock_gicon);
 }
 
 /**
diff --git a/src/ephy-title-box.c b/src/ephy-title-box.c
index 37b28c0..e9c439b 100644
--- a/src/ephy-title-box.c
+++ b/src/ephy-title-box.c
@@ -636,9 +636,9 @@ ephy_title_box_set_security_level (EphyTitleBox         *title_box,
 
   priv = ephy_title_box_get_instance_private (title_box);
 
-  g_object_set (priv->lock_image, "icon-name", security_level == EPHY_SECURITY_LEVEL_STRONG_SECURITY ?
-                                               "channel-secure-symbolic" : "channel-insecure-symbolic",
-                                  NULL);
+  g_object_set (priv->lock_image,
+                "icon-name", ephy_security_level_to_icon_name (security_level),
+                NULL);
 
   gtk_widget_set_visible (priv->lock_image, security_level != EPHY_SECURITY_LEVEL_NO_SECURITY);
   ephy_location_entry_set_security_level (EPHY_LOCATION_ENTRY (priv->entry), security_level);
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]