File: README.md

package info (click to toggle)
chromium 139.0.7258.127-1
  • links: PTS, VCS
  • area: main
  • in suites:
  • size: 6,122,068 kB
  • sloc: cpp: 35,100,771; ansic: 7,163,530; javascript: 4,103,002; python: 1,436,920; asm: 946,517; xml: 746,709; pascal: 187,653; perl: 88,691; sh: 88,436; objc: 79,953; sql: 51,488; cs: 44,583; fortran: 24,137; makefile: 22,147; tcl: 15,277; php: 13,980; yacc: 8,984; ruby: 7,485; awk: 3,720; lisp: 3,096; lex: 1,327; ada: 727; jsp: 228; sed: 36
file content (54 lines) | stat: -rw-r--r-- 2,743 bytes parent folder | download | duplicates (11) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
 
# Security Interstitials

This directory contains the implementation of security interstitials -- warning
pages that are shown instead of web content when certain security events occur
(such as an invalid certificate on an HTTPS connection, or a URL that is flagged
by Safe Browsing).

This is a layered component that includes a `core/` implementation (which is
also used by `//ios/components/security_interstitials` for the iOS
implementation), and a `content/` implementation for Blink platforms.

Security interstitials are split between an HTML+JS front end (which defines
the actual contents shown) and a C++ backing implementation.

`core/common/resources/` contains the shared HTML+JS used across the various
interstitial types.

`core/common/mojom/` contains the Mojo IPC definitions that are used for the
interstitial JS to communicate back to the C++ interstitial code to execute
various actions the user can take on the interstitial page.

`core/browser/resources` contain the HTML+JS implementations of the various
interstitial types (such as the SSL interstitial or Safe Browsing interstitial).

When adding a new interstitial type, you should also add it to
`core/browser/resources/list_of_interstitials.html` and
`chrome/browser/ui/webui/interstitials/interstitial_ui.cc` so that it is listed
in the interstitial testing page at `chrome://interstitials`.

`ControllerClient` is the C++ logic that handles commands sent by the
interstitial JS. The specific implementation is extended by the embedder -- see
`content/security_interstitial_controller_client.h` and
`//ios/components/security_interstitials/ios_blocking_page_controller_client.h`.

Many interstitials follow the pattern of implementing a core “UI” class (like
`SSLErrorUI` for SSL interstitials), which configures details for the
interstitial HTML, and connects the specific blocking page implementation with
the controller client implementation.

In `content/`, the central classes are:

*   `SecurityInterstitialControllerClient`, which handles commands from security
    interstitial pages. This is used by and extended for each interstitial type.
*   `SecurityInterstitialPage`, which handles the state of the interstitial page.
    This is extended for each interstitial type.
*   `SecurityInterstitialTabHelper`, which connects an interstitial page to a
    WebContents, and owns the underlying interstitial page.

`//ios/components/security_interstitials/` has parallel implementations, but for
iOS where we can’t use `content/`.

This directory is not an exhaustive container of all security interstitials.
Some interstitial types build on the core component classes but are implemented
outside of this directory (e.g., `chrome/browser/lookalikes/`).