@yuebai008/cli/dist/cli-server/client/front_end/panels/security/SecurityPanel.js

Command line interface for rapid qg-minigame development

import*as Common from"../../core/common/common.js";import*as Host from"../../core/host/host.js";import*as i18n from"../../core/i18n/i18n.js";import*as SDK from"../../core/sdk/sdk.js";import*as NetworkForward from"../../panels/network/forward/forward.js";import*as UI from"../../ui/legacy/legacy.js";import lockIconStyles from"./lockIcon.css.js";import mainViewStyles from"./mainView.css.js";import originViewStyles from"./originView.css.js";import sidebarStyles from"./sidebar.css.js";import{Events,SecurityModel,SecurityStyleExplanation,SummaryMessages}from"./SecurityModel.js";const UIStrings={overview:"Overview",mainOrigin:"Main origin",nonsecureOrigins:"Non-secure origins",secureOrigins:"Secure origins",unknownCanceled:"Unknown / canceled",reloadToViewDetails:"Reload to view details",mainOriginSecure:"Main origin (secure)",mainOriginNonsecure:"Main origin (non-secure)",securityOverview:"Security overview",secure:"Secure",info:"Info",notSecure:"Not secure",viewCertificate:"View certificate",notSecureBroken:"Not secure (broken)",thisPageIsDangerousFlaggedBy:"This page is dangerous (flagged by Google Safe Browsing).",flaggedByGoogleSafeBrowsing:"Flagged by Google Safe Browsing",toCheckThisPagesStatusVisit:"To check this page's status, visit g.co/safebrowsingstatus.",thisIsAnErrorPage:"This is an error page.",thisPageIsInsecureUnencrypted:"This page is insecure (unencrypted HTTP).",thisPageHasANonhttpsSecureOrigin:"This page has a non-HTTPS secure origin.",thisPageIsSuspicious:"This page is suspicious",chromeHasDeterminedThatThisSiteS:"Chrome has determined that this site could be fake or fraudulent.",ifYouBelieveThisIsShownIn:"If you believe this is shown in error please visit https://g.co/chrome/lookalike-warnings.",possibleSpoofingUrl:"Possible spoofing URL",thisSitesHostnameLooksSimilarToP:"This site's hostname looks similar to {PH1}. Attackers sometimes mimic sites by making small, hard-to-see changes to the domain name.",ifYouBelieveThisIsShownInErrorSafety:"If you believe this is shown in error please visit https://g.co/chrome/lookalike-warnings.",thisPageIsSuspiciousFlaggedBy:"This page is suspicious (flagged by Chrome).",certificate:"Certificate",insecureSha:"insecure (SHA-1)",theCertificateChainForThisSite:"The certificate chain for this site contains a certificate signed using SHA-1.",subjectAlternativeNameMissing:"`Subject Alternative Name` missing",theCertificateForThisSiteDoesNot:"The certificate for this site does not contain a `Subject Alternative Name` extension containing a domain name or IP address.",missing:"missing",thisSiteIsMissingAValidTrusted:"This site is missing a valid, trusted certificate ({PH1}).",validAndTrusted:"valid and trusted",theConnectionToThisSiteIsUsingA:"The connection to this site is using a valid, trusted server certificate issued by {PH1}.",publickeypinningBypassed:"Public-Key-Pinning bypassed",publickeypinningWasBypassedByA:"Public-Key-Pinning was bypassed by a local root certificate.",certificateExpiresSoon:"Certificate expires soon",theCertificateForThisSiteExpires:"The certificate for this site expires in less than 48 hours and needs to be renewed.",connection:"Connection",secureConnectionSettings:"secure connection settings",theConnectionToThisSiteIs:"The connection to this site is encrypted and authenticated using {PH1}, {PH2}, and {PH3}.",sIsObsoleteEnableTlsOrLater:"{PH1} is obsolete. Enable TLS 1.2 or later.",rsaKeyExchangeIsObsoleteEnableAn:"RSA key exchange is obsolete. Enable an ECDHE-based cipher suite.",sIsObsoleteEnableAnAesgcmbased:"{PH1} is obsolete. Enable an AES-GCM-based cipher suite.",theServerSignatureUsesShaWhichIs:"The server signature uses SHA-1, which is obsolete. Enable a SHA-2 signature algorithm instead. (Note this is different from the signature in the certificate.)",obsoleteConnectionSettings:"obsolete connection settings",resources:"Resources",activeMixedContent:"active mixed content",youHaveRecentlyAllowedNonsecure:"You have recently allowed non-secure content (such as scripts or iframes) to run on this site.",mixedContent:"mixed content",thisPageIncludesHttpResources:"This page includes HTTP resources.",nonsecureForm:"non-secure form",thisPageIncludesAFormWithA:'This page includes a form with a non-secure "action" attribute.',activeContentWithCertificate:"active content with certificate errors",youHaveRecentlyAllowedContent:"You have recently allowed content loaded with certificate errors (such as scripts or iframes) to run on this site.",contentWithCertificateErrors:"content with certificate errors",thisPageIncludesResourcesThat:"This page includes resources that were loaded with certificate errors.",allServedSecurely:"all served securely",allResourcesOnThisPageAreServed:"All resources on this page are served securely.",blockedMixedContent:"Blocked mixed content",yourPageRequestedNonsecure:"Your page requested non-secure resources that were blocked.",reloadThePageToRecordRequestsFor:"Reload the page to record requests for HTTP resources.",viewDRequestsInNetworkPanel:"{n, plural, =1 {View # request in Network Panel} other {View # requests in Network Panel}}",origin:"Origin",viewRequestsInNetworkPanel:"View requests in Network Panel",protocol:"Protocol",keyExchange:"Key exchange",cipher:"Cipher",serverSignature:"Server signature",encryptedClientHello:"Encrypted ClientHello",certificateTransparency:"Certificate Transparency",subject:"Subject",validFrom:"Valid from",validUntil:"Valid until",issuer:"Issuer",openFullCertificateDetails:"Open full certificate details",sct:"SCT",logName:"Log name",logId:"Log ID",validationStatus:"Validation status",source:"Source",issuedAt:"Issued at",hashAlgorithm:"Hash algorithm",signatureAlgorithm:"Signature algorithm",signatureData:"Signature data",showFullDetails:"Show full details",hideFullDetails:"Hide full details",thisRequestCompliesWithChromes:"This request complies with `Chrome`'s Certificate Transparency policy.",thisRequestDoesNotComplyWith:"This request does not comply with `Chrome`'s Certificate Transparency policy.",thisResponseWasLoadedFromCache:"This response was loaded from cache. Some security details might be missing.",theSecurityDetailsAboveAreFrom:"The security details above are from the first inspected response.",thisOriginIsANonhttpsSecure:"This origin is a non-HTTPS secure origin.",yourConnectionToThisOriginIsNot:"Your connection to this origin is not secure.",noSecurityInformation:"No security information",noSecurityDetailsAreAvailableFor:"No security details are available for this origin.",na:"(n/a)",showLess:"Show less",showMoreSTotal:"Show more ({PH1} total)",unknownField:"unknown",enabled:"enabled"},str_=i18n.i18n.registerUIStrings("panels/security/SecurityPanel.ts",UIStrings),i18nString=i18n.i18n.getLocalizedString.bind(void 0,str_);let securityPanelInstance;const SignatureSchemeStrings=new Map([[513,"RSA with SHA-1"],[1025,"RSA with SHA-256"],[1281,"RSA with SHA-384"],[1537,"RSA with SHA-512"],[1027,"ECDSA with SHA-256"],[1283,"ECDSA with SHA-384"],[2052,"RSA-PSS with SHA-256"],[2053,"RSA-PSS with SHA-384"],[2054,"RSA-PSS with SHA-512"]]);export class SecurityPanel extends UI.Panel.PanelWithSidebar{mainView;sidebarMainViewElement;sidebarTree;lastResponseReceivedForLoaderId;origins;filterRequestCounts;visibleView;eventListeners;securityModel;constructor(){super("security"),this.mainView=new SecurityMainView(this);const e=document.createElement("span");e.classList.add("title"),e.textContent=i18nString(UIStrings.overview),this.sidebarMainViewElement=new SecurityPanelSidebarTreeElement(e,this.setVisibleView.bind(this,this.mainView),"security-main-view-sidebar-tree-item","lock-icon"),this.sidebarMainViewElement.tooltip=e.textContent,this.sidebarTree=new SecurityPanelSidebarTree(this.sidebarMainViewElement,this.showOrigin.bind(this)),this.panelSidebarElement().appendChild(this.sidebarTree.element),this.lastResponseReceivedForLoaderId=new Map,this.origins=new Map,this.filterRequestCounts=new Map,this.visibleView=null,this.eventListeners=[],this.securityModel=null,SDK.TargetManager.TargetManager.instance().observeModels(SecurityModel,this,{scoped:!0}),SDK.TargetManager.TargetManager.instance().addModelListener(SDK.ResourceTreeModel.ResourceTreeModel,SDK.ResourceTreeModel.Events.PrimaryPageChanged,this.onPrimaryPageChanged,this)}static instance(e={forceNew:null}){const{forceNew:t}=e;return securityPanelInstance&&!t||(securityPanelInstance=new SecurityPanel),securityPanelInstance}static createCertificateViewerButtonForOrigin(e,t){const i=UI.UIUtils.createTextButton(e,(async e=>{e.consume();const i=await SDK.NetworkManager.MultitargetNetworkManager.instance().getCertificate(t);i.length>0&&Host.InspectorFrontendHost.InspectorFrontendHostInstance.showCertificateViewer(i)}),"origin-button");return UI.ARIAUtils.markAsButton(i),i}static createCertificateViewerButtonForCert(e,t){const i=UI.UIUtils.createTextButton(e,(e=>{e.consume(),Host.InspectorFrontendHost.InspectorFrontendHostInstance.showCertificateViewer(t)}),"origin-button");return UI.ARIAUtils.markAsButton(i),i}static createHighlightedUrl(e,t){const i="://",n=e.indexOf(i);if(-1===n){const t=document.createElement("span");return t.textContent=e,t}const s=document.createElement("span"),r=e.substr(0,n),o=e.substr(n+3);return s.createChild("span","url-scheme-"+t).textContent=r,s.createChild("span","url-scheme-separator").textContent=i,s.createChild("span").textContent=o,s}updateVisibleSecurityState(e){this.sidebarMainViewElement.setSecurityState(e.securityState),this.mainView.updateVisibleSecurityState(e)}onVisibleSecurityStateChanged({data:e}){this.updateVisibleSecurityState(e)}selectAndSwitchToMainView(){this.sidebarMainViewElement.select(!0)}showOrigin(e){const t=this.origins.get(e);t&&(t.originView||(t.originView=new SecurityOriginView(this,e,t)),this.setVisibleView(t.originView))}wasShown(){super.wasShown(),this.visibleView||this.selectAndSwitchToMainView()}focus(){this.sidebarTree.focus()}setVisibleView(e){this.visibleView!==e&&(this.visibleView&&this.visibleView.detach(),this.visibleView=e,e&&this.splitWidget().setMainWidget(e))}onResponseReceived(e){const t=e.data.request;t.resourceType()===Common.ResourceType.resourceTypes.Document&&t.loaderId&&this.lastResponseReceivedForLoaderId.set(t.loaderId,t)}processRequest(e){const t=Common.ParsedURL.ParsedURL.extractOrigin(e.url());if(!t)return;let i=e.securityState();"blockable"!==e.mixedContentType&&"optionally-blockable"!==e.mixedContentType||(i="insecure");const n=this.origins.get(t);if(n){const s=n.securityState;if(n.securityState=this.securityStateMin(s,i),s!==n.securityState){const s=e.securityDetails();s&&(n.securityDetails=s),this.sidebarTree.updateOrigin(t,i),n.originView&&n.originView.setSecurityState(i)}}else{const n={securityState:i,securityDetails:e.securityDetails(),loadedFromCache:e.cached(),originView:void 0};this.origins.set(t,n),this.sidebarTree.addOrigin(t,i)}}onRequestFinished(e){const t=e.data;this.updateFilterRequestCounts(t),this.processRequest(t)}updateFilterRequestCounts(e){if("none"===e.mixedContentType)return;let t=NetworkForward.UIFilter.MixedContentFilterValues.All;e.wasBlocked()?t=NetworkForward.UIFilter.MixedContentFilterValues.Blocked:"blockable"===e.mixedContentType?t=NetworkForward.UIFilter.MixedContentFilterValues.BlockOverridden:"optionally-blockable"===e.mixedContentType&&(t=NetworkForward.UIFilter.MixedContentFilterValues.Displayed);const i=this.filterRequestCounts.get(t);i?this.filterRequestCounts.set(t,i+1):this.filterRequestCounts.set(t,1),this.mainView.refreshExplanations()}filterRequestCount(e){return this.filterRequestCounts.get(e)||0}securityStateMin(e,t){return SecurityModel.SecurityStateComparator(e,t)<0?e:t}modelAdded(e){if(e.target()!==e.target().outermostTarget())return;this.securityModel=e;const t=e.resourceTreeModel(),i=e.networkManager();this.eventListeners.length&&Common.EventTarget.removeEventListeners(this.eventListeners),this.eventListeners=[e.addEventListener(Events.VisibleSecurityStateChanged,this.onVisibleSecurityStateChanged,this),t.addEventListener(SDK.ResourceTreeModel.Events.InterstitialShown,this.onInterstitialShown,this),t.addEventListener(SDK.ResourceTreeModel.Events.InterstitialHidden,this.onInterstitialHidden,this),i.addEventListener(SDK.NetworkManager.Events.ResponseReceived,this.onResponseReceived,this),i.addEventListener(SDK.NetworkManager.Events.RequestFinished,this.onRequestFinished,this)],t.isInterstitialShowing&&this.onInterstitialShown()}modelRemoved(e){this.securityModel===e&&(this.securityModel=null,Common.EventTarget.removeEventListeners(this.eventListeners))}onPrimaryPageChanged(e){const{frame:t}=e.data,i=this.lastResponseReceivedForLoaderId.get(t.loaderId);this.selectAndSwitchToMainView(),this.sidebarTree.clearOrigins(),this.origins.clear(),this.lastResponseReceivedForLoaderId.clear(),this.filterRequestCounts.clear(),this.mainView.refreshExplanations();const n=Common.ParsedURL.ParsedURL.extractOrigin(i?i.url():t.url);this.sidebarTree.setMainOrigin(n),i&&this.processRequest(i)}onInterstitialShown(){this.selectAndSwitchToMainView(),this.sidebarTree.toggleOriginsList(!0)}onInterstitialHidden(){this.sidebarTree.toggleOriginsList(!1)}}export class SecurityPanelSidebarTree extends UI.TreeOutline.TreeOutlineInShadow{showOriginInPanel;mainOrigin;originGroupTitles;originGroups;elementsByOrigin;mainViewReloadMessage;constructor(e,t){super(),this.appendChild(e),this.registerCSSFiles([lockIconStyles,sidebarStyles]),this.showOriginInPanel=t,this.mainOrigin=null,this.originGroupTitles=new Map([[OriginGroup.MainOrigin,i18nString(UIStrings.mainOrigin)],[OriginGroup.NonSecure,i18nString(UIStrings.nonsecureOrigins)],[OriginGroup.Secure,i18nString(UIStrings.secureOrigins)],[OriginGroup.Unknown,i18nString(UIStrings.unknownCanceled)]]),this.originGroups=new Map;for(const e of Object.values(OriginGroup)){const t=this.createOriginGroupElement(this.originGroupTitles.get(e));this.originGroups.set(e,t),this.appendChild(t)}this.mainViewReloadMessage=new UI.TreeOutline.TreeElement(i18nString(UIStrings.reloadToViewDetails)),this.mainViewReloadMessage.selectable=!1,this.mainViewReloadMessage.listItemElement.classList.add("security-main-view-reload-message");this.originGroups.get(OriginGroup.MainOrigin).appendChild(this.mainViewReloadMessage),this.clearOriginGroups(),this.elementsByOrigin=new Map}originGroupTitle(e){return this.originGroupTitles.get(e)}originGroupElement(e){return this.originGroups.get(e)}createOriginGroupElement(e){const t=new UI.TreeOutline.TreeElement(e,!0);return t.selectable=!1,t.setCollapsible(!1),t.expand(),t.listItemElement.classList.add("security-sidebar-origins"),UI.ARIAUtils.setLabel(t.childrenListElement,e),t}toggleOriginsList(e){for(const t of this.originGroups.values())t.hidden=e}addOrigin(e,t){this.mainViewReloadMessage.hidden=!0;const i=new SecurityPanelSidebarTreeElement(SecurityPanel.createHighlightedUrl(e,t),this.showOriginInPanel.bind(this,e),"security-sidebar-tree-item","security-property");i.tooltip=e,this.elementsByOrigin.set(e,i),this.updateOrigin(e,t)}setMainOrigin(e){this.mainOrigin=e}updateOrigin(e,t){const i=this.elementsByOrigin.get(e);let n;if(i.setSecurityState(t),e===this.mainOrigin)n=this.originGroups.get(OriginGroup.MainOrigin),n.title=i18nString("secure"===t?UIStrings.mainOriginSecure:UIStrings.mainOriginNonsecure),UI.ARIAUtils.setLabel(n.childrenListElement,n.title);else switch(t){case"secure":n=this.originGroupElement(OriginGroup.Secure);break;case"unknown":n=this.originGroupElement(OriginGroup.Unknown);break;default:n=this.originGroupElement(OriginGroup.NonSecure)}const s=i.parent;s!==n&&(s&&(s.removeChild(i),0===s.childCount()&&(s.hidden=!0)),n.appendChild(i),n.hidden=!1)}clearOriginGroups(){for(const[e,t]of this.originGroups)if(e===OriginGroup.MainOrigin){for(let e=t.childCount()-1;e>0;e--)t.removeChildAtIndex(e);t.title=this.originGroupTitle(OriginGroup.MainOrigin),t.hidden=!1,this.mainViewReloadMessage.hidden=!1}else t.removeChildren(),t.hidden=!0}clearOrigins(){this.clearOriginGroups(),this.elementsByOrigin.clear()}wasShown(){}}export var OriginGroup;!function(e){e.MainOrigin="MainOrigin",e.NonSecure="NonSecure",e.Secure="Secure",e.Unknown="Unknown"}(OriginGroup||(OriginGroup={}));export class SecurityPanelSidebarTreeElement extends UI.TreeOutline.TreeElement{selectCallback;cssPrefix;iconElement;securityStateInternal;constructor(e,t,i,n){super("",!1),this.selectCallback=t,this.cssPrefix=n,this.listItemElement.classList.add(i),this.iconElement=this.listItemElement.createChild("div","icon"),this.iconElement.classList.add(this.cssPrefix),this.listItemElement.appendChild(e),this.securityStateInternal=null,this.setSecurityState("unknown")}setSecurityState(e){this.securityStateInternal&&this.iconElement.classList.remove(this.cssPrefix+"-"+this.securityStateInternal),this.securityStateInternal=e,this.iconElement.classList.add(this.cssPrefix+"-"+e)}securityState(){return this.securityStateInternal}onselect(){return this.selectCallback(),!0}}export class SecurityMainView extends UI.Widget.VBox{panel;summarySection;securityExplanationsMain;securityExplanationsExtra;lockSpectrum;summaryText;explanations;securityState;constructor(e){super(!0),this.setMinimumSize(200,100),this.contentElement.classList.add("security-main-view"),this.panel=e,this.summarySection=this.contentElement.createChild("div","security-summary"),this.securityExplanationsMain=this.contentElement.createChild("div","security-explanation-list security-explanations-main"),this.securityExplanationsExtra=this.contentElement.createChild("div","security-explanation-list security-explanations-extra");const t=this.summarySection.createChild("div","security-summary-section-title");t.textContent=i18nString(UIStrings.securityOverview),UI.ARIAUtils.markAsHeading(t,1);const i=this.summarySection.createChild("div","lock-spectrum");this.lockSpectrum=new Map([["secure",i.createChild("div","lock-icon lock-icon-secure")],["neutral",i.createChild("div","lock-icon lock-icon-neutral")],["insecure",i.createChild("div","lock-icon lock-icon-insecure")]]),UI.Tooltip.Tooltip.install(this.getLockSpectrumDiv("secure"),i18nString(UIStrings.secure)),UI.Tooltip.Tooltip.install(this.getLockSpectrumDiv("neutral"),i18nString(UIStrings.info)),UI.Tooltip.Tooltip.install(this.getLockSpectrumDiv("insecure"),i18nString(UIStrings.notSecure)),this.summarySection.createChild("div","triangle-pointer-container").createChild("div","triangle-pointer-wrapper").createChild("div","triangle-pointer"),this.summaryText=this.summarySection.createChild("div","security-summary-text"),UI.ARIAUtils.markAsHeading(this.summaryText,2),this.explanations=null,this.securityState=null}getLockSpectrumDiv(e){const t=this.lockSpectrum.get(e);if(!t)throw new Error(`Invalid argument: ${e}`);return t}addExplanation(e,t){const i=e.createChild("div","security-explanation");i.classList.add("security-explanation-"+t.securityState),i.createChild("div","security-property").classList.add("security-property-"+t.securityState);const n=i.createChild("div","security-explanation-text"),s=n.createChild("div","security-explanation-title");if(t.title?(s.createChild("span").textContent=t.title+" - ",s.createChild("span","security-explanation-title-"+t.securityState).textContent=t.summary):s.textContent=t.summary,n.createChild("div").textContent=t.description,t.certificate.length&&n.appendChild(SecurityPanel.createCertificateViewerButtonForCert(i18nString(UIStrings.viewCertificate),t.certificate)),t.recommendations&&t.recommendations.length){const e=n.createChild("ul","security-explanation-recommendations");for(const i of t.recommendations)e.createChild("li").textContent=i}return n}updateVisibleSecurityState(e){this.summarySection.classList.remove("security-summary-"+this.securityState),this.securityState=e.securityState,this.summarySection.classList.add("security-summary-"+this.securityState),"insecure"===this.securityState?(this.getLockSpectrumDiv("insecure").classList.add("lock-icon-insecure"),this.getLockSpectrumDiv("insecure").classList.remove("lock-icon-insecure-broken"),UI.Tooltip.Tooltip.install(this.getLockSpectrumDiv("insecure"),i18nString(UIStrings.notSecure))):"insecure-broken"===this.securityState&&(this.getLockSpectrumDiv("insecure").classList.add("lock-icon-insecure-broken"),this.getLockSpectrumDiv("insecure").classList.remove("lock-icon-insecure"),UI.Tooltip.Tooltip.install(this.getLockSpectrumDiv("insecure"),i18nString(UIStrings.notSecureBroken)));const{summary:t,explanations:i}=this.getSecuritySummaryAndExplanations(e);this.summaryText.textContent=t||SummaryMessages[this.securityState](),this.explanations=this.orderExplanations(i),this.refreshExplanations()}getSecuritySummaryAndExplanations(e){const{securityState:t,securityStateIssueIds:i}=e;let n;const s=[];if(n=this.explainSafetyTipSecurity(e,n,s),i.includes("malicious-content"))n=i18nString(UIStrings.thisPageIsDangerousFlaggedBy),s.unshift(new SecurityStyleExplanation("insecure",void 0,i18nString(UIStrings.flaggedByGoogleSafeBrowsing),i18nString(UIStrings.toCheckThisPagesStatusVisit)));else{if(i.includes("is-error-page")&&(null===e.certificateSecurityState||null===e.certificateSecurityState.certificateNetworkError))return n=i18nString(UIStrings.thisIsAnErrorPage),{summary:n,explanations:s};"insecure-broken"===t&&i.includes("scheme-is-not-cryptographic")&&(n=n||i18nString(UIStrings.thisPageIsInsecureUnencrypted))}return i.includes("scheme-is-not-cryptographic")?("neutral"!==t||i.includes("insecure-origin")||(n=i18nString(UIStrings.thisPageHasANonhttpsSecureOrigin)),{summary:n,explanations:s}):(this.explainCertificateSecurity(e,s),this.explainConnectionSecurity(e,s),this.explainContentSecurity(e,s),{summary:n,explanations:s})}explainSafetyTipSecurity(e,t,i){const{securityStateIssueIds:n,safetyTipInfo:s}=e,r=[];if(n.includes("bad_reputation")){const e=`${i18nString(UIStrings.chromeHasDeterminedThatThisSiteS)}\n\n${i18nString(UIStrings.ifYouBelieveThisIsShownIn)}`;r.push({summary:i18nString(UIStrings.thisPageIsSuspicious),description:e})}else if(n.includes("lookalike")&&s&&s.safeUrl){const e=new URL(s.safeUrl).hostname,t=`${i18nString(UIStrings.thisSitesHostnameLooksSimilarToP,{PH1:e})}\n\n${i18nString(UIStrings.ifYouBelieveThisIsShownInErrorSafety)}`;r.push({summary:i18nString(UIStrings.possibleSpoofingUrl),description:t})}return r.length>0&&(t=t||i18nString(UIStrings.thisPageIsSuspiciousFlaggedBy),i.push(new SecurityStyleExplanation("insecure",void 0,r[0].summary,r[0].description))),t}explainCertificateSecurity(e,t){const{certificateSecurityState:i,securityStateIssueIds:n}=e,s=i18nString(UIStrings.certificate);if(i&&i.certificateHasSha1Signature){const e=i18nString(UIStrings.insecureSha),n=i18nString(UIStrings.theCertificateChainForThisSite);i.certificateHasWeakSignature?t.push(new SecurityStyleExplanation("insecure",s,e,n,i.certificate,"none")):t.push(new SecurityStyleExplanation("neutral",s,e,n,i.certificate,"none"))}i&&n.includes("cert-missing-subject-alt-name")&&t.push(new SecurityStyleExplanation("insecure",s,i18nString(UIStrings.subjectAlternativeNameMissing),i18nString(UIStrings.theCertificateForThisSiteDoesNot),i.certificate,"none")),i&&null!==i.certificateNetworkError?t.push(new SecurityStyleExplanation("insecure",s,i18nString(UIStrings.missing),i18nString(UIStrings.thisSiteIsMissingAValidTrusted,{PH1:i.certificateNetworkError}),i.certificate,"none")):i&&!i.certificateHasSha1Signature&&t.push(new SecurityStyleExplanation("secure",s,i18nString(UIStrings.validAndTrusted),i18nString(UIStrings.theConnectionToThisSiteIsUsingA,{PH1:i.issuer}),i.certificate,"none")),n.includes("pkp-bypassed")&&t.push(new SecurityStyleExplanation("info",s,i18nString(UIStrings.publickeypinningBypassed),i18nString(UIStrings.publickeypinningWasBypassedByA))),i&&i.isCertificateExpiringSoon()&&t.push(new SecurityStyleExplanation("info",void 0,i18nString(UIStrings.certificateExpiresSoon),i18nString(UIStrings.theCertificateForThisSiteExpires)))}explainConnectionSecurity(e,t){const i=e.certificateSecurityState;if(!i)return;const n=i18nString(UIStrings.connection);if(i.modernSSL)return void t.push(new SecurityStyleExplanation("secure",n,i18nString(UIStrings.secureConnectionSettings),i18nString(UIStrings.theConnectionToThisSiteIs,{PH1:i.protocol,PH2:i.getKeyExchangeName(),PH3:i.getCipherFullName()})));const s=[];i.obsoleteSslProtocol&&s.push(i18nString(UIStrings.sIsObsoleteEnableTlsOrLater,{PH1:i.protocol})),i.obsoleteSslKeyExchange&&s.push(i18nString(UIStrings.rsaKeyExchangeIsObsoleteEnableAn)),i.obsoleteSslCipher&&s.push(i18nString(UIStrings.sIsObsoleteEnableAnAesgcmbased,{PH1:i.cipher})),i.obsoleteSslSignature&&s.push(i18nString(UIStrings.theServerSignatureUsesShaWhichIs)),t.push(new SecurityStyleExplanation("info",n,i18nString(UIStrings.obsoleteConnectionSettings),i18nString(UIStrings.theConnectionToThisSiteIs,{PH1:i.protocol,PH2:i.getKeyExchangeName(),PH3:i.getCipherFullName()}),void 0,void 0,s))}explainContentSecurity(e,t){let i=!0;const n=i18nString(UIStrings.resources),s=e.securityStateIssueIds;s.includes("ran-mixed-content")&&(i=!1,t.push(new SecurityStyleExplanation("insecure",n,i18nString(UIStrings.activeMixedContent),i18nString(UIStrings.youHaveRecentlyAllowedNonsecure),[],"blockable"))),s.includes("displayed-mixed-content")&&(i=!1,t.push(new SecurityStyleExplanation("neutral",n,i18nString(UIStrings.mixedContent),i18nString(UIStrings.thisPageIncludesHttpResources),[],"optionally-blockable"))),s.includes("contained-mixed-form")&&(i=!1,t.push(new SecurityStyleExplanation("neutral",n,i18nString(UIStrings.nonsecureForm),i18nString(UIStrings.thisPageIncludesAFormWithA)))),null!==e.certificateSecurityState&&null!==e.certificateSecurityState.certificateNetworkError||(s.includes("ran-content-with-cert-error")&&(i=!1,t.push(new SecurityStyleExplanation("insecure",n,i18nString(UIStrings.activeContentWithCertificate),i18nString(UIStrings.youHaveRecentlyAllowedContent)))),s.includes("displayed-content-with-cert-errors")&&(i=!1,t.push(new SecurityStyleExplanation("neutral",n,i18nString(UIStrings.contentWithCertificateErrors),i18nString(UIStrings.thisPageIncludesResourcesThat))))),i&&(s.includes("scheme-is-not-cryptographic")||t.push(new SecurityStyleExplanation("secure",n,i18nString(UIStrings.allServedSecurely),i18nString(UIStrings.allResourcesOnThisPageAreServed))))}orderExplanations(e){if(0===e.length)return e;const t=["insecure","neutral","secure","info"],i=[];for(const n of t)i.push(...e.filter((e=>e.securityState===n)));return i}refreshExplanations(){if(this.securityExplanationsMain.removeChildren(),this.securityExplanationsExtra.removeChildren(),this.explanations){for(const e of this.explanations)if("info"===e.securityState)this.addExplanation(this.securityExplanationsExtra,e);else switch(e.mixedContentType){case"blockable":this.addMixedContentExplanation(this.securityExplanationsMain,e,NetworkForward.UIFilter.MixedContentFilterValues.BlockOverridden);break;case"optionally-blockable":this.addMixedContentExplanation(this.securityExplanationsMain,e,NetworkForward.UIFilter.MixedContentFilterValues.Displayed);break;default:this.addExplanation(this.securityExplanationsMain,e)}if(this.panel.filterRequestCount(NetworkForward.UIFilter.MixedContentFilterValues.Blocked)>0){const e={securityState:"info",summary:i18nString(UIStrings.blockedMixedContent),description:i18nString(UIStrings.yourPageRequestedNonsecure),mixedContentType:"blockable",certificate:[],title:""};this.addMixedContentExplanation(this.securityExplanationsMain,e,NetworkForward.UIFilter.MixedContentFilterValues.Blocked)}}}addMixedContentExplanation(e,t,i){const n=this.addExplanation(e,t),s=this.panel.filterRequestCount(i);if(!s){return void(n.createChild("div","security-mixed-content").textContent=i18nString(UIStrings.reloadThePageToRecordRequestsFor))}const r=n.createChild("div","security-mixed-content devtools-link");UI.ARIAUtils.markAsLink(r),r.tabIndex=0,r.textContent=i18nString(UIStrings.viewDRequestsInNetworkPanel,{n:s}),r.addEventListener("click",this.showNetworkFilter.bind(this,i)),r.addEventListener("keydown",(e=>{"Enter"===e.key&&this.showNetworkFilter(i,e)}))}showNetworkFilter(e,t){t.consume(),Common.Revealer.reveal(NetworkForward.UIFilter.UIRequestFilter.filters([{filterType:NetworkForward.UIFilter.FilterType.MixedContent,filterValue:e}]))}wasShown(){super.wasShown(),this.registerCSSFiles([lockIconStyles,mainViewStyles])}}export class SecurityOriginView extends UI.Widget.VBox{panel;originLockIcon;constructor(e,t,i){super(),this.panel=e,this.setMinimumSize(200,100),this.element.classList.add("security-origin-view");const n=this.element.createChild("div","title-section"),s=n.createChild("div","title-section-header");s.textContent=i18nString(UIStrings.origin),UI.ARIAUtils.markAsHeading(s,1);const r=n.createChild("div","origin-display");this.originLockIcon=r.createChild("span","security-property"),this.originLockIcon.classList.add("security-property-"+i.securityState),r.appendChild(SecurityPanel.createHighlightedUrl(t,i.securityState));const o=n.createChild("div","view-network-button"),a=UI.UIUtils.createTextButton(i18nString(UIStrings.viewRequestsInNetworkPanel),(e=>{e.consume();const i=new Common.ParsedURL.ParsedURL(t);Common.Revealer.reveal(NetworkForward.UIFilter.UIRequestFilter.filters([{filterType:NetworkForward.UIFilter.FilterType.Domain,filterValue:i.host},{filterType:NetworkForward.UIFilter.FilterType.Scheme,filterValue:i.scheme}]))}));if(o.appendChild(a),UI.ARIAUtils.markAsLink(a),i.securityDetails){const c=this.element.createChild("div","origin-view-section"),l=c.createChild("div","origin-view-section-title");l.textContent=i18nString(UIStrings.connection),UI.ARIAUtils.markAsHeading(l,2);let u=new SecurityDetailsTable;if(c.appendChild(u.element()),u.addRow(i18nString(UIStrings.protocol),i.securityDetails.protocol),i.securityDetails.keyExchange&&i.securityDetails.keyExchangeGroup?u.addRow(i18nString(UIStrings.keyExchange),i.securityDetails.keyExchange+" with "+i.securityDetails.keyExchangeGroup):i.securityDetails.keyExchange?u.addRow(i18nString(UIStrings.keyExchange),i.securityDetails.keyExchange):i.securityDetails.keyExchangeGroup&&u.addRow(i18nString(UIStrings.keyExchange),i.securityDetails.keyExchangeGroup),i.securityDetails.serverSignatureAlgorithm){let v=SignatureSchemeStrings.get(i.securityDetails.serverSignatureAlgorithm);v??=i18nString(UIStrings.unknownField)+" ("+i.securityDetails.serverSignatureAlgorithm+")",u.addRow(i18nString(UIStrings.serverSignature),v)}u.addRow(i18nString(UIStrings.cipher),i.securityDetails.cipher+(i.securityDetails.mac?" with "+i.securityDetails.mac:"")),i.securityDetails.encryptedClientHello&&u.addRow(i18nString(UIStrings.encryptedClientHello),i18nString(UIStrings.enabled));const d=this.element.createChild("div","origin-view-section"),g=d.createChild("div","origin-view-section-title");g.textContent=i18nString(UIStrings.certificate),UI.ARIAUtils.markAsHeading(g,2);const h=i.securityDetails.signedCertificateTimestampList.length,S=i.securityDetails.certificateTransparencyCompliance;let p;if(h||"unknown"!==S){p=this.element.createChild("div","origin-view-section");const U=p.createChild("div","origin-view-section-title");U.textContent=i18nString(UIStrings.certificateTransparency),UI.ARIAUtils.markAsHeading(U,2)}const m=this.createSanDiv(i.securityDetails.sanList),y=new Date(1e3*i.securityDetails.validFrom).toUTCString(),w=new Date(1e3*i.securityDetails.validTo).toUTCString();if(u=new SecurityDetailsTable,d.appendChild(u.element()),u.addRow(i18nString(UIStrings.subject),i.securityDetails.subjectName),u.addRow(i18n.i18n.lockedString("SAN"),m),u.addRow(i18nString(UIStrings.validFrom),y),u.addRow(i18nString(UIStrings.validUntil),w),u.addRow(i18nString(UIStrings.issuer),i.securityDetails.issuer),u.addRow("",SecurityPanel.createCertificateViewerButtonForOrigin(i18nString(UIStrings.openFullCertificateDetails),t)),!p)return;const I=new SecurityDetailsTable;I.element().classList.add("sct-summary"),p.appendChild(I.element());for(let x=0;x<h;x++){const T=i.securityDetails.signedCertificateTimestampList[x];I.addRow(i18nString(UIStrings.sct),T.logDescription+" ("+T.origin+", "+T.status+")")}const C=p.createChild("div","sct-details");C.classList.add("hidden");for(let b=0;b<h;b++){const k=new SecurityDetailsTable;C.appendChild(k.element());const E=i.securityDetails.signedCertificateTimestampList[b];k.addRow(i18nString(UIStrings.logName),E.logDescription),k.addRow(i18nString(UIStrings.logId),E.logId.replace(/(.{2})/g,"$1 ")),k.addRow(i18nString(UIStrings.validationStatus),E.status),k.addRow(i18nString(UIStrings.source),E.origin),k.addRow(i18nString(UIStrings.issuedAt),new Date(E.timestamp).toUTCString()),k.addRow(i18nString(UIStrings.hashAlgorithm),E.hashAlgorithm),k.addRow(i18nString(UIStrings.signatureAlgorithm),E.signatureAlgorithm),k.addRow(i18nString(UIStrings.signatureData),E.signatureData.replace(/(.{2})/g,"$1 "))}if(h){function A(){let e;const t=!C.classList.contains("hidden");e=i18nString(t?UIStrings.showFullDetails:UIStrings.hideFullDetails),R.textContent=e,UI.ARIAUtils.setLabel(R,e),UI.ARIAUtils.setExpanded(R,!t),I.element().classList.toggle("hidden"),C.classList.toggle("hidden")}const R=UI.UIUtils.createTextButton(i18nString(UIStrings.showFullDetails),A,"details-toggle");p.appendChild(R)}switch(S){case"compliant":p.createChild("div","origin-view-section-notes").textContent=i18nString(UIStrings.thisRequestCompliesWithChromes);break;case"not-compliant":p.createChild("div","origin-view-section-notes").textContent=i18nString(UIStrings.thisRequestDoesNotComplyWith)}const f=this.element.createChild("div","origin-view-section origin-view-notes");i.loadedFromCache&&(f.createChild("div").textContent=i18nString(UIStrings.thisResponseWasLoadedFromCache)),f.createChild("div").textContent=i18nString(UIStrings.theSecurityDetailsAboveAreFrom)}else if("secure"===i.securityState){const P=this.element.createChild("div","origin-view-section"),L=P.createChild("div","origin-view-section-title");L.textContent=i18nString(UIStrings.secure),UI.ARIAUtils.markAsHeading(L,2),P.createChild("div").textContent=i18nString(UIStrings.thisOriginIsANonhttpsSecure)}else if("unknown"!==i.securityState){const M=this.element.createChild("div","origin-view-section"),F=M.createChild("div","origin-view-section-title");F.textContent=i18nString(UIStrings.notSecure),UI.ARIAUtils.markAsHeading(F,2),M.createChild("div").textContent=i18nString(UIStrings.yourConnectionToThisOriginIsNot)}else{const O=this.element.createChild("div","origin-view-section"),D=O.createChild("div","origin-view-section-title");D.textContent=i18nString(UIStrings.noSecurityInformation),UI.ARIAUtils.markAsHeading(D,2),O.createChild("div").textContent=i18nString(UIStrings.noSecurityDetailsAreAvailableFor)}}createSanDiv(e){const t=document.createElement("div");if(0===e.length)t.textContent=i18nString(UIStrings.na),t.classList.add("empty-san");else{const i=2,n=e.length>i+1;for(let s=0;s<e.length;s++){const r=t.createChild("span","san-entry");r.textContent=e[s],n&&s>=i&&r.classList.add("truncated-entry")}if(n){function o(){const i=t.classList.contains("truncated-san");let n;i?(t.classList.remove("truncated-san"),n=i18nString(UIStrings.showLess)):(t.classList.add("truncated-san"),n=i18nString(UIStrings.showMoreSTotal,{PH1:e.length})),a.textContent=n,UI.ARIAUtils.setLabel(a,n),UI.ARIAUtils.setExpanded(a,i)}const a=UI.UIUtils.createTextButton(i18nString(UIStrings.showMoreSTotal,{PH1:e.length}),o);t.appendChild(a),o()}}return t}setSecurityState(e){for(const e of Array.prototype.slice.call(this.originLockIcon.classList))e.startsWith("security-property-")&&this.originLockIcon.classList.remove(e);this.originLockIcon.classList.add("security-property-"+e)}wasShown(){super.wasShown(),this.registerCSSFiles([originViewStyles,lockIconStyles])}}export class SecurityDetailsTable{elementInternal;constructor(){this.elementInternal=document.createElement("table"),this.elementInternal.classList.add("details-table")}element(){return this.elementInternal}addRow(e,t){const i=this.elementInternal.createChild("tr","details-table-row");i.createChild("td").textContent=e;const n=i.createChild("td");"string"==typeof t?n.textContent=t:n.appendChild(t)}}