|author||Daniel Silverstone <email@example.com>||2019-12-01 15:49:08 +0000|
|committer||Daniel Silverstone <firstname.lastname@example.org>||2019-12-01 15:49:08 +0000|
Allow contents to indicate if they believe they may not be secure.
HTML contents reference many other objects. The browser window needs to know if any of them may not be secure, in which case it needs to report that in its page state. If other content types might refer to sub-contents, they will need to define the callback too. Signed-off-by: Daniel Silverstone <email@example.com>
Diffstat (limited to 'content/content.h')
1 files changed, 12 insertions, 0 deletions
diff --git a/content/content.h b/content/content.h
index f3e578b6b..0dbd58d95 100644
@@ -420,5 +420,17 @@ bool content_is_locked(struct hlcache_handle *h);
bool content_exec(struct hlcache_handle *h, const char *src, size_t srclen);
+ * Determine if the content referred to any insecure objects.
+ * Query the content to determine if any of its referred objects were loaded
+ * in a manner not considered secure. For a content to be recursively
+ * secure it must only load over https and must not have certificate overrides
+ * in place.
+ * \param h The handle to the content
+ * \return Whether the content referred to any insecure objects
+bool content_saw_insecure_objects(struct hlcache_handle *h);