197 lines
7.2 KiB
Plaintext
197 lines
7.2 KiB
Plaintext
# Copyright 2017 The Chromium Authors
|
|
# Use of this source code is governed by a BSD-style license that can be
|
|
# found in the LICENSE file.
|
|
#
|
|
# Contributing to Chrome DevTools Protocol: https://goo.gle/devtools-contribution-guide-cdp
|
|
|
|
domain Security
|
|
|
|
# An internal certificate ID value.
|
|
type CertificateId extends integer
|
|
|
|
# A description of mixed content (HTTP resources on HTTPS pages), as defined by
|
|
# https://www.w3.org/TR/mixed-content/#categories
|
|
type MixedContentType extends string
|
|
enum
|
|
blockable
|
|
optionally-blockable
|
|
none
|
|
|
|
# The security level of a page or resource.
|
|
type SecurityState extends string
|
|
enum
|
|
unknown
|
|
neutral
|
|
insecure
|
|
secure
|
|
info
|
|
insecure-broken
|
|
|
|
# Details about the security state of the page certificate.
|
|
experimental type CertificateSecurityState extends object
|
|
properties
|
|
# Protocol name (e.g. "TLS 1.2" or "QUIC").
|
|
string protocol
|
|
# Key Exchange used by the connection, or the empty string if not applicable.
|
|
string keyExchange
|
|
# (EC)DH group used by the connection, if applicable.
|
|
optional string keyExchangeGroup
|
|
# Cipher name.
|
|
string cipher
|
|
# TLS MAC. Note that AEAD ciphers do not have separate MACs.
|
|
optional string mac
|
|
# Page certificate.
|
|
array of string certificate
|
|
# Certificate subject name.
|
|
string subjectName
|
|
# Name of the issuing CA.
|
|
string issuer
|
|
# Certificate valid from date.
|
|
Network.TimeSinceEpoch validFrom
|
|
# Certificate valid to (expiration) date
|
|
Network.TimeSinceEpoch validTo
|
|
# The highest priority network error code, if the certificate has an error.
|
|
optional string certificateNetworkError
|
|
# True if the certificate uses a weak signature algorithm.
|
|
boolean certificateHasWeakSignature
|
|
# True if the certificate has a SHA1 signature in the chain.
|
|
boolean certificateHasSha1Signature
|
|
# True if modern SSL
|
|
boolean modernSSL
|
|
# True if the connection is using an obsolete SSL protocol.
|
|
boolean obsoleteSslProtocol
|
|
# True if the connection is using an obsolete SSL key exchange.
|
|
boolean obsoleteSslKeyExchange
|
|
# True if the connection is using an obsolete SSL cipher.
|
|
boolean obsoleteSslCipher
|
|
# True if the connection is using an obsolete SSL signature.
|
|
boolean obsoleteSslSignature
|
|
|
|
experimental type SafetyTipStatus extends string
|
|
enum
|
|
badReputation
|
|
lookalike
|
|
|
|
experimental type SafetyTipInfo extends object
|
|
properties
|
|
# Describes whether the page triggers any safety tips or reputation warnings. Default is unknown.
|
|
SafetyTipStatus safetyTipStatus
|
|
# The URL the safety tip suggested ("Did you mean?"). Only filled in for lookalike matches.
|
|
optional string safeUrl
|
|
|
|
# Security state information about the page.
|
|
experimental type VisibleSecurityState extends object
|
|
properties
|
|
# The security level of the page.
|
|
SecurityState securityState
|
|
# Security state details about the page certificate.
|
|
optional CertificateSecurityState certificateSecurityState
|
|
# The type of Safety Tip triggered on the page. Note that this field will be set even if the Safety Tip UI was not actually shown.
|
|
optional SafetyTipInfo safetyTipInfo
|
|
# Array of security state issues ids.
|
|
array of string securityStateIssueIds
|
|
|
|
# An explanation of an factor contributing to the security state.
|
|
type SecurityStateExplanation extends object
|
|
properties
|
|
# Security state representing the severity of the factor being explained.
|
|
SecurityState securityState
|
|
# Title describing the type of factor.
|
|
string title
|
|
# Short phrase describing the type of factor.
|
|
string summary
|
|
# Full text explanation of the factor.
|
|
string description
|
|
# The type of mixed content described by the explanation.
|
|
MixedContentType mixedContentType
|
|
# Page certificate.
|
|
array of string certificate
|
|
# Recommendations to fix any issues.
|
|
optional array of string recommendations
|
|
|
|
# Information about insecure content on the page.
|
|
deprecated type InsecureContentStatus extends object
|
|
properties
|
|
# Always false.
|
|
boolean ranMixedContent
|
|
# Always false.
|
|
boolean displayedMixedContent
|
|
# Always false.
|
|
boolean containedMixedForm
|
|
# Always false.
|
|
boolean ranContentWithCertErrors
|
|
# Always false.
|
|
boolean displayedContentWithCertErrors
|
|
# Always set to unknown.
|
|
SecurityState ranInsecureContentStyle
|
|
# Always set to unknown.
|
|
SecurityState displayedInsecureContentStyle
|
|
|
|
# The action to take when a certificate error occurs. continue will continue processing the
|
|
# request and cancel will cancel the request.
|
|
type CertificateErrorAction extends string
|
|
enum
|
|
continue
|
|
cancel
|
|
|
|
# Disables tracking security state changes.
|
|
command disable
|
|
|
|
# Enables tracking security state changes.
|
|
command enable
|
|
|
|
# Enable/disable whether all certificate errors should be ignored.
|
|
command setIgnoreCertificateErrors
|
|
parameters
|
|
# If true, all certificate errors will be ignored.
|
|
boolean ignore
|
|
|
|
# Handles a certificate error that fired a certificateError event.
|
|
deprecated command handleCertificateError
|
|
parameters
|
|
# The ID of the event.
|
|
integer eventId
|
|
# The action to take on the certificate error.
|
|
CertificateErrorAction action
|
|
|
|
# Enable/disable overriding certificate errors. If enabled, all certificate error events need to
|
|
# be handled by the DevTools client and should be answered with `handleCertificateError` commands.
|
|
deprecated command setOverrideCertificateErrors
|
|
parameters
|
|
# If true, certificate errors will be overridden.
|
|
boolean override
|
|
|
|
# There is a certificate error. If overriding certificate errors is enabled, then it should be
|
|
# handled with the `handleCertificateError` command. Note: this event does not fire if the
|
|
# certificate error has been allowed internally. Only one client per target should override
|
|
# certificate errors at the same time.
|
|
deprecated event certificateError
|
|
parameters
|
|
# The ID of the event.
|
|
integer eventId
|
|
# The type of the error.
|
|
string errorType
|
|
# The url that was requested.
|
|
string requestURL
|
|
|
|
# The security state of the page changed.
|
|
experimental event visibleSecurityStateChanged
|
|
parameters
|
|
# Security state information about the page.
|
|
VisibleSecurityState visibleSecurityState
|
|
|
|
# The security state of the page changed. No longer being sent.
|
|
deprecated event securityStateChanged
|
|
parameters
|
|
# Security state.
|
|
SecurityState securityState
|
|
# True if the page was loaded over cryptographic transport such as HTTPS.
|
|
deprecated boolean schemeIsCryptographic
|
|
# Previously a list of explanations for the security state. Now always
|
|
# empty.
|
|
deprecated array of SecurityStateExplanation explanations
|
|
# Information about insecure content on the page.
|
|
deprecated InsecureContentStatus insecureContentStatus
|
|
# Overrides user-visible description of the state. Always omitted.
|
|
deprecated optional string summary
|