Security status for a webview More...
Import Statement: | import com.canonical.Oxide 1.15 |
Since: | OxideQt 1.2 |
Instantiates: | OxideQSecurityStatus |
SecurityStatus provides security status information for a webview. It provides an overall security level indication via securityLevel.
Details about the X.509 certificate for the current site can be accessed via certificate and certStatus.
The status of the current certificate - this can be used to determine any errors that affect it. If securityLevel is SecurityLevelNone, this will be CertStatusOk.
Possible values are:
Constant | Description |
---|---|
SecurityStatus.CertStatusOk | (0) The current certificate has no errors. |
SecurityStatus.CertStatusBadIdentity | The identity of the certificate does not match the identity of the site. |
SecurityStatus.CertStatusExpired | The certificate has expired. |
SecurityStatus.CertStatusDateInvalid | The certificate has a date that is invalid, eg, its start date is in the future. |
SecurityStatus.CertStatusAuthorityInvalid | The certificate is signed by an authority that isn't trusted. |
SecurityStatus.CertStatusRevocationCheckFailed | The revocation status of the certificate could not be determined. |
SecurityStatus.CertStatusRevoked | The certificate has been revoked. |
SecurityStatus.CertStatusInvalid | The certificate is invalid, eg, it has errors. |
SecurityStatus.CertStatusInsecure | The certificate is insecure, eg, it uses a weak signature algorithm or has a weak public key. |
SecurityStatus.CertStatusGenericError | This is used for all other unspecified certificate errors. |
certificate : SslCertificate |
The X.509 certificate for the currently displayed page. This will be null if securityLevel is SecurityLevelNone.
The current content status. This can be used to determine if the page has loaded any insecure content. If securityLevel is SecurityLevelNone, this will be ContentStatusNormal.
Possible values are:
Constant | Description |
---|---|
SecurityStatus.ContentStatusNormal | (0) All elements on the current page were loaded via a secure connection. |
SecurityStatus.ContentStatusDisplayedInsecure | The current page contains passive elements such as images or videos that were loaded over an insecure connection. |
SecurityStatus.ContentStatusRanInsecure | The current page contains active elements such as scripts or CSS that were loaded over an insecure connection. |
The current security level. This is useful for displaying a security hint (such as a padlock icon) to the user.
Possible values are:
Constant | Description |
---|---|
SecurityStatus.SecurityLevelNone | The current page was loaded via an insecure connection (eg, http). |
SecurityStatus.SecurityLevelSecure | The current page was loaded via a secure connection. |
SecurityStatus.SecurityLevelSecureEV | The current page was loaded via a secure connection and the supplied certificate is an EV certificate. |
SecurityStatus.SecurityLevelWarning | The current page was loaded via a secure connection, but the security of the page is degraded. This could be because some passive content (eg, images) were not loaded via a secure connection, or the supplied certificate has an error that is considered to be minor (eg, revocation check failed). A web browser would generally represent this status using a padlock icon with a warning triangle. |
SecurityStatus.SecurityLevelError | The security of the current page is broken. This could be because of a certificate error permitted by the application via CertificateError::allow, or because some active content (eg, scripts or CSS) were loaded via an insecure connection. A web browser would generally represent this status using a broken padlock icon. |