Security Domain
Security
Methods
Events
Types
Methods
Security.disable #
Disables tracking security state changes.
Security.enable #
Enables tracking security state changes.
Security.setIgnoreCertificateErrors #
Enable/disable whether all certificate errors should be ignored.
parameters
- ignore
-
boolean
If true, all certificate errors will be ignored.
Security.handleCertificateError Deprecated #
Handles a certificate error that fired a certificateError event.
parameters
- eventId
-
integer
The ID of the event.
- action
-
CertificateErrorAction
The action to take on the certificate error.
Security.setOverrideCertificateErrors Deprecated #
Enable/disable overriding certificate errors. If enabled, all certificate error events need to
be handled by the DevTools client and should be answered with handleCertificateError commands.
parameters
- override
-
boolean
If true, certificate errors will be overridden.
Events
Security.certificateError Deprecated #
There is a certificate error. If overriding certificate errors is enabled, then it should be
handled with the handleCertificateError command. Note: this event does not fire if the
certificate error has been allowed internally. Only one client per target should override
certificate errors at the same time.
parameters
- eventId
-
integer
The ID of the event.
- errorType
-
string
The type of the error.
- requestURL
-
string
The url that was requested.
Security.securityStateChanged Deprecated #
The security state of the page changed. No longer being sent.
parameters
- securityState
-
SecurityState
Security state.
- schemeIsCryptographic
-
boolean
Deprecated
True if the page was loaded over cryptographic transport such as HTTPS.
- explanations
-
array[ SecurityStateExplanation ]
Deprecated
Previously a list of explanations for the security state. Now always empty.
- insecureContentStatus
-
InsecureContentStatus
Deprecated
Information about insecure content on the page.
- summary
-
string
Deprecated
Overrides user-visible description of the state. Always omitted.
Security.visibleSecurityStateChanged Experimental #
The security state of the page changed.
parameters
- visibleSecurityState
-
VisibleSecurityState
Security state information about the page.
Types
Security.CertificateErrorAction #
The action to take when a certificate error occurs. continue will continue processing the request and cancel will cancel the request.
continue, cancelType: string
Security.MixedContentType #
A description of mixed content (HTTP resources on HTTPS pages), as defined by https://www.w3.org/TR/mixed-content/#categories
blockable, optionally-blockable, noneType: string
Security.SecurityState #
The security level of a page or resource.
unknown, neutral, insecure, secure, info, insecure-brokenType: string
Security.SecurityStateExplanation #
An explanation of an factor contributing to the security state.
Type: object
properties
- securityState
-
SecurityState
Security state representing the severity of the factor being explained.
- title
-
string
Title describing the type of factor.
- summary
-
string
Short phrase describing the type of factor.
- description
-
string
Full text explanation of the factor.
- mixedContentType
-
MixedContentType
The type of mixed content described by the explanation.
- certificate
-
array[ string ]
Page certificate.
- recommendations
-
array[ string ]
Recommendations to fix any issues.
Security.InsecureContentStatus Deprecated #
Information about insecure content on the page.
Type: object
properties
- ranMixedContent
-
boolean
Always false.
- displayedMixedContent
-
boolean
Always false.
- containedMixedForm
-
boolean
Always false.
- ranContentWithCertErrors
-
boolean
Always false.
- displayedContentWithCertErrors
-
boolean
Always false.
- ranInsecureContentStyle
-
SecurityState
Always set to unknown.
- displayedInsecureContentStyle
-
SecurityState
Always set to unknown.
Security.CertificateSecurityState Experimental #
Details about the security state of the page certificate.
Type: object
properties
- protocol
-
string
Protocol name (e.g. "TLS 1.2" or "QUIC").
- keyExchange
-
string
Key Exchange used by the connection, or the empty string if not applicable.
- keyExchangeGroup
-
string
(EC)DH group used by the connection, if applicable.
- cipher
-
string
Cipher name.
- mac
-
string
TLS MAC. Note that AEAD ciphers do not have separate MACs.
- certificate
-
array[ string ]
Page certificate.
- subjectName
-
string
Certificate subject name.
- issuer
-
string
Name of the issuing CA.
- validFrom
-
Network.TimeSinceEpoch
Certificate valid from date.
- validTo
-
Network.TimeSinceEpoch
Certificate valid to (expiration) date
- certificateNetworkError
-
string
The highest priority network error code, if the certificate has an error.
- certificateHasWeakSignature
-
boolean
True if the certificate uses a weak signature algorithm.
- certificateHasSha1Signature
-
boolean
True if the certificate has a SHA1 signature in the chain.
- modernSSL
-
boolean
True if modern SSL
- obsoleteSslProtocol
-
boolean
True if the connection is using an obsolete SSL protocol.
- obsoleteSslKeyExchange
-
boolean
True if the connection is using an obsolete SSL key exchange.
- obsoleteSslCipher
-
boolean
True if the connection is using an obsolete SSL cipher.
- obsoleteSslSignature
-
boolean
True if the connection is using an obsolete SSL signature.
Security.SafetyTipInfo Experimental #
Type: object
properties
- safetyTipStatus
-
SafetyTipStatus
Describes whether the page triggers any safety tips or reputation warnings. Default is unknown.
- safeUrl
-
string
The URL the safety tip suggested ("Did you mean?"). Only filled in for lookalike matches.
Security.VisibleSecurityState Experimental #
Security state information about the page.
Type: object
properties
- securityState
-
SecurityState
The security level of the page.
- certificateSecurityState
-
CertificateSecurityState
Security state details about the page certificate.
- safetyTipInfo
-
SafetyTipInfo
The type of Safety Tip triggered on the page. Note that this field will be set even if the Safety Tip UI was not actually shown.
- securityStateIssueIds
-
array[ string ]
Array of security state issues ids.