| Index: chrome/browser/ssl/ssl_policy.cc
|
| ===================================================================
|
| --- chrome/browser/ssl/ssl_policy.cc (revision 62112)
|
| +++ chrome/browser/ssl/ssl_policy.cc (working copy)
|
| @@ -32,6 +32,17 @@
|
| #include "net/base/ssl_info.h"
|
| #include "webkit/glue/resource_type.h"
|
|
|
| +namespace {
|
| +
|
| +static const char kDot = '.';
|
| +
|
| +static bool IsIntranetHost(const std::string& host) {
|
| + const size_t dot = host.find(kDot);
|
| + return dot == std::string::npos || dot == host.length() - 1;
|
| +}
|
| +
|
| +} // namespace
|
| +
|
| SSLPolicy::SSLPolicy(SSLPolicyBackend* backend)
|
| : backend_(backend) {
|
| DCHECK(backend_);
|
| @@ -151,6 +162,15 @@
|
| return;
|
| }
|
|
|
| + if (!(entry->ssl().cert_status() & net::CERT_STATUS_COMMON_NAME_INVALID)) {
|
| + // CAs issue certificates for intranet hosts to everyone. Therefore, we
|
| + // mark intranet hosts as being non-unique.
|
| + if (IsIntranetHost(entry->url().host())) {
|
| + entry->ssl().set_cert_status(entry->ssl().cert_status() |
|
| + net::CERT_STATUS_NON_UNIQUE_NAME);
|
| + }
|
| + }
|
| +
|
| // If CERT_STATUS_UNABLE_TO_CHECK_REVOCATION is the only certificate error,
|
| // don't lower the security style to SECURITY_STYLE_AUTHENTICATION_BROKEN.
|
| int cert_errors = entry->ssl().cert_status() & net::CERT_STATUS_ALL_ERRORS;
|
|
|
Chromium Code Reviews
Issue 3536019:
Fix 58162: Mixed Content False Positive for intranet hostname certificates... (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/