Add new Content settings type AUTO-SUBMIT-CERTIFICATE

chrome/browser/tab_contents/tab_contents_ssl_helper.cc

Index: chrome/browser/tab_contents/tab_contents_ssl_helper.cc
diff --git a/chrome/browser/tab_contents/tab_contents_ssl_helper.cc b/chrome/browser/tab_contents/tab_contents_ssl_helper.cc
index 3fd8f7493380449f75ec316ae763a3c8a4ec097e..6657b937cd15bc2ed8b771237e1393e63d9e733c 100644
--- a/chrome/browser/tab_contents/tab_contents_ssl_helper.cc
+++ b/chrome/browser/tab_contents/tab_contents_ssl_helper.cc
@@ -4,10 +4,15 @@
 
 #include "chrome/browser/tab_contents/tab_contents_ssl_helper.h"
 
+#include <string>
+
 #include "base/basictypes.h"
+#include "base/command_line.h"
 #include "base/string_number_conversions.h"
 #include "base/utf_string_conversions.h"
 #include "chrome/browser/certificate_viewer.h"
+#include "chrome/browser/content_settings/host_content_settings_map.h"
+#include "chrome/browser/profiles/profile.h"
 #include "chrome/browser/ssl/ssl_add_cert_handler.h"
 #include "chrome/browser/ssl_client_certificate_selector.h"
 #include "chrome/browser/tab_contents/confirm_infobar_delegate.h"
@@ -15,6 +20,8 @@
 #include "chrome/browser/tab_contents/simple_alert_infobar_delegate.h"
 #include "chrome/browser/ui/tab_contents/tab_contents_wrapper.h"
 #include "chrome/common/chrome_notification_types.h"
+#include "chrome/common/chrome_switches.h"
+#include "chrome/common/content_settings.h"
 #include "content/browser/ssl/ssl_client_auth_handler.h"
 #include "content/common/notification_details.h"
 #include "content/common/notification_source.h"
@@ -178,6 +185,38 @@ TabContentsSSLHelper::TabContentsSSLHelper(TabContentsWrapper* tab_contents)
 TabContentsSSLHelper::~TabContentsSSLHelper() {
 }
 
+void TabContentsSSLHelper::SelectClientCertificate(
+    scoped_refptr<SSLClientAuthHandler> handler) {
+  net::SSLCertRequestInfo* cert_request_info = handler->cert_request_info();
+  GURL requesting_url("https://" + cert_request_info->host_and_port);
+  DCHECK(requesting_url.is_valid()) << " Invalid URL string: https://"

[wtc, 2011/08/18 22:03:38]

Nit: does the error message string need to start with a space?

[markusheintz_, 2011/08/19 15:17:58]

 Not at all. Removed the leading space.

+                                    << cert_request_info->host_and_port;
+
+  HostContentSettingsMap* map =
+      tab_contents_->profile()->GetHostContentSettingsMap();
+  ContentSetting setting = map->GetContentSetting(
+      requesting_url,
+      requesting_url,
+      CONTENT_SETTINGS_TYPE_AUTO_SUBMIT_CERTIFICATE,
+      std::string());
+  DCHECK(setting != CONTENT_SETTING_DEFAULT);

[wtc, 2011/08/18 22:03:38]

Nit: use DCHECK_NE, which prints the value of 'setting'
when the assertion fails.

[markusheintz_, 2011/08/19 15:17:58]

Done.

+
+  // TODO(markusheintz): Implement filter for matching specific certificate
+  // criteria.
+  bool cert_matches_filter = true;
+
+  if (setting == CONTENT_SETTING_ALLOW &&
+      cert_request_info->client_certs.size() == 1 &&
+      cert_matches_filter) {
+    net::X509Certificate* cert = cert_request_info->client_certs[0].get();
+    handler->CertificateSelected(cert);
+  } else if (setting == CONTENT_SETTING_ASK) {
+    ShowClientCertificateRequestDialog(handler);
+  } else {
+    handler->CertificateSelected(NULL);
+  }
+}
+
 void TabContentsSSLHelper::ShowClientCertificateRequestDialog(
     scoped_refptr<SSLClientAuthHandler> handler) {
   browser::ShowSSLClientCertificateSelector(