OLD | NEW |
---|---|
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/url_request/url_request_http_job.h" | 5 #include "net/url_request/url_request_http_job.h" |
6 | 6 |
7 #include "base/bind.h" | 7 #include "base/bind.h" |
8 #include "base/base_switches.h" | 8 #include "base/base_switches.h" |
9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
10 #include "base/compiler_specific.h" | 10 #include "base/compiler_specific.h" |
(...skipping 671 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
682 } | 682 } |
683 } | 683 } |
684 } | 684 } |
685 #endif | 685 #endif |
686 | 686 |
687 if (result == OK) { | 687 if (result == OK) { |
688 SaveCookiesAndNotifyHeadersComplete(); | 688 SaveCookiesAndNotifyHeadersComplete(); |
689 } else if (ShouldTreatAsCertificateError(result)) { | 689 } else if (ShouldTreatAsCertificateError(result)) { |
690 // We encountered an SSL certificate error. Ask our delegate to decide | 690 // We encountered an SSL certificate error. Ask our delegate to decide |
691 // what we should do. | 691 // what we should do. |
692 // TODO(wtc): also pass ssl_info.cert_status, or just pass the whole | 692 |
693 // ssl_info. | 693 TransportSecurityState::DomainState domain_state; |
wtc
2011/09/23 00:04:51
The ssl_info structure has become much bigger than
| |
694 const bool r = context_->transport_security_state()->IsEnabledForHost( | |
wtc
2011/09/23 00:04:51
Please pick a better variable name than |r|.
| |
695 &domain_state, request_info_.url.host(), | |
696 SSLConfigService::IsSNIAvailable(context_->ssl_config_service())); | |
697 // ERR_CERT_UNABLE_TO_CHECK_REVOCATION isn't forced to fatal, even for HSTS | |
698 // sites, because it happens due to transient network issues. | |
699 bool must_be_fatal = r && result != ERR_CERT_UNABLE_TO_CHECK_REVOCATION; | |
700 | |
694 NotifySSLCertificateError( | 701 NotifySSLCertificateError( |
695 result, transaction_->GetResponseInfo()->ssl_info.cert); | 702 result, transaction_->GetResponseInfo()->ssl_info, must_be_fatal); |
wtc
2011/09/23 00:04:51
In our current design of SSL error handling, I bel
| |
696 } else if (result == ERR_SSL_CLIENT_AUTH_CERT_NEEDED) { | 703 } else if (result == ERR_SSL_CLIENT_AUTH_CERT_NEEDED) { |
697 NotifyCertificateRequested( | 704 NotifyCertificateRequested( |
698 transaction_->GetResponseInfo()->cert_request_info); | 705 transaction_->GetResponseInfo()->cert_request_info); |
699 } else { | 706 } else { |
700 NotifyStartError(URLRequestStatus(URLRequestStatus::FAILED, result)); | 707 NotifyStartError(URLRequestStatus(URLRequestStatus::FAILED, result)); |
701 } | 708 } |
702 } | 709 } |
703 | 710 |
704 void URLRequestHttpJob::OnReadCompleted(int result) { | 711 void URLRequestHttpJob::OnReadCompleted(int result) { |
705 read_in_progress_ = false; | 712 read_in_progress_ = false; |
706 | 713 |
707 if (ShouldFixMismatchedContentLength(result)) | 714 if (ShouldFixMismatchedContentLength(result)) |
708 result = 0; | 715 result = 0; |
709 | 716 |
710 if (result == 0) { | 717 if (result == 0) { |
711 NotifyDone(URLRequestStatus()); | 718 NotifyDone(URLRequestStatus()); |
712 } else if (result < 0) { | 719 } else if (result < 0) { |
713 NotifyDone(URLRequestStatus(URLRequestStatus::FAILED, result)); | 720 NotifyDone(URLRequestStatus(URLRequestStatus::FAILED, result)); |
714 } else { | 721 } else { |
715 // Clear the IO_PENDING status | 722 // Clear the IO_PENDING status |
716 SetStatus(URLRequestStatus()); | 723 SetStatus(URLRequestStatus()); |
717 } | 724 } |
718 | 725 |
719 NotifyReadComplete(result); | 726 NotifyReadComplete(result); |
720 } | 727 } |
721 | 728 |
722 bool URLRequestHttpJob::ShouldTreatAsCertificateError(int result) { | 729 bool URLRequestHttpJob::ShouldTreatAsCertificateError(int result) { |
wtc
2011/09/23 00:04:51
We should remove the ShouldTreatAsCertificateError
| |
723 if (!IsCertificateError(result)) | 730 return IsCertificateError(result); |
724 return false; | |
725 | |
726 // Revocation check failures are always certificate errors, even if the host | |
727 // is using Strict-Transport-Security. | |
728 if (result == ERR_CERT_UNABLE_TO_CHECK_REVOCATION) | |
729 return true; | |
730 | |
731 // Check whether our context is using Strict-Transport-Security. | |
732 if (!context_->transport_security_state()) | |
733 return true; | |
734 | |
735 TransportSecurityState::DomainState domain_state; | |
736 const bool r = context_->transport_security_state()->IsEnabledForHost( | |
737 &domain_state, request_info_.url.host(), | |
738 SSLConfigService::IsSNIAvailable(context_->ssl_config_service())); | |
739 | |
740 return !r; | |
741 } | 731 } |
742 | 732 |
743 void URLRequestHttpJob::RestartTransactionWithAuth( | 733 void URLRequestHttpJob::RestartTransactionWithAuth( |
744 const string16& username, | 734 const string16& username, |
745 const string16& password) { | 735 const string16& password) { |
746 username_ = username; | 736 username_ = username; |
747 password_ = password; | 737 password_ = password; |
748 | 738 |
749 // These will be reset in OnStartCompleted. | 739 // These will be reset in OnStartCompleted. |
750 response_info_ = NULL; | 740 response_info_ = NULL; |
(...skipping 637 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1388 if (done_) | 1378 if (done_) |
1389 return; | 1379 return; |
1390 done_ = true; | 1380 done_ = true; |
1391 | 1381 |
1392 RecordPerfHistograms(reason); | 1382 RecordPerfHistograms(reason); |
1393 if (reason == FINISHED) | 1383 if (reason == FINISHED) |
1394 RecordCompressionHistograms(); | 1384 RecordCompressionHistograms(); |
1395 } | 1385 } |
1396 | 1386 |
1397 } // namespace net | 1387 } // namespace net |
OLD | NEW |