Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1875)

Unified Diff: android_webview/java/src/org/chromium/android_webview/AwContents.java

Issue 12091111: Implement Webviewclient.onReceivedSslError (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: address code review Created 7 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: android_webview/java/src/org/chromium/android_webview/AwContents.java
diff --git a/android_webview/java/src/org/chromium/android_webview/AwContents.java b/android_webview/java/src/org/chromium/android_webview/AwContents.java
index 4fed78c509bba30c3446391c368ff071bb58dd65..af5231dd78861f2971c3cf9e11548a6c12d1e22a 100644
--- a/android_webview/java/src/org/chromium/android_webview/AwContents.java
+++ b/android_webview/java/src/org/chromium/android_webview/AwContents.java
@@ -10,6 +10,7 @@ import android.graphics.Canvas;
import android.graphics.Color;
import android.graphics.Rect;
import android.net.http.SslCertificate;
+import android.net.http.SslError;
import android.os.AsyncTask;
import android.os.Build;
import android.os.Bundle;
@@ -20,6 +21,7 @@ import android.view.MotionEvent;
import android.view.View;
import android.view.ViewGroup;
import android.webkit.GeolocationPermissions;
+import android.webkit.SslErrorHandler;
import android.webkit.ValueCallback;
import org.chromium.base.CalledByNative;
@@ -583,29 +585,7 @@ public class AwContents {
*/
public SslCertificate getCertificate() {
if (mNativeAwContents == 0) return null;
- byte[] derBytes = nativeGetCertificate(mNativeAwContents);
- if (derBytes == null) {
- return null;
- }
-
- try {
- X509Certificate x509Certificate =
- X509Util.createCertificateFromBytes(derBytes);
- return new SslCertificate(x509Certificate);
- } catch (CertificateException e) {
- // Intentional fall through
- // A SSL related exception must have occured. This shouldn't happen.
- Log.w(TAG, "Could not read certificate: " + e);
- } catch (KeyStoreException e) {
- // Intentional fall through
- // A SSL related exception must have occured. This shouldn't happen.
- Log.w(TAG, "Could not read certificate: " + e);
- } catch (NoSuchAlgorithmException e) {
- // Intentional fall through
- // A SSL related exception must have occured. This shouldn't happen.
- Log.w(TAG, "Could not read certificate: " + e);
- }
- return null;
+ return getCertificateFromDerBytes(nativeGetCertificate(mNativeAwContents));
}
/**
@@ -840,6 +820,52 @@ public class AwContents {
mContentsClient.onReceivedHttpAuthRequest(handler, host, realm);
}
+ // If returns true, the request is immediately canceled, and any call to proceedSslError
+ // has no effect. If returns false, the request should be canceled or proceeded using
+ // proceedSslError().
+ @CalledByNative
+ private boolean cancelCertificateError(int certError, byte[] derBytes, String url) {
+ SslCertificate cert = getCertificateFromDerBytes(derBytes);
+ if (cert == null) {
+ // if the certificate is null, cancel the request
+ return true;
+ }
+ final SslError sslError = SslError.SslErrorFromChromiumErrorCode(certError, cert, url);
+ if (SslCertLookupTable.getInstance().isAllowed(sslError)) {
+ proceedSslError(true);
+ return false;
boliu 2013/02/01 23:07:13 so we are not doing this optimization?
sgurun-gerrit only 2013/02/02 01:01:10 I think you mean why do we have to use the callbac
boliu 2013/02/02 01:10:42 Can you just return true here without calling proc
sgurun-gerrit only 2013/02/02 03:16:10 Nop, it won't work (Please take a look at the plac
+ }
+
+ SslErrorHandler handler = new SslErrorHandler() {
+ @Override
+ public void proceed() {
+ post(new Runnable() {
+ @Override
+ public void run() {
+ SslCertLookupTable.getInstance().setIsAllowed(sslError);
+ proceedSslError(true);
+ }
+ });
+ }
+ @Override
+ public void cancel() {
+ post(new Runnable() {
+ @Override
+ public void run() {
+ proceedSslError(false);
+ }
+ });
+ }
+ };
+ mContentsClient.onReceivedSslError(handler, sslError);
+ return false;
+ }
+
+ private void proceedSslError(boolean proceed) {
+ if (mNativeAwContents == 0) return;
+ nativeProceedSslError(mNativeAwContents, proceed);
+ }
+
private static class ChromiumGeolocationCallback implements GeolocationPermissions.Callback {
final int mRenderProcessId;
final int mRenderViewId;
@@ -947,6 +973,31 @@ public class AwContents {
return null;
}
+ private SslCertificate getCertificateFromDerBytes(byte[] derBytes) {
+ if (derBytes == null) {
+ return null;
+ }
+
+ try {
+ X509Certificate x509Certificate =
+ X509Util.createCertificateFromBytes(derBytes);
+ return new SslCertificate(x509Certificate);
+ } catch (CertificateException e) {
+ // Intentional fall through
+ // A SSL related exception must have occured. This shouldn't happen.
+ Log.w(TAG, "Could not read certificate: " + e);
+ } catch (KeyStoreException e) {
+ // Intentional fall through
+ // A SSL related exception must have occured. This shouldn't happen.
+ Log.w(TAG, "Could not read certificate: " + e);
+ } catch (NoSuchAlgorithmException e) {
+ // Intentional fall through
+ // A SSL related exception must have occured. This shouldn't happen.
+ Log.w(TAG, "Could not read certificate: " + e);
+ }
+ return null;
+ }
+
@CalledByNative
private void handleJsAlert(String url, String message, JsResultReceiver receiver) {
mContentsClient.handleJsAlert(url, message, receiver);
@@ -1000,6 +1051,7 @@ public class AwContents {
private native void nativeClearMatches(int nativeAwContents);
private native void nativeClearCache(int nativeAwContents, boolean includeDiskFiles);
private native byte[] nativeGetCertificate(int nativeAwContents);
+ private native void nativeProceedSslError(int nativeAwContents, boolean proceed);
private native void nativeRequestNewHitTestDataAt(int nativeAwContents, int x, int y);
private native void nativeUpdateLastHitTestData(int nativeAwContents);
private native void nativeOnSizeChanged(int nativeAwContents, int w, int h, int ow, int oh);

Powered by Google App Engine
This is Rietveld 408576698