Implement Webviewclient.onReceivedSslError

android_webview/java/src/org/chromium/android_webview/SslCertLookupTable.java

Index: android_webview/java/src/org/chromium/android_webview/SslCertLookupTable.java
diff --git a/android_webview/java/src/org/chromium/android_webview/SslCertLookupTable.java b/android_webview/java/src/org/chromium/android_webview/SslCertLookupTable.java
new file mode 100644
index 0000000000000000000000000000000000000000..e043a42ec02dd25b17ce6f42164b945112b26f86
--- /dev/null
+++ b/android_webview/java/src/org/chromium/android_webview/SslCertLookupTable.java
@@ -0,0 +1,58 @@
+// Copyright (c) 2013 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+package org.chromium.android_webview;
+
+import android.os.Bundle;
+import android.net.http.SslError;
+
+import java.net.MalformedURLException;
+import java.net.URL;
+
+/**
+ * Stores the user's decision of whether to allow or deny an invalid certificate.
+ * This class is not threadsafe. Used on the UI thread.
+ */
+final class SslCertLookupTable {
+    private static SslCertLookupTable sTable;
+    // We store the most severe error we're willing to allow for each host.
+    private final Bundle table;

[boliu, 2013/02/01 23:07:13]

I don't know much about bundle. Is it better than treemap or hashmap?

[sgurun-gerrit only, 2013/02/02 01:01:10]

I don't know if this is better, but this is from original code and I am not
eager to change it unless there is a bug or some performance numbers that show
it makes a difference.

On 2013/02/01 23:07:13, boliu wrote:

+
+    public static SslCertLookupTable getInstance() {
+        if (sTable == null) {
+            sTable = new SslCertLookupTable();
+        }
+        return sTable;
+    }
+
+    private SslCertLookupTable() {
+        table = new Bundle();
+    }
+
+    public void setIsAllowed(SslError sslError) {

[boliu, 2013/02/01 23:07:13]

Looks like this is not binary, so something like setMaxAllowedSslErrorLevel?

[sgurun-gerrit only, 2013/02/02 01:01:10]

Please clarify, not sure what you mean.

On 2013/02/01 23:07:13, boliu wrote:

[boliu, 2013/02/02 01:10:42]

I mean setIsAllowed feels like it should take a boolean value. This method
effectively takes an integer, so was suggesting rename to something else.

[sgurun-gerrit only, 2013/02/02 03:16:10]

Obviously SslError is not int, but I see what you mean. We can change the name
(I can't think of a good name now, but will find)

On 2013/02/02 01:10:42, boliu wrote:

+        String host;
+        try {
+            host = new URL(sslError.getUrl()).getHost();
+        } catch(MalformedURLException e) {
+            return;
+        }
+        table.putInt(host, sslError.getPrimaryError());
+    }
+
+    // We allow the decision to be re-used if it's for the same host and is for
+    // an error of equal or greater severity than this error.
+    public boolean isAllowed(SslError sslError) {
+        String host;
+        try {
+            host = new URL(sslError.getUrl()).getHost();
+        } catch(MalformedURLException e) {
+            return false;
+        }
+        return table.containsKey(host) && sslError.getPrimaryError() <= table.getInt(host);
+    }
+
+    public void clear() {

[boliu, 2013/02/01 23:07:13]

I don't think this is called anywhere.

Should this class be per awcontents instead of global? (match old
implementation)

[sgurun-gerrit only, 2013/02/02 01:01:10]

No not called right now. But soon will be used (reviving clearSslPreferences is
the second part of bug, so I am not putting a TODO). 

On 2013/02/01 23:07:13, boliu wrote:

+        table.clear();
+    }
+}