android_webview/java/src/org/chromium/android_webview/SslCertLookupTable.java - Issue 12091111: Implement Webviewclient.onReceivedSslError

Unified Diff: android_webview/java/src/org/chromium/android_webview/SslCertLookupTable.java

Issue 12091111: Implement Webviewclient.onReceivedSslError (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: updated copyrights Created 7 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« android_webview/java/src/org/chromium/android_webview/AwContents.java ('K') | « android_webview/java/src/org/chromium/android_webview/AwContentsClient.java ('k') | android_webview/native/aw_certificate_error_handler_base.cc » ('j') | android_webview/native/aw_certificate_error_handler_base.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: android_webview/java/src/org/chromium/android_webview/SslCertLookupTable.java

diff --git a/android_webview/java/src/org/chromium/android_webview/SslCertLookupTable.java b/android_webview/java/src/org/chromium/android_webview/SslCertLookupTable.java

new file mode 100644

index 0000000000000000000000000000000000000000..897f0825c96f6a8cc352e53687a6f1c141eecbe0

--- /dev/null

+++ b/android_webview/java/src/org/chromium/android_webview/SslCertLookupTable.java

@@ -0,0 +1,60 @@

+// Use of this source code is governed by a BSD-style license that can be

+// found in the LICENSE file.

+package org.chromium.android_webview;

+import android.os.Bundle;

+import android.net.http.SslError;

+import java.net.MalformedURLException;

+import java.net.URL;

+/**

+ * Stores the user's decision of whether to allow or deny an invalid certificate.

+ *

+ * This class is not threadsafe. It is used only on the WebCore thread. Also, it

boliu 2013/02/01 20:03:23 say UI thread, (same thing, but it's the chromium

Kristian Monsen 2013/02/01 20:51:12 And remove reference to Chromium HTTP stack.

sgurun-gerrit only 2013/02/01 22:08:00 Another good catch. I don't see any reason to talk

+ * is used only by the Chromium HTTP stack.

+ */

+final class SslCertLookupTable {

+ private static SslCertLookupTable sTable;

+ // We store the most severe error we're willing to allow for each host.

+ private final Bundle table;

+ public static SslCertLookupTable getInstance() {

+ if (sTable == null) {

+ sTable = new SslCertLookupTable();

+ }

+ return sTable;

+ }

+ private SslCertLookupTable() {

+ table = new Bundle();

+ }

+ public void setIsAllowed(SslError sslError) {

+ String host;

+ try {

+ host = new URL(sslError.getUrl()).getHost();

+ } catch(MalformedURLException e) {

+ return;

+ }

+ table.putInt(host, sslError.getPrimaryError());

+ }

+ // We allow the decision to be re-used if it's for the same host and is for

+ // an error of equal or greater severity than this error.

+ public boolean isAllowed(SslError sslError) {

+ String host;

+ try {

+ host = new URL(sslError.getUrl()).getHost();

+ } catch(MalformedURLException e) {

+ return false;

+ }

+ return table.containsKey(host) && sslError.getPrimaryError() <= table.getInt(host);

+ }

+ public void clear() {

+ table.clear();

+ }