chrome/browser/ssl/ssl_error_classification.cc - Issue 1223233002: Common Name Mismatch Handler For WWW Subdomain Mismatch case

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: chrome/browser/ssl/ssl_error_classification.cc

Issue 1223233002: Common Name Mismatch Handler For WWW Subdomain Mismatch case (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Resolved comments, added UMA Created 5 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« chrome/browser/ssl/ssl_browser_tests.cc ('K') | « chrome/browser/ssl/ssl_error_classification.h ('k') | chrome/browser/ssl/ssl_error_handler.h » ('j') | chrome/browser/ssl/ssl_error_handler.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: chrome/browser/ssl/ssl_error_classification.cc

diff --git a/chrome/browser/ssl/ssl_error_classification.cc b/chrome/browser/ssl/ssl_error_classification.cc

index eea89250afa724677523c9a09e001a80b2e5b6ae..aaebffac3a07e02c2c8c4abd0f487328e6114fb5 100644

--- a/chrome/browser/ssl/ssl_error_classification.cc

+++ b/chrome/browser/ssl/ssl_error_classification.cc

@@ -322,33 +322,43 @@ Tokenize(const std::string& name) {

}

// We accept the inverse case for www for historical reasons.

-bool SSLErrorClassification::IsWWWSubDomainMatch() const {

- std::string host_name = request_url_.host();

+bool SSLErrorClassification::GetWWWSubDomainMatch(

+ const std::string& host_name,

+ const std::vector<std::string>& dns_names,

+ std::string* www_match_host_name) {

if (IsHostNameKnownTLD(host_name)) {

- std::vector<std::string> dns_names;

- cert_.GetDNSNames(&dns_names);

- bool result = false;

// Need to account for all possible domains given in the SSL certificate.

for (size_t i = 0; i < dns_names.size(); ++i) {

if (dns_names[i].empty() || dns_names[i].find('\0') != std::string::npos

|| dns_names[i].length() == host_name.length()

|| !(IsHostNameKnownTLD(dns_names[i]))) {

- result = result || false;

+ continue;

} else if (dns_names[i].length() > host_name.length()) {

- result = result ||

- net::StripWWW(base::ASCIIToUTF16(dns_names[i])) ==

- base::ASCIIToUTF16(host_name);

+ if (net::StripWWW(base::ASCIIToUTF16(dns_names[i])) ==

+ base::ASCIIToUTF16(host_name)) {

+ www_match_host_name->assign(dns_names[i].data(), dns_names[i].size());

+ return true;

+ }

} else {

- result = result ||

- net::StripWWW(base::ASCIIToUTF16(host_name)) ==

- base::ASCIIToUTF16(dns_names[i]);

+ if (net::StripWWW(base::ASCIIToUTF16(host_name)) ==

+ base::ASCIIToUTF16(dns_names[i])) {

+ www_match_host_name->assign(dns_names[i].data(), dns_names[i].size());

+ return true;

+ }

}

- return result;

}

return false;

}

+bool SSLErrorClassification::IsWWWSubDomainMatch() const {

+ const std::string& host_name = request_url_.host();

+ std::vector<std::string> dns_names;

+ cert_.GetDNSNames(&dns_names);

+ std::string www_host;

+ return GetWWWSubDomainMatch(host_name, dns_names, &www_host);

bool SSLErrorClassification::NameUnderAnyNames(

const Tokens& child,

const std::vector<Tokens>& potential_parents) const {