OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #import "ios/web/web_state/ui/crw_wk_web_view_web_controller.h" | 5 #import "ios/web/web_state/ui/crw_wk_web_view_web_controller.h" |
6 | 6 |
7 #import <WebKit/WebKit.h> | 7 #import <WebKit/WebKit.h> |
8 | 8 |
9 #include "base/ios/ios_util.h" | 9 #include "base/ios/ios_util.h" |
10 #include "base/ios/weak_nsobject.h" | 10 #include "base/ios/weak_nsobject.h" |
11 #include "base/json/json_reader.h" | 11 #include "base/json/json_reader.h" |
12 #import "base/mac/scoped_nsobject.h" | 12 #import "base/mac/scoped_nsobject.h" |
13 #include "base/macros.h" | 13 #include "base/macros.h" |
14 #include "base/strings/sys_string_conversions.h" | 14 #include "base/strings/sys_string_conversions.h" |
15 #include "base/values.h" | 15 #include "base/values.h" |
16 #import "ios/net/http_response_headers_util.h" | 16 #import "ios/net/http_response_headers_util.h" |
17 #import "ios/web/crw_network_activity_indicator_manager.h" | 17 #import "ios/web/crw_network_activity_indicator_manager.h" |
18 #import "ios/web/navigation/crw_session_controller.h" | 18 #import "ios/web/navigation/crw_session_controller.h" |
19 #include "ios/web/navigation/web_load_params.h" | 19 #include "ios/web/navigation/web_load_params.h" |
20 #include "ios/web/net/cert_verifier_block_adapter.h" | |
20 #include "ios/web/public/web_client.h" | 21 #include "ios/web/public/web_client.h" |
21 #import "ios/web/public/web_state/js/crw_js_injection_manager.h" | 22 #import "ios/web/public/web_state/js/crw_js_injection_manager.h" |
22 #import "ios/web/public/web_state/ui/crw_native_content_provider.h" | 23 #import "ios/web/public/web_state/ui/crw_native_content_provider.h" |
23 #import "ios/web/public/web_state/ui/crw_web_view_content_view.h" | 24 #import "ios/web/public/web_state/ui/crw_web_view_content_view.h" |
24 #import "ios/web/ui_web_view_util.h" | 25 #import "ios/web/ui_web_view_util.h" |
25 #include "ios/web/web_state/blocked_popup_info.h" | 26 #include "ios/web/web_state/blocked_popup_info.h" |
26 #import "ios/web/web_state/error_translation_util.h" | 27 #import "ios/web/web_state/error_translation_util.h" |
27 #include "ios/web/web_state/frame_info.h" | 28 #include "ios/web/web_state/frame_info.h" |
28 #import "ios/web/web_state/js/crw_js_window_id_manager.h" | 29 #import "ios/web/web_state/js/crw_js_window_id_manager.h" |
29 #import "ios/web/web_state/js/page_script_util.h" | 30 #import "ios/web/web_state/js/page_script_util.h" |
30 #import "ios/web/web_state/ui/crw_web_controller+protected.h" | 31 #import "ios/web/web_state/ui/crw_web_controller+protected.h" |
31 #import "ios/web/web_state/ui/crw_wk_web_view_crash_detector.h" | 32 #import "ios/web/web_state/ui/crw_wk_web_view_crash_detector.h" |
32 #import "ios/web/web_state/ui/web_view_js_utils.h" | 33 #import "ios/web/web_state/ui/web_view_js_utils.h" |
33 #import "ios/web/web_state/ui/wk_web_view_configuration_provider.h" | 34 #import "ios/web/web_state/ui/wk_web_view_configuration_provider.h" |
34 #import "ios/web/web_state/web_state_impl.h" | 35 #import "ios/web/web_state/web_state_impl.h" |
35 #import "ios/web/web_state/web_view_internal_creation_util.h" | 36 #import "ios/web/web_state/web_view_internal_creation_util.h" |
36 #import "ios/web/webui/crw_web_ui_manager.h" | 37 #import "ios/web/webui/crw_web_ui_manager.h" |
37 #import "net/base/mac/url_conversions.h" | 38 #import "net/base/mac/url_conversions.h" |
39 #include "net/cert/cert_verify_result.h" | |
40 #include "net/ssl/ssl_config_service.h" | |
38 | 41 |
39 #if !defined(ENABLE_CHROME_NET_STACK_FOR_WKWEBVIEW) | 42 #if !defined(ENABLE_CHROME_NET_STACK_FOR_WKWEBVIEW) |
40 #include "ios/web/public/cert_store.h" | 43 #include "ios/web/public/cert_store.h" |
41 #include "ios/web/public/navigation_item.h" | 44 #include "ios/web/public/navigation_item.h" |
42 #include "ios/web/public/ssl_status.h" | 45 #include "ios/web/public/ssl_status.h" |
43 #import "ios/web/web_state/wk_web_view_security_util.h" | 46 #import "ios/web/web_state/wk_web_view_security_util.h" |
44 #include "net/cert/x509_certificate.h" | 47 #include "net/cert/x509_certificate.h" |
45 #include "net/ssl/ssl_info.h" | 48 #include "net/ssl/ssl_info.h" |
46 #endif | 49 #endif |
47 | 50 |
(...skipping 70 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
118 base::scoped_nsobject<NSString> _documentMIMEType; | 121 base::scoped_nsobject<NSString> _documentMIMEType; |
119 | 122 |
120 // Whether the web page is currently performing window.history.pushState or | 123 // Whether the web page is currently performing window.history.pushState or |
121 // window.history.replaceState | 124 // window.history.replaceState |
122 // Set to YES on window.history.willChangeState message. To NO on | 125 // Set to YES on window.history.willChangeState message. To NO on |
123 // window.history.didPushState or window.history.didReplaceState. | 126 // window.history.didPushState or window.history.didReplaceState. |
124 BOOL _changingHistoryState; | 127 BOOL _changingHistoryState; |
125 | 128 |
126 // CRWWebUIManager object for loading WebUI pages. | 129 // CRWWebUIManager object for loading WebUI pages. |
127 base::scoped_nsobject<CRWWebUIManager> _webUIManager; | 130 base::scoped_nsobject<CRWWebUIManager> _webUIManager; |
131 | |
132 // Cert verification object which wraps net::CertVerifier. | |
133 net::CertVerifierBlockAdapter _certVerifier; | |
128 } | 134 } |
129 | 135 |
130 // Response's MIME type of the last known navigation. | 136 // Response's MIME type of the last known navigation. |
131 @property(nonatomic, copy) NSString* documentMIMEType; | 137 @property(nonatomic, copy) NSString* documentMIMEType; |
132 | 138 |
133 // Dictionary where keys are the names of WKWebView properties and values are | 139 // Dictionary where keys are the names of WKWebView properties and values are |
134 // selector names which should be called when a corresponding property has | 140 // selector names which should be called when a corresponding property has |
135 // changed. e.g. @{ @"URL" : @"webViewURLDidChange" } means that | 141 // changed. e.g. @{ @"URL" : @"webViewURLDidChange" } means that |
136 // -[self webViewURLDidChange] must be called every time when WKWebView.URL is | 142 // -[self webViewURLDidChange] must be called every time when WKWebView.URL is |
137 // changed. | 143 // changed. |
(...skipping 82 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
220 // _documentURL, and informs the superclass of the change. | 226 // _documentURL, and informs the superclass of the change. |
221 - (void)URLDidChangeWithoutDocumentChange:(const GURL&)URL; | 227 - (void)URLDidChangeWithoutDocumentChange:(const GURL&)URL; |
222 | 228 |
223 // Returns new autoreleased instance of WKUserContentController which has | 229 // Returns new autoreleased instance of WKUserContentController which has |
224 // early page script. | 230 // early page script. |
225 - (WKUserContentController*)createUserContentController; | 231 - (WKUserContentController*)createUserContentController; |
226 | 232 |
227 // Attempts to handle a script message. Returns YES on success, NO otherwise. | 233 // Attempts to handle a script message. Returns YES on success, NO otherwise. |
228 - (BOOL)respondToWKScriptMessage:(WKScriptMessage*)scriptMessage; | 234 - (BOOL)respondToWKScriptMessage:(WKScriptMessage*)scriptMessage; |
229 | 235 |
236 // Verifies the given |cert| for the given |host| and calls |block| on | |
237 // completion. |block| can not be null and may be called either synchronously or | |
238 // asynchronously. | |
239 - (void)verifyCert:(scoped_refptr<net::X509Certificate>)cert | |
240 forHost:(NSString*)host | |
241 completionHandler:(void (^)(scoped_ptr<net::CertVerifyResult>, int))block; | |
davidben
2015/07/31 18:58:46
[Shouldn't these be indented such that the colons
Eugene But (OOO till 7-30)
2015/08/01 00:25:40
This indentation is correct. When the first keywor
| |
242 | |
230 // Used to decide whether a load that generates errors with the | 243 // Used to decide whether a load that generates errors with the |
231 // NSURLErrorCancelled code should be cancelled. | 244 // NSURLErrorCancelled code should be cancelled. |
232 - (BOOL)shouldAbortLoadForCancelledError:(NSError*)error; | 245 - (BOOL)shouldAbortLoadForCancelledError:(NSError*)error; |
233 | 246 |
234 #if !defined(ENABLE_CHROME_NET_STACK_FOR_WKWEBVIEW) | 247 #if !defined(ENABLE_CHROME_NET_STACK_FOR_WKWEBVIEW) |
235 // Called when WKWebView estimatedProgress has been changed. | 248 // Called when WKWebView estimatedProgress has been changed. |
236 - (void)webViewEstimatedProgressDidChange; | 249 - (void)webViewEstimatedProgressDidChange; |
237 | 250 |
238 // Called when WKWebView certificateChain or hasOnlySecureContent property has | 251 // Called when WKWebView certificateChain or hasOnlySecureContent property has |
239 // changed. | 252 // changed. |
(...skipping 586 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
826 (*handlers)["window.history.willChangeState"] = | 839 (*handlers)["window.history.willChangeState"] = |
827 @selector(handleWindowHistoryWillChangeStateMessage:context:); | 840 @selector(handleWindowHistoryWillChangeStateMessage:context:); |
828 }); | 841 }); |
829 DCHECK(handlers); | 842 DCHECK(handlers); |
830 auto iter = handlers->find(command); | 843 auto iter = handlers->find(command); |
831 return iter != handlers->end() | 844 return iter != handlers->end() |
832 ? iter->second | 845 ? iter->second |
833 : [super selectorToHandleJavaScriptCommand:command]; | 846 : [super selectorToHandleJavaScriptCommand:command]; |
834 } | 847 } |
835 | 848 |
849 - (void)verifyCert:(scoped_refptr<net::X509Certificate>)cert | |
850 forHost:(NSString*)host | |
851 completionHandler:(void (^)(scoped_ptr<net::CertVerifyResult>, int))block { | |
852 DCHECK(block); | |
853 std::string hostname = base::SysNSStringToUTF8(host); | |
854 net::CertVerifierBlockAdapter::Params params(cert, hostname); | |
855 params.ocsp_response = ""; // Not provided by iOS API. | |
Ryan Sleevi
2015/08/01 01:36:22
= "" is unnscessary (you should have a default cto
Eugene But (OOO till 7-30)
2015/08/05 16:13:43
I just want to be explicit that ocsp_response is e
Ryan Sleevi
2015/08/06 03:07:08
We developed a clang tool to excise this pattern f
Eugene But (OOO till 7-30)
2015/08/07 02:27:19
Thanks, I did not know about clang changes. Replac
| |
856 params.flags = net::CertVerifier::VERIFY_CERT_IO_ENABLED; | |
Ryan Sleevi
2015/08/01 01:36:22
This doesn't seem correct.
See https://code.googl
Eugene But (OOO till 7-30)
2015/08/05 16:13:43
Done, thanks for the link.
| |
857 params.crl_set = net::SSLConfigService::GetCRLSet().Pass(); | |
858 _certVerifier.Verify(params, block); | |
859 } | |
860 | |
836 - (BOOL)shouldAbortLoadForCancelledError:(NSError*)error { | 861 - (BOOL)shouldAbortLoadForCancelledError:(NSError*)error { |
837 DCHECK_EQ(error.code, NSURLErrorCancelled); | 862 DCHECK_EQ(error.code, NSURLErrorCancelled); |
838 // Do not abort the load if it is for an app specific URL, as such errors | 863 // Do not abort the load if it is for an app specific URL, as such errors |
839 // are produced during the app specific URL load process. | 864 // are produced during the app specific URL load process. |
840 const GURL errorURL = | 865 const GURL errorURL = |
841 net::GURLWithNSURL(error.userInfo[NSURLErrorFailingURLErrorKey]); | 866 net::GURLWithNSURL(error.userInfo[NSURLErrorFailingURLErrorKey]); |
842 if (web::GetWebClient()->IsAppSpecificURL(errorURL)) | 867 if (web::GetWebClient()->IsAppSpecificURL(errorURL)) |
843 return NO; | 868 return NO; |
844 // Don't abort NSURLErrorCancelled errors originating from navigation, as the | 869 // Don't abort NSURLErrorCancelled errors originating from navigation, as the |
845 // WKWebView will automatically retry these loads. | 870 // WKWebView will automatically retry these loads. |
(...skipping 312 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1158 didFailNavigation:(WKNavigation *)navigation | 1183 didFailNavigation:(WKNavigation *)navigation |
1159 withError:(NSError *)error { | 1184 withError:(NSError *)error { |
1160 [self handleLoadError:WKWebViewErrorWithSource(error, NAVIGATION) | 1185 [self handleLoadError:WKWebViewErrorWithSource(error, NAVIGATION) |
1161 inMainFrame:YES]; | 1186 inMainFrame:YES]; |
1162 } | 1187 } |
1163 | 1188 |
1164 - (void)webView:(WKWebView *)webView | 1189 - (void)webView:(WKWebView *)webView |
1165 didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge | 1190 didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge |
1166 completionHandler: | 1191 completionHandler: |
1167 (void (^)(NSURLSessionAuthChallengeDisposition disposition, | 1192 (void (^)(NSURLSessionAuthChallengeDisposition disposition, |
1168 NSURLCredential *credential))completionHandler { | 1193 NSURLCredential *credential))completionHandler { |
davidben
2015/07/31 18:58:46
Isn't this supposed to check the protectionSpace.a
Eugene But (OOO till 7-30)
2015/08/01 00:25:40
challenge.protectionSpace.serverTrust returns nil
davidben
2015/08/03 18:06:32
This is unreasonable to rely on.
Eugene But (OOO till 7-30)
2015/08/05 16:13:43
I guess auth method, other than NSURLAuthenticatio
| |
1169 NOTIMPLEMENTED(); | 1194 SecTrustRef trust = challenge.protectionSpace.serverTrust; |
1170 completionHandler(NSURLSessionAuthChallengeRejectProtectionSpace, nil); | 1195 scoped_refptr<net::X509Certificate> cert = web::CreateCertFromTrust(trust); |
1196 [self verifyCert:cert | |
1197 forHost:challenge.protectionSpace.host | |
1198 completionHandler:^(scoped_ptr<net::CertVerifyResult> result, | |
1199 int status) { | |
1200 DCHECK(result || status); | |
1201 if (result && !net::IsCertStatusError(result->cert_status)) { | |
Ryan Sleevi
2015/08/01 01:36:22
This doesn't seem right either - normally you'd al
Eugene But (OOO till 7-30)
2015/08/05 16:13:43
Done.
| |
1202 // Cert is valid. | |
1203 } else { | |
1204 // Cert is invalid. | |
davidben
2015/07/31 18:58:46
The docs point to this sample code:
https://devel
Eugene But (OOO till 7-30)
2015/08/01 00:25:40
Thanks for the link. Accepting bad SSL cert is not
| |
1205 } | |
1206 NOTIMPLEMENTED(); | |
1207 completionHandler(NSURLSessionAuthChallengeRejectProtectionSpace, nil); | |
davidben
2015/07/31 18:58:46
Is this supposed to be NSURLSessionAuthChallengeRe
Eugene But (OOO till 7-30)
2015/08/01 00:25:40
NSURLSessionAuthChallengeRejectProtectionSpace is
Eugene But (OOO till 7-30)
2015/08/05 16:13:43
Changed to NSURLSessionAuthChallengePerformDefault
| |
1208 }]; | |
1171 } | 1209 } |
1172 | 1210 |
1173 - (void)webViewWebContentProcessDidTerminate:(WKWebView*)webView { | 1211 - (void)webViewWebContentProcessDidTerminate:(WKWebView*)webView { |
1174 [self webViewWebProcessDidCrash]; | 1212 [self webViewWebProcessDidCrash]; |
1175 } | 1213 } |
1176 | 1214 |
1177 #pragma mark WKUIDelegate Methods | 1215 #pragma mark WKUIDelegate Methods |
1178 | 1216 |
1179 - (WKWebView*)webView:(WKWebView*)webView | 1217 - (WKWebView*)webView:(WKWebView*)webView |
1180 createWebViewWithConfiguration:(WKWebViewConfiguration*)configuration | 1218 createWebViewWithConfiguration:(WKWebViewConfiguration*)configuration |
(...skipping 78 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1259 placeholderText:defaultText | 1297 placeholderText:defaultText |
1260 requestURL: | 1298 requestURL: |
1261 net::GURLWithNSURL(frame.request.URL) | 1299 net::GURLWithNSURL(frame.request.URL) |
1262 completionHandler:completionHandler]; | 1300 completionHandler:completionHandler]; |
1263 } else if (completionHandler) { | 1301 } else if (completionHandler) { |
1264 completionHandler(nil); | 1302 completionHandler(nil); |
1265 } | 1303 } |
1266 } | 1304 } |
1267 | 1305 |
1268 @end | 1306 @end |
OLD | NEW |