| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ssl/ssl_error_handler.h" | 5 #include "chrome/browser/ssl/ssl_error_handler.h" |
| 6 | 6 |
| 7 #include "base/callback_helpers.h" | 7 #include "base/callback_helpers.h" |
| 8 #include "base/metrics/field_trial.h" | 8 #include "base/metrics/field_trial.h" |
| 9 #include "base/metrics/histogram.h" | 9 #include "base/metrics/histogram.h" |
| 10 #include "base/time/time.h" | 10 #include "base/time/time.h" |
| 11 #include "chrome/browser/profiles/profile.h" | 11 #include "chrome/browser/profiles/profile.h" |
| 12 #include "chrome/browser/ssl/ssl_blocking_page.h" | 12 #include "chrome/browser/ssl/ssl_blocking_page.h" |
| 13 #include "chrome/browser/ssl/ssl_cert_reporter.h" | 13 #include "chrome/browser/ssl/ssl_cert_reporter.h" |
| 14 #include "chrome/browser/ssl/ssl_error_classification.h" | 14 #include "chrome/browser/ssl/ssl_error_classification.h" |
| 15 #include "content/public/browser/notification_service.h" | 15 #include "content/public/browser/notification_service.h" |
| 16 #include "content/public/browser/notification_source.h" | 16 #include "content/public/browser/notification_source.h" |
| 17 #include "content/public/browser/web_contents.h" | 17 #include "content/public/browser/web_contents.h" |
| 18 #include "net/base/net_errors.h" |
| 18 | 19 |
| 19 #if defined(ENABLE_CAPTIVE_PORTAL_DETECTION) | 20 #if defined(ENABLE_CAPTIVE_PORTAL_DETECTION) |
| 20 #include "chrome/browser/captive_portal/captive_portal_service.h" | 21 #include "chrome/browser/captive_portal/captive_portal_service.h" |
| 21 #include "chrome/browser/captive_portal/captive_portal_service_factory.h" | 22 #include "chrome/browser/captive_portal/captive_portal_service_factory.h" |
| 22 #include "chrome/browser/captive_portal/captive_portal_tab_helper.h" | 23 #include "chrome/browser/captive_portal/captive_portal_tab_helper.h" |
| 23 #include "chrome/browser/ssl/captive_portal_blocking_page.h" | 24 #include "chrome/browser/ssl/captive_portal_blocking_page.h" |
| 24 #endif | 25 #endif |
| 25 | 26 |
| 26 namespace { | 27 namespace { |
| 27 | 28 |
| (...skipping 119 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 147 } | 148 } |
| 148 | 149 |
| 149 void SSLErrorHandler::StartHandlingError() { | 150 void SSLErrorHandler::StartHandlingError() { |
| 150 RecordUMA(HANDLE_ALL); | 151 RecordUMA(HANDLE_ALL); |
| 151 | 152 |
| 152 std::vector<std::string> dns_names; | 153 std::vector<std::string> dns_names; |
| 153 ssl_info_.cert->GetDNSNames(&dns_names); | 154 ssl_info_.cert->GetDNSNames(&dns_names); |
| 154 DCHECK(!dns_names.empty()); | 155 DCHECK(!dns_names.empty()); |
| 155 GURL suggested_url; | 156 GURL suggested_url; |
| 156 if (IsSSLCommonNameMismatchHandlingEnabled() && | 157 if (IsSSLCommonNameMismatchHandlingEnabled() && |
| 157 ssl_info_.cert_status == net::CERT_STATUS_COMMON_NAME_INVALID && | 158 cert_error_ == net::ERR_CERT_COMMON_NAME_INVALID && IsOverridable() && |
| 158 GetSuggestedUrl(dns_names, &suggested_url)) { | 159 GetSuggestedUrl(dns_names, &suggested_url)) { |
| 159 RecordUMA(WWW_MISMATCH_FOUND); | 160 RecordUMA(WWW_MISMATCH_FOUND); |
| 160 net::CertStatus extra_cert_errors = | 161 net::CertStatus extra_cert_errors = |
| 161 ssl_info_.cert_status ^ net::CERT_STATUS_COMMON_NAME_INVALID; | 162 ssl_info_.cert_status ^ net::CERT_STATUS_COMMON_NAME_INVALID; |
| 162 | 163 |
| 163 // Show the SSL intersitial if |CERT_STATUS_COMMON_NAME_INVALID| is not | 164 // Show the SSL intersitial if |CERT_STATUS_COMMON_NAME_INVALID| is not |
| 164 // the only error. Need not check for captive portal in this case. | 165 // the only error. Need not check for captive portal in this case. |
| 165 // (See the comment below). | 166 // (See the comment below). |
| 166 if (net::IsCertStatusError(extra_cert_errors) && | 167 if (net::IsCertStatusError(extra_cert_errors) && |
| 167 !net::IsCertStatusMinorError(ssl_info_.cert_status)) { | 168 !net::IsCertStatusMinorError(ssl_info_.cert_status)) { |
| (...skipping 58 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 226 base::Bind(&SSLErrorHandler::CommonNameMismatchHandlerCallback, | 227 base::Bind(&SSLErrorHandler::CommonNameMismatchHandlerCallback, |
| 227 base::Unretained(this))); | 228 base::Unretained(this))); |
| 228 } | 229 } |
| 229 | 230 |
| 230 void SSLErrorHandler::NavigateToSuggestedURL(const GURL& suggested_url) { | 231 void SSLErrorHandler::NavigateToSuggestedURL(const GURL& suggested_url) { |
| 231 content::NavigationController::LoadURLParams load_params(suggested_url); | 232 content::NavigationController::LoadURLParams load_params(suggested_url); |
| 232 load_params.transition_type = ui::PAGE_TRANSITION_TYPED; | 233 load_params.transition_type = ui::PAGE_TRANSITION_TYPED; |
| 233 web_contents()->GetController().LoadURLWithParams(load_params); | 234 web_contents()->GetController().LoadURLWithParams(load_params); |
| 234 } | 235 } |
| 235 | 236 |
| 237 bool SSLErrorHandler::IsOverridable() { |
| 238 return SSLBlockingPage::IsOverridable(options_mask_, profile_); |
| 239 } |
| 240 |
| 236 void SSLErrorHandler::CheckForCaptivePortal() { | 241 void SSLErrorHandler::CheckForCaptivePortal() { |
| 237 #if defined(ENABLE_CAPTIVE_PORTAL_DETECTION) | 242 #if defined(ENABLE_CAPTIVE_PORTAL_DETECTION) |
| 238 CaptivePortalService* captive_portal_service = | 243 CaptivePortalService* captive_portal_service = |
| 239 CaptivePortalServiceFactory::GetForProfile(profile_); | 244 CaptivePortalServiceFactory::GetForProfile(profile_); |
| 240 captive_portal_service->DetectCaptivePortal(); | 245 captive_portal_service->DetectCaptivePortal(); |
| 241 #else | 246 #else |
| 242 NOTREACHED(); | 247 NOTREACHED(); |
| 243 #endif | 248 #endif |
| 244 } | 249 } |
| 245 | 250 |
| 246 void SSLErrorHandler::ShowCaptivePortalInterstitial(const GURL& landing_url) { | 251 void SSLErrorHandler::ShowCaptivePortalInterstitial(const GURL& landing_url) { |
| 247 #if defined(ENABLE_CAPTIVE_PORTAL_DETECTION) | 252 #if defined(ENABLE_CAPTIVE_PORTAL_DETECTION) |
| 248 // Show captive portal blocking page. The interstitial owns the blocking page. | 253 // Show captive portal blocking page. The interstitial owns the blocking page. |
| 249 RecordUMA(SSLBlockingPage::IsOverridable(options_mask_, profile_) | 254 RecordUMA(IsOverridable() ? SHOW_CAPTIVE_PORTAL_INTERSTITIAL_OVERRIDABLE |
| 250 ? SHOW_CAPTIVE_PORTAL_INTERSTITIAL_OVERRIDABLE | 255 : SHOW_CAPTIVE_PORTAL_INTERSTITIAL_NONOVERRIDABLE); |
| 251 : SHOW_CAPTIVE_PORTAL_INTERSTITIAL_NONOVERRIDABLE); | |
| 252 (new CaptivePortalBlockingPage(web_contents_, request_url_, landing_url, | 256 (new CaptivePortalBlockingPage(web_contents_, request_url_, landing_url, |
| 253 ssl_cert_reporter_.Pass(), ssl_info_, | 257 ssl_cert_reporter_.Pass(), ssl_info_, |
| 254 callback_))->Show(); | 258 callback_))->Show(); |
| 255 // Once an interstitial is displayed, no need to keep the handler around. | 259 // Once an interstitial is displayed, no need to keep the handler around. |
| 256 // This is the equivalent of "delete this". | 260 // This is the equivalent of "delete this". |
| 257 web_contents_->RemoveUserData(UserDataKey()); | 261 web_contents_->RemoveUserData(UserDataKey()); |
| 258 #else | 262 #else |
| 259 NOTREACHED(); | 263 NOTREACHED(); |
| 260 #endif | 264 #endif |
| 261 } | 265 } |
| 262 | 266 |
| 263 void SSLErrorHandler::ShowSSLInterstitial() { | 267 void SSLErrorHandler::ShowSSLInterstitial() { |
| 264 // Show SSL blocking page. The interstitial owns the blocking page. | 268 // Show SSL blocking page. The interstitial owns the blocking page. |
| 265 RecordUMA(SSLBlockingPage::IsOverridable(options_mask_, profile_) | 269 RecordUMA(IsOverridable() ? SHOW_SSL_INTERSTITIAL_OVERRIDABLE |
| 266 ? SHOW_SSL_INTERSTITIAL_OVERRIDABLE | 270 : SHOW_SSL_INTERSTITIAL_NONOVERRIDABLE); |
| 267 : SHOW_SSL_INTERSTITIAL_NONOVERRIDABLE); | |
| 268 | 271 |
| 269 (new SSLBlockingPage(web_contents_, cert_error_, ssl_info_, request_url_, | 272 (new SSLBlockingPage(web_contents_, cert_error_, ssl_info_, request_url_, |
| 270 options_mask_, base::Time::NowFromSystemTime(), | 273 options_mask_, base::Time::NowFromSystemTime(), |
| 271 ssl_cert_reporter_.Pass(), callback_)) | 274 ssl_cert_reporter_.Pass(), callback_)) |
| 272 ->Show(); | 275 ->Show(); |
| 273 // Once an interstitial is displayed, no need to keep the handler around. | 276 // Once an interstitial is displayed, no need to keep the handler around. |
| 274 // This is the equivalent of "delete this". | 277 // This is the equivalent of "delete this". |
| 275 web_contents_->RemoveUserData(UserDataKey()); | 278 web_contents_->RemoveUserData(UserDataKey()); |
| 276 } | 279 } |
| 277 | 280 |
| (...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 325 timer_.Stop(); | 328 timer_.Stop(); |
| 326 if (result == CommonNameMismatchHandler::SuggestedUrlCheckResult:: | 329 if (result == CommonNameMismatchHandler::SuggestedUrlCheckResult:: |
| 327 SUGGESTED_URL_AVAILABLE) { | 330 SUGGESTED_URL_AVAILABLE) { |
| 328 RecordUMA(WWW_MISMATCH_URL_AVAILABLE); | 331 RecordUMA(WWW_MISMATCH_URL_AVAILABLE); |
| 329 NavigateToSuggestedURL(suggested_url); | 332 NavigateToSuggestedURL(suggested_url); |
| 330 } else { | 333 } else { |
| 331 RecordUMA(WWW_MISMATCH_URL_NOT_AVAILABLE); | 334 RecordUMA(WWW_MISMATCH_URL_NOT_AVAILABLE); |
| 332 ShowSSLInterstitial(); | 335 ShowSSLInterstitial(); |
| 333 } | 336 } |
| 334 } | 337 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1294673005:
Disable Name Mismatch redirection for non-overridable SSL errors (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master