ios/web/net/crw_cert_verification_controller.h - Issue 1316063008: Reland: WKWebView: Added cert verification API to web controller.

Unified Diff: ios/web/net/crw_cert_verification_controller.h

Issue 1316063008: Reland: WKWebView: Added cert verification API to web controller. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Fixed downstream compilation fixed typo Created 5 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« no previous file with comments | « ios/web/net/cert_verifier_block_adapter_unittest.cc ('k') | ios/web/net/crw_cert_verification_controller.mm » ('j') | ios/web/web_state/ui/crw_wk_web_view_web_controller.mm » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: ios/web/net/crw_cert_verification_controller.h

diff --git a/ios/web/net/crw_cert_verification_controller.h b/ios/web/net/crw_cert_verification_controller.h

new file mode 100644

index 0000000000000000000000000000000000000000..06ff635836431f0de9110a33a1eacc180028b721

--- /dev/null

+++ b/ios/web/net/crw_cert_verification_controller.h

@@ -0,0 +1,68 @@

+// Use of this source code is governed by a BSD-style license that can be

+// found in the LICENSE file.

+#ifndef IOS_WEB_NET_CRW_CERT_VERIFICATION_CONTROLLER_H_

+#define IOS_WEB_NET_CRW_CERT_VERIFICATION_CONTROLLER_H_

+#import <Foundation/Foundation.h>

+#import "base/memory/ref_counted.h"

+#include "net/cert/cert_status_flags.h"

+namespace net {

+class X509Certificate;

+namespace web {

+class BrowserState;

+// Accept policy for valid or invalid SSL cert.

+typedef NS_ENUM(NSInteger, CertAcceptPolicy) {

+ // Cert status can't be determined due to an error. Caller should not proceed

+ // with the load, but show net error page instead.

+ CERT_ACCEPT_POLICY_NON_RECOVERABLE_ERROR = 0,

+ // Cert is not valid. Caller may present SSL warning and ask user if they

+ // want to proceed with the load.

+ CERT_ACCEPT_POLICY_RECOVERABLE_ERROR,

+ // Cert is valid. Caller should proceed with the load.

+ CERT_ACCEPT_POLICY_ALLOW,

+};

+// Completion handler called by decidePolicyForCert:host:completionHandler:.

+typedef void (^PolicyDecisionHandler)(web::CertAcceptPolicy, net::CertStatus);

+} // namespace web

+// Provides various cert verification API that can be used for blocking requests

+// with bad SSL cert, presenting SSL interstitials and determining SSL status

+// for Navigation Items. Must be used on UI thread.

+@interface CRWCertVerificationController : NSObject

+- (instancetype)init NS_UNAVAILABLE;

+// Initializes CRWCertVerificationController with the given |browserState| which

+// cannot be null and must outlive CRWCertVerificationController.

+- (instancetype)initWithBrowserState:(web::BrowserState*)browserState

+ NS_DESIGNATED_INITIALIZER;

+// TODO(eugenebut): add API for:

+// - accepting bad SSL cert using CertPolicyCache

+// - querying SSL cert status for Navigation Item

+// Decides the policy for the given |cert| for the given |host| and calls

+// |completionHandler| on completion. |completionHandler| cannot be null and

+// will be called synchronously or asynchronously on UI thread.

+- (void)decidePolicyForCert:(const scoped_refptr<net::X509Certificate>&)cert

+ host:(NSString*)host

+ completionHandler:(web::PolicyDecisionHandler)handler;

+// Cancels all pending verification requests. Completion handlers will not be

+// called after |shutDown| call. Must always be called before object's

+// deallocation.

+- (void)shutDown;

+@end

+#endif // IOS_WEB_NET_CRW_CERT_VERIFICATION_CONTROLLER_H_