Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(274)

Side by Side Diff: ios/web/web_state/ui/crw_wk_web_view_web_controller.mm

Issue 1322193003: WKWebView(iOS9): correctly update SSL status for current navigation item (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@reland_cert_verification
Patch Set: Corrected comment Created 5 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #import "ios/web/web_state/ui/crw_wk_web_view_web_controller.h" 5 #import "ios/web/web_state/ui/crw_wk_web_view_web_controller.h"
6 6
7 #import <WebKit/WebKit.h> 7 #import <WebKit/WebKit.h>
8 8
9 #include "base/ios/ios_util.h" 9 #include "base/ios/ios_util.h"
10 #include "base/ios/weak_nsobject.h" 10 #include "base/ios/weak_nsobject.h"
(...skipping 223 matching lines...) Expand 10 before | Expand all | Expand 10 after
234 // Called when a load ends in an SSL error. 234 // Called when a load ends in an SSL error.
235 - (void)handleSSLError:(NSError*)error; 235 - (void)handleSSLError:(NSError*)error;
236 #endif 236 #endif
237 237
238 // Adds an activity indicator tasks for this web controller. 238 // Adds an activity indicator tasks for this web controller.
239 - (void)addActivityIndicatorTask; 239 - (void)addActivityIndicatorTask;
240 240
241 // Clears all activity indicator tasks for this web controller. 241 // Clears all activity indicator tasks for this web controller.
242 - (void)clearActivityIndicatorTasks; 242 - (void)clearActivityIndicatorTasks;
243 243
244 // Obtains SSL status from given |certChain| and updates it for navigation items
245 // with given |certID|.
246 - (void)updateSSLStatusForNavigationItemsWithCertID:(int)certID
247 usingCertChain:(NSArray*)certChain;
248
244 #if !defined(ENABLE_CHROME_NET_STACK_FOR_WKWEBVIEW) 249 #if !defined(ENABLE_CHROME_NET_STACK_FOR_WKWEBVIEW)
245 // Updates SSL status for the current navigation item based on the information 250 // Updates SSL status for the current navigation item based on the information
246 // provided by web view. 251 // provided by web view.
247 - (void)updateSSLStatusForCurrentNavigationItem; 252 - (void)updateSSLStatusForCurrentNavigationItem;
248 #endif 253 #endif
249 254
250 // Registers load request with empty referrer and link or client redirect 255 // Registers load request with empty referrer and link or client redirect
251 // transition based on user interaction state. 256 // transition based on user interaction state.
252 - (void)registerLoadRequest:(const GURL&)url; 257 - (void)registerLoadRequest:(const GURL&)url;
253 258
(...skipping 580 matching lines...) Expand 10 before | Expand all | Expand 10 after
834 - (void)addActivityIndicatorTask { 839 - (void)addActivityIndicatorTask {
835 [[CRWNetworkActivityIndicatorManager sharedInstance] 840 [[CRWNetworkActivityIndicatorManager sharedInstance]
836 startNetworkTaskForGroup:[self activityIndicatorGroupID]]; 841 startNetworkTaskForGroup:[self activityIndicatorGroupID]];
837 } 842 }
838 843
839 - (void)clearActivityIndicatorTasks { 844 - (void)clearActivityIndicatorTasks {
840 [[CRWNetworkActivityIndicatorManager sharedInstance] 845 [[CRWNetworkActivityIndicatorManager sharedInstance]
841 clearNetworkTasksForGroup:[self activityIndicatorGroupID]]; 846 clearNetworkTasksForGroup:[self activityIndicatorGroupID]];
842 } 847 }
843 848
849 - (void)updateSSLStatusForNavigationItemsWithCertID:(int)certID
850 usingCertChain:(NSArray*)certChain {
851 base::WeakNSObject<CRWWKWebViewWebController> weakSelf(self);
852 void (^SSLStatusResponse)(web::SecurityStyle, net::CertStatus) =
853 ^(web::SecurityStyle style, net::CertStatus certStatus) {
854 base::scoped_nsobject<CRWWKWebViewWebController> strongSelf(
855 [weakSelf retain]);
856 if (!strongSelf || [strongSelf isBeingDestroyed]) {
857 return;
858 }
859
860 web::NavigationManagerImpl& navigationManager =
861 [strongSelf webStateImpl]->GetNavigationManagerImpl();
862
863 bool updated = false;
stuartmorgan 2015/09/10 22:26:18 updatedCurrentItem?
Eugene But (OOO till 7-30) 2015/09/14 23:20:30 Done.
864 for (int i = 0; i < navigationManager.GetEntryCount(); i++) {
865 web::NavigationItem* item = navigationManager.GetItemAtIndex(i);
866 DCHECK(item);
867 web::SSLStatus previousSSLStatus = item->GetSSL();
stuartmorgan 2015/09/10 22:26:18 This should be inside the if; currently you're cop
Eugene But (OOO till 7-30) 2015/09/14 23:20:30 Done.
868 web::SSLStatus& SSLStatus = item->GetSSL();
869 if (SSLStatus.cert_id == certID) {
870 SSLStatus.cert_status = certStatus;
871 SSLStatus.security_style = style;
872 if (navigationManager.GetCurrentEntryIndex() == i &&
stuartmorgan 2015/09/10 22:26:18 The current index could be called outside the loop
Eugene But (OOO till 7-30) 2015/09/14 23:20:30 Done.
873 !previousSSLStatus.Equals(SSLStatus)) {
874 updated = true;
875 }
876 }
877 }
878
879 if (updated) {
880 [strongSelf didUpdateSSLStatusForCurrentNavigationItem];
881 }
882 };
883
884 [_certVerificationController querySSLStatusForCertChain:certChain
885 host:[_wkWebView URL].host
886 completionHandler:SSLStatusResponse];
887 }
888
844 #if !defined(ENABLE_CHROME_NET_STACK_FOR_WKWEBVIEW) 889 #if !defined(ENABLE_CHROME_NET_STACK_FOR_WKWEBVIEW)
890
845 - (void)updateSSLStatusForCurrentNavigationItem { 891 - (void)updateSSLStatusForCurrentNavigationItem {
846 if ([self isBeingDestroyed]) 892 if ([self isBeingDestroyed])
847 return; 893 return;
848 894
849 DCHECK(self.webStateImpl);
850 web::NavigationItem* item = 895 web::NavigationItem* item =
851 self.webStateImpl->GetNavigationManagerImpl().GetLastCommittedItem(); 896 self.webStateImpl->GetNavigationManagerImpl().GetLastCommittedItem();
852 if (!item) 897 if (!item)
853 return; 898 return;
854 899
855 web::SSLStatus previousSSLStatus = item->GetSSL(); 900 web::SSLStatus previousSSLStatus = item->GetSSL();
856 web::SSLStatus& SSLStatus = item->GetSSL(); 901 web::SSLStatus& SSLStatus = item->GetSSL();
857 if (item->GetURL().SchemeIsCryptographic()) {
858 // TODO(eugenebut): Do not set security style to authenticated once
859 // proceeding with bad ssl cert is implemented.
860 SSLStatus.security_style = web::SECURITY_STYLE_AUTHENTICATED;
861 SSLStatus.content_status = [_wkWebView hasOnlySecureContent]
862 ? web::SSLStatus::NORMAL_CONTENT
863 : web::SSLStatus::DISPLAYED_INSECURE_CONTENT;
864 902
865 if (base::ios::IsRunningOnIOS9OrLater()) { 903 // Starting from iOS9 WKWebView blocks active mixed content, so if
866 scoped_refptr<net::X509Certificate> cert(web::CreateCertFromChain( 904 // |hasOnlySecureContent| returns NO it means passive content.
867 [_wkWebView performSelector:@selector(certificateChain)])); 905 // On iOS8 there is no way to determine if web view has active mixed content.
868 if (cert) { 906 SSLStatus.content_status = [_wkWebView hasOnlySecureContent]
869 SSLStatus.cert_id = web::CertStore::GetInstance()->StoreCert( 907 ? web::SSLStatus::NORMAL_CONTENT
870 cert.get(), self.certGroupID); 908 : web::SSLStatus::DISPLAYED_INSECURE_CONTENT;
871 } else { 909
872 SSLStatus.security_style = web::SECURITY_STYLE_UNAUTHENTICATED; 910 // Retrieve top level frame certificate.
873 SSLStatus.cert_id = 0; 911 NSArray* chain = nil;
874 } 912 scoped_refptr<net::X509Certificate> cert;
913 if (base::ios::IsRunningOnIOS9OrLater() &&
914 item->GetURL().SchemeIsCryptographic()) {
915 chain = [_wkWebView performSelector:@selector(certificateChain)];
916 cert = web::CreateCertFromChain(chain);
917 }
918
919 if (cert) {
920 SSLStatus.cert_id =
921 web::CertStore::GetInstance()->StoreCert(cert.get(), self.certGroupID);
922 [self updateSSLStatusForNavigationItemsWithCertID:SSLStatus.cert_id
923 usingCertChain:chain];
924 } else {
925 SSLStatus.cert_id = 0;
926 if (!item->GetURL().SchemeIsCryptographic()) {
927 // HTTP or other non-secure connection.
928 SSLStatus.security_style = web::SECURITY_STYLE_UNAUTHENTICATED;
929 } else if (base::ios::IsRunningOnIOS9OrLater()) {
930 // HTTPS, iOS9 and no certificate (this use-case has not been observed).
931 // TODO(eugenebut): Add UMA action for this anomaly (crbug.com/528668).
932 SSLStatus.security_style = web::SECURITY_STYLE_UNKNOWN;
933 } else {
934 // HTTPS, iOS8.
935 // iOS8 cannot load unauthentificated HTTPS content.
stuartmorgan 2015/09/10 22:26:18 s/ificated/icated/
Eugene But (OOO till 7-30) 2015/09/14 23:20:30 Done.
936 SSLStatus.security_style = web::SECURITY_STYLE_AUTHENTICATED;
875 } 937 }
876 } else {
877 SSLStatus.security_style = web::SECURITY_STYLE_UNAUTHENTICATED;
878 SSLStatus.cert_id = 0;
879 } 938 }
880 939
881 if (!previousSSLStatus.Equals(SSLStatus)) { 940 if (!previousSSLStatus.Equals(SSLStatus)) {
882 [self didUpdateSSLStatusForCurrentNavigationItem]; 941 [self didUpdateSSLStatusForCurrentNavigationItem];
883 } 942 }
884 } 943 }
944
885 #endif // !defined(ENABLE_CHROME_NET_STACK_FOR_WKWEBVIEW) 945 #endif // !defined(ENABLE_CHROME_NET_STACK_FOR_WKWEBVIEW)
886 946
887 - (void)registerLoadRequest:(const GURL&)url { 947 - (void)registerLoadRequest:(const GURL&)url {
888 // If load request is registered via WKWebViewWebController, assume transition 948 // If load request is registered via WKWebViewWebController, assume transition
889 // is link or client redirect as other transitions will already be registered 949 // is link or client redirect as other transitions will already be registered
890 // by web controller or delegates. 950 // by web controller or delegates.
891 // TODO(stuartmorgan): Remove guesswork and replace with information from 951 // TODO(stuartmorgan): Remove guesswork and replace with information from
892 // decidePolicyForNavigationAction:. 952 // decidePolicyForNavigationAction:.
893 ui::PageTransition transition = self.userInteractionRegistered 953 ui::PageTransition transition = self.userInteractionRegistered
894 ? ui::PAGE_TRANSITION_LINK 954 ? ui::PAGE_TRANSITION_LINK
(...skipping 553 matching lines...) Expand 10 before | Expand all | Expand 10 after
1448 placeholderText:defaultText 1508 placeholderText:defaultText
1449 requestURL: 1509 requestURL:
1450 net::GURLWithNSURL(frame.request.URL) 1510 net::GURLWithNSURL(frame.request.URL)
1451 completionHandler:completionHandler]; 1511 completionHandler:completionHandler];
1452 } else if (completionHandler) { 1512 } else if (completionHandler) {
1453 completionHandler(nil); 1513 completionHandler(nil);
1454 } 1514 }
1455 } 1515 }
1456 1516
1457 @end 1517 @end
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698