OLD | NEW |
---|---|
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #import "ios/web/web_state/ui/crw_wk_web_view_web_controller.h" | 5 #import "ios/web/web_state/ui/crw_wk_web_view_web_controller.h" |
6 | 6 |
7 #import <WebKit/WebKit.h> | 7 #import <WebKit/WebKit.h> |
8 | 8 |
9 #include "base/ios/ios_util.h" | 9 #include "base/ios/ios_util.h" |
10 #include "base/ios/weak_nsobject.h" | 10 #include "base/ios/weak_nsobject.h" |
(...skipping 229 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
240 // Called when a load ends in an SSL error. | 240 // Called when a load ends in an SSL error. |
241 - (void)handleSSLError:(NSError*)error; | 241 - (void)handleSSLError:(NSError*)error; |
242 #endif | 242 #endif |
243 | 243 |
244 // Adds an activity indicator tasks for this web controller. | 244 // Adds an activity indicator tasks for this web controller. |
245 - (void)addActivityIndicatorTask; | 245 - (void)addActivityIndicatorTask; |
246 | 246 |
247 // Clears all activity indicator tasks for this web controller. | 247 // Clears all activity indicator tasks for this web controller. |
248 - (void)clearActivityIndicatorTasks; | 248 - (void)clearActivityIndicatorTasks; |
249 | 249 |
250 // Obtains SSL status from given |certChain| and updates it for navigation items | |
251 // with given |certID|. | |
252 - (void)updateSSLStatusForNavigationItemsWithCertID:(int)certID | |
253 usingCertChain:(NSArray*)certChain; | |
254 | |
250 #if !defined(ENABLE_CHROME_NET_STACK_FOR_WKWEBVIEW) | 255 #if !defined(ENABLE_CHROME_NET_STACK_FOR_WKWEBVIEW) |
251 // Updates SSL status for the current navigation item based on the information | 256 // Updates SSL status for the current navigation item based on the information |
252 // provided by web view. | 257 // provided by web view. |
253 - (void)updateSSLStatusForCurrentNavigationItem; | 258 - (void)updateSSLStatusForCurrentNavigationItem; |
254 #endif | 259 #endif |
255 | 260 |
256 // Registers load request with empty referrer and link or client redirect | 261 // Registers load request with empty referrer and link or client redirect |
257 // transition based on user interaction state. | 262 // transition based on user interaction state. |
258 - (void)registerLoadRequest:(const GURL&)url; | 263 - (void)registerLoadRequest:(const GURL&)url; |
259 | 264 |
(...skipping 579 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
839 - (void)addActivityIndicatorTask { | 844 - (void)addActivityIndicatorTask { |
840 [[CRWNetworkActivityIndicatorManager sharedInstance] | 845 [[CRWNetworkActivityIndicatorManager sharedInstance] |
841 startNetworkTaskForGroup:[self activityIndicatorGroupID]]; | 846 startNetworkTaskForGroup:[self activityIndicatorGroupID]]; |
842 } | 847 } |
843 | 848 |
844 - (void)clearActivityIndicatorTasks { | 849 - (void)clearActivityIndicatorTasks { |
845 [[CRWNetworkActivityIndicatorManager sharedInstance] | 850 [[CRWNetworkActivityIndicatorManager sharedInstance] |
846 clearNetworkTasksForGroup:[self activityIndicatorGroupID]]; | 851 clearNetworkTasksForGroup:[self activityIndicatorGroupID]]; |
847 } | 852 } |
848 | 853 |
854 - (void)updateSSLStatusForNavigationItemsWithCertID:(int)certID | |
855 usingCertChain:(NSArray*)certChain { | |
856 base::WeakNSObject<CRWWKWebViewWebController> weakSelf(self); | |
857 void (^SSLStatusResponse)(web::SecurityStyle, net::CertStatus) = | |
858 ^(web::SecurityStyle style, net::CertStatus certStatus) { | |
859 base::scoped_nsobject<CRWWKWebViewWebController> strongSelf( | |
860 [weakSelf retain]); | |
861 if (!strongSelf || [strongSelf isBeingDestroyed]) { | |
862 return; | |
863 } | |
864 | |
865 web::NavigationManager* navigationManager = | |
866 [strongSelf webStateImpl]->GetNavigationManager(); | |
867 int currentItemIndex = navigationManager->GetCurrentEntryIndex(); | |
868 | |
869 bool updatedCurrentItem = false; | |
870 for (int i = 0; i < navigationManager->GetEntryCount(); i++) { | |
871 web::NavigationItem* item = navigationManager->GetItemAtIndex(i); | |
872 web::SSLStatus& SSLStatus = item->GetSSL(); | |
873 if (SSLStatus.cert_id == certID) { | |
874 web::SSLStatus previousSSLStatus = item->GetSSL(); | |
875 SSLStatus.cert_status = certStatus; | |
876 SSLStatus.security_style = style; | |
877 if (currentItemIndex == i && !previousSSLStatus.Equals(SSLStatus)) { | |
878 updatedCurrentItem = true; | |
879 } | |
880 } | |
881 } | |
882 | |
883 if (updatedCurrentItem) { | |
884 [strongSelf didUpdateSSLStatusForCurrentNavigationItem]; | |
885 } | |
886 }; | |
887 | |
888 [_certVerificationController querySSLStatusForCertChain:certChain | |
889 host:[_wkWebView URL].host | |
890 completionHandler:SSLStatusResponse]; | |
891 } | |
892 | |
849 #if !defined(ENABLE_CHROME_NET_STACK_FOR_WKWEBVIEW) | 893 #if !defined(ENABLE_CHROME_NET_STACK_FOR_WKWEBVIEW) |
894 | |
850 - (void)updateSSLStatusForCurrentNavigationItem { | 895 - (void)updateSSLStatusForCurrentNavigationItem { |
851 if ([self isBeingDestroyed]) | 896 if ([self isBeingDestroyed]) |
852 return; | 897 return; |
853 | 898 |
854 DCHECK(self.webStateImpl); | |
855 web::NavigationItem* item = | 899 web::NavigationItem* item = |
856 self.webStateImpl->GetNavigationManagerImpl().GetLastCommittedItem(); | 900 self.webStateImpl->GetNavigationManagerImpl().GetLastCommittedItem(); |
857 if (!item) | 901 if (!item) |
858 return; | 902 return; |
859 | 903 |
860 web::SSLStatus previousSSLStatus = item->GetSSL(); | 904 web::SSLStatus previousSSLStatus = item->GetSSL(); |
861 web::SSLStatus& SSLStatus = item->GetSSL(); | 905 web::SSLStatus& SSLStatus = item->GetSSL(); |
862 if (item->GetURL().SchemeIsCryptographic()) { | |
863 // TODO(eugenebut): Do not set security style to authenticated once | |
864 // proceeding with bad ssl cert is implemented. | |
865 SSLStatus.security_style = web::SECURITY_STYLE_AUTHENTICATED; | |
866 SSLStatus.content_status = [_wkWebView hasOnlySecureContent] | |
867 ? web::SSLStatus::NORMAL_CONTENT | |
868 : web::SSLStatus::DISPLAYED_INSECURE_CONTENT; | |
869 | 906 |
870 if (base::ios::IsRunningOnIOS9OrLater()) { | 907 // Starting from iOS9 WKWebView blocks active mixed content, so if |
871 scoped_refptr<net::X509Certificate> cert(web::CreateCertFromChain( | 908 // |hasOnlySecureContent| returns NO it means passive content. |
872 [_wkWebView performSelector:@selector(certificateChain)])); | 909 // On iOS8 there is no way to determine if web view has active mixed content. |
873 if (cert) { | 910 SSLStatus.content_status = [_wkWebView hasOnlySecureContent] |
874 SSLStatus.cert_id = web::CertStore::GetInstance()->StoreCert( | 911 ? web::SSLStatus::NORMAL_CONTENT |
875 cert.get(), self.certGroupID); | 912 : web::SSLStatus::DISPLAYED_INSECURE_CONTENT; |
876 } else { | 913 |
877 SSLStatus.security_style = web::SECURITY_STYLE_UNAUTHENTICATED; | 914 // Retrieve top level frame certificate. |
878 SSLStatus.cert_id = 0; | 915 NSArray* chain = nil; |
879 } | 916 scoped_refptr<net::X509Certificate> cert; |
917 if (base::ios::IsRunningOnIOS9OrLater() && | |
918 item->GetURL().SchemeIsCryptographic()) { | |
919 chain = [_wkWebView performSelector:@selector(certificateChain)]; | |
920 cert = web::CreateCertFromChain(chain); | |
921 } | |
922 | |
923 if (cert) { | |
924 int oldCertID = SSLStatus.cert_id; | |
925 SSLStatus.cert_id = | |
926 web::CertStore::GetInstance()->StoreCert(cert.get(), self.certGroupID); | |
927 if (oldCertID != SSLStatus.cert_id) { | |
928 [self updateSSLStatusForNavigationItemsWithCertID:SSLStatus.cert_id | |
929 usingCertChain:chain]; | |
880 } | 930 } |
881 } else { | 931 } else { |
882 SSLStatus.security_style = web::SECURITY_STYLE_UNAUTHENTICATED; | |
883 SSLStatus.cert_id = 0; | 932 SSLStatus.cert_id = 0; |
933 if (!item->GetURL().SchemeIsCryptographic()) { | |
934 // HTTP or other non-secure connection. | |
935 SSLStatus.security_style = web::SECURITY_STYLE_UNAUTHENTICATED; | |
936 } else if (base::ios::IsRunningOnIOS9OrLater()) { | |
937 // HTTPS, iOS9 and no certificate (this use-case has not been observed). | |
jww
2015/09/15 22:26:25
Given that this seems like a silly scenario, and w
Eugene But (OOO till 7-30)
2015/09/15 23:04:43
I suspect that this may happen in case of server m
| |
938 // TODO(eugenebut): Add UMA action for this anomaly (crbug.com/528668). | |
939 SSLStatus.security_style = web::SECURITY_STYLE_UNKNOWN; | |
940 } else { | |
941 // HTTPS, iOS8. | |
942 // iOS8 cannot load unauthenticated HTTPS content. | |
943 SSLStatus.security_style = web::SECURITY_STYLE_AUTHENTICATED; | |
944 } | |
884 } | 945 } |
885 | 946 |
886 if (!previousSSLStatus.Equals(SSLStatus)) { | 947 if (!previousSSLStatus.Equals(SSLStatus)) { |
887 [self didUpdateSSLStatusForCurrentNavigationItem]; | 948 [self didUpdateSSLStatusForCurrentNavigationItem]; |
888 } | 949 } |
889 } | 950 } |
951 | |
890 #endif // !defined(ENABLE_CHROME_NET_STACK_FOR_WKWEBVIEW) | 952 #endif // !defined(ENABLE_CHROME_NET_STACK_FOR_WKWEBVIEW) |
891 | 953 |
892 - (void)registerLoadRequest:(const GURL&)url { | 954 - (void)registerLoadRequest:(const GURL&)url { |
893 // If load request is registered via WKWebViewWebController, assume transition | 955 // If load request is registered via WKWebViewWebController, assume transition |
894 // is link or client redirect as other transitions will already be registered | 956 // is link or client redirect as other transitions will already be registered |
895 // by web controller or delegates. | 957 // by web controller or delegates. |
896 // TODO(stuartmorgan): Remove guesswork and replace with information from | 958 // TODO(stuartmorgan): Remove guesswork and replace with information from |
897 // decidePolicyForNavigationAction:. | 959 // decidePolicyForNavigationAction:. |
898 ui::PageTransition transition = self.userInteractionRegistered | 960 ui::PageTransition transition = self.userInteractionRegistered |
899 ? ui::PAGE_TRANSITION_LINK | 961 ? ui::PAGE_TRANSITION_LINK |
(...skipping 566 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1466 placeholderText:defaultText | 1528 placeholderText:defaultText |
1467 requestURL: | 1529 requestURL: |
1468 net::GURLWithNSURL(frame.request.URL) | 1530 net::GURLWithNSURL(frame.request.URL) |
1469 completionHandler:completionHandler]; | 1531 completionHandler:completionHandler]; |
1470 } else if (completionHandler) { | 1532 } else if (completionHandler) { |
1471 completionHandler(nil); | 1533 completionHandler(nil); |
1472 } | 1534 } |
1473 } | 1535 } |
1474 | 1536 |
1475 @end | 1537 @end |
OLD | NEW |