ios/web/web_state/ui/crw_web_controller.mm - Issue 2096973002: [ios] Do not show SSL interstitial if cert is absent or cannot be parsed

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: ios/web/web_state/ui/crw_web_controller.mm

Issue 2096973002: [ios] Do not show SSL interstitial if cert is absent or cannot be parsed (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Added unittest Created 4 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: ios/web/web_state/ui/crw_web_controller.mm

diff --git a/ios/web/web_state/ui/crw_web_controller.mm b/ios/web/web_state/ui/crw_web_controller.mm

index b886c699a6990c67e09ef077fb9b501db18288f4..ec93d920b864f4e0006664042a9dbaa8e0e22162 100644

--- a/ios/web/web_state/ui/crw_web_controller.mm

+++ b/ios/web/web_state/ui/crw_web_controller.mm

@@ -1931,7 +1931,18 @@ const NSTimeInterval kSnapshotOverlayTransition = 0.5;

const GURL currentUrl = [self currentNavigationURL];

- error = web::NetErrorFromError(error);

+ if (web::IsWKWebViewSSLCertError(error)) {

+ // This could happen only if certificate is absent or could not be parsed.

+ error = web::NetErrorFromError(error, net::ERR_SSL_SERVER_CERT_BAD_FORMAT);

+#if defined(DEBUG)

+ net::SSLInfo info;

+ web::GetSSLInfoFromWKWebViewSSLCertError(error, &info);

+ CHECK(!error.cert);

+#endif

+ } else {

+ error = web::NetErrorFromError(error);

+ }

BOOL isPost = [self isCurrentNavigationItemPOST];

[self setNativeController:[_nativeProvider controllerForURL:currentUrl

withError:error

@@ -4482,13 +4493,17 @@ const NSTimeInterval kSnapshotOverlayTransition = 0.5;

web::SSLStatus status;

status.security_style = web::SECURITY_STYLE_AUTHENTICATION_BROKEN;

status.cert_status = info.cert_status;

- // |info.cert| can be null if certChain in NSError is empty or can not be

- // parsed.

- if (info.cert) {

- status.cert_id = web::CertStore::GetInstance()->StoreCert(info.cert.get(),

- self.certGroupID);

+ if (!info.cert) {

+ // |info.cert| can be null if certChain in NSError is empty or can not be

+ // parsed, in this case do not ask delegate if error should be allowed, it

+ // should not be.

+ [self handleLoadError:error inMainFrame:YES];

+ return;

}

+ status.cert_id = web::CertStore::GetInstance()->StoreCert(info.cert.get(),

+ self.certGroupID);

// Retrieve verification results from _certVerificationErrors cache to avoid

// unnecessary recalculations. Verification results are cached for the leaf

// cert, because the cert chain in |didReceiveAuthenticationChallenge:| is

« no previous file with comments | « ios/web/web_state/error_translation_util_unittest.mm ('k') | no next file » | no next file with comments »