chrome/browser/ssl/ssl_error_handler.h - Issue 2620203003: Add initial version of captive portal list checking.

Side by Side Diff: chrome/browser/ssl/ssl_error_handler.h

Issue 2620203003: Add initial version of captive portal list checking. (Closed)

Patch Set: estark comments Created 3 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

OLD	NEW
1 // Copyright 2014 The Chromium Authors. All rights reserved.	1 // Copyright 2014 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #ifndef CHROME_BROWSER_SSL_SSL_ERROR_HANDLER_H_	5 #ifndef CHROME_BROWSER_SSL_SSL_ERROR_HANDLER_H_

6 #define CHROME_BROWSER_SSL_SSL_ERROR_HANDLER_H_	6 #define CHROME_BROWSER_SSL_SSL_ERROR_HANDLER_H_

7	7

8 #include <string>	8 #include <string>

9	9

10 #include "base/callback_forward.h"	10 #include "base/callback_forward.h"

11 #include "base/macros.h"	11 #include "base/macros.h"

12 #include "base/memory/weak_ptr.h"	12 #include "base/memory/weak_ptr.h"

13 #include "base/timer/timer.h"	13 #include "base/timer/timer.h"

14 #include "chrome/browser/chrome_notification_types.h"	14 #include "chrome/browser/chrome_notification_types.h"

15 #include "chrome/browser/profiles/profile.h"	15 #include "chrome/browser/profiles/profile.h"

16 #include "chrome/browser/ssl/common_name_mismatch_handler.h"	16 #include "chrome/browser/ssl/common_name_mismatch_handler.h"

17 #include "chrome/browser/ssl/ssl_cert_reporter.h"	17 #include "chrome/browser/ssl/ssl_cert_reporter.h"

	18 #include "chrome/browser/ssl/tls_error_assistant.pb.h"

18 #include "components/ssl_errors/error_classification.h"	19 #include "components/ssl_errors/error_classification.h"

19 #include "content/public/browser/notification_observer.h"	20 #include "content/public/browser/notification_observer.h"

20 #include "content/public/browser/notification_registrar.h"	21 #include "content/public/browser/notification_registrar.h"

21 #include "content/public/browser/restore_type.h"	22 #include "content/public/browser/restore_type.h"

22 #include "content/public/browser/web_contents_observer.h"	23 #include "content/public/browser/web_contents_observer.h"

23 #include "content/public/browser/web_contents_user_data.h"	24 #include "content/public/browser/web_contents_user_data.h"

24 #include "net/ssl/ssl_info.h"	25 #include "net/ssl/ssl_info.h"

25 #include "url/gurl.h"	26 #include "url/gurl.h"

26	27

27 class CommonNameMismatchHandler;	28 class CommonNameMismatchHandler;

28 class Profile;	29 class Profile;

29	30

30 namespace base {	31 namespace base {

31 class Clock;	32 class Clock;

32 class TimeDelta;	33 class TimeDelta;

33 }	34 }

34	35

35 namespace content {	36 namespace content {

36 class WebContents;	37 class WebContents;

37 }	38 }

38	39

39 namespace network_time {	40 namespace network_time {

40 class NetworkTimeTracker;	41 class NetworkTimeTracker;

41 }	42 }

42	43

43 // This class is responsible for deciding what type of interstitial to show for	44 // This class is responsible for deciding what type of interstitial to show for

44 // an SSL validation error. The display of the interstitial might be delayed by	45 // an SSL validation error. The display of the interstitial might be delayed by
	estark 2017/01/20 23:31:18 optional clarification request while you're here: optional clarification request while you're here: this class also actually shows the interstitial, right? If so, I think it might be useful to add "and showing it" to the end of the first sentence. meacer 2017/01/31 00:22:47 Done. Show quoted text On 2017/01/20 23:31:18, estark wrote: > optional clarification request while you're here: this class also actually shows > the interstitial, right? If so, I think it might be useful to add "and showing > it" to the end of the first sentence. Done.
45 // a few seconds while trying to determine the cause of the error. During this	46 // a few seconds while trying to determine the cause of the error. During this

46 // window, the class will: check for a clock error, wait for a name-mismatch	47 // window, the class will:

47 // suggested URL, or wait for a captive portal result to arrive. If there is a	48 // - Check for a clock error

48 // name mismatch error and a corresponding suggested URL result arrives in this	49 // - Check for a known captive portal certificate SPKI

49 // window, the user is redirected to the suggested URL.	50 // - Wait for a name-mismatch suggested URL

	51 // - or Wait for a captive portal result to arrive.

	52 // If there is a name mismatch error and a corresponding suggested URL result
	estark 2017/01/20 23:31:18 Hmm, these lines 52-56 have rotted a bit; for exam Hmm, these lines 52-56 have rotted a bit; for example they don't mention how clock errors fit in. Consider rewriting as: Based on the result of these checks, SSLErrorHandler will show a customized interstitial, redirect to a different suggested URL, or, if all else fails, show the normal SSL interstitial. meacer 2017/01/31 00:22:47 Done, thanks for the suggestion. Show quoted text On 2017/01/20 23:31:18, estark wrote: > Hmm, these lines 52-56 have rotted a bit; for example they don't mention how > clock errors fit in. Consider rewriting as: > > Based on the result of these checks, SSLErrorHandler will show a customized > interstitial, redirect to a different suggested URL, or, if all else fails, show > the normal SSL interstitial. Done, thanks for the suggestion.
	53 // arrives in this window, the user is redirected to the suggested URL.

50 // Failing that, if a captive portal detected result arrives in the time window,	54 // Failing that, if a captive portal detected result arrives in the time window,

51 // a captive portal error page is shown. If none of these potential error	55 // a captive portal error page is shown. If none of these potential error

52 // causes match, an SSL interstitial is shown.	56 // causes match, an SSL interstitial is shown.

53 //	57 //

54 // This class should only be used on the UI thread because its implementation	58 // This class should only be used on the UI thread because its implementation

55 // uses captive_portal::CaptivePortalService which can only be accessed on the	59 // uses captive_portal::CaptivePortalService which can only be accessed on the

56 // UI thread.	60 // UI thread.

57 class SSLErrorHandler : public content::WebContentsUserData<SSLErrorHandler>,	61 class SSLErrorHandler : public content::WebContentsUserData<SSLErrorHandler>,

58 public content::WebContentsObserver,	62 public content::WebContentsObserver,

59 public content::NotificationObserver {	63 public content::NotificationObserver {

60 public:	64 public:

61 typedef base::Callback<void(content::WebContents*)> TimerStartedCallback;	65 typedef base::Callback<void(content::WebContents*)> TimerStartedCallback;

62	66

	67 // Events for UMA. Public for testing.
	estark 2017/01/20 23:31:18 Since these are histogrammed, they should have an Since these are histogrammed, they should have an explict `= 0` on line 69 and the standard warning about not removing or reordering any of them. meacer 2017/01/31 00:22:47 Done. Show quoted text On 2017/01/20 23:31:18, estark wrote: > Since these are histogrammed, they should have an explict `= 0` on line 69 and > the standard warning about not removing or reordering any of them. Done.
	68 enum UMAEvent {

	69 HANDLE_ALL,

	70 SHOW_CAPTIVE_PORTAL_INTERSTITIAL_NONOVERRIDABLE,

	71 SHOW_CAPTIVE_PORTAL_INTERSTITIAL_OVERRIDABLE,

	72 SHOW_SSL_INTERSTITIAL_NONOVERRIDABLE,

	73 SHOW_SSL_INTERSTITIAL_OVERRIDABLE,

	74 WWW_MISMATCH_FOUND,

	75 WWW_MISMATCH_URL_AVAILABLE,

	76 WWW_MISMATCH_URL_NOT_AVAILABLE,

	77 SHOW_BAD_CLOCK,

	78 CAPTIVE_PORTAL_CERT_FOUND,

	79 SSL_ERROR_HANDLER_EVENT_COUNT

	80 };

	81

63 // Entry point for the class. The parameters are the same as SSLBlockingPage	82 // Entry point for the class. The parameters are the same as SSLBlockingPage

64 // constructor.	83 // constructor.

65 static void HandleSSLError(	84 static void HandleSSLError(

66 content::WebContents* web_contents,	85 content::WebContents* web_contents,

67 int cert_error,	86 int cert_error,

68 const net::SSLInfo& ssl_info,	87 const net::SSLInfo& ssl_info,

69 const GURL& request_url,	88 const GURL& request_url,

70 int options_mask,	89 int options_mask,

71 std::unique_ptr<SSLCertReporter> ssl_cert_reporter,	90 std::unique_ptr<SSLCertReporter> ssl_cert_reporter,

72 const base::Callback<void(content::CertificateRequestResultType)>&	91 const base::Callback<void(content::CertificateRequestResultType)>&

73 callback);	92 callback);

74	93

75 // Testing methods.	94 // Testing methods.

76 static void SetInterstitialDelayForTesting(const base::TimeDelta& delay);	95 static void SetInterstitialDelayForTesting(const base::TimeDelta& delay);

77 // The callback pointer must remain valid for the duration of error handling.	96 // The callback pointer must remain valid for the duration of error handling.

78 static void SetInterstitialTimerStartedCallbackForTesting(	97 static void SetInterstitialTimerStartedCallbackForTesting(

79 TimerStartedCallback* callback);	98 TimerStartedCallback* callback);

80 static void SetClockForTesting(base::Clock* testing_clock);	99 static void SetClockForTesting(base::Clock* testing_clock);

81 static void SetNetworkTimeTrackerForTesting(	100 static void SetNetworkTimeTrackerForTesting(

82 network_time::NetworkTimeTracker* tracker);	101 network_time::NetworkTimeTracker* tracker);

	102 static void SetErrorAssistantProtoForTesting(

	103 const chrome_browser_ssl::TLSErrorAssistantConfig& config_proto);

	104
	estark 2017/01/20 23:31:18 nit: no blank line here so that GetHistogramName i nit: no blank line here so that GetHistogramName is in the "Testing methods" block (or give them all blank lines) meacer 2017/01/31 00:22:47 Done. Show quoted text On 2017/01/20 23:31:18, estark wrote: > nit: no blank line here so that GetHistogramName is in the "Testing methods" > block > > (or give them all blank lines) Done.
	105 static std::string GetHistogramNameForTesting();

83	106

84 protected:	107 protected:

85 // The parameters are the same as SSLBlockingPage's constructor.	108 // The parameters are the same as SSLBlockingPage's constructor.

86 SSLErrorHandler(content::WebContents* web_contents,	109 SSLErrorHandler(content::WebContents* web_contents,

87 int cert_error,	110 int cert_error,

88 const net::SSLInfo& ssl_info,	111 const net::SSLInfo& ssl_info,

89 const GURL& request_url,	112 const GURL& request_url,

90 int options_mask,	113 int options_mask,

91 std::unique_ptr<SSLCertReporter> ssl_cert_reporter,	114 std::unique_ptr<SSLCertReporter> ssl_cert_reporter,

92 const base::Callback<	115 const base::Callback<

(...skipping 60 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
153 std::unique_ptr<CommonNameMismatchHandler> common_name_mismatch_handler_;	176 std::unique_ptr<CommonNameMismatchHandler> common_name_mismatch_handler_;

154	177

155 std::unique_ptr<SSLCertReporter> ssl_cert_reporter_;	178 std::unique_ptr<SSLCertReporter> ssl_cert_reporter_;

156	179

157 base::WeakPtrFactory<SSLErrorHandler> weak_ptr_factory_;	180 base::WeakPtrFactory<SSLErrorHandler> weak_ptr_factory_;

158	181

159 DISALLOW_COPY_AND_ASSIGN(SSLErrorHandler);	182 DISALLOW_COPY_AND_ASSIGN(SSLErrorHandler);

160 };	183 };

161	184

162 #endif // CHROME_BROWSER_SSL_SSL_ERROR_HANDLER_H_	185 #endif // CHROME_BROWSER_SSL_SSL_ERROR_HANDLER_H_

OLD	NEW