OLD | NEW |
---|---|
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/devtools/protocol/security_handler.h" | 5 #include "content/browser/devtools/protocol/security_handler.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 | 8 |
9 #include "content/browser/devtools/devtools_session.h" | 9 #include "content/browser/devtools/devtools_session.h" |
10 #include "content/browser/frame_host/render_frame_host_impl.h" | 10 #include "content/browser/frame_host/render_frame_host_impl.h" |
(...skipping 128 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
139 .Build(); | 139 .Build(); |
140 | 140 |
141 frontend_->SecurityStateChanged( | 141 frontend_->SecurityStateChanged( |
142 security_state, | 142 security_state, |
143 security_style_explanations.scheme_is_cryptographic, | 143 security_style_explanations.scheme_is_cryptographic, |
144 std::move(explanations), | 144 std::move(explanations), |
145 std::move(insecure_status), | 145 std::move(insecure_status), |
146 Maybe<std::string>(security_style_explanations.summary)); | 146 Maybe<std::string>(security_style_explanations.summary)); |
147 } | 147 } |
148 | 148 |
149 void SecurityHandler::DidFinishNavigation(NavigationHandle* navigation_handle) { | |
150 if (certificate_errors_overriden_) | |
151 FlushPendingRequests(); | |
152 } | |
153 | |
154 void SecurityHandler::FlushPendingRequests() { | |
155 for (auto callback : callbacks_) | |
156 callback.second.Run(content::CERTIFICATE_REQUEST_RESULT_TYPE_CANCEL); | |
157 callbacks_.clear(); | |
158 } | |
159 | |
160 bool SecurityHandler::NotifyCertificateError(int cert_error, | |
161 const GURL& request_url, | |
162 CertErrorCallback handler) { | |
163 if (!enabled_) | |
164 return false; | |
165 frontend_->CertificateError(++last_cert_error_id_, | |
estark
2017/02/28 23:34:01
Is it necessary to send the error even if |certifi
irisu
2017/03/06 11:56:48
@pfeldman earlier commented that the error should
estark
2017/03/09 00:24:30
Either way sounds fine to me; I'm not too worried
irisu
2017/03/13 01:56:56
Done.
| |
166 net::ErrorToShortString(cert_error), | |
167 request_url.spec()); | |
168 if (!certificate_errors_overriden_) | |
169 return false; | |
170 callbacks_[last_cert_error_id_] = handler; | |
171 return true; | |
172 } | |
173 | |
149 Response SecurityHandler::Enable() { | 174 Response SecurityHandler::Enable() { |
150 enabled_ = true; | 175 enabled_ = true; |
151 if (host_) | 176 if (host_) |
152 AttachToRenderFrameHost(); | 177 AttachToRenderFrameHost(); |
153 | 178 |
154 return Response::OK(); | 179 return Response::OK(); |
155 } | 180 } |
156 | 181 |
157 Response SecurityHandler::Disable() { | 182 Response SecurityHandler::Disable() { |
158 enabled_ = false; | 183 enabled_ = false; |
184 certificate_errors_overriden_ = false; | |
159 WebContentsObserver::Observe(nullptr); | 185 WebContentsObserver::Observe(nullptr); |
186 FlushPendingRequests(); | |
160 return Response::OK(); | 187 return Response::OK(); |
161 } | 188 } |
162 | 189 |
163 Response SecurityHandler::ShowCertificateViewer() { | 190 Response SecurityHandler::ShowCertificateViewer() { |
164 if (!host_) | 191 if (!host_) |
165 return Response::InternalError(); | 192 return Response::InternalError(); |
166 WebContents* web_contents = WebContents::FromRenderFrameHost(host_); | 193 WebContents* web_contents = WebContents::FromRenderFrameHost(host_); |
167 scoped_refptr<net::X509Certificate> certificate = | 194 scoped_refptr<net::X509Certificate> certificate = |
168 web_contents->GetController().GetVisibleEntry()->GetSSL().certificate; | 195 web_contents->GetController().GetVisibleEntry()->GetSSL().certificate; |
169 if (!certificate) | 196 if (!certificate) |
170 return Response::Error("Could not find certificate"); | 197 return Response::Error("Could not find certificate"); |
171 web_contents->GetDelegate()->ShowCertificateViewerInDevTools( | 198 web_contents->GetDelegate()->ShowCertificateViewerInDevTools( |
172 web_contents, certificate); | 199 web_contents, certificate); |
173 return Response::OK(); | 200 return Response::OK(); |
174 } | 201 } |
175 | 202 |
203 Response SecurityHandler::HandleCertificateError(int event_id, | |
204 const String& action) { | |
205 if (callbacks_.find(event_id) == callbacks_.end()) { | |
estark
2017/02/28 23:34:01
Is it possible for one devtools process to send a
irisu
2017/03/06 11:56:48
I'll defer this one to the devtools people: @dgozm
| |
206 return Response::Error( | |
207 String("Unknown event id: " + std::to_string(event_id))); | |
208 } | |
209 content::CertificateRequestResultType type = | |
210 content::CERTIFICATE_REQUEST_RESULT_TYPE_DENY; | |
211 Response response = Response::OK(); | |
212 if (action == Security::CertificateErrorActionEnum::Continue) { | |
213 type = content::CERTIFICATE_REQUEST_RESULT_TYPE_CONTINUE; | |
214 } else if (action == Security::CertificateErrorActionEnum::Cancel) { | |
215 type = content::CERTIFICATE_REQUEST_RESULT_TYPE_CANCEL; | |
estark
2017/02/28 23:34:01
Do we need to expose both CANCEL and DENY to devto
irisu
2017/03/06 11:56:48
Done.
| |
216 } else if (action == Security::CertificateErrorActionEnum::Deny) { | |
217 type = content::CERTIFICATE_REQUEST_RESULT_TYPE_DENY; | |
218 } else { | |
219 response = | |
220 Response::Error(String("Unknown Certificate Error Action: " + action)); | |
221 } | |
222 callbacks_[event_id].Run(type); | |
223 callbacks_.erase(event_id); | |
224 return response; | |
225 } | |
226 | |
227 Response SecurityHandler::SetOverrideCertificateErrors(bool override) { | |
228 if (override && !enabled_) | |
229 return Response::Error("Security domain not enabled"); | |
230 certificate_errors_overriden_ = override; | |
231 if (!override) | |
232 FlushPendingRequests(); | |
233 return Response::OK(); | |
234 } | |
235 | |
176 } // namespace protocol | 236 } // namespace protocol |
177 } // namespace content | 237 } // namespace content |
OLD | NEW |