OLD | NEW |
---|---|
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/devtools/protocol/security_handler.h" | 5 #include "content/browser/devtools/protocol/security_handler.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 | 8 |
9 #include "content/browser/frame_host/render_frame_host_impl.h" | 9 #include "content/browser/frame_host/render_frame_host_impl.h" |
10 #include "content/public/browser/navigation_controller.h" | 10 #include "content/public/browser/navigation_controller.h" |
(...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
52 .SetHasCertificate(it.has_certificate) | 52 .SetHasCertificate(it.has_certificate) |
53 .Build()); | 53 .Build()); |
54 } | 54 } |
55 } | 55 } |
56 | 56 |
57 } // namespace | 57 } // namespace |
58 | 58 |
59 SecurityHandler::SecurityHandler() | 59 SecurityHandler::SecurityHandler() |
60 : DevToolsDomainHandler(Security::Metainfo::domainName), | 60 : DevToolsDomainHandler(Security::Metainfo::domainName), |
61 enabled_(false), | 61 enabled_(false), |
62 host_(nullptr) { | 62 host_(nullptr), |
63 } | 63 last_cert_error_id_(0), |
64 certificate_error_enabled_(false) {} | |
64 | 65 |
65 SecurityHandler::~SecurityHandler() { | 66 SecurityHandler::~SecurityHandler() { |
66 } | 67 } |
67 | 68 |
68 void SecurityHandler::Wire(UberDispatcher* dispatcher) { | 69 void SecurityHandler::Wire(UberDispatcher* dispatcher) { |
69 frontend_.reset(new Security::Frontend(dispatcher->channel())); | 70 frontend_.reset(new Security::Frontend(dispatcher->channel())); |
70 Security::Dispatcher::wire(dispatcher, this); | 71 Security::Dispatcher::wire(dispatcher, this); |
71 } | 72 } |
72 | 73 |
73 void SecurityHandler::AttachToRenderFrameHost() { | 74 void SecurityHandler::AttachToRenderFrameHost() { |
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
129 .Build(); | 130 .Build(); |
130 | 131 |
131 frontend_->SecurityStateChanged( | 132 frontend_->SecurityStateChanged( |
132 security_state, | 133 security_state, |
133 security_style_explanations.scheme_is_cryptographic, | 134 security_style_explanations.scheme_is_cryptographic, |
134 std::move(explanations), | 135 std::move(explanations), |
135 std::move(insecure_status), | 136 std::move(insecure_status), |
136 Maybe<std::string>(security_style_explanations.summary)); | 137 Maybe<std::string>(security_style_explanations.summary)); |
137 } | 138 } |
138 | 139 |
140 bool SecurityHandler::NotifyCertificateError(CertErrorCallback handler) { | |
141 if (!certificate_error_enabled_) | |
142 return false; | |
143 callbacks_[++last_cert_error_id_] = handler; | |
144 frontend_->CertificateError(last_cert_error_id_); | |
pfeldman
2017/02/08 18:24:00
You should report certificate errors whenever Secu
irisu
2017/02/14 05:46:14
Done.
| |
145 return true; | |
146 } | |
147 | |
139 Response SecurityHandler::Enable() { | 148 Response SecurityHandler::Enable() { |
140 enabled_ = true; | 149 enabled_ = true; |
141 if (host_) | 150 if (host_) |
142 AttachToRenderFrameHost(); | 151 AttachToRenderFrameHost(); |
143 | 152 |
144 return Response::OK(); | 153 return Response::OK(); |
145 } | 154 } |
146 | 155 |
147 Response SecurityHandler::Disable() { | 156 Response SecurityHandler::Disable() { |
pfeldman
2017/02/08 18:24:00
You should release all the handlers here with defa
irisu
2017/02/14 05:46:14
Done.
| |
148 enabled_ = false; | 157 enabled_ = false; |
149 WebContentsObserver::Observe(nullptr); | 158 WebContentsObserver::Observe(nullptr); |
150 return Response::OK(); | 159 return Response::OK(); |
151 } | 160 } |
152 | 161 |
153 Response SecurityHandler::ShowCertificateViewer() { | 162 Response SecurityHandler::ShowCertificateViewer() { |
154 if (!host_) | 163 if (!host_) |
155 return Response::InternalError(); | 164 return Response::InternalError(); |
156 WebContents* web_contents = WebContents::FromRenderFrameHost(host_); | 165 WebContents* web_contents = WebContents::FromRenderFrameHost(host_); |
157 scoped_refptr<net::X509Certificate> certificate = | 166 scoped_refptr<net::X509Certificate> certificate = |
158 web_contents->GetController().GetVisibleEntry()->GetSSL().certificate; | 167 web_contents->GetController().GetVisibleEntry()->GetSSL().certificate; |
159 if (!certificate) | 168 if (!certificate) |
160 return Response::Error("Could not find certificate"); | 169 return Response::Error("Could not find certificate"); |
161 web_contents->GetDelegate()->ShowCertificateViewerInDevTools( | 170 web_contents->GetDelegate()->ShowCertificateViewerInDevTools( |
162 web_contents, certificate); | 171 web_contents, certificate); |
163 return Response::OK(); | 172 return Response::OK(); |
164 } | 173 } |
165 | 174 |
175 Response SecurityHandler::HandleCertificateError(int event_id, | |
176 const String& action) { | |
177 content::CertificateRequestResultType type = | |
178 content::CERTIFICATE_REQUEST_RESULT_TYPE_DENY; | |
179 Response response = Response::OK(); | |
180 if (action == "continue") { | |
181 type = content::CERTIFICATE_REQUEST_RESULT_TYPE_CONTINUE; | |
182 } else if (action == "cancel") { | |
183 type = content::CERTIFICATE_REQUEST_RESULT_TYPE_CANCEL; | |
184 } else if (action == "deny") { | |
185 type = content::CERTIFICATE_REQUEST_RESULT_TYPE_DENY; | |
186 } else { | |
187 response = | |
188 Response::Error(String("Unknown Certificate Error Action: " + action)); | |
189 } | |
190 if (callbacks_.find(event_id) == callbacks_.end()) | |
Sami
2017/02/08 14:58:43
nit: add {} please
irisu
2017/02/14 05:46:14
Done.
| |
191 return Response::Error( | |
192 String("Unknown event id: " + std::to_string(event_id))); | |
193 callbacks_[event_id].Run(type); | |
194 callbacks_.erase(event_id); | |
195 return response; | |
196 } | |
197 | |
198 Response SecurityHandler::EnableCertificateErrorHandling() { | |
199 certificate_error_enabled_ = true; | |
200 if (!enabled_) { | |
Sami
2017/02/08 14:58:43
I think we should just require the user to also ca
pfeldman
2017/02/08 18:24:00
+1, you also need to provide a way to disable it.
irisu
2017/02/14 05:46:14
Done.
| |
201 enabled_ = true; | |
202 if (host_) | |
203 AttachToRenderFrameHost(); | |
204 } | |
205 return Response::OK(); | |
206 } | |
207 | |
166 } // namespace protocol | 208 } // namespace protocol |
167 } // namespace content | 209 } // namespace content |
OLD | NEW |