OLD | NEW |
---|---|
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "content/browser/devtools/protocol/security_handler.h" | 5 #include "content/browser/devtools/protocol/security_handler.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 | 8 |
9 #include "content/browser/frame_host/render_frame_host_impl.h" | 9 #include "content/browser/frame_host/render_frame_host_impl.h" |
10 #include "content/public/browser/navigation_controller.h" | 10 #include "content/public/browser/navigation_controller.h" |
(...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
52 .SetHasCertificate(it.has_certificate) | 52 .SetHasCertificate(it.has_certificate) |
53 .Build()); | 53 .Build()); |
54 } | 54 } |
55 } | 55 } |
56 | 56 |
57 } // namespace | 57 } // namespace |
58 | 58 |
59 SecurityHandler::SecurityHandler() | 59 SecurityHandler::SecurityHandler() |
60 : DevToolsDomainHandler(Security::Metainfo::domainName), | 60 : DevToolsDomainHandler(Security::Metainfo::domainName), |
61 enabled_(false), | 61 enabled_(false), |
62 host_(nullptr) { | 62 host_(nullptr), |
63 } | 63 last_cert_error_id_(0), |
64 certificate_error_enabled_(false) {} | |
64 | 65 |
65 SecurityHandler::~SecurityHandler() { | 66 SecurityHandler::~SecurityHandler() { |
66 } | 67 } |
67 | 68 |
68 void SecurityHandler::Wire(UberDispatcher* dispatcher) { | 69 void SecurityHandler::Wire(UberDispatcher* dispatcher) { |
69 frontend_.reset(new Security::Frontend(dispatcher->channel())); | 70 frontend_.reset(new Security::Frontend(dispatcher->channel())); |
70 Security::Dispatcher::wire(dispatcher, this); | 71 Security::Dispatcher::wire(dispatcher, this); |
71 } | 72 } |
72 | 73 |
73 void SecurityHandler::AttachToRenderFrameHost() { | 74 void SecurityHandler::AttachToRenderFrameHost() { |
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
129 .Build(); | 130 .Build(); |
130 | 131 |
131 frontend_->SecurityStateChanged( | 132 frontend_->SecurityStateChanged( |
132 security_state, | 133 security_state, |
133 security_style_explanations.scheme_is_cryptographic, | 134 security_style_explanations.scheme_is_cryptographic, |
134 std::move(explanations), | 135 std::move(explanations), |
135 std::move(insecure_status), | 136 std::move(insecure_status), |
136 Maybe<std::string>(security_style_explanations.summary)); | 137 Maybe<std::string>(security_style_explanations.summary)); |
137 } | 138 } |
138 | 139 |
140 bool SecurityHandler::NotifyCertificateError(int cert_error, | |
141 const GURL& request_url, | |
142 CertErrorCallback handler) { | |
143 frontend_->CertificateError(++last_cert_error_id_, | |
144 net::ErrorToShortString(cert_error), | |
Eric Seckler
2017/02/14 18:42:25
might be useful to have this both as descriptive s
irisu
2017/02/16 00:24:30
Done.
| |
145 request_url.spec()); | |
146 if (!certificate_error_enabled_) | |
147 return false; | |
148 callbacks_[last_cert_error_id_] = handler; | |
149 return true; | |
150 } | |
151 | |
139 Response SecurityHandler::Enable() { | 152 Response SecurityHandler::Enable() { |
140 enabled_ = true; | 153 enabled_ = true; |
141 if (host_) | 154 if (host_) |
142 AttachToRenderFrameHost(); | 155 AttachToRenderFrameHost(); |
143 | 156 |
144 return Response::OK(); | 157 return Response::OK(); |
145 } | 158 } |
146 | 159 |
147 Response SecurityHandler::Disable() { | 160 Response SecurityHandler::Disable() { |
148 enabled_ = false; | 161 enabled_ = false; |
149 WebContentsObserver::Observe(nullptr); | 162 WebContentsObserver::Observe(nullptr); |
163 for (auto callback : callbacks_) | |
164 callback.second.Run(content::CERTIFICATE_REQUEST_RESULT_TYPE_CANCEL); | |
165 callbacks_.clear(); | |
150 return Response::OK(); | 166 return Response::OK(); |
151 } | 167 } |
152 | 168 |
153 Response SecurityHandler::ShowCertificateViewer() { | 169 Response SecurityHandler::ShowCertificateViewer() { |
154 if (!host_) | 170 if (!host_) |
155 return Response::InternalError(); | 171 return Response::InternalError(); |
156 WebContents* web_contents = WebContents::FromRenderFrameHost(host_); | 172 WebContents* web_contents = WebContents::FromRenderFrameHost(host_); |
157 scoped_refptr<net::X509Certificate> certificate = | 173 scoped_refptr<net::X509Certificate> certificate = |
158 web_contents->GetController().GetVisibleEntry()->GetSSL().certificate; | 174 web_contents->GetController().GetVisibleEntry()->GetSSL().certificate; |
159 if (!certificate) | 175 if (!certificate) |
160 return Response::Error("Could not find certificate"); | 176 return Response::Error("Could not find certificate"); |
161 web_contents->GetDelegate()->ShowCertificateViewerInDevTools( | 177 web_contents->GetDelegate()->ShowCertificateViewerInDevTools( |
162 web_contents, certificate); | 178 web_contents, certificate); |
163 return Response::OK(); | 179 return Response::OK(); |
164 } | 180 } |
165 | 181 |
182 Response SecurityHandler::HandleCertificateError(int event_id, | |
183 const String& action) { | |
184 content::CertificateRequestResultType type = | |
185 content::CERTIFICATE_REQUEST_RESULT_TYPE_DENY; | |
186 Response response = Response::OK(); | |
187 if (action == "continue") { | |
pfeldman
2017/02/14 19:00:24
CertificateErrorActionTypeEnum::Continue
irisu
2017/02/16 00:24:30
Done.
| |
188 type = content::CERTIFICATE_REQUEST_RESULT_TYPE_CONTINUE; | |
189 } else if (action == "cancel") { | |
190 type = content::CERTIFICATE_REQUEST_RESULT_TYPE_CANCEL; | |
191 } else if (action == "deny") { | |
192 type = content::CERTIFICATE_REQUEST_RESULT_TYPE_DENY; | |
193 } else { | |
194 response = | |
195 Response::Error(String("Unknown Certificate Error Action: " + action)); | |
196 } | |
197 if (callbacks_.find(event_id) == callbacks_.end()) { | |
pfeldman
2017/02/14 19:00:24
You could do this first.
irisu
2017/02/16 00:24:30
Done.
| |
198 return Response::Error( | |
199 String("Unknown event id: " + std::to_string(event_id))); | |
200 } | |
201 callbacks_[event_id].Run(type); | |
202 callbacks_.erase(event_id); | |
203 return response; | |
204 } | |
205 | |
206 Response SecurityHandler::SetOverrideCertificateErrors(bool override) { | |
207 if (override && !enabled_) | |
208 return Response::Error("Security not enabled"); | |
pfeldman
2017/02/14 19:00:24
Security domain not enabled
irisu
2017/02/16 00:24:30
Done.
| |
209 certificate_error_enabled_ = override; | |
pfeldman
2017/02/14 19:00:24
If override == false, you want to flush existing p
irisu
2017/02/16 00:24:30
Done.
| |
210 return Response::OK(); | |
211 } | |
212 | |
166 } // namespace protocol | 213 } // namespace protocol |
167 } // namespace content | 214 } // namespace content |
OLD | NEW |