content/browser/devtools/protocol/security_handler.cc - Issue 2639203003: Add certificate error handling to devtools.

Side by Side Diff: content/browser/devtools/protocol/security_handler.cc

Issue 2639203003: Add certificate error handling to devtools. (Closed)

Patch Set: Add event parameters Created 3 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

OLD	NEW
1 // Copyright 2015 The Chromium Authors. All rights reserved.	1 // Copyright 2015 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "content/browser/devtools/protocol/security_handler.h"	5 #include "content/browser/devtools/protocol/security_handler.h"

6	6

7 #include <string>	7 #include <string>

8	8

9 #include "content/browser/frame_host/render_frame_host_impl.h"	9 #include "content/browser/frame_host/render_frame_host_impl.h"

10 #include "content/public/browser/navigation_controller.h"	10 #include "content/public/browser/navigation_controller.h"

(...skipping 41 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
52 .SetHasCertificate(it.has_certificate)	52 .SetHasCertificate(it.has_certificate)

53 .Build());	53 .Build());

54 }	54 }

55 }	55 }

56	56

57 } // namespace	57 } // namespace

58	58

59 SecurityHandler::SecurityHandler()	59 SecurityHandler::SecurityHandler()

60 : DevToolsDomainHandler(Security::Metainfo::domainName),	60 : DevToolsDomainHandler(Security::Metainfo::domainName),

61 enabled_(false),	61 enabled_(false),

62 host_(nullptr) {	62 host_(nullptr),

63 }	63 last_cert_error_id_(0),

	64 certificate_error_enabled_(false) {}

64	65

65 SecurityHandler::~SecurityHandler() {	66 SecurityHandler::~SecurityHandler() {

66 }	67 }

67	68

68 void SecurityHandler::Wire(UberDispatcher* dispatcher) {	69 void SecurityHandler::Wire(UberDispatcher* dispatcher) {

69 frontend_.reset(new Security::Frontend(dispatcher->channel()));	70 frontend_.reset(new Security::Frontend(dispatcher->channel()));

70 Security::Dispatcher::wire(dispatcher, this);	71 Security::Dispatcher::wire(dispatcher, this);

71 }	72 }

72	73

73 void SecurityHandler::AttachToRenderFrameHost() {	74 void SecurityHandler::AttachToRenderFrameHost() {

(...skipping 55 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
129 .Build();	130 .Build();

130	131

131 frontend_->SecurityStateChanged(	132 frontend_->SecurityStateChanged(

132 security_state,	133 security_state,

133 security_style_explanations.scheme_is_cryptographic,	134 security_style_explanations.scheme_is_cryptographic,

134 std::move(explanations),	135 std::move(explanations),

135 std::move(insecure_status),	136 std::move(insecure_status),

136 Maybe<std::string>(security_style_explanations.summary));	137 Maybe<std::string>(security_style_explanations.summary));

137 }	138 }

138	139

	140 bool SecurityHandler::NotifyCertificateError(int cert_error,

	141 const GURL& request_url,

	142 CertErrorCallback handler) {

	143 frontend_->CertificateError(++last_cert_error_id_,

	144 net::ErrorToShortString(cert_error),
	Eric Seckler 2017/02/14 18:42:25 might be useful to have this both as descriptive s might be useful to have this both as descriptive string and as error code? irisu 2017/02/16 00:24:30 Done. Show quoted text On 2017/02/14 18:42:25, Eric Seckler wrote: > might be useful to have this both as descriptive string and as error code? Done.
	145 request_url.spec());

	146 if (!certificate_error_enabled_)

	147 return false;

	148 callbacks_[last_cert_error_id_] = handler;

	149 return true;

	150 }

	151

139 Response SecurityHandler::Enable() {	152 Response SecurityHandler::Enable() {

140 enabled_ = true;	153 enabled_ = true;

141 if (host_)	154 if (host_)

142 AttachToRenderFrameHost();	155 AttachToRenderFrameHost();

143	156

144 return Response::OK();	157 return Response::OK();

145 }	158 }

146	159

147 Response SecurityHandler::Disable() {	160 Response SecurityHandler::Disable() {

148 enabled_ = false;	161 enabled_ = false;

149 WebContentsObserver::Observe(nullptr);	162 WebContentsObserver::Observe(nullptr);

	163 for (auto callback : callbacks_)

	164 callback.second.Run(content::CERTIFICATE_REQUEST_RESULT_TYPE_CANCEL);

	165 callbacks_.clear();

150 return Response::OK();	166 return Response::OK();

151 }	167 }

152	168

153 Response SecurityHandler::ShowCertificateViewer() {	169 Response SecurityHandler::ShowCertificateViewer() {

154 if (!host_)	170 if (!host_)

155 return Response::InternalError();	171 return Response::InternalError();

156 WebContents* web_contents = WebContents::FromRenderFrameHost(host_);	172 WebContents* web_contents = WebContents::FromRenderFrameHost(host_);

157 scoped_refptr<net::X509Certificate> certificate =	173 scoped_refptr<net::X509Certificate> certificate =

158 web_contents->GetController().GetVisibleEntry()->GetSSL().certificate;	174 web_contents->GetController().GetVisibleEntry()->GetSSL().certificate;

159 if (!certificate)	175 if (!certificate)

160 return Response::Error("Could not find certificate");	176 return Response::Error("Could not find certificate");

161 web_contents->GetDelegate()->ShowCertificateViewerInDevTools(	177 web_contents->GetDelegate()->ShowCertificateViewerInDevTools(

162 web_contents, certificate);	178 web_contents, certificate);

163 return Response::OK();	179 return Response::OK();

164 }	180 }

165	181

	182 Response SecurityHandler::HandleCertificateError(int event_id,

	183 const String& action) {

	184 content::CertificateRequestResultType type =

	185 content::CERTIFICATE_REQUEST_RESULT_TYPE_DENY;

	186 Response response = Response::OK();

	187 if (action == "continue") {
	pfeldman 2017/02/14 19:00:24 CertificateErrorActionTypeEnum::Continue CertificateErrorActionTypeEnum::Continue irisu 2017/02/16 00:24:30 Done. Show quoted text On 2017/02/14 19:00:24, pfeldman wrote: > CertificateErrorActionTypeEnum::Continue Done.
	188 type = content::CERTIFICATE_REQUEST_RESULT_TYPE_CONTINUE;

	189 } else if (action == "cancel") {

	190 type = content::CERTIFICATE_REQUEST_RESULT_TYPE_CANCEL;

	191 } else if (action == "deny") {

	192 type = content::CERTIFICATE_REQUEST_RESULT_TYPE_DENY;

	193 } else {

	194 response =

	195 Response::Error(String("Unknown Certificate Error Action: " + action));

	196 }

	197 if (callbacks_.find(event_id) == callbacks_.end()) {
	pfeldman 2017/02/14 19:00:24 You could do this first. You could do this first. irisu 2017/02/16 00:24:30 Done. Show quoted text On 2017/02/14 19:00:24, pfeldman wrote: > You could do this first. Done.
	198 return Response::Error(

	199 String("Unknown event id: " + std::to_string(event_id)));

	200 }

	201 callbacks_[event_id].Run(type);

	202 callbacks_.erase(event_id);

	203 return response;

	204 }

	205

	206 Response SecurityHandler::SetOverrideCertificateErrors(bool override) {

	207 if (override && !enabled_)

	208 return Response::Error("Security not enabled");
	pfeldman 2017/02/14 19:00:24 Security domain not enabled Security domain not enabled irisu 2017/02/16 00:24:30 Done. Show quoted text On 2017/02/14 19:00:24, pfeldman wrote: > Security domain not enabled Done.
	209 certificate_error_enabled_ = override;
	pfeldman 2017/02/14 19:00:24 If override == false, you want to flush existing p If override == false, you want to flush existing pending requests. Also, you might want to flush everything upon navigation. irisu 2017/02/16 00:24:30 Done. Show quoted text On 2017/02/14 19:00:24, pfeldman wrote: > If override == false, you want to flush existing pending requests. Also, you > might want to flush everything upon navigation. Done.
	210 return Response::OK();

	211 }

	212

166 } // namespace protocol	213 } // namespace protocol

167 } // namespace content	214 } // namespace content

OLD	NEW