Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(215)

Unified Diff: content/browser/devtools/protocol/security_handler.cc

Issue 2639203003: Add certificate error handling to devtools. (Closed)
Patch Set: plumb error through agent host Created 3 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: content/browser/devtools/protocol/security_handler.cc
diff --git a/content/browser/devtools/protocol/security_handler.cc b/content/browser/devtools/protocol/security_handler.cc
index cf214a7fc8782702fab8d8bb77bc1a9cd7b96764..c0ce2ed7bd1c3162d099255a6468b52503ac4e9a 100644
--- a/content/browser/devtools/protocol/security_handler.cc
+++ b/content/browser/devtools/protocol/security_handler.cc
@@ -6,6 +6,7 @@
#include <string>
+#include "content/browser/devtools/devtools_session.h"
#include "content/browser/frame_host/render_frame_host_impl.h"
#include "content/public/browser/navigation_controller.h"
#include "content/public/browser/navigation_entry.h"
@@ -59,12 +60,19 @@ void AddExplanations(
SecurityHandler::SecurityHandler()
: DevToolsDomainHandler(Security::Metainfo::domainName),
enabled_(false),
- host_(nullptr) {
-}
+ host_(nullptr),
+ last_cert_error_id_(0),
pfeldman 2017/02/16 01:35:34 you no longer need these!
irisu 2017/02/16 04:47:32 Done.
+ certificate_error_enabled_(false) {}
SecurityHandler::~SecurityHandler() {
}
+// static
+SecurityHandler* SecurityHandler::FromSession(DevToolsSession* session) {
+ return static_cast<SecurityHandler*>(
+ session->GetHandlerByName(Security::Metainfo::domainName));
+}
+
void SecurityHandler::Wire(UberDispatcher* dispatcher) {
frontend_.reset(new Security::Frontend(dispatcher->channel()));
Security::Dispatcher::wire(dispatcher, this);
@@ -136,6 +144,30 @@ void SecurityHandler::DidChangeVisibleSecurityState() {
Maybe<std::string>(security_style_explanations.summary));
}
+void SecurityHandler::DidFinishLoad(RenderFrameHost* render_frame_host,
+ const GURL& validated_url) {
+ if (certificate_error_enabled_)
+ FlushPendingRequests();
+}
+
+void SecurityHandler::FlushPendingRequests() {
+ for (auto callback : callbacks_)
+ callback.second.Run(content::CERTIFICATE_REQUEST_RESULT_TYPE_CANCEL);
+ callbacks_.clear();
+}
+
+bool SecurityHandler::NotifyCertificateError(int cert_error,
+ const GURL& request_url,
+ CertErrorCallback handler) {
+ frontend_->CertificateError(++last_cert_error_id_, cert_error,
pfeldman 2017/02/16 01:35:34 if (!enabled_) return;
irisu 2017/02/16 04:47:32 Done.
+ net::ErrorToShortString(cert_error),
pfeldman 2017/02/16 01:35:34 cert_error is internal to chrome, so we should not
Eric Seckler 2017/02/16 02:01:07 Shall we add an enum type to the Security domain t
+ request_url.spec());
+ if (!certificate_error_enabled_)
pfeldman 2017/02/16 01:35:34 nit: this now needs a new name (certificate_errors
irisu 2017/02/16 04:47:32 Done.
+ return false;
+ callbacks_[last_cert_error_id_] = handler;
+ return true;
+}
+
Response SecurityHandler::Enable() {
enabled_ = true;
if (host_)
@@ -146,7 +178,9 @@ Response SecurityHandler::Enable() {
Response SecurityHandler::Disable() {
enabled_ = false;
+ certificate_error_enabled_ = false;
WebContentsObserver::Observe(nullptr);
+ FlushPendingRequests();
return Response::OK();
}
@@ -163,5 +197,38 @@ Response SecurityHandler::ShowCertificateViewer() {
return Response::OK();
}
+Response SecurityHandler::HandleCertificateError(int event_id,
+ const String& action) {
+ if (callbacks_.find(event_id) == callbacks_.end()) {
+ return Response::Error(
+ String("Unknown event id: " + std::to_string(event_id)));
+ }
+ content::CertificateRequestResultType type =
+ content::CERTIFICATE_REQUEST_RESULT_TYPE_DENY;
+ Response response = Response::OK();
+ if (action == Security::CertificateErrorActionEnum::Continue) {
+ type = content::CERTIFICATE_REQUEST_RESULT_TYPE_CONTINUE;
+ } else if (action == Security::CertificateErrorActionEnum::Cancel) {
+ type = content::CERTIFICATE_REQUEST_RESULT_TYPE_CANCEL;
+ } else if (action == Security::CertificateErrorActionEnum::Deny) {
+ type = content::CERTIFICATE_REQUEST_RESULT_TYPE_DENY;
+ } else {
+ response =
+ Response::Error(String("Unknown Certificate Error Action: " + action));
+ }
+ callbacks_[event_id].Run(type);
+ callbacks_.erase(event_id);
+ return response;
+}
+
+Response SecurityHandler::SetOverrideCertificateErrors(bool override) {
+ if (override && !enabled_)
+ return Response::Error("Security domain not enabled");
+ certificate_error_enabled_ = override;
+ if (!override)
+ FlushPendingRequests();
+ return Response::OK();
+}
+
} // namespace protocol
} // namespace content

Powered by Google App Engine
This is Rietveld 408576698