Enable HTTP cleartext configuration for Webview

android_webview/browser/net/aw_url_request_context_getter.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "android_webview/browser/net/aw_url_request_context_getter.h"
 
 #include <utility>
 #include <vector>
 
 #include "android_webview/browser/aw_browser_context.h"
@@ skipping 40 matching lines @@
 #include "net/url_request/url_request_intercepting_job_factory.h"
 #include "net/url_request/url_request_interceptor.h"
 
 using content::BrowserThread;
 
 namespace android_webview {
 
 
 namespace {
 
+#if DCHECK_IS_ON()
+bool g_created_url_request_context_builder = false;
+#endif
+// On apps targeting API level O or later, check cleartext is enforced.
+bool g_check_cleartext_permitted = false;
+
+
 const base::FilePath::CharType kChannelIDFilename[] = "Origin Bound Certs";
 const char kProxyServerSwitch[] = "proxy-server";
 
 void ApplyCmdlineOverridesToHostResolver(
     net::MappedHostResolver* host_resolver) {
   const base::CommandLine& command_line =
       *base::CommandLine::ForCurrentProcess();
   if (command_line.HasSwitch(switches::kHostResolverRules)) {
     // If hostname remappings were specified on the command-line, layer these
     // rules on top of the real host resolver. This allows forwarding all
@@ skipping 184 matching lines @@
 
   std::unique_ptr<net::MappedHostResolver> host_resolver(
       new net::MappedHostResolver(
           net::HostResolver::CreateDefaultResolver(nullptr)));
   ApplyCmdlineOverridesToHostResolver(host_resolver.get());
   builder.SetHttpAuthHandlerFactory(
       CreateAuthHandlerFactory(host_resolver.get()));
   builder.set_host_resolver(std::move(host_resolver));
 
   url_request_context_ = builder.Build();
+#if DCHECK_IS_ON()
+  g_created_url_request_context_builder = true;
+#endif
+  url_request_context_->set_check_cleartext_permitted(
+    g_check_cleartext_permitted);
 
   job_factory_ =
       CreateJobFactory(&protocol_handlers_, std::move(request_interceptors_));
   url_request_context_->set_job_factory(job_factory_.get());
   url_request_context_->set_http_user_agent_settings(
       http_user_agent_settings_.get());
 }
 
 net::URLRequestContext* AwURLRequestContextGetter::GetURLRequestContext() {
   DCHECK_CURRENTLY_ON(BrowserThread::IO);
@@ skipping 12 matching lines @@
     content::ProtocolHandlerMap* protocol_handlers,
     content::URLRequestInterceptorScopedVector request_interceptors) {
   std::swap(protocol_handlers_, *protocol_handlers);
   request_interceptors_.swap(request_interceptors);
 }
 
 net::NetLog* AwURLRequestContextGetter::GetNetLog() {
   return net_log_.get();
 }
 
+// static
+void AwURLRequestContextGetter::set_check_cleartext_permitted(bool permitted) {
+    DCHECK(!g_created_url_request_context_builder);
+    g_check_cleartext_permitted = permitted;
+}
+
 std::unique_ptr<net::HttpAuthHandlerFactory>
 AwURLRequestContextGetter::CreateAuthHandlerFactory(
     net::HostResolver* resolver) {
   DCHECK(resolver);
 
   // In Chrome this is configurable via the AuthSchemes policy. For WebView
   // there is no interest to have it available so far.
   std::vector<std::string> supported_schemes = {"basic", "digest", "ntlm",
                                                 "negotiate"};
   http_auth_preferences_.reset(new net::HttpAuthPreferences(supported_schemes));
 
   UpdateServerWhitelist();
   UpdateAndroidAuthNegotiateAccountType();
 
   return net::HttpAuthHandlerRegistryFactory::Create(
       http_auth_preferences_.get(), resolver);
 }
 
 void AwURLRequestContextGetter::UpdateServerWhitelist() {
   http_auth_preferences_->set_server_whitelist(
       auth_server_whitelist_.GetValue());
 }
 
 void AwURLRequestContextGetter::UpdateAndroidAuthNegotiateAccountType() {
   http_auth_preferences_->set_auth_android_negotiate_account_type(
       auth_android_negotiate_account_type_.GetValue());
 }
 
 }  // namespace android_webview