Prevent usage of web payments API over insecure HTTPS.

chrome/android/java/src/org/chromium/chrome/browser/payments/PaymentRequestImpl.java

 // Copyright 2016 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 package org.chromium.chrome.browser.payments;
 
 import android.app.Activity;
 import android.content.Context;
 import android.content.Intent;
 import android.graphics.Bitmap;
@@ skipping 27 matching lines @@
 import org.chromium.chrome.browser.profiles.Profile;
 import org.chromium.chrome.browser.tab.Tab;
 import org.chromium.chrome.browser.tabmodel.EmptyTabModelObserver;
 import org.chromium.chrome.browser.tabmodel.EmptyTabModelSelectorObserver;
 import org.chromium.chrome.browser.tabmodel.TabModel;
 import org.chromium.chrome.browser.tabmodel.TabModel.TabSelectionType;
 import org.chromium.chrome.browser.tabmodel.TabModelObserver;
 import org.chromium.chrome.browser.tabmodel.TabModelSelector;
 import org.chromium.chrome.browser.tabmodel.TabModelSelectorObserver;
 import org.chromium.components.payments.CurrencyFormatter;
+import org.chromium.components.payments.OriginSecurityChecker;
 import org.chromium.components.payments.PaymentValidator;
 import org.chromium.components.url_formatter.UrlFormatter;
 import org.chromium.content_public.browser.RenderFrameHost;
 import org.chromium.content_public.browser.WebContents;
 import org.chromium.content_public.browser.WebContentsStatics;
 import org.chromium.mojo.system.MojoException;
 import org.chromium.payments.mojom.CanMakePaymentQueryResult;
 import org.chromium.payments.mojom.PaymentComplete;
 import org.chromium.payments.mojom.PaymentDetails;
 import org.chromium.payments.mojom.PaymentDetailsModifier;
@@ skipping 340 matching lines @@
 
     /**
      * Called by the merchant website to initialize the payment request data.
      */
     @Override
     public void init(PaymentRequestClient client, PaymentMethodData[] methodData,
             PaymentDetails details, PaymentOptions options) {
         if (mClient != null || client == null) return;
         mClient = client;
 
+        if (!OriginSecurityChecker.isSecureOrigin(mWebContents.getLastCommittedUrl())) {
+            recordAbortReasonHistogram(
+                    PaymentRequestMetrics.ABORT_REASON_INVALID_DATA_FROM_RENDERER);
+            disconnectFromClientWithDebugMessage("Not in a secure context");
+            return;
+        }
+
+        mRequestShipping = options != null && options.requestShipping;
+        mRequestPayerName = options != null && options.requestPayerName;
+        mRequestPayerPhone = options != null && options.requestPayerPhone;
+        mRequestPayerEmail = options != null && options.requestPayerEmail;
+        mShippingType = options == null ? PaymentShippingType.SHIPPING : options.shippingType;
+
+        PaymentRequestMetrics.recordRequestedInformationHistogram(
+                mRequestPayerEmail, mRequestPayerPhone, mRequestShipping, mRequestPayerName);
+
+        if (OriginSecurityChecker.isCryptographicScheme(mWebContents.getLastCommittedUrl())
+                && !SslValidityChecker.isValidSslCertificate(mWebContents)) {
+            Log.d(TAG, "SSL certificate is not valid");
+            // Don't show any UI. Resolve .canMakePayment() with "false". Reject .show() with
+            // "NotSupportedError".
+            onAllPaymentAppsCreated();
+            return;
+        }
+
         if (mMethodData != null) {
             disconnectFromClientWithDebugMessage("PaymentRequest.show() called more than once.");
             recordAbortReasonHistogram(
                     PaymentRequestMetrics.ABORT_REASON_INVALID_DATA_FROM_RENDERER);
             return;
         }
 
         mMethodData = getValidatedMethodData(methodData, mCardEditor);
         if (mMethodData == null) {
             disconnectFromClientWithDebugMessage("Invalid payment methods or data");
             recordAbortReasonHistogram(
                     PaymentRequestMetrics.ABORT_REASON_INVALID_DATA_FROM_RENDERER);
             return;
         }
 
         if (!parseAndValidateDetailsOrDisconnectFromClient(details)) return;
 
         if (mRawTotal == null) {
             disconnectFromClientWithDebugMessage("Missing total");
             recordAbortReasonHistogram(
                     PaymentRequestMetrics.ABORT_REASON_INVALID_DATA_FROM_RENDERER);
             return;
         }
 
         PaymentAppFactory.getInstance().create(mWebContents,
                 Collections.unmodifiableSet(mMethodData.keySet()), this /* callback */);
 
-        mRequestShipping = options != null && options.requestShipping;
-        mRequestPayerName = options != null && options.requestPayerName;
-        mRequestPayerPhone = options != null && options.requestPayerPhone;
-        mRequestPayerEmail = options != null && options.requestPayerEmail;
-        mShippingType = options == null ? PaymentShippingType.SHIPPING : options.shippingType;
-
         // If there is a single payment method and the merchant has not requested any other
         // information, we can safely go directly to the payment app instead of showing
         // Payment Request UI.
         mShouldSkipShowingPaymentRequestUi =
                 ChromeFeatureList.isEnabled(ChromeFeatureList.WEB_PAYMENTS_SINGLE_APP_UI_SKIP)
                 && mMethodData.size() == 1 && !mRequestShipping && !mRequestPayerName
                 && !mRequestPayerPhone && !mRequestPayerEmail
                 // Only allowing payment apps that own their own UIs.
                 // This excludes AutofillPaymentApp as its UI is rendered inline in
                 // the payment request UI, thus can't be skipped.
                 && mMethodData.keySet().iterator().next() != null
                 && mMethodData.keySet().iterator().next().startsWith(UrlConstants.HTTPS_URL_PREFIX);
-
-        PaymentRequestMetrics.recordRequestedInformationHistogram(mRequestPayerEmail,
-                mRequestPayerPhone, mRequestShipping, mRequestPayerName);
     }
 
     private void buildUI(Activity activity) {
         assert activity != null;
 
         List<AutofillProfile> profiles = null;
         if (mRequestShipping || mRequestPayerName || mRequestPayerPhone || mRequestPayerEmail) {
             profiles = PersonalDataManager.getInstance().getProfilesToSuggest(
                     false /* includeNameInLabel */);
         }
@@ skipping 1223 matching lines @@
 
     /**
      * The frecency score is calculated according to use count and last use date. The formula is
      * the same as the one used in GetFrecencyScore in autofill_data_model.cc.
      */
     private static final double getFrecencyScore(int count, long date) {
         long currentTime = System.currentTimeMillis();
         return -Math.log((currentTime - date) / (24 * 60 * 60 * 1000) + 2) / Math.log(count + 2);
     }
 }