components/payments/content/android/java/src/org/chromium/components/payments/OriginSecurityChecker.java - Issue 2815763002: Prevent usage of web payments API over insecure HTTPS.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: components/payments/content/android/java/src/org/chromium/components/payments/OriginSecurityChecker.java

Issue 2815763002: Prevent usage of web payments API over insecure HTTPS. (Closed)

Patch Set: Ganggui's comment. Created 3 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« no previous file with comments | « components/payments/content/android/component_jni_registrar.cc ('k') | components/payments/content/android/origin_security_checker_android.h » ('j') | ios/chrome/browser/payments/payment_request.mm » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: components/payments/content/android/java/src/org/chromium/components/payments/OriginSecurityChecker.java

diff --git a/components/payments/content/android/java/src/org/chromium/components/payments/OriginSecurityChecker.java b/components/payments/content/android/java/src/org/chromium/components/payments/OriginSecurityChecker.java

new file mode 100644

index 0000000000000000000000000000000000000000..d81ca1dc79b2cbbaac293ead1a83047c31c6acd8

--- /dev/null

+++ b/components/payments/content/android/java/src/org/chromium/components/payments/OriginSecurityChecker.java

@@ -0,0 +1,37 @@

+// Use of this source code is governed by a BSD-style license that can be

+// found in the LICENSE file.

+package org.chromium.components.payments;

+import org.chromium.base.annotations.JNINamespace;

+/** Helper for origin security. */

+@JNINamespace("payments")

+public class OriginSecurityChecker {

+ /**

+ * Returns true for a valid URL from a secure origin, e.g., http://localhost, file://test.html,

+ * https://bobpay.com.

+ *

+ * @param url The URL to check.

+ * @return Whether the origin of the URL is secure.

+ */

+ public static boolean isOriginSecure(String url) {

+ return nativeIsOriginSecure(url);

+ }

+ /**

+ * Returns true for a valid URL with a cryptoraphic scheme, e.g., HTTPS, HTTPS-SO, WSS.

palmer 2017/04/17 19:30:06 Nit: typo: "cryptographic".

please use gerrit instead 2017/04/17 20:06:09 Done.

+ *

+ * @param url The URL to check.

+ * @return Whether the scheme of the URL is cryptographic.

+ */

+ public static boolean isSchemeCryptographic(String url) {

+ return nativeIsSchemeCryptographic(url);

+ }

+ private OriginSecurityChecker() {}

+ private static native boolean nativeIsOriginSecure(String url);

+ private static native boolean nativeIsSchemeCryptographic(String url);