OLD | NEW |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "components/payments/content/payment_request.h" | 5 #include "components/payments/content/payment_request.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 #include <utility> | 8 #include <utility> |
9 | 9 |
10 #include "base/memory/ptr_util.h" | 10 #include "base/memory/ptr_util.h" |
(...skipping 30 matching lines...) Expand all Loading... |
41 | 41 |
42 PaymentRequest::~PaymentRequest() {} | 42 PaymentRequest::~PaymentRequest() {} |
43 | 43 |
44 void PaymentRequest::Init(mojom::PaymentRequestClientPtr client, | 44 void PaymentRequest::Init(mojom::PaymentRequestClientPtr client, |
45 std::vector<mojom::PaymentMethodDataPtr> method_data, | 45 std::vector<mojom::PaymentMethodDataPtr> method_data, |
46 mojom::PaymentDetailsPtr details, | 46 mojom::PaymentDetailsPtr details, |
47 mojom::PaymentOptionsPtr options) { | 47 mojom::PaymentOptionsPtr options) { |
48 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); | 48 DCHECK_CURRENTLY_ON(content::BrowserThread::UI); |
49 client_ = std::move(client); | 49 client_ = std::move(client); |
50 | 50 |
51 if (!OriginSecurityChecker::IsOriginSecure( | 51 const GURL last_committed_url = delegate_->GetLastCommittedURL(); |
52 delegate_->GetLastCommittedURL())) { | 52 if (!OriginSecurityChecker::IsOriginSecure(last_committed_url)) { |
53 LOG(ERROR) << "Not in a secure origin"; | 53 LOG(ERROR) << "Not in a secure origin"; |
54 OnConnectionTerminated(); | 54 OnConnectionTerminated(); |
55 return; | 55 return; |
56 } | 56 } |
57 | 57 |
58 if (OriginSecurityChecker::IsSchemeCryptographic( | 58 bool allowed_origin = |
59 delegate_->GetLastCommittedURL()) && | 59 OriginSecurityChecker::IsSchemeCryptographic(last_committed_url) || |
60 !delegate_->IsSslCertificateValid()) { | 60 OriginSecurityChecker::IsOriginLocalhostOrFile(last_committed_url); |
| 61 if (!allowed_origin) { |
| 62 LOG(ERROR) << "Only localhost, file://, and cryptographic scheme origins " |
| 63 "allowed"; |
| 64 } |
| 65 |
| 66 bool invalid_ssl = |
| 67 OriginSecurityChecker::IsSchemeCryptographic(last_committed_url) && |
| 68 !delegate_->IsSslCertificateValid(); |
| 69 if (invalid_ssl) |
61 LOG(ERROR) << "SSL certificate is not valid"; | 70 LOG(ERROR) << "SSL certificate is not valid"; |
| 71 |
| 72 if (!allowed_origin || invalid_ssl) { |
62 // Don't show UI. Resolve .canMakepayment() with "false". Reject .show() | 73 // Don't show UI. Resolve .canMakepayment() with "false". Reject .show() |
63 // with "NotSupportedError". | 74 // with "NotSupportedError". |
64 spec_ = base::MakeUnique<PaymentRequestSpec>( | 75 spec_ = base::MakeUnique<PaymentRequestSpec>( |
65 mojom::PaymentOptions::New(), mojom::PaymentDetails::New(), | 76 mojom::PaymentOptions::New(), mojom::PaymentDetails::New(), |
66 std::vector<mojom::PaymentMethodDataPtr>(), this, | 77 std::vector<mojom::PaymentMethodDataPtr>(), this, |
67 delegate_->GetApplicationLocale()); | 78 delegate_->GetApplicationLocale()); |
68 state_ = base::MakeUnique<PaymentRequestState>( | 79 state_ = base::MakeUnique<PaymentRequestState>( |
69 spec_.get(), this, delegate_->GetApplicationLocale(), | 80 spec_.get(), this, delegate_->GetApplicationLocale(), |
70 delegate_->GetPersonalDataManager(), delegate_.get()); | 81 delegate_->GetPersonalDataManager(), delegate_.get()); |
71 return; | 82 return; |
(...skipping 111 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
183 | 194 |
184 journey_logger_.RecordJourneyStatsHistograms( | 195 journey_logger_.RecordJourneyStatsHistograms( |
185 JourneyLogger::COMPLETION_STATUS_USER_ABORTED); | 196 JourneyLogger::COMPLETION_STATUS_USER_ABORTED); |
186 | 197 |
187 // This sends an error to the renderer, which informs the API user. | 198 // This sends an error to the renderer, which informs the API user. |
188 client_->OnError(mojom::PaymentErrorReason::USER_CANCEL); | 199 client_->OnError(mojom::PaymentErrorReason::USER_CANCEL); |
189 | 200 |
190 // We close all bindings and ask to be destroyed. | 201 // We close all bindings and ask to be destroyed. |
191 client_.reset(); | 202 client_.reset(); |
192 binding_.Close(); | 203 binding_.Close(); |
| 204 if (observer_for_testing_) |
| 205 observer_for_testing_->OnConnectionTerminated(); |
193 manager_->DestroyRequest(this); | 206 manager_->DestroyRequest(this); |
194 } | 207 } |
195 | 208 |
196 void PaymentRequest::OnConnectionTerminated() { | 209 void PaymentRequest::OnConnectionTerminated() { |
197 // We are here because of a browser-side error, or likely as a result of the | 210 // We are here because of a browser-side error, or likely as a result of the |
198 // connection_error_handler on |binding_|, which can mean that the renderer | 211 // connection_error_handler on |binding_|, which can mean that the renderer |
199 // has decided to close the pipe for various reasons (see all uses of | 212 // has decided to close the pipe for various reasons (see all uses of |
200 // PaymentRequest::clearResolversAndCloseMojoConnection() in Blink). We close | 213 // PaymentRequest::clearResolversAndCloseMojoConnection() in Blink). We close |
201 // the binding and the dialog, and ask to be deleted. | 214 // the binding and the dialog, and ask to be deleted. |
202 client_.reset(); | 215 client_.reset(); |
203 binding_.Close(); | 216 binding_.Close(); |
204 delegate_->CloseDialog(); | 217 delegate_->CloseDialog(); |
| 218 if (observer_for_testing_) |
| 219 observer_for_testing_->OnConnectionTerminated(); |
205 manager_->DestroyRequest(this); | 220 manager_->DestroyRequest(this); |
206 } | 221 } |
207 | 222 |
208 void PaymentRequest::Pay() { | 223 void PaymentRequest::Pay() { |
209 state_->GeneratePaymentResponse(); | 224 state_->GeneratePaymentResponse(); |
210 } | 225 } |
211 | 226 |
212 } // namespace payments | 227 } // namespace payments |
OLD | NEW |