Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(335)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/ssl/common_name_mismatch_handler.cc

Issue 2865753003: Stop on redirects while checking for www mismatches (Closed)
Patch Set: Rebase Created 3 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | chrome/browser/ssl/ssl_browser_tests.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/ssl/common_name_mismatch_handler.h" 5 #include "chrome/browser/ssl/common_name_mismatch_handler.h"
6 6
7 #include "base/callback_helpers.h" 7 #include "base/callback_helpers.h"
8 #include "base/logging.h" 8 #include "base/logging.h"
9 #include "base/strings/string_number_conversions.h" 9 #include "base/strings/string_number_conversions.h"
10 #include "components/ssl_errors/error_classification.h" 10 #include "components/ssl_errors/error_classification.h"
(...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after
71 url_fetcher_ = net::URLFetcher::Create(url, net::URLFetcher::HEAD, this, 71 url_fetcher_ = net::URLFetcher::Create(url, net::URLFetcher::HEAD, this,
72 traffic_annotation); 72 traffic_annotation);
73 url_fetcher_->SetAutomaticallyRetryOn5xx(false); 73 url_fetcher_->SetAutomaticallyRetryOn5xx(false);
74 url_fetcher_->SetRequestContext(request_context_.get()); 74 url_fetcher_->SetRequestContext(request_context_.get());
75 75
76 // Can't safely use net::LOAD_DISABLE_CERT_REVOCATION_CHECKING here, 76 // Can't safely use net::LOAD_DISABLE_CERT_REVOCATION_CHECKING here,
77 // since then the connection may be reused without checking the cert. 77 // since then the connection may be reused without checking the cert.
78 url_fetcher_->SetLoadFlags(net::LOAD_DO_NOT_SAVE_COOKIES | 78 url_fetcher_->SetLoadFlags(net::LOAD_DO_NOT_SAVE_COOKIES |
79 net::LOAD_DO_NOT_SEND_COOKIES | 79 net::LOAD_DO_NOT_SEND_COOKIES |
80 net::LOAD_DO_NOT_SEND_AUTH_DATA); 80 net::LOAD_DO_NOT_SEND_AUTH_DATA);
81 // Don't follow redirects to prevent leaking URL data to HTTP sites.
82 url_fetcher_->SetStopOnRedirect(true);
81 url_fetcher_->Start(); 83 url_fetcher_->Start();
82 } 84 }
83 85
84 // static 86 // static
85 bool CommonNameMismatchHandler::GetSuggestedUrl( 87 bool CommonNameMismatchHandler::GetSuggestedUrl(
86 const GURL& request_url, 88 const GURL& request_url,
87 const std::vector<std::string>& dns_names, 89 const std::vector<std::string>& dns_names,
88 GURL* suggested_url) { 90 GURL* suggested_url) {
89 std::string www_mismatch_hostname; 91 std::string www_mismatch_hostname;
90 if (!ssl_errors::GetWWWSubDomainMatch(request_url, dns_names, 92 if (!ssl_errors::GetWWWSubDomainMatch(request_url, dns_names,
(...skipping 19 matching lines...) Expand all
110 DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_); 112 DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_);
111 DCHECK(IsCheckingSuggestedUrl()); 113 DCHECK(IsCheckingSuggestedUrl());
112 DCHECK_EQ(url_fetcher_.get(), source); 114 DCHECK_EQ(url_fetcher_.get(), source);
113 DCHECK(!check_url_callback_.is_null()); 115 DCHECK(!check_url_callback_.is_null());
114 DCHECK(!url_fetcher_.get()->GetStatus().is_io_pending()); 116 DCHECK(!url_fetcher_.get()->GetStatus().is_io_pending());
115 117
116 SuggestedUrlCheckResult result = SUGGESTED_URL_NOT_AVAILABLE; 118 SuggestedUrlCheckResult result = SUGGESTED_URL_NOT_AVAILABLE;
117 // Save a copy of |suggested_url| so it can be used after |url_fetcher_| 119 // Save a copy of |suggested_url| so it can be used after |url_fetcher_|
118 // is destroyed. 120 // is destroyed.
119 const GURL suggested_url = url_fetcher_->GetOriginalURL(); 121 const GURL suggested_url = url_fetcher_->GetOriginalURL();
120 const GURL& landing_url = url_fetcher_->GetURL(); 122 const GURL landing_url = url_fetcher_->GetURL();
121 123
122 // Make sure the |landing_url| is a HTTPS page and returns a proper response 124 // Make sure the |landing_url| is a HTTPS page and returns a proper response
123 // code. 125 // code.
124 if (url_fetcher_.get()->GetResponseCode() == 200 && 126 if (url_fetcher_.get()->GetResponseCode() == 200 &&
125 landing_url.SchemeIsCryptographic() && 127 landing_url.SchemeIsCryptographic() &&
126 landing_url.host() != request_url_.host()) { 128 landing_url.host() != request_url_.host()) {
129 DCHECK_EQ(landing_url.host(), suggested_url.host());
127 result = SUGGESTED_URL_AVAILABLE; 130 result = SUGGESTED_URL_AVAILABLE;
128 } 131 }
129 url_fetcher_.reset(); 132 url_fetcher_.reset();
130 base::ResetAndReturn(&check_url_callback_).Run(result, suggested_url); 133 base::ResetAndReturn(&check_url_callback_).Run(result, suggested_url);
131 } 134 }
132 135
133 bool CommonNameMismatchHandler::IsCheckingSuggestedUrl() const { 136 bool CommonNameMismatchHandler::IsCheckingSuggestedUrl() const {
134 return !!url_fetcher_; 137 return !!url_fetcher_;
135 } 138 }
OLDNEW
« no previous file with comments | « no previous file | chrome/browser/ssl/ssl_browser_tests.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698