| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/ssl_errors/error_info.h" | 5 #include "components/ssl_errors/error_info.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 | 8 |
| 9 #include "base/i18n/message_formatter.h" | 9 #include "base/i18n/message_formatter.h" |
| 10 #include "base/macros.h" | 10 #include "base/macros.h" |
| (...skipping 20 matching lines...) Expand all Loading... |
| 31 const GURL& request_url) { | 31 const GURL& request_url) { |
| 32 base::string16 details, short_description; | 32 base::string16 details, short_description; |
| 33 switch (error_type) { | 33 switch (error_type) { |
| 34 case CERT_COMMON_NAME_INVALID: { | 34 case CERT_COMMON_NAME_INVALID: { |
| 35 std::vector<std::string> dns_names; | 35 std::vector<std::string> dns_names; |
| 36 cert->GetSubjectAltName(&dns_names, nullptr); | 36 cert->GetSubjectAltName(&dns_names, nullptr); |
| 37 | 37 |
| 38 size_t i = 0; | 38 size_t i = 0; |
| 39 if (dns_names.empty()) { | 39 if (dns_names.empty()) { |
| 40 // The certificate had no DNS names, display an explanatory string. | 40 // The certificate had no DNS names, display an explanatory string. |
| 41 // TODO(elawrence): Change the error messsage instead of just the | 41 details = l10n_util::GetStringFUTF16( |
| 42 // placeholder string; see https://crbug.com/708268 | 42 IDS_CERT_ERROR_NO_SUBJECT_ALTERNATIVE_NAMES_DETAILS, |
| 43 dns_names.push_back("[missing_subjectAltName]"); | 43 UTF8ToUTF16(request_url.host())); |
| 44 } else { | 44 } else { |
| 45 // If the certificate contains multiple DNS names, we choose the most | 45 // If the certificate contains multiple DNS names, we choose the most |
| 46 // representative one -- either the DNS name that's also in the subject | 46 // representative one -- either the DNS name that's also in the subject |
| 47 // field, or the first one. If this heuristic turns out to be | 47 // field, or the first one. If this heuristic turns out to be |
| 48 // inadequate, we can consider choosing the DNS name that is the | 48 // inadequate, we can consider choosing the DNS name that is the |
| 49 // "closest match" to the host name in the request URL, or listing all | 49 // "closest match" to the host name in the request URL, or listing all |
| 50 // the DNS names with an HTML <ul>. | 50 // the DNS names with an HTML <ul>. |
| 51 for (; i < dns_names.size(); ++i) { | 51 for (; i < dns_names.size(); ++i) { |
| 52 if (dns_names[i] == cert->subject().common_name) | 52 if (dns_names[i] == cert->subject().common_name) |
| 53 break; | 53 break; |
| 54 } | 54 } |
| 55 if (i == dns_names.size()) | 55 if (i == dns_names.size()) |
| 56 i = 0; | 56 i = 0; |
| 57 |
| 58 details = l10n_util::GetStringFUTF16( |
| 59 IDS_CERT_ERROR_COMMON_NAME_INVALID_DETAILS, |
| 60 UTF8ToUTF16(request_url.host()), |
| 61 net::EscapeForHTML(UTF8ToUTF16(dns_names[i]))); |
| 57 } | 62 } |
| 58 | 63 |
| 59 details = l10n_util::GetStringFUTF16( | |
| 60 IDS_CERT_ERROR_COMMON_NAME_INVALID_DETAILS, | |
| 61 UTF8ToUTF16(request_url.host()), | |
| 62 net::EscapeForHTML(UTF8ToUTF16(dns_names[i]))); | |
| 63 short_description = l10n_util::GetStringUTF16( | 64 short_description = l10n_util::GetStringUTF16( |
| 64 IDS_CERT_ERROR_COMMON_NAME_INVALID_DESCRIPTION); | 65 IDS_CERT_ERROR_COMMON_NAME_INVALID_DESCRIPTION); |
| 65 break; | 66 break; |
| 66 } | 67 } |
| 67 case CERT_DATE_INVALID: | 68 case CERT_DATE_INVALID: |
| 68 if (cert->HasExpired()) { | 69 if (cert->HasExpired()) { |
| 69 // Make sure to round up to the smallest integer value not less than | 70 // Make sure to round up to the smallest integer value not less than |
| 70 // the expiration value (https://crbug.com/476758). | 71 // the expiration value (https://crbug.com/476758). |
| 71 int expiration_value = | 72 int expiration_value = |
| 72 (base::Time::Now() - cert->valid_expiry()).InDays() + 1; | 73 (base::Time::Now() - cert->valid_expiry()).InDays() + 1; |
| (...skipping 187 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 260 | 261 |
| 261 for (size_t i = 0; i < arraysize(kErrorFlags); ++i) { | 262 for (size_t i = 0; i < arraysize(kErrorFlags); ++i) { |
| 262 if ((cert_status & kErrorFlags[i]) && errors) { | 263 if ((cert_status & kErrorFlags[i]) && errors) { |
| 263 errors->push_back( | 264 errors->push_back( |
| 264 ErrorInfo::CreateError(kErrorTypes[i], cert.get(), url)); | 265 ErrorInfo::CreateError(kErrorTypes[i], cert.get(), url)); |
| 265 } | 266 } |
| 266 } | 267 } |
| 267 } | 268 } |
| 268 | 269 |
| 269 } // namespace ssl_errors | 270 } // namespace ssl_errors |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2868733003:
Improve HTTPS error page text when SubjectAltName missing (Closed)
