content/browser/ssl/ssl_policy.cc - Issue 465133004: Remove DenyCertForHost from SSLHostStateDelegate API.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: content/browser/ssl/ssl_policy.cc

Issue 465133004: Remove DenyCertForHost from SSLHostStateDelegate API. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Rebase on ToT Created 6 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: content/browser/ssl/ssl_policy.cc

diff --git a/content/browser/ssl/ssl_policy.cc b/content/browser/ssl/ssl_policy.cc

index d5a3a76fa8a0f2b78fcba9f73fd8a5af667f41f1..51ae7b2a1c800cdcf7e648869783d60277a08381 100644

--- a/content/browser/ssl/ssl_policy.cc

+++ b/content/browser/ssl/ssl_policy.cc

@@ -35,21 +35,19 @@ void SSLPolicy::OnCertError(SSLCertErrorHandler* handler) {

bool expired_previous_decision;

// First we check if we know the policy for this error.

DCHECK(handler->ssl_info().is_valid());

- net::CertPolicy::Judgment judgment =

+ SSLHostStateDelegate::CertJudgment judgment =

backend_->QueryPolicy(*handler->ssl_info().cert.get(),

handler->request_url().host(),

handler->cert_error(),

&expired_previous_decision);

- if (judgment == net::CertPolicy::ALLOWED) {

+ if (judgment == SSLHostStateDelegate::ALLOWED) {

handler->ContinueRequest();

return;

}

- // The judgment is either DENIED or UNKNOWN.

- // For now we handle the DENIED as the UNKNOWN, which means a blocking

- // page is shown to the user every time he comes back to the page.

+ // For all other hosts, which must be DENIED, a blocking page is shown to the

+ // user every time they come back to the page.

int options_mask = 0;

switch (handler->cert_error()) {

case net::ERR_CERT_COMMON_NAME_INVALID:

@@ -182,13 +180,6 @@ void SSLPolicy::OnAllowCertificate(scoped_refptr<SSLCertErrorHandler> handler,

handler->ContinueRequest();

} else {

// Default behavior for rejecting a certificate.

- //

- // While DenyCertForHost() executes synchronously on this thread,

- // CancelRequest() gets posted to a different thread. Calling

- // DenyCertForHost() first ensures deterministic ordering.

- backend_->DenyCertForHost(*handler->ssl_info().cert.get(),

- handler->request_url().host(),

- handler->cert_error());

handler->CancelRequest();

}

« no previous file with comments | « chrome/browser/ui/website_settings/website_settings_ui.h ('k') | content/browser/ssl/ssl_policy_backend.h » ('j') | no next file with comments »