content/browser/ssl/ssl_policy.cc - Issue 465133004: Remove DenyCertForHost from SSLHostStateDelegate API.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: content/browser/ssl/ssl_policy.cc

Issue 465133004: Remove DenyCertForHost from SSLHostStateDelegate API. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Removed UNKNOWN and CertPolicy Created 6 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: content/browser/ssl/ssl_policy.cc

diff --git a/content/browser/ssl/ssl_policy.cc b/content/browser/ssl/ssl_policy.cc

index 18fdde4dfe2bf9823e716ae01e48db73f1641fb8..ff0f7ce19e8243af980528017f56abf13eaa62aa 100644

--- a/content/browser/ssl/ssl_policy.cc

+++ b/content/browser/ssl/ssl_policy.cc

@@ -34,21 +34,20 @@ SSLPolicy::SSLPolicy(SSLPolicyBackend* backend)

void SSLPolicy::OnCertError(SSLCertErrorHandler* handler) {

bool expired_previous_decision;

// First we check if we know the policy for this error.

- net::CertPolicy::Judgment judgment =

+ SSLHostStateDelegate::CertJudgment judgment =

backend_->QueryPolicy(handler->ssl_info().cert.get(),

handler->request_url().host(),

handler->cert_error(),

&expired_previous_decision);

- if (judgment == net::CertPolicy::ALLOWED) {

+ if (judgment == SSLHostStateDelegate::ALLOWED) {

handler->ContinueRequest();

return;

}

- // The judgment is either DENIED or UNKNOWN.

- // For now we handle the DENIED as the UNKNOWN, which means a blocking

- // page is shown to the user every time he comes back to the page.

+ // The judgment must be UNKNOWN because QueryPolicy guarantees that it will

Peter Kasting 2014/09/03 23:02:55 Update all comments that talk about UNKNOWN. (The

jww 2014/09/03 23:33:49 Whoops. Thought I had gotten them, but clearly not

+ // never return DENIED. For these hosts, a blocking page is shown to the user

+ // every time he comes back to the page.

int options_mask = 0;

switch (handler->cert_error()) {

case net::ERR_CERT_COMMON_NAME_INVALID:

@@ -180,13 +179,6 @@ void SSLPolicy::OnAllowCertificate(scoped_refptr<SSLCertErrorHandler> handler,

handler->ContinueRequest();

} else {

// Default behavior for rejecting a certificate.

- //

- // While DenyCertForHost() executes synchronously on this thread,

- // CancelRequest() gets posted to a different thread. Calling

- // DenyCertForHost() first ensures deterministic ordering.

- backend_->DenyCertForHost(handler->ssl_info().cert.get(),

- handler->request_url().host(),

- handler->cert_error());

handler->CancelRequest();

}

« no previous file with comments | « chrome/browser/ui/website_settings/website_settings_ui.h ('k') | content/browser/ssl/ssl_policy_backend.h » ('j') | no next file with comments »