Index: content/browser/service_worker/service_worker_write_to_cache_job.cc |
diff --git a/content/browser/service_worker/service_worker_write_to_cache_job.cc b/content/browser/service_worker/service_worker_write_to_cache_job.cc |
index 4e2c24fd49051f23ed7503186f8882f8e018b1af..a2f347e74d75b91cb83d6f7093e7a38cb8f2a240 100644 |
--- a/content/browser/service_worker/service_worker_write_to_cache_job.cc |
+++ b/content/browser/service_worker/service_worker_write_to_cache_job.cc |
@@ -305,7 +305,7 @@ void ServiceWorkerWriteToCacheJob::OnCertificateRequested( |
net::URLRequestStatus::FAILED, net::ERR_FAILED)); |
} |
-void ServiceWorkerWriteToCacheJob:: OnSSLCertificateError( |
+void ServiceWorkerWriteToCacheJob::OnSSLCertificateError( |
net::URLRequest* request, |
const net::SSLInfo& ssl_info, |
bool fatal) { |
@@ -315,7 +315,7 @@ void ServiceWorkerWriteToCacheJob:: OnSSLCertificateError( |
// TODO(michaeln): Pass this thru to our jobs client, |
// see NotifySSLCertificateError. |
AsyncNotifyDoneHelper(net::URLRequestStatus( |
- net::URLRequestStatus::FAILED, net::ERR_FAILED)); |
+ net::URLRequestStatus::FAILED, net::ERR_INSECURE_RESPONSE)); |
} |
void ServiceWorkerWriteToCacheJob::OnBeforeNetworkStart( |
@@ -341,6 +341,13 @@ void ServiceWorkerWriteToCacheJob::OnResponseStarted( |
// response to our consumer, just don't cache it? |
return; |
} |
+ // OnSSLCertificateError is not called when the HTTPS connection is reused. |
+ // So we check cert_status here. |
+ if (net::IsCertStatusError(request->ssl_info().cert_status)) { |
+ AsyncNotifyDoneHelper(net::URLRequestStatus( |
+ net::URLRequestStatus::FAILED, net::ERR_INSECURE_RESPONSE)); |
+ return; |
+ } |
// To prevent most user-uploaded content from being used as a serviceworker. |
if (version_->script_url() == url_) { |
std::string mime_type; |