| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/url_security_manager.h" | 5 #include "net/http/url_security_manager.h" |
| 6 | 6 |
| 7 #include <urlmon.h> | 7 #include <urlmon.h> |
| 8 #pragma comment(lib, "urlmon.lib") | 8 #pragma comment(lib, "urlmon.lib") |
| 9 | 9 |
| 10 #include "base/strings/string_util.h" | 10 #include "base/strings/string_util.h" |
| (...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 46 URLSecurityManagerWin::URLSecurityManagerWin( | 46 URLSecurityManagerWin::URLSecurityManagerWin( |
| 47 const HttpAuthFilter* whitelist_delegate) | 47 const HttpAuthFilter* whitelist_delegate) |
| 48 : whitelist_delegate_(whitelist_delegate) { | 48 : whitelist_delegate_(whitelist_delegate) { |
| 49 } | 49 } |
| 50 | 50 |
| 51 bool URLSecurityManagerWin::CanUseDefaultCredentials( | 51 bool URLSecurityManagerWin::CanUseDefaultCredentials( |
| 52 const GURL& auth_origin) const { | 52 const GURL& auth_origin) const { |
| 53 if (!const_cast<URLSecurityManagerWin*>(this)->EnsureSystemSecurityManager()) | 53 if (!const_cast<URLSecurityManagerWin*>(this)->EnsureSystemSecurityManager()) |
| 54 return false; | 54 return false; |
| 55 | 55 |
| 56 std::wstring url_w = base::ASCIIToWide(auth_origin.spec()); | 56 base::string16 url16 = base::ASCIIToUTF16(auth_origin.spec()); |
| 57 DWORD policy = 0; | 57 DWORD policy = 0; |
| 58 HRESULT hr; | 58 HRESULT hr; |
| 59 hr = security_manager_->ProcessUrlAction(url_w.c_str(), | 59 hr = security_manager_->ProcessUrlAction(url16.c_str(), |
| 60 URLACTION_CREDENTIALS_USE, | 60 URLACTION_CREDENTIALS_USE, |
| 61 reinterpret_cast<BYTE*>(&policy), | 61 reinterpret_cast<BYTE*>(&policy), |
| 62 sizeof(policy), NULL, 0, | 62 sizeof(policy), NULL, 0, |
| 63 PUAF_NOUI, 0); | 63 PUAF_NOUI, 0); |
| 64 if (FAILED(hr)) { | 64 if (FAILED(hr)) { |
| 65 LOG(ERROR) << "IInternetSecurityManager::ProcessUrlAction failed: " << hr; | 65 LOG(ERROR) << "IInternetSecurityManager::ProcessUrlAction failed: " << hr; |
| 66 return false; | 66 return false; |
| 67 } | 67 } |
| 68 | 68 |
| 69 // Four possible policies for URLACTION_CREDENTIALS_USE. See the MSDN page | 69 // Four possible policies for URLACTION_CREDENTIALS_USE. See the MSDN page |
| 70 // "About URL Security Zones" at | 70 // "About URL Security Zones" at |
| 71 // http://msdn.microsoft.com/en-us/library/ms537183(VS.85).aspx | 71 // http://msdn.microsoft.com/en-us/library/ms537183(VS.85).aspx |
| 72 switch (policy) { | 72 switch (policy) { |
| 73 case URLPOLICY_CREDENTIALS_SILENT_LOGON_OK: | 73 case URLPOLICY_CREDENTIALS_SILENT_LOGON_OK: |
| 74 return true; | 74 return true; |
| 75 case URLPOLICY_CREDENTIALS_CONDITIONAL_PROMPT: { | 75 case URLPOLICY_CREDENTIALS_CONDITIONAL_PROMPT: { |
| 76 // This policy means "prompt the user for permission if the resource is | 76 // This policy means "prompt the user for permission if the resource is |
| 77 // not located in the Intranet zone". TODO(wtc): Note that it's | 77 // not located in the Intranet zone". TODO(wtc): Note that it's |
| 78 // prompting for permission (to use the default credentials), as opposed | 78 // prompting for permission (to use the default credentials), as opposed |
| 79 // to prompting the user to enter a user name and password. | 79 // to prompting the user to enter a user name and password. |
| 80 | 80 |
| 81 // URLZONE_LOCAL_MACHINE 0 | 81 // URLZONE_LOCAL_MACHINE 0 |
| 82 // URLZONE_INTRANET 1 | 82 // URLZONE_INTRANET 1 |
| 83 // URLZONE_TRUSTED 2 | 83 // URLZONE_TRUSTED 2 |
| 84 // URLZONE_INTERNET 3 | 84 // URLZONE_INTERNET 3 |
| 85 // URLZONE_UNTRUSTED 4 | 85 // URLZONE_UNTRUSTED 4 |
| 86 DWORD zone = 0; | 86 DWORD zone = 0; |
| 87 hr = security_manager_->MapUrlToZone(url_w.c_str(), &zone, 0); | 87 hr = security_manager_->MapUrlToZone(url16.c_str(), &zone, 0); |
| 88 if (FAILED(hr)) { | 88 if (FAILED(hr)) { |
| 89 LOG(ERROR) << "IInternetSecurityManager::MapUrlToZone failed: " << hr; | 89 LOG(ERROR) << "IInternetSecurityManager::MapUrlToZone failed: " << hr; |
| 90 return false; | 90 return false; |
| 91 } | 91 } |
| 92 return zone <= URLZONE_INTRANET; | 92 return zone <= URLZONE_INTRANET; |
| 93 } | 93 } |
| 94 case URLPOLICY_CREDENTIALS_MUST_PROMPT_USER: | 94 case URLPOLICY_CREDENTIALS_MUST_PROMPT_USER: |
| 95 return false; | 95 return false; |
| 96 case URLPOLICY_CREDENTIALS_ANONYMOUS_ONLY: | 96 case URLPOLICY_CREDENTIALS_ANONYMOUS_ONLY: |
| 97 // TODO(wtc): we should fail the authentication. | 97 // TODO(wtc): we should fail the authentication. |
| (...skipping 30 matching lines...) Expand all Loading... |
| 128 const HttpAuthFilter* whitelist_default, | 128 const HttpAuthFilter* whitelist_default, |
| 129 const HttpAuthFilter* whitelist_delegate) { | 129 const HttpAuthFilter* whitelist_delegate) { |
| 130 // If we have a whitelist, just use that. | 130 // If we have a whitelist, just use that. |
| 131 if (whitelist_default) | 131 if (whitelist_default) |
| 132 return new URLSecurityManagerWhitelist(whitelist_default, | 132 return new URLSecurityManagerWhitelist(whitelist_default, |
| 133 whitelist_delegate); | 133 whitelist_delegate); |
| 134 return new URLSecurityManagerWin(whitelist_delegate); | 134 return new URLSecurityManagerWin(whitelist_delegate); |
| 135 } | 135 } |
| 136 | 136 |
| 137 } // namespace net | 137 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 706203003:
Update from https://crrev.com/303153 (Closed)
Base URL: git@github.com:domokit/mojo.git@master