| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chrome_content_browser_client.h" | 5 #include "chrome/browser/chrome_content_browser_client.h" |
| 6 | 6 |
| 7 #include <set> | 7 #include <set> |
| 8 #include <utility> | 8 #include <utility> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| (...skipping 93 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 104 #include "components/pref_registry/pref_registry_syncable.h" | 104 #include "components/pref_registry/pref_registry_syncable.h" |
| 105 #include "components/signin/core/common/profile_management_switches.h" | 105 #include "components/signin/core/common/profile_management_switches.h" |
| 106 #include "components/translate/core/common/translate_switches.h" | 106 #include "components/translate/core/common/translate_switches.h" |
| 107 #include "content/public/browser/browser_child_process_host.h" | 107 #include "content/public/browser/browser_child_process_host.h" |
| 108 #include "content/public/browser/browser_main_parts.h" | 108 #include "content/public/browser/browser_main_parts.h" |
| 109 #include "content/public/browser/browser_ppapi_host.h" | 109 #include "content/public/browser/browser_ppapi_host.h" |
| 110 #include "content/public/browser/browser_thread.h" | 110 #include "content/public/browser/browser_thread.h" |
| 111 #include "content/public/browser/browser_url_handler.h" | 111 #include "content/public/browser/browser_url_handler.h" |
| 112 #include "content/public/browser/child_process_data.h" | 112 #include "content/public/browser/child_process_data.h" |
| 113 #include "content/public/browser/child_process_security_policy.h" | 113 #include "content/public/browser/child_process_security_policy.h" |
| 114 #include "content/public/browser/client_certificate_delegate.h" |
| 114 #include "content/public/browser/permission_type.h" | 115 #include "content/public/browser/permission_type.h" |
| 115 #include "content/public/browser/render_frame_host.h" | 116 #include "content/public/browser/render_frame_host.h" |
| 116 #include "content/public/browser/render_process_host.h" | 117 #include "content/public/browser/render_process_host.h" |
| 117 #include "content/public/browser/render_view_host.h" | 118 #include "content/public/browser/render_view_host.h" |
| 118 #include "content/public/browser/resource_context.h" | 119 #include "content/public/browser/resource_context.h" |
| 119 #include "content/public/browser/site_instance.h" | 120 #include "content/public/browser/site_instance.h" |
| 120 #include "content/public/browser/web_contents.h" | 121 #include "content/public/browser/web_contents.h" |
| 121 #include "content/public/common/child_process_host.h" | 122 #include "content/public/common/child_process_host.h" |
| 122 #include "content/public/common/content_descriptors.h" | 123 #include "content/public/common/content_descriptors.h" |
| 123 #include "content/public/common/url_utils.h" | 124 #include "content/public/common/url_utils.h" |
| (...skipping 1686 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1810 if (strict_enforcement) | 1811 if (strict_enforcement) |
| 1811 options_mask |= SSLBlockingPage::STRICT_ENFORCEMENT; | 1812 options_mask |= SSLBlockingPage::STRICT_ENFORCEMENT; |
| 1812 if (expired_previous_decision) | 1813 if (expired_previous_decision) |
| 1813 options_mask |= SSLBlockingPage::EXPIRED_BUT_PREVIOUSLY_ALLOWED; | 1814 options_mask |= SSLBlockingPage::EXPIRED_BUT_PREVIOUSLY_ALLOWED; |
| 1814 | 1815 |
| 1815 SSLErrorHandler::HandleSSLError( | 1816 SSLErrorHandler::HandleSSLError( |
| 1816 tab, cert_error, ssl_info, request_url, options_mask, callback); | 1817 tab, cert_error, ssl_info, request_url, options_mask, callback); |
| 1817 } | 1818 } |
| 1818 | 1819 |
| 1819 void ChromeContentBrowserClient::SelectClientCertificate( | 1820 void ChromeContentBrowserClient::SelectClientCertificate( |
| 1820 int render_process_id, | 1821 content::WebContents* web_contents, |
| 1821 int render_frame_id, | |
| 1822 net::SSLCertRequestInfo* cert_request_info, | 1822 net::SSLCertRequestInfo* cert_request_info, |
| 1823 const base::Callback<void(net::X509Certificate*)>& callback) { | 1823 scoped_ptr<content::ClientCertificateDelegate> delegate) { |
| 1824 content::RenderFrameHost* rfh = content::RenderFrameHost::FromID( | 1824 prerender::PrerenderContents* prerender_contents = |
| 1825 render_process_id, render_frame_id); | 1825 prerender::PrerenderContents::FromWebContents(web_contents); |
| 1826 WebContents* tab = WebContents::FromRenderFrameHost(rfh); | 1826 if (prerender_contents) { |
| 1827 if (!tab) { | 1827 prerender_contents->Destroy( |
| 1828 // TODO(davidben): This makes the request hang, but returning no certificate | 1828 prerender::FINAL_STATUS_SSL_CLIENT_CERTIFICATE_REQUESTED); |
| 1829 // also breaks. It should abort the request. See https://crbug.com/417092 | 1829 delegate->CancelCertificateSelection(); |
| 1830 return; | 1830 return; |
| 1831 } | 1831 } |
| 1832 | 1832 |
| 1833 prerender::PrerenderContents* prerender_contents = | |
| 1834 prerender::PrerenderContents::FromWebContents(tab); | |
| 1835 if (prerender_contents) { | |
| 1836 prerender_contents->Destroy( | |
| 1837 prerender::FINAL_STATUS_SSL_CLIENT_CERTIFICATE_REQUESTED); | |
| 1838 return; | |
| 1839 } | |
| 1840 | |
| 1841 GURL requesting_url("https://" + cert_request_info->host_and_port.ToString()); | 1833 GURL requesting_url("https://" + cert_request_info->host_and_port.ToString()); |
| 1842 DCHECK(requesting_url.is_valid()) | 1834 DCHECK(requesting_url.is_valid()) |
| 1843 << "Invalid URL string: https://" | 1835 << "Invalid URL string: https://" |
| 1844 << cert_request_info->host_and_port.ToString(); | 1836 << cert_request_info->host_and_port.ToString(); |
| 1845 | 1837 |
| 1846 Profile* profile = Profile::FromBrowserContext(tab->GetBrowserContext()); | 1838 Profile* profile = |
| 1839 Profile::FromBrowserContext(web_contents->GetBrowserContext()); |
| 1847 scoped_ptr<base::Value> filter = | 1840 scoped_ptr<base::Value> filter = |
| 1848 profile->GetHostContentSettingsMap()->GetWebsiteSetting( | 1841 profile->GetHostContentSettingsMap()->GetWebsiteSetting( |
| 1849 requesting_url, | 1842 requesting_url, |
| 1850 requesting_url, | 1843 requesting_url, |
| 1851 CONTENT_SETTINGS_TYPE_AUTO_SELECT_CERTIFICATE, | 1844 CONTENT_SETTINGS_TYPE_AUTO_SELECT_CERTIFICATE, |
| 1852 std::string(), | 1845 std::string(), |
| 1853 NULL); | 1846 NULL); |
| 1854 | 1847 |
| 1855 if (filter.get()) { | 1848 if (filter.get()) { |
| 1856 // Try to automatically select a client certificate. | 1849 // Try to automatically select a client certificate. |
| 1857 if (filter->IsType(base::Value::TYPE_DICTIONARY)) { | 1850 if (filter->IsType(base::Value::TYPE_DICTIONARY)) { |
| 1858 base::DictionaryValue* filter_dict = | 1851 base::DictionaryValue* filter_dict = |
| 1859 static_cast<base::DictionaryValue*>(filter.get()); | 1852 static_cast<base::DictionaryValue*>(filter.get()); |
| 1860 | 1853 |
| 1861 const std::vector<scoped_refptr<net::X509Certificate> >& | 1854 const std::vector<scoped_refptr<net::X509Certificate> >& |
| 1862 all_client_certs = cert_request_info->client_certs; | 1855 all_client_certs = cert_request_info->client_certs; |
| 1863 for (size_t i = 0; i < all_client_certs.size(); ++i) { | 1856 for (size_t i = 0; i < all_client_certs.size(); ++i) { |
| 1864 if (CertMatchesFilter(*all_client_certs[i].get(), *filter_dict)) { | 1857 if (CertMatchesFilter(*all_client_certs[i].get(), *filter_dict)) { |
| 1865 // Use the first certificate that is matched by the filter. | 1858 // Use the first certificate that is matched by the filter. |
| 1866 callback.Run(all_client_certs[i].get()); | 1859 delegate->ContinueWithCertificate(all_client_certs[i].get()); |
| 1867 return; | 1860 return; |
| 1868 } | 1861 } |
| 1869 } | 1862 } |
| 1870 } else { | 1863 } else { |
| 1871 NOTREACHED(); | 1864 NOTREACHED(); |
| 1872 } | 1865 } |
| 1873 } | 1866 } |
| 1874 | 1867 |
| 1875 chrome::ShowSSLClientCertificateSelector(tab, cert_request_info, callback); | 1868 chrome::ShowSSLClientCertificateSelector(web_contents, cert_request_info, |
| 1869 delegate.Pass()); |
| 1876 } | 1870 } |
| 1877 | 1871 |
| 1878 void ChromeContentBrowserClient::AddCertificate( | 1872 void ChromeContentBrowserClient::AddCertificate( |
| 1879 net::CertificateMimeType cert_type, | 1873 net::CertificateMimeType cert_type, |
| 1880 const void* cert_data, | 1874 const void* cert_data, |
| 1881 size_t cert_size, | 1875 size_t cert_size, |
| 1882 int render_process_id, | 1876 int render_process_id, |
| 1883 int render_frame_id) { | 1877 int render_frame_id) { |
| 1884 chrome::SSLAddCertificate(cert_type, cert_data, cert_size, | 1878 chrome::SSLAddCertificate(cert_type, cert_data, cert_size, |
| 1885 render_process_id, render_frame_id); | 1879 render_process_id, render_frame_id); |
| (...skipping 778 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2664 switches::kDisableWebRtcEncryption, | 2658 switches::kDisableWebRtcEncryption, |
| 2665 }; | 2659 }; |
| 2666 to_command_line->CopySwitchesFrom(from_command_line, | 2660 to_command_line->CopySwitchesFrom(from_command_line, |
| 2667 kWebRtcDevSwitchNames, | 2661 kWebRtcDevSwitchNames, |
| 2668 arraysize(kWebRtcDevSwitchNames)); | 2662 arraysize(kWebRtcDevSwitchNames)); |
| 2669 } | 2663 } |
| 2670 } | 2664 } |
| 2671 #endif // defined(ENABLE_WEBRTC) | 2665 #endif // defined(ENABLE_WEBRTC) |
| 2672 | 2666 |
| 2673 } // namespace chrome | 2667 } // namespace chrome |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 859213006:
Cancel client auth requests when not promptable. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@client-auth-cancel-1