| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chrome_content_browser_client.h" | 5 #include "chrome/browser/chrome_content_browser_client.h" |
| 6 | 6 |
| 7 #include <set> | 7 #include <set> |
| 8 #include <utility> | 8 #include <utility> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| (...skipping 94 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 105 #include "components/pref_registry/pref_registry_syncable.h" | 105 #include "components/pref_registry/pref_registry_syncable.h" |
| 106 #include "components/signin/core/common/profile_management_switches.h" | 106 #include "components/signin/core/common/profile_management_switches.h" |
| 107 #include "components/translate/core/common/translate_switches.h" | 107 #include "components/translate/core/common/translate_switches.h" |
| 108 #include "content/public/browser/browser_child_process_host.h" | 108 #include "content/public/browser/browser_child_process_host.h" |
| 109 #include "content/public/browser/browser_main_parts.h" | 109 #include "content/public/browser/browser_main_parts.h" |
| 110 #include "content/public/browser/browser_ppapi_host.h" | 110 #include "content/public/browser/browser_ppapi_host.h" |
| 111 #include "content/public/browser/browser_thread.h" | 111 #include "content/public/browser/browser_thread.h" |
| 112 #include "content/public/browser/browser_url_handler.h" | 112 #include "content/public/browser/browser_url_handler.h" |
| 113 #include "content/public/browser/child_process_data.h" | 113 #include "content/public/browser/child_process_data.h" |
| 114 #include "content/public/browser/child_process_security_policy.h" | 114 #include "content/public/browser/child_process_security_policy.h" |
| 115 #include "content/public/browser/client_certificate_delegate.h" |
| 115 #include "content/public/browser/permission_type.h" | 116 #include "content/public/browser/permission_type.h" |
| 116 #include "content/public/browser/render_frame_host.h" | 117 #include "content/public/browser/render_frame_host.h" |
| 117 #include "content/public/browser/render_process_host.h" | 118 #include "content/public/browser/render_process_host.h" |
| 118 #include "content/public/browser/render_view_host.h" | 119 #include "content/public/browser/render_view_host.h" |
| 119 #include "content/public/browser/resource_context.h" | 120 #include "content/public/browser/resource_context.h" |
| 120 #include "content/public/browser/site_instance.h" | 121 #include "content/public/browser/site_instance.h" |
| 121 #include "content/public/browser/web_contents.h" | 122 #include "content/public/browser/web_contents.h" |
| 122 #include "content/public/common/child_process_host.h" | 123 #include "content/public/common/child_process_host.h" |
| 123 #include "content/public/common/content_descriptors.h" | 124 #include "content/public/common/content_descriptors.h" |
| 124 #include "content/public/common/url_utils.h" | 125 #include "content/public/common/url_utils.h" |
| (...skipping 1711 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1836 if (strict_enforcement) | 1837 if (strict_enforcement) |
| 1837 options_mask |= SSLBlockingPage::STRICT_ENFORCEMENT; | 1838 options_mask |= SSLBlockingPage::STRICT_ENFORCEMENT; |
| 1838 if (expired_previous_decision) | 1839 if (expired_previous_decision) |
| 1839 options_mask |= SSLBlockingPage::EXPIRED_BUT_PREVIOUSLY_ALLOWED; | 1840 options_mask |= SSLBlockingPage::EXPIRED_BUT_PREVIOUSLY_ALLOWED; |
| 1840 | 1841 |
| 1841 SSLErrorHandler::HandleSSLError( | 1842 SSLErrorHandler::HandleSSLError( |
| 1842 tab, cert_error, ssl_info, request_url, options_mask, callback); | 1843 tab, cert_error, ssl_info, request_url, options_mask, callback); |
| 1843 } | 1844 } |
| 1844 | 1845 |
| 1845 void ChromeContentBrowserClient::SelectClientCertificate( | 1846 void ChromeContentBrowserClient::SelectClientCertificate( |
| 1846 int render_process_id, | 1847 content::WebContents* web_contents, |
| 1847 int render_frame_id, | |
| 1848 net::SSLCertRequestInfo* cert_request_info, | 1848 net::SSLCertRequestInfo* cert_request_info, |
| 1849 const base::Callback<void(net::X509Certificate*)>& callback) { | 1849 scoped_ptr<content::ClientCertificateDelegate> delegate) { |
| 1850 content::RenderFrameHost* rfh = content::RenderFrameHost::FromID( | 1850 prerender::PrerenderContents* prerender_contents = |
| 1851 render_process_id, render_frame_id); | 1851 prerender::PrerenderContents::FromWebContents(web_contents); |
| 1852 WebContents* tab = WebContents::FromRenderFrameHost(rfh); | 1852 if (prerender_contents) { |
| 1853 if (!tab) { | 1853 prerender_contents->Destroy( |
| 1854 // TODO(davidben): This makes the request hang, but returning no certificate | 1854 prerender::FINAL_STATUS_SSL_CLIENT_CERTIFICATE_REQUESTED); |
| 1855 // also breaks. It should abort the request. See https://crbug.com/417092 | 1855 delegate->CancelCertificateSelection(); |
| 1856 return; | 1856 return; |
| 1857 } | 1857 } |
| 1858 | 1858 |
| 1859 prerender::PrerenderContents* prerender_contents = | |
| 1860 prerender::PrerenderContents::FromWebContents(tab); | |
| 1861 if (prerender_contents) { | |
| 1862 prerender_contents->Destroy( | |
| 1863 prerender::FINAL_STATUS_SSL_CLIENT_CERTIFICATE_REQUESTED); | |
| 1864 return; | |
| 1865 } | |
| 1866 | |
| 1867 GURL requesting_url("https://" + cert_request_info->host_and_port.ToString()); | 1859 GURL requesting_url("https://" + cert_request_info->host_and_port.ToString()); |
| 1868 DCHECK(requesting_url.is_valid()) | 1860 DCHECK(requesting_url.is_valid()) |
| 1869 << "Invalid URL string: https://" | 1861 << "Invalid URL string: https://" |
| 1870 << cert_request_info->host_and_port.ToString(); | 1862 << cert_request_info->host_and_port.ToString(); |
| 1871 | 1863 |
| 1872 Profile* profile = Profile::FromBrowserContext(tab->GetBrowserContext()); | 1864 Profile* profile = |
| 1865 Profile::FromBrowserContext(web_contents->GetBrowserContext()); |
| 1873 scoped_ptr<base::Value> filter = | 1866 scoped_ptr<base::Value> filter = |
| 1874 profile->GetHostContentSettingsMap()->GetWebsiteSetting( | 1867 profile->GetHostContentSettingsMap()->GetWebsiteSetting( |
| 1875 requesting_url, | 1868 requesting_url, |
| 1876 requesting_url, | 1869 requesting_url, |
| 1877 CONTENT_SETTINGS_TYPE_AUTO_SELECT_CERTIFICATE, | 1870 CONTENT_SETTINGS_TYPE_AUTO_SELECT_CERTIFICATE, |
| 1878 std::string(), | 1871 std::string(), |
| 1879 NULL); | 1872 NULL); |
| 1880 | 1873 |
| 1881 if (filter.get()) { | 1874 if (filter.get()) { |
| 1882 // Try to automatically select a client certificate. | 1875 // Try to automatically select a client certificate. |
| 1883 if (filter->IsType(base::Value::TYPE_DICTIONARY)) { | 1876 if (filter->IsType(base::Value::TYPE_DICTIONARY)) { |
| 1884 base::DictionaryValue* filter_dict = | 1877 base::DictionaryValue* filter_dict = |
| 1885 static_cast<base::DictionaryValue*>(filter.get()); | 1878 static_cast<base::DictionaryValue*>(filter.get()); |
| 1886 | 1879 |
| 1887 const std::vector<scoped_refptr<net::X509Certificate> >& | 1880 const std::vector<scoped_refptr<net::X509Certificate> >& |
| 1888 all_client_certs = cert_request_info->client_certs; | 1881 all_client_certs = cert_request_info->client_certs; |
| 1889 for (size_t i = 0; i < all_client_certs.size(); ++i) { | 1882 for (size_t i = 0; i < all_client_certs.size(); ++i) { |
| 1890 if (CertMatchesFilter(*all_client_certs[i].get(), *filter_dict)) { | 1883 if (CertMatchesFilter(*all_client_certs[i].get(), *filter_dict)) { |
| 1891 // Use the first certificate that is matched by the filter. | 1884 // Use the first certificate that is matched by the filter. |
| 1892 callback.Run(all_client_certs[i].get()); | 1885 delegate->ContinueWithCertificate(all_client_certs[i].get()); |
| 1893 return; | 1886 return; |
| 1894 } | 1887 } |
| 1895 } | 1888 } |
| 1896 } else { | 1889 } else { |
| 1897 NOTREACHED(); | 1890 NOTREACHED(); |
| 1898 } | 1891 } |
| 1899 } | 1892 } |
| 1900 | 1893 |
| 1901 chrome::ShowSSLClientCertificateSelector(tab, cert_request_info, callback); | 1894 chrome::ShowSSLClientCertificateSelector(web_contents, cert_request_info, |
| 1895 delegate.Pass()); |
| 1902 } | 1896 } |
| 1903 | 1897 |
| 1904 void ChromeContentBrowserClient::AddCertificate( | 1898 void ChromeContentBrowserClient::AddCertificate( |
| 1905 net::CertificateMimeType cert_type, | 1899 net::CertificateMimeType cert_type, |
| 1906 const void* cert_data, | 1900 const void* cert_data, |
| 1907 size_t cert_size, | 1901 size_t cert_size, |
| 1908 int render_process_id, | 1902 int render_process_id, |
| 1909 int render_frame_id) { | 1903 int render_frame_id) { |
| 1910 chrome::SSLAddCertificate(cert_type, cert_data, cert_size, | 1904 chrome::SSLAddCertificate(cert_type, cert_data, cert_size, |
| 1911 render_process_id, render_frame_id); | 1905 render_process_id, render_frame_id); |
| (...skipping 722 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2634 switches::kDisableWebRtcEncryption, | 2628 switches::kDisableWebRtcEncryption, |
| 2635 }; | 2629 }; |
| 2636 to_command_line->CopySwitchesFrom(from_command_line, | 2630 to_command_line->CopySwitchesFrom(from_command_line, |
| 2637 kWebRtcDevSwitchNames, | 2631 kWebRtcDevSwitchNames, |
| 2638 arraysize(kWebRtcDevSwitchNames)); | 2632 arraysize(kWebRtcDevSwitchNames)); |
| 2639 } | 2633 } |
| 2640 } | 2634 } |
| 2641 #endif // defined(ENABLE_WEBRTC) | 2635 #endif // defined(ENABLE_WEBRTC) |
| 2642 | 2636 |
| 2643 } // namespace chrome | 2637 } // namespace chrome |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 859213006:
Cancel client auth requests when not promptable. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@client-auth-cancel-1