Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(8490)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/ssl/chrome_ssl_host_state_delegate.cc

Issue 887223005: Skip interstitials and don't block requests for localhost SSL errors (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: fixes from previous round of feedback Created 5 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/about_flags.cc ('k') | chrome/browser/ssl/chrome_ssl_host_state_delegate_test.cc » ('j') | chrome/browser/ssl/chrome_ssl_host_state_delegate_test.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/ssl/chrome_ssl_host_state_delegate.cc
diff --git a/chrome/browser/ssl/chrome_ssl_host_state_delegate.cc b/chrome/browser/ssl/chrome_ssl_host_state_delegate.cc
index e179edb926b9ef8df5a97c152f88933e09be8c57..d82a47ab7327babf90eb3a9f80ebb7d93d4e2e48 100644
--- a/chrome/browser/ssl/chrome_ssl_host_state_delegate.cc
+++ b/chrome/browser/ssl/chrome_ssl_host_state_delegate.cc
@@ -22,7 +22,9 @@
#include "components/content_settings/core/browser/host_content_settings_map.h"
#include "components/content_settings/core/common/content_settings_types.h"
#include "components/variations/variations_associated_data.h"
+#include "content/public/common/content_switches.h"
#include "net/base/hash_value.h"
+#include "net/base/net_util.h"
#include "net/cert/x509_certificate.h"
#include "net/http/http_transaction_factory.h"
#include "net/url_request/url_request_context.h"
@@ -327,6 +329,15 @@ ChromeSSLHostStateDelegate::QueryPolicy(const std::string& host,
scoped_ptr<base::Value> value(map->GetWebsiteSetting(
url, url, CONTENT_SETTINGS_TYPE_SSL_CERT_DECISIONS, std::string(), NULL));
+ // If the appropriate flag is set, let requests on localhost go
+ // through even if there are certificate errors. Errors on localhost
+ // are unlikely to indicate actual security problems.
+ bool allow_localhost = base::CommandLine::ForCurrentProcess()->
jww 2015/02/09 19:29:38 The "*expired_previous_decision = false;" line sho
estark 2015/02/09 20:48:40 Done.
+ HasSwitch(switches::kAllowInsecureLocalhost);
+ if (allow_localhost && net::IsLocalhost(url.host())) {
+ return ALLOWED;
+ }
Ryan Sleevi 2015/02/09 19:31:34 Note: Consistent with the style in the rest of thi
estark 2015/02/09 20:48:40 Done.
+
// Set a default value in case this method is short circuited and doesn't do a
// full query.
*expired_previous_decision = false;
« no previous file with comments | « chrome/browser/about_flags.cc ('k') | chrome/browser/ssl/chrome_ssl_host_state_delegate_test.cc » ('j') | chrome/browser/ssl/chrome_ssl_host_state_delegate_test.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698