summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAllan Sandfeld Jensen <allan.jensen@digia.com>2014-08-25 15:37:49 +0200
committerAllan Sandfeld Jensen <allan.jensen@digia.com>2014-08-29 14:47:12 +0200
commit66def056d0f0fc8794f622fcfd61f974fce2a3b1 (patch)
tree2f5276dc594e1e737fe4b6245ab96307439c04b3
parent530ab16146b18457d0b3395ea64a6de756a4d22d (diff)
Add Qt WebEngine Widgets API for allowing certificate errors
This adds API for overriding some certificate errors. Once overridden any identical error for the same hostname and certificate will use the same override. Similar API for QtWebEngine QML should be added in a later patch. Change-Id: I144147b86d9b592e3f87346a1e48890acee0c670 Reviewed-by: Jocelyn Turcotte <jocelyn.turcotte@digia.com>
-rw-r--r--examples/webenginewidgets/browser/webview.cpp15
-rw-r--r--examples/webenginewidgets/browser/webview.h1
-rw-r--r--src/core/certificate_error_controller.cpp157
-rw-r--r--src/core/certificate_error_controller.h110
-rw-r--r--src/core/certificate_error_controller_p.h60
-rw-r--r--src/core/content_browser_client_qt.cpp22
-rw-r--r--src/core/content_browser_client_qt.h11
-rw-r--r--src/core/core_gyp_generator.pro3
-rw-r--r--src/core/web_contents_adapter_client.h4
-rw-r--r--src/core/web_contents_delegate_qt.cpp5
-rw-r--r--src/core/web_contents_delegate_qt.h3
-rw-r--r--src/webengine/api/qquickwebengineview.cpp6
-rw-r--r--src/webengine/api/qquickwebengineview_p_p.h1
-rw-r--r--src/webenginewidgets/api/qwebenginecertificateerror.cpp111
-rw-r--r--src/webenginewidgets/api/qwebenginecertificateerror.h84
-rw-r--r--src/webenginewidgets/api/qwebenginepage.cpp19
-rw-r--r--src/webenginewidgets/api/qwebenginepage.h2
-rw-r--r--src/webenginewidgets/api/qwebenginepage_p.h1
-rw-r--r--src/webenginewidgets/webenginewidgets.pro2
19 files changed, 617 insertions, 0 deletions
diff --git a/examples/webenginewidgets/browser/webview.cpp b/examples/webenginewidgets/browser/webview.cpp
index e32ab71d..ce0f7c41 100644
--- a/examples/webenginewidgets/browser/webview.cpp
+++ b/examples/webenginewidgets/browser/webview.cpp
@@ -129,6 +129,21 @@ bool WebPage::acceptNavigationRequest(QWebEngineFrame *frame, const QNetworkRequ
}
#endif
+bool WebPage::certificateError(const QWebEngineCertificateError &error)
+{
+ if (error.isOverridable()) {
+ QMessageBox msgBox;
+ msgBox.setIcon(QMessageBox::Warning);
+ msgBox.setText(error.errorDescription());
+ msgBox.setInformativeText(tr("If you wish so, you may continue with an unverified certicate. Accepting an unverified certicate means you may not be connected with the host you tried to connect to.\nDo you wish to override the security check and continue?"));
+ msgBox.setStandardButtons(QMessageBox::Yes | QMessageBox::No);
+ msgBox.setDefaultButton(QMessageBox::No);
+ return msgBox.exec() == QMessageBox::Yes;
+ }
+ QMessageBox::critical(view(), tr("Certificate Error"), error.errorDescription(), QMessageBox::Ok, QMessageBox::NoButton);
+ return false;
+}
+
class PopupWindow : public QWidget {
Q_OBJECT
public:
diff --git a/examples/webenginewidgets/browser/webview.h b/examples/webenginewidgets/browser/webview.h
index 352954c8..2238abbd 100644
--- a/examples/webenginewidgets/browser/webview.h
+++ b/examples/webenginewidgets/browser/webview.h
@@ -72,6 +72,7 @@ protected:
#if !defined(QT_NO_UITOOLS)
QObject *createPlugin(const QString &classId, const QUrl &url, const QStringList &paramNames, const QStringList &paramValues);
#endif
+ virtual bool certificateError(const QWebEngineCertificateError &error) Q_DECL_OVERRIDE;
private slots:
#if defined(QWEBENGINEPAGE_UNSUPPORTEDCONTENT)
diff --git a/src/core/certificate_error_controller.cpp b/src/core/certificate_error_controller.cpp
new file mode 100644
index 00000000..64e5b36d
--- /dev/null
+++ b/src/core/certificate_error_controller.cpp
@@ -0,0 +1,157 @@
+/****************************************************************************
+**
+** Copyright (C) 2014 Digia Plc and/or its subsidiary(-ies).
+** Contact: http://www.qt-project.org/legal
+**
+** This file is part of the QtWebEngine module of the Qt Toolkit.
+**
+** $QT_BEGIN_LICENSE:LGPL$
+** Commercial License Usage
+** Licensees holding valid commercial Qt licenses may use this file in
+** accordance with the commercial license agreement provided with the
+** Software or, alternatively, in accordance with the terms contained in
+** a written agreement between you and Digia. For licensing terms and
+** conditions see http://qt.digia.com/licensing. For further information
+** use the contact form at http://qt.digia.com/contact-us.
+**
+** GNU Lesser General Public License Usage
+** Alternatively, this file may be used under the terms of the GNU Lesser
+** General Public License version 3 as published by the Free Software
+** Foundation and appearing in the file LICENSE.LGPLv3 included in the
+** packaging of this file. Please review the following information to
+** ensure the GNU Lesser General Public License version 3 requirements
+** will be met: https://www.gnu.org/licenses/lgpl.html.
+**
+** GNU General Public License Usage
+** Alternatively, this file may be used under the terms of the GNU
+** General Public License version 2.0 or later as published by the Free
+** Software Foundation and appearing in the file LICENSE.GPL included in
+** the packaging of this file. Please review the following information to
+** ensure the GNU General Public License version 2.0 requirements will be
+** met: http://www.gnu.org/licenses/gpl-2.0.html.
+**
+** $QT_END_LICENSE$
+**
+****************************************************************************/
+
+#include "certificate_error_controller.h"
+#include "certificate_error_controller_p.h"
+
+#include <net/cert/x509_certificate.h>
+#include <net/ssl/ssl_info.h>
+#include <ui/base/l10n/l10n_util.h>
+#include "chrome/grit/generated_resources.h"
+#include "type_conversion.h"
+
+void CertificateErrorControllerPrivate::accept(bool accepted)
+{
+ callback.Run(accepted);
+}
+
+CertificateErrorControllerPrivate::CertificateErrorControllerPrivate(int cert_error,
+ const net::SSLInfo& ssl_info,
+ const GURL &request_url,
+ ResourceType::Type resource_type,
+ bool _overridable,
+ bool strict_enforcement,
+ const base::Callback<void(bool)>& cb
+ )
+ : certError(CertificateErrorController::CertificateError(cert_error))
+ , requestUrl(toQt(request_url))
+ , resourceType(CertificateErrorController::ResourceType(resource_type))
+ , overridable(_overridable)
+ , strictEnforcement(strict_enforcement)
+ , callback(cb)
+{
+ if (ssl_info.cert) {
+ validStart = toQt(ssl_info.cert->valid_start());
+ validExpiry = toQt(ssl_info.cert->valid_expiry());
+ }
+}
+
+CertificateErrorController::CertificateErrorController(CertificateErrorControllerPrivate *p) : d(p)
+{
+}
+
+CertificateErrorController::~CertificateErrorController()
+{
+ delete d;
+ d = 0;
+}
+
+CertificateErrorController::CertificateError CertificateErrorController::error() const
+{
+ return d->certError;
+}
+
+QUrl CertificateErrorController::url() const
+{
+ return d->requestUrl;
+}
+
+bool CertificateErrorController::overridable() const
+{
+ return d->overridable;
+}
+
+bool CertificateErrorController::strictEnforcement() const
+{
+ return d->strictEnforcement;
+}
+
+void CertificateErrorController::accept(bool accepted)
+{
+ d->accept(accepted);
+}
+
+CertificateErrorController::ResourceType CertificateErrorController::resourceType() const
+{
+ return d->resourceType;
+}
+
+static QString getQStringForMessageId(int message_id) {
+ base::string16 string = l10n_util::GetStringUTF16(message_id);
+ return QString::fromUtf16(string.data(), string.length());
+}
+
+QString CertificateErrorController::errorString() const
+{
+ // Try to use chromiums translation of the error strings, though not all are
+ // consistently described and we need to use versions that does not contain HTML
+ // formatted text.
+ switch (d->certError) {
+ case SslPinnedKeyNotInCertificateChain:
+ return getQStringForMessageId(IDS_ERRORPAGES_SUMMARY_PINNING_FAILURE);
+ case CertificateCommonNameInvalid:
+ return getQStringForMessageId(IDS_CERT_ERROR_COMMON_NAME_INVALID_DESCRIPTION);
+ case CertificateDateInvalid:
+ if (QDateTime::currentDateTime() > d->validExpiry)
+ return getQStringForMessageId(IDS_CERT_ERROR_EXPIRED_DESCRIPTION);
+ else
+ return getQStringForMessageId(IDS_CERT_ERROR_NOT_YET_VALID_DESCRIPTION);
+ case CertificateAuthorityInvalid:
+ return getQStringForMessageId(IDS_CERT_ERROR_AUTHORITY_INVALID_DESCRIPTION);
+ case CertificateContainsErrors:
+ return getQStringForMessageId(IDS_CERT_ERROR_CONTAINS_ERRORS_DESCRIPTION);
+ case CertificateNoRevocationMechanism:
+ return getQStringForMessageId(IDS_CERT_ERROR_NO_REVOCATION_MECHANISM_DETAILS);
+ case CertificateUnableToCheckRevocation:
+ return getQStringForMessageId(IDS_CERT_ERROR_UNABLE_TO_CHECK_REVOCATION_DETAILS);
+ case CertificateRevoked:
+ return getQStringForMessageId(IDS_CERT_ERROR_REVOKED_CERT_DESCRIPTION);
+ case CertificateInvalid:
+ return getQStringForMessageId(IDS_CERT_ERROR_INVALID_CERT_DESCRIPTION);
+ case CertificateWeakSignatureAlgorithm:
+ return getQStringForMessageId(IDS_CERT_ERROR_WEAK_SIGNATURE_ALGORITHM_DESCRIPTION);
+ case CertificateNonUniqueName:
+ return getQStringForMessageId(IDS_PAGE_INFO_SECURITY_TAB_NON_UNIQUE_NAME);
+ case CertificateWeakKey:
+ return getQStringForMessageId(IDS_CERT_ERROR_WEAK_KEY_DESCRIPTION);
+ case CertificateNameConstraintViolation:
+ return getQStringForMessageId(IDS_CERT_ERROR_NAME_CONSTRAINT_VIOLATION_DESCRIPTION);
+ default:
+ break;
+ }
+
+ return getQStringForMessageId(IDS_CERT_ERROR_UNKNOWN_ERROR_DESCRIPTION);
+}
diff --git a/src/core/certificate_error_controller.h b/src/core/certificate_error_controller.h
new file mode 100644
index 00000000..f1e7c5bd
--- /dev/null
+++ b/src/core/certificate_error_controller.h
@@ -0,0 +1,110 @@
+/****************************************************************************
+**
+** Copyright (C) 2014 Digia Plc and/or its subsidiary(-ies).
+** Contact: http://www.qt-project.org/legal
+**
+** This file is part of the QtWebEngine module of the Qt Toolkit.
+**
+** $QT_BEGIN_LICENSE:LGPL$
+** Commercial License Usage
+** Licensees holding valid commercial Qt licenses may use this file in
+** accordance with the commercial license agreement provided with the
+** Software or, alternatively, in accordance with the terms contained in
+** a written agreement between you and Digia. For licensing terms and
+** conditions see http://qt.digia.com/licensing. For further information
+** use the contact form at http://qt.digia.com/contact-us.
+**
+** GNU Lesser General Public License Usage
+** Alternatively, this file may be used under the terms of the GNU Lesser
+** General Public License version 3 as published by the Free Software
+** Foundation and appearing in the file LICENSE.LGPLv3 included in the
+** packaging of this file. Please review the following information to
+** ensure the GNU Lesser General Public License version 3 requirements
+** will be met: https://www.gnu.org/licenses/lgpl.html.
+**
+** GNU General Public License Usage
+** Alternatively, this file may be used under the terms of the GNU
+** General Public License version 2.0 or later as published by the Free
+** Software Foundation and appearing in the file LICENSE.GPL included in
+** the packaging of this file. Please review the following information to
+** ensure the GNU General Public License version 2.0 requirements will be
+** met: http://www.gnu.org/licenses/gpl-2.0.html.
+**
+** $QT_END_LICENSE$
+**
+****************************************************************************/
+
+#ifndef CERTIFICATE_ERROR_CONTROLLER_H
+#define CERTIFICATE_ERROR_CONTROLLER_H
+
+#include "qtwebenginecoreglobal.h"
+
+#include <QtCore/QDateTime>
+#include <QtCore/QSharedData>
+#include <QtCore/QUrl>
+
+class CertificateErrorControllerPrivate;
+
+class QWEBENGINE_EXPORT CertificateErrorController : public QSharedData {
+public:
+ CertificateErrorController(CertificateErrorControllerPrivate *p);
+ ~CertificateErrorController();
+
+ // We can't use QSslError::SslErrors, because the error categories doesn't map.
+ // Keep up to date with net/base/net_errors.h and net::IsCertificateError():
+ enum CertificateError {
+ SslPinnedKeyNotInCertificateChain = -150,
+ CertificateCommonNameInvalid = -200,
+ CertificateDateInvalid = -201,
+ CertificateAuthorityInvalid = -202,
+ CertificateContainsErrors = -203,
+ CertificateNoRevocationMechanism = -204,
+ CertificateUnableToCheckRevocation = -205,
+ CertificateRevoked = -206,
+ CertificateInvalid = -207,
+ CertificateWeakSignatureAlgorithm = -208,
+ CertificateNonUniqueName = -210,
+ CertificateWeakKey = -211,
+ CertificateNameConstraintViolation = -212,
+ };
+
+ CertificateError error() const;
+ QUrl url() const;
+ bool overridable() const;
+ bool strictEnforcement() const;
+ QString errorString() const;
+ QDateTime validStart() const;
+ QDateTime validExpiry() const;
+
+ void accept(bool);
+
+ // Note: The resource type should probably not be exported, since once accepted the certificate exception
+ // counts for all resource types.
+ // Keep up to date with webkit/common/resource_type.h
+ enum ResourceType {
+ ResourceTypeMainFrame = 0, // top level page
+ ResourceTypeSubFrame, // frame or iframe
+ ResourceTypeStylesheet, // a CSS stylesheet
+ ResourceTypeScript, // an external script
+ ResourceTypeImage, // an image (jpg/gif/png/etc)
+ ResourceTypeFont, // a font
+ ResourceTypeOther, // an "other" subresource.
+ ResourceTypeObject, // an object (or embed) tag for a plugin,
+ // or a resource that a plugin requested.
+ ResourceTypeMedia, // a media resource.
+ ResourceTypeWorker, // the main resource of a dedicated worker.
+ ResourceTypeSharedWorker, // the main resource of a shared worker.
+ ResourceTypePrefetch, // an explicitly requested prefetch
+ ResourceTypeFavicon, // a favicon
+ ResourceTypeXHR, // a XMLHttpRequest
+ ResourceTypePing, // a ping request for <a ping>
+ ResourceTypeServiceWorker, // the main resource of a service worker.
+ };
+
+ ResourceType resourceType() const;
+
+private:
+ CertificateErrorControllerPrivate* d;
+};
+
+#endif // CERTIFICATE_ERROR_CONTROLLER_H
diff --git a/src/core/certificate_error_controller_p.h b/src/core/certificate_error_controller_p.h
new file mode 100644
index 00000000..af0ce12a
--- /dev/null
+++ b/src/core/certificate_error_controller_p.h
@@ -0,0 +1,60 @@
+/****************************************************************************
+**
+** Copyright (C) 2014 Digia Plc and/or its subsidiary(-ies).
+** Contact: http://www.qt-project.org/legal
+**
+** This file is part of the QtWebEngine module of the Qt Toolkit.
+**
+** $QT_BEGIN_LICENSE:LGPL$
+** Commercial License Usage
+** Licensees holding valid commercial Qt licenses may use this file in
+** accordance with the commercial license agreement provided with the
+** Software or, alternatively, in accordance with the terms contained in
+** a written agreement between you and Digia. For licensing terms and
+** conditions see http://qt.digia.com/licensing. For further information
+** use the contact form at http://qt.digia.com/contact-us.
+**
+** GNU Lesser General Public License Usage
+** Alternatively, this file may be used under the terms of the GNU Lesser
+** General Public License version 3 as published by the Free Software
+** Foundation and appearing in the file LICENSE.LGPLv3 included in the
+** packaging of this file. Please review the following information to
+** ensure the GNU Lesser General Public License version 3 requirements
+** will be met: https://www.gnu.org/licenses/lgpl.html.
+**
+** GNU General Public License Usage
+** Alternatively, this file may be used under the terms of the GNU
+** General Public License version 2.0 or later as published by the Free
+** Software Foundation and appearing in the file LICENSE.GPL included in
+** the packaging of this file. Please review the following information to
+** ensure the GNU General Public License version 2.0 requirements will be
+** met: http://www.gnu.org/licenses/gpl-2.0.html.
+**
+** $QT_END_LICENSE$
+**
+****************************************************************************/
+
+#ifndef CERTIFICATE_ERROR_CONTROLLER_P_H
+#define CERTIFICATE_ERROR_CONTROLLER_P_H
+
+#include "content/public/browser/content_browser_client.h"
+
+#include "certificate_error_controller.h"
+
+class CertificateErrorControllerPrivate {
+public:
+ CertificateErrorControllerPrivate(int cert_error, const net::SSLInfo& ssl_info, const GURL& request_url, ResourceType::Type resource_type, bool overridable, bool strict_enforcement, const base::Callback<void(bool)>& callback);
+
+ void accept(bool accepted);
+
+ CertificateErrorController::CertificateError certError;
+ const QUrl requestUrl;
+ QDateTime validStart;
+ QDateTime validExpiry;
+ CertificateErrorController::ResourceType resourceType;
+ bool overridable;
+ bool strictEnforcement;
+ const base::Callback<void(bool)>& callback;
+};
+
+#endif // CERTIFICATE_ERROR_CONTROLLER_P_H
diff --git a/src/core/content_browser_client_qt.cpp b/src/core/content_browser_client_qt.cpp
index aa404ece..f19199cc 100644
--- a/src/core/content_browser_client_qt.cpp
+++ b/src/core/content_browser_client_qt.cpp
@@ -42,6 +42,7 @@
#include "content/public/browser/browser_main_parts.h"
#include "content/public/browser/child_process_security_policy.h"
#include "content/public/browser/media_observer.h"
+#include "content/public/browser/render_frame_host.h"
#include "content/public/browser/render_process_host.h"
#include "content/public/browser/render_view_host.h"
#include "content/public/browser/resource_dispatcher_host.h"
@@ -54,6 +55,8 @@
#include "ui/gl/gl_share_group.h"
#include "browser_context_qt.h"
+#include "certificate_error_controller.h"
+#include "certificate_error_controller_p.h"
#include "desktop_screen_qt.h"
#include "dev_tools_http_handler_delegate_qt.h"
#include "media_capture_devices_dispatcher.h"
@@ -345,3 +348,22 @@ void ContentBrowserClientQt::enableInspector(bool enable)
m_devtools.reset();
}
}
+
+void ContentBrowserClientQt::AllowCertificateError(int render_process_id, int render_frame_id, int cert_error,
+ const net::SSLInfo& ssl_info, const GURL& request_url,
+ ResourceType::Type resource_type,
+ bool overridable, bool strict_enforcement,
+ const base::Callback<void(bool)>& callback,
+ content::CertificateRequestResultType* result)
+{
+ // We leave the result with its default value.
+ Q_UNUSED(result);
+
+ content::RenderFrameHost *frameHost = content::RenderFrameHost::FromID(render_process_id, render_frame_id);
+ WebContentsDelegateQt* contentsDelegate = 0;
+ if (content::WebContents *webContents = frameHost->GetRenderViewHost()->GetDelegate()->GetAsWebContents())
+ contentsDelegate = static_cast<WebContentsDelegateQt*>(webContents->GetDelegate());
+
+ QExplicitlySharedDataPointer<CertificateErrorController> errorController(new CertificateErrorController(new CertificateErrorControllerPrivate(cert_error, ssl_info, request_url, resource_type, overridable, strict_enforcement, callback)));
+ contentsDelegate->allowCertificateError(errorController);
+}
diff --git a/src/core/content_browser_client_qt.h b/src/core/content_browser_client_qt.h
index 5bb8ece4..9cf1695f 100644
--- a/src/core/content_browser_client_qt.h
+++ b/src/core/content_browser_client_qt.h
@@ -79,6 +79,17 @@ public:
virtual gfx::GLShareGroup* GetInProcessGpuShareGroup() Q_DECL_OVERRIDE;
virtual content::MediaObserver* GetMediaObserver() Q_DECL_OVERRIDE;
virtual void OverrideWebkitPrefs(content::RenderViewHost *, const GURL &, WebPreferences *) Q_DECL_OVERRIDE;
+ virtual void AllowCertificateError(
+ int render_process_id,
+ int render_frame_id,
+ int cert_error,
+ const net::SSLInfo& ssl_info,
+ const GURL& request_url,
+ ResourceType::Type resource_type,
+ bool overridable,
+ bool strict_enforcement,
+ const base::Callback<void(bool)>& callback,
+ content::CertificateRequestResultType* result) Q_DECL_OVERRIDE;
BrowserContextQt* browser_context();
diff --git a/src/core/core_gyp_generator.pro b/src/core/core_gyp_generator.pro
index b1062600..2ca61bee 100644
--- a/src/core/core_gyp_generator.pro
+++ b/src/core/core_gyp_generator.pro
@@ -39,6 +39,7 @@ SOURCES = \
browser_accessibility_manager_qt.cpp \
browser_accessibility_qt.cpp \
browser_context_qt.cpp \
+ certificate_error_controller.cpp \
chromium_gpu_helper.cpp \
chromium_overrides.cpp \
clipboard_qt.cpp \
@@ -85,6 +86,8 @@ HEADERS = \
browser_accessibility_manager_qt.h \
browser_accessibility_qt.h \
browser_context_qt.h \
+ certificate_error_controller_p.h \
+ certificate_error_controller.h \
chromium_overrides.h \
clipboard_qt.h \
common/qt_messages.h \
diff --git a/src/core/web_contents_adapter_client.h b/src/core/web_contents_adapter_client.h
index 4d918fef..215942f8 100644
--- a/src/core/web_contents_adapter_client.h
+++ b/src/core/web_contents_adapter_client.h
@@ -48,6 +48,7 @@
QT_FORWARD_DECLARE_CLASS(QVariant)
+class CertificateErrorController;
class JavaScriptDialogController;
class RenderWidgetHostViewQt;
class RenderWidgetHostViewQtDelegate;
@@ -172,6 +173,9 @@ public:
virtual void authenticationRequired(const QUrl &requestUrl, const QString &realm, bool isProxy, const QString &challengingHost, QString *outUser, QString *outPassword) = 0;
virtual void runMediaAccessPermissionRequest(const QUrl &securityOrigin, MediaRequestFlags requestFlags) = 0;
virtual WebEngineSettings *webEngineSettings() const = 0;
+
+ virtual void allowCertificateError(const QExplicitlySharedDataPointer<CertificateErrorController> &errorController) = 0;
+
};
#endif // WEB_CONTENTS_ADAPTER_CLIENT_H
diff --git a/src/core/web_contents_delegate_qt.cpp b/src/core/web_contents_delegate_qt.cpp
index 9916ca9e..0523d8b2 100644
--- a/src/core/web_contents_delegate_qt.cpp
+++ b/src/core/web_contents_delegate_qt.cpp
@@ -275,3 +275,8 @@ WebContentsAdapter *WebContentsDelegateQt::createWindow(content::WebContents *ne
return newAdapter;
}
+
+void WebContentsDelegateQt::allowCertificateError(const QExplicitlySharedDataPointer<CertificateErrorController> &errorController)
+{
+ m_viewClient->allowCertificateError(errorController);
+}
diff --git a/src/core/web_contents_delegate_qt.h b/src/core/web_contents_delegate_qt.h
index 22bc8554..c1f0c464 100644
--- a/src/core/web_contents_delegate_qt.h
+++ b/src/core/web_contents_delegate_qt.h
@@ -50,8 +50,10 @@ namespace content {
class JavaScriptDialogManager;
class WebContents;
}
+
struct WebPreferences;
class WebContentsAdapterClient;
+class CertificateErrorController;
class WebContentsDelegateQt : public content::WebContentsDelegate
, public content::WebContentsObserver
@@ -84,6 +86,7 @@ public:
virtual void DidNavigateAnyFrame(const content::LoadCommittedDetails&, const content::FrameNavigateParams& params) Q_DECL_OVERRIDE;
void overrideWebPreferences(content::WebContents *, WebPreferences*);
+ void allowCertificateError(const QExplicitlySharedDataPointer<CertificateErrorController> &) ;
private:
WebContentsAdapter *createWindow(content::WebContents *new_contents, WindowOpenDisposition disposition, const gfx::Rect& initial_pos, bool user_gesture);
diff --git a/src/webengine/api/qquickwebengineview.cpp b/src/webengine/api/qquickwebengineview.cpp
index 97ea61ef..e08232e7 100644
--- a/src/webengine/api/qquickwebengineview.cpp
+++ b/src/webengine/api/qquickwebengineview.cpp
@@ -37,6 +37,7 @@
#include "qquickwebengineview_p.h"
#include "qquickwebengineview_p_p.h"
+#include "certificate_error_controller.h"
#include "javascript_dialog_controller.h"
#include "qquickwebenginehistory_p.h"
#include "qquickwebengineloadrequest_p.h"
@@ -206,6 +207,11 @@ void QQuickWebEngineViewPrivate::javascriptDialog(QSharedPointer<JavaScriptDialo
ui()->showDialog(dialog);
}
+void QQuickWebEngineViewPrivate::allowCertificateError(const QExplicitlySharedDataPointer<CertificateErrorController> &errorController)
+{
+ // ### Implement a way to export this to QML
+ Q_UNUSED(errorController);
+}
void QQuickWebEngineViewPrivate::runFileChooser(FileChooserMode mode, const QString &defaultFileName, const QStringList &acceptedMimeTypes)
{
diff --git a/src/webengine/api/qquickwebengineview_p_p.h b/src/webengine/api/qquickwebengineview_p_p.h
index cbe6697e..e2625553 100644
--- a/src/webengine/api/qquickwebengineview_p_p.h
+++ b/src/webengine/api/qquickwebengineview_p_p.h
@@ -174,6 +174,7 @@ public:
virtual void runMediaAccessPermissionRequest(const QUrl &securityOrigin, MediaRequestFlags requestFlags) Q_DECL_OVERRIDE;
virtual QObject *accessibilityParentObject() Q_DECL_OVERRIDE;
virtual WebEngineSettings *webEngineSettings() const Q_DECL_OVERRIDE;
+ virtual void allowCertificateError(const QExplicitlySharedDataPointer<CertificateErrorController> &errorController);
void setDevicePixelRatio(qreal);
void adoptWebContents(WebContentsAdapter *webContents);
diff --git a/src/webenginewidgets/api/qwebenginecertificateerror.cpp b/src/webenginewidgets/api/qwebenginecertificateerror.cpp
new file mode 100644
index 00000000..7be8c75d
--- /dev/null
+++ b/src/webenginewidgets/api/qwebenginecertificateerror.cpp
@@ -0,0 +1,111 @@
+/****************************************************************************
+**
+** Copyright (C) 2014 Digia Plc and/or its subsidiary(-ies).
+** Contact: http://www.qt-project.org/legal
+**
+** This file is part of the QtWebEngine module of the Qt Toolkit.
+**
+** $QT_BEGIN_LICENSE:LGPL$
+** Commercial License Usage
+** Licensees holding valid commercial Qt licenses may use this file in
+** accordance with the commercial license agreement provided with the
+** Software or, alternatively, in accordance with the terms contained in
+** a written agreement between you and Digia. For licensing terms and
+** conditions see http://qt.digia.com/licensing. For further information
+** use the contact form at http://qt.digia.com/contact-us.
+**
+** GNU Lesser General Public License Usage
+** Alternatively, this file may be used under the terms of the GNU Lesser
+** General Public License version 3 as published by the Free Software
+** Foundation and appearing in the file LICENSE.LGPLv3 included in the
+** packaging of this file. Please review the following information to
+** ensure the GNU Lesser General Public License version 3 requirements
+** will be met: https://www.gnu.org/licenses/lgpl.html.
+**
+** GNU General Public License Usage
+** Alternatively, this file may be used under the terms of the GNU
+** General Public License version 2.0 or later as published by the Free
+** Software Foundation and appearing in the file LICENSE.GPL included in
+** the packaging of this file. Please review the following information to
+** ensure the GNU General Public License version 2.0 requirements will be
+** met: http://www.gnu.org/licenses/gpl-2.0.html.
+**
+** $QT_END_LICENSE$
+**
+****************************************************************************/
+
+#include "qwebenginecertificateerror.h"
+
+QT_BEGIN_NAMESPACE
+
+class QWebEngineCertificateErrorPrivate {
+public:
+ QWebEngineCertificateErrorPrivate(int error, QUrl url, bool overridable, QString errorDescription);
+
+ QWebEngineCertificateError::Error error;
+ QUrl url;
+ bool overridable;
+ QString errorDescription;
+};
+
+QWebEngineCertificateErrorPrivate::QWebEngineCertificateErrorPrivate(int error, QUrl url, bool overridable, QString errorDescription)
+ : error(QWebEngineCertificateError::Error(error))
+ , url(url)
+ , overridable(overridable)
+ , errorDescription(errorDescription)
+{ }
+
+
+QWebEngineCertificateError::QWebEngineCertificateError(int error, QUrl url, bool overridable, QString errorDescription)
+ : d_ptr(new QWebEngineCertificateErrorPrivate(error, url, overridable, errorDescription))
+{ }
+
+QWebEngineCertificateError::~QWebEngineCertificateError()
+{
+}
+
+/*!
+ Returns whether this error can be overridden and accepted.
+
+ \sa error(), errorDescription()
+*/
+bool QWebEngineCertificateError::isOverridable() const
+{
+ const Q_D(QWebEngineCertificateError);
+ return d->overridable;
+}
+
+/*!
+ Returns the URL that triggered the error.
+
+ \sa error(), errorDescription()
+*/
+QUrl QWebEngineCertificateError::url() const
+{
+ const Q_D(QWebEngineCertificateError);
+ return d->url;
+}
+
+/*!
+ Returns the type of the error.
+
+ \sa errorDescription(), isOverridable()
+*/
+QWebEngineCertificateError::Error QWebEngineCertificateError::error() const
+{
+ const Q_D(QWebEngineCertificateError);
+ return d->error;
+}
+
+/*!
+ Returns a short localized human-readable description of the error.
+
+ \sa error(), url(), isOverridable()
+*/
+QString QWebEngineCertificateError::errorDescription() const
+{
+ const Q_D(QWebEngineCertificateError);
+ return d->errorDescription;
+}
+
+QT_END_NAMESPACE
diff --git a/src/webenginewidgets/api/qwebenginecertificateerror.h b/src/webenginewidgets/api/qwebenginecertificateerror.h
new file mode 100644
index 00000000..8cdd6946
--- /dev/null
+++ b/src/webenginewidgets/api/qwebenginecertificateerror.h
@@ -0,0 +1,84 @@
+/****************************************************************************
+**
+** Copyright (C) 2014 Digia Plc and/or its subsidiary(-ies).
+** Contact: http://www.qt-project.org/legal
+**
+** This file is part of the QtWebEngine module of the Qt Toolkit.
+**
+** $QT_BEGIN_LICENSE:LGPL$
+** Commercial License Usage
+** Licensees holding valid commercial Qt licenses may use this file in
+** accordance with the commercial license agreement provided with the
+** Software or, alternatively, in accordance with the terms contained in
+** a written agreement between you and Digia. For licensing terms and
+** conditions see http://qt.digia.com/licensing. For further information
+** use the contact form at http://qt.digia.com/contact-us.
+**
+** GNU Lesser General Public License Usage
+** Alternatively, this file may be used under the terms of the GNU Lesser
+** General Public License version 3 as published by the Free Software
+** Foundation and appearing in the file LICENSE.LGPLv3 included in the
+** packaging of this file. Please review the following information to
+** ensure the GNU Lesser General Public License version 3 requirements
+** will be met: https://www.gnu.org/licenses/lgpl.html.
+**
+** GNU General Public License Usage
+** Alternatively, this file may be used under the terms of the GNU
+** General Public License version 2.0 or later as published by the Free
+** Software Foundation and appearing in the file LICENSE.GPL included in
+** the packaging of this file. Please review the following information to
+** ensure the GNU General Public License version 2.0 requirements will be
+** met: http://www.gnu.org/licenses/gpl-2.0.html.
+**
+** $QT_END_LICENSE$
+**
+****************************************************************************/
+
+#ifndef QWEBENGINECERTIFICATEERROR_H
+#define QWEBENGINECERTIFICATEERROR_H
+
+#include "qtwebenginewidgetsglobal.h"
+
+#include <QtCore/QScopedPointer>
+#include <QtCore/QUrl>
+
+QT_BEGIN_NAMESPACE
+
+class QWebEngineCertificateErrorPrivate;
+
+class QWEBENGINEWIDGETS_EXPORT QWebEngineCertificateError {
+public:
+ QWebEngineCertificateError(int error, QUrl url, bool overridable, QString errorDescription);
+ ~QWebEngineCertificateError();
+
+ // Keep this identical to CertificateErrorController::CertificateError, or add mapping layer.
+ enum Error {
+ SslPinnedKeyNotInCertificateChain = -150,
+ CertificateCommonNameInvalid = -200,
+ CertificateDateInvalid = -201,
+ CertificateAuthorityInvalid = -202,
+ CertificateContainsErrors = -203,
+ CertificateNoRevocationMechanism = -204,
+ CertificateUnableToCheckRevocation = -205,
+ CertificateRevoked = -206,
+ CertificateInvalid = -207,
+ CertificateWeakSignatureAlgorithm = -208,
+ CertificateNonUniqueName = -210,
+ CertificateWeakKey = -211,
+ CertificateNameConstraintViolation = -212,
+ };
+
+ Error error() const;
+ QUrl url() const;
+ bool isOverridable() const;
+ QString errorDescription() const;
+
+private:
+ Q_DISABLE_COPY(QWebEngineCertificateError)
+ Q_DECLARE_PRIVATE(QWebEngineCertificateError);
+ QScopedPointer<QWebEngineCertificateErrorPrivate> d_ptr;
+};
+
+QT_END_NAMESPACE
+
+#endif // QWEBENGINECERTIFICATEERROR_H
diff --git a/src/webenginewidgets/api/qwebenginepage.cpp b/src/webenginewidgets/api/qwebenginepage.cpp
index e8f34a1e..51e733e7 100644
--- a/src/webenginewidgets/api/qwebenginepage.cpp
+++ b/src/webenginewidgets/api/qwebenginepage.cpp
@@ -23,6 +23,7 @@
#include "qwebenginepage.h"
#include "qwebenginepage_p.h"
+#include "certificate_error_controller.h"
#include "javascript_dialog_controller.h"
#include "qwebenginehistory.h"
#include "qwebenginehistory_p.h"
@@ -646,6 +647,18 @@ void QWebEnginePagePrivate::javascriptDialog(QSharedPointer<JavaScriptDialogCont
controller->reject();
}
+void QWebEnginePagePrivate::allowCertificateError(const QExplicitlySharedDataPointer<CertificateErrorController> &controller)
+{
+ Q_Q(QWebEnginePage);
+ bool accepted = false;
+
+ QWebEngineCertificateError error(controller->error(), controller->url(), controller->overridable() && !controller->strictEnforcement(), controller->errorString());
+ accepted = q->certificateError(error);
+
+ if (error.isOverridable())
+ controller->accept(accepted);
+}
+
void QWebEnginePagePrivate::javaScriptConsoleMessage(JavaScriptConsoleMessageLevel level, const QString &message, int lineNumber, const QString &sourceID)
{
Q_Q(QWebEnginePage);
@@ -919,6 +932,12 @@ void QWebEnginePage::javaScriptConsoleMessage(JavaScriptConsoleMessageLevel leve
Q_UNUSED(lineNumber);
Q_UNUSED(sourceID);
}
+
+bool QWebEnginePage::certificateError(const QWebEngineCertificateError &)
+{
+ return false;
+}
+
QT_END_NAMESPACE
#include "moc_qwebenginepage.cpp"
diff --git a/src/webenginewidgets/api/qwebenginepage.h b/src/webenginewidgets/api/qwebenginepage.h
index e1afa14e..66709803 100644
--- a/src/webenginewidgets/api/qwebenginepage.h
+++ b/src/webenginewidgets/api/qwebenginepage.h
@@ -38,6 +38,7 @@
#define QWEBENGINEPAGE_H
#include <QtWebEngineWidgets/qtwebenginewidgetsglobal.h>
+#include <QtWebEngineWidgets/qwebenginecertificateerror.h>
#include <QtCore/qobject.h>
#include <QtCore/qurl.h>
@@ -228,6 +229,7 @@ protected:
virtual bool javaScriptConfirm(const QUrl &securityOrigin, const QString& msg);
virtual bool javaScriptPrompt(const QUrl &securityOrigin, const QString& msg, const QString& defaultValue, QString* result);
virtual void javaScriptConsoleMessage(JavaScriptConsoleMessageLevel level, const QString& message, int lineNumber, const QString& sourceID);
+ virtual bool certificateError(const QWebEngineCertificateError &certificateError);
private:
Q_DECLARE_PRIVATE(QWebEnginePage);
diff --git a/src/webenginewidgets/api/qwebenginepage_p.h b/src/webenginewidgets/api/qwebenginepage_p.h
index 40e44a07..10a253d8 100644
--- a/src/webenginewidgets/api/qwebenginepage_p.h
+++ b/src/webenginewidgets/api/qwebenginepage_p.h
@@ -137,6 +137,7 @@ public:
virtual void runMediaAccessPermissionRequest(const QUrl &securityOrigin, MediaRequestFlags requestFlags) Q_DECL_OVERRIDE;
virtual QObject *accessibilityParentObject() Q_DECL_OVERRIDE;
virtual WebEngineSettings *webEngineSettings() const Q_DECL_OVERRIDE;
+ virtual void allowCertificateError(const QExplicitlySharedDataPointer<CertificateErrorController> &controller) Q_DECL_OVERRIDE;
void updateAction(QWebEnginePage::WebAction) const;
void updateNavigationActions();
diff --git a/src/webenginewidgets/webenginewidgets.pro b/src/webenginewidgets/webenginewidgets.pro
index d4cce259..37a07630 100644
--- a/src/webenginewidgets/webenginewidgets.pro
+++ b/src/webenginewidgets/webenginewidgets.pro
@@ -14,6 +14,7 @@ INCLUDEPATH += $$PWD api ../core ../webengine/api
SOURCES = \
api/qtwebenginewidgetsglobal.cpp \
+ api/qwebenginecertificateerror.cpp \
api/qwebenginehistory.cpp \
api/qwebenginepage.cpp \
api/qwebenginesettings.cpp \
@@ -22,6 +23,7 @@ SOURCES = \
HEADERS = \
api/qtwebenginewidgetsglobal.h \
+ api/qwebenginecertificateerror.h \
api/qwebenginehistory.h \
api/qwebenginepage.h \
api/qwebenginepage_p.h \