diff options
author | Allan Sandfeld Jensen <allan.jensen@theqtcompany.com> | 2016-02-23 10:27:13 +0100 |
---|---|---|
committer | Allan Sandfeld Jensen <allan.jensen@theqtcompany.com> | 2016-02-23 15:58:59 +0000 |
commit | f0ae944eaed5e551fd680bd0126f0f500faab432 (patch) | |
tree | 8bcceca7f9e56bb47009d7d4e17c16acb420cdd1 /src | |
parent | e584796e1563358e9ac828552e6a187a9d8f2541 (diff) |
Always reject non-overridable certificate errors
We don't call the callback in case the error can't be allowed anyway,
so we should tell the caller right away the error was denied.
Task-number: QTBUG-50581
Change-Id: I8fcd72b7fbab5a8cbaffba95c6f97777c301cb64
Reviewed-by: Michael BrĂ¼ning <michael.bruning@theqtcompany.com>
Diffstat (limited to 'src')
-rw-r--r-- | src/core/content_browser_client_qt.cpp | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/src/core/content_browser_client_qt.cpp b/src/core/content_browser_client_qt.cpp index 078874da1..18f8dbadd 100644 --- a/src/core/content_browser_client_qt.cpp +++ b/src/core/content_browser_client_qt.cpp @@ -400,9 +400,6 @@ void ContentBrowserClientQt::AllowCertificateError(int render_process_id, int re const base::Callback<void(bool)>& callback, content::CertificateRequestResultType* result) { - // We leave the result with its default value. - Q_UNUSED(result); - content::RenderFrameHost *frameHost = content::RenderFrameHost::FromID(render_process_id, render_frame_id); WebContentsDelegateQt* contentsDelegate = 0; if (content::WebContents *webContents = frameHost->GetRenderViewHost()->GetDelegate()->GetAsWebContents()) @@ -410,6 +407,10 @@ void ContentBrowserClientQt::AllowCertificateError(int render_process_id, int re QSharedPointer<CertificateErrorController> errorController(new CertificateErrorController(new CertificateErrorControllerPrivate(cert_error, ssl_info, request_url, resource_type, overridable, strict_enforcement, callback))); contentsDelegate->allowCertificateError(errorController); + + // If we don't give the user a chance to allow it, we can reject it right away. + if (result && (!overridable || strict_enforcement)) + *result = content::CERTIFICATE_REQUEST_RESULT_TYPE_DENY; } content::LocationProvider *ContentBrowserClientQt::OverrideSystemLocationProvider() |