diff options
19 files changed, 617 insertions, 0 deletions
diff --git a/examples/webenginewidgets/browser/webview.cpp b/examples/webenginewidgets/browser/webview.cpp index e32ab71d6..ce0f7c418 100644 --- a/examples/webenginewidgets/browser/webview.cpp +++ b/examples/webenginewidgets/browser/webview.cpp @@ -129,6 +129,21 @@ bool WebPage::acceptNavigationRequest(QWebEngineFrame *frame, const QNetworkRequ } #endif +bool WebPage::certificateError(const QWebEngineCertificateError &error) +{ + if (error.isOverridable()) { + QMessageBox msgBox; + msgBox.setIcon(QMessageBox::Warning); + msgBox.setText(error.errorDescription()); + msgBox.setInformativeText(tr("If you wish so, you may continue with an unverified certicate. Accepting an unverified certicate means you may not be connected with the host you tried to connect to.\nDo you wish to override the security check and continue?")); + msgBox.setStandardButtons(QMessageBox::Yes | QMessageBox::No); + msgBox.setDefaultButton(QMessageBox::No); + return msgBox.exec() == QMessageBox::Yes; + } + QMessageBox::critical(view(), tr("Certificate Error"), error.errorDescription(), QMessageBox::Ok, QMessageBox::NoButton); + return false; +} + class PopupWindow : public QWidget { Q_OBJECT public: diff --git a/examples/webenginewidgets/browser/webview.h b/examples/webenginewidgets/browser/webview.h index 352954c8d..2238abbd5 100644 --- a/examples/webenginewidgets/browser/webview.h +++ b/examples/webenginewidgets/browser/webview.h @@ -72,6 +72,7 @@ protected: #if !defined(QT_NO_UITOOLS) QObject *createPlugin(const QString &classId, const QUrl &url, const QStringList ¶mNames, const QStringList ¶mValues); #endif + virtual bool certificateError(const QWebEngineCertificateError &error) Q_DECL_OVERRIDE; private slots: #if defined(QWEBENGINEPAGE_UNSUPPORTEDCONTENT) diff --git a/src/core/certificate_error_controller.cpp b/src/core/certificate_error_controller.cpp new file mode 100644 index 000000000..64e5b36d4 --- /dev/null +++ b/src/core/certificate_error_controller.cpp @@ -0,0 +1,157 @@ +/**************************************************************************** +** +** Copyright (C) 2014 Digia Plc and/or its subsidiary(-ies). +** Contact: http://www.qt-project.org/legal +** +** This file is part of the QtWebEngine module of the Qt Toolkit. +** +** $QT_BEGIN_LICENSE:LGPL$ +** Commercial License Usage +** Licensees holding valid commercial Qt licenses may use this file in +** accordance with the commercial license agreement provided with the +** Software or, alternatively, in accordance with the terms contained in +** a written agreement between you and Digia. For licensing terms and +** conditions see http://qt.digia.com/licensing. For further information +** use the contact form at http://qt.digia.com/contact-us. +** +** GNU Lesser General Public License Usage +** Alternatively, this file may be used under the terms of the GNU Lesser +** General Public License version 3 as published by the Free Software +** Foundation and appearing in the file LICENSE.LGPLv3 included in the +** packaging of this file. Please review the following information to +** ensure the GNU Lesser General Public License version 3 requirements +** will be met: https://www.gnu.org/licenses/lgpl.html. +** +** GNU General Public License Usage +** Alternatively, this file may be used under the terms of the GNU +** General Public License version 2.0 or later as published by the Free +** Software Foundation and appearing in the file LICENSE.GPL included in +** the packaging of this file. Please review the following information to +** ensure the GNU General Public License version 2.0 requirements will be +** met: http://www.gnu.org/licenses/gpl-2.0.html. +** +** $QT_END_LICENSE$ +** +****************************************************************************/ + +#include "certificate_error_controller.h" +#include "certificate_error_controller_p.h" + +#include <net/cert/x509_certificate.h> +#include <net/ssl/ssl_info.h> +#include <ui/base/l10n/l10n_util.h> +#include "chrome/grit/generated_resources.h" +#include "type_conversion.h" + +void CertificateErrorControllerPrivate::accept(bool accepted) +{ + callback.Run(accepted); +} + +CertificateErrorControllerPrivate::CertificateErrorControllerPrivate(int cert_error, + const net::SSLInfo& ssl_info, + const GURL &request_url, + ResourceType::Type resource_type, + bool _overridable, + bool strict_enforcement, + const base::Callback<void(bool)>& cb + ) + : certError(CertificateErrorController::CertificateError(cert_error)) + , requestUrl(toQt(request_url)) + , resourceType(CertificateErrorController::ResourceType(resource_type)) + , overridable(_overridable) + , strictEnforcement(strict_enforcement) + , callback(cb) +{ + if (ssl_info.cert) { + validStart = toQt(ssl_info.cert->valid_start()); + validExpiry = toQt(ssl_info.cert->valid_expiry()); + } +} + +CertificateErrorController::CertificateErrorController(CertificateErrorControllerPrivate *p) : d(p) +{ +} + +CertificateErrorController::~CertificateErrorController() +{ + delete d; + d = 0; +} + +CertificateErrorController::CertificateError CertificateErrorController::error() const +{ + return d->certError; +} + +QUrl CertificateErrorController::url() const +{ + return d->requestUrl; +} + +bool CertificateErrorController::overridable() const +{ + return d->overridable; +} + +bool CertificateErrorController::strictEnforcement() const +{ + return d->strictEnforcement; +} + +void CertificateErrorController::accept(bool accepted) +{ + d->accept(accepted); +} + +CertificateErrorController::ResourceType CertificateErrorController::resourceType() const +{ + return d->resourceType; +} + +static QString getQStringForMessageId(int message_id) { + base::string16 string = l10n_util::GetStringUTF16(message_id); + return QString::fromUtf16(string.data(), string.length()); +} + +QString CertificateErrorController::errorString() const +{ + // Try to use chromiums translation of the error strings, though not all are + // consistently described and we need to use versions that does not contain HTML + // formatted text. + switch (d->certError) { + case SslPinnedKeyNotInCertificateChain: + return getQStringForMessageId(IDS_ERRORPAGES_SUMMARY_PINNING_FAILURE); + case CertificateCommonNameInvalid: + return getQStringForMessageId(IDS_CERT_ERROR_COMMON_NAME_INVALID_DESCRIPTION); + case CertificateDateInvalid: + if (QDateTime::currentDateTime() > d->validExpiry) + return getQStringForMessageId(IDS_CERT_ERROR_EXPIRED_DESCRIPTION); + else + return getQStringForMessageId(IDS_CERT_ERROR_NOT_YET_VALID_DESCRIPTION); + case CertificateAuthorityInvalid: + return getQStringForMessageId(IDS_CERT_ERROR_AUTHORITY_INVALID_DESCRIPTION); + case CertificateContainsErrors: + return getQStringForMessageId(IDS_CERT_ERROR_CONTAINS_ERRORS_DESCRIPTION); + case CertificateNoRevocationMechanism: + return getQStringForMessageId(IDS_CERT_ERROR_NO_REVOCATION_MECHANISM_DETAILS); + case CertificateUnableToCheckRevocation: + return getQStringForMessageId(IDS_CERT_ERROR_UNABLE_TO_CHECK_REVOCATION_DETAILS); + case CertificateRevoked: + return getQStringForMessageId(IDS_CERT_ERROR_REVOKED_CERT_DESCRIPTION); + case CertificateInvalid: + return getQStringForMessageId(IDS_CERT_ERROR_INVALID_CERT_DESCRIPTION); + case CertificateWeakSignatureAlgorithm: + return getQStringForMessageId(IDS_CERT_ERROR_WEAK_SIGNATURE_ALGORITHM_DESCRIPTION); + case CertificateNonUniqueName: + return getQStringForMessageId(IDS_PAGE_INFO_SECURITY_TAB_NON_UNIQUE_NAME); + case CertificateWeakKey: + return getQStringForMessageId(IDS_CERT_ERROR_WEAK_KEY_DESCRIPTION); + case CertificateNameConstraintViolation: + return getQStringForMessageId(IDS_CERT_ERROR_NAME_CONSTRAINT_VIOLATION_DESCRIPTION); + default: + break; + } + + return getQStringForMessageId(IDS_CERT_ERROR_UNKNOWN_ERROR_DESCRIPTION); +} diff --git a/src/core/certificate_error_controller.h b/src/core/certificate_error_controller.h new file mode 100644 index 000000000..f1e7c5bd8 --- /dev/null +++ b/src/core/certificate_error_controller.h @@ -0,0 +1,110 @@ +/**************************************************************************** +** +** Copyright (C) 2014 Digia Plc and/or its subsidiary(-ies). +** Contact: http://www.qt-project.org/legal +** +** This file is part of the QtWebEngine module of the Qt Toolkit. +** +** $QT_BEGIN_LICENSE:LGPL$ +** Commercial License Usage +** Licensees holding valid commercial Qt licenses may use this file in +** accordance with the commercial license agreement provided with the +** Software or, alternatively, in accordance with the terms contained in +** a written agreement between you and Digia. For licensing terms and +** conditions see http://qt.digia.com/licensing. For further information +** use the contact form at http://qt.digia.com/contact-us. +** +** GNU Lesser General Public License Usage +** Alternatively, this file may be used under the terms of the GNU Lesser +** General Public License version 3 as published by the Free Software +** Foundation and appearing in the file LICENSE.LGPLv3 included in the +** packaging of this file. Please review the following information to +** ensure the GNU Lesser General Public License version 3 requirements +** will be met: https://www.gnu.org/licenses/lgpl.html. +** +** GNU General Public License Usage +** Alternatively, this file may be used under the terms of the GNU +** General Public License version 2.0 or later as published by the Free +** Software Foundation and appearing in the file LICENSE.GPL included in +** the packaging of this file. Please review the following information to +** ensure the GNU General Public License version 2.0 requirements will be +** met: http://www.gnu.org/licenses/gpl-2.0.html. +** +** $QT_END_LICENSE$ +** +****************************************************************************/ + +#ifndef CERTIFICATE_ERROR_CONTROLLER_H +#define CERTIFICATE_ERROR_CONTROLLER_H + +#include "qtwebenginecoreglobal.h" + +#include <QtCore/QDateTime> +#include <QtCore/QSharedData> +#include <QtCore/QUrl> + +class CertificateErrorControllerPrivate; + +class QWEBENGINE_EXPORT CertificateErrorController : public QSharedData { +public: + CertificateErrorController(CertificateErrorControllerPrivate *p); + ~CertificateErrorController(); + + // We can't use QSslError::SslErrors, because the error categories doesn't map. + // Keep up to date with net/base/net_errors.h and net::IsCertificateError(): + enum CertificateError { + SslPinnedKeyNotInCertificateChain = -150, + CertificateCommonNameInvalid = -200, + CertificateDateInvalid = -201, + CertificateAuthorityInvalid = -202, + CertificateContainsErrors = -203, + CertificateNoRevocationMechanism = -204, + CertificateUnableToCheckRevocation = -205, + CertificateRevoked = -206, + CertificateInvalid = -207, + CertificateWeakSignatureAlgorithm = -208, + CertificateNonUniqueName = -210, + CertificateWeakKey = -211, + CertificateNameConstraintViolation = -212, + }; + + CertificateError error() const; + QUrl url() const; + bool overridable() const; + bool strictEnforcement() const; + QString errorString() const; + QDateTime validStart() const; + QDateTime validExpiry() const; + + void accept(bool); + + // Note: The resource type should probably not be exported, since once accepted the certificate exception + // counts for all resource types. + // Keep up to date with webkit/common/resource_type.h + enum ResourceType { + ResourceTypeMainFrame = 0, // top level page + ResourceTypeSubFrame, // frame or iframe + ResourceTypeStylesheet, // a CSS stylesheet + ResourceTypeScript, // an external script + ResourceTypeImage, // an image (jpg/gif/png/etc) + ResourceTypeFont, // a font + ResourceTypeOther, // an "other" subresource. + ResourceTypeObject, // an object (or embed) tag for a plugin, + // or a resource that a plugin requested. + ResourceTypeMedia, // a media resource. + ResourceTypeWorker, // the main resource of a dedicated worker. + ResourceTypeSharedWorker, // the main resource of a shared worker. + ResourceTypePrefetch, // an explicitly requested prefetch + ResourceTypeFavicon, // a favicon + ResourceTypeXHR, // a XMLHttpRequest + ResourceTypePing, // a ping request for <a ping> + ResourceTypeServiceWorker, // the main resource of a service worker. + }; + + ResourceType resourceType() const; + +private: + CertificateErrorControllerPrivate* d; +}; + +#endif // CERTIFICATE_ERROR_CONTROLLER_H diff --git a/src/core/certificate_error_controller_p.h b/src/core/certificate_error_controller_p.h new file mode 100644 index 000000000..af0ce12aa --- /dev/null +++ b/src/core/certificate_error_controller_p.h @@ -0,0 +1,60 @@ +/**************************************************************************** +** +** Copyright (C) 2014 Digia Plc and/or its subsidiary(-ies). +** Contact: http://www.qt-project.org/legal +** +** This file is part of the QtWebEngine module of the Qt Toolkit. +** +** $QT_BEGIN_LICENSE:LGPL$ +** Commercial License Usage +** Licensees holding valid commercial Qt licenses may use this file in +** accordance with the commercial license agreement provided with the +** Software or, alternatively, in accordance with the terms contained in +** a written agreement between you and Digia. For licensing terms and +** conditions see http://qt.digia.com/licensing. For further information +** use the contact form at http://qt.digia.com/contact-us. +** +** GNU Lesser General Public License Usage +** Alternatively, this file may be used under the terms of the GNU Lesser +** General Public License version 3 as published by the Free Software +** Foundation and appearing in the file LICENSE.LGPLv3 included in the +** packaging of this file. Please review the following information to +** ensure the GNU Lesser General Public License version 3 requirements +** will be met: https://www.gnu.org/licenses/lgpl.html. +** +** GNU General Public License Usage +** Alternatively, this file may be used under the terms of the GNU +** General Public License version 2.0 or later as published by the Free +** Software Foundation and appearing in the file LICENSE.GPL included in +** the packaging of this file. Please review the following information to +** ensure the GNU General Public License version 2.0 requirements will be +** met: http://www.gnu.org/licenses/gpl-2.0.html. +** +** $QT_END_LICENSE$ +** +****************************************************************************/ + +#ifndef CERTIFICATE_ERROR_CONTROLLER_P_H +#define CERTIFICATE_ERROR_CONTROLLER_P_H + +#include "content/public/browser/content_browser_client.h" + +#include "certificate_error_controller.h" + +class CertificateErrorControllerPrivate { +public: + CertificateErrorControllerPrivate(int cert_error, const net::SSLInfo& ssl_info, const GURL& request_url, ResourceType::Type resource_type, bool overridable, bool strict_enforcement, const base::Callback<void(bool)>& callback); + + void accept(bool accepted); + + CertificateErrorController::CertificateError certError; + const QUrl requestUrl; + QDateTime validStart; + QDateTime validExpiry; + CertificateErrorController::ResourceType resourceType; + bool overridable; + bool strictEnforcement; + const base::Callback<void(bool)>& callback; +}; + +#endif // CERTIFICATE_ERROR_CONTROLLER_P_H diff --git a/src/core/content_browser_client_qt.cpp b/src/core/content_browser_client_qt.cpp index aa404eced..f19199cc3 100644 --- a/src/core/content_browser_client_qt.cpp +++ b/src/core/content_browser_client_qt.cpp @@ -42,6 +42,7 @@ #include "content/public/browser/browser_main_parts.h" #include "content/public/browser/child_process_security_policy.h" #include "content/public/browser/media_observer.h" +#include "content/public/browser/render_frame_host.h" #include "content/public/browser/render_process_host.h" #include "content/public/browser/render_view_host.h" #include "content/public/browser/resource_dispatcher_host.h" @@ -54,6 +55,8 @@ #include "ui/gl/gl_share_group.h" #include "browser_context_qt.h" +#include "certificate_error_controller.h" +#include "certificate_error_controller_p.h" #include "desktop_screen_qt.h" #include "dev_tools_http_handler_delegate_qt.h" #include "media_capture_devices_dispatcher.h" @@ -345,3 +348,22 @@ void ContentBrowserClientQt::enableInspector(bool enable) m_devtools.reset(); } } + +void ContentBrowserClientQt::AllowCertificateError(int render_process_id, int render_frame_id, int cert_error, + const net::SSLInfo& ssl_info, const GURL& request_url, + ResourceType::Type resource_type, + bool overridable, bool strict_enforcement, + const base::Callback<void(bool)>& callback, + content::CertificateRequestResultType* result) +{ + // We leave the result with its default value. + Q_UNUSED(result); + + content::RenderFrameHost *frameHost = content::RenderFrameHost::FromID(render_process_id, render_frame_id); + WebContentsDelegateQt* contentsDelegate = 0; + if (content::WebContents *webContents = frameHost->GetRenderViewHost()->GetDelegate()->GetAsWebContents()) + contentsDelegate = static_cast<WebContentsDelegateQt*>(webContents->GetDelegate()); + + QExplicitlySharedDataPointer<CertificateErrorController> errorController(new CertificateErrorController(new CertificateErrorControllerPrivate(cert_error, ssl_info, request_url, resource_type, overridable, strict_enforcement, callback))); + contentsDelegate->allowCertificateError(errorController); +} diff --git a/src/core/content_browser_client_qt.h b/src/core/content_browser_client_qt.h index 5bb8ece47..9cf1695fe 100644 --- a/src/core/content_browser_client_qt.h +++ b/src/core/content_browser_client_qt.h @@ -79,6 +79,17 @@ public: virtual gfx::GLShareGroup* GetInProcessGpuShareGroup() Q_DECL_OVERRIDE; virtual content::MediaObserver* GetMediaObserver() Q_DECL_OVERRIDE; virtual void OverrideWebkitPrefs(content::RenderViewHost *, const GURL &, WebPreferences *) Q_DECL_OVERRIDE; + virtual void AllowCertificateError( + int render_process_id, + int render_frame_id, + int cert_error, + const net::SSLInfo& ssl_info, + const GURL& request_url, + ResourceType::Type resource_type, + bool overridable, + bool strict_enforcement, + const base::Callback<void(bool)>& callback, + content::CertificateRequestResultType* result) Q_DECL_OVERRIDE; BrowserContextQt* browser_context(); diff --git a/src/core/core_gyp_generator.pro b/src/core/core_gyp_generator.pro index b10626000..2ca61bee2 100644 --- a/src/core/core_gyp_generator.pro +++ b/src/core/core_gyp_generator.pro @@ -39,6 +39,7 @@ SOURCES = \ browser_accessibility_manager_qt.cpp \ browser_accessibility_qt.cpp \ browser_context_qt.cpp \ + certificate_error_controller.cpp \ chromium_gpu_helper.cpp \ chromium_overrides.cpp \ clipboard_qt.cpp \ @@ -85,6 +86,8 @@ HEADERS = \ browser_accessibility_manager_qt.h \ browser_accessibility_qt.h \ browser_context_qt.h \ + certificate_error_controller_p.h \ + certificate_error_controller.h \ chromium_overrides.h \ clipboard_qt.h \ common/qt_messages.h \ diff --git a/src/core/web_contents_adapter_client.h b/src/core/web_contents_adapter_client.h index 4d918fef7..215942f8f 100644 --- a/src/core/web_contents_adapter_client.h +++ b/src/core/web_contents_adapter_client.h @@ -48,6 +48,7 @@ QT_FORWARD_DECLARE_CLASS(QVariant) +class CertificateErrorController; class JavaScriptDialogController; class RenderWidgetHostViewQt; class RenderWidgetHostViewQtDelegate; @@ -172,6 +173,9 @@ public: virtual void authenticationRequired(const QUrl &requestUrl, const QString &realm, bool isProxy, const QString &challengingHost, QString *outUser, QString *outPassword) = 0; virtual void runMediaAccessPermissionRequest(const QUrl &securityOrigin, MediaRequestFlags requestFlags) = 0; virtual WebEngineSettings *webEngineSettings() const = 0; + + virtual void allowCertificateError(const QExplicitlySharedDataPointer<CertificateErrorController> &errorController) = 0; + }; #endif // WEB_CONTENTS_ADAPTER_CLIENT_H diff --git a/src/core/web_contents_delegate_qt.cpp b/src/core/web_contents_delegate_qt.cpp index 9916ca9e5..0523d8b22 100644 --- a/src/core/web_contents_delegate_qt.cpp +++ b/src/core/web_contents_delegate_qt.cpp @@ -275,3 +275,8 @@ WebContentsAdapter *WebContentsDelegateQt::createWindow(content::WebContents *ne return newAdapter; } + +void WebContentsDelegateQt::allowCertificateError(const QExplicitlySharedDataPointer<CertificateErrorController> &errorController) +{ + m_viewClient->allowCertificateError(errorController); +} diff --git a/src/core/web_contents_delegate_qt.h b/src/core/web_contents_delegate_qt.h index 22bc85548..c1f0c4647 100644 --- a/src/core/web_contents_delegate_qt.h +++ b/src/core/web_contents_delegate_qt.h @@ -50,8 +50,10 @@ namespace content { class JavaScriptDialogManager; class WebContents; } + struct WebPreferences; class WebContentsAdapterClient; +class CertificateErrorController; class WebContentsDelegateQt : public content::WebContentsDelegate , public content::WebContentsObserver @@ -84,6 +86,7 @@ public: virtual void DidNavigateAnyFrame(const content::LoadCommittedDetails&, const content::FrameNavigateParams& params) Q_DECL_OVERRIDE; void overrideWebPreferences(content::WebContents *, WebPreferences*); + void allowCertificateError(const QExplicitlySharedDataPointer<CertificateErrorController> &) ; private: WebContentsAdapter *createWindow(content::WebContents *new_contents, WindowOpenDisposition disposition, const gfx::Rect& initial_pos, bool user_gesture); diff --git a/src/webengine/api/qquickwebengineview.cpp b/src/webengine/api/qquickwebengineview.cpp index 97ea61efd..e08232e78 100644 --- a/src/webengine/api/qquickwebengineview.cpp +++ b/src/webengine/api/qquickwebengineview.cpp @@ -37,6 +37,7 @@ #include "qquickwebengineview_p.h" #include "qquickwebengineview_p_p.h" +#include "certificate_error_controller.h" #include "javascript_dialog_controller.h" #include "qquickwebenginehistory_p.h" #include "qquickwebengineloadrequest_p.h" @@ -206,6 +207,11 @@ void QQuickWebEngineViewPrivate::javascriptDialog(QSharedPointer<JavaScriptDialo ui()->showDialog(dialog); } +void QQuickWebEngineViewPrivate::allowCertificateError(const QExplicitlySharedDataPointer<CertificateErrorController> &errorController) +{ + // ### Implement a way to export this to QML + Q_UNUSED(errorController); +} void QQuickWebEngineViewPrivate::runFileChooser(FileChooserMode mode, const QString &defaultFileName, const QStringList &acceptedMimeTypes) { diff --git a/src/webengine/api/qquickwebengineview_p_p.h b/src/webengine/api/qquickwebengineview_p_p.h index cbe6697e1..e26255535 100644 --- a/src/webengine/api/qquickwebengineview_p_p.h +++ b/src/webengine/api/qquickwebengineview_p_p.h @@ -174,6 +174,7 @@ public: virtual void runMediaAccessPermissionRequest(const QUrl &securityOrigin, MediaRequestFlags requestFlags) Q_DECL_OVERRIDE; virtual QObject *accessibilityParentObject() Q_DECL_OVERRIDE; virtual WebEngineSettings *webEngineSettings() const Q_DECL_OVERRIDE; + virtual void allowCertificateError(const QExplicitlySharedDataPointer<CertificateErrorController> &errorController); void setDevicePixelRatio(qreal); void adoptWebContents(WebContentsAdapter *webContents); diff --git a/src/webenginewidgets/api/qwebenginecertificateerror.cpp b/src/webenginewidgets/api/qwebenginecertificateerror.cpp new file mode 100644 index 000000000..7be8c75d0 --- /dev/null +++ b/src/webenginewidgets/api/qwebenginecertificateerror.cpp @@ -0,0 +1,111 @@ +/**************************************************************************** +** +** Copyright (C) 2014 Digia Plc and/or its subsidiary(-ies). +** Contact: http://www.qt-project.org/legal +** +** This file is part of the QtWebEngine module of the Qt Toolkit. +** +** $QT_BEGIN_LICENSE:LGPL$ +** Commercial License Usage +** Licensees holding valid commercial Qt licenses may use this file in +** accordance with the commercial license agreement provided with the +** Software or, alternatively, in accordance with the terms contained in +** a written agreement between you and Digia. For licensing terms and +** conditions see http://qt.digia.com/licensing. For further information +** use the contact form at http://qt.digia.com/contact-us. +** +** GNU Lesser General Public License Usage +** Alternatively, this file may be used under the terms of the GNU Lesser +** General Public License version 3 as published by the Free Software +** Foundation and appearing in the file LICENSE.LGPLv3 included in the +** packaging of this file. Please review the following information to +** ensure the GNU Lesser General Public License version 3 requirements +** will be met: https://www.gnu.org/licenses/lgpl.html. +** +** GNU General Public License Usage +** Alternatively, this file may be used under the terms of the GNU +** General Public License version 2.0 or later as published by the Free +** Software Foundation and appearing in the file LICENSE.GPL included in +** the packaging of this file. Please review the following information to +** ensure the GNU General Public License version 2.0 requirements will be +** met: http://www.gnu.org/licenses/gpl-2.0.html. +** +** $QT_END_LICENSE$ +** +****************************************************************************/ + +#include "qwebenginecertificateerror.h" + +QT_BEGIN_NAMESPACE + +class QWebEngineCertificateErrorPrivate { +public: + QWebEngineCertificateErrorPrivate(int error, QUrl url, bool overridable, QString errorDescription); + + QWebEngineCertificateError::Error error; + QUrl url; + bool overridable; + QString errorDescription; +}; + +QWebEngineCertificateErrorPrivate::QWebEngineCertificateErrorPrivate(int error, QUrl url, bool overridable, QString errorDescription) + : error(QWebEngineCertificateError::Error(error)) + , url(url) + , overridable(overridable) + , errorDescription(errorDescription) +{ } + + +QWebEngineCertificateError::QWebEngineCertificateError(int error, QUrl url, bool overridable, QString errorDescription) + : d_ptr(new QWebEngineCertificateErrorPrivate(error, url, overridable, errorDescription)) +{ } + +QWebEngineCertificateError::~QWebEngineCertificateError() +{ +} + +/*! + Returns whether this error can be overridden and accepted. + + \sa error(), errorDescription() +*/ +bool QWebEngineCertificateError::isOverridable() const +{ + const Q_D(QWebEngineCertificateError); + return d->overridable; +} + +/*! + Returns the URL that triggered the error. + + \sa error(), errorDescription() +*/ +QUrl QWebEngineCertificateError::url() const +{ + const Q_D(QWebEngineCertificateError); + return d->url; +} + +/*! + Returns the type of the error. + + \sa errorDescription(), isOverridable() +*/ +QWebEngineCertificateError::Error QWebEngineCertificateError::error() const +{ + const Q_D(QWebEngineCertificateError); + return d->error; +} + +/*! + Returns a short localized human-readable description of the error. + + \sa error(), url(), isOverridable() +*/ +QString QWebEngineCertificateError::errorDescription() const +{ + const Q_D(QWebEngineCertificateError); + return d->errorDescription; +} + +QT_END_NAMESPACE diff --git a/src/webenginewidgets/api/qwebenginecertificateerror.h b/src/webenginewidgets/api/qwebenginecertificateerror.h new file mode 100644 index 000000000..8cdd6946c --- /dev/null +++ b/src/webenginewidgets/api/qwebenginecertificateerror.h @@ -0,0 +1,84 @@ +/**************************************************************************** +** +** Copyright (C) 2014 Digia Plc and/or its subsidiary(-ies). +** Contact: http://www.qt-project.org/legal +** +** This file is part of the QtWebEngine module of the Qt Toolkit. +** +** $QT_BEGIN_LICENSE:LGPL$ +** Commercial License Usage +** Licensees holding valid commercial Qt licenses may use this file in +** accordance with the commercial license agreement provided with the +** Software or, alternatively, in accordance with the terms contained in +** a written agreement between you and Digia. For licensing terms and +** conditions see http://qt.digia.com/licensing. For further information +** use the contact form at http://qt.digia.com/contact-us. +** +** GNU Lesser General Public License Usage +** Alternatively, this file may be used under the terms of the GNU Lesser +** General Public License version 3 as published by the Free Software +** Foundation and appearing in the file LICENSE.LGPLv3 included in the +** packaging of this file. Please review the following information to +** ensure the GNU Lesser General Public License version 3 requirements +** will be met: https://www.gnu.org/licenses/lgpl.html. +** +** GNU General Public License Usage +** Alternatively, this file may be used under the terms of the GNU +** General Public License version 2.0 or later as published by the Free +** Software Foundation and appearing in the file LICENSE.GPL included in +** the packaging of this file. Please review the following information to +** ensure the GNU General Public License version 2.0 requirements will be +** met: http://www.gnu.org/licenses/gpl-2.0.html. +** +** $QT_END_LICENSE$ +** +****************************************************************************/ + +#ifndef QWEBENGINECERTIFICATEERROR_H +#define QWEBENGINECERTIFICATEERROR_H + +#include "qtwebenginewidgetsglobal.h" + +#include <QtCore/QScopedPointer> +#include <QtCore/QUrl> + +QT_BEGIN_NAMESPACE + +class QWebEngineCertificateErrorPrivate; + +class QWEBENGINEWIDGETS_EXPORT QWebEngineCertificateError { +public: + QWebEngineCertificateError(int error, QUrl url, bool overridable, QString errorDescription); + ~QWebEngineCertificateError(); + + // Keep this identical to CertificateErrorController::CertificateError, or add mapping layer. + enum Error { + SslPinnedKeyNotInCertificateChain = -150, + CertificateCommonNameInvalid = -200, + CertificateDateInvalid = -201, + CertificateAuthorityInvalid = -202, + CertificateContainsErrors = -203, + CertificateNoRevocationMechanism = -204, + CertificateUnableToCheckRevocation = -205, + CertificateRevoked = -206, + CertificateInvalid = -207, + CertificateWeakSignatureAlgorithm = -208, + CertificateNonUniqueName = -210, + CertificateWeakKey = -211, + CertificateNameConstraintViolation = -212, + }; + + Error error() const; + QUrl url() const; + bool isOverridable() const; + QString errorDescription() const; + +private: + Q_DISABLE_COPY(QWebEngineCertificateError) + Q_DECLARE_PRIVATE(QWebEngineCertificateError); + QScopedPointer<QWebEngineCertificateErrorPrivate> d_ptr; +}; + +QT_END_NAMESPACE + +#endif // QWEBENGINECERTIFICATEERROR_H diff --git a/src/webenginewidgets/api/qwebenginepage.cpp b/src/webenginewidgets/api/qwebenginepage.cpp index e8f34a1ea..51e733e70 100644 --- a/src/webenginewidgets/api/qwebenginepage.cpp +++ b/src/webenginewidgets/api/qwebenginepage.cpp @@ -23,6 +23,7 @@ #include "qwebenginepage.h" #include "qwebenginepage_p.h" +#include "certificate_error_controller.h" #include "javascript_dialog_controller.h" #include "qwebenginehistory.h" #include "qwebenginehistory_p.h" @@ -646,6 +647,18 @@ void QWebEnginePagePrivate::javascriptDialog(QSharedPointer<JavaScriptDialogCont controller->reject(); } +void QWebEnginePagePrivate::allowCertificateError(const QExplicitlySharedDataPointer<CertificateErrorController> &controller) +{ + Q_Q(QWebEnginePage); + bool accepted = false; + + QWebEngineCertificateError error(controller->error(), controller->url(), controller->overridable() && !controller->strictEnforcement(), controller->errorString()); + accepted = q->certificateError(error); + + if (error.isOverridable()) + controller->accept(accepted); +} + void QWebEnginePagePrivate::javaScriptConsoleMessage(JavaScriptConsoleMessageLevel level, const QString &message, int lineNumber, const QString &sourceID) { Q_Q(QWebEnginePage); @@ -919,6 +932,12 @@ void QWebEnginePage::javaScriptConsoleMessage(JavaScriptConsoleMessageLevel leve Q_UNUSED(lineNumber); Q_UNUSED(sourceID); } + +bool QWebEnginePage::certificateError(const QWebEngineCertificateError &) +{ + return false; +} + QT_END_NAMESPACE #include "moc_qwebenginepage.cpp" diff --git a/src/webenginewidgets/api/qwebenginepage.h b/src/webenginewidgets/api/qwebenginepage.h index e1afa14ee..667098032 100644 --- a/src/webenginewidgets/api/qwebenginepage.h +++ b/src/webenginewidgets/api/qwebenginepage.h @@ -38,6 +38,7 @@ #define QWEBENGINEPAGE_H #include <QtWebEngineWidgets/qtwebenginewidgetsglobal.h> +#include <QtWebEngineWidgets/qwebenginecertificateerror.h> #include <QtCore/qobject.h> #include <QtCore/qurl.h> @@ -228,6 +229,7 @@ protected: virtual bool javaScriptConfirm(const QUrl &securityOrigin, const QString& msg); virtual bool javaScriptPrompt(const QUrl &securityOrigin, const QString& msg, const QString& defaultValue, QString* result); virtual void javaScriptConsoleMessage(JavaScriptConsoleMessageLevel level, const QString& message, int lineNumber, const QString& sourceID); + virtual bool certificateError(const QWebEngineCertificateError &certificateError); private: Q_DECLARE_PRIVATE(QWebEnginePage); diff --git a/src/webenginewidgets/api/qwebenginepage_p.h b/src/webenginewidgets/api/qwebenginepage_p.h index 40e44a07e..10a253d8d 100644 --- a/src/webenginewidgets/api/qwebenginepage_p.h +++ b/src/webenginewidgets/api/qwebenginepage_p.h @@ -137,6 +137,7 @@ public: virtual void runMediaAccessPermissionRequest(const QUrl &securityOrigin, MediaRequestFlags requestFlags) Q_DECL_OVERRIDE; virtual QObject *accessibilityParentObject() Q_DECL_OVERRIDE; virtual WebEngineSettings *webEngineSettings() const Q_DECL_OVERRIDE; + virtual void allowCertificateError(const QExplicitlySharedDataPointer<CertificateErrorController> &controller) Q_DECL_OVERRIDE; void updateAction(QWebEnginePage::WebAction) const; void updateNavigationActions(); diff --git a/src/webenginewidgets/webenginewidgets.pro b/src/webenginewidgets/webenginewidgets.pro index d4cce2590..37a076307 100644 --- a/src/webenginewidgets/webenginewidgets.pro +++ b/src/webenginewidgets/webenginewidgets.pro @@ -14,6 +14,7 @@ INCLUDEPATH += $$PWD api ../core ../webengine/api SOURCES = \ api/qtwebenginewidgetsglobal.cpp \ + api/qwebenginecertificateerror.cpp \ api/qwebenginehistory.cpp \ api/qwebenginepage.cpp \ api/qwebenginesettings.cpp \ @@ -22,6 +23,7 @@ SOURCES = \ HEADERS = \ api/qtwebenginewidgetsglobal.h \ + api/qwebenginecertificateerror.h \ api/qwebenginehistory.h \ api/qwebenginepage.h \ api/qwebenginepage_p.h \ |