diff options
Diffstat (limited to 'src/core')
-rw-r--r-- | src/core/certificate_error_controller.cpp | 157 | ||||
-rw-r--r-- | src/core/certificate_error_controller.h | 110 | ||||
-rw-r--r-- | src/core/certificate_error_controller_p.h | 60 | ||||
-rw-r--r-- | src/core/content_browser_client_qt.cpp | 22 | ||||
-rw-r--r-- | src/core/content_browser_client_qt.h | 11 | ||||
-rw-r--r-- | src/core/core_gyp_generator.pro | 3 | ||||
-rw-r--r-- | src/core/web_contents_adapter_client.h | 4 | ||||
-rw-r--r-- | src/core/web_contents_delegate_qt.cpp | 5 | ||||
-rw-r--r-- | src/core/web_contents_delegate_qt.h | 3 |
9 files changed, 375 insertions, 0 deletions
diff --git a/src/core/certificate_error_controller.cpp b/src/core/certificate_error_controller.cpp new file mode 100644 index 000000000..64e5b36d4 --- /dev/null +++ b/src/core/certificate_error_controller.cpp @@ -0,0 +1,157 @@ +/**************************************************************************** +** +** Copyright (C) 2014 Digia Plc and/or its subsidiary(-ies). +** Contact: http://www.qt-project.org/legal +** +** This file is part of the QtWebEngine module of the Qt Toolkit. +** +** $QT_BEGIN_LICENSE:LGPL$ +** Commercial License Usage +** Licensees holding valid commercial Qt licenses may use this file in +** accordance with the commercial license agreement provided with the +** Software or, alternatively, in accordance with the terms contained in +** a written agreement between you and Digia. For licensing terms and +** conditions see http://qt.digia.com/licensing. For further information +** use the contact form at http://qt.digia.com/contact-us. +** +** GNU Lesser General Public License Usage +** Alternatively, this file may be used under the terms of the GNU Lesser +** General Public License version 3 as published by the Free Software +** Foundation and appearing in the file LICENSE.LGPLv3 included in the +** packaging of this file. Please review the following information to +** ensure the GNU Lesser General Public License version 3 requirements +** will be met: https://www.gnu.org/licenses/lgpl.html. +** +** GNU General Public License Usage +** Alternatively, this file may be used under the terms of the GNU +** General Public License version 2.0 or later as published by the Free +** Software Foundation and appearing in the file LICENSE.GPL included in +** the packaging of this file. Please review the following information to +** ensure the GNU General Public License version 2.0 requirements will be +** met: http://www.gnu.org/licenses/gpl-2.0.html. +** +** $QT_END_LICENSE$ +** +****************************************************************************/ + +#include "certificate_error_controller.h" +#include "certificate_error_controller_p.h" + +#include <net/cert/x509_certificate.h> +#include <net/ssl/ssl_info.h> +#include <ui/base/l10n/l10n_util.h> +#include "chrome/grit/generated_resources.h" +#include "type_conversion.h" + +void CertificateErrorControllerPrivate::accept(bool accepted) +{ + callback.Run(accepted); +} + +CertificateErrorControllerPrivate::CertificateErrorControllerPrivate(int cert_error, + const net::SSLInfo& ssl_info, + const GURL &request_url, + ResourceType::Type resource_type, + bool _overridable, + bool strict_enforcement, + const base::Callback<void(bool)>& cb + ) + : certError(CertificateErrorController::CertificateError(cert_error)) + , requestUrl(toQt(request_url)) + , resourceType(CertificateErrorController::ResourceType(resource_type)) + , overridable(_overridable) + , strictEnforcement(strict_enforcement) + , callback(cb) +{ + if (ssl_info.cert) { + validStart = toQt(ssl_info.cert->valid_start()); + validExpiry = toQt(ssl_info.cert->valid_expiry()); + } +} + +CertificateErrorController::CertificateErrorController(CertificateErrorControllerPrivate *p) : d(p) +{ +} + +CertificateErrorController::~CertificateErrorController() +{ + delete d; + d = 0; +} + +CertificateErrorController::CertificateError CertificateErrorController::error() const +{ + return d->certError; +} + +QUrl CertificateErrorController::url() const +{ + return d->requestUrl; +} + +bool CertificateErrorController::overridable() const +{ + return d->overridable; +} + +bool CertificateErrorController::strictEnforcement() const +{ + return d->strictEnforcement; +} + +void CertificateErrorController::accept(bool accepted) +{ + d->accept(accepted); +} + +CertificateErrorController::ResourceType CertificateErrorController::resourceType() const +{ + return d->resourceType; +} + +static QString getQStringForMessageId(int message_id) { + base::string16 string = l10n_util::GetStringUTF16(message_id); + return QString::fromUtf16(string.data(), string.length()); +} + +QString CertificateErrorController::errorString() const +{ + // Try to use chromiums translation of the error strings, though not all are + // consistently described and we need to use versions that does not contain HTML + // formatted text. + switch (d->certError) { + case SslPinnedKeyNotInCertificateChain: + return getQStringForMessageId(IDS_ERRORPAGES_SUMMARY_PINNING_FAILURE); + case CertificateCommonNameInvalid: + return getQStringForMessageId(IDS_CERT_ERROR_COMMON_NAME_INVALID_DESCRIPTION); + case CertificateDateInvalid: + if (QDateTime::currentDateTime() > d->validExpiry) + return getQStringForMessageId(IDS_CERT_ERROR_EXPIRED_DESCRIPTION); + else + return getQStringForMessageId(IDS_CERT_ERROR_NOT_YET_VALID_DESCRIPTION); + case CertificateAuthorityInvalid: + return getQStringForMessageId(IDS_CERT_ERROR_AUTHORITY_INVALID_DESCRIPTION); + case CertificateContainsErrors: + return getQStringForMessageId(IDS_CERT_ERROR_CONTAINS_ERRORS_DESCRIPTION); + case CertificateNoRevocationMechanism: + return getQStringForMessageId(IDS_CERT_ERROR_NO_REVOCATION_MECHANISM_DETAILS); + case CertificateUnableToCheckRevocation: + return getQStringForMessageId(IDS_CERT_ERROR_UNABLE_TO_CHECK_REVOCATION_DETAILS); + case CertificateRevoked: + return getQStringForMessageId(IDS_CERT_ERROR_REVOKED_CERT_DESCRIPTION); + case CertificateInvalid: + return getQStringForMessageId(IDS_CERT_ERROR_INVALID_CERT_DESCRIPTION); + case CertificateWeakSignatureAlgorithm: + return getQStringForMessageId(IDS_CERT_ERROR_WEAK_SIGNATURE_ALGORITHM_DESCRIPTION); + case CertificateNonUniqueName: + return getQStringForMessageId(IDS_PAGE_INFO_SECURITY_TAB_NON_UNIQUE_NAME); + case CertificateWeakKey: + return getQStringForMessageId(IDS_CERT_ERROR_WEAK_KEY_DESCRIPTION); + case CertificateNameConstraintViolation: + return getQStringForMessageId(IDS_CERT_ERROR_NAME_CONSTRAINT_VIOLATION_DESCRIPTION); + default: + break; + } + + return getQStringForMessageId(IDS_CERT_ERROR_UNKNOWN_ERROR_DESCRIPTION); +} diff --git a/src/core/certificate_error_controller.h b/src/core/certificate_error_controller.h new file mode 100644 index 000000000..f1e7c5bd8 --- /dev/null +++ b/src/core/certificate_error_controller.h @@ -0,0 +1,110 @@ +/**************************************************************************** +** +** Copyright (C) 2014 Digia Plc and/or its subsidiary(-ies). +** Contact: http://www.qt-project.org/legal +** +** This file is part of the QtWebEngine module of the Qt Toolkit. +** +** $QT_BEGIN_LICENSE:LGPL$ +** Commercial License Usage +** Licensees holding valid commercial Qt licenses may use this file in +** accordance with the commercial license agreement provided with the +** Software or, alternatively, in accordance with the terms contained in +** a written agreement between you and Digia. For licensing terms and +** conditions see http://qt.digia.com/licensing. For further information +** use the contact form at http://qt.digia.com/contact-us. +** +** GNU Lesser General Public License Usage +** Alternatively, this file may be used under the terms of the GNU Lesser +** General Public License version 3 as published by the Free Software +** Foundation and appearing in the file LICENSE.LGPLv3 included in the +** packaging of this file. Please review the following information to +** ensure the GNU Lesser General Public License version 3 requirements +** will be met: https://www.gnu.org/licenses/lgpl.html. +** +** GNU General Public License Usage +** Alternatively, this file may be used under the terms of the GNU +** General Public License version 2.0 or later as published by the Free +** Software Foundation and appearing in the file LICENSE.GPL included in +** the packaging of this file. Please review the following information to +** ensure the GNU General Public License version 2.0 requirements will be +** met: http://www.gnu.org/licenses/gpl-2.0.html. +** +** $QT_END_LICENSE$ +** +****************************************************************************/ + +#ifndef CERTIFICATE_ERROR_CONTROLLER_H +#define CERTIFICATE_ERROR_CONTROLLER_H + +#include "qtwebenginecoreglobal.h" + +#include <QtCore/QDateTime> +#include <QtCore/QSharedData> +#include <QtCore/QUrl> + +class CertificateErrorControllerPrivate; + +class QWEBENGINE_EXPORT CertificateErrorController : public QSharedData { +public: + CertificateErrorController(CertificateErrorControllerPrivate *p); + ~CertificateErrorController(); + + // We can't use QSslError::SslErrors, because the error categories doesn't map. + // Keep up to date with net/base/net_errors.h and net::IsCertificateError(): + enum CertificateError { + SslPinnedKeyNotInCertificateChain = -150, + CertificateCommonNameInvalid = -200, + CertificateDateInvalid = -201, + CertificateAuthorityInvalid = -202, + CertificateContainsErrors = -203, + CertificateNoRevocationMechanism = -204, + CertificateUnableToCheckRevocation = -205, + CertificateRevoked = -206, + CertificateInvalid = -207, + CertificateWeakSignatureAlgorithm = -208, + CertificateNonUniqueName = -210, + CertificateWeakKey = -211, + CertificateNameConstraintViolation = -212, + }; + + CertificateError error() const; + QUrl url() const; + bool overridable() const; + bool strictEnforcement() const; + QString errorString() const; + QDateTime validStart() const; + QDateTime validExpiry() const; + + void accept(bool); + + // Note: The resource type should probably not be exported, since once accepted the certificate exception + // counts for all resource types. + // Keep up to date with webkit/common/resource_type.h + enum ResourceType { + ResourceTypeMainFrame = 0, // top level page + ResourceTypeSubFrame, // frame or iframe + ResourceTypeStylesheet, // a CSS stylesheet + ResourceTypeScript, // an external script + ResourceTypeImage, // an image (jpg/gif/png/etc) + ResourceTypeFont, // a font + ResourceTypeOther, // an "other" subresource. + ResourceTypeObject, // an object (or embed) tag for a plugin, + // or a resource that a plugin requested. + ResourceTypeMedia, // a media resource. + ResourceTypeWorker, // the main resource of a dedicated worker. + ResourceTypeSharedWorker, // the main resource of a shared worker. + ResourceTypePrefetch, // an explicitly requested prefetch + ResourceTypeFavicon, // a favicon + ResourceTypeXHR, // a XMLHttpRequest + ResourceTypePing, // a ping request for <a ping> + ResourceTypeServiceWorker, // the main resource of a service worker. + }; + + ResourceType resourceType() const; + +private: + CertificateErrorControllerPrivate* d; +}; + +#endif // CERTIFICATE_ERROR_CONTROLLER_H diff --git a/src/core/certificate_error_controller_p.h b/src/core/certificate_error_controller_p.h new file mode 100644 index 000000000..af0ce12aa --- /dev/null +++ b/src/core/certificate_error_controller_p.h @@ -0,0 +1,60 @@ +/**************************************************************************** +** +** Copyright (C) 2014 Digia Plc and/or its subsidiary(-ies). +** Contact: http://www.qt-project.org/legal +** +** This file is part of the QtWebEngine module of the Qt Toolkit. +** +** $QT_BEGIN_LICENSE:LGPL$ +** Commercial License Usage +** Licensees holding valid commercial Qt licenses may use this file in +** accordance with the commercial license agreement provided with the +** Software or, alternatively, in accordance with the terms contained in +** a written agreement between you and Digia. For licensing terms and +** conditions see http://qt.digia.com/licensing. For further information +** use the contact form at http://qt.digia.com/contact-us. +** +** GNU Lesser General Public License Usage +** Alternatively, this file may be used under the terms of the GNU Lesser +** General Public License version 3 as published by the Free Software +** Foundation and appearing in the file LICENSE.LGPLv3 included in the +** packaging of this file. Please review the following information to +** ensure the GNU Lesser General Public License version 3 requirements +** will be met: https://www.gnu.org/licenses/lgpl.html. +** +** GNU General Public License Usage +** Alternatively, this file may be used under the terms of the GNU +** General Public License version 2.0 or later as published by the Free +** Software Foundation and appearing in the file LICENSE.GPL included in +** the packaging of this file. Please review the following information to +** ensure the GNU General Public License version 2.0 requirements will be +** met: http://www.gnu.org/licenses/gpl-2.0.html. +** +** $QT_END_LICENSE$ +** +****************************************************************************/ + +#ifndef CERTIFICATE_ERROR_CONTROLLER_P_H +#define CERTIFICATE_ERROR_CONTROLLER_P_H + +#include "content/public/browser/content_browser_client.h" + +#include "certificate_error_controller.h" + +class CertificateErrorControllerPrivate { +public: + CertificateErrorControllerPrivate(int cert_error, const net::SSLInfo& ssl_info, const GURL& request_url, ResourceType::Type resource_type, bool overridable, bool strict_enforcement, const base::Callback<void(bool)>& callback); + + void accept(bool accepted); + + CertificateErrorController::CertificateError certError; + const QUrl requestUrl; + QDateTime validStart; + QDateTime validExpiry; + CertificateErrorController::ResourceType resourceType; + bool overridable; + bool strictEnforcement; + const base::Callback<void(bool)>& callback; +}; + +#endif // CERTIFICATE_ERROR_CONTROLLER_P_H diff --git a/src/core/content_browser_client_qt.cpp b/src/core/content_browser_client_qt.cpp index aa404eced..f19199cc3 100644 --- a/src/core/content_browser_client_qt.cpp +++ b/src/core/content_browser_client_qt.cpp @@ -42,6 +42,7 @@ #include "content/public/browser/browser_main_parts.h" #include "content/public/browser/child_process_security_policy.h" #include "content/public/browser/media_observer.h" +#include "content/public/browser/render_frame_host.h" #include "content/public/browser/render_process_host.h" #include "content/public/browser/render_view_host.h" #include "content/public/browser/resource_dispatcher_host.h" @@ -54,6 +55,8 @@ #include "ui/gl/gl_share_group.h" #include "browser_context_qt.h" +#include "certificate_error_controller.h" +#include "certificate_error_controller_p.h" #include "desktop_screen_qt.h" #include "dev_tools_http_handler_delegate_qt.h" #include "media_capture_devices_dispatcher.h" @@ -345,3 +348,22 @@ void ContentBrowserClientQt::enableInspector(bool enable) m_devtools.reset(); } } + +void ContentBrowserClientQt::AllowCertificateError(int render_process_id, int render_frame_id, int cert_error, + const net::SSLInfo& ssl_info, const GURL& request_url, + ResourceType::Type resource_type, + bool overridable, bool strict_enforcement, + const base::Callback<void(bool)>& callback, + content::CertificateRequestResultType* result) +{ + // We leave the result with its default value. + Q_UNUSED(result); + + content::RenderFrameHost *frameHost = content::RenderFrameHost::FromID(render_process_id, render_frame_id); + WebContentsDelegateQt* contentsDelegate = 0; + if (content::WebContents *webContents = frameHost->GetRenderViewHost()->GetDelegate()->GetAsWebContents()) + contentsDelegate = static_cast<WebContentsDelegateQt*>(webContents->GetDelegate()); + + QExplicitlySharedDataPointer<CertificateErrorController> errorController(new CertificateErrorController(new CertificateErrorControllerPrivate(cert_error, ssl_info, request_url, resource_type, overridable, strict_enforcement, callback))); + contentsDelegate->allowCertificateError(errorController); +} diff --git a/src/core/content_browser_client_qt.h b/src/core/content_browser_client_qt.h index 5bb8ece47..9cf1695fe 100644 --- a/src/core/content_browser_client_qt.h +++ b/src/core/content_browser_client_qt.h @@ -79,6 +79,17 @@ public: virtual gfx::GLShareGroup* GetInProcessGpuShareGroup() Q_DECL_OVERRIDE; virtual content::MediaObserver* GetMediaObserver() Q_DECL_OVERRIDE; virtual void OverrideWebkitPrefs(content::RenderViewHost *, const GURL &, WebPreferences *) Q_DECL_OVERRIDE; + virtual void AllowCertificateError( + int render_process_id, + int render_frame_id, + int cert_error, + const net::SSLInfo& ssl_info, + const GURL& request_url, + ResourceType::Type resource_type, + bool overridable, + bool strict_enforcement, + const base::Callback<void(bool)>& callback, + content::CertificateRequestResultType* result) Q_DECL_OVERRIDE; BrowserContextQt* browser_context(); diff --git a/src/core/core_gyp_generator.pro b/src/core/core_gyp_generator.pro index b10626000..2ca61bee2 100644 --- a/src/core/core_gyp_generator.pro +++ b/src/core/core_gyp_generator.pro @@ -39,6 +39,7 @@ SOURCES = \ browser_accessibility_manager_qt.cpp \ browser_accessibility_qt.cpp \ browser_context_qt.cpp \ + certificate_error_controller.cpp \ chromium_gpu_helper.cpp \ chromium_overrides.cpp \ clipboard_qt.cpp \ @@ -85,6 +86,8 @@ HEADERS = \ browser_accessibility_manager_qt.h \ browser_accessibility_qt.h \ browser_context_qt.h \ + certificate_error_controller_p.h \ + certificate_error_controller.h \ chromium_overrides.h \ clipboard_qt.h \ common/qt_messages.h \ diff --git a/src/core/web_contents_adapter_client.h b/src/core/web_contents_adapter_client.h index 4d918fef7..215942f8f 100644 --- a/src/core/web_contents_adapter_client.h +++ b/src/core/web_contents_adapter_client.h @@ -48,6 +48,7 @@ QT_FORWARD_DECLARE_CLASS(QVariant) +class CertificateErrorController; class JavaScriptDialogController; class RenderWidgetHostViewQt; class RenderWidgetHostViewQtDelegate; @@ -172,6 +173,9 @@ public: virtual void authenticationRequired(const QUrl &requestUrl, const QString &realm, bool isProxy, const QString &challengingHost, QString *outUser, QString *outPassword) = 0; virtual void runMediaAccessPermissionRequest(const QUrl &securityOrigin, MediaRequestFlags requestFlags) = 0; virtual WebEngineSettings *webEngineSettings() const = 0; + + virtual void allowCertificateError(const QExplicitlySharedDataPointer<CertificateErrorController> &errorController) = 0; + }; #endif // WEB_CONTENTS_ADAPTER_CLIENT_H diff --git a/src/core/web_contents_delegate_qt.cpp b/src/core/web_contents_delegate_qt.cpp index 9916ca9e5..0523d8b22 100644 --- a/src/core/web_contents_delegate_qt.cpp +++ b/src/core/web_contents_delegate_qt.cpp @@ -275,3 +275,8 @@ WebContentsAdapter *WebContentsDelegateQt::createWindow(content::WebContents *ne return newAdapter; } + +void WebContentsDelegateQt::allowCertificateError(const QExplicitlySharedDataPointer<CertificateErrorController> &errorController) +{ + m_viewClient->allowCertificateError(errorController); +} diff --git a/src/core/web_contents_delegate_qt.h b/src/core/web_contents_delegate_qt.h index 22bc85548..c1f0c4647 100644 --- a/src/core/web_contents_delegate_qt.h +++ b/src/core/web_contents_delegate_qt.h @@ -50,8 +50,10 @@ namespace content { class JavaScriptDialogManager; class WebContents; } + struct WebPreferences; class WebContentsAdapterClient; +class CertificateErrorController; class WebContentsDelegateQt : public content::WebContentsDelegate , public content::WebContentsObserver @@ -84,6 +86,7 @@ public: virtual void DidNavigateAnyFrame(const content::LoadCommittedDetails&, const content::FrameNavigateParams& params) Q_DECL_OVERRIDE; void overrideWebPreferences(content::WebContents *, WebPreferences*); + void allowCertificateError(const QExplicitlySharedDataPointer<CertificateErrorController> &) ; private: WebContentsAdapter *createWindow(content::WebContents *new_contents, WindowOpenDisposition disposition, const gfx::Rect& initial_pos, bool user_gesture); |