diff options
author | jcampan@chromium.org <jcampan@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-03-07 00:19:38 +0000 |
---|---|---|
committer | jcampan@chromium.org <jcampan@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-03-07 00:19:38 +0000 |
commit | 88e7d5688f95703ac9a6ddac4752098c407223e5 (patch) | |
tree | 9e10232d9348bf1e3c2f739cacfb06669dfdef64 | |
parent | a5ded246b87ab09ebcf770ffc5c157fb4efaddac (diff) | |
download | chromium_src-88e7d5688f95703ac9a6ddac4752098c407223e5.zip chromium_src-88e7d5688f95703ac9a6ddac4752098c407223e5.tar.gz chromium_src-88e7d5688f95703ac9a6ddac4752098c407223e5.tar.bz2 |
This CL adds a way to specify the security info when canceling a URLRequest.
This allows to tag a request on the renderer side with its security info. It is useful for the "frame info" dialog.
When showing that dialog for blocked frames, the security info can be retrieved and users can see the cert details for the blocked frame.
TEST=Open a page containing a frame served over bad HTTPS. The frame is blocked (replaced with a warning message). Right-click, select "Frame info". The dialog should have a "show cert" button which when pressed should show the frame's bad cert.
BUG=2853
Review URL: http://codereview.chromium.org/7276
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@11179 0039d316-1c4b-4281-b951-d872f2087c98
34 files changed, 195 insertions, 72 deletions
diff --git a/chrome/browser/renderer_host/async_resource_handler.cc b/chrome/browser/renderer_host/async_resource_handler.cc index 881d686..650c7c3 100644 --- a/chrome/browser/renderer_host/async_resource_handler.cc +++ b/chrome/browser/renderer_host/async_resource_handler.cc @@ -116,10 +116,14 @@ bool AsyncResourceHandler::OnReadCompleted(int request_id, int* bytes_read) { return true; } -bool AsyncResourceHandler::OnResponseCompleted(int request_id, - const URLRequestStatus& status) { +bool AsyncResourceHandler::OnResponseCompleted( + int request_id, + const URLRequestStatus& status, + const std::string& security_info) { receiver_->Send(new ViewMsg_Resource_RequestComplete(routing_id_, - request_id, status)); + request_id, + status, + security_info)); // If we still have a read buffer, then see about caching it for later... if (spare_read_buffer_) { diff --git a/chrome/browser/renderer_host/async_resource_handler.h b/chrome/browser/renderer_host/async_resource_handler.h index e966a80..7407e6d 100644 --- a/chrome/browser/renderer_host/async_resource_handler.h +++ b/chrome/browser/renderer_host/async_resource_handler.h @@ -5,6 +5,8 @@ #ifndef CHROME_BROWSER_RENDERER_HOST_ASYNC_RESOURCE_HANDLER_H_ #define CHROME_BROWSER_RENDERER_HOST_ASYNC_RESOURCE_HANDLER_H_ +#include <string> + #include "base/process.h" #include "chrome/browser/renderer_host/resource_dispatcher_host.h" #include "chrome/browser/renderer_host/resource_handler.h" @@ -29,7 +31,9 @@ class AsyncResourceHandler : public ResourceHandler { bool OnWillRead(int request_id, net::IOBuffer** buf, int* buf_size, int min_size); bool OnReadCompleted(int request_id, int* bytes_read); - bool OnResponseCompleted(int request_id, const URLRequestStatus& status); + bool OnResponseCompleted(int request_id, + const URLRequestStatus& status, + const std::string& security_info); static void GlobalCleanup(); diff --git a/chrome/browser/renderer_host/buffered_resource_handler.cc b/chrome/browser/renderer_host/buffered_resource_handler.cc index e1144c2..c49666c7 100644 --- a/chrome/browser/renderer_host/buffered_resource_handler.cc +++ b/chrome/browser/renderer_host/buffered_resource_handler.cc @@ -72,8 +72,10 @@ bool BufferedResourceHandler::OnResponseStarted(int request_id, bool BufferedResourceHandler::OnResponseCompleted( - int request_id, const URLRequestStatus& status) { - return real_handler_->OnResponseCompleted(request_id, status); + int request_id, + const URLRequestStatus& status, + const std::string& security_info) { + return real_handler_->OnResponseCompleted(request_id, status, security_info); } // We'll let the original event handler provide a buffer, and reuse it for @@ -242,7 +244,7 @@ bool BufferedResourceHandler::CompleteResponseStarted(int request_id, // own error page instead of triggering a download. // TODO(abarth): We should abstract the response_code test, but this kind // of check is scattered throughout our codebase. - request_->CancelWithError(net::ERR_FILE_NOT_FOUND); + request_->SimulateError(net::ERR_FILE_NOT_FOUND); return false; } @@ -270,7 +272,8 @@ bool BufferedResourceHandler::CompleteResponseStarted(int request_id, // handled by an external source (the browser's DownloadManager). real_handler_->OnResponseStarted(info->request_id, response_); URLRequestStatus status(URLRequestStatus::HANDLED_EXTERNALLY, 0); - real_handler_->OnResponseCompleted(info->request_id, status); + real_handler_->OnResponseCompleted(info->request_id, status, + std::string()); // Ditch the old async handler that talks to the renderer for the new // download handler that talks to the DownloadManager. diff --git a/chrome/browser/renderer_host/buffered_resource_handler.h b/chrome/browser/renderer_host/buffered_resource_handler.h index 97907b5..e553aca 100644 --- a/chrome/browser/renderer_host/buffered_resource_handler.h +++ b/chrome/browser/renderer_host/buffered_resource_handler.h @@ -26,7 +26,9 @@ class BufferedResourceHandler : public ResourceHandler { bool OnWillRead(int request_id, net::IOBuffer** buf, int* buf_size, int min_size); bool OnReadCompleted(int request_id, int* bytes_read); - bool OnResponseCompleted(int request_id, const URLRequestStatus& status); + bool OnResponseCompleted(int request_id, + const URLRequestStatus& status, + const std::string& security_info); private: // Returns true if we should delay OnResponseStarted forwarding. diff --git a/chrome/browser/renderer_host/cross_site_resource_handler.cc b/chrome/browser/renderer_host/cross_site_resource_handler.cc index 363d451..1e25f17 100644 --- a/chrome/browser/renderer_host/cross_site_resource_handler.cc +++ b/chrome/browser/renderer_host/cross_site_resource_handler.cc @@ -2,6 +2,8 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. +#include <string> + #include "chrome/browser/renderer_host/cross_site_resource_handler.h" #include "chrome/browser/renderer_host/render_view_host.h" @@ -129,11 +131,13 @@ bool CrossSiteResourceHandler::OnReadCompleted(int request_id, bool CrossSiteResourceHandler::OnResponseCompleted( int request_id, - const URLRequestStatus& status) { + const URLRequestStatus& status, + const std::string& security_info) { if (!in_cross_site_transition_) { if (has_started_response_) { // We've already completed the transition, so just pass it through. - return next_handler_->OnResponseCompleted(request_id, status); + return next_handler_->OnResponseCompleted(request_id, status, + security_info); } else { // Some types of failures will call OnResponseCompleted without calling // CrossSiteResourceHandler::OnResponseStarted. @@ -145,7 +149,8 @@ bool CrossSiteResourceHandler::OnResponseCompleted( new CancelPendingRenderViewTask(render_process_host_id_, render_view_id_); rdh_->ui_loop()->PostTask(FROM_HERE, task); - return next_handler_->OnResponseCompleted(request_id, status); + return next_handler_->OnResponseCompleted(request_id, status, + security_info); } else { // An error occured, we should wait now for the cross-site transition, // so that the error message (e.g., 404) can be displayed to the user. @@ -161,6 +166,7 @@ bool CrossSiteResourceHandler::OnResponseCompleted( // We have to buffer the call until after the transition completes. completed_during_transition_ = true; completed_status_ = status; + completed_security_info_ = security_info; // Return false to tell RDH not to notify the world or clean up the // pending request. We will do so in ResumeResponse. @@ -201,7 +207,8 @@ void CrossSiteResourceHandler::ResumeResponse() { // If the response completed during the transition, notify the next // event handler. if (completed_during_transition_) { - next_handler_->OnResponseCompleted(request_id_, completed_status_); + next_handler_->OnResponseCompleted(request_id_, completed_status_, + completed_security_info_); // Since we didn't notify the world or clean up the pending request in // RDH::OnResponseCompleted during the transition, we should do it now. diff --git a/chrome/browser/renderer_host/cross_site_resource_handler.h b/chrome/browser/renderer_host/cross_site_resource_handler.h index 7d57c76..2ae2c75 100644 --- a/chrome/browser/renderer_host/cross_site_resource_handler.h +++ b/chrome/browser/renderer_host/cross_site_resource_handler.h @@ -27,7 +27,9 @@ class CrossSiteResourceHandler : public ResourceHandler { bool OnWillRead(int request_id, net::IOBuffer** buf, int* buf_size, int min_size); bool OnReadCompleted(int request_id, int* bytes_read); - bool OnResponseCompleted(int request_id, const URLRequestStatus& status); + bool OnResponseCompleted(int request_id, + const URLRequestStatus& status, + const std::string& security_info); // We can now send the response to the new renderer, which will cause // WebContents to swap in the new renderer and destroy the old one. @@ -49,6 +51,7 @@ class CrossSiteResourceHandler : public ResourceHandler { int request_id_; bool completed_during_transition_; URLRequestStatus completed_status_; + std::string completed_security_info_; ResourceResponse* response_; ResourceDispatcherHost* rdh_; diff --git a/chrome/browser/renderer_host/download_resource_handler.cc b/chrome/browser/renderer_host/download_resource_handler.cc index 37e7e89..2187506 100644 --- a/chrome/browser/renderer_host/download_resource_handler.cc +++ b/chrome/browser/renderer_host/download_resource_handler.cc @@ -113,7 +113,8 @@ bool DownloadResourceHandler::OnReadCompleted(int request_id, int* bytes_read) { bool DownloadResourceHandler::OnResponseCompleted( int request_id, - const URLRequestStatus& status) { + const URLRequestStatus& status, + const std::string& security_info) { download_manager_->file_loop()->PostTask(FROM_HERE, NewRunnableMethod(download_manager_, &DownloadFileManager::DownloadFinished, diff --git a/chrome/browser/renderer_host/download_resource_handler.h b/chrome/browser/renderer_host/download_resource_handler.h index dfc047e..d9afa42 100644 --- a/chrome/browser/renderer_host/download_resource_handler.h +++ b/chrome/browser/renderer_host/download_resource_handler.h @@ -37,7 +37,9 @@ class DownloadResourceHandler : public ResourceHandler { bool OnReadCompleted(int request_id, int* bytes_read); - bool OnResponseCompleted(int request_id, const URLRequestStatus& status); + bool OnResponseCompleted(int request_id, + const URLRequestStatus& status, + const std::string& security_info); // If the content-length header is not present (or contains something other // than numbers), the incoming content_length is -1 (unknown size). diff --git a/chrome/browser/renderer_host/download_throttling_resource_handler.cc b/chrome/browser/renderer_host/download_throttling_resource_handler.cc index f049788..2e8042b 100644 --- a/chrome/browser/renderer_host/download_throttling_resource_handler.cc +++ b/chrome/browser/renderer_host/download_throttling_resource_handler.cc @@ -99,9 +99,11 @@ bool DownloadThrottlingResourceHandler::OnReadCompleted(int request_id, bool DownloadThrottlingResourceHandler::OnResponseCompleted( int request_id, - const URLRequestStatus& status) { + const URLRequestStatus& status, + const std::string& security_info) { if (download_handler_.get()) - return download_handler_->OnResponseCompleted(request_id, status); + return download_handler_->OnResponseCompleted(request_id, status, + security_info); NOTREACHED(); return true; } diff --git a/chrome/browser/renderer_host/download_throttling_resource_handler.h b/chrome/browser/renderer_host/download_throttling_resource_handler.h index 3306475..5a2eea9 100644 --- a/chrome/browser/renderer_host/download_throttling_resource_handler.h +++ b/chrome/browser/renderer_host/download_throttling_resource_handler.h @@ -46,7 +46,8 @@ class DownloadThrottlingResourceHandler int min_size); virtual bool OnReadCompleted(int request_id, int* bytes_read); virtual bool OnResponseCompleted(int request_id, - const URLRequestStatus& status); + const URLRequestStatus& status, + const std::string& security_info); // DownloadRequestManager::Callback implementation: void CancelDownload(); diff --git a/chrome/browser/renderer_host/resource_dispatcher_host.cc b/chrome/browser/renderer_host/resource_dispatcher_host.cc index ba161e4..4245054 100644 --- a/chrome/browser/renderer_host/resource_dispatcher_host.cc +++ b/chrome/browser/renderer_host/resource_dispatcher_host.cc @@ -205,7 +205,8 @@ bool ResourceDispatcherHost::HandleExternalProtocol(int request_id, handler->OnResponseCompleted(request_id, URLRequestStatus( URLRequestStatus::FAILED, - net::ERR_ABORTED)); + net::ERR_ABORTED), + std::string()); // No security info necessary. return true; } @@ -224,7 +225,9 @@ void ResourceDispatcherHost::BeginRequest( receiver->Send(new ViewMsg_Resource_RequestComplete( render_view_id, request_id, - URLRequestStatus(URLRequestStatus::FAILED, net::ERR_ABORTED))); + URLRequestStatus(URLRequestStatus::FAILED, net::ERR_ABORTED), + std::string())); // No security info needed, connection was not + // established. return; } @@ -232,7 +235,7 @@ void ResourceDispatcherHost::BeginRequest( // requests. Does nothing if they are already loaded. // TODO(mpcomplete): This takes 200 ms! Investigate parallelizing this by // starting the load earlier in a BG thread. - plugin_service_->LoadChromePlugins(this); + // plugin_service_->LoadChromePlugins(this); // Construct the event handler. scoped_refptr<ResourceHandler> handler; @@ -919,7 +922,7 @@ void ResourceDispatcherHost::BeginRequestInternal(URLRequest* request, if (memory_cost > max_outstanding_requests_cost_per_process_) { // We call "CancelWithError()" as a way of setting the URLRequest's // status -- it has no effect beyond this, since the request hasn't started. - request->CancelWithError(net::ERR_INSUFFICIENT_RESOURCES); + request->SimulateError(net::ERR_INSUFFICIENT_RESOURCES); // TODO(eroman): this is kinda funky -- we insert the unstarted request into // |pending_requests_| simply to please OnResponseCompleted(). @@ -1121,8 +1124,19 @@ void ResourceDispatcherHost::OnResponseCompleted(URLRequest* request) { RESOURCE_LOG("OnResponseCompleted: " << request->url().spec()); ExtraRequestInfo* info = ExtraInfoForRequest(request); + std::string security_info; + const net::SSLInfo& ssl_info = request->ssl_info(); + if (ssl_info.cert != NULL) { + int cert_id = CertStore::GetSharedInstance()-> + StoreCert(ssl_info.cert, info->render_process_host_id); + security_info = SSLManager::SerializeSecurityInfo(cert_id, + ssl_info.cert_status, + ssl_info.security_bits); + } + if (info->resource_handler->OnResponseCompleted(info->request_id, - request->status())) { + request->status(), + security_info)) { NotifyResponseCompleted(request, info->render_process_host_id); // The request is complete so we can remove it. diff --git a/chrome/browser/renderer_host/resource_handler.h b/chrome/browser/renderer_host/resource_handler.h index 01abcb5..2b843f9 100644 --- a/chrome/browser/renderer_host/resource_handler.h +++ b/chrome/browser/renderer_host/resource_handler.h @@ -12,6 +12,8 @@ #ifndef CHROME_BROWSER_RENDERER_HOST_RESOURCE_HANDLER_H_ #define CHROME_BROWSER_RENDERER_HOST_RESOURCE_HANDLER_H_ +#include <string> + #include "chrome/common/filter_policy.h" #include "net/url_request/url_request_status.h" #include "webkit/glue/resource_loader_bridge.h" @@ -83,7 +85,8 @@ class ResourceHandler : public base::RefCounted<ResourceHandler> { // The response is complete. The final response status is given. // Returns false if the handler is deferring the call to a later time. virtual bool OnResponseCompleted(int request_id, - const URLRequestStatus& status) = 0; + const URLRequestStatus& status, + const std::string& security_info) = 0; }; #endif // CHROME_BROWSER_RENDERER_HOST_RESOURCE_HANDLER_H_ diff --git a/chrome/browser/renderer_host/safe_browsing_resource_handler.cc b/chrome/browser/renderer_host/safe_browsing_resource_handler.cc index 7ee4661..0d0d058 100644 --- a/chrome/browser/renderer_host/safe_browsing_resource_handler.cc +++ b/chrome/browser/renderer_host/safe_browsing_resource_handler.cc @@ -101,7 +101,8 @@ bool SafeBrowsingResourceHandler::OnReadCompleted(int request_id, } bool SafeBrowsingResourceHandler::OnResponseCompleted( - int request_id, const URLRequestStatus& status) { + int request_id, const URLRequestStatus& status, + const std::string& security_info) { if ((in_safe_browsing_check_ || safe_browsing_result_ != SafeBrowsingService::URL_SAFE) && status.status() == URLRequestStatus::FAILED && @@ -111,10 +112,11 @@ bool SafeBrowsingResourceHandler::OnResponseCompleted( // page. queued_error_.reset(new URLRequestStatus(status)); queued_error_request_id_ = request_id; + queued_security_info_ = security_info; return true; } - return next_handler_->OnResponseCompleted(request_id, status); + return next_handler_->OnResponseCompleted(request_id, status, security_info); } // SafeBrowsingService::Client implementation, called on the IO thread once @@ -140,8 +142,10 @@ void SafeBrowsingResourceHandler::OnUrlCheckResult( if (queued_error_.get()) { next_handler_->OnResponseCompleted( - queued_error_request_id_, *queued_error_.get()); + queued_error_request_id_, *queued_error_.get(), + queued_security_info_); queued_error_.reset(); + queued_security_info_.clear(); } Release(); @@ -168,8 +172,10 @@ void SafeBrowsingResourceHandler::OnBlockingPageComplete(bool proceed) { if (queued_error_.get()) { next_handler_->OnResponseCompleted( - queued_error_request_id_, *queued_error_.get()); + queued_error_request_id_, *queued_error_.get(), + queued_security_info_); queued_error_.reset(); + queued_security_info_.clear(); } } else { rdh_->CancelRequest(render_process_host_id_, paused_request_id_, false); diff --git a/chrome/browser/renderer_host/safe_browsing_resource_handler.h b/chrome/browser/renderer_host/safe_browsing_resource_handler.h index 92e0040..a3c74ba 100644 --- a/chrome/browser/renderer_host/safe_browsing_resource_handler.h +++ b/chrome/browser/renderer_host/safe_browsing_resource_handler.h @@ -5,6 +5,8 @@ #ifndef CHROME_BROWSER_RENDERER_HOST_SAFE_BROWSING_RESOURCE_HANDLER_H_ #define CHROME_BROWSER_RENDERER_HOST_SAFE_BROWSING_RESOURCE_HANDLER_H_ +#include <string> + #include "base/time.h" #include "chrome/browser/renderer_host/resource_handler.h" #include "chrome/browser/safe_browsing/safe_browsing_service.h" @@ -31,7 +33,9 @@ class SafeBrowsingResourceHandler : public ResourceHandler, bool OnWillRead(int request_id, net::IOBuffer** buf, int* buf_size, int min_size); bool OnReadCompleted(int request_id, int* bytes_read); - bool OnResponseCompleted(int request_id, const URLRequestStatus& status); + bool OnResponseCompleted(int request_id, + const URLRequestStatus& status, + const std::string& security_info); // SafeBrowsingService::Client implementation, called on the IO thread once // the URL has been classified. @@ -52,6 +56,7 @@ class SafeBrowsingResourceHandler : public ResourceHandler, SafeBrowsingService::UrlCheckResult safe_browsing_result_; scoped_refptr<SafeBrowsingService> safe_browsing_; scoped_ptr<URLRequestStatus> queued_error_; + std::string queued_security_info_; int queued_error_request_id_; ResourceDispatcherHost* rdh_; base::Time pause_time_; diff --git a/chrome/browser/renderer_host/save_file_resource_handler.cc b/chrome/browser/renderer_host/save_file_resource_handler.cc index c4db4a2..2f469f1 100644 --- a/chrome/browser/renderer_host/save_file_resource_handler.cc +++ b/chrome/browser/renderer_host/save_file_resource_handler.cc @@ -74,7 +74,8 @@ bool SaveFileResourceHandler::OnReadCompleted(int request_id, int* bytes_read) { bool SaveFileResourceHandler::OnResponseCompleted( int request_id, - const URLRequestStatus& status) { + const URLRequestStatus& status, + const std::string& security_info) { save_manager_->GetSaveLoop()->PostTask(FROM_HERE, NewRunnableMethod(save_manager_, &SaveFileManager::SaveFinished, diff --git a/chrome/browser/renderer_host/save_file_resource_handler.h b/chrome/browser/renderer_host/save_file_resource_handler.h index 03f4a02..bc3548c 100644 --- a/chrome/browser/renderer_host/save_file_resource_handler.h +++ b/chrome/browser/renderer_host/save_file_resource_handler.h @@ -34,7 +34,9 @@ class SaveFileResourceHandler : public ResourceHandler { // Passes the buffer to the download file writer. bool OnReadCompleted(int request_id, int* bytes_read); - bool OnResponseCompleted(int request_id, const URLRequestStatus& status); + bool OnResponseCompleted(int request_id, + const URLRequestStatus& status, + const std::string& security_info); // If the content-length header is not present (or contains something other // than numbers), StringToInt64 returns 0, which indicates 'unknown size' and diff --git a/chrome/browser/renderer_host/sync_resource_handler.cc b/chrome/browser/renderer_host/sync_resource_handler.cc index cc74b2d..5be45a9 100644 --- a/chrome/browser/renderer_host/sync_resource_handler.cc +++ b/chrome/browser/renderer_host/sync_resource_handler.cc @@ -54,8 +54,10 @@ bool SyncResourceHandler::OnReadCompleted(int request_id, int* bytes_read) { return true; } -bool SyncResourceHandler::OnResponseCompleted(int request_id, - const URLRequestStatus& status) { +bool SyncResourceHandler::OnResponseCompleted( + int request_id, + const URLRequestStatus& status, + const std::string& security_info) { result_.status = status; ViewHostMsg_SyncLoad::WriteReplyParams(result_message_, result_); diff --git a/chrome/browser/renderer_host/sync_resource_handler.h b/chrome/browser/renderer_host/sync_resource_handler.h index deb7746..8aa4681 100644 --- a/chrome/browser/renderer_host/sync_resource_handler.h +++ b/chrome/browser/renderer_host/sync_resource_handler.h @@ -5,6 +5,8 @@ #ifndef CHROME_BROWSER_RENDERER_HOST_SYNC_RESOURCE_HANDLER_H_ #define CHROME_BROWSER_RENDERER_HOST_SYNC_RESOURCE_HANDLER_H_ +#include <string> + #include "chrome/browser/renderer_host/resource_dispatcher_host.h" #include "chrome/browser/renderer_host/resource_handler.h" #include "net/base/io_buffer.h" @@ -23,7 +25,9 @@ class SyncResourceHandler : public ResourceHandler { bool OnWillRead(int request_id, net::IOBuffer** buf, int* buf_size, int min_size); bool OnReadCompleted(int request_id, int* bytes_read); - bool OnResponseCompleted(int request_id, const URLRequestStatus& status); + bool OnResponseCompleted(int request_id, + const URLRequestStatus& status, + const std::string& security_info); private: enum { kReadBufSize = 3840 }; diff --git a/chrome/browser/ssl/ssl_manager.cc b/chrome/browser/ssl/ssl_manager.cc index bc95a53..58d7acb 100644 --- a/chrome/browser/ssl/ssl_manager.cc +++ b/chrome/browser/ssl/ssl_manager.cc @@ -338,7 +338,11 @@ void SSLManager::ErrorHandler::CompleteCancelRequest(int error) { // The request can be NULL if it was cancelled by the renderer (as the // result of the user navigating to a new page from the location bar). DLOG(INFO) << "CompleteCancelRequest() url: " << request->url().spec(); - request->CancelWithError(error); + SSLManager::CertError* cert_error = AsCertError(); + if (cert_error) + request->SimulateSSLError(error, cert_error->ssl_info()); + else + request->SimulateError(error); } request_has_been_notified_ = true; @@ -591,7 +595,8 @@ void SSLManager::DidCommitProvisionalLoad( // An HTTPS response may not have a certificate for some reason. When that // happens, use the unauthenticated (HTTP) rather than the authentication // broken security style so that we can detect this error condition. - if (net::IsCertStatusError(ssl_cert_status)) { + if (net::IsCertStatusError(ssl_cert_status) && + !details->is_content_filtered) { changed |= SetMaxSecurityStyle(SECURITY_STYLE_AUTHENTICATION_BROKEN); if (!details->is_main_frame && !details->entry->ssl().has_unsafe_content()) { diff --git a/chrome/browser/ssl/ssl_manager.h b/chrome/browser/ssl/ssl_manager.h index 0b1842e..63cfce4 100644 --- a/chrome/browser/ssl/ssl_manager.h +++ b/chrome/browser/ssl/ssl_manager.h @@ -49,6 +49,8 @@ class WebContents; class SSLManager : public NotificationObserver { public: + class CertError; + // An ErrorHandler carries information from the IO thread to the UI thread // and is dispatched to the appropriate SSLManager when it arrives on the // UI thread. Subclasses should override the OnDispatched/OnDispatchFailed @@ -63,6 +65,8 @@ class SSLManager : public NotificationObserver { public: virtual ~ErrorHandler() { } + virtual CertError* AsCertError() { return NULL; } + // Find the appropriate SSLManager for the URLRequest and begin handling // this error. // @@ -167,7 +171,7 @@ class SSLManager : public NotificationObserver { bool request_has_been_notified_; // A flag to make sure we notify the // URLRequest exactly once. - DISALLOW_EVIL_CONSTRUCTORS(ErrorHandler); + DISALLOW_COPY_AND_ASSIGN(ErrorHandler); }; // A CertError represents an error that occurred with the certificate in an @@ -175,6 +179,9 @@ class SSLManager : public NotificationObserver { // thread and allows us to cancel/continue a request it is associated with. class CertError : public ErrorHandler { public: + + virtual CertError* AsCertError() { return this; } + // These accessors are available on either thread const net::SSLInfo& ssl_info() const { return ssl_info_; } int cert_error() const { return cert_error_; } @@ -206,7 +213,7 @@ class SSLManager : public NotificationObserver { // that error. ResourceType::Type resource_type_; - DISALLOW_EVIL_CONSTRUCTORS(CertError); + DISALLOW_COPY_AND_ASSIGN(CertError); }; // The MixedContentHandler class is used to query what to do with @@ -224,7 +231,7 @@ class SSLManager : public NotificationObserver { virtual void OnDispatched() { manager()->OnMixedContent(this); } private: - DISALLOW_EVIL_CONSTRUCTORS(MixedContentHandler); + DISALLOW_COPY_AND_ASSIGN(MixedContentHandler); }; // The SSLManager will ask its delegate to decide how to handle events diff --git a/chrome/common/render_messages_internal.h b/chrome/common/render_messages_internal.h index d8418e8..e0fd20c 100644 --- a/chrome/common/render_messages_internal.h +++ b/chrome/common/render_messages_internal.h @@ -193,9 +193,10 @@ IPC_BEGIN_MESSAGES(View) int /* data_len */) // Sent when the request has been completed. - IPC_MESSAGE_ROUTED2(ViewMsg_Resource_RequestComplete, + IPC_MESSAGE_ROUTED3(ViewMsg_Resource_RequestComplete, int /* request_id */, - URLRequestStatus /* status */) + URLRequestStatus /* status */, + std::string /* security info */) // Request for the renderer to evaluate an xpath to a frame and execute a // javascript: url in that frame's context. The message is completely diff --git a/chrome/common/resource_dispatcher.cc b/chrome/common/resource_dispatcher.cc index e9db613..76942ec 100644 --- a/chrome/common/resource_dispatcher.cc +++ b/chrome/common/resource_dispatcher.cc @@ -382,7 +382,8 @@ void ResourceDispatcher::OnReceivedRedirect(int request_id, } void ResourceDispatcher::OnRequestComplete(int request_id, - const URLRequestStatus& status) { + const URLRequestStatus& status, + const std::string& security_info) { PendingRequestList::iterator it = pending_requests_.find(request_id); if (it == pending_requests_.end()) { // this might happen for kill()ed requests on the webkit end, so perhaps @@ -414,7 +415,7 @@ void ResourceDispatcher::OnRequestComplete(int request_id, // The request ID will be removed from our pending list in the destructor. // Normally, dispatching this message causes the reference-counted request to // die immediately. - peer->OnCompletedRequest(status); + peer->OnCompletedRequest(status, security_info); webkit_glue::NotifyCacheStats(); } diff --git a/chrome/common/resource_dispatcher.h b/chrome/common/resource_dispatcher.h index a6b73d5..b4e7fb1 100644 --- a/chrome/common/resource_dispatcher.h +++ b/chrome/common/resource_dispatcher.h @@ -108,7 +108,9 @@ class ResourceDispatcher : public base::RefCounted<ResourceDispatcher> { void OnReceivedRedirect(int request_id, const GURL& new_url); void OnReceivedData(int request_id, base::SharedMemoryHandle data, int data_len); - void OnRequestComplete(int request_id, const URLRequestStatus& status); + void OnRequestComplete(int request_id, + const URLRequestStatus& status, + const std::string& security_info); // Dispatch the message to one of the message response handlers. void DispatchMessage(const IPC::Message& message); diff --git a/chrome/common/resource_dispatcher_unittest.cc b/chrome/common/resource_dispatcher_unittest.cc index 43628b8..e4c8792 100644 --- a/chrome/common/resource_dispatcher_unittest.cc +++ b/chrome/common/resource_dispatcher_unittest.cc @@ -44,7 +44,8 @@ class TestRequestCallback : public ResourceLoaderBridge::Peer { data_.append(data, len); } - virtual void OnCompletedRequest(const URLRequestStatus& status) { + virtual void OnCompletedRequest(const URLRequestStatus& status, + const std::string& security_info) { EXPECT_FALSE(complete_); complete_ = true; } diff --git a/chrome/common/security_filter_peer.cc b/chrome/common/security_filter_peer.cc index aef72ebb..30d6d1e 100644 --- a/chrome/common/security_filter_peer.cc +++ b/chrome/common/security_filter_peer.cc @@ -114,7 +114,8 @@ void SecurityFilterPeer::OnReceivedData(const char* data, int len) { NOTREACHED(); } -void SecurityFilterPeer::OnCompletedRequest(const URLRequestStatus& status) { +void SecurityFilterPeer::OnCompletedRequest(const URLRequestStatus& status, + const std::string& security_info) { NOTREACHED(); } @@ -175,7 +176,8 @@ void BufferedPeer::OnReceivedData(const char* data, int len) { data_.append(data, len); } -void BufferedPeer::OnCompletedRequest(const URLRequestStatus& status) { +void BufferedPeer::OnCompletedRequest(const URLRequestStatus& status, + const std::string& security_info) { // Make sure we delete ourselves at the end of this call. scoped_ptr<BufferedPeer> this_deleter(this); @@ -184,7 +186,7 @@ void BufferedPeer::OnCompletedRequest(const URLRequestStatus& status) { // Pretend we failed to load the resource. original_peer_->OnReceivedResponse(response_info_, true); URLRequestStatus status(URLRequestStatus::CANCELED, 0); - original_peer_->OnCompletedRequest(status); + original_peer_->OnCompletedRequest(status, security_info); return; } @@ -192,7 +194,7 @@ void BufferedPeer::OnCompletedRequest(const URLRequestStatus& status) { if (!data_.empty()) original_peer_->OnReceivedData(data_.data(), static_cast<int>(data_.size())); - original_peer_->OnCompletedRequest(status); + original_peer_->OnCompletedRequest(status, security_info); } //////////////////////////////////////////////////////////////////////////////// @@ -221,15 +223,17 @@ void ReplaceContentPeer::OnReceivedData(const char* data, int len) { // Ignore this, we'll serve some alternate content in OnCompletedRequest. } -void ReplaceContentPeer::OnCompletedRequest(const URLRequestStatus& status) { +void ReplaceContentPeer::OnCompletedRequest(const URLRequestStatus& status, + const std::string& security_info) { webkit_glue::ResourceLoaderBridge::ResponseInfo info; ProcessResponseInfo(info, &info, mime_type_); + info.security_info = security_info; info.content_length = static_cast<int>(data_.size()); original_peer_->OnReceivedResponse(info, true); if (!data_.empty()) original_peer_->OnReceivedData(data_.data(), static_cast<int>(data_.size())); - original_peer_->OnCompletedRequest(URLRequestStatus()); + original_peer_->OnCompletedRequest(URLRequestStatus(), security_info); // The request processing is complete, we must delete ourselves. delete this; diff --git a/chrome/common/security_filter_peer.h b/chrome/common/security_filter_peer.h index ef08426..816f9da 100644 --- a/chrome/common/security_filter_peer.h +++ b/chrome/common/security_filter_peer.h @@ -43,7 +43,8 @@ class SecurityFilterPeer : public webkit_glue::ResourceLoaderBridge::Peer { const webkit_glue::ResourceLoaderBridge::ResponseInfo& info, bool content_filtered); virtual void OnReceivedData(const char* data, int len); - virtual void OnCompletedRequest(const URLRequestStatus& status); + virtual void OnCompletedRequest(const URLRequestStatus& status, + const std::string& security_info); virtual std::string GetURLForDebugging(); protected: @@ -71,7 +72,8 @@ class BufferedPeer : public SecurityFilterPeer { const webkit_glue::ResourceLoaderBridge::ResponseInfo& info, bool content_filtered); virtual void OnReceivedData(const char* data, int len); - virtual void OnCompletedRequest(const URLRequestStatus& status); + virtual void OnCompletedRequest(const URLRequestStatus& status, + const std::string& security_info); protected: // Invoked when the entire request has been processed before the data is sent @@ -109,7 +111,8 @@ class ReplaceContentPeer : public SecurityFilterPeer { const webkit_glue::ResourceLoaderBridge::ResponseInfo& info, bool content_filtered); void OnReceivedData(const char* data, int len); - void OnCompletedRequest(const URLRequestStatus& status); + void OnCompletedRequest(const URLRequestStatus& status, + const std::string& security_info); private: webkit_glue::ResourceLoaderBridge::ResponseInfo response_info_; std::string mime_type_; diff --git a/chrome/plugin/chrome_plugin_host.cc b/chrome/plugin/chrome_plugin_host.cc index f1d2794..9a070e9 100644 --- a/chrome/plugin/chrome_plugin_host.cc +++ b/chrome/plugin/chrome_plugin_host.cc @@ -86,7 +86,8 @@ class PluginRequestHandlerProxy } } - virtual void OnCompletedRequest(const URLRequestStatus& status) { + virtual void OnCompletedRequest(const URLRequestStatus& status, + const std::string& security_info) { completed_ = true; if (!status.is_success()) { diff --git a/chrome/renderer/chrome_plugin_host.cc b/chrome/renderer/chrome_plugin_host.cc index 9b3fea9..81317c5 100644 --- a/chrome/renderer/chrome_plugin_host.cc +++ b/chrome/renderer/chrome_plugin_host.cc @@ -86,7 +86,8 @@ class PluginRequestHandlerProxy } } - virtual void OnCompletedRequest(const URLRequestStatus& status) { + virtual void OnCompletedRequest(const URLRequestStatus& status, + const std::string& security_info) { completed_ = true; if (!status.is_success()) { diff --git a/net/url_request/url_request.cc b/net/url_request/url_request.cc index fefd24c..3de8439 100644 --- a/net/url_request/url_request.cc +++ b/net/url_request/url_request.cc @@ -260,10 +260,23 @@ void URLRequest::Start() { } void URLRequest::Cancel() { - CancelWithError(net::ERR_ABORTED); + DoCancel(net::ERR_ABORTED, net::SSLInfo()); } -void URLRequest::CancelWithError(int os_error) { +void URLRequest::SimulateError(int os_error) { + DoCancel(os_error, net::SSLInfo()); +} + +void URLRequest::SimulateSSLError(int os_error, const net::SSLInfo& ssl_info) { + // This should only be called on a started request. + if (!is_pending_ || !job_ || job_->has_response_started()) { + NOTREACHED(); + return; + } + DoCancel(os_error, ssl_info); +} + +void URLRequest::DoCancel(int os_error, const net::SSLInfo& ssl_info) { DCHECK(os_error < 0); // If the URL request already has an error status, then canceling is a no-op. @@ -271,6 +284,7 @@ void URLRequest::CancelWithError(int os_error) { if (status_.is_success()) { status_.set_status(URLRequestStatus::CANCELED); status_.set_os_error(os_error); + response_info_.ssl_info = ssl_info; } // There's nothing to do if we are not waiting on a Job. diff --git a/net/url_request/url_request.h b/net/url_request/url_request.h index f4aee3a..4309689 100644 --- a/net/url_request/url_request.h +++ b/net/url_request/url_request.h @@ -354,10 +354,15 @@ class URLRequest { // no effect once the response has completed. void Cancel(); - // Similar to Cancel but sets the error to |os_error| (see net_error_list.h - // for values) instead of net::ERR_ABORTED. - // Used to attach a reason for canceling a request. - void CancelWithError(int os_error); + // Cancels the request and sets the error to |os_error| (see net_error_list.h + // for values). + void SimulateError(int os_error); + + // Cancels the request and sets the error to |os_error| (see net_error_list.h + // for values) and attaches |ssl_info| as the SSLInfo for that request. This + // is useful to attach a certificate and certificate error to a canceled + // request. + void SimulateSSLError(int os_error, const net::SSLInfo& ssl_info); // Read initiates an asynchronous read from the response, and must only // be called after the OnResponseStarted callback is received with a @@ -435,6 +440,10 @@ class URLRequest { // been orphaned. void OrphanJob(); + // Cancels the request and set the error and ssl info for this request to the + // passed values. + void DoCancel(int os_error, const net::SSLInfo& ssl_info); + // Discard headers which have meaning in POST (Content-Length, Content-Type, // Origin). static std::string StripPostSpecificHeaders(const std::string& headers); diff --git a/net/url_request/url_request_job.h b/net/url_request/url_request_job.h index fae5a1b..aac3768 100644 --- a/net/url_request/url_request_job.h +++ b/net/url_request/url_request_job.h @@ -192,6 +192,9 @@ class URLRequestJob : public base::RefCountedThreadSafe<URLRequestJob> { expected_content_size_ = size; } + // Whether we have processed the response for that request yet. + bool has_response_started() const { return has_handled_response_; } + protected: // Notifies the job that headers have been received. void NotifyHeadersComplete(); diff --git a/webkit/glue/resource_handle_impl.cc b/webkit/glue/resource_handle_impl.cc index ee7acb4..dbc8606 100644 --- a/webkit/glue/resource_handle_impl.cc +++ b/webkit/glue/resource_handle_impl.cc @@ -227,7 +227,8 @@ class ResourceHandleInternal : public ResourceLoaderBridge::Peer { const ResourceLoaderBridge::ResponseInfo& info, bool content_filtered); virtual void OnReceivedData(const char* data, int len); - virtual void OnCompletedRequest(const URLRequestStatus& status); + virtual void OnCompletedRequest(const URLRequestStatus& status, + const std::string& security_info); virtual std::string GetURLForDebugging(); // Handles a data: url internally instead of calling the bridge. @@ -299,7 +300,7 @@ void ResourceHandleInternal::HandleDataUrl() { OnReceivedData(data.c_str(), data.size()); } - OnCompletedRequest(status); + OnCompletedRequest(status, info.security_info); // We are done using the object. ResourceHandle and ResourceHandleInternal // might be destroyed now. @@ -604,7 +605,8 @@ void ResourceHandleInternal::OnReceivedData(const char* data, int data_len) { } void ResourceHandleInternal::OnCompletedRequest( - const URLRequestStatus& status) { + const URLRequestStatus& status, + const std::string& security_info) { if (multipart_delegate_.get()) { multipart_delegate_->OnCompletedRequest(); multipart_delegate_.reset(NULL); diff --git a/webkit/glue/resource_loader_bridge.h b/webkit/glue/resource_loader_bridge.h index 948bc74..d5ca181 100644 --- a/webkit/glue/resource_loader_bridge.h +++ b/webkit/glue/resource_loader_bridge.h @@ -111,7 +111,8 @@ class ResourceLoaderBridge { // Called when the response is complete. This method signals completion of // the resource load.ff - virtual void OnCompletedRequest(const URLRequestStatus& status) = 0; + virtual void OnCompletedRequest(const URLRequestStatus& status, + const std::string& security_info) = 0; // Returns the URL of the request, which allows us to display it in // debugging situations. diff --git a/webkit/tools/test_shell/simple_resource_loader_bridge.cc b/webkit/tools/test_shell/simple_resource_loader_bridge.cc index f6b10f3..c6c7b78 100644 --- a/webkit/tools/test_shell/simple_resource_loader_bridge.cc +++ b/webkit/tools/test_shell/simple_resource_loader_bridge.cc @@ -173,9 +173,10 @@ class RequestProxy : public URLRequest::Delegate, peer_->OnReceivedData(buf_copy.get(), bytes_read); } - void NotifyCompletedRequest(const URLRequestStatus& status) { + void NotifyCompletedRequest(const URLRequestStatus& status, + const std::string& security_info) { if (peer_) { - peer_->OnCompletedRequest(status); + peer_->OnCompletedRequest(status, security_info); DropPeer(); // ensure no further notifications } } @@ -246,9 +247,10 @@ class RequestProxy : public URLRequest::Delegate, this, &RequestProxy::NotifyReceivedData, bytes_read)); } - virtual void OnCompletedRequest(const URLRequestStatus& status) { + virtual void OnCompletedRequest(const URLRequestStatus& status, + const std::string& security_info) { owner_loop_->PostTask(FROM_HERE, NewRunnableMethod( - this, &RequestProxy::NotifyCompletedRequest, status)); + this, &RequestProxy::NotifyCompletedRequest, status, security_info)); } // -------------------------------------------------------------------------- @@ -289,7 +291,7 @@ class RequestProxy : public URLRequest::Delegate, void Done() { DCHECK(request_.get()); - OnCompletedRequest(request_->status()); + OnCompletedRequest(request_->status(), std::string()); request_.reset(); // destroy on the io thread } |