diff options
author | bhanudev <bhanudev@google.com> | 2015-08-18 15:21:18 -0700 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2015-08-18 22:22:06 +0000 |
commit | 2051ce7a01a4026ec1611c940a3d83a55a6e19ef (patch) | |
tree | 2409169e8a1e7262b718cd16842504dce8bf6d3e /chrome/browser/ssl/ssl_error_classification.cc | |
parent | 75eee56c732dd56ad5c733db0c4522adc8ce5029 (diff) | |
download | chromium_src-2051ce7a01a4026ec1611c940a3d83a55a6e19ef.zip chromium_src-2051ce7a01a4026ec1611c940a3d83a55a6e19ef.tar.gz chromium_src-2051ce7a01a4026ec1611c940a3d83a55a6e19ef.tar.bz2 |
Common Name Mismatch Handler For WWW Subdomain Mismatch case
This CL displays a modified interstitial for the WWW subdomain
mismatch error. When there is a WWW sub domain mismatch between
the hostname entered in the URL and the dns name present in the
certificate, we ping the www mismatched domain. If a valid response
code is received, we display an interstitial with a link to that domain.
BUG=507454
Review URL: https://codereview.chromium.org/1223233002
Cr-Commit-Position: refs/heads/master@{#344052}
Diffstat (limited to 'chrome/browser/ssl/ssl_error_classification.cc')
-rw-r--r-- | chrome/browser/ssl/ssl_error_classification.cc | 43 |
1 files changed, 27 insertions, 16 deletions
diff --git a/chrome/browser/ssl/ssl_error_classification.cc b/chrome/browser/ssl/ssl_error_classification.cc index 305b2bb..dc953fa 100644 --- a/chrome/browser/ssl/ssl_error_classification.cc +++ b/chrome/browser/ssl/ssl_error_classification.cc @@ -324,33 +324,44 @@ Tokenize(const std::string& name) { } // We accept the inverse case for www for historical reasons. -bool SSLErrorClassification::IsWWWSubDomainMatch() const { - std::string host_name = request_url_.host(); +bool SSLErrorClassification::GetWWWSubDomainMatch( + const std::string& host_name, + const std::vector<std::string>& dns_names, + std::string* www_match_host_name) { if (IsHostNameKnownTLD(host_name)) { - std::vector<std::string> dns_names; - cert_.GetDNSNames(&dns_names); - bool result = false; // Need to account for all possible domains given in the SSL certificate. for (size_t i = 0; i < dns_names.size(); ++i) { - if (dns_names[i].empty() || dns_names[i].find('\0') != std::string::npos - || dns_names[i].length() == host_name.length() - || !(IsHostNameKnownTLD(dns_names[i]))) { - result = result || false; + if (dns_names[i].empty() || + dns_names[i].find('\0') != std::string::npos || + dns_names[i].length() == host_name.length() || + !IsHostNameKnownTLD(dns_names[i])) { + continue; } else if (dns_names[i].length() > host_name.length()) { - result = result || - net::StripWWW(base::ASCIIToUTF16(dns_names[i])) == - base::ASCIIToUTF16(host_name); + if (net::StripWWW(base::ASCIIToUTF16(dns_names[i])) == + base::ASCIIToUTF16(host_name)) { + *www_match_host_name = dns_names[i]; + return true; + } } else { - result = result || - net::StripWWW(base::ASCIIToUTF16(host_name)) == - base::ASCIIToUTF16(dns_names[i]); + if (net::StripWWW(base::ASCIIToUTF16(host_name)) == + base::ASCIIToUTF16(dns_names[i])) { + *www_match_host_name = dns_names[i]; + return true; + } } } - return result; } return false; } +bool SSLErrorClassification::IsWWWSubDomainMatch() const { + const std::string& host_name = request_url_.host(); + std::vector<std::string> dns_names; + cert_.GetDNSNames(&dns_names); + std::string www_host; + return GetWWWSubDomainMatch(host_name, dns_names, &www_host); +} + bool SSLErrorClassification::NameUnderAnyNames( const Tokens& child, const std::vector<Tokens>& potential_parents) const { |