summaryrefslogtreecommitdiffstats
path: root/chrome/browser/ssl/ssl_error_classification.cc
diff options
context:
space:
mode:
authorbhanudev <bhanudev@google.com>2015-08-18 15:21:18 -0700
committerCommit bot <commit-bot@chromium.org>2015-08-18 22:22:06 +0000
commit2051ce7a01a4026ec1611c940a3d83a55a6e19ef (patch)
tree2409169e8a1e7262b718cd16842504dce8bf6d3e /chrome/browser/ssl/ssl_error_classification.cc
parent75eee56c732dd56ad5c733db0c4522adc8ce5029 (diff)
downloadchromium_src-2051ce7a01a4026ec1611c940a3d83a55a6e19ef.zip
chromium_src-2051ce7a01a4026ec1611c940a3d83a55a6e19ef.tar.gz
chromium_src-2051ce7a01a4026ec1611c940a3d83a55a6e19ef.tar.bz2
Common Name Mismatch Handler For WWW Subdomain Mismatch case
This CL displays a modified interstitial for the WWW subdomain mismatch error. When there is a WWW sub domain mismatch between the hostname entered in the URL and the dns name present in the certificate, we ping the www mismatched domain. If a valid response code is received, we display an interstitial with a link to that domain. BUG=507454 Review URL: https://codereview.chromium.org/1223233002 Cr-Commit-Position: refs/heads/master@{#344052}
Diffstat (limited to 'chrome/browser/ssl/ssl_error_classification.cc')
-rw-r--r--chrome/browser/ssl/ssl_error_classification.cc43
1 files changed, 27 insertions, 16 deletions
diff --git a/chrome/browser/ssl/ssl_error_classification.cc b/chrome/browser/ssl/ssl_error_classification.cc
index 305b2bb..dc953fa 100644
--- a/chrome/browser/ssl/ssl_error_classification.cc
+++ b/chrome/browser/ssl/ssl_error_classification.cc
@@ -324,33 +324,44 @@ Tokenize(const std::string& name) {
}
// We accept the inverse case for www for historical reasons.
-bool SSLErrorClassification::IsWWWSubDomainMatch() const {
- std::string host_name = request_url_.host();
+bool SSLErrorClassification::GetWWWSubDomainMatch(
+ const std::string& host_name,
+ const std::vector<std::string>& dns_names,
+ std::string* www_match_host_name) {
if (IsHostNameKnownTLD(host_name)) {
- std::vector<std::string> dns_names;
- cert_.GetDNSNames(&dns_names);
- bool result = false;
// Need to account for all possible domains given in the SSL certificate.
for (size_t i = 0; i < dns_names.size(); ++i) {
- if (dns_names[i].empty() || dns_names[i].find('\0') != std::string::npos
- || dns_names[i].length() == host_name.length()
- || !(IsHostNameKnownTLD(dns_names[i]))) {
- result = result || false;
+ if (dns_names[i].empty() ||
+ dns_names[i].find('\0') != std::string::npos ||
+ dns_names[i].length() == host_name.length() ||
+ !IsHostNameKnownTLD(dns_names[i])) {
+ continue;
} else if (dns_names[i].length() > host_name.length()) {
- result = result ||
- net::StripWWW(base::ASCIIToUTF16(dns_names[i])) ==
- base::ASCIIToUTF16(host_name);
+ if (net::StripWWW(base::ASCIIToUTF16(dns_names[i])) ==
+ base::ASCIIToUTF16(host_name)) {
+ *www_match_host_name = dns_names[i];
+ return true;
+ }
} else {
- result = result ||
- net::StripWWW(base::ASCIIToUTF16(host_name)) ==
- base::ASCIIToUTF16(dns_names[i]);
+ if (net::StripWWW(base::ASCIIToUTF16(host_name)) ==
+ base::ASCIIToUTF16(dns_names[i])) {
+ *www_match_host_name = dns_names[i];
+ return true;
+ }
}
}
- return result;
}
return false;
}
+bool SSLErrorClassification::IsWWWSubDomainMatch() const {
+ const std::string& host_name = request_url_.host();
+ std::vector<std::string> dns_names;
+ cert_.GetDNSNames(&dns_names);
+ std::string www_host;
+ return GetWWWSubDomainMatch(host_name, dns_names, &www_host);
+}
+
bool SSLErrorClassification::NameUnderAnyNames(
const Tokens& child,
const std::vector<Tokens>& potential_parents) const {