diff options
author | bhanudev <bhanudev@google.com> | 2015-08-18 15:21:18 -0700 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2015-08-18 22:22:06 +0000 |
commit | 2051ce7a01a4026ec1611c940a3d83a55a6e19ef (patch) | |
tree | 2409169e8a1e7262b718cd16842504dce8bf6d3e /chrome/browser/ssl/ssl_error_classification.h | |
parent | 75eee56c732dd56ad5c733db0c4522adc8ce5029 (diff) | |
download | chromium_src-2051ce7a01a4026ec1611c940a3d83a55a6e19ef.zip chromium_src-2051ce7a01a4026ec1611c940a3d83a55a6e19ef.tar.gz chromium_src-2051ce7a01a4026ec1611c940a3d83a55a6e19ef.tar.bz2 |
Common Name Mismatch Handler For WWW Subdomain Mismatch case
This CL displays a modified interstitial for the WWW subdomain
mismatch error. When there is a WWW sub domain mismatch between
the hostname entered in the URL and the dns name present in the
certificate, we ping the www mismatched domain. If a valid response
code is received, we display an interstitial with a link to that domain.
BUG=507454
Review URL: https://codereview.chromium.org/1223233002
Cr-Commit-Position: refs/heads/master@{#344052}
Diffstat (limited to 'chrome/browser/ssl/ssl_error_classification.h')
-rw-r--r-- | chrome/browser/ssl/ssl_error_classification.h | 22 |
1 files changed, 14 insertions, 8 deletions
diff --git a/chrome/browser/ssl/ssl_error_classification.h b/chrome/browser/ssl/ssl_error_classification.h index 89869b9..7d377dc 100644 --- a/chrome/browser/ssl/ssl_error_classification.h +++ b/chrome/browser/ssl/ssl_error_classification.h @@ -50,6 +50,19 @@ class SSLErrorClassification : public content::NotificationObserver { // 3.|hostname| is a dotless domain. static bool IsHostnameNonUniqueOrDotless(const std::string& hostname); + // Returns true if the site's hostname differs from one of the DNS + // names in the certificate (CN or SANs) only by the presence or + // absence of the single-label prefix "www". E.g.: (The first domain + // is hostname and the second domain is a DNS name in the certificate) + // + // www.example.com ~ example.com -> true + // example.com ~ www.example.com -> true + // www.food.example.com ~ example.com -> false + // mail.example.com ~ example.com -> false + static bool GetWWWSubDomainMatch(const std::string& host_name, + const std::vector<std::string>& dns_names, + std::string* www_match_host_name); + // A function which calculates the severity score when the ssl error is // |CERT_DATE_INVALID|. The calculated score is between 0.0 and 1.0, higher // being more severe, indicating how severe the certificate's @@ -83,14 +96,7 @@ class SSLErrorClassification : public content::NotificationObserver { // Returns true if the hostname has a known Top Level Domain. static bool IsHostNameKnownTLD(const std::string& host_name); - // Returns true if the site's hostname differs from one of the DNS - // names in the certificate (CN or SANs) only by the presence or - // absence of the single-label prefix "www". E.g.: - // - // www.example.com ~ example.com -> true - // example.com ~ www.example.com -> true - // www.food.example.com ~ example.com -> false - // mail.example.com ~ example.com -> false + // Returns true if GetWWWSubDomainMatch finds a www mismatch. bool IsWWWSubDomainMatch() const; // Returns true if |child| is a subdomain of any of the |potential_parents|. |