Ignore revocation check failures from automated requests.

Extensions send requests without a TabContents, therefore we can't route SSL errors to their SSLManager. Since, without a UI, we have to make a static decision, this change makes it so that revocation check failures are ignored for these requests. BUG=86537 TEST=none Review URL: http://codereview.chromium.org/8201011 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@105082 0039d316-1c4b-4281-b951-d872f2087c98
author: agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2011-10-12 15:23:54 +0000
committer: agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2011-10-12 15:23:54 +0000
commit: 03e09864d6b5738fab87b3d1e5aaeca35b0d08b6 (patch)
tree: 9c15dcd4f048b0f41b9a70d6b8ff683f2a36bb60 /content/browser/ssl
parent: e72f5d7292734d8108549eaa85b5f27f87823634 (diff)
download: chromium_src-03e09864d6b5738fab87b3d1e5aaeca35b0d08b6.zip
chromium_src-03e09864d6b5738fab87b3d1e5aaeca35b0d08b6.tar.gz
chromium_src-03e09864d6b5738fab87b3d1e5aaeca35b0d08b6.tar.bz2
2 files changed, 13 insertions, 7 deletions
diff --git a/content/browser/ssl/ssl_cert_error_handler.cc b/content/browser/ssl/ssl_cert_error_handler.cc
index 6af1497..343a4dc 100644
--- a/content/browser/ssl/ssl_cert_error_handler.cc
+++ b/content/browser/ssl/ssl_cert_error_handler.cc
@@ -27,7 +27,15 @@ SSLCertErrorHandler* SSLCertErrorHandler::AsSSLCertErrorHandler() {
 }
 
 void SSLCertErrorHandler::OnDispatchFailed() {
-  CancelRequest();
+  // Requests that don't have a tab (i.e. requests from extensions) will fail
+  // to dispatch because they don't have a TabContents. See crbug.com/86537. In
+  // this case we have to make a decision in this function, so we ignore
+  // revocation check failures.
+  if (net::IsCertStatusMinorError(ssl_info().cert_status)) {
+    ContinueRequest();
+  } else {
+    CancelRequest();
+  }
 }
 
 void SSLCertErrorHandler::OnDispatched() {
diff --git a/content/browser/ssl/ssl_policy.cc b/content/browser/ssl/ssl_policy.cc
index 8aad0bc..8f28f4b 100644
--- a/content/browser/ssl/ssl_policy.cc
+++ b/content/browser/ssl/ssl_policy.cc
@@ -130,12 +130,10 @@ void SSLPolicy::UpdateEntry(NavigationEntry* entry, TabContents* tab_contents) {
     }
   }
 
-  // If CERT_STATUS_UNABLE_TO_CHECK_REVOCATION is the only certificate error,
-  // don't lower the security style to SECURITY_STYLE_AUTHENTICATION_BROKEN.
-  net::CertStatus cert_errors =
-      entry->ssl().cert_status() & net::CERT_STATUS_ALL_ERRORS;
-  if (cert_errors) {
-    if (cert_errors != net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION)
+  if (net::IsCertStatusError(entry->ssl().cert_status())) {
+    // Minor errors don't lower the security style to
+    // SECURITY_STYLE_AUTHENTICATION_BROKEN.
+    if (!net::IsCertStatusMinorError(entry->ssl().cert_status()))
       entry->ssl().set_security_style(SECURITY_STYLE_AUTHENTICATION_BROKEN);
     return;
   }
author	agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2011-10-12 15:23:54 +0000
committer	agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2011-10-12 15:23:54 +0000
commit	03e09864d6b5738fab87b3d1e5aaeca35b0d08b6 (patch)
tree	9c15dcd4f048b0f41b9a70d6b8ff683f2a36bb60 /content/browser/ssl
parent	e72f5d7292734d8108549eaa85b5f27f87823634 (diff)
download	chromium_src-03e09864d6b5738fab87b3d1e5aaeca35b0d08b6.zip chromium_src-03e09864d6b5738fab87b3d1e5aaeca35b0d08b6.tar.gz chromium_src-03e09864d6b5738fab87b3d1e5aaeca35b0d08b6.tar.bz2