summaryrefslogtreecommitdiffstats
path: root/chrome
diff options
context:
space:
mode:
Diffstat (limited to 'chrome')
-rw-r--r--chrome/browser/ssl/ssl_policy.cc12
1 files changed, 10 insertions, 2 deletions
diff --git a/chrome/browser/ssl/ssl_policy.cc b/chrome/browser/ssl/ssl_policy.cc
index 9e796fa..5221c04 100644
--- a/chrome/browser/ssl/ssl_policy.cc
+++ b/chrome/browser/ssl/ssl_policy.cc
@@ -318,9 +318,13 @@ SSLErrorInfo SSLPolicy::GetSSLErrorInfo(SSLManager::CertError* error) {
void SSLPolicy::OnDenyCertificate(SSLManager::CertError* error) {
// Default behavior for rejecting a certificate.
- error->CancelRequest();
+ //
+ // While DenyCertForHost() executes synchronously on this thread,
+ // CancelRequest() gets posted to a different thread. Calling
+ // DenyCertForHost() first ensures deterministic ordering.
error->manager()->DenyCertForHost(error->ssl_info().cert,
error->request_url().host());
+ error->CancelRequest();
}
void SSLPolicy::OnAllowCertificate(SSLManager::CertError* error) {
@@ -330,9 +334,13 @@ void SSLPolicy::OnAllowCertificate(SSLManager::CertError* error) {
// new NavigationEntry will not be set until DidNavigate. This is ok,
// because the new NavigationEntry will have its max security style set
// within DidNavigate.
- error->ContinueRequest();
+ //
+ // While AllowCertForHost() executes synchronously on this thread,
+ // ContinueRequest() gets posted to a different thread. Calling
+ // AllowCertForHost() first ensures deterministic ordering.
error->manager()->AllowCertForHost(error->ssl_info().cert,
error->request_url().host());
+ error->ContinueRequest();
}
////////////////////////////////////////////////////////////////////////////////
generated by cgit v1.1 at 2025-02-01 19:22:03 +0000