Add certificate-error event

2015-11-18 10:39:25 +08:00 · 2015-11-18 10:39:25 +08:00 · e432abfb42
commit e432abfb42
parent 341341bf28
7 changed files with 87 additions and 39 deletions
--- a/atom/browser/api/atom_api_app.cc
+++ b/atom/browser/api/atom_api_app.cc
@ -17,6 +17,7 @@
 #include "atom/common/native_mate_converters/callback.h"
 #include "atom/common/native_mate_converters/net_converter.h"
 #include "atom/common/native_mate_converters/file_path_converter.h"
+#include "atom/common/native_mate_converters/gurl_converter.h"
 #include "atom/common/node_includes.h"
 #include "atom/common/options_switches.h"
 #include "base/command_line.h"
@ -27,6 +28,7 @@
 #include "chrome/common/chrome_paths.h"
 #include "content/public/browser/client_certificate_delegate.h"
 #include "content/public/browser/gpu_data_manager.h"
+#include "content/public/browser/render_frame_host.h"
 #include "content/public/common/content_switches.h"
 #include "native_mate/dictionary.h"
 #include "native_mate/object_template_builder.h"
@ -216,30 +218,49 @@ void App::OnFinishLaunching() {
 }

 void App::OnLogin(LoginHandler* login_handler) {
-  // Convert the args explicitly since they will be passed for twice.
  v8::Locker locker(isolate());
  v8::HandleScope handle_scope(isolate());
-  auto web_contents =
-      WebContents::CreateFrom(isolate(), login_handler->GetWebContents());
-  auto request = mate::ConvertToV8(isolate(), login_handler->request());
-  auto auth_info = mate::ConvertToV8(isolate(), login_handler->auth_info());
-  auto callback = mate::ConvertToV8(
-      isolate(),
+  bool prevent_default = Emit(
+      "login",
+      WebContents::CreateFrom(isolate(), login_handler->GetWebContents()),
+      login_handler->request(),
+      login_handler->auth_info(),
      base::Bind(&PassLoginInformation, make_scoped_refptr(login_handler)));

-  bool prevent_default =
-      Emit("login", web_contents, request, auth_info, callback);
-
-  // Also pass it to WebContents.
-  if (!prevent_default)
-    prevent_default =
-        web_contents->Emit("login", request, auth_info, callback);
-
  // Default behavior is to always cancel the auth.
  if (!prevent_default)
    login_handler->CancelAuth();
 }

+void App::AllowCertificateError(
+    int pid,
+    int fid,
+    int cert_error,
+    const net::SSLInfo& ssl_info,
+    const GURL& request_url,
+    content::ResourceType resource_type,
+    bool overridable,
+    bool strict_enforcement,
+    bool expired_previous_decision,
+    const base::Callback<void(bool)>& callback,
+    content::CertificateRequestResultType* request) {
+  auto rfh = content::RenderFrameHost::FromID(pid, fid);
+  auto web_contents = content::WebContents::FromRenderFrameHost(rfh);
+
+  v8::Locker locker(isolate());
+  v8::HandleScope handle_scope(isolate());
+  bool prevent_default = Emit("certificate-error",
+                              WebContents::CreateFrom(isolate(), web_contents),
+                              request_url,
+                              cert_error,
+                              ssl_info.cert,
+                              callback);
+
+  // Deny the certificate by default.
+  if (!prevent_default)
+    *request = content::CERTIFICATE_REQUEST_RESULT_TYPE_DENY;
+}
+
 void App::SelectClientCertificate(
    content::WebContents* web_contents,
    net::SSLCertRequestInfo* cert_request_info,
@ -248,7 +269,7 @@ void App::SelectClientCertificate(
      shared_delegate(delegate.release());
  bool prevent_default =
      Emit("select-client-certificate",
-           api::WebContents::CreateFrom(isolate(), web_contents),
+           WebContents::CreateFrom(isolate(), web_contents),
           cert_request_info->host_and_port.ToString(),
           cert_request_info->client_certs,
           base::Bind(&OnClientCertificateSelected,
--- a/atom/browser/api/atom_api_app.h
+++ b/atom/browser/api/atom_api_app.h
@ -51,6 +51,18 @@ class App : public AtomBrowserClient::Delegate,
  void OnLogin(LoginHandler* login_handler) override;

  // content::ContentBrowserClient:
+  void AllowCertificateError(
+      int render_process_id,
+      int render_frame_id,
+      int cert_error,
+      const net::SSLInfo& ssl_info,
+      const GURL& request_url,
+      content::ResourceType resource_type,
+      bool overridable,
+      bool strict_enforcement,
+      bool expired_previous_decision,
+      const base::Callback<void(bool)>& callback,
+      content::CertificateRequestResultType* request) override;
  void SelectClientCertificate(
      content::WebContents* web_contents,
      net::SSLCertRequestInfo* cert_request_info,
--- a/atom/browser/api/atom_api_session.cc
+++ b/atom/browser/api/atom_api_session.cc
@ -238,12 +238,6 @@ void SetProxyInIO(net::URLRequestContextGetter* getter,
  RunCallbackInUI(callback);
 }

-void PassVerificationResult(
-    scoped_refptr<AtomCertVerifier::CertVerifyRequest> request,
-    bool success) {
-  request->ContinueWithResult(success ? net::OK : net::ERR_FAILED);
-}
-
 }  // namespace

 Session::Session(AtomBrowserContext* browser_context)
@ -262,19 +256,6 @@ Session::~Session() {
  Destroy();
 }

-void Session::RequestCertVerification(
-    const scoped_refptr<AtomCertVerifier::CertVerifyRequest>& request) {
-  bool prevent_default = Emit(
-      "untrusted-certificate",
-      request->args().hostname,
-      request->args().cert,
-      base::Bind(&PassVerificationResult, request));
-
-  if (!prevent_default)
-    // Tell the request to use the result of default verifier.
-    request->ContinueWithResult(net::ERR_IO_PENDING);
-}
-
 void Session::OnDownloadCreated(content::DownloadManager* manager,
                                content::DownloadItem* item) {
  auto web_contents = item->GetWebContents();
--- a/atom/browser/api/atom_api_session.h
+++ b/atom/browser/api/atom_api_session.h
@ -54,10 +54,6 @@ class Session: public mate::TrackableObject<Session>,
  explicit Session(AtomBrowserContext* browser_context);
  ~Session();

-  // AtomCertVerifier::Delegate:
-  void RequestCertVerification(
-      const scoped_refptr<AtomCertVerifier::CertVerifyRequest>&) override;
-
  // content::DownloadManager::Observer:
  void OnDownloadCreated(content::DownloadManager* manager,
                         content::DownloadItem* item) override;
--- a/atom/browser/api/lib/app.coffee
+++ b/atom/browser/api/lib/app.coffee
@ -38,6 +38,12 @@ app.getAppPath = ->
 # Helpers.
 app.resolveProxy = (url, callback) -> @defaultSession.resolveProxy url, callback

+# Routes the events to webContents.
+for name in ['login', 'certificate-error', 'select-client-certificate']
+  do (name) ->
+    app.on name, (event, webContents, args...) ->
+      webContents.emit name, event, args...
+
 # Deprecated.
 {deprecate} = electron
 app.getHomeDir = deprecate 'app.getHomeDir', 'app.getPath', ->
--- a/atom/browser/atom_browser_client.cc
+++ b/atom/browser/atom_browser_client.cc
@ -207,6 +207,26 @@ content::QuotaPermissionContext*
  return new AtomQuotaPermissionContext;
 }

+void AtomBrowserClient::AllowCertificateError(
+    int render_process_id,
+    int render_frame_id,
+    int cert_error,
+    const net::SSLInfo& ssl_info,
+    const GURL& request_url,
+    content::ResourceType resource_type,
+    bool overridable,
+    bool strict_enforcement,
+    bool expired_previous_decision,
+    const base::Callback<void(bool)>& callback,
+    content::CertificateRequestResultType* request) {
+  if (delegate_) {
+    delegate_->AllowCertificateError(
+        render_process_id, render_frame_id, cert_error, ssl_info, request_url,
+        resource_type, overridable, strict_enforcement,
+        expired_previous_decision, callback, request);
+  }
+}
+
 void AtomBrowserClient::SelectClientCertificate(
    content::WebContents* web_contents,
    net::SSLCertRequestInfo* cert_request_info,
--- a/atom/browser/atom_browser_client.h
+++ b/atom/browser/atom_browser_client.h
@ -57,6 +57,18 @@ class AtomBrowserClient : public brightray::BrowserClient,
                                      int child_process_id) override;
  void DidCreatePpapiPlugin(content::BrowserPpapiHost* browser_host) override;
  content::QuotaPermissionContext* CreateQuotaPermissionContext() override;
+  void AllowCertificateError(
+      int render_process_id,
+      int render_frame_id,
+      int cert_error,
+      const net::SSLInfo& ssl_info,
+      const GURL& request_url,
+      content::ResourceType resource_type,
+      bool overridable,
+      bool strict_enforcement,
+      bool expired_previous_decision,
+      const base::Callback<void(bool)>& callback,
+      content::CertificateRequestResultType* request) override;
  void SelectClientCertificate(
      content::WebContents* web_contents,
      net::SSLCertRequestInfo* cert_request_info,