// Copyright 2014 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "components/security_interstitials/content/ssl_error_handler.h" #include <stdint.h> #include <memory> #include <unordered_set> #include <utility> #include "base/feature_list.h" #include "base/files/file_util.h" #include "base/functional/bind.h" #include "base/lazy_instance.h" #include "base/memory/ptr_util.h" #include "base/memory/raw_ptr.h" #include "base/metrics/histogram_macros.h" #include "base/strings/stringprintf.h" #include "base/task/single_thread_task_runner.h" #include "base/time/clock.h" #include "base/time/time.h" #include "build/build_config.h" #include "components/network_time/network_time_tracker.h" #include "components/prefs/pref_service.h" #include "components/security_interstitials/content/bad_clock_blocking_page.h" #include "components/security_interstitials/content/blocked_interception_blocking_page.h" #include "components/security_interstitials/content/captive_portal_blocking_page.h" #include "components/security_interstitials/content/captive_portal_helper.h" #include "components/security_interstitials/content/mitm_software_blocking_page.h" #include "components/security_interstitials/content/security_blocking_page_factory.h" #include "components/security_interstitials/content/security_interstitial_page.h" #include "components/security_interstitials/content/ssl_blocking_page.h" #include "components/security_interstitials/content/ssl_error_assistant.h" #include "components/security_interstitials/core/ssl_error_options_mask.h" #include "components/security_interstitials/core/ssl_error_ui.h" #include "components/ssl_errors/error_classification.h" #include "components/ssl_errors/error_info.h" #include "content/public/browser/browser_context.h" #include "content/public/browser/browser_thread.h" #include "content/public/browser/navigation_handle.h" #include "content/public/browser/render_frame_host.h" #include "content/public/browser/storage_partition.h" #include "content/public/browser/web_contents.h" #include "net/base/net_errors.h" #include "services/network/public/cpp/shared_url_loader_factory.h" #include "third_party/protobuf/src/google/protobuf/io/zero_copy_stream_impl_lite.h" #if BUILDFLAG(ENABLE_CAPTIVE_PORTAL_DETECTION) #include "components/captive_portal/content/captive_portal_tab_helper.h" #endif #if BUILDFLAG(IS_ANDROID) #include "base/android/jni_android.h" #include "components/security_interstitials/content/captive_portal_helper_android.h" #endif BASE_FEATURE(…); BASE_FEATURE(…); BASE_FEATURE(…); namespace … // namespace static base::LazyInstance<ConfigSingleton>::Leaky g_config = …; void SSLErrorHandler::HandleSSLError( content::WebContents* web_contents, int cert_error, const net::SSLInfo& ssl_info, const GURL& request_url, base::OnceCallback< void(std::unique_ptr<security_interstitials::SecurityInterstitialPage>)> blocking_page_ready_callback, network_time::NetworkTimeTracker* network_time_tracker, captive_portal::CaptivePortalService* captive_portal_service, std::unique_ptr<SecurityBlockingPageFactory> blocking_page_factory, bool user_can_proceed_past_interstitial /*=true*/) { … } // static void SSLErrorHandler::ResetConfigForTesting() { … } // static void SSLErrorHandler::SetInterstitialDelayForTesting( const base::TimeDelta& delay) { … } // static void SSLErrorHandler::SetInterstitialTimerStartedCallbackForTesting( TimerStartedCallback* callback) { … } // static void SSLErrorHandler::SetClockForTesting(base::Clock* testing_clock) { … } // static void SSLErrorHandler::SetReportNetworkConnectivityCallbackForTesting( base::OnceClosure closure) { … } // static std::string SSLErrorHandler::GetHistogramNameForTesting() { … } // static int SSLErrorHandler::GetErrorAssistantProtoVersionIdForTesting() { … } // static void SSLErrorHandler::SetOSReportsCaptivePortalForTesting( bool os_reports_captive_portal) { … } bool SSLErrorHandler::IsTimerRunningForTesting() const { … } // static void SSLErrorHandler::SetErrorAssistantProto( std::unique_ptr<chrome_browser_ssl::SSLErrorAssistantConfig> config_proto) { … } // static void SSLErrorHandler::SetClientCallbackOnInterstitialsShown( OnBlockingPageShownCallback callback) { … } SSLErrorHandler::SSLErrorHandler( std::unique_ptr<Delegate> delegate, content::WebContents* web_contents, int cert_error, const net::SSLInfo& ssl_info, network_time::NetworkTimeTracker* network_time_tracker, captive_portal::CaptivePortalService* captive_portal_service, const GURL& request_url) : … { … } SSLErrorHandler::~SSLErrorHandler() = default; void SSLErrorHandler::StartHandlingError() { … } void SSLErrorHandler::ShowCaptivePortalInterstitial(const GURL& landing_url) { … } void SSLErrorHandler::ShowMITMSoftwareInterstitial( const std::string& mitm_software_name) { … } void SSLErrorHandler::ShowSSLInterstitial() { … } void SSLErrorHandler::ShowBadClockInterstitial( const base::Time& now, ssl_errors::ClockState clock_state) { … } void SSLErrorHandler::ShowDynamicInterstitial( const DynamicInterstitialInfo dynamic_interstitial) { … } void SSLErrorHandler::ShowBlockedInterceptionInterstitial() { … } void SSLErrorHandler::CommonNameMismatchHandlerCallback( CommonNameMismatchHandler::SuggestedUrlCheckResult result, const GURL& suggested_url) { … } void SSLErrorHandler::Observe( const captive_portal::CaptivePortalService::Results& results) { … } void SSLErrorHandler::DidStartNavigation( content::NavigationHandle* navigation_handle) { … } void SSLErrorHandler::NavigationStopped() { … } void SSLErrorHandler::DeleteSSLErrorHandler() { … } void SSLErrorHandler::HandleCertDateInvalidError() { … } void SSLErrorHandler::HandleCertDateInvalidErrorImpl( base::TimeTicks started_handling_error) { … } // Returns true if |only_cert_error_expected| is the only error code present in // the certificate. The parameter |only_cert_error_expected| is a // net::CertStatus code representing the most serious error identified on the // certificate. For example, this could be net::CERT_STATUS_COMMON_NAME_INVALID. // This function is useful for rendering interstitials that are triggered by one // specific error code only. bool SSLErrorHandler::IsOnlyCertError( net::CertStatus only_cert_error_expected) const { … } WEB_CONTENTS_USER_DATA_KEY_IMPL(SSLErrorHandler);
Codebase Browser
chromium