Ticket #12004: patch

File patch, 4.2 KB (added by markh, 9 years ago)

Patch to allow invalid certificates for the session

  • Source/WebKit/haiku/WebCoreSupport/FrameLoaderClientHaiku.cpp

    diff --git a/Source/WebKit/haiku/WebCoreSupport/FrameLoaderClientHaiku.cpp b/Source/WebKit/haiku/WebCoreSupport/FrameLoaderClientHaiku.cpp
    index d9ef41b..bfa4b70 100644
    a b  
    8282#include <Url.h>
    8383#include <assert.h>
    8484#include <debugger.h>
     85#include <StringList.h>
    8586
    8687//#define TRACE_FRAME_LOADER_CLIENT
    8788#ifdef TRACE_FRAME_LOADER_CLIENT
    FrameLoaderClientHaiku::FrameLoaderClientHaiku(BWebPage* webPage)  
    100101    , m_messenger()
    101102    , m_loadingErrorPage(false)
    102103    , m_uidna_context(nullptr)
     104    , m_certificateList(nullptr)
    103105{
    104106    CALLED("BWebPage: %p", webPage);
    105107    ASSERT(m_webPage);
    void FrameLoaderClientHaiku::frameLoaderDestroyed()  
    120122    CALLED();
    121123
    122124    uidna_close(m_uidna_context);
     125    delete m_certificateList;
    123126    delete m_webFrame;
    124127        // The frame takes care of deleting us. When that call returns, the
    125128        // frame loader object is gone!
    void FrameLoaderClientHaiku::dispatchDidCancelAuthenticationChallenge(DocumentLo  
    238241
    239242
    240243bool FrameLoaderClientHaiku::dispatchDidReceiveInvalidCertificate(DocumentLoader*,
    241     const CertificateInfo& /*certificate*/, const char* message)
    242 {
    243     String text = "The SSL certificate received from " +
    244         m_webFrame->Frame()->document()->url().string() + " could not be "
    245         "authenticated for the following reason: " + message + ".\n\n"
    246         "The secure connection to the website may be compromised, make sure "
    247         "to not send any sensitive information.";
    248 
    249     // TODO add information about the certificate to the alert
    250     // TODO this can be called several times for the same certificate since we
    251     // don't store the user choice (we should at least store it for the current
    252     // session)
    253 
    254     BAlert* alert = new BAlert("Unsecure SSL certificate", text.utf8().data(),
    255         "Continue", "Stop", NULL, B_WIDTH_AS_USUAL, B_WARNING_ALERT);
    256 
    257     int button = alert->Go();
    258 
    259     return button == 0;
     244    const CertificateInfo& certificate, const char* message)
     245{
     246   
     247    if (m_certificateList == NULL || !(m_certificateList->HasString((const_cast<BCertificate&>(certificate.certificate())).Issuer()))) {
     248   
     249        String text = "The SSL certificate received from " +
     250            m_webFrame->Frame()->document()->url().string() + " could not be "
     251            "authenticated for the following reason: " + message + ".\n\n"
     252            "The secure connection to the website may be compromised, make sure "
     253            "to not send any sensitive information.\n\nIssuer: " + (const_cast<BCertificate&>(certificate.certificate())).Issuer().String()
     254            + "\n\nSubject: " + (const_cast<BCertificate&>(certificate.certificate())).Subject().String();
     255   
     256        // TODO add information about the certificate to the alert
     257        // TODO this can be called several times for the same certificate since we
     258        // don't store the user choice (we should at least store it for the current
     259        // session)
     260   
     261        BAlert* alert = new BAlert("Unsecure SSL certificate", text.utf8().data(),
     262            "Continue", "Stop", NULL, B_WIDTH_AS_USUAL, B_WARNING_ALERT);
     263   
     264        printf("Dump of invalid certificate: %s\n", (const_cast<BCertificate&>(certificate.certificate())).String().String());
     265
     266        int button = alert->Go();
     267       
     268        if (button == 0) {
     269            // Store it in the list of known invalid certificates
     270            if (m_certificateList == NULL) {
     271                m_certificateList = new BStringList();
     272            }
     273            m_certificateList->Add((const_cast<BCertificate&>(certificate.certificate())).Issuer());
     274        }
     275
     276        return button == 0;
     277    }
     278    else {
     279        return true;
     280    }
    260281}
    261282
    262283
  • Source/WebKit/haiku/WebCoreSupport/FrameLoaderClientHaiku.h

    diff --git a/Source/WebKit/haiku/WebCoreSupport/FrameLoaderClientHaiku.h b/Source/WebKit/haiku/WebCoreSupport/FrameLoaderClientHaiku.h
    index 9583493..13712c9 100644
    a b  
    4141
    4242class BWebFrame;
    4343class BWebPage;
     44class BStringList;
    4445
    4546namespace WebCore {
    4647
    private:  
    233234
    234235    // IDNA domain encoding and decoding.
    235236    UIDNA* m_uidna_context;
     237   
     238    // Invalid certificate list
     239    BStringList * m_certificateList;
    236240};
    237241
    238242}