net: add specific error message for disabled SSLv3 fallback.
This change adds a specific error message for the error added in r299567. This
is because adding strings makes a change harder to merge to branches thus these
parts were split into this CL.
(Was reviewed as part of r299567 -- just split for landing.)
BUG=418848,419870
Review URL: https://codereview.chromium.org/659633002
Cr-Commit-Position: refs/heads/master@{#299593}
diff --git a/chrome/app/generated_resources.grd b/chrome/app/generated_resources.grd
index a18da45..ba121ff6 100644
--- a/chrome/app/generated_resources.grd
+++ b/chrome/app/generated_resources.grd
@@ -9205,6 +9205,16 @@
SSL protocol error.
</message>
+ <message name="IDS_ERRORPAGES_HEADING_SSL_FALLBACK_BEYOND_MINIMUM_VERSION" desc="Heading in the error page for SSL fallback errors.">
+ SSL server probably obsolete.
+ </message>
+ <message name="IDS_ERRORPAGES_SUMMARY_SSL_FALLBACK_BEYOND_MINIMUM_VERSION" desc="Summary in the error page for SSL fallback errors.">
+ Unable to connect securely to the server. This website may have worked previously, but connecting to such sites has now been shown to cause security risks to all users and thus has been disabled for your safety.
+ </message>
+ <message name="IDS_ERRORPAGES_DETAILS_SSL_FALLBACK_BEYOND_MINIMUM_VERSION" desc="The error message displayed for SSL fallback errors.">
+ An SSLv3 fallback was able to handshake with the server, but we no longer accept SSLv3 fallbacks due to new attacks against the protocol. The server needs to be updated to support a minimum of TLS 1.0 and preferably TLS 1.2.
+ </message>
+
<message name="IDS_ERRORPAGES_HEADING_PINNING_FAILURE" desc="Title of the error page for a certificate which doesn't match the built-in pins for that name">
Incorrect certificate for host.
</message>
diff --git a/chrome/common/localized_error.cc b/chrome/common/localized_error.cc
index bfd0b5f3..1d7e2a7 100644
--- a/chrome/common/localized_error.cc
+++ b/chrome/common/localized_error.cc
@@ -40,6 +40,8 @@
static const char kWeakDHKeyLearnMoreUrl[] =
"http://sites.google.com/a/chromium.org/dev/"
"err_ssl_weak_server_ephemeral_dh_key";
+static const char kSSLv3FallbackUrl[] =
+ "https://code.google.com/p/chromium/issues/detail?id=418848";
#if defined(OS_CHROMEOS)
static const char kAppWarningLearnMoreUrl[] =
"chrome-extension://honijodknafkokifofgiaalefdiedpko/main.html"
@@ -301,6 +303,13 @@
IDS_ERRORPAGES_DETAILS_BLOCKED_ENROLLMENT_CHECK_PENDING,
SUGGEST_CHECK_CONNECTION,
},
+ {net::ERR_SSL_FALLBACK_BEYOND_MINIMUM_VERSION,
+ IDS_ERRORPAGES_TITLE_LOAD_FAILED,
+ IDS_ERRORPAGES_HEADING_SSL_FALLBACK_BEYOND_MINIMUM_VERSION,
+ IDS_ERRORPAGES_SUMMARY_SSL_FALLBACK_BEYOND_MINIMUM_VERSION,
+ IDS_ERRORPAGES_DETAILS_SSL_FALLBACK_BEYOND_MINIMUM_VERSION,
+ SUGGEST_LEARNMORE,
+ },
};
// Special error page to be used in the case of navigating back to a page
@@ -804,6 +813,9 @@
case net::ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY:
learn_more_url = GURL(kWeakDHKeyLearnMoreUrl);
break;
+ case net::ERR_SSL_FALLBACK_BEYOND_MINIMUM_VERSION:
+ learn_more_url = GURL(kSSLv3FallbackUrl);
+ break;
default:
break;
}
