content/browser/devtools/protocol/security_handler.cc - chromium/src - Git at Google

 // Copyright 2015 The Chromium Authors
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "content/browser/devtools/protocol/security_handler.h"

 #include <memory>
 #include <string>
 #include <utility>
 #include <vector>

 #include "base/containers/contains.h"
 #include "base/strings/string_number_conversions.h"
 #include "content/browser/devtools/devtools_agent_host_impl.h"
 #include "content/browser/renderer_host/back_forward_cache_disable.h"
 #include "content/browser/renderer_host/render_frame_host_impl.h"
 #include "content/public/browser/back_forward_cache.h"
 #include "content/public/browser/navigation_controller.h"
 #include "content/public/browser/navigation_entry.h"
 #include "content/public/browser/navigation_handle.h"
 #include "content/public/browser/web_contents.h"
 #include "content/public/browser/web_contents_delegate.h"

 namespace content {
 namespace protocol {

 // static
 std::vector<SecurityHandler*> SecurityHandler::ForAgentHost(
     DevToolsAgentHostImpl* host) {
   return host->HandlersByName<SecurityHandler>(Security::Metainfo::domainName);
 }

 SecurityHandler::SecurityHandler()
     : DevToolsDomainHandler(Security::Metainfo::domainName),
       enabled_(false),
       host_(nullptr) {
 }

 SecurityHandler::~SecurityHandler() = default;

 void SecurityHandler::Wire(UberDispatcher* dispatcher) {
   frontend_ = std::make_unique<Security::Frontend>(dispatcher->channel());
   Security::Dispatcher::wire(dispatcher, this);
 }

 void SecurityHandler::AttachToRenderFrameHost() {
   DCHECK(host_);
   WebContents* web_contents = WebContents::FromRenderFrameHost(host_);
   WebContentsObserver::Observe(web_contents);

   // Send an initial DidChangeVisibleSecurityState event.
   DCHECK(enabled_);
   DidChangeVisibleSecurityState();
 }

 void SecurityHandler::SetRenderer(int process_host_id,
                                   RenderFrameHostImpl* frame_host) {
   host_ = frame_host;
   if (enabled_ && host_)
     AttachToRenderFrameHost();
 }

 void SecurityHandler::DidFinishNavigation(NavigationHandle* navigation_handle) {
   if (cert_error_override_mode_ == CertErrorOverrideMode::kHandleEvents) {
     BackForwardCache::DisableForRenderFrameHost(
         navigation_handle->GetPreviousRenderFrameHostId(),
         BackForwardCacheDisable::DisabledReason(
             BackForwardCacheDisable::DisabledReasonId::kSecurityHandler));
     FlushPendingCertificateErrorNotifications();
   }
 }

 void SecurityHandler::FlushPendingCertificateErrorNotifications() {
   for (auto& callback : cert_error_callbacks_) {
     std::move(callback).second.Run(
         content::CERTIFICATE_REQUEST_RESULT_TYPE_CANCEL);
   }
   cert_error_callbacks_.clear();
 }

 bool SecurityHandler::IsIgnoreCertificateErrorsSet() const {
   return cert_error_override_mode_ == CertErrorOverrideMode::kIgnoreAll;
 }

 bool SecurityHandler::NotifyCertificateError(int cert_error,
                                              const GURL& request_url,
                                              CertErrorCallback handler) {
   if (cert_error_override_mode_ == CertErrorOverrideMode::kIgnoreAll) {
     if (handler)
       std::move(handler).Run(content::CERTIFICATE_REQUEST_RESULT_TYPE_CONTINUE);
     return true;
   }

   if (!enabled_)
     return false;

   frontend_->CertificateError(++last_cert_error_id_,
                               net::ErrorToShortString(cert_error),
                               request_url.spec());

   if (!handler ||
       cert_error_override_mode_ != CertErrorOverrideMode::kHandleEvents) {
     return false;
   }

   cert_error_callbacks_[last_cert_error_id_] = std::move(handler);
   return true;
 }

 Response SecurityHandler::Enable() {
   if (host_) {
     Response response = AssureTopLevelActiveFrame();
     if (response.IsError())
       return response;
   }
   enabled_ = true;
   if (host_)
     AttachToRenderFrameHost();

   return Response::Success();
 }

 Response SecurityHandler::Disable() {
   enabled_ = false;
   cert_error_override_mode_ = CertErrorOverrideMode::kDisabled;
   WebContentsObserver::Observe(nullptr);
   FlushPendingCertificateErrorNotifications();
   return Response::Success();
 }

 Response SecurityHandler::HandleCertificateError(int event_id,
                                                  const String& action) {
   if (!base::Contains(cert_error_callbacks_, event_id)) {
     return Response::ServerError(
         String("Unknown event id: " + base::NumberToString(event_id)));
   }
   content::CertificateRequestResultType type =
       content::CERTIFICATE_REQUEST_RESULT_TYPE_CANCEL;
   Response response = Response::Success();
   if (action == Security::CertificateErrorActionEnum::Continue) {
     type = content::CERTIFICATE_REQUEST_RESULT_TYPE_CONTINUE;
   } else if (action == Security::CertificateErrorActionEnum::Cancel) {
     type = content::CERTIFICATE_REQUEST_RESULT_TYPE_CANCEL;
   } else {
     response = Response::ServerError(
         String("Unknown Certificate Error Action: " + action));
   }
   std::move(cert_error_callbacks_[event_id]).Run(type);
   cert_error_callbacks_.erase(event_id);
   return response;
 }

 Response SecurityHandler::SetOverrideCertificateErrors(bool override) {
   if (override) {
     if (!enabled_)
       return Response::ServerError("Security domain not enabled");
     if (cert_error_override_mode_ == CertErrorOverrideMode::kIgnoreAll) {
       return Response::ServerError(
           "Certificate errors are already being ignored.");
     }
     cert_error_override_mode_ = CertErrorOverrideMode::kHandleEvents;
   } else {
     cert_error_override_mode_ = CertErrorOverrideMode::kDisabled;
     FlushPendingCertificateErrorNotifications();
   }
   return Response::Success();
 }

 Response SecurityHandler::SetIgnoreCertificateErrors(bool ignore) {
   if (ignore) {
     if (cert_error_override_mode_ == CertErrorOverrideMode::kHandleEvents)
       return Response::ServerError(
           "Certificate errors are already overridden.");
     cert_error_override_mode_ = CertErrorOverrideMode::kIgnoreAll;
   } else {
     cert_error_override_mode_ = CertErrorOverrideMode::kDisabled;
   }
   return Response::Success();
 }

 Response SecurityHandler::AssureTopLevelActiveFrame() {
   DCHECK(host_);
   constexpr char kCommandIsOnlyAvailableAtTopTarget[] =
       "Command can only be executed on top-level targets";
   if (host_->GetParentOrOuterDocument())
     return Response::ServerError(kCommandIsOnlyAvailableAtTopTarget);

   constexpr char kErrorInactivePage[] = "Not attached to an active page";
   if (!host_->IsActive())
     return Response::ServerError(kErrorInactivePage);

   return Response::Success();
 }

 }  // namespace protocol
 }  // namespace content
	// Copyright 2015 The Chromium Authors
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "content/browser/devtools/protocol/security_handler.h"

	#include <memory>
	#include <string>
	#include <utility>
	#include <vector>

	#include "base/containers/contains.h"
	#include "base/strings/string_number_conversions.h"
	#include "content/browser/devtools/devtools_agent_host_impl.h"
	#include "content/browser/renderer_host/back_forward_cache_disable.h"
	#include "content/browser/renderer_host/render_frame_host_impl.h"
	#include "content/public/browser/back_forward_cache.h"
	#include "content/public/browser/navigation_controller.h"
	#include "content/public/browser/navigation_entry.h"
	#include "content/public/browser/navigation_handle.h"
	#include "content/public/browser/web_contents.h"
	#include "content/public/browser/web_contents_delegate.h"

	namespace content {
	namespace protocol {

	// static
	std::vector<SecurityHandler*> SecurityHandler::ForAgentHost(
	DevToolsAgentHostImpl* host) {
	return host->HandlersByName<SecurityHandler>(Security::Metainfo::domainName);
	}

	SecurityHandler::SecurityHandler()
	: DevToolsDomainHandler(Security::Metainfo::domainName),
	enabled_(false),
	host_(nullptr) {
	}

	SecurityHandler::~SecurityHandler() = default;

	void SecurityHandler::Wire(UberDispatcher* dispatcher) {
	frontend_ = std::make_unique<Security::Frontend>(dispatcher->channel());
	Security::Dispatcher::wire(dispatcher, this);
	}

	void SecurityHandler::AttachToRenderFrameHost() {
	DCHECK(host_);
	WebContents* web_contents = WebContents::FromRenderFrameHost(host_);
	WebContentsObserver::Observe(web_contents);

	// Send an initial DidChangeVisibleSecurityState event.
	DCHECK(enabled_);
	DidChangeVisibleSecurityState();
	}

	void SecurityHandler::SetRenderer(int process_host_id,
	RenderFrameHostImpl* frame_host) {
	host_ = frame_host;
	if (enabled_ && host_)
	AttachToRenderFrameHost();
	}

	void SecurityHandler::DidFinishNavigation(NavigationHandle* navigation_handle) {
	if (cert_error_override_mode_ == CertErrorOverrideMode::kHandleEvents) {
	BackForwardCache::DisableForRenderFrameHost(
	navigation_handle->GetPreviousRenderFrameHostId(),
	BackForwardCacheDisable::DisabledReason(
	BackForwardCacheDisable::DisabledReasonId::kSecurityHandler));
	FlushPendingCertificateErrorNotifications();
	}
	}

	void SecurityHandler::FlushPendingCertificateErrorNotifications() {
	for (auto& callback : cert_error_callbacks_) {
	std::move(callback).second.Run(
	content::CERTIFICATE_REQUEST_RESULT_TYPE_CANCEL);
	}
	cert_error_callbacks_.clear();
	}

	bool SecurityHandler::IsIgnoreCertificateErrorsSet() const {
	return cert_error_override_mode_ == CertErrorOverrideMode::kIgnoreAll;
	}

	bool SecurityHandler::NotifyCertificateError(int cert_error,
	const GURL& request_url,
	CertErrorCallback handler) {
	if (cert_error_override_mode_ == CertErrorOverrideMode::kIgnoreAll) {
	if (handler)
	std::move(handler).Run(content::CERTIFICATE_REQUEST_RESULT_TYPE_CONTINUE);
	return true;
	}

	if (!enabled_)
	return false;

	frontend_->CertificateError(++last_cert_error_id_,
	net::ErrorToShortString(cert_error),
	request_url.spec());

	if (!handler \|\|
	cert_error_override_mode_ != CertErrorOverrideMode::kHandleEvents) {
	return false;
	}

	cert_error_callbacks_[last_cert_error_id_] = std::move(handler);
	return true;
	}

	Response SecurityHandler::Enable() {
	if (host_) {
	Response response = AssureTopLevelActiveFrame();
	if (response.IsError())
	return response;
	}
	enabled_ = true;
	if (host_)
	AttachToRenderFrameHost();

	return Response::Success();
	}

	Response SecurityHandler::Disable() {
	enabled_ = false;
	cert_error_override_mode_ = CertErrorOverrideMode::kDisabled;
	WebContentsObserver::Observe(nullptr);
	FlushPendingCertificateErrorNotifications();
	return Response::Success();
	}

	Response SecurityHandler::HandleCertificateError(int event_id,
	const String& action) {
	if (!base::Contains(cert_error_callbacks_, event_id)) {
	return Response::ServerError(
	String("Unknown event id: " + base::NumberToString(event_id)));
	}
	content::CertificateRequestResultType type =
	content::CERTIFICATE_REQUEST_RESULT_TYPE_CANCEL;
	Response response = Response::Success();
	if (action == Security::CertificateErrorActionEnum::Continue) {
	type = content::CERTIFICATE_REQUEST_RESULT_TYPE_CONTINUE;
	} else if (action == Security::CertificateErrorActionEnum::Cancel) {
	type = content::CERTIFICATE_REQUEST_RESULT_TYPE_CANCEL;
	} else {
	response = Response::ServerError(
	String("Unknown Certificate Error Action: " + action));
	}
	std::move(cert_error_callbacks_[event_id]).Run(type);
	cert_error_callbacks_.erase(event_id);
	return response;
	}

	Response SecurityHandler::SetOverrideCertificateErrors(bool override) {
	if (override) {
	if (!enabled_)
	return Response::ServerError("Security domain not enabled");
	if (cert_error_override_mode_ == CertErrorOverrideMode::kIgnoreAll) {
	return Response::ServerError(
	"Certificate errors are already being ignored.");
	}
	cert_error_override_mode_ = CertErrorOverrideMode::kHandleEvents;
	} else {
	cert_error_override_mode_ = CertErrorOverrideMode::kDisabled;
	FlushPendingCertificateErrorNotifications();
	}
	return Response::Success();
	}

	Response SecurityHandler::SetIgnoreCertificateErrors(bool ignore) {
	if (ignore) {
	if (cert_error_override_mode_ == CertErrorOverrideMode::kHandleEvents)
	return Response::ServerError(
	"Certificate errors are already overridden.");
	cert_error_override_mode_ = CertErrorOverrideMode::kIgnoreAll;
	} else {
	cert_error_override_mode_ = CertErrorOverrideMode::kDisabled;
	}
	return Response::Success();
	}

	Response SecurityHandler::AssureTopLevelActiveFrame() {
	DCHECK(host_);
	constexpr char kCommandIsOnlyAvailableAtTopTarget[] =
	"Command can only be executed on top-level targets";
	if (host_->GetParentOrOuterDocument())
	return Response::ServerError(kCommandIsOnlyAvailableAtTopTarget);

	constexpr char kErrorInactivePage[] = "Not attached to an active page";
	if (!host_->IsActive())
	return Response::ServerError(kErrorInactivePage);

	return Response::Success();
	}

	} // namespace protocol
	} // namespace content