Add CefRequestHandler::OnCertificateError() callback (issue #345).

git-svn-id: https://chromiumembedded.googlecode.com/svn/trunk@1176 5089003a-bbd8-11dd-ad1f-f1f9622dbc98

cef_paths.gypi

@@ -106,6 +106,8 @@
       'include/capi/cef_zip_reader_capi.h',
     ],
     'autogen_library_side': [
+      'libcef_dll/cpptoc/allow_certificate_error_callback_cpptoc.cc',
+      'libcef_dll/cpptoc/allow_certificate_error_callback_cpptoc.h',
       'libcef_dll/ctocpp/app_ctocpp.cc',
       'libcef_dll/ctocpp/app_ctocpp.h',
       'libcef_dll/cpptoc/auth_callback_cpptoc.cc',
@@ -258,6 +260,8 @@
       'libcef_dll/cpptoc/zip_reader_cpptoc.h',
     ],
     'autogen_client_side': [
+      'libcef_dll/ctocpp/allow_certificate_error_callback_ctocpp.cc',
+      'libcef_dll/ctocpp/allow_certificate_error_callback_ctocpp.h',
       'libcef_dll/cpptoc/app_cpptoc.cc',
       'libcef_dll/cpptoc/app_cpptoc.h',
       'libcef_dll/ctocpp/auth_callback_ctocpp.cc',

include/capi/cef_request_handler_capi.h

@@ -90,6 +90,25 @@ typedef struct _cef_quota_callback_t {
 } cef_quota_callback_t;
 
 
+///
+// Callback structure used for asynchronous continuation of url requests when
+// invalid SSL certificates are encountered.
+///
+typedef struct _cef_allow_certificate_error_callback_t {
+  ///
+  // Base structure.
+  ///
+  cef_base_t base;
+
+  ///
+  // Continue the url request. If |allow| is true (1) the request will be
+  // continued. Otherwise, the request will be canceled.
+  ///
+  void (CEF_CALLBACK *cont)(
+      struct _cef_allow_certificate_error_callback_t* self, int allow);
+} cef_allow_certificate_error_callback_t;
+
+
 ///
 // Implement this structure to handle events related to browser requests. The
 // functions of this structure will be called on the thread indicated.
@@ -180,6 +199,20 @@ typedef struct _cef_request_handler_t {
   int (CEF_CALLBACK *on_before_plugin_load)(struct _cef_request_handler_t* self,
       struct _cef_browser_t* browser, const cef_string_t* url,
       const cef_string_t* policy_url, struct _cef_web_plugin_info_t* info);
+
+  ///
+  // Called on the UI thread to handle requests for URLs with an invalid SSL
+  // certificate. Return true (1) and call
+  // cef_allow_certificate_error_callback_t:: cont() either in this function or
+  // at a later time to continue or cancel the request. Return false (0) to
+  // cancel the request immediately. If |callback| is NULL the error cannot be
+  // recovered from and the request will be canceled automatically. If
+  // CefSettings.ignore_certificate_errors is set all invalid certificates will
+  // be accepted without calling this function.
+  ///
+  int (CEF_CALLBACK *on_certificate_error)(struct _cef_request_handler_t* self,
+      enum cef_errorcode_t cert_error, const cef_string_t* request_url,
+      struct _cef_allow_certificate_error_callback_t* callback);
 } cef_request_handler_t;
 
 

include/cef_request_handler.h

@@ -90,6 +90,22 @@ class CefQuotaCallback : public virtual CefBase {
 };
 
 
+///
+// Callback interface used for asynchronous continuation of url requests when
+// invalid SSL certificates are encountered.
+///
+/*--cef(source=library)--*/
+class CefAllowCertificateErrorCallback : public virtual CefBase {
+ public:
+  ///
+  // Continue the url request. If |allow| is true the request will be
+  // continued. Otherwise, the request will be canceled.
+  ///
+  /*--cef(capi_name=cont)--*/
+  virtual void Continue(bool allow) =0;
+};
+
+
 ///
 // Implement this interface to handle events related to browser requests. The
 // methods of this class will be called on the thread indicated.
@@ -158,7 +174,7 @@ class CefRequestHandler : public virtual CefBase {
   // size via the webkitStorageInfo.requestQuota function. |origin_url| is the
   // origin of the page making the request. |new_size| is the requested quota
   // size in bytes. Return true and call CefQuotaCallback::Continue() either in
-  // this function or at a later time to grant or deny the request. Return false
+  // this method or at a later time to grant or deny the request. Return false
   // to cancel the request.
   ///
   /*--cef(optional_param=realm)--*/
@@ -203,6 +219,23 @@ class CefRequestHandler : public virtual CefBase {
                                   CefRefPtr<CefWebPluginInfo> info) {
     return false;
   }
+
+  ///
+  // Called on the UI thread to handle requests for URLs with an invalid
+  // SSL certificate. Return true and call CefAllowCertificateErrorCallback::
+  // Continue() either in this method or at a later time to continue or cancel
+  // the request. Return false to cancel the request immediately. If |callback|
+  // is empty the error cannot be recovered from and the request will be
+  // canceled automatically. If CefSettings.ignore_certificate_errors is set
+  // all invalid certificates will be accepted without calling this method.
+  ///
+  /*--cef()--*/
+  virtual bool OnCertificateError(
+      cef_errorcode_t cert_error,
+      const CefString& request_url,
+      CefRefPtr<CefAllowCertificateErrorCallback> callback) {
+    return false;
+  }
 };
 
 #endif  // CEF_INCLUDE_CEF_REQUEST_HANDLER_H_

libcef/browser/content_browser_client.cc

@@ -122,6 +122,36 @@ class CefQuotaCallbackImpl : public CefQuotaCallback {
   IMPLEMENT_REFCOUNTING(CefQuotaCallbackImpl);
 };
 
+class CefAllowCertificateErrorCallbackImpl
+    : public CefAllowCertificateErrorCallback {
+ public:
+  explicit CefAllowCertificateErrorCallbackImpl(
+      const base::Callback<void(bool)>& callback) : callback_(callback) {
+  }
+
+  virtual void Continue(bool allow) OVERRIDE {
+    if (CEF_CURRENTLY_ON_UIT()) {
+      if (!callback_.is_null()) {
+        callback_.Run(allow);
+        callback_.Reset();
+      }
+    } else {
+      CEF_POST_TASK(CEF_UIT,
+          base::Bind(&CefAllowCertificateErrorCallbackImpl::Continue,
+              this, allow));
+    }
+  }
+
+  void Disconnect() {
+    callback_.Reset();
+  }
+
+ private:
+  base::Callback<void(bool)> callback_;
+
+  IMPLEMENT_REFCOUNTING(CefAllowCertificateErrorCallbackImpl);
+};
+
 class CefQuotaPermissionContext : public content::QuotaPermissionContext {
  public:
   CefQuotaPermissionContext() {
@@ -454,6 +484,50 @@ content::SpeechRecognitionManagerDelegate*
   return NULL;
 }
 
+void CefContentBrowserClient::AllowCertificateError(
+    int render_process_id,
+    int render_view_id,
+    int cert_error,
+    const net::SSLInfo& ssl_info,
+    const GURL& request_url,
+    ResourceType::Type resource_type,
+    bool overridable,
+    bool strict_enforcement,
+    const base::Callback<void(bool)>& callback,
+    bool* cancel_request) {
+  CEF_REQUIRE_UIT();
+
+  if (resource_type != ResourceType::MAIN_FRAME) {
+    // A sub-resource has a certificate error. The user doesn't really
+    // have a context for making the right decision, so block the request
+    // hard.
+    *cancel_request = true;
+    return;
+  }
+
+  CefRefPtr<CefBrowserHostImpl> browser =
+      CefBrowserHostImpl::GetBrowserByRoutingID(render_process_id,
+                                                render_view_id);
+  if (!browser.get())
+    return;
+  CefRefPtr<CefClient> client = browser->GetClient();
+  if (!client.get())
+    return;
+  CefRefPtr<CefRequestHandler> handler = client->GetRequestHandler();
+  if (!handler.get())
+    return;
+
+  CefRefPtr<CefAllowCertificateErrorCallbackImpl> callbackImpl;
+  if (overridable && !strict_enforcement)
+    callbackImpl = new CefAllowCertificateErrorCallbackImpl(callback);
+
+  *cancel_request = !handler->OnCertificateError(
+      static_cast<cef_errorcode_t>(cert_error), request_url.spec(),
+      callbackImpl.get());
+  if (*cancel_request && callbackImpl.get())
+    callbackImpl->Disconnect();
+}
+
 content::AccessTokenStore* CefContentBrowserClient::CreateAccessTokenStore() {
   return new CefAccessTokenStore;
 }

libcef/browser/content_browser_client.h

@@ -81,6 +81,17 @@ class CefContentBrowserClient : public content::ContentBrowserClient {
   virtual content::MediaObserver* GetMediaObserver() OVERRIDE;
   virtual content::SpeechRecognitionManagerDelegate*
       GetSpeechRecognitionManagerDelegate() OVERRIDE;
+  virtual void AllowCertificateError(
+      int render_process_id,
+      int render_view_id,
+      int cert_error,
+      const net::SSLInfo& ssl_info,
+      const GURL& request_url,
+      ResourceType::Type resource_type,
+      bool overridable,
+      bool strict_enforcement,
+      const base::Callback<void(bool)>& callback,
+      bool* cancel_request) OVERRIDE;
   virtual content::AccessTokenStore* CreateAccessTokenStore() OVERRIDE;
   virtual bool CanCreateWindow(const GURL& opener_url,
                                const GURL& origin,

libcef_dll/cpptoc/allow_certificate_error_callback_cpptoc.cc

@@ -0,0 +1,47 @@
+// Copyright (c) 2013 The Chromium Embedded Framework Authors. All rights
+// reserved. Use of this source code is governed by a BSD-style license that
+// can be found in the LICENSE file.
+//
+// ---------------------------------------------------------------------------
+//
+// This file was generated by the CEF translator tool. If making changes by
+// hand only do so within the body of existing method and function
+// implementations. See the translator.README.txt file in the tools directory
+// for more information.
+//
+
+#include "libcef_dll/cpptoc/allow_certificate_error_callback_cpptoc.h"
+
+
+// MEMBER FUNCTIONS - Body may be edited by hand.
+
+void CEF_CALLBACK allow_certificate_error_callback_cont(
+    struct _cef_allow_certificate_error_callback_t* self, int allow) {
+  // AUTO-GENERATED CONTENT - DELETE THIS COMMENT BEFORE MODIFYING
+
+  DCHECK(self);
+  if (!self)
+    return;
+
+  // Execute
+  CefAllowCertificateErrorCallbackCppToC::Get(self)->Continue(
+      allow?true:false);
+}
+
+
+// CONSTRUCTOR - Do not edit by hand.
+
+CefAllowCertificateErrorCallbackCppToC::CefAllowCertificateErrorCallbackCppToC(
+    CefAllowCertificateErrorCallback* cls)
+    : CefCppToC<CefAllowCertificateErrorCallbackCppToC,
+        CefAllowCertificateErrorCallback,
+        cef_allow_certificate_error_callback_t>(cls) {
+  struct_.struct_.cont = allow_certificate_error_callback_cont;
+}
+
+#ifndef NDEBUG
+template<> long CefCppToC<CefAllowCertificateErrorCallbackCppToC,
+    CefAllowCertificateErrorCallback,
+    cef_allow_certificate_error_callback_t>::DebugObjCt = 0;
+#endif
+

libcef_dll/cpptoc/allow_certificate_error_callback_cpptoc.h

@@ -0,0 +1,39 @@
+// Copyright (c) 2013 The Chromium Embedded Framework Authors. All rights
+// reserved. Use of this source code is governed by a BSD-style license that
+// can be found in the LICENSE file.
+//
+// ---------------------------------------------------------------------------
+//
+// This file was generated by the CEF translator tool. If making changes by
+// hand only do so within the body of existing method and function
+// implementations. See the translator.README.txt file in the tools directory
+// for more information.
+//
+
+#ifndef CEF_LIBCEF_DLL_CPPTOC_ALLOW_CERTIFICATE_ERROR_CALLBACK_CPPTOC_H_
+#define CEF_LIBCEF_DLL_CPPTOC_ALLOW_CERTIFICATE_ERROR_CALLBACK_CPPTOC_H_
+#pragma once
+
+#ifndef BUILDING_CEF_SHARED
+#pragma message("Warning: "__FILE__" may be accessed DLL-side only")
+#else  // BUILDING_CEF_SHARED
+
+#include "include/cef_request_handler.h"
+#include "include/capi/cef_request_handler_capi.h"
+#include "libcef_dll/cpptoc/cpptoc.h"
+
+// Wrap a C++ class with a C structure.
+// This class may be instantiated and accessed DLL-side only.
+class CefAllowCertificateErrorCallbackCppToC
+    : public CefCppToC<CefAllowCertificateErrorCallbackCppToC,
+        CefAllowCertificateErrorCallback,
+        cef_allow_certificate_error_callback_t> {
+ public:
+  explicit CefAllowCertificateErrorCallbackCppToC(
+      CefAllowCertificateErrorCallback* cls);
+  virtual ~CefAllowCertificateErrorCallbackCppToC() {}
+};
+
+#endif  // BUILDING_CEF_SHARED
+#endif  // CEF_LIBCEF_DLL_CPPTOC_ALLOW_CERTIFICATE_ERROR_CALLBACK_CPPTOC_H_
+

libcef_dll/cpptoc/request_handler_cpptoc.cc

@@ -12,6 +12,7 @@
 
 #include "libcef_dll/cpptoc/request_handler_cpptoc.h"
 #include "libcef_dll/cpptoc/resource_handler_cpptoc.h"
+#include "libcef_dll/ctocpp/allow_certificate_error_callback_ctocpp.h"
 #include "libcef_dll/ctocpp/auth_callback_ctocpp.h"
 #include "libcef_dll/ctocpp/browser_ctocpp.h"
 #include "libcef_dll/ctocpp/cookie_manager_ctocpp.h"
@@ -295,6 +296,34 @@ int CEF_CALLBACK request_handler_on_before_plugin_load(
   return _retval;
 }
 
+int CEF_CALLBACK request_handler_on_certificate_error(
+    struct _cef_request_handler_t* self, enum cef_errorcode_t cert_error,
+    const cef_string_t* request_url,
+    cef_allow_certificate_error_callback_t* callback) {
+  // AUTO-GENERATED CONTENT - DELETE THIS COMMENT BEFORE MODIFYING
+
+  DCHECK(self);
+  if (!self)
+    return 0;
+  // Verify param: request_url; type: string_byref_const
+  DCHECK(request_url);
+  if (!request_url)
+    return 0;
+  // Verify param: callback; type: refptr_diff
+  DCHECK(callback);
+  if (!callback)
+    return 0;
+
+  // Execute
+  bool _retval = CefRequestHandlerCppToC::Get(self)->OnCertificateError(
+      cert_error,
+      CefString(request_url),
+      CefAllowCertificateErrorCallbackCToCpp::Wrap(callback));
+
+  // Return type: bool
+  return _retval;
+}
+
 
 // CONSTRUCTOR - Do not edit by hand.
 
@@ -310,6 +339,7 @@ CefRequestHandlerCppToC::CefRequestHandlerCppToC(CefRequestHandler* cls)
   struct_.struct_.get_cookie_manager = request_handler_get_cookie_manager;
   struct_.struct_.on_protocol_execution = request_handler_on_protocol_execution;
   struct_.struct_.on_before_plugin_load = request_handler_on_before_plugin_load;
+  struct_.struct_.on_certificate_error = request_handler_on_certificate_error;
 }
 
 #ifndef NDEBUG

libcef_dll/ctocpp/allow_certificate_error_callback_ctocpp.cc

@@ -0,0 +1,35 @@
+// Copyright (c) 2013 The Chromium Embedded Framework Authors. All rights
+// reserved. Use of this source code is governed by a BSD-style license that
+// can be found in the LICENSE file.
+//
+// ---------------------------------------------------------------------------
+//
+// This file was generated by the CEF translator tool. If making changes by
+// hand only do so within the body of existing method and function
+// implementations. See the translator.README.txt file in the tools directory
+// for more information.
+//
+
+#include "libcef_dll/ctocpp/allow_certificate_error_callback_ctocpp.h"
+
+
+// VIRTUAL METHODS - Body may be edited by hand.
+
+void CefAllowCertificateErrorCallbackCToCpp::Continue(bool allow) {
+  if (CEF_MEMBER_MISSING(struct_, cont))
+    return;
+
+  // AUTO-GENERATED CONTENT - DELETE THIS COMMENT BEFORE MODIFYING
+
+  // Execute
+  struct_->cont(struct_,
+      allow);
+}
+
+
+#ifndef NDEBUG
+template<> long CefCToCpp<CefAllowCertificateErrorCallbackCToCpp,
+    CefAllowCertificateErrorCallback,
+    cef_allow_certificate_error_callback_t>::DebugObjCt = 0;
+#endif
+

libcef_dll/ctocpp/allow_certificate_error_callback_ctocpp.h

@@ -0,0 +1,45 @@
+// Copyright (c) 2013 The Chromium Embedded Framework Authors. All rights
+// reserved. Use of this source code is governed by a BSD-style license that
+// can be found in the LICENSE file.
+//
+// ---------------------------------------------------------------------------
+//
+// This file was generated by the CEF translator tool. If making changes by
+// hand only do so within the body of existing method and function
+// implementations. See the translator.README.txt file in the tools directory
+// for more information.
+//
+
+#ifndef CEF_LIBCEF_DLL_CTOCPP_ALLOW_CERTIFICATE_ERROR_CALLBACK_CTOCPP_H_
+#define CEF_LIBCEF_DLL_CTOCPP_ALLOW_CERTIFICATE_ERROR_CALLBACK_CTOCPP_H_
+#pragma once
+
+#ifndef USING_CEF_SHARED
+#pragma message("Warning: "__FILE__" may be accessed wrapper-side only")
+#else  // USING_CEF_SHARED
+
+#include "include/cef_request_handler.h"
+#include "include/capi/cef_request_handler_capi.h"
+#include "libcef_dll/ctocpp/ctocpp.h"
+
+// Wrap a C structure with a C++ class.
+// This class may be instantiated and accessed wrapper-side only.
+class CefAllowCertificateErrorCallbackCToCpp
+    : public CefCToCpp<CefAllowCertificateErrorCallbackCToCpp,
+        CefAllowCertificateErrorCallback,
+        cef_allow_certificate_error_callback_t> {
+ public:
+  explicit CefAllowCertificateErrorCallbackCToCpp(
+      cef_allow_certificate_error_callback_t* str)
+      : CefCToCpp<CefAllowCertificateErrorCallbackCToCpp,
+          CefAllowCertificateErrorCallback,
+          cef_allow_certificate_error_callback_t>(str) {}
+  virtual ~CefAllowCertificateErrorCallbackCToCpp() {}
+
+  // CefAllowCertificateErrorCallback methods
+  virtual void Continue(bool allow) OVERRIDE;
+};
+
+#endif  // USING_CEF_SHARED
+#endif  // CEF_LIBCEF_DLL_CTOCPP_ALLOW_CERTIFICATE_ERROR_CALLBACK_CTOCPP_H_
+

libcef_dll/ctocpp/request_handler_ctocpp.cc

@@ -10,6 +10,7 @@
 // for more information.
 //
 
+#include "libcef_dll/cpptoc/allow_certificate_error_callback_cpptoc.h"
 #include "libcef_dll/cpptoc/auth_callback_cpptoc.h"
 #include "libcef_dll/cpptoc/browser_cpptoc.h"
 #include "libcef_dll/cpptoc/cookie_manager_cpptoc.h"
@@ -274,6 +275,33 @@ bool CefRequestHandlerCToCpp::OnBeforePluginLoad(CefRefPtr<CefBrowser> browser,
   return _retval?true:false;
 }
 
+bool CefRequestHandlerCToCpp::OnCertificateError(cef_errorcode_t cert_error,
+    const CefString& request_url,
+    CefRefPtr<CefAllowCertificateErrorCallback> callback) {
+  if (CEF_MEMBER_MISSING(struct_, on_certificate_error))
+    return false;
+
+  // AUTO-GENERATED CONTENT - DELETE THIS COMMENT BEFORE MODIFYING
+
+  // Verify param: request_url; type: string_byref_const
+  DCHECK(!request_url.empty());
+  if (request_url.empty())
+    return false;
+  // Verify param: callback; type: refptr_diff
+  DCHECK(callback.get());
+  if (!callback.get())
+    return false;
+
+  // Execute
+  int _retval = struct_->on_certificate_error(struct_,
+      cert_error,
+      request_url.GetStruct(),
+      CefAllowCertificateErrorCallbackCppToC::Wrap(callback));
+
+  // Return type: bool
+  return _retval?true:false;
+}
+
 
 #ifndef NDEBUG
 template<> long CefCToCpp<CefRequestHandlerCToCpp, CefRequestHandler,

libcef_dll/ctocpp/request_handler_ctocpp.h

@@ -56,6 +56,9 @@ class CefRequestHandlerCToCpp
   virtual bool OnBeforePluginLoad(CefRefPtr<CefBrowser> browser,
       const CefString& url, const CefString& policy_url,
       CefRefPtr<CefWebPluginInfo> info) OVERRIDE;
+  virtual bool OnCertificateError(cef_errorcode_t cert_error,
+      const CefString& request_url,
+      CefRefPtr<CefAllowCertificateErrorCallback> callback) OVERRIDE;
 };
 
 #endif  // BUILDING_CEF_SHARED

libcef_dll/libcef_dll.cc

@@ -32,6 +32,7 @@
 #include "include/capi/cef_v8_capi.h"
 #include "include/cef_web_plugin.h"
 #include "include/capi/cef_web_plugin_capi.h"
+#include "libcef_dll/cpptoc/allow_certificate_error_callback_cpptoc.h"
 #include "libcef_dll/cpptoc/auth_callback_cpptoc.h"
 #include "libcef_dll/cpptoc/before_download_callback_cpptoc.h"
 #include "libcef_dll/cpptoc/binary_value_cpptoc.h"
@@ -171,6 +172,7 @@ CEF_EXPORT void cef_shutdown() {
 
 #ifndef NDEBUG
   // Check that all wrapper objects have been destroyed
+  DCHECK_EQ(CefAllowCertificateErrorCallbackCppToC::DebugObjCt, 0);
   DCHECK_EQ(CefAuthCallbackCppToC::DebugObjCt, 0);
   DCHECK_EQ(CefBeforeDownloadCallbackCppToC::DebugObjCt, 0);
   DCHECK_EQ(CefBinaryValueCppToC::DebugObjCt, 0);

libcef_dll/wrapper/libcef_dll_wrapper.cc

@@ -67,6 +67,7 @@
 #include "libcef_dll/cpptoc/web_plugin_info_visitor_cpptoc.h"
 #include "libcef_dll/cpptoc/web_plugin_unstable_callback_cpptoc.h"
 #include "libcef_dll/cpptoc/write_handler_cpptoc.h"
+#include "libcef_dll/ctocpp/allow_certificate_error_callback_ctocpp.h"
 #include "libcef_dll/ctocpp/auth_callback_ctocpp.h"
 #include "libcef_dll/ctocpp/before_download_callback_ctocpp.h"
 #include "libcef_dll/ctocpp/binary_value_ctocpp.h"
@@ -163,6 +164,7 @@ CEF_GLOBAL void CefShutdown() {
 
 #ifndef NDEBUG
   // Check that all wrapper objects have been destroyed
+  DCHECK_EQ(CefAllowCertificateErrorCallbackCToCpp::DebugObjCt, 0);
   DCHECK_EQ(CefAuthCallbackCToCpp::DebugObjCt, 0);
   DCHECK_EQ(CefBeforeDownloadCallbackCToCpp::DebugObjCt, 0);
   DCHECK_EQ(CefBinaryValueCToCpp::DebugObjCt, 0);