130 lines
4.0 KiB
C++
130 lines
4.0 KiB
C++
// Copyright 2022 The Chromium Embedded Framework Authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style license that can be found
|
|
// in the LICENSE file.
|
|
|
|
#include "cef/libcef/browser/certificate_query.h"
|
|
|
|
#include "base/functional/callback.h"
|
|
#include "base/functional/callback_helpers.h"
|
|
#include "base/logging.h"
|
|
#include "cef/include/cef_request_handler.h"
|
|
#include "cef/libcef/browser/browser_host_base.h"
|
|
#include "cef/libcef/browser/ssl_info_impl.h"
|
|
#include "cef/libcef/browser/thread_util.h"
|
|
#include "content/public/browser/web_contents.h"
|
|
#include "net/ssl/ssl_info.h"
|
|
#include "url/gurl.h"
|
|
|
|
namespace certificate_query {
|
|
|
|
namespace {
|
|
|
|
class CefAllowCertificateErrorCallbackImpl : public CefCallback {
|
|
public:
|
|
using CallbackType = CertificateErrorCallback;
|
|
|
|
explicit CefAllowCertificateErrorCallbackImpl(CallbackType callback)
|
|
: callback_(std::move(callback)) {}
|
|
|
|
CefAllowCertificateErrorCallbackImpl(
|
|
const CefAllowCertificateErrorCallbackImpl&) = delete;
|
|
CefAllowCertificateErrorCallbackImpl& operator=(
|
|
const CefAllowCertificateErrorCallbackImpl&) = delete;
|
|
|
|
~CefAllowCertificateErrorCallbackImpl() override {
|
|
if (!callback_.is_null()) {
|
|
// The callback is still pending. Cancel it now.
|
|
if (CEF_CURRENTLY_ON_UIT()) {
|
|
RunNow(std::move(callback_), false);
|
|
} else {
|
|
CEF_POST_TASK(
|
|
CEF_UIT,
|
|
base::BindOnce(&CefAllowCertificateErrorCallbackImpl::RunNow,
|
|
std::move(callback_), false));
|
|
}
|
|
}
|
|
}
|
|
|
|
void Continue() override { ContinueNow(true); }
|
|
|
|
void Cancel() override { ContinueNow(false); }
|
|
|
|
[[nodiscard]] CallbackType Disconnect() { return std::move(callback_); }
|
|
|
|
private:
|
|
void ContinueNow(bool allow) {
|
|
if (CEF_CURRENTLY_ON_UIT()) {
|
|
if (!callback_.is_null()) {
|
|
RunNow(std::move(callback_), allow);
|
|
}
|
|
} else {
|
|
CEF_POST_TASK(
|
|
CEF_UIT,
|
|
base::BindOnce(&CefAllowCertificateErrorCallbackImpl::ContinueNow,
|
|
this, allow));
|
|
}
|
|
}
|
|
|
|
static void RunNow(CallbackType callback, bool allow) {
|
|
CEF_REQUIRE_UIT();
|
|
std::move(callback).Run(
|
|
allow ? content::CERTIFICATE_REQUEST_RESULT_TYPE_CONTINUE
|
|
: content::CERTIFICATE_REQUEST_RESULT_TYPE_DENY);
|
|
}
|
|
|
|
CallbackType callback_;
|
|
|
|
IMPLEMENT_REFCOUNTING(CefAllowCertificateErrorCallbackImpl);
|
|
};
|
|
|
|
} // namespace
|
|
|
|
CertificateErrorCallback AllowCertificateError(
|
|
content::WebContents* web_contents,
|
|
int cert_error,
|
|
const net::SSLInfo& ssl_info,
|
|
const GURL& request_url,
|
|
bool is_main_frame_request,
|
|
bool strict_enforcement,
|
|
CertificateErrorCallback callback,
|
|
bool default_disallow) {
|
|
CEF_REQUIRE_UIT();
|
|
|
|
if (!is_main_frame_request) {
|
|
// A sub-resource has a certificate error. The user doesn't really
|
|
// have a context for making the right decision, so block the request
|
|
// hard.
|
|
std::move(callback).Run(content::CERTIFICATE_REQUEST_RESULT_TYPE_DENY);
|
|
return base::NullCallback();
|
|
}
|
|
|
|
if (auto browser = CefBrowserHostBase::GetBrowserForContents(web_contents)) {
|
|
if (auto client = browser->GetClient()) {
|
|
if (auto handler = client->GetRequestHandler()) {
|
|
CefRefPtr<CefSSLInfo> sslInfo(new CefSSLInfoImpl(ssl_info));
|
|
CefRefPtr<CefAllowCertificateErrorCallbackImpl> callbackImpl(
|
|
new CefAllowCertificateErrorCallbackImpl(std::move(callback)));
|
|
|
|
bool proceed = handler->OnCertificateError(
|
|
browser.get(), static_cast<cef_errorcode_t>(cert_error),
|
|
request_url.spec(), sslInfo, callbackImpl.get());
|
|
if (!proceed) {
|
|
callback = callbackImpl->Disconnect();
|
|
LOG_IF(ERROR, callback.is_null())
|
|
<< "Should return true from OnCertificateError when executing "
|
|
"the callback";
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
if (!callback.is_null() && default_disallow) {
|
|
std::move(callback).Run(content::CERTIFICATE_REQUEST_RESULT_TYPE_DENY);
|
|
return base::NullCallback();
|
|
}
|
|
|
|
return callback;
|
|
}
|
|
|
|
} // namespace certificate_query
|