Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Fix BrowserFrame to construct SslError using the full URL, rather than the host"

Browse Source
This commit is contained in:
Steve Block
2011-10-05 09:46:27 -07:00
committed by Android (Google) Code Review
parent 1d4a25556a fa03f9a346
commit 7897fdd6a6
3 changed files with 24 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
core/java/android/net/http/SslError.java
View File

@@ -163,10 +163,6 @@ public class SslError {
* Gets the URL associated with this object. * Gets the URL associated with this object.
* @return The URL, non-null. * @return The URL, non-null.
*/ */
// TODO: When the WebView constructs an instance of this object, we
// actually provide only the hostname, not the full URL. We should consider
// deprecating this method, adding a new getHost() method and updating the
// constructor arguments. See http://b/5410252.
public String getUrl() { public String getUrl() {
return mUrl; return mUrl;
} }

8
core/java/android/webkit/BrowserFrame.java
View File

@@ -43,7 +43,6 @@ import junit.framework.Assert;
import java.io.IOException; import java.io.IOException;
import java.io.InputStream; import java.io.InputStream;
import java.lang.ref.WeakReference; import java.lang.ref.WeakReference;
import java.net.URL;
import java.net.URLEncoder; import java.net.URLEncoder;
import java.nio.charset.Charsets; import java.nio.charset.Charsets;
import java.security.PrivateKey; import java.security.PrivateKey;
@@ -1171,12 +1170,7 @@ class BrowserFrame extends Handler {
try { try {
X509Certificate cert = new X509CertImpl(certDER); X509Certificate cert = new X509CertImpl(certDER);
SslCertificate sslCert = new SslCertificate(cert); SslCertificate sslCert = new SslCertificate(cert);
if (JniUtil.useChromiumHttpStack()) { sslError = SslError.SslErrorFromChromiumErrorCode(certError, sslCert, url);
sslError = SslError.SslErrorFromChromiumErrorCode(certError, sslCert,
new URL(url).getHost());
} else {
sslError = new SslError(certError, cert, url);
}
} catch (IOException e) { } catch (IOException e) {
// Can't get the certificate, not much to do. // Can't get the certificate, not much to do.
Log.e(LOGTAG, "Can't get the certificate from WebKit, canceling"); Log.e(LOGTAG, "Can't get the certificate from WebKit, canceling");

25
core/java/android/webkit/SslCertLookupTable.java
View File

@@ -19,6 +19,9 @@ package android.webkit;
import android.os.Bundle; import android.os.Bundle;
import android.net.http.SslError; import android.net.http.SslError;
import java.net.MalformedURLException;
import java.net.URL;
/** /**
* Stores the user's decision of whether to allow or deny an invalid certificate. * Stores the user's decision of whether to allow or deny an invalid certificate.
* *
@@ -40,14 +43,32 @@ final class SslCertLookupTable {
} }
public void setIsAllowed(SslError sslError, boolean allow) { public void setIsAllowed(SslError sslError, boolean allow) {
table.putBoolean(sslError.toString(), allow); // TODO: We should key on just the host. See http://b/5409251.
String errorString = sslErrorToString(sslError);
if (errorString != null) {
table.putBoolean(errorString, allow);
}
} }
public boolean isAllowed(SslError sslError) { public boolean isAllowed(SslError sslError) {
return table.getBoolean(sslError.toString()); // TODO: We should key on just the host. See http://b/5409251.
String errorString = sslErrorToString(sslError);
return errorString == null ? false : table.getBoolean(errorString);
} }
public void clear() { public void clear() {
table.clear(); table.clear();
} }
private static String sslErrorToString(SslError error) {
String host;
try {
host = new URL(error.getUrl()).getHost();
} catch(MalformedURLException e) {
return null;
}
return "primary error: " + error.getPrimaryError() +
" certificate: " + error.getCertificate() +
" on host: " + host;
}
} }