Changeset 157781 in webkit


Ignore:
Timestamp:
Oct 22, 2013 2:09:34 AM (10 years ago)
Author:
commit-queue@webkit.org
Message:

[GTK] Add WebKit2 API for TLS errors
https://bugs.webkit.org/show_bug.cgi?id=120160

Patch by Brian Holt <brian.holt@samsung.com> on 2013-10-22
Reviewed by Carlos Garcia Campos.

Source/WebCore:

Added a new constructor for CertificateInfo under Soup.

  • platform/network/CertificateInfo.h:
  • platform/network/soup/CertificateInfoSoup.cpp:

(WebCore::CertificateInfo::CertificateInfo): New constructor using
GTlsCertificateFlags and GTlsCertificate.

Source/WebKit2:

Add a new signal load-failed-with-tls-errors that is emitted with
a WebKitCertificateInfo boxed type to allow users to deal with TLS
errors. A new API is exposed in WebKitWebContext to allow
exceptions for TLS errors on a given host.

  • GNUmakefile.list.am:
  • PlatformGTK.cmake:
  • UIProcess/API/gtk/WebKitCertificateInfo.cpp: Added.

(webkitCertificateInfoGetCertificateInfo):
(webkit_certificate_info_copy):
(webkit_certificate_info_free):
(webkit_certificate_info_get_tls_certificate):
(webkit_certificate_info_get_tls_errors):

  • UIProcess/API/gtk/WebKitCertificateInfo.h: Added.
  • UIProcess/API/gtk/WebKitCertificateInfoPrivate.h: Added.

(_WebKitCertificateInfo::_WebKitCertificateInfo):

  • UIProcess/API/gtk/WebKitWebContext.cpp:

(webkit_web_context_allow_tls_certificate_for_host): Support TLS
exceptions for a given host.

  • UIProcess/API/gtk/WebKitWebContext.h:
  • UIProcess/API/gtk/WebKitWebView.cpp:

(webkit_web_view_class_init): Added new signal.
(webkitWebViewLoadFailedWithTLSErrors): Emit new signal with
WebKitCertificateInfo and host.

  • UIProcess/API/gtk/WebKitWebView.h:
  • UIProcess/API/gtk/WebKitWebViewPrivate.h:
  • UIProcess/API/gtk/docs/webkit2gtk-docs.sgml:
  • UIProcess/API/gtk/docs/webkit2gtk-sections.txt:
  • UIProcess/API/gtk/docs/webkit2gtk.types:
  • UIProcess/API/gtk/tests/TestSSL.cpp:

(testLoadFailedWithTLSErrors):
(httpsServerCallback):
(beforeAll): Added new test.

  • UIProcess/API/gtk/webkit2.h:
  • UIProcess/API/gtk/webkit2marshal.list:
  • UIProcess/WebContext.cpp:

(WebKit::WebContext::allowSpecificHTTPSCertificateForHost): Send
message to WebProcess to allow a certificate and host pair.

  • WebProcess/WebProcess.h:
  • WebProcess/WebProcess.messages.in: New message to tell

WebProcess to allow a specific TLS certificate for a given host.

  • WebProcess/soup/WebProcessSoup.cpp:

(WebKit::WebProcess::allowSpecificHTTPSCertificateForHost): Allow
certificate and host pair.

Location:
trunk/Source
Files:
3 added
21 edited

Legend:

Unmodified
Added
Removed
  • trunk/Source/WebCore/ChangeLog

    r157779 r157781  
     12013-10-22  Brian Holt  <brian.holt@samsung.com>
     2
     3        [GTK] Add WebKit2 API for TLS errors
     4        https://bugs.webkit.org/show_bug.cgi?id=120160
     5
     6        Reviewed by Carlos Garcia Campos.
     7
     8        Added a new constructor for CertificateInfo under Soup.
     9
     10        * platform/network/CertificateInfo.h:
     11        * platform/network/soup/CertificateInfoSoup.cpp:
     12        (WebCore::CertificateInfo::CertificateInfo): New constructor using
     13        GTlsCertificateFlags and GTlsCertificate.
     14
    1152013-10-22  Mihnea Ovidenie  <mihnea@adobe.com>
    216
  • trunk/Source/WebCore/platform/network/CertificateInfo.h

    r157445 r157781  
    4444#if PLATFORM(MAC)
    4545    explicit CertificateInfo(CFArrayRef certificateChain);
     46#elif USE(SOUP)
     47    explicit CertificateInfo(GTlsCertificate*, GTlsCertificateFlags);
    4648#endif
    4749
  • trunk/Source/WebCore/platform/network/soup/CertificateInfoSoup.cpp

    r157445 r157781  
    3535}
    3636
     37CertificateInfo::CertificateInfo(GTlsCertificate* certificate, GTlsCertificateFlags tlsErrors)
     38    : m_certificate(certificate)
     39    , m_tlsErrors(tlsErrors)
     40{
     41}
     42
    3743CertificateInfo::~CertificateInfo()
    3844{
  • trunk/Source/WebKit2/ChangeLog

    r157778 r157781  
     12013-10-22  Brian Holt  <brian.holt@samsung.com>
     2
     3        [GTK] Add WebKit2 API for TLS errors
     4        https://bugs.webkit.org/show_bug.cgi?id=120160
     5
     6        Reviewed by Carlos Garcia Campos.
     7
     8        Add a new signal load-failed-with-tls-errors that is emitted with
     9        a WebKitCertificateInfo boxed type to allow users to deal with TLS
     10        errors. A new API is exposed in WebKitWebContext to allow
     11        exceptions for TLS errors on a given host.
     12
     13        * GNUmakefile.list.am:
     14        * PlatformGTK.cmake:
     15        * UIProcess/API/gtk/WebKitCertificateInfo.cpp: Added.
     16        (webkitCertificateInfoGetCertificateInfo):
     17        (webkit_certificate_info_copy):
     18        (webkit_certificate_info_free):
     19        (webkit_certificate_info_get_tls_certificate):
     20        (webkit_certificate_info_get_tls_errors):
     21        * UIProcess/API/gtk/WebKitCertificateInfo.h: Added.
     22        * UIProcess/API/gtk/WebKitCertificateInfoPrivate.h: Added.
     23        (_WebKitCertificateInfo::_WebKitCertificateInfo):
     24        * UIProcess/API/gtk/WebKitWebContext.cpp:
     25        (webkit_web_context_allow_tls_certificate_for_host): Support TLS
     26        exceptions for a given host.
     27        * UIProcess/API/gtk/WebKitWebContext.h:
     28        * UIProcess/API/gtk/WebKitWebView.cpp:
     29        (webkit_web_view_class_init): Added new signal.
     30        (webkitWebViewLoadFailedWithTLSErrors): Emit new signal with
     31        WebKitCertificateInfo and host.
     32        * UIProcess/API/gtk/WebKitWebView.h:
     33        * UIProcess/API/gtk/WebKitWebViewPrivate.h:
     34        * UIProcess/API/gtk/docs/webkit2gtk-docs.sgml:
     35        * UIProcess/API/gtk/docs/webkit2gtk-sections.txt:
     36        * UIProcess/API/gtk/docs/webkit2gtk.types:
     37        * UIProcess/API/gtk/tests/TestSSL.cpp:
     38        (testLoadFailedWithTLSErrors):
     39        (httpsServerCallback):
     40        (beforeAll): Added new test.
     41        * UIProcess/API/gtk/webkit2.h:
     42        * UIProcess/API/gtk/webkit2marshal.list:
     43        * UIProcess/WebContext.cpp:
     44        (WebKit::WebContext::allowSpecificHTTPSCertificateForHost): Send
     45        message to WebProcess to allow a certificate and host pair.
     46        * WebProcess/WebProcess.h:
     47        * WebProcess/WebProcess.messages.in: New message to tell
     48        WebProcess to allow a specific TLS certificate for a given host.
     49        * WebProcess/soup/WebProcessSoup.cpp:
     50        (WebKit::WebProcess::allowSpecificHTTPSCertificateForHost): Allow
     51        certificate and host pair.
     52
    1532013-10-22  Dan Bernstein  <mitz@apple.com>
    254
  • trunk/Source/WebKit2/GNUmakefile.list.am

    r157748 r157781  
    102102        $(WebKit2)/UIProcess/API/gtk/WebKitBackForwardList.h \
    103103        $(WebKit2)/UIProcess/API/gtk/WebKitBackForwardListItem.h \
     104        $(WebKit2)/UIProcess/API/gtk/WebKitCertificateInfo.h \
    104105        $(WebKit2)/UIProcess/API/gtk/WebKitContextMenu.h \
    105106        $(WebKit2)/UIProcess/API/gtk/WebKitContextMenuActions.h \
     
    681682        Source/WebKit2/UIProcess/API/gtk/WebKitBackForwardListItem.cpp \
    682683        Source/WebKit2/UIProcess/API/gtk/WebKitBackForwardListPrivate.h \
     684        Source/WebKit2/UIProcess/API/gtk/WebKitCertificateInfo.cpp \
     685        Source/WebKit2/UIProcess/API/gtk/WebKitCertificateInfo.h \
     686        Source/WebKit2/UIProcess/API/gtk/WebKitCertificateInfoPrivate.h \
    683687        Source/WebKit2/UIProcess/API/gtk/WebKitContextMenu.cpp \
    684688        Source/WebKit2/UIProcess/API/gtk/WebKitContextMenu.h \
  • trunk/Source/WebKit2/PlatformGTK.cmake

    r157445 r157781  
    8787    UIProcess/API/gtk/WebKitBackForwardListItem.h
    8888    UIProcess/API/gtk/WebKitBackForwardListPrivate.h
     89    UIProcess/API/gtk/WebKitCertificateInfo.cpp
     90    UIProcess/API/gtk/WebKitCertificateInfo.h
     91    UIProcess/API/gtk/WebKitCertificateInfoPrivate.h
    8992    UIProcess/API/gtk/WebKitContextMenu.cpp
    9093    UIProcess/API/gtk/WebKitContextMenu.h
     
    286289    ${WEBKIT2_DIR}/UIProcess/API/gtk/WebKitBackForwardList.h
    287290    ${WEBKIT2_DIR}/UIProcess/API/gtk/WebKitBackForwardListItem.h
     291    ${WEBKIT2_DIR}/UIProcess/API/gtk/WebKitCertificateInfo.h
    288292    ${WEBKIT2_DIR}/UIProcess/API/gtk/WebKitContextMenu.h
    289293    ${WEBKIT2_DIR}/UIProcess/API/gtk/WebKitContextMenuActions.h
  • trunk/Source/WebKit2/UIProcess/API/gtk/WebKitWebContext.cpp

    r152344 r157781  
    2121#include "WebKitWebContext.h"
    2222
     23#include "WebCertificateInfo.h"
    2324#include "WebCookieManagerProxy.h"
    2425#include "WebGeolocationManagerProxy.h"
     26#include "WebKitCertificateInfoPrivate.h"
    2527#include "WebKitCookieManagerPrivate.h"
    2628#include "WebKitDownloadClient.h"
     
    808810}
    809811
     812/**
     813 * webkit_web_context_allow_tls_certificate_for_host:
     814 * @context: a #WebKitWebContext
     815 * @info: a #WebKitCertificateInfo
     816 * @host: the host for which a certificate is to be allowed
     817 *
     818 * Ignore further TLS errors on the @host for the certificate present in @info.
     819 */
     820void webkit_web_context_allow_tls_certificate_for_host(WebKitWebContext* context, WebKitCertificateInfo* info, const gchar* host)
     821{
     822    g_return_if_fail(WEBKIT_IS_WEB_CONTEXT(context));
     823    g_return_if_fail(info);
     824    g_return_if_fail(host);
     825
     826    RefPtr<WebCertificateInfo> webCertificateInfo = WebCertificateInfo::create(webkitCertificateInfoGetCertificateInfo(info));
     827    context->priv->context->allowSpecificHTTPSCertificateForHost(webCertificateInfo.get(), String::fromUTF8(host));
     828}
     829
    810830WebKitDownload* webkitWebContextGetOrCreateDownload(DownloadProxy* downloadProxy)
    811831{
  • trunk/Source/WebKit2/UIProcess/API/gtk/WebKitWebContext.h

    r150130 r157781  
    2626
    2727#include <glib-object.h>
     28#include <webkit2/WebKitCertificateInfo.h>
    2829#include <webkit2/WebKitCookieManager.h>
    2930#include <webkit2/WebKitDefines.h>
     
    6566 * WebKitTLSErrorsPolicy:
    6667 * @WEBKIT_TLS_ERRORS_POLICY_IGNORE: Ignore TLS errors.
    67  * @WEBKIT_TLS_ERRORS_POLICY_FAIL: TLS errors make the load to finish with an error.
     68 * @WEBKIT_TLS_ERRORS_POLICY_FAIL: TLS errors will emit
     69 *   #WebKitWebView::load-failed-with-tls-errors and, if the signal is handled,
     70 *   finish the load. In case the signal is not handled,
     71 *   #WebKitWebView::load-failed is emitted before the load finishes.
    6872 *
    6973 * Enum values used to denote the TLS errors policy.
     
    200204                                                     const gchar                   *directory);
    201205
     206WEBKIT_API void
     207webkit_web_context_allow_tls_certificate_for_host   (WebKitWebContext              *context,
     208                                                     WebKitCertificateInfo         *info,
     209                                                     const gchar                   *host);
     210
    202211G_END_DECLS
    203212
  • trunk/Source/WebKit2/UIProcess/API/gtk/WebKitWebView.cpp

    r157445 r157781  
    3030#include "WebKitAuthenticationRequestPrivate.h"
    3131#include "WebKitBackForwardListPrivate.h"
     32#include "WebKitCertificateInfoPrivate.h"
    3233#include "WebKitContextMenuClient.h"
    3334#include "WebKitContextMenuItemPrivate.h"
     
    9091    LOAD_CHANGED,
    9192    LOAD_FAILED,
     93    LOAD_FAILED_WITH_TLS_ERRORS,
    9294
    9395    CREATE,
     
    848850
    849851    /**
     852     * WebKitWebView::load-failed-with-tls-errors:
     853     * @web_view: the #WebKitWebView on which the signal is emitted
     854     * @info: a #WebKitCertificateInfo
     855     * @host: the host on which the error occurred
     856     *
     857     * Emitted when a TLS error occurs during a load operation. The @info
     858     * object contains information about the error such as the #GTlsCertificate
     859     * and the #GTlsCertificateFlags. To allow an exception for this certificate
     860     * and this host use webkit_web_context_allow_tls_certificate_for_host().
     861     *
     862     * To handle this signal asynchronously you should copy the #WebKitCertificateInfo
     863     * with webkit_certificate_info_copy() and return %TRUE.
     864     *
     865     * If %FALSE is returned, #WebKitWebView::load-failed will be emitted. The load
     866     * will finish regardless of the returned value.
     867     *
     868     * Returns: %TRUE to stop other handlers from being invoked for the event.
     869     *   %FALSE to propagate the event further.
     870     *
     871     * Since: 2.4
     872     */
     873    signals[LOAD_FAILED_WITH_TLS_ERRORS] =
     874        g_signal_new("load-failed-with-tls-errors",
     875            G_TYPE_FROM_CLASS(webViewClass),
     876            G_SIGNAL_RUN_LAST,
     877            G_STRUCT_OFFSET(WebKitWebViewClass, load_failed_with_tls_errors),
     878            g_signal_accumulator_true_handled, 0 /* accumulator data */,
     879            webkit_marshal_BOOLEAN__BOXED_STRING,
     880            G_TYPE_BOOLEAN, 2, /* number of parameters */
     881            WEBKIT_TYPE_CERTIFICATE_INFO  | G_SIGNAL_TYPE_STATIC_SCOPE,
     882            G_TYPE_STRING);
     883
     884    /**
    850885     * WebKitWebView::create:
    851886     * @web_view: the #WebKitWebView on which the signal is emitted
     
    15101545}
    15111546
    1512 void webkitWebViewLoadFailedWithTLSErrors(WebKitWebView* webView, const char* failingURI, GError *error, GTlsCertificateFlags tlsErrors, GTlsCertificate* certificate)
     1547void webkitWebViewLoadFailedWithTLSErrors(WebKitWebView* webView, const char* failingURI, GError* error, GTlsCertificateFlags tlsErrors, GTlsCertificate* certificate)
    15131548{
    15141549    webkitWebViewSetIsLoading(webView, false);
     
    15171552    WebKitTLSErrorsPolicy tlsErrorsPolicy = webkit_web_context_get_tls_errors_policy(webView->priv->context);
    15181553    if (tlsErrorsPolicy == WEBKIT_TLS_ERRORS_POLICY_FAIL) {
    1519         webkitWebViewLoadFailed(webView, WEBKIT_LOAD_STARTED, failingURI, error);
    1520         return;
     1554        GOwnPtr<SoupURI> soupURI(soup_uri_new(failingURI));
     1555        WebKitCertificateInfo info(certificate, tlsErrors);
     1556        gboolean returnValue;
     1557        g_signal_emit(webView, signals[LOAD_FAILED_WITH_TLS_ERRORS], 0, &info, soupURI->host, &returnValue);
     1558        if (!returnValue)
     1559            g_signal_emit(webView, signals[LOAD_FAILED], 0, WEBKIT_LOAD_STARTED, failingURI, error, &returnValue);
    15211560    }
    15221561
  • trunk/Source/WebKit2/UIProcess/API/gtk/WebKitWebView.h

    r153882 r157781  
    201201    WebKitWebViewBaseClass parent;
    202202
    203     void       (* load_changed)              (WebKitWebView               *web_view,
    204                                               WebKitLoadEvent              load_event);
    205     gboolean   (* load_failed)               (WebKitWebView               *web_view,
    206                                               WebKitLoadEvent              load_event,
    207                                               const gchar                 *failing_uri,
    208                                               GError                      *error);
    209 
    210     GtkWidget *(* create)                    (WebKitWebView               *web_view);
    211     void       (* ready_to_show)             (WebKitWebView               *web_view);
    212     void       (* run_as_modal)              (WebKitWebView               *web_view);
    213     void       (* close)                     (WebKitWebView               *web_view);
    214 
    215     gboolean   (* script_dialog)             (WebKitWebView               *web_view,
    216                                               WebKitScriptDialog          *dialog)  ;
    217 
    218     gboolean   (* decide_policy)             (WebKitWebView               *web_view,
    219                                               WebKitPolicyDecision        *decision,
    220                                               WebKitPolicyDecisionType     type);
    221     gboolean   (* permission_request)        (WebKitWebView               *web_view,
    222                                               WebKitPermissionRequest     *permission_request);
    223     void       (* mouse_target_changed)      (WebKitWebView               *web_view,
    224                                               WebKitHitTestResult         *hit_test_result,
    225                                               guint                        modifiers);
    226     gboolean   (* print)                     (WebKitWebView               *web_view,
    227                                               WebKitPrintOperation        *print_operation);
    228     void       (* resource_load_started)     (WebKitWebView               *web_view,
    229                                               WebKitWebResource           *resource,
    230                                               WebKitURIRequest            *request);
    231     gboolean   (* enter_fullscreen)          (WebKitWebView               *web_view);
    232     gboolean   (* leave_fullscreen)          (WebKitWebView               *web_view);
    233     gboolean   (* run_file_chooser)          (WebKitWebView               *web_view,
    234                                               WebKitFileChooserRequest    *request);
    235     gboolean   (* context_menu)              (WebKitWebView               *web_view,
    236                                               WebKitContextMenu           *context_menu,
    237                                               GdkEvent                    *event,
    238                                               WebKitHitTestResult         *hit_test_result);
    239     void       (* context_menu_dismissed)    (WebKitWebView               *web_view);
    240     void       (* submit_form)               (WebKitWebView               *web_view,
    241                                               WebKitFormSubmissionRequest *request);
    242     void       (* insecure_content_detected) (WebKitWebView               *web_view,
    243                                               WebKitInsecureContentEvent   event);
    244     gboolean   (* web_process_crashed)       (WebKitWebView               *web_view);
    245 
    246     gboolean   (* authenticate)              (WebKitWebView               *web_view,
    247                                               WebKitAuthenticationRequest *request);
     203    void       (* load_changed)                (WebKitWebView               *web_view,
     204                                                WebKitLoadEvent              load_event);
     205    gboolean   (* load_failed)                 (WebKitWebView               *web_view,
     206                                                WebKitLoadEvent              load_event,
     207                                                const gchar                 *failing_uri,
     208                                                GError                      *error);
     209
     210    GtkWidget *(* create)                      (WebKitWebView               *web_view);
     211    void       (* ready_to_show)               (WebKitWebView               *web_view);
     212    void       (* run_as_modal)                (WebKitWebView               *web_view);
     213    void       (* close)                       (WebKitWebView               *web_view);
     214
     215    gboolean   (* script_dialog)               (WebKitWebView               *web_view,
     216                                                WebKitScriptDialog          *dialog)  ;
     217
     218    gboolean   (* decide_policy)               (WebKitWebView               *web_view,
     219                                                WebKitPolicyDecision        *decision,
     220                                                WebKitPolicyDecisionType     type);
     221    gboolean   (* permission_request)          (WebKitWebView               *web_view,
     222                                                WebKitPermissionRequest     *permission_request);
     223    void       (* mouse_target_changed)        (WebKitWebView               *web_view,
     224                                                WebKitHitTestResult         *hit_test_result,
     225                                                guint                        modifiers);
     226    gboolean   (* print)                       (WebKitWebView               *web_view,
     227                                                WebKitPrintOperation        *print_operation);
     228    void       (* resource_load_started)       (WebKitWebView               *web_view,
     229                                                WebKitWebResource           *resource,
     230                                                WebKitURIRequest            *request);
     231    gboolean   (* enter_fullscreen)            (WebKitWebView               *web_view);
     232    gboolean   (* leave_fullscreen)            (WebKitWebView               *web_view);
     233    gboolean   (* run_file_chooser)            (WebKitWebView               *web_view,
     234                                                WebKitFileChooserRequest    *request);
     235    gboolean   (* context_menu)                (WebKitWebView               *web_view,
     236                                                WebKitContextMenu           *context_menu,
     237                                                GdkEvent                    *event,
     238                                                WebKitHitTestResult         *hit_test_result);
     239    void       (* context_menu_dismissed)      (WebKitWebView               *web_view);
     240    void       (* submit_form)                 (WebKitWebView               *web_view,
     241                                                WebKitFormSubmissionRequest *request);
     242    void       (* insecure_content_detected)   (WebKitWebView               *web_view,
     243                                                WebKitInsecureContentEvent   event);
     244    gboolean   (* web_process_crashed)         (WebKitWebView               *web_view);
     245
     246    gboolean   (* authenticate)                (WebKitWebView               *web_view,
     247                                                WebKitAuthenticationRequest *request);
     248    gboolean   (* load_failed_with_tls_errors) (WebKitWebView               *web_view,
     249                                                WebKitCertificateInfo       *info,
     250                                                const gchar                 *host);
    248251    void (*_webkit_reserved0) (void);
    249252    void (*_webkit_reserved1) (void);
     
    252255    void (*_webkit_reserved4) (void);
    253256    void (*_webkit_reserved5) (void);
    254     void (*_webkit_reserved6) (void);
    255257};
    256258
  • trunk/Source/WebKit2/UIProcess/API/gtk/WebKitWebViewPrivate.h

    r148665 r157781  
    3434void webkitWebViewLoadChanged(WebKitWebView*, WebKitLoadEvent);
    3535void webkitWebViewLoadFailed(WebKitWebView*, WebKitLoadEvent, const char* failingURI, GError*);
    36 void webkitWebViewLoadFailedWithTLSErrors(WebKitWebView*, const char* failingURI, GError *, GTlsCertificateFlags, GTlsCertificate*);
     36void webkitWebViewLoadFailedWithTLSErrors(WebKitWebView*, const char* failingURI, GError*, GTlsCertificateFlags, GTlsCertificate*);
    3737void webkitWebViewSetEstimatedLoadProgress(WebKitWebView*, double estimatedLoadProgress);
    3838void webkitWebViewSetTitle(WebKitWebView*, const CString&);
  • trunk/Source/WebKit2/UIProcess/API/gtk/docs/webkit2gtk-docs.sgml

    r156028 r157781  
    4444    <xi:include href="xml/WebKitSecurityManager.xml"/>
    4545    <xi:include href="xml/WebKitWebViewGroup.xml"/>
     46    <xi:include href="xml/WebKitCertificateInfo.xml"/>
    4647  </chapter>
    4748
     
    6263    <xi:include href="xml/api-index-2.2.xml"><xi:fallback /></xi:include>
    6364  </index> 
    64  
     65
     66  <index id="api-index-2-4" role="2.4">
     67    <title>Index of new symbols in 2.4</title>
     68    <xi:include href="xml/api-index-2.4.xml"><xi:fallback /></xi:include>
     69  </index>
     70
    6571  <xi:include href="xml/annotation-glossary.xml"><xi:fallback /></xi:include>
    6672</book>
  • trunk/Source/WebKit2/UIProcess/API/gtk/docs/webkit2gtk-sections.txt

    r154603 r157781  
    4949webkit_web_context_prefetch_dns
    5050webkit_web_context_set_disk_cache_directory
     51webkit_web_context_allow_tls_certificate_for_host
    5152
    5253<SUBSECTION URI Scheme>
     
    10981099webkit_script_world_get_type
    10991100</SECTION>
     1101
     1102<SECTION>
     1103<FILE>WebKitCertificateInfo</FILE>
     1104WebKitCertificateInfo
     1105webkit_certificate_info_copy
     1106webkit_certificate_info_free
     1107webkit_certificate_info_get_tls_certificate
     1108webkit_certificate_info_get_tls_errors
     1109
     1110<SUBSECTION Standard>
     1111WEBKIT_TYPE_CERTIFICATE_INFO
     1112
     1113<SUBSECTION Private>
     1114webkit_certificate_info_get_type
     1115</SECTION>
  • trunk/Source/WebKit2/UIProcess/API/gtk/docs/webkit2gtk.types

    r154540 r157781  
    2828webkit_credential_get_type
    2929webkit_frame_get_type
     30webkit_certificate_info_get_type
  • trunk/Source/WebKit2/UIProcess/API/gtk/tests/TestSSL.cpp

    r143341 r157781  
    2929static const char* indexHTML = "<html><body>Testing WebKit2GTK+ SSL</body></htmll>";
    3030static const char* insecureContentHTML = "<html><script src=\"%s\"></script><body><p>Text + image <img src=\"%s\" align=\"right\"/></p></body></html>";
     31static const char TLSExpectedSuccessTitle[] = "WebKit2Gtk+ TLS permission test";
     32static const char TLSSuccessHTMLString[] = "<html><head><title>WebKit2Gtk+ TLS permission test</title></head><body></body></html>";
    3133
    3234class SSLTest: public LoadTrackingTest {
     
    133135}
    134136
     137class TLSErrorsTest: public SSLTest {
     138public:
     139    MAKE_GLIB_TEST_FIXTURE(TLSErrorsTest);
     140
     141    TLSErrorsTest()
     142    {
     143        g_signal_connect(m_webView, "load-failed-with-tls-errors", G_CALLBACK(runLoadFailedWithTLSErrorsCallback), this);
     144    }
     145
     146    ~TLSErrorsTest()
     147    {
     148        g_signal_handlers_disconnect_matched(m_webView, G_SIGNAL_MATCH_DATA, 0, 0, 0, 0, this);
     149        if (m_certificateInfo)
     150            webkit_certificate_info_free(m_certificateInfo);
     151    }
     152
     153    static gboolean runLoadFailedWithTLSErrorsCallback(WebKitWebView*, WebKitCertificateInfo* info, const char* host, TLSErrorsTest* test)
     154    {
     155        test->runLoadFailedWithTLSErrors(info, host);
     156        return TRUE;
     157    }
     158
     159    void runLoadFailedWithTLSErrors(WebKitCertificateInfo* info, const char* host)
     160    {
     161        if (m_certificateInfo)
     162            webkit_certificate_info_free(m_certificateInfo);
     163        m_certificateInfo = webkit_certificate_info_copy(info);
     164        m_host.set(g_strdup(host));
     165        g_main_loop_quit(m_mainLoop);
     166    }
     167
     168    void waitUntilLoadFailedWithTLSErrors()
     169    {
     170        g_main_loop_run(m_mainLoop);
     171    }
     172
     173    WebKitCertificateInfo* certificateInfo()
     174    {
     175        return m_certificateInfo;
     176    }
     177
     178    const char* host()
     179    {
     180        return m_host.get();
     181    }
     182
     183private:
     184    WebKitCertificateInfo* m_certificateInfo;
     185    GOwnPtr<char> m_host;
     186};
     187
     188static void testLoadFailedWithTLSErrors(TLSErrorsTest* test, gconstpointer)
     189{
     190    WebKitWebContext* context = webkit_web_view_get_context(test->m_webView);
     191    webkit_web_context_set_tls_errors_policy(context, WEBKIT_TLS_ERRORS_POLICY_FAIL);
     192
     193    // The load-failed-with-tls-errors signal should be emitted when there is a TLS failure.
     194    test->loadURI(kHttpsServer->getURIForPath("/test-tls/").data());
     195    test->waitUntilLoadFailedWithTLSErrors();
     196    // Test the WebKitCertificateInfo API.
     197    g_assert(G_IS_TLS_CERTIFICATE(webkit_certificate_info_get_tls_certificate(test->certificateInfo())));
     198    g_assert_cmpuint(webkit_certificate_info_get_tls_errors(test->certificateInfo()), ==, G_TLS_CERTIFICATE_UNKNOWN_CA);
     199    g_assert_cmpstr(test->host(), ==, soup_uri_get_host(kHttpsServer->baseURI()));
     200    g_assert_cmpint(test->m_loadEvents[0], ==, LoadTrackingTest::ProvisionalLoadStarted);
     201    g_assert_cmpint(test->m_loadEvents[1], ==, LoadTrackingTest::LoadFinished);
     202
     203    // Test allowing an exception for this certificate on this host.
     204    webkit_web_context_allow_tls_certificate_for_host(context, test->certificateInfo(), test->host());
     205    // The page should now load without errors.
     206    test->loadURI(kHttpsServer->getURIForPath("/test-tls/").data());
     207    test->waitUntilLoadFinished();
     208
     209    g_assert_cmpint(test->m_loadEvents[0], ==, LoadTrackingTest::ProvisionalLoadStarted);
     210    g_assert_cmpint(test->m_loadEvents[1], ==, LoadTrackingTest::LoadCommitted);
     211    g_assert_cmpint(test->m_loadEvents[2], ==, LoadTrackingTest::LoadFinished);
     212    g_assert_cmpstr(webkit_web_view_get_title(test->m_webView), ==, TLSExpectedSuccessTitle);
     213}
     214
     215
    135216static void httpsServerCallback(SoupServer* server, SoupMessage* message, const char* path, GHashTable*, SoupClientContext*, gpointer)
    136217{
     
    148229        soup_message_body_append(message->response_body, SOUP_MEMORY_COPY, responseHTML.get(), strlen(responseHTML.get()));
    149230        soup_message_set_status(message, SOUP_STATUS_OK);
     231        soup_message_body_complete(message->response_body);
     232    } else if (g_str_equal(path, "/test-tls/")) {
     233        soup_message_set_status(message, SOUP_STATUS_OK);
     234        soup_message_body_append(message->response_body, SOUP_MEMORY_STATIC, TLSSuccessHTMLString, strlen(TLSSuccessHTMLString));
    150235        soup_message_body_complete(message->response_body);
    151236    } else
     
    192277    SSLTest::add("WebKitWebView", "ssl", testSSL);
    193278    InsecureContentTest::add("WebKitWebView", "insecure-content", testInsecureContent);
    194     SSLTest::add("WebKitWebContext", "tls-errors-policy", testTLSErrorsPolicy);
     279    // In this case the order of the tests does matter because tls-errors-policy tests the default policy,
     280    // and expects that no exception will have been added for this certificate and host pair as is
     281    // done in the tls-permission-request test.
     282    SSLTest::add("WebKitWebView", "tls-errors-policy", testTLSErrorsPolicy);
     283    TLSErrorsTest::add("WebKitWebView", "load-failed-with-tls-errors", testLoadFailedWithTLSErrors);
    195284}
    196285
  • trunk/Source/WebKit2/UIProcess/API/gtk/webkit2.h

    r153882 r157781  
    2727#include <webkit2/WebKitBackForwardList.h>
    2828#include <webkit2/WebKitBackForwardListItem.h>
     29#include <webkit2/WebKitCertificateInfo.h>
    2930#include <webkit2/WebKitContextMenu.h>
    3031#include <webkit2/WebKitContextMenuActions.h>
  • trunk/Source/WebKit2/UIProcess/API/gtk/webkit2marshal.list

    r148679 r157781  
    11BOOLEAN:BOXED
     2BOOLEAN:BOXED,STRING
    23BOOLEAN:ENUM,STRING,POINTER
    34BOOLEAN:OBJECT
  • trunk/Source/WebKit2/UIProcess/WebContext.cpp

    r157524 r157781  
    10901090    }
    10911091#else
     1092#if USE(SOUP)
     1093    m_processes[0]->send(Messages::WebProcess::AllowSpecificHTTPSCertificateForHost(certificate->certificateInfo(), host), 0);
     1094    return;
     1095#else
    10921096    UNUSED_PARAM(certificate);
    10931097    UNUSED_PARAM(host);
    10941098#endif
    1095     // FIXME: It's unclear whether we want this SPI to be exposed and used for clients that don't use the NetworkProcess.
     1099#endif
     1100
    10961101    ASSERT_NOT_REACHED();
    10971102}
  • trunk/Source/WebKit2/WebProcess/WebProcess.h

    r157524 r157781  
    3636#include "TextCheckerState.h"
    3737#include "VisitedLinkTable.h"
     38#include <WebCore/CertificateInfo.h>
    3839#include <WebCore/LinkHash.h>
    3940#include <WebCore/Timer.h>
     
    170171    void updateActivePages();
    171172
     173#if !ENABLE(NETWORK_PROCESS) && USE(SOUP)
     174    void allowSpecificHTTPSCertificateForHost(const WebCore::CertificateInfo&, const String& host);
     175#endif
     176
    172177private:
    173178    WebProcess();
  • trunk/Source/WebKit2/WebProcess/WebProcess.messages.in

    r156847 r157781  
    8383    SetProcessSuppressionEnabled(bool flag);
    8484#endif
     85
     86#if !ENABLE(NETWORK_PROCESS) && USE(SOUP)
     87    AllowSpecificHTTPSCertificateForHost(WebCore::CertificateInfo certificate, WTF::String host)
     88#endif
    8589}
  • trunk/Source/WebKit2/WebProcess/soup/WebProcessSoup.cpp

    r149884 r157781  
    209209}
    210210
     211#if !ENABLE(NETWORK_PROCESS)
     212void WebProcess::allowSpecificHTTPSCertificateForHost(const WebCore::CertificateInfo& certificateInfo, const String& host)
     213{
     214    WebCore::ResourceHandle::setClientCertificate(host, certificateInfo.certificate());
     215}
     216#endif
    211217} // namespace WebKit
Note: See TracChangeset for help on using the changeset viewer.