File: ssl_validity_checker.cc

package info (click to toggle)
chromium 138.0.7204.183-1~deb12u1
  • links: PTS, VCS
  • area: main
  • in suites: bookworm-proposed-updates
  • size: 6,080,960 kB
  • sloc: cpp: 34,937,079; ansic: 7,176,967; javascript: 4,110,704; python: 1,419,954; asm: 946,768; xml: 739,971; pascal: 187,324; sh: 89,623; perl: 88,663; objc: 79,944; sql: 50,304; cs: 41,786; fortran: 24,137; makefile: 21,811; php: 13,980; tcl: 13,166; yacc: 8,925; ruby: 7,485; awk: 3,720; lisp: 3,096; lex: 1,327; ada: 727; jsp: 228; sed: 36
file content (94 lines) | stat: -rw-r--r-- 2,917 bytes parent folder | download | duplicates (5) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
 
// Copyright 2017 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include "components/payments/content/ssl_validity_checker.h"

#include "base/check.h"
#include "base/command_line.h"
#include "base/notreached.h"
#include "base/strings/string_util.h"
#include "components/network_session_configurator/common/network_switches.h"
#include "components/payments/core/native_error_strings.h"
#include "components/payments/core/url_util.h"
#include "components/security_state/content/content_utils.h"
#include "components/security_state/core/security_state.h"
#include "content/public/browser/web_contents.h"
#include "url/gurl.h"

namespace payments {

// static std::string
std::string SslValidityChecker::GetInvalidSslCertificateErrorMessage(
    content::WebContents* web_contents) {
  if (!web_contents)
    return errors::kInvalidSslCertificate;

  security_state::SecurityLevel security_level = GetSecurityLevel(web_contents);
  std::string level;
  switch (security_level) {
    // Indicate valid SSL with an empty string.
    case security_state::SECURE:
      return "";

    case security_state::NONE:
      level = "NONE";
      break;
    case security_state::WARNING:
      level = "WARNING";
      break;
    case security_state::DANGEROUS:
      level = "DANGEROUS";
      break;

    case security_state::SECURITY_LEVEL_COUNT:
      NOTREACHED();
  }

  std::string message;
  bool replaced =
      base::ReplaceChars(errors::kDetailedInvalidSslCertificateMessageFormat,
                         "$", level, &message);
  DCHECK(replaced);

  // No early return, so the other code is exercised in tests, too.
  return base::CommandLine::ForCurrentProcess()->HasSwitch(
             switches::kIgnoreCertificateErrors)
             ? ""
             : message;
}

// static
bool SslValidityChecker::IsValidPageInPaymentHandlerWindow(
    content::WebContents* web_contents) {
  if (!web_contents)
    return false;

  GURL main_frame_url = web_contents->GetVisibleURL();
  if (!UrlUtil::IsValidUrlInPaymentHandlerWindow(main_frame_url))
    return false;

  if (main_frame_url.SchemeIsCryptographic()) {
    security_state::SecurityLevel security_level =
        GetSecurityLevel(web_contents);
    return security_level == security_state::SECURE ||
           // No early return, so the other code is exercised in tests, too.
           base::CommandLine::ForCurrentProcess()->HasSwitch(
               switches::kIgnoreCertificateErrors);
  }

  return true;
}

// static
security_state::SecurityLevel SslValidityChecker::GetSecurityLevel(
    content::WebContents* web_contents) {
  DCHECK(web_contents);
  std::unique_ptr<security_state::VisibleSecurityState> state =
      security_state::GetVisibleSecurityState(web_contents);
  DCHECK(state);

  return security_state::GetSecurityLevel(*state);
}

}  // namespace payments