1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CONTENT_BROWSER_SSL_SSL_ERROR_HANDLER_H_ 6 #define CONTENT_BROWSER_SSL_SSL_ERROR_HANDLER_H_ 7 8 #include <string> 9 10 #include "base/basictypes.h" 11 #include "base/memory/ref_counted.h" 12 #include "base/memory/weak_ptr.h" 13 #include "content/common/content_export.h" 14 #include "content/public/browser/global_request_id.h" 15 #include "url/gurl.h" 16 #include "webkit/common/resource_type.h" 17 18 namespace net { 19 class SSLInfo; 20 class URLRequest; 21 } // namespace net 22 23 namespace content { 24 25 class ResourceDispatcherHostImpl; 26 class SSLCertErrorHandler; 27 class SSLManager; 28 29 // An SSLErrorHandler carries information from the IO thread to the UI thread 30 // and is dispatched to the appropriate SSLManager when it arrives on the 31 // UI thread. Subclasses should override the OnDispatched/OnDispatchFailed 32 // methods to implement the actions that should be taken on the UI thread. 33 // These methods can call the different convenience methods ContinueRequest/ 34 // CancelRequest to perform any required action on the net::URLRequest the 35 // ErrorHandler was created with. 36 // 37 // IMPORTANT NOTE: 38 // 39 // If you are not doing anything in OnDispatched/OnDispatchFailed, make sure 40 // you call TakeNoAction(). This is necessary for ensuring the instance is 41 // not leaked. 42 // 43 class SSLErrorHandler : public base::RefCountedThreadSafe<SSLErrorHandler> { 44 public: 45 // Delegate functions must be called from IO thread. All functions accept 46 // |id| as the first argument. |id| is a copy of the second argument of 47 // SSLManager::OnSSLCertificateError() and represents the request. 48 // Finally, CancelSSLRequest() or ContinueSSLRequest() will be called after 49 // SSLErrorHandler makes a decision on the SSL error. 50 class CONTENT_EXPORT Delegate { 51 public: 52 // Called when SSLErrorHandler decides to cancel the request because of 53 // the SSL error. 54 virtual void CancelSSLRequest(const GlobalRequestID& id, 55 int error, 56 const net::SSLInfo* ssl_info) = 0; 57 58 // Called when SSLErrorHandler decides to continue the request despite the 59 // SSL error. 60 virtual void ContinueSSLRequest(const GlobalRequestID& id) = 0; 61 62 protected: ~Delegate()63 virtual ~Delegate() {} 64 }; 65 66 virtual SSLCertErrorHandler* AsSSLCertErrorHandler(); 67 68 // Find the appropriate SSLManager for the net::URLRequest and begin handling 69 // this error. 70 // 71 // Call on UI thread. 72 void Dispatch(); 73 74 // Available on either thread. request_url()75 const GURL& request_url() const { return request_url_; } 76 77 // Available on either thread. resource_type()78 ResourceType::Type resource_type() const { return resource_type_; } 79 80 // Cancels the associated net::URLRequest. 81 // This method can be called from OnDispatchFailed and OnDispatched. 82 CONTENT_EXPORT void CancelRequest(); 83 84 // Continue the net::URLRequest ignoring any previous errors. Note that some 85 // errors cannot be ignored, in which case this will result in the request 86 // being canceled. 87 // This method can be called from OnDispatchFailed and OnDispatched. 88 void ContinueRequest(); 89 90 // Cancels the associated net::URLRequest and mark it as denied. The renderer 91 // processes such request in a special manner, optionally replacing them 92 // with alternate content (typically frames content is replaced with a 93 // warning message). 94 // This method can be called from OnDispatchFailed and OnDispatched. 95 void DenyRequest(); 96 97 // Does nothing on the net::URLRequest but ensures the current instance ref 98 // count is decremented appropriately. Subclasses that do not want to 99 // take any specific actions in their OnDispatched/OnDispatchFailed should 100 // call this. 101 void TakeNoAction(); 102 render_process_id()103 int render_process_id() const { return render_process_id_; } render_view_id()104 int render_view_id() const { return render_view_id_; } 105 106 protected: 107 friend class base::RefCountedThreadSafe<SSLErrorHandler>; 108 109 // Construct on the IO thread. 110 SSLErrorHandler(const base::WeakPtr<Delegate>& delegate, 111 const GlobalRequestID& id, 112 ResourceType::Type resource_type, 113 const GURL& url, 114 int render_process_id, 115 int render_view_id); 116 117 virtual ~SSLErrorHandler(); 118 119 // The following 2 methods are the methods subclasses should implement. 120 virtual void OnDispatchFailed(); 121 122 // Can use the manager_ member. 123 virtual void OnDispatched(); 124 125 // Should only be accessed on the UI thread. 126 SSLManager* manager_; // Our manager. 127 128 // The id of the request associated with this object. 129 // Should only be accessed from the IO thread. 130 GlobalRequestID request_id_; 131 132 // The delegate we are associated with. 133 base::WeakPtr<Delegate> delegate_; 134 135 private: 136 // Completes the CancelRequest operation on the IO thread. 137 // Call on the IO thread. 138 void CompleteCancelRequest(int error); 139 140 // Completes the ContinueRequest operation on the IO thread. 141 // 142 // Call on the IO thread. 143 void CompleteContinueRequest(); 144 145 // Derefs this instance. 146 // Call on the IO thread. 147 void CompleteTakeNoAction(); 148 149 // We use these members to find the correct SSLManager when we arrive on 150 // the UI thread. 151 int render_process_id_; 152 int render_view_id_; 153 154 // The URL that we requested. 155 // This read-only member can be accessed on any thread. 156 const GURL request_url_; 157 158 // What kind of resource is associated with the requested that generated 159 // that error. 160 // This read-only member can be accessed on any thread. 161 const ResourceType::Type resource_type_; 162 163 // A flag to make sure we notify the net::URLRequest exactly once. 164 // Should only be accessed on the IO thread 165 bool request_has_been_notified_; 166 167 DISALLOW_COPY_AND_ASSIGN(SSLErrorHandler); 168 }; 169 170 } // namespace content 171 172 #endif // CONTENT_BROWSER_SSL_SSL_ERROR_HANDLER_H_ 173