Show SSL state on favicon and site settings
Change-Id: I2f74f8caa8b8e4aaee7d78895287bdd7d69f758f
diff --git a/src/com/android/browser/Tab.java b/src/com/android/browser/Tab.java
index 1642568..a86b2e6 100644
--- a/src/com/android/browser/Tab.java
+++ b/src/com/android/browser/Tab.java
@@ -36,7 +36,6 @@
import android.graphics.PorterDuffXfermode;
import android.graphics.Rect;
import android.net.Uri;
-import android.net.http.SslError;
import android.os.Bundle;
import android.os.Handler;
import android.os.Message;
@@ -48,7 +47,6 @@
import android.view.KeyEvent;
import android.view.LayoutInflater;
import android.view.View;
-import android.view.ViewStub;
import android.webkit.ConsoleMessage;
import android.webkit.URLUtil;
import android.webkit.WebResourceResponse;
@@ -68,7 +66,6 @@
import org.codeaurora.swe.BrowserDownloadListener;
import org.codeaurora.swe.ClientCertRequestHandler;
import org.codeaurora.swe.HttpAuthHandler;
-import org.codeaurora.swe.SslErrorHandler;
import org.codeaurora.swe.WebBackForwardList;
import org.codeaurora.swe.WebChromeClient;
import org.codeaurora.swe.WebView;
@@ -226,7 +223,6 @@
String mTitle;
SecurityState mSecurityState;
// This is non-null only when mSecurityState is SECURITY_STATE_BAD_CERTIFICATE.
- SslError mSslCertificateError;
Bitmap mFavicon;
boolean mIsBookmarkedSite;
boolean mIncognito;
@@ -246,11 +242,7 @@
PageState(Context c, boolean incognito, String url, Bitmap favicon) {
mIncognito = incognito;
mOriginalUrl = mUrl = url;
- if (URLUtil.isHttpsUrl(url)) {
- mSecurityState = SecurityState.SECURITY_STATE_SECURE;
- } else {
- mSecurityState = SecurityState.SECURITY_STATE_NOT_SECURE;
- }
+ mSecurityState = SecurityState.SECURITY_STATE_NOT_SECURE;
mFavicon = favicon;
}
@@ -303,6 +295,20 @@
return (index & 0xffffff);
}
+ public static SecurityState getWebViewSecurityState(WebView view) {
+ switch (view.getSecurityLevel()) {
+ case WebView.SecurityLevel.EV_SECURE:
+ case WebView.SecurityLevel.SECURE:
+ return SecurityState.SECURITY_STATE_SECURE;
+ case WebView.SecurityLevel.SECURITY_ERROR:
+ return SecurityState.SECURITY_STATE_BAD_CERTIFICATE;
+ case WebView.SecurityLevel.SECURITY_POLICY_WARNING:
+ case WebView.SecurityLevel.SECURITY_WARNING:
+ return SecurityState.SECURITY_STATE_MIXED;
+ }
+ return SecurityState.SECURITY_STATE_NOT_SECURE;
+ }
+
// -------------------------------------------------------------------------
// WebViewClient implementation for the main WebView
// -------------------------------------------------------------------------
@@ -359,6 +365,7 @@
}
syncCurrentState(view, url);
mWebViewController.onPageFinished(Tab.this);
+ setSecurityState(getWebViewSecurityState(view));
}
@Override
@@ -483,74 +490,6 @@
}
/**
- * Displays SSL error(s) dialog to the user.
- */
- @Override
- public void onReceivedSslError(final WebView view,
- final SslErrorHandler handler, final SslError error) {
- if (!mInForeground) {
- handler.cancel();
- setSecurityState(SecurityState.SECURITY_STATE_NOT_SECURE);
- return;
- }
- if (mSettings.showSecurityWarnings()) {
- new AlertDialog.Builder(mContext)
- .setTitle(R.string.security_warning)
- .setMessage(R.string.ssl_warnings_header)
- .setIconAttribute(android.R.attr.alertDialogIcon)
- .setPositiveButton(R.string.ssl_continue,
- new DialogInterface.OnClickListener() {
- @Override
- public void onClick(DialogInterface dialog,
- int whichButton) {
- handler.proceed();
- handleProceededAfterSslError(error);
- }
- })
- .setNeutralButton(R.string.view_certificate,
- new DialogInterface.OnClickListener() {
- @Override
- public void onClick(DialogInterface dialog,
- int whichButton) {
- mWebViewController.showSslCertificateOnError(
- view, handler, error);
- }
- })
- .setNegativeButton(R.string.ssl_go_back,
- new DialogInterface.OnClickListener() {
- @Override
- public void onClick(DialogInterface dialog,
- int whichButton) {
- dialog.cancel();
- }
- })
- .setOnCancelListener(
- new DialogInterface.OnCancelListener() {
- @Override
- public void onCancel(DialogInterface dialog) {
- handler.cancel();
- setSecurityState(SecurityState.SECURITY_STATE_NOT_SECURE);
- mWebViewController.onUserCanceledSsl(Tab.this);
- }
- })
- .show();
- } else {
- handler.proceed();
- }
- }
-
- /**
- * Called when an SSL error occurred while loading a resource, but the
- * WebView but chose to proceed anyway based on a decision retained
- * from a previous response to onReceivedSslError(). We update our
- * security state to reflect this.
- */
- @Override
- public void onProceededAfterSslError(WebView view, SslError error) {
- handleProceededAfterSslError(error);
- }
-
- /**
* Displays client certificate request to the user.
*/
@Override
@@ -751,7 +690,6 @@
// In case we stop when loading an HTTPS page from an HTTP page
// but before a provisional load occurred
mCurrentState.mSecurityState = SecurityState.SECURITY_STATE_NOT_SECURE;
- mCurrentState.mSslCertificateError = null;
}
mCurrentState.mIncognito = view.isPrivateBrowsingEnabled();
}
@@ -1177,16 +1115,6 @@
return mClient.shouldOverrideUrlLoading(view, url);
}
@Override
- public void onReceivedSslError(WebView view, SslErrorHandler handler,
- SslError error) {
- mClient.onReceivedSslError(view, handler, error);
- }
- @Override
- public void onReceivedClientCertRequest(WebView view,
- ClientCertRequestHandler handler, String host_and_port) {
- mClient.onReceivedClientCertRequest(view, handler, host_and_port);
- }
- @Override
public void onReceivedHttpAuthRequest(WebView view,
HttpAuthHandler handler, String host, String realm) {
mClient.onReceivedHttpAuthRequest(view, handler, host, realm);
@@ -1792,7 +1720,6 @@
*/
private void setSecurityState(SecurityState securityState) {
mCurrentState.mSecurityState = securityState;
- mCurrentState.mSslCertificateError = null;
mWebViewController.onUpdatedSecurityState(this);
}
@@ -1803,15 +1730,6 @@
return mCurrentState.mSecurityState;
}
- /**
- * Gets the SSL certificate error, if any, for the page's main resource.
- * This is only non-null when the security state is
- * SECURITY_STATE_BAD_CERTIFICATE.
- */
- SslError getSslCertificateError() {
- return mCurrentState.mSslCertificateError;
- }
-
int getLoadProgress() {
if (mInPageLoad) {
return mPageLoadProgress;
@@ -2148,18 +2066,6 @@
return builder.toString();
}
- private void handleProceededAfterSslError(SslError error) {
- if (error.getUrl().equals(mCurrentState.mUrl)) {
- // The security state should currently be SECURITY_STATE_SECURE.
- setSecurityState(SecurityState.SECURITY_STATE_BAD_CERTIFICATE);
- mCurrentState.mSslCertificateError = error;
- } else if (getSecurityState() == SecurityState.SECURITY_STATE_SECURE) {
- // The page's main resource is secure and this error is for a
- // sub-resource.
- setSecurityState(SecurityState.SECURITY_STATE_MIXED);
- }
- }
-
// dertermines if the tab contains a dislled page
public boolean isDistilled() {
if (!BrowserCommandLine.hasSwitch("reader-mode")) {