1 /****************************************************************************
2 **
3 ** Copyright (C) 2016 The Qt Company Ltd.
4 ** Contact: https://www.qt.io/licensing/
5 **
6 ** This file is part of the QtWebEngine module of the Qt Toolkit.
7 **
8 ** $QT_BEGIN_LICENSE:LGPL$
9 ** Commercial License Usage
10 ** Licensees holding valid commercial Qt licenses may use this file in
11 ** accordance with the commercial license agreement provided with the
12 ** Software or, alternatively, in accordance with the terms contained in
13 ** a written agreement between you and The Qt Company. For licensing terms
14 ** and conditions see https://www.qt.io/terms-conditions. For further
15 ** information use the contact form at https://www.qt.io/contact-us.
16 **
17 ** GNU Lesser General Public License Usage
18 ** Alternatively, this file may be used under the terms of the GNU Lesser
19 ** General Public License version 3 as published by the Free Software
20 ** Foundation and appearing in the file LICENSE.LGPL3 included in the
21 ** packaging of this file. Please review the following information to
22 ** ensure the GNU Lesser General Public License version 3 requirements
23 ** will be met: https://www.gnu.org/licenses/lgpl-3.0.html.
24 **
25 ** GNU General Public License Usage
26 ** Alternatively, this file may be used under the terms of the GNU
27 ** General Public License version 2.0 or (at your option) the GNU General
28 ** Public license version 3 or any later version approved by the KDE Free
29 ** Qt Foundation. The licenses are as published by the Free Software
30 ** Foundation and appearing in the file LICENSE.GPL2 and LICENSE.GPL3
31 ** included in the packaging of this file. Please review the following
32 ** information to ensure the GNU General Public License requirements will
33 ** be met: https://www.gnu.org/licenses/gpl-2.0.html and
34 ** https://www.gnu.org/licenses/gpl-3.0.html.
35 **
36 ** $QT_END_LICENSE$
37 **
38 ****************************************************************************/
39
40 #include "qwebenginecertificateerror.h"
41
42 #include "certificate_error_controller.h"
43
44 QT_BEGIN_NAMESPACE
45
46 /*!
47 \class QWebEngineCertificateError
48 \brief The QWebEngineCertificateError class provides information about a certificate error.
49 \since 5.4
50 \inmodule QtWebEngineWidgets
51
52 Provides information about a certificate error. This class is used as a parameter of
53 QWebEnginePage::certificateError().
54 */
55
56 class QWebEngineCertificateErrorPrivate : public QSharedData {
57 public:
58 QWebEngineCertificateErrorPrivate(int error, QUrl url, bool overridable, QString errorDescription);
59
~QWebEngineCertificateErrorPrivate()60 ~QWebEngineCertificateErrorPrivate() {
61 if (deferred && !answered)
62 rejectCertificate();
63 }
64
resolveError(bool accept)65 void resolveError(bool accept) {
66 if (answered)
67 return;
68 answered = true;
69 if (overridable) {
70 if (auto ctl = controller.lock())
71 ctl->accept(accept);
72 }
73 }
74
ignoreCertificateError()75 void ignoreCertificateError() { resolveError(true); }
rejectCertificate()76 void rejectCertificate() { resolveError(false); }
77
78 QWebEngineCertificateError::Error error;
79 QUrl url;
80 bool overridable;
81 QString errorDescription;
82 QList<QSslCertificate> certificateChain;
83
84 bool answered = false, deferred = false;
85 QWeakPointer<CertificateErrorController> controller;
86
87 Q_DISABLE_COPY(QWebEngineCertificateErrorPrivate)
88 };
89
QWebEngineCertificateErrorPrivate(int error,QUrl url,bool overridable,QString errorDescription)90 QWebEngineCertificateErrorPrivate::QWebEngineCertificateErrorPrivate(int error, QUrl url, bool overridable, QString errorDescription)
91 : error(QWebEngineCertificateError::Error(error))
92 , url(url)
93 , overridable(overridable)
94 , errorDescription(errorDescription)
95 { }
96
97 /*! \internal
98 */
QWebEngineCertificateError(int error,QUrl url,bool overridable,QString errorDescription)99 QWebEngineCertificateError::QWebEngineCertificateError(int error, QUrl url, bool overridable, QString errorDescription)
100 : d(new QWebEngineCertificateErrorPrivate(error, url, overridable, errorDescription))
101 { }
102
103 /*! \internal
104 */
QWebEngineCertificateError(const QSharedPointer<CertificateErrorController> & controller)105 QWebEngineCertificateError::QWebEngineCertificateError(const QSharedPointer<CertificateErrorController> &controller)
106 : d(new QWebEngineCertificateErrorPrivate(controller->error(), controller->url(),
107 controller->overridable(), controller->errorString()))
108 {
109 d->controller = controller;
110 d->certificateChain = controller->certificateChain();
111 }
112
113 QWebEngineCertificateError::QWebEngineCertificateError(const QWebEngineCertificateError &) = default;
114
115 QWebEngineCertificateError& QWebEngineCertificateError::operator=(const QWebEngineCertificateError &) = default;
116
117 /*! \internal
118 */
~QWebEngineCertificateError()119 QWebEngineCertificateError::~QWebEngineCertificateError()
120 {
121
122 }
123
124 /*!
125 \enum QWebEngineCertificateError::Error
126
127 This enum describes the type of certificate error encountered.
128
129 The values of this enum type match the SSL errors Chromium provides.
130 QSslError::SslError values are not used directly, because the Qt error
131 categories cannot be mapped to the Chromium error categories.
132
133 \value SslPinnedKeyNotInCertificateChain The certificate did not match the built-in public keys
134 pinned for the host name.
135 \value CertificateCommonNameInvalid The certificate's common name did not match the host name.
136 \value CertificateDateInvalid The certificate is not valid at the current date and time.
137 \value CertificateAuthorityInvalid The certificate is not signed by a trusted authority.
138 \value CertificateContainsErrors The certificate contains errors.
139 \value CertificateNoRevocationMechanism The certificate has no mechanism for determining if it has been revoked.
140 \value CertificateUnableToCheckRevocation Revocation information for the certificate is not available.
141 \value CertificateRevoked The certificate has been revoked.
142 \value CertificateInvalid The certificate is invalid.
143 \value CertificateWeakSignatureAlgorithm The certificate is signed using a weak signature algorithm.
144 \value CertificateNonUniqueName The host name specified in the certificate is not unique.
145 \value CertificateWeakKey The certificate contains a weak key.
146 \value CertificateNameConstraintViolation The certificate claimed DNS names that are in violation of name constraints.
147 \value CertificateValidityTooLong The certificate has a validity period that is too long. (Added in Qt 5.7)
148 \value CertificateTransparencyRequired Certificate Transparency was required for this connection, but the server
149 did not provide CT information that complied with the policy. (Added in Qt 5.8)
150 \value CertificateKnownInterceptionBlocked The certificate is known to be
151 used for interception by an entity other the device owner. (Added in
152 5.15)
153 */
154
155 /*!
156 Returns whether this error can be overridden and accepted.
157
158 \sa error(), errorDescription()
159 */
isOverridable() const160 bool QWebEngineCertificateError::isOverridable() const
161 {
162 return d->overridable;
163 }
164
165 /*!
166 Returns the URL that triggered the error.
167
168 \sa error(), errorDescription()
169 */
url() const170 QUrl QWebEngineCertificateError::url() const
171 {
172 return d->url;
173 }
174
175 /*!
176 Returns the type of the error.
177
178 \sa errorDescription(), isOverridable()
179 */
error() const180 QWebEngineCertificateError::Error QWebEngineCertificateError::error() const
181 {
182 return d->error;
183 }
184
185 /*!
186 Returns a short localized human-readable description of the error.
187
188 \sa error(), url(), isOverridable()
189 */
errorDescription() const190 QString QWebEngineCertificateError::errorDescription() const
191 {
192 return d->errorDescription;
193 }
194
195 /*!
196 \since 5.14
197
198 Marks the certificate error for delayed handling.
199
200 This function should be called when there is a need to postpone the decision whether to ignore a
201 certificate error, for example, while waiting for user input. When called, the function pauses the
202 URL request until ignoreCertificateError() or rejectCertificate() is called.
203
204 \note It is only possible to defer overridable certificate errors.
205
206 \sa isOverridable(), deferred()
207 */
defer()208 void QWebEngineCertificateError::defer()
209 {
210 if (isOverridable())
211 d->deferred = true;
212 }
213
214 /*!
215 \since 5.14
216
217 Returns whether the decision for error handling was delayed and the URL load was halted.
218 */
deferred() const219 bool QWebEngineCertificateError::deferred() const
220 {
221 return d->deferred;
222 }
223
224 /*!
225 \since 5.14
226
227 Ignores the certificate error and continues the loading of the requested URL.
228 */
ignoreCertificateError()229 void QWebEngineCertificateError::ignoreCertificateError()
230 {
231 d->ignoreCertificateError();
232 }
233
234 /*!
235 \since 5.14
236
237 Rejects the certificate and aborts the loading of the requested URL.
238 */
rejectCertificate()239 void QWebEngineCertificateError::rejectCertificate()
240 {
241 d->rejectCertificate();
242 }
243
244 /*!
245 \since 5.14
246
247 Returns \c true if the error was explicitly rejected or ignored.
248 */
answered() const249 bool QWebEngineCertificateError::answered() const
250 {
251 return d->answered;
252 }
253
254 /*!
255 \since 5.14
256
257 Returns the peer's chain of digital certificates.
258
259 Chain starts with the peer's immediate certificate and ending with the CA's certificate.
260 */
certificateChain() const261 QList<QSslCertificate> QWebEngineCertificateError::certificateChain() const
262 {
263 return d->certificateChain;
264 }
265
266 QT_END_NAMESPACE
267