GNOME.org
 

[gnome-shell] portalHelper: Don't fail to load because of TLS errors

commit a76869216a6cf01ca909ae63d26041955e110e25
Author: Bastien Nocera <hadess hadess net>
Date:   Mon Feb 13 10:44:01 2017 +0100

    portalHelper: Don't fail to load because of TLS errors
    
    Accept self-signed and expired certificates as if we errored out, we
    couldn't access the network at all. Consider this insecure though.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=778253

 js/portalHelper/main.js |   15 ++++++++++++---
 1 files changed, 12 insertions(+), 3 deletions(-)
---
diff --git a/js/portalHelper/main.js b/js/portalHelper/main.js
index a322137..84eed57 100644
--- a/js/portalHelper/main.js
+++ b/js/portalHelper/main.js
@@ -146,13 +146,14 @@ const PortalWindow = new Lang.Class({
 
         let dataManager = new WebKit.WebsiteDataManager({ base_data_directory: cacheDir,
                                                           base_cache_directory: cacheDir });
-        let webContext = new WebKit.WebContext({ website_data_manager: dataManager });
-        webContext.set_cache_model(WebKit.CacheModel.DOCUMENT_VIEWER);
+        this._webContext = new WebKit.WebContext({ website_data_manager: dataManager });
+        this._webContext.set_cache_model(WebKit.CacheModel.DOCUMENT_VIEWER);
 
-        this._webView = WebKit.WebView.new_with_context(webContext);
+        this._webView = WebKit.WebView.new_with_context(this._webContext);
         this._webView.connect('decide-policy', Lang.bind(this, this._onDecidePolicy));
         this._webView.connect('load-changed', Lang.bind(this, this._onLoadChanged));
         this._webView.connect('insecure-content-detected', Lang.bind(this, this._onInsecureContentDetected));
+        this._webView.connect('load-failed-with-tls-errors', Lang.bind(this, 
this._onLoadFailedWithTlsErrors));
         this._webView.load_uri(url);
         this._webView.connect('notify::uri', Lang.bind(this, this._syncUri));
         this._syncUri();
@@ -210,6 +211,14 @@ const PortalWindow = new Lang.Class({
         this._headerBar.setSecurityIcon(PortalHelperSecurityLevel.INSECURE);
     },
 
+    _onLoadFailedWithTlsErrors: function (view, failingURI, certificate, errors) {
+        this._headerBar.setSecurityIcon(PortalHelperSecurityLevel.INSECURE);
+        let uri = new Soup.URI(failingURI);
+        this._webContext.allow_tls_certificate_for_host(certificate, uri.get_host());
+        this._webView.load_uri(failingURI);
+        return true;
+    },
+
     _onDecidePolicy: function(view, decision, type) {
         if (type == WebKit.PolicyDecisionType.NEW_WINDOW_ACTION) {
             decision.ignore();
[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]