[EFL] Add API to query the validity of a frame's SSL certificate.
authorkubo@profusion.mobi <kubo@profusion.mobi@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 12 Dec 2011 18:18:57 +0000 (18:18 +0000)
committerkubo@profusion.mobi <kubo@profusion.mobi@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 12 Dec 2011 18:18:57 +0000 (18:18 +0000)
https://bugs.webkit.org/show_bug.cgi?id=74302

Reviewed by Gustavo Noronha Silva.

* ewk/ewk_frame.cpp:
(ewk_frame_certificate_status_get):
* ewk/ewk_frame.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@102601 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebKit/efl/ChangeLog
Source/WebKit/efl/ewk/ewk_frame.cpp
Source/WebKit/efl/ewk/ewk_frame.h

index 6bd21bda8dbabdce69b494288b53bf15cb06f4d3..a5fb80916bd2100d07d094180530d430d392f881 100644 (file)
@@ -1,3 +1,14 @@
+2011-12-12  Raphael Kubo da Costa  <kubo@profusion.mobi>
+
+        [EFL] Add API to query the validity of a frame's SSL certificate.
+        https://bugs.webkit.org/show_bug.cgi?id=74302
+
+        Reviewed by Gustavo Noronha Silva.
+
+        * ewk/ewk_frame.cpp:
+        (ewk_frame_certificate_status_get):
+        * ewk/ewk_frame.h:
+
 2011-12-12  Raphael Kubo da Costa  <kubo@profusion.mobi>
 
         [EFL] Add API to notify that mixed content has been loaded.
index 9bb523e4dedfb6923bb5ac7a5208f2b0cabc685f..f1e8328916bab699500a626616b1bcb8a72ee779 100644 (file)
@@ -24,6 +24,7 @@
 #include "config.h"
 #include "ewk_frame.h"
 
+#include "DocumentLoader.h"
 #include "DocumentMarkerController.h"
 #include "EventHandler.h"
 #include "FocusController.h"
@@ -1580,6 +1581,33 @@ Eina_Bool ewk_frame_mixed_content_run_get(const Evas_Object* ewkFrame)
     return smartData->hasRunMixedContent;
 }
 
+Ewk_Certificate_Status ewk_frame_certificate_status_get(Evas_Object* ewkFrame)
+{
+#if USE(SOUP)
+    EWK_FRAME_SD_GET_OR_RETURN(ewkFrame, smartData, EWK_CERTIFICATE_STATUS_NO_CERTIFICATE);
+    EINA_SAFETY_ON_NULL_RETURN_VAL(smartData->frame, EWK_CERTIFICATE_STATUS_NO_CERTIFICATE);
+
+    const WebCore::FrameLoader* frameLoader = smartData->frame->loader();
+    const WebCore::DocumentLoader* documentLoader = frameLoader->documentLoader();
+    const WebCore::KURL documentURL = documentLoader->requestURL();
+
+    if (!documentURL.protocolIs("https"))
+        return EWK_CERTIFICATE_STATUS_NO_CERTIFICATE;
+
+    if (frameLoader->subframeIsLoading())
+        return EWK_CERTIFICATE_STATUS_NO_CERTIFICATE;
+
+    SoupMessage* soupMessage = documentLoader->request().toSoupMessage();
+
+    if (soupMessage && (soup_message_get_flags(soupMessage) & SOUP_MESSAGE_CERTIFICATE_TRUSTED))
+        return EWK_CERTIFICATE_STATUS_TRUSTED;
+
+    return EWK_CERTIFICATE_STATUS_UNTRUSTED;
+#endif
+
+    return EWK_CERTIFICATE_STATUS_NO_CERTIFICATE;
+}
+
 /**
  * @internal
  * Reports uri changed and swap internal string reference.
index e3720ab5f87eb9e112ba310c03801622bd262128..0df8c51f59109d5fe61147f770335354b64c58dd 100644 (file)
@@ -176,6 +176,21 @@ typedef enum {
     EWK_TEXT_SELECTION_RANGE
 } Ewk_Text_Selection_Type;
 
+/**
+ * Represents the validity of a X.509 certificate related to the current frame.
+ *
+ * A certificate is considered untrusted when any problem is found in it: it may have
+ * expired, the certificate's Common Name does not match the current host, the certificate
+ * does not validate against the current set of root CA certificates etc.
+ *
+ * @sa ewk_frame_certificate_status_get, ewk_network_tls_ca_certificates_path_set
+ */
+typedef enum {
+    EWK_CERTIFICATE_STATUS_NO_CERTIFICATE = 1 << 1, /**< No certificate provided (non-HTTPS connection). */
+    EWK_CERTIFICATE_STATUS_UNTRUSTED = 1 << 2, /**< The certificate provided is not trusted. */
+    EWK_CERTIFICATE_STATUS_TRUSTED = 1 << 3 /**< The certificate is valid and fully trusted. */
+} Ewk_Certificate_Status;
+
 /**
  * Retrieves the ewk_view object that owns this frame.
  *
@@ -874,6 +889,11 @@ EAPI Eina_Bool ewk_frame_mixed_content_displayed_get(const Evas_Object *o);
  */
 EAPI Eina_Bool ewk_frame_mixed_content_run_get(const Evas_Object *o);
 
+/**
+ * Returns the validity of the X.509 certificate related to the current frame.
+ */
+EAPI Ewk_Certificate_Status ewk_frame_certificate_status_get(Evas_Object *o);
+
 #ifdef __cplusplus
 }
 #endif