7 files changed, 61 insertions, 11 deletions
diff --git a/WebKit/android/WebCoreSupport/FrameLoaderClientAndroid.cpp b/WebKit/android/WebCoreSupport/FrameLoaderClientAndroid.cpp
index a563c6a..4053e56 100644
--- a/WebKit/android/WebCoreSupport/FrameLoaderClientAndroid.cpp
+++ b/WebKit/android/WebCoreSupport/FrameLoaderClientAndroid.cpp
@@ -74,6 +74,7 @@
 #include "WebHistory.h"
 #include "WebIconDatabase.h"
 #include "WebFrameView.h"
+#include "WebViewClientError.h"
 #include "WebViewCore.h"
 #include "autofill/WebAutoFill.h"
 #include "android_graphics.h"
@@ -592,7 +593,7 @@ void FrameLoaderClientAndroid::setMainDocumentError(DocumentLoader* docLoader, c
         m_manualLoader = NULL;
         m_hasSentResponseToPlugin = false;
     } else {
-        if (!error.isNull() && error.errorCode() >= InternalErrorLast)
+        if (!error.isNull() && error.errorCode() >= InternalErrorLast && error.errorCode() != ERROR_OK)
             m_webFrame->reportError(error.errorCode(),
                     error.localizedDescription(), error.failingURL());
     }
diff --git a/WebKit/android/WebCoreSupport/WebRequest.cpp b/WebKit/android/WebCoreSupport/WebRequest.cpp
index 468a3cd..cd496df 100644
--- a/WebKit/android/WebCoreSupport/WebRequest.cpp
+++ b/WebKit/android/WebCoreSupport/WebRequest.cpp
@@ -318,12 +318,12 @@ void WebRequest::OnAuthRequired(URLRequest* request, net::AuthChallengeInfo* aut
             m_urlLoader.get(), &WebUrlLoaderClient::authRequired, authInfoPtr, firstTime));
 }
 
-// Called when we received an SSL certificate error. Right now, we only
-// set the appropriate error code. FIXME: the delegate should provide
+// Called when we received an SSL certificate error. The delegate will provide
 // the user the options to proceed, cancel, or view certificates.
 void WebRequest::OnSSLCertificateError(URLRequest* request, int cert_error, net::X509Certificate* cert)
 {
-    request->SimulateError(cert_error);
+    m_urlLoader->maybeCallOnMainThread(NewRunnableMethod(
+            m_urlLoader.get(), &WebUrlLoaderClient::reportSslCertError, cert_error, cert));
 }
 
 // After calling Start(), the delegate will receive an OnResponseStarted
@@ -370,6 +370,16 @@ void WebRequest::followDeferredRedirect()
     m_request->FollowDeferredRedirect();
 }
 
+void WebRequest::proceedSslCertError()
+{
+    m_request->ContinueDespiteLastError();
+}
+
+void WebRequest::cancelSslCertError(int cert_error)
+{
+    m_request->SimulateError(cert_error);
+}
+
 void WebRequest::startReading()
 {
     ASSERT(m_loadState == Response || m_loadState == GotData, "StartReading in state other than RESPONSE and GOTDATA");
diff --git a/WebKit/android/WebCoreSupport/WebRequest.h b/WebKit/android/WebCoreSupport/WebRequest.h
index c78546c..c3c5ec0 100644
--- a/WebKit/android/WebCoreSupport/WebRequest.h
+++ b/WebKit/android/WebCoreSupport/WebRequest.h
@@ -80,6 +80,8 @@ public:
     void setAuth(const string16& username, const string16& password);
     void cancelAuth();
     void followDeferredRedirect();
+    void proceedSslCertError();
+    void cancelSslCertError(int cert_error);
 
     const std::string& getUrl() const;
     const std::string& getUserAgent() const;
diff --git a/WebKit/android/WebCoreSupport/WebUrlLoaderClient.cpp b/WebKit/android/WebCoreSupport/WebUrlLoaderClient.cpp
index 50defc2..0d7981a 100644
--- a/WebKit/android/WebCoreSupport/WebUrlLoaderClient.cpp
+++ b/WebKit/android/WebCoreSupport/WebUrlLoaderClient.cpp
@@ -224,6 +224,25 @@ void WebUrlLoaderClient::cancelAuth()
     thread->message_loop()->PostTask(FROM_HERE, NewRunnableMethod(m_request.get(), &WebRequest::cancelAuth));
 }
 
+void WebUrlLoaderClient::proceedSslCertError()
+{
+    base::Thread* thread = ioThread();
+    if (!thread) {
+        return;
+    }
+    thread->message_loop()->PostTask(FROM_HERE, NewRunnableMethod(m_request.get(), &WebRequest::proceedSslCertError));
+}
+
+void WebUrlLoaderClient::cancelSslCertError(int cert_error)
+{
+    base::Thread* thread = ioThread();
+    if (!thread) {
+        return;
+    }
+    thread->message_loop()->PostTask(FROM_HERE, NewRunnableMethod(m_request.get(), &WebRequest::cancelSslCertError, cert_error));
+}
+
+
 void WebUrlLoaderClient::finish()
 {
     m_finished = true;
@@ -349,4 +368,12 @@ void WebUrlLoaderClient::authRequired(scoped_refptr<net::AuthChallengeInfo> auth
     m_webFrame->didReceiveAuthenticationChallenge(this, host, realm, firstTime);
 }
 
+void WebUrlLoaderClient::reportSslCertError(int cert_error, net::X509Certificate* cert)
+{
+    if (!isActive()) return;
+    std::vector<std::string> chain_bytes;
+    cert->GetChainDEREncodedBytes(&chain_bytes);
+    m_webFrame->reportSslCertError(this, cert_error, chain_bytes[0]);
+}
+
 } // namespace android
diff --git a/WebKit/android/WebCoreSupport/WebUrlLoaderClient.h b/WebKit/android/WebCoreSupport/WebUrlLoaderClient.h
index d69bea6..e5a4d8f 100644
--- a/WebKit/android/WebCoreSupport/WebUrlLoaderClient.h
+++ b/WebKit/android/WebCoreSupport/WebUrlLoaderClient.h
@@ -72,6 +72,8 @@ public:
     void pauseLoad(bool pause) {} // Android method, does nothing for now
     void setAuth(const std::string& username, const std::string& password);
     void cancelAuth();
+    void proceedSslCertError();
+    void cancelSslCertError(int cert_error);
 
     typedef void CallbackFunction(void*);
 
@@ -88,6 +90,7 @@ public:
     void didFail(PassOwnPtr<WebResponse>);
     void willSendRequest(PassOwnPtr<WebResponse>);
     void authRequired(scoped_refptr<net::AuthChallengeInfo>, bool firstTime);
+    void reportSslCertError(int cert_error, net::X509Certificate* cert);
 
     // Handle to the chrome IO thread
     static base::Thread* ioThread();
diff --git a/WebKit/android/WebCoreSupport/WebViewClientError.cpp b/WebKit/android/WebCoreSupport/WebViewClientError.cpp
index 9744efb..59542da 100644
--- a/WebKit/android/WebCoreSupport/WebViewClientError.cpp
+++ b/WebKit/android/WebCoreSupport/WebViewClientError.cpp
@@ -101,6 +101,17 @@ WebViewClientError ToWebViewClientError(net::Error error) {
         case ERR_SSL_SNAP_START_NPN_MISPREDICTION:
         case ERR_SSL_CLIENT_AUTH_PRIVATE_KEY_ACCESS_DENIED:
         case ERR_SSL_CLIENT_AUTH_CERT_NO_PRIVATE_KEY:
+            return ERROR_FAILED_SSL_HANDSHAKE;
+
+        case ERR_PROXY_AUTH_UNSUPPORTED:
+        case ERR_PROXY_AUTH_REQUESTED:
+        case ERR_PROXY_CONNECTION_FAILED:
+        case ERR_UNEXPECTED_PROXY_AUTH:
+            return ERROR_PROXY_AUTHENTICATION;
+
+        /* The certificate errors are handled by their own dialog
+         * and don't need to be reported to the framework again.
+         */
         case ERR_CERT_COMMON_NAME_INVALID:
         case ERR_CERT_DATE_INVALID:
         case ERR_CERT_AUTHORITY_INVALID:
@@ -111,13 +122,7 @@ WebViewClientError ToWebViewClientError(net::Error error) {
         case ERR_CERT_INVALID:
         case ERR_CERT_WEAK_SIGNATURE_ALGORITHM:
         case ERR_CERT_NOT_IN_DNS:
-            return ERROR_FAILED_SSL_HANDSHAKE;
-
-        case ERR_PROXY_AUTH_UNSUPPORTED:
-        case ERR_PROXY_AUTH_REQUESTED:
-        case ERR_PROXY_CONNECTION_FAILED:
-        case ERR_UNEXPECTED_PROXY_AUTH:
-            return ERROR_PROXY_AUTHENTICATION;
+            return ERROR_OK;
 
         default:
             return ERROR_UNKNOWN;
diff --git a/WebKit/android/WebCoreSupport/WebViewClientError.h b/WebKit/android/WebCoreSupport/WebViewClientError.h
index 847fb01..d274dc7 100644
--- a/WebKit/android/WebCoreSupport/WebViewClientError.h
+++ b/WebKit/android/WebCoreSupport/WebViewClientError.h
@@ -32,6 +32,8 @@ namespace android {
 
 // This enum must be kept in sync with WebViewClient.java
 enum WebViewClientError {
+    /** Success */
+    ERROR_OK = 0,
     /** Generic error */
     ERROR_UNKNOWN = -1,
     /** Server or proxy hostname lookup failed */