Merge "Fix BrowserFrame to construct SslError using the full URL, rather than the host"

3 files changed, 24 insertions, 13 deletions

diff --git a/core/java/android/net/http/SslError.java b/core/java/android/net/http/SslError.java
index 68a1dc3..5998f5f 100644
--- a/core/java/android/net/http/SslError.java
+++ b/core/java/android/net/http/SslError.java
@@ -163,10 +163,6 @@ public class SslError {
      * Gets the URL associated with this object.
      * @return The URL, non-null.
      */
-    // TODO: When the WebView constructs an instance of this object, we
-    // actually provide only the hostname, not the full URL. We should consider
-    // deprecating this method, adding a new getHost() method and updating the
-    // constructor arguments. See http://b/5410252.
     public String getUrl() {
         return mUrl;
     }
diff --git a/core/java/android/webkit/BrowserFrame.java b/core/java/android/webkit/BrowserFrame.java
index 28f54aa..c107aeb 100644
--- a/core/java/android/webkit/BrowserFrame.java
+++ b/core/java/android/webkit/BrowserFrame.java
@@ -43,7 +43,6 @@ import junit.framework.Assert;
 import java.io.IOException;
 import java.io.InputStream;
 import java.lang.ref.WeakReference;
-import java.net.URL;
 import java.net.URLEncoder;
 import java.nio.charset.Charsets;
 import java.security.PrivateKey;
@@ -1171,12 +1170,7 @@ class BrowserFrame extends Handler {
         try {
             X509Certificate cert = new X509CertImpl(certDER);
             SslCertificate sslCert = new SslCertificate(cert);
-            if (JniUtil.useChromiumHttpStack()) {
-                sslError = SslError.SslErrorFromChromiumErrorCode(certError, sslCert,
-                        new URL(url).getHost());
-            } else {
-                sslError = new SslError(certError, cert, url);
-            }
+            sslError = SslError.SslErrorFromChromiumErrorCode(certError, sslCert, url);
         } catch (IOException e) {
             // Can't get the certificate, not much to do.
             Log.e(LOGTAG, "Can't get the certificate from WebKit, canceling");
diff --git a/core/java/android/webkit/SslCertLookupTable.java b/core/java/android/webkit/SslCertLookupTable.java
index 052244f..06d54be 100644
--- a/core/java/android/webkit/SslCertLookupTable.java
+++ b/core/java/android/webkit/SslCertLookupTable.java
@@ -19,6 +19,9 @@ package android.webkit;
 import android.os.Bundle;
 import android.net.http.SslError;
 
+import java.net.MalformedURLException;
+import java.net.URL;
+
 /**
  * Stores the user's decision of whether to allow or deny an invalid certificate.
  *
@@ -40,14 +43,32 @@ final class SslCertLookupTable {
     }
 
     public void setIsAllowed(SslError sslError, boolean allow) {
-        table.putBoolean(sslError.toString(), allow);
+        // TODO: We should key on just the host. See http://b/5409251.
+        String errorString = sslErrorToString(sslError);
+        if (errorString != null) {
+            table.putBoolean(errorString, allow);
+        }
     }
 
     public boolean isAllowed(SslError sslError) {
-        return table.getBoolean(sslError.toString());
+        // TODO: We should key on just the host. See http://b/5409251.
+        String errorString = sslErrorToString(sslError);
+        return errorString == null ? false : table.getBoolean(errorString);
     }
 
     public void clear() {
         table.clear();
     }
+
+    private static String sslErrorToString(SslError error) {
+        String host;
+        try {
+            host = new URL(error.getUrl()).getHost();
+        } catch(MalformedURLException e) {
+            return null;
+        }
+        return "primary error: " + error.getPrimaryError() +
+                " certificate: " + error.getCertificate() +
+                " on host: " + host;
+    }
 }