isa/gnome-shell
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

portalHelper: Don't fail to load because of TLS errors

Browse Source 
Accept self-signed and expired certificates as if we errored out, we
couldn't access the network at all. Consider this insecure though.

https://bugzilla.gnome.org/show_bug.cgi?id=778253
This commit is contained in:
Bastien Nocera 2017-02-13 10:44:01 +01:00
parent a9fd8bfa5e
commit a76869216a
1 changed files with 12 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
js/portalHelper/main.js
View File

@ -146,13 +146,14 @@ const PortalWindow = new Lang.Class({
let dataManager = new WebKit.WebsiteDataManager({ base_data_directory: cacheDir,
base_cache_directory: cacheDir });
let webContext = new WebKit.WebContext({ website_data_manager: dataManager });
webContext.set_cache_model(WebKit.CacheModel.DOCUMENT_VIEWER);
this._webContext = new WebKit.WebContext({ website_data_manager: dataManager });
this._webContext.set_cache_model(WebKit.CacheModel.DOCUMENT_VIEWER);
this._webView = WebKit.WebView.new_with_context(webContext);
this._webView = WebKit.WebView.new_with_context(this._webContext);
this._webView.connect('decide-policy', Lang.bind(this, this._onDecidePolicy));
this._webView.connect('load-changed', Lang.bind(this, this._onLoadChanged));
this._webView.connect('insecure-content-detected', Lang.bind(this, this._onInsecureContentDetected));
this._webView.connect('load-failed-with-tls-errors', Lang.bind(this, this._onLoadFailedWithTlsErrors));
this._webView.load_uri(url);
this._webView.connect('notify::uri', Lang.bind(this, this._syncUri));
this._syncUri();
@ -210,6 +211,14 @@ const PortalWindow = new Lang.Class({
this._headerBar.setSecurityIcon(PortalHelperSecurityLevel.INSECURE);
},
_onLoadFailedWithTlsErrors: function (view, failingURI, certificate, errors) {
this._headerBar.setSecurityIcon(PortalHelperSecurityLevel.INSECURE);
let uri = new Soup.URI(failingURI);
this._webContext.allow_tls_certificate_for_host(certificate, uri.get_host());
this._webView.load_uri(failingURI);
return true;
},
_onDecidePolicy: function(view, decision, type) {
if (type == WebKit.PolicyDecisionType.NEW_WINDOW_ACTION) {
decision.ignore();