-
Colin Blundell authored
With this CL, WebLayer now shares the logic of when to allow users to proceed past security interstitials with Chrome rather than using its previous custom implementation. I verified manually that proceeding past an SSL interstitial still works as expected in WebLayer on Android and Linux. There are potential behavioral differences, as the logic of the previous custom implementation was simpler than that of ChromeSSLHostStateDelegate. However, any such behavioral differences should simply be bringing WebLayer's behavior in line with Chrome's behavior here, and hence should be a Good Thing from a security UX POV. This CL also opens the possibility of tracking metrics for recurrent errors in WebLayer, as ChromeSSLHostStateDelegate exposes the necessary functionality. However, this CL does not make any changes there. Making those changes would be a matter of porting the //chrome-level callsites of ChromeSSLHostStateDelegate::HasSeenRecurrentErrors() to //weblayer (or figuring out how to share them). Bug: 1030692 Change-Id: I21fcc417bbbaf7574fabbf27d64ebf07dbceae9d Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2064393 Commit-Queue: Colin Blundell <blundell@chromium.org> Reviewed-by:
Carlos IL <carlosil@chromium.org> Cr-Commit-Position: refs/heads/master@{#743897}
b4ac4494
