[Payment Request] Moves the check for secure context into a helper class

Also fixes a bug where non cryptographic URLs with a secure origin (e.g., Data URI) were being deemed as local and were not being caught. Bug: 602666 Change-Id: I1d017e47253ac3c60f3a9a178f5f3c525e801abb Reviewed-on: https://chromium-review.googlesource.com/590698Reviewed-by: Rouslan Solomakhin <rouslan@chromium.org> Commit-Queue: mahmadi <mahmadi@chromium.org> Cr-Commit-Position: refs/heads/master@{#490761}

[Payment Request] Moves the check for secure context into a helper class
Also fixes a bug where non cryptographic URLs with a secure origin (e.g., Data URI) were being deemed as local and were not being caught. Bug: 602666 Change-Id: I1d017e47253ac3c60f3a9a178f5f3c525e801abb Reviewed-on: https://chromium-review.googlesource.com/590698Reviewed-by: Rouslan Solomakhin <rouslan@chromium.org> Commit-Queue: mahmadi <mahmadi@chromium.org> Cr-Commit-Position: refs/heads/master@{#490761}
e468bd4e · Mohamad Ahmadi · Commit Bot · 38bca25e · e468bd4e · e468bd4e
Commit e468bd4e authored Jul 31, 2017 by Mohamad Ahmadi Committed by Commit Bot Jul 31, 2017
4 changed files
--- a/ios/chrome/browser/payments/BUILD.gn
+++ b/ios/chrome/browser/payments/BUILD.gn
@@ -15,6 +15,8 @@ source_set("payments") {
    "ios_payment_request_cache_factory.mm",
    "itunes_json_request.cc",
    "itunes_json_request.h",
+    "origin_security_checker.h",
+    "origin_security_checker.mm",
    "payment_request.h",
    "payment_request.mm",
    "payment_request_cache.h",
@@ -30,6 +32,7 @@ source_set("payments") {
    "//components/keyed_service/ios",
    "//components/payments/core",
    "//components/prefs",
+    "//components/security_state/core",
    "//components/signin/core/browser",
    "//components/strings:components_strings_grit",
    "//ios/chrome/browser",

--- a/ios/chrome/browser/payments/origin_security_checker.h
+++ b/ios/chrome/browser/payments/origin_security_checker.h
+// Copyright 2017 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef IOS_CHROME_BROWSER_PAYMENTS_ORIGIN_SECURITY_CHECKER_H_
+#define IOS_CHROME_BROWSER_PAYMENTS_ORIGIN_SECURITY_CHECKER_H_
+
+#include "base/macros.h"
+#include "components/security_state/core/security_state.h"
+
+class GURL;
+
+namespace payments {
+
+class OriginSecurityChecker {
+ public:
+  // Returns true for a valid |url| from a secure origin.
+  static bool IsOriginSecure(const GURL& url);
+
+  // Returns true for a valid |url| with a cryptographic scheme, e.g., HTTPS,
+  // HTTPS-SO, WSS.
+  static bool IsSchemeCryptographic(const GURL& url);
+
+  // Returns true for a valid |url| with localhost or file:// scheme origin.
+  static bool IsOriginLocalhostOrFile(const GURL& url);
+
+  // Returns true if the page has a valid SSL certificate. Only EV_SECURE,
+  // SECURE, and SECURE_WITH_POLICY_INSTALLED_CERT are considered valid for web
+  // payments.
+  static bool IsSSLCertificateValid(
+      const security_state::SecurityLevel security_level);
+
+ private:
+  DISALLOW_IMPLICIT_CONSTRUCTORS(OriginSecurityChecker);
+};
+
+}  // namespace payments
+
+#endif  // IOS_CHROME_BROWSER_PAYMENTS_ORIGIN_SECURITY_CHECKER_H_
--- a/ios/chrome/browser/payments/origin_security_checker.mm
+++ b/ios/chrome/browser/payments/origin_security_checker.mm
+// Copyright 2017 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "ios/chrome/browser/payments/origin_security_checker.h"
+
+#import "ios/web/public/origin_util.h"
+#include "net/base/url_util.h"
+#include "url/gurl.h"
+
+namespace payments {
+
+// static
+bool OriginSecurityChecker::IsOriginSecure(const GURL& url) {
+  return url.is_valid() && web::IsOriginSecure(url);
+}
+
+// static
+bool OriginSecurityChecker::IsSchemeCryptographic(const GURL& url) {
+  return url.is_valid() && url.SchemeIsCryptographic();
+}
+
+// static
+bool OriginSecurityChecker::IsOriginLocalhostOrFile(const GURL& url) {
+  return url.is_valid() &&
+         (net::IsLocalhost(url.HostNoBracketsPiece()) || url.SchemeIsFile());
+}
+
+// static
+bool OriginSecurityChecker::IsSSLCertificateValid(
+    const security_state::SecurityLevel security_level) {
+  return security_level == security_state::SECURE ||
+         security_level == security_state::EV_SECURE ||
+         security_level == security_state::SECURE_WITH_POLICY_INSTALLED_CERT;
+}
+
+}  // namespace payments
--- a/ios/chrome/browser/ui/payments/payment_request_manager.mm
+++ b/ios/chrome/browser/ui/payments/payment_request_manager.mm
@@ -13,6 +13,7 @@
 #include "base/ios/block_types.h"
 #include "base/ios/ios_util.h"
 #include "base/json/json_reader.h"
+#include "base/logging.h"
 #import "base/mac/bind_objc_block.h"
 #include "base/mac/foundation_util.h"
 #include "base/memory/ptr_util.h"
@@ -37,6 +38,7 @@
 #include "ios/chrome/browser/browser_state/chrome_browser_state.h"
 #include "ios/chrome/browser/payments/ios_can_make_payment_query_factory.h"
 #include "ios/chrome/browser/payments/ios_payment_request_cache_factory.h"
+#include "ios/chrome/browser/payments/origin_security_checker.h"
 #include "ios/chrome/browser/payments/payment_request.h"
 #import "ios/chrome/browser/payments/payment_request_cache.h"
 #import "ios/chrome/browser/payments/payment_response_helper.h"
@@ -686,27 +688,31 @@ struct PendingPaymentResponse {
    return NO;
  }

-  // Checks if the current page is a web view with HTML and that the
-  // origin is localhost, file://, or cryptographic.
-  if (!web::IsOriginSecure(_activeWebState->GetLastCommittedURL()) ||
-      !_activeWebState->ContentIsHTML()) {
+  if (!_activeWebState->ContentIsHTML()) {
+    DLOG(ERROR) << "Not a web view with HTML.";
    return NO;
  }

-  if (!_activeWebState->GetLastCommittedURL().SchemeIsCryptographic()) {
-    // The URL has a secure origin, but is not https, so it must be local.
-    // Return YES at this point, because localhost and filesystem URLS are
-    // considered secure regardless of scheme.
-    return YES;
+  const GURL lastCommittedURL = _activeWebState->GetLastCommittedURL();
+
+  if (!payments::OriginSecurityChecker::IsOriginSecure(lastCommittedURL)) {
+    DLOG(ERROR) << "Not in a secure origin.";
+    return NO;
+  }
+
+  if (!payments::OriginSecurityChecker::IsSchemeCryptographic(
+          lastCommittedURL) &&
+      !payments::OriginSecurityChecker::IsOriginLocalhostOrFile(
+          lastCommittedURL)) {
+    DLOG(ERROR) << "Not localhost, or with file or cryptographic scheme.";
+    return NO;
  }

-  // The following security level checks ensure that if the scheme is
-  // cryptographic then the SSL certificate is valid.
-  security_state::SecurityLevel securityLevel =
-      _toolbarModel->GetToolbarModel()->GetSecurityLevel(true);
-  return securityLevel == security_state::EV_SECURE ||
-         securityLevel == security_state::SECURE ||
-         securityLevel == security_state::SECURE_WITH_POLICY_INSTALLED_CERT;
+  // If the scheme is cryptographic, the SSL certificate must also be valid.
+  return !payments::OriginSecurityChecker::IsSchemeCryptographic(
+             lastCommittedURL) ||
+         payments::OriginSecurityChecker::IsSSLCertificateValid(
+             _toolbarModel->GetToolbarModel()->GetSecurityLevel(true));
 }

 #pragma mark - PaymentRequestUIDelegate