New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 736753 link

Starred by 2 users
Status: Fixed
Owner:
amp@chromium.org
Last visit > 30 days ago
Closed: Jun 2017
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 2
Type: Bug
Proj-VR
Proj-XR
Proj-XR-VR



Sign in to add a comment

VR browser should handle HTTPS server requests for client certificates

Project Member Reported by cjgrant@chromium.org, Jun 26 2017 
While reviewing VR BBB, estark@ raised the following point concern:

"HTTPS servers can request that the client provide a certificate of its own, which will trigger a certificate selection dialog in the browser. (Client certs are very rarely used in the wild though.)

I believe that if the dialog doesn't show up, the connection would just hang waiting for a client cert, so it should probably bail out of VR mode in this case?"

This bug tracks investigating whether it's feasible to bail out, or possibly just NAK the request in some way.

Comment 1 by ddorwin@chromium.org, Jun 26 2017

Labels: VR-BBB

Comment 2 by ddorwin@chromium.org, Jun 26 2017 

Once we have a test page for this, please add it to issue 732901.

Comment 3 by amp@chromium.org, Jun 29 2017

Owner: amp@chromium.org
Status: Started (was: Available)
I'll take this.  I don't think we'll be able to get by with just a test page though, we'll need a server to make the proper ssl calls.

Comment 4 by amp@chromium.org, Jun 29 2017 

Using https://www.bennish.net/certs/ as a test site for now (commented on issue 732901 as well).

Change to suppress the dialog is up in https://chromium-review.googlesource.com/c/557199/

Re bailing out of VR, the change above properly let's the calling code know that no cert is coming (the same as if the user dismissed the dialog) and so it doesn't hang waiting.  I think this is preferable to bailing.

We should also make sure this gets tracked for re-enabling in  issue 736568
Project Member

Comment 5 by bugdroid1@chromium.org, Jun 30 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/d4082a82957cc3522a48b9fc6547afa969990e63

commit d4082a82957cc3522a48b9fc6547afa969990e63
Author: Adam Parker <amp@chromium.org>
Date: Fri Jun 30 17:33:32 2017

[VrShell] Suppress ssl client certificate selection in VR.

This suppresses the selection pop up and returns a null cert back to the
caller so that to the server it looks like no certificate was selected.

Bug:  736753 
Change-Id: I780370f8463da578f49918c321c9d47023a4d6dc
Reviewed-on: https://chromium-review.googlesource.com/557199
Reviewed-by: Ted Choc <tedchoc@chromium.org>
Reviewed-by: Amirhossein Simjour <asimjour@chromium.org>
Commit-Queue: Adam Parker <amp@chromium.org>
Cr-Commit-Position: refs/heads/master@{#483742}
[modify] https://crrev.com/d4082a82957cc3522a48b9fc6547afa969990e63/chrome/browser/ui/android/ssl_client_certificate_request.cc

Comment 6 by amp@chromium.org, Jun 30 2017

Status: Fixed (was: Started)

Sign in to add a comment