New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 779857 link

Starred by 2 users
Status: Started
Owner:
ortuno@chromium.org
Last visit > 30 days ago
Cc:
dominickn@chromium.org
bgalbs@google.com
pcovell@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Windows , Chrome , Mac
Pri: 1
Type: Feature

Blocked on:
issue 448486
issue 787989
Blocking:
issue 740783



Sign in to add a comment

desktop-pwas: Ask users to open the current site in Chrome if there is a problem with the site's certificate

Project Member Reported by ortuno@chromium.org, Oct 30 2017 
If there is an SSL error or mixed content is about to be loaded, ask the user to open the current app in a regular Browser window before proceeding. That way we can show more of our security UI.

Comment 1 by ortuno@chromium.org, Nov 22 2017

Blockedon: 787989
Project Member

Comment 2 by bugdroid1@chromium.org, Nov 28 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/edc8f6f4c5e7a5d90516b931bd7dddc9108d7c71

commit edc8f6f4c5e7a5d90516b931bd7dddc9108d7c71
Author: Giovanni Ortuño Urquidi <ortuno@chromium.org>
Date: Tue Nov 28 05:22:11 2017

desktop-pwas: When in an App window, SSL interstitials proceed to a browser tab

Desktop PWAs should not be allowed to run if there is a problem with
their certificate. So when users click proceed on an interstitial
we open a new tab in a regular Chrome window and proceed there.

To make transient interstitial tests work, this patch also changes
ProceedThroughInterstitial to use SendInterstitialCommand instead
of InterstitialPage::Proceed for non-committed interstitials.
Directly calling InterstitialPage::Proceed skips calling through
to SSLErrorControllerClient which is where the logic to open the
app window is.

Bug: 779857
Change-Id: If90a7f56076977b8cfaf5b3837a0a35c8dbe54cc
Reviewed-on: https://chromium-review.googlesource.com/786873
Reviewed-by: Emily Stark <estark@chromium.org>
Reviewed-by: Matt Giuca <mgiuca@chromium.org>
Commit-Queue: Giovanni Ortuño Urquidi <ortuno@chromium.org>
Cr-Commit-Position: refs/heads/master@{#519575}
[modify] https://crrev.com/edc8f6f4c5e7a5d90516b931bd7dddc9108d7c71/chrome/browser/ssl/ssl_browsertest.cc
[modify] https://crrev.com/edc8f6f4c5e7a5d90516b931bd7dddc9108d7c71/chrome/browser/ssl/ssl_error_controller_client.cc
Project Member

Comment 3 by bugdroid1@chromium.org, Feb 21 2018 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/ca30c84579095a6ef6fdd653527725621f0b32a3

commit ca30c84579095a6ef6fdd653527725621f0b32a3
Author: Giovanni Ortuño Urquidi <ortuno@chromium.org>
Date: Wed Feb 21 23:38:32 2018

content: Allow NavigationThrottles to specify a error page when canceling navigations

Plumb error page contents for canceled start requests, redirect
requests and responses. This allows Navigation Throttles to cancel a
navigation in WillStartRequest, WillRedirectRequest and
WillProcessResponse with a custom error page.

This CL is based on https://crrev.com/c/768930/10

Bug: 779857
Change-Id: I3d477993674f928cb61fb219c846f3db211d122c
Reviewed-on: https://chromium-review.googlesource.com/816457
Commit-Queue: Giovanni Ortuño Urquidi <ortuno@chromium.org>
Reviewed-by: Camille Lamy <clamy@chromium.org>
Reviewed-by: Emily Stark <estark@chromium.org>
Cr-Commit-Position: refs/heads/master@{#538255}
[modify] https://crrev.com/ca30c84579095a6ef6fdd653527725621f0b32a3/content/browser/frame_host/navigation_handle_impl_browsertest.cc
[modify] https://crrev.com/ca30c84579095a6ef6fdd653527725621f0b32a3/content/browser/frame_host/navigation_request.cc
[modify] https://crrev.com/ca30c84579095a6ef6fdd653527725621f0b32a3/content/browser/frame_host/navigation_request.h
[modify] https://crrev.com/ca30c84579095a6ef6fdd653527725621f0b32a3/content/public/browser/navigation_throttle.h
Project Member

Comment 4 by bugdroid1@chromium.org, Feb 27 2018 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/e4a680d8df7cc8831a83f4023aee57acc62784e0

commit e4a680d8df7cc8831a83f4023aee57acc62784e0
Author: Giovanni Ortuño Urquidi <ortuno@chromium.org>
Date: Tue Feb 27 03:42:37 2018

desktop-pwas: Always show an interstitial if in an app window

This covers the case where a user proceeded through an
interstitial in the past and then opened the app. In a regular tab,
we wouldn't show the interstitial but since Desktop PWAs always have
to be secure we show an interstitial.

Bug: 779857
Change-Id: I0efef48f38ef51d7e5016be07829971d44656e6c
Reviewed-on: https://chromium-review.googlesource.com/936922
Reviewed-by: Emily Stark <estark@chromium.org>
Commit-Queue: Giovanni Ortuño Urquidi <ortuno@chromium.org>
Cr-Commit-Position: refs/heads/master@{#539392}
[modify] https://crrev.com/e4a680d8df7cc8831a83f4023aee57acc62784e0/chrome/browser/ssl/ssl_browsertest.cc
[modify] https://crrev.com/e4a680d8df7cc8831a83f4023aee57acc62784e0/chrome/browser/ssl/ssl_error_navigation_throttle.cc
[modify] https://crrev.com/e4a680d8df7cc8831a83f4023aee57acc62784e0/chrome/browser/ssl/ssl_error_navigation_throttle.h

Comment 5 by mgiuca@chromium.org, Mar 26 2018

Labels: M-67

Comment 6 by mgiuca@chromium.org, Mar 27 2018

Labels: -Pri-3 Pri-1
Gio, is this done now (per the above 3 CLs)?

Bumping up to P1 since it's security UX. Please mark Fixed if done.

Comment 7 by ortuno@chromium.org, Mar 27 2018

Blockedon: 448486
This is blocked on 448486. I'll check with estark and see if they are still targeting 67. Otherwise we might have to work around some issues.

Comment 8 by ortuno@chromium.org, Mar 29 2018

Labels: -M-67
Removing label. We decided to just show the location bar for now. Once issue 448486 is fixed, this will also be fixed.

Sign in to add a comment