Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 4ab72cb7 authored by Brian Carlstrom's avatar Brian Carlstrom
Browse files

b/2511635 Browser displays incorrect SSL cert information 

WebView's mCertificate member was not cleared when going to new
pages. Rather than clearing mCertificate as was done in previously in
WebView.goBackOrForward, we now clear when CallbackProxy receives a
PAGE_STARTED message.

This problem was highlighted whenever we went to a https page that was
in the cache, since the cache does not store certificate information,
so "More > Page Info > View Certifcate" was showing the certificate of
the last non-cached page because it had not been cleared. See also
b/2516638 "SslCertificate information not cached by CacheManager"

Change-Id: I40284f22ceb7150a6b20ecc2741f6153ed9a3276
parent beb0c1b3

core/java/android/webkit/CallbackProxy.java

+7 −0
Original line number Diff line number Diff line
@@ -252,6 +252,13 @@ class CallbackProxy extends Handler { 
        // 32-bit reads and writes.

        switch (msg.what) {

            case PAGE_STARTED:

                // every time we start a new page, we want to reset the

                // WebView certificate:

                // if the new site is secure, we will reload it and get a

                // new certificate set;

                // if the new site is not secure, the certificate must be

                // null, and that will be the case

                mWebView.setCertificate(null);

                if (mWebViewClient != null) {

                    mWebViewClient.onPageStarted(mWebView,

                            msg.getData().getString("url"),

core/java/android/webkit/WebView.java

+0 −7
Original line number Diff line number Diff line
@@ -1608,13 +1608,6 @@ public class WebView extends AbsoluteLayout 
    }



    private void goBackOrForward(int steps, boolean ignoreSnapshot) {

        // every time we go back or forward, we want to reset the

        // WebView certificate:

        // if the new site is secure, we will reload it and get a

        // new certificate set;

        // if the new site is not secure, the certificate must be

        // null, and that will be the case

        mCertificate = null;

        if (steps != 0) {

            clearTextEntry(false);

            mWebViewCore.sendMessage(EventHub.GO_BACK_FORWARD, steps,