Frontend EV Certificate Changes #11776
Conversation
|
@sashaperigo do you need any assistance? 😄 Maybe I could help working on CSS/LESS. |
|
@luixxiul , @cezaraugusto |
|
Changes made according to muon change brave/muon@6c7c9ae |
| if (e.securityInfo.securityLevel === 'ev-secure') { | ||
| if (e.securityInfo.certificate && | ||
| e.securityInfo.certificate.organizationNames.length && | ||
| e.securityInfo.certificate.countryName) { |
There was a problem hiding this comment.
I think we shouldn't require countryName, since it's not a required field in EV certs according to https://cabforum.org/ev-certificate-contents/.
| @@ -682,15 +683,27 @@ class Frame extends React.Component { | |||
| isSecure = false | |||
| const parsedUrl = urlParse(this.props.location) | |||
| ipc.send(messages.CHECK_CERT_ERROR_ACCEPTED, parsedUrl.host, this.props.tabId) | |||
| } else if (['warning', 'passive-mixed-content'].includes(e.securityState)) { | |||
| } else if (e.securityState === 'warning' || | |||
There was a problem hiding this comment.
i think we can get rid of the check for 'warning' since it was removed in https://cs.chromium.org/chromium/src/third_party/WebKit/public/platform/WebSecurityStyle.h?q=kWebSecurityStyleNeutral&dr=CSs&l=11&rcl=ec1bba9ca0f2e6d210af6f93948708a95c406ce7&dlp=chromium&dlf=src/third_party/WebKit/public/platform/WebSecurityStyle.h&dlc=1c4d759e44259650dfb2c426a7f997d2d0bc73dc&dlr=3&dlgp=third_party/WebKit/public/platform/WebSecurityStyle.h&dlgr=chromium/chromium/src&drp=chromium&drf=src/third_party/WebKit/public/platform/WebSecurityStyle.h&drc=ec1bba9ca0f2e6d210af6f93948708a95c406ce7&drr=4&drgp=third_party/WebKit/public/platform/WebSecurityStyle.h&drgr=chromium/chromium/src
| @@ -624,6 +625,10 @@ const doAction = (action) => { | |||
| windowState = windowState.setIn(path.concat(['security', 'runInsecureContent']), | |||
| action.securityState.runInsecureContent) | |||
| } | |||
| if (action.securityState.evCert !== undefined) { | |||
There was a problem hiding this comment.
i think this defaults to null, not undefined: https://github.com/brave/browser-laptop/pull/11776/files#diff-c3c556f1ee31674844d6d0be95748d8eR677
There was a problem hiding this comment.
nvm, i guess this has to check for undefined so null can be used to clear previous values
|
my muon build process isn't working but the changes lgtm |
|
muon PR has been merged and will be available in 4.6.1 |
less/navigationBar.less
Outdated
| @@ -863,9 +864,9 @@ | |||
| align-items: center; | |||
| justify-content: center; | |||
| height: @urlbarFormHeight; | |||
| width: @urlbarFormHeight; | |||
| // width: @urlbarFormHeight; | |||
There was a problem hiding this comment.
if the width is not required, can we remove it instead of commenting it out?
There was a problem hiding this comment.
| // Passive mixed content should not upgrade an insecure connection to a | ||
| // partially-secure connection. It can only downgrade a secure | ||
| // connection. | ||
| isSecure = this.props.isSecure !== false ? 1 : false | ||
| isSecure = 1 |
There was a problem hiding this comment.
this code will actually never be reached because securityState is insecure when e.securityInfo.mixedContentStatus === 'content-status-displayed'. this is also an issue in 0.20.x - see #12742. i am fixing it
86c8c24 to
37b0969
Compare
|
pushed 37b0969 which removed commented property (#11776 (review)) and removed ev cert from titlemode (#11776 (review)) |
| @@ -481,7 +482,23 @@ class UrlBar extends React.Component { | |||
| return props | |||
| } | |||
|
|
|||
| get showEvCert () { | |||
| return !this.props.titleMode && <span className='evCert'> {this.props.evCert} </span> | |||
There was a problem hiding this comment.
this will return false if we are in titleMode. according to react docs (https://reactjs.org/docs/conditional-rendering.html#preventing-component-from-rendering), it should return null when an element isn't rendered.
There was a problem hiding this comment.
thanks changed in 97f689b via push -f
|
each new commit auto dismisses previous reviews please confirm if we're good to go now, thanks |
37b0969 to
97f689b
Compare
There was a problem hiding this comment.
i'd prefer #12743 be merged first since it's for an earlier milestone and these two PRs will conflict. otherwise lgtm.
|
rebased |
There was a problem hiding this comment.
since #12743 is merged and this is rebased I'm merging, thanks all
Frontend EV Certificate Changes
Require: brave/muon#377
Fixes #791
Work in progress PR for the frontend EV certificate changes. Still needs lots of work on the CSS end!
Submitter Checklist:
git rebase -ito squash commits (if needed).Test Plan:
Updated relevant unit tests.
GitHub, Inc. [US]displayed in URL bar(organization name + country code)
Reviewer Checklist:
Tests