1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
|
/* -*- Mode: Java; c-basic-offset: 4; tab-width: 20; indent-tabs-mode: nil; -*-
* vim: ts=4 sw=4 expandtab:
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
package org.mozilla.geckoview;
import android.annotation.SuppressLint;
import androidx.annotation.AnyThread;
import androidx.annotation.IntDef;
import androidx.annotation.Nullable;
import java.io.ByteArrayInputStream;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import org.mozilla.gecko.annotation.WrapForJNI;
import org.mozilla.gecko.util.XPCOMError;
/**
* WebRequestError is simply a container for error codes and categories used by {@link
* GeckoSession.NavigationDelegate#onLoadError(GeckoSession, String, WebRequestError)}.
*/
@AnyThread
public class WebRequestError extends Exception {
@Retention(RetentionPolicy.SOURCE)
@IntDef({
ERROR_CATEGORY_UNKNOWN,
ERROR_CATEGORY_SECURITY,
ERROR_CATEGORY_NETWORK,
ERROR_CATEGORY_CONTENT,
ERROR_CATEGORY_URI,
ERROR_CATEGORY_PROXY,
ERROR_CATEGORY_SAFEBROWSING
})
public @interface ErrorCategory {}
@Retention(RetentionPolicy.SOURCE)
@IntDef({
ERROR_UNKNOWN,
ERROR_SECURITY_SSL,
ERROR_SECURITY_BAD_CERT,
ERROR_NET_RESET,
ERROR_NET_INTERRUPT,
ERROR_NET_TIMEOUT,
ERROR_CONNECTION_REFUSED,
ERROR_UNKNOWN_PROTOCOL,
ERROR_UNKNOWN_HOST,
ERROR_UNKNOWN_SOCKET_TYPE,
ERROR_UNKNOWN_PROXY_HOST,
ERROR_MALFORMED_URI,
ERROR_REDIRECT_LOOP,
ERROR_SAFEBROWSING_PHISHING_URI,
ERROR_SAFEBROWSING_MALWARE_URI,
ERROR_SAFEBROWSING_UNWANTED_URI,
ERROR_SAFEBROWSING_HARMFUL_URI,
ERROR_CONTENT_CRASHED,
ERROR_OFFLINE,
ERROR_PORT_BLOCKED,
ERROR_PROXY_CONNECTION_REFUSED,
ERROR_FILE_NOT_FOUND,
ERROR_FILE_ACCESS_DENIED,
ERROR_INVALID_CONTENT_ENCODING,
ERROR_UNSAFE_CONTENT_TYPE,
ERROR_CORRUPTED_CONTENT,
ERROR_DATA_URI_TOO_LONG,
ERROR_HTTPS_ONLY,
ERROR_BAD_HSTS_CERT
})
public @interface Error {}
/**
* This is normally used for error codes that don't currently fit into any of the other
* categories.
*/
public static final int ERROR_CATEGORY_UNKNOWN = 0x1;
/** This is used for error codes that relate to SSL certificate validation. */
public static final int ERROR_CATEGORY_SECURITY = 0x2;
/** This is used for error codes relating to network problems. */
public static final int ERROR_CATEGORY_NETWORK = 0x3;
/** This is used for error codes relating to invalid or corrupt web pages. */
public static final int ERROR_CATEGORY_CONTENT = 0x4;
public static final int ERROR_CATEGORY_URI = 0x5;
public static final int ERROR_CATEGORY_PROXY = 0x6;
public static final int ERROR_CATEGORY_SAFEBROWSING = 0x7;
/** An unknown error occurred */
public static final int ERROR_UNKNOWN = 0x11;
// Security
/** This is used for a variety of SSL negotiation problems. */
public static final int ERROR_SECURITY_SSL = 0x22;
/** This is used to indicate an untrusted or otherwise invalid SSL certificate. */
public static final int ERROR_SECURITY_BAD_CERT = 0x32;
// Network
/** The network connection was interrupted. */
public static final int ERROR_NET_INTERRUPT = 0x23;
/** The network request timed out. */
public static final int ERROR_NET_TIMEOUT = 0x33;
/** The network request was refused by the server. */
public static final int ERROR_CONNECTION_REFUSED = 0x43;
/** The network request tried to use an unknown socket type. */
public static final int ERROR_UNKNOWN_SOCKET_TYPE = 0x53;
/** A redirect loop was detected. */
public static final int ERROR_REDIRECT_LOOP = 0x63;
/** This device does not have a network connection. */
public static final int ERROR_OFFLINE = 0x73;
/** The request tried to use a port that is blocked by either the OS or Gecko. */
public static final int ERROR_PORT_BLOCKED = 0x83;
/** The connection was reset. */
public static final int ERROR_NET_RESET = 0x93;
/**
* GeckoView could not connect to this website in HTTPS-only mode. Call
* document.reloadWithHttpsOnlyException() in the error page to temporarily disable HTTPS only
* mode for this request.
*
* <p>See also {@link GeckoSession.NavigationDelegate#onLoadError}
*/
public static final int ERROR_HTTPS_ONLY = 0xA3;
/**
* A certificate validation error occurred when connecting to a site that does not allow error
* overrides.
*/
public static final int ERROR_BAD_HSTS_CERT = 0xB3;
// Content
/** A content type was returned which was deemed unsafe. */
public static final int ERROR_UNSAFE_CONTENT_TYPE = 0x24;
/** The content returned was corrupted. */
public static final int ERROR_CORRUPTED_CONTENT = 0x34;
/** The content process crashed. */
public static final int ERROR_CONTENT_CRASHED = 0x44;
/** The content has an invalid encoding. */
public static final int ERROR_INVALID_CONTENT_ENCODING = 0x54;
// URI
/** The host could not be resolved. */
public static final int ERROR_UNKNOWN_HOST = 0x25;
/** An invalid URL was specified. */
public static final int ERROR_MALFORMED_URI = 0x35;
/** An unknown protocol was specified. */
public static final int ERROR_UNKNOWN_PROTOCOL = 0x45;
/** A file was not found (usually used for file:// URIs). */
public static final int ERROR_FILE_NOT_FOUND = 0x55;
/** The OS blocked access to a file. */
public static final int ERROR_FILE_ACCESS_DENIED = 0x65;
/** A data:// URI is too long to load at the top level. */
public static final int ERROR_DATA_URI_TOO_LONG = 0x75;
// Proxy
/** The proxy server refused the connection. */
public static final int ERROR_PROXY_CONNECTION_REFUSED = 0x26;
/** The host name of the proxy server could not be resolved. */
public static final int ERROR_UNKNOWN_PROXY_HOST = 0x36;
// Safebrowsing
/** The requested URI was present in the "malware" blocklist. */
public static final int ERROR_SAFEBROWSING_MALWARE_URI = 0x27;
/** The requested URI was present in the "unwanted" blocklist. */
public static final int ERROR_SAFEBROWSING_UNWANTED_URI = 0x37;
/** The requested URI was present in the "harmful" blocklist. */
public static final int ERROR_SAFEBROWSING_HARMFUL_URI = 0x47;
/** The requested URI was present in the "phishing" blocklist. */
public static final int ERROR_SAFEBROWSING_PHISHING_URI = 0x57;
/** The error code, e.g. {@link #ERROR_MALFORMED_URI}. */
public final int code;
/** The error category, e.g. {@link #ERROR_CATEGORY_URI}. */
public final int category;
/**
* The server certificate used. This can be useful if the error code is is e.g. {@link
* #ERROR_SECURITY_BAD_CERT}.
*/
public final @Nullable X509Certificate certificate;
/**
* Construct a new WebRequestError with the specified code and category.
*
* @param code An error code, e.g. {@link #ERROR_MALFORMED_URI}
* @param category An error category, e.g. {@link #ERROR_CATEGORY_URI}
*/
public WebRequestError(final @Error int code, final @ErrorCategory int category) {
this(code, category, null);
}
/**
* Construct a new WebRequestError with the specified code and category.
*
* @param code An error code, e.g. {@link #ERROR_MALFORMED_URI}
* @param category An error category, e.g. {@link #ERROR_CATEGORY_URI}
* @param certificate The X509Certificate server certificate used, if applicable.
*/
public WebRequestError(
final @Error int code, final @ErrorCategory int category, final X509Certificate certificate) {
super(String.format("Request failed, error=0x%x, category=0x%x", code, category));
this.code = code;
this.category = category;
this.certificate = certificate;
}
@Override
public boolean equals(final Object other) {
if (other == null || !(other instanceof WebRequestError)) {
return false;
}
final WebRequestError otherError = (WebRequestError) other;
// We don't compare the certificate here because it's almost never what you want.
return otherError.code == this.code && otherError.category == this.category;
}
@Override
public int hashCode() {
return Arrays.hashCode(new Object[] {category, code});
}
@WrapForJNI
/* package */ static WebRequestError fromGeckoError(
final long geckoError,
final int geckoErrorModule,
final int geckoErrorClass,
final byte[] certificateBytes) {
// XXX: the geckoErrorModule argument is redundant
assert geckoErrorModule == XPCOMError.getErrorModule(geckoError);
final int code = convertGeckoError(geckoError, geckoErrorClass);
final int category = getErrorCategory(XPCOMError.getErrorModule(geckoError), code);
X509Certificate certificate = null;
if (certificateBytes != null) {
try {
final CertificateFactory factory = CertificateFactory.getInstance("X.509");
certificate =
(X509Certificate)
factory.generateCertificate(new ByteArrayInputStream(certificateBytes));
} catch (final CertificateException e) {
throw new IllegalArgumentException("Unable to parse DER certificate");
}
}
return new WebRequestError(code, category, certificate);
}
@SuppressLint("WrongConstant")
@WrapForJNI
/* package */ static @ErrorCategory int getErrorCategory(
final long errorModule, final @Error int error) {
if (errorModule == XPCOMError.NS_ERROR_MODULE_SECURITY) {
return ERROR_CATEGORY_SECURITY;
}
return error & 0xF;
}
@WrapForJNI
/* package */ static @Error int convertGeckoError(
final long geckoError, final int geckoErrorClass) {
// safebrowsing
if (geckoError == XPCOMError.NS_ERROR_PHISHING_URI) {
return ERROR_SAFEBROWSING_PHISHING_URI;
}
if (geckoError == XPCOMError.NS_ERROR_MALWARE_URI) {
return ERROR_SAFEBROWSING_MALWARE_URI;
}
if (geckoError == XPCOMError.NS_ERROR_UNWANTED_URI) {
return ERROR_SAFEBROWSING_UNWANTED_URI;
}
if (geckoError == XPCOMError.NS_ERROR_HARMFUL_URI) {
return ERROR_SAFEBROWSING_HARMFUL_URI;
}
// content
if (geckoError == XPCOMError.NS_ERROR_CONTENT_CRASHED) {
return ERROR_CONTENT_CRASHED;
}
if (geckoError == XPCOMError.NS_ERROR_INVALID_CONTENT_ENCODING) {
return ERROR_INVALID_CONTENT_ENCODING;
}
if (geckoError == XPCOMError.NS_ERROR_UNSAFE_CONTENT_TYPE) {
return ERROR_UNSAFE_CONTENT_TYPE;
}
if (geckoError == XPCOMError.NS_ERROR_CORRUPTED_CONTENT) {
return ERROR_CORRUPTED_CONTENT;
}
// network
if (geckoError == XPCOMError.NS_ERROR_NET_RESET) {
return ERROR_NET_RESET;
}
if (geckoError == XPCOMError.NS_ERROR_NET_RESET) {
return ERROR_NET_INTERRUPT;
}
if (geckoError == XPCOMError.NS_ERROR_NET_TIMEOUT) {
return ERROR_NET_TIMEOUT;
}
if (geckoError == XPCOMError.NS_ERROR_CONNECTION_REFUSED) {
return ERROR_CONNECTION_REFUSED;
}
if (geckoError == XPCOMError.NS_ERROR_UNKNOWN_SOCKET_TYPE) {
return ERROR_UNKNOWN_SOCKET_TYPE;
}
if (geckoError == XPCOMError.NS_ERROR_REDIRECT_LOOP) {
return ERROR_REDIRECT_LOOP;
}
if (geckoError == XPCOMError.NS_ERROR_HTTPS_ONLY) {
return ERROR_HTTPS_ONLY;
}
if (geckoError == XPCOMError.NS_ERROR_BAD_HSTS_CERT) {
return ERROR_BAD_HSTS_CERT;
}
if (geckoError == XPCOMError.NS_ERROR_OFFLINE) {
return ERROR_OFFLINE;
}
if (geckoError == XPCOMError.NS_ERROR_PORT_ACCESS_NOT_ALLOWED) {
return ERROR_PORT_BLOCKED;
}
// uri
if (geckoError == XPCOMError.NS_ERROR_UNKNOWN_PROTOCOL) {
return ERROR_UNKNOWN_PROTOCOL;
}
if (geckoError == XPCOMError.NS_ERROR_UNKNOWN_HOST) {
return ERROR_UNKNOWN_HOST;
}
if (geckoError == XPCOMError.NS_ERROR_MALFORMED_URI) {
return ERROR_MALFORMED_URI;
}
if (geckoError == XPCOMError.NS_ERROR_FILE_NOT_FOUND) {
return ERROR_FILE_NOT_FOUND;
}
if (geckoError == XPCOMError.NS_ERROR_FILE_ACCESS_DENIED) {
return ERROR_FILE_ACCESS_DENIED;
}
// proxy
if (geckoError == XPCOMError.NS_ERROR_UNKNOWN_PROXY_HOST) {
return ERROR_UNKNOWN_PROXY_HOST;
}
if (geckoError == XPCOMError.NS_ERROR_PROXY_CONNECTION_REFUSED) {
return ERROR_PROXY_CONNECTION_REFUSED;
}
if (XPCOMError.getErrorModule(geckoError) == XPCOMError.NS_ERROR_MODULE_SECURITY) {
if (geckoErrorClass == 1) {
return ERROR_SECURITY_SSL;
}
if (geckoErrorClass == 2) {
return ERROR_SECURITY_BAD_CERT;
}
}
return ERROR_UNKNOWN;
}
}
|
