ELECTRON-965 (Display warning dialog if certificate fails to verify Root CA or is not whitelisted) (#553)

* ELECTRON-965 - Display warning dialog if certificate fails to verify Root CA or is not whitelisted * ELECTRON-965 - Set ignoreAllCertErrors to false when main window loads
2025-02-25 18:55:29 -06:00 · 2019-01-23 16:37:06 +05:30
parent 87fbdab70d
commit 07c40fe8ec
7 changed files with 316 additions and 287 deletions
--- a/js/windowMgr.js
+++ b/js/windowMgr.js
@@ -70,6 +70,7 @@ const DEFAULT_HEIGHT = 600;

 // Certificate transparency whitelist
 let ctWhitelist = [];
+let ignoreAllCertErrors = false;

 /**
 * Adds a window key
@@ -342,6 +343,7 @@ function doCreateMainWindow(initialUrl, initialBounds, isCustomTitleBar) {
            const dialogContent = { type: 'error', title: i18n.getMessageFor('Permission Denied') + '!', message: fullMessage };
            mainWindow.webContents.send('is-screen-share-enabled', config.permissions.media, dialogContent);
        }
+        ignoreAllCertErrors = false;
    });

    mainWindow.webContents.on('did-fail-load', function (event, errorCode,
@@ -791,7 +793,28 @@ function doCreateMainWindow(initialUrl, initialBounds, isCustomTitleBar) {
            return callback(0);
        }

-        return callback(-2);
+        if (!ignoreAllCertErrors) {
+            const browserWin = electron.BrowserWindow.getFocusedWindow();
+            if (browserWin && !browserWin.isDestroyed()) {
+                const buttonId = electron.dialog.showMessageBox(browserWin, {
+                    type: 'warning',
+                    buttons: [ 'Allow', 'Deny', 'Ignore All' ],
+                    defaultId: 1,
+                    cancelId: 1,
+                    noLink: true,
+                    title: i18n.getMessageFor('Certificate Error'),
+                    message: `${i18n.getMessageFor('Certificate Error')}: ${i18n.getMessageFor('Cannot verify Root CA for the hostname')}: ${hostUrl}`,
+                });
+
+                if (buttonId === 2) {
+                    ignoreAllCertErrors = true;
+                }
+
+                return callback(buttonId === 1 ? -2 : 0);
+            }
+            return callback(-2);
+        }
+        return callback(0);
    }

 }