Merge branch 'webrequest_additions' of git://github.com/TcT2k/wxWidgets

wxWebRequest improvements: add DisablePeerVerify(), improve documentation. See https://github.com/wxWidgets/wxWidgets/pull/2175
2021-01-21 00:44:37 +01:00
parent e7ff76d762 4727693584
commit 7911fdc253
10 changed files with 99 additions and 3 deletions
--- a/docs/doxygen/mainpages/samples.h
+++ b/docs/doxygen/mainpages/samples.h
@@ -902,6 +902,15 @@ archives.
@sampledir{webview}
@section page_samples_webrequest Web Request Sample
 This sample demonstrates the various capabilities of the
 wxWebRequest class. It shows how to handle simple text HTTP and HTTPS requests,
 downloading files, showing download progress and processing downloaded
 data while it's being downloaded.
@sampledir{webrequest}
@section page_samples_widgets Widgets Sample
 The widgets sample is the main presentation program for most simple and advanced
@@ -962,4 +971,3 @@ other resources. From its menu or toolbar you can then run the following dialogs
@sampledir{xrc}
 */
--- a/include/wx/private/webrequest.h
+++ b/include/wx/private/webrequest.h
@@ -96,6 +96,10 @@ public:
    virtual wxWebRequestHandle GetNativeHandle() const = 0;
    void DisablePeerVerify(bool disable) { m_peerVerifyDisabled = disable; }
    bool IsPeerVerifyDisabled() const { return m_peerVerifyDisabled; }
    void SetState(wxWebRequest::State state, const wxString& failMsg = wxString());
    void ReportDataReceived(size_t sizeReceived);
@@ -110,6 +114,7 @@ protected:
    wxWebRequestHeaderMap m_headers;
    wxFileOffset m_dataSize;
    wxScopedPtr<wxInputStream> m_dataStream;
    bool m_peerVerifyDisabled;
    wxWebRequestImpl(wxWebSession& session,
                     wxWebSessionImpl& sessionImpl,
--- a/include/wx/webrequest.h
+++ b/include/wx/webrequest.h
@@ -188,6 +188,10 @@ public:
    wxWebRequestHandle GetNativeHandle() const;
    void DisablePeerVerify(bool disable = true);
    bool IsPeerVerifyDisabled() const;
 private:
    // Ctor is only used by wxWebSession.
    friend class wxWebSession;
--- a/interface/wx/protocol/http.h
+++ b/interface/wx/protocol/http.h
@@ -12,6 +12,9 @@
    wxHTTP can thus be used to create a (basic) HTTP @b client.
    @note In practice, for any but the most trivial cases, e.g. if you need HTTPS, HTTP/2 or IPv6,
            proxy detection, authentication, etc. support please use wxWebRequest instead.
    @library{wxnet}
    @category{net}
@@ -173,4 +176,3 @@ public:
                     const wxString& data,
                     const wxMBConv& conv = wxConvUTF8);
 };
--- a/interface/wx/webrequest.h
+++ b/interface/wx/webrequest.h
@@ -61,6 +61,14 @@
        request.Start();
    @endcode
    @section apple_http macOS and iOS App Transport Security
    Starting with macOS 10.11 and iOS 9 an application cannot create unsecure
    connections (this includes HTTP and unverified HTTPS). You have to include
    additional fields in your Info.plist to enable such connections.
    For further details see the documentation on NSAppTransportSecurity
    <a target=_new href="https://developer.apple.com/documentation/bundleresources/information_property_list/nsapptransportsecurity">here</a>
    @section descriptions Implementation Descriptions
    The following APIs are used per platform, additional details
@@ -391,6 +399,22 @@ public:
        server.
    */
    void SetStorage(Storage storage);
    /**
        Disable SSL certificate verification.
        This can be used to connect to self signed servers or other invalid
        SSL connections. Disabling verification makes the communication
        insecure.
    */
    void DisablePeerVerify(bool disable = true);
    /**
        Returns if peer verification has been disabled.
        @see DisablePeerVerify()
    */
    bool IsPeerVerifyDisabled() const;
    ///@}
    /** @name Progress methods
--- a/src/common/webrequest.cpp
+++ b/src/common/webrequest.cpp
@@ -62,6 +62,7 @@ wxWebRequestImpl::wxWebRequestImpl(wxWebSession& session,
    : m_storage(wxWebRequest::Storage_Memory),
      m_headers(sessionImpl.GetHeaders()),
      m_dataSize(0),
      m_peerVerifyDisabled(false),
      m_session(session),
      m_handler(handler),
      m_id(id),
@@ -516,6 +517,18 @@ wxWebRequestHandle wxWebRequest::GetNativeHandle() const
    return m_impl ? m_impl->GetNativeHandle() : NULL;
 }
 void wxWebRequest::DisablePeerVerify(bool disable)
 {
    m_impl->DisablePeerVerify(disable);
 }
 bool wxWebRequest::IsPeerVerifyDisabled() const
 {
    return m_impl->IsPeerVerifyDisabled();
 }
 //
 // wxWebAuthChallenge
--- a/src/common/webrequest_curl.cpp
+++ b/src/common/webrequest_curl.cpp
@@ -247,6 +247,9 @@ void wxWebRequestCURL::Start()
    }
    curl_easy_setopt(m_handle, CURLOPT_HTTPHEADER, m_headerList);
    if ( IsPeerVerifyDisabled() )
        curl_easy_setopt(m_handle, CURLOPT_SSL_VERIFYPEER, 0);
    StartRequest();
 }
@@ -468,7 +471,7 @@ wxThread::ExitCode wxWebSessionCURL::Entry()
    {
        // Handle cancelled requests
        {
-            wxCriticalSectionLocker lock(m_cancelled.cs);
+            wxCriticalSectionLocker cancelledLock(m_cancelled.cs);
            while ( !m_cancelled.requests.empty() )
            {
                wxObjectDataPtr<wxWebRequestCURL> request(m_cancelled.requests.back());
--- a/src/msw/webrequest_winhttp.cpp
+++ b/src/msw/webrequest_winhttp.cpp
@@ -364,6 +364,16 @@ void wxWebRequestWinHTTP::Start()
        return;
    }
    if ( IsPeerVerifyDisabled() )
    {
        wxWinHTTPSetOption(m_request, WINHTTP_OPTION_SECURITY_FLAGS,
            SECURITY_FLAG_IGNORE_CERT_CN_INVALID |
            SECURITY_FLAG_IGNORE_CERT_DATE_INVALID |
            SECURITY_FLAG_IGNORE_UNKNOWN_CA |
            SECURITY_FLAG_IGNORE_CERT_WRONG_USAGE
        );
    }
    SendRequest();
 }
--- a/src/osx/webrequest_urlsession.mm
+++ b/src/osx/webrequest_urlsession.mm
@@ -150,6 +150,12 @@
            *request
        ));
    }
    else if ( authMethod == NSURLAuthenticationMethodServerTrust )
    {
        if (request->IsPeerVerifyDisabled())
            completionHandler(NSURLSessionAuthChallengeUseCredential,
                              [NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust]);
    }
    completionHandler(NSURLSessionAuthChallengePerformDefaultHandling, nil);
 }
--- a/tests/net/webrequest.cpp
+++ b/tests/net/webrequest.cpp
@@ -262,6 +262,27 @@ TEST_CASE_METHOD(RequestFixture,
    Run(wxWebRequest::State_Failed, 0);
 }
 TEST_CASE_METHOD(RequestFixture,
    "WebRequest::SSL::Error", "[net][webrequest][error]")
 {
    if (!InitBaseURL())
        return;
    CreateAbs("https://self-signed.badssl.com/");
    Run(wxWebRequest::State_Failed, 0);
 }
 TEST_CASE_METHOD(RequestFixture,
    "WebRequest::SSL::Ignore", "[net][webrequest]")
 {
    if (!InitBaseURL())
        return;
    CreateAbs("https://self-signed.badssl.com/");
    request.DisablePeerVerify();
    Run(wxWebRequest::State_Completed, 200);
 }
 TEST_CASE_METHOD(RequestFixture,
                 "WebRequest::Post", "[net][webrequest]")
 {