Details
P2: Important Description
Errors that trigger QtWebEngine::certificateError doesn’t trigger loadFinished(false) signal. It seems to apply to most, if not all, certificate errors. Please confirm if this is an expected behavior.
Below are the analysis of this issue and a possible fix:
Looking at the code for qtwebengine\src\3rdparty\chromium\content\browser\ssl\ssl_policy.cc:
void SSLPolicy::OnCertError(SSLCertErrorHandler* handler) {
...
switch (handler->cert_error()) {
...
case net::ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN:
...
OnCertErrorInternal(handler, options_mask);
break;
...
}
}
void SSLPolicy::OnCertErrorInternal(SSLCertErrorHandler* handler,
int options_mask) {
...
CertificateRequestResultType result = CERTIFICATE_REQUEST_RESULT_TYPE_CONTINUE;
GetContentClient()->browser()->AllowCertificateError(...);
switch (result) {
case CERTIFICATE_REQUEST_RESULT_TYPE_CONTINUE:
break;
case CERTIFICATE_REQUEST_RESULT_TYPE_CANCEL:
handler->CancelRequest();
break;
case CERTIFICATE_REQUEST_RESULT_TYPE_DENY:
handler->DenyRequest();
break;
default:
NOTREACHED();
}
}
and then in qtwebengine\src\core\content_browser_client_qt.cpp:
void ContentBrowserClientQt::AllowCertificateError(..., content::CertificateRequestResultType* result)
{
// We leave the result with its default value.
Q_UNUSED(result);
...
}
This means that OnCertErrorInternal always sees `result` as CERTIFICATE_REQUEST_RESULT_TYPE_CONTINUE and never calls handler->CancelRequest() or handler->DenyRequest(). Changing the value of `result` in the debugger to CERTIFICATE_REQUEST_RESULT_TYPE_CANCEL, for example, does result in QWebEnginePagePrivate::loadFinished(...) being called in qtwebengine\src\webenginewidgets\api\qwebenginepage.cpp,