chrome/app/generated_resources.grd - Issue 15137010: Don't tell people they can import their own roots on iOS.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: chrome/app/generated_resources.grd

Issue 15137010: Don't tell people they can import their own roots on iOS. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Update the grit whitelist too. Created 7 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

Download patch

Index: chrome/app/generated_resources.grd

diff --git a/chrome/app/generated_resources.grd b/chrome/app/generated_resources.grd

index c59cb19454ff5f70f4512c552328ffffb2615d8c..747467610e1f3fad15bf86d554e8b54ce6440354 100644

--- a/chrome/app/generated_resources.grd

+++ b/chrome/app/generated_resources.grd

@@ -3357,6 +3357,8 @@ Psst! Incognito mode <ph name="SHORTCUT_KEY">$1<ex>(Ctrl+Shift+N)</ex></ph> may

In this case, the certificate has not been verified by a third party that your mobile device trusts. Anyone can create a certificate claiming to be whatever website they choose, which is why it must be verified by a trusted third party. Without that verification, the identity information in the certificate is meaningless. It is therefore not possible to verify that you are communicating with <ph name="DOMAIN"><strong>$1<ex>paypal.com</ex></strong></ph> instead of an attacker who generated his own certificate claiming to be <ph name="DOMAIN2"><strong>$2<ex>paypal.com</ex></strong></ph>. You should not proceed past this point.

</message>

+ </if>

+ <if expr="pp_ifdef('android')">

If, however, you work in an organization that generates its own certificates, and you are trying to connect to an internal website of that organization using such a certificate, you may be able to solve this problem securely. You can import your organization's root certificate as a "root certificate", and then certificates issued or verified by your organization will be trusted and you will not see this error next time you try to connect to an internal website. Contact your organization's help staff for assistance in adding a new root certificate to your mobile device.

</message>

« no previous file with comments | « build/ios/grit_whitelist.txt ('k') | chrome/browser/ssl/ssl_error_info.cc » ('j') | no next file with comments »