Chromium Code Reviews Chromium Code Reviews
Issue 200033:
Update the Strict-Transport-Security grammar to match the spec. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2009 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2009 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/base/strict_transport_security_state.h" | 5 #include "net/base/strict_transport_security_state.h" |
| 6 | 6 |
| 7 #include "base/json_reader.h" | 7 #include "base/json_reader.h" |
| 8 #include "base/json_writer.h" | 8 #include "base/json_writer.h" |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/scoped_ptr.h" | 10 #include "base/scoped_ptr.h" |
| (...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 58 base::Time current_time(base::Time::Now()); | 58 base::Time current_time(base::Time::Now()); |
| 59 if (current_time > i->second.expiry) { | 59 if (current_time > i->second.expiry) { |
| 60 enabled_hosts_.erase(i); | 60 enabled_hosts_.erase(i); |
| 61 DirtyNotify(); | 61 DirtyNotify(); |
| 62 return false; | 62 return false; |
| 63 } | 63 } |
| 64 | 64 |
| 65 return true; | 65 return true; |
| 66 } | 66 } |
| 67 | 67 |
| 68 // "X-Force-TLS" ":" "max-age" "=" delta-seconds *1INCLUDESUBDOMAINS | 68 // "Strict-Transport-Security" ":" |
| 69 // INCLUDESUBDOMAINS = [ " includeSubDomains" ] | 69 // "max-age" "=" delta-seconds [ ";" "includeSubDomains" ] |
| 70 bool StrictTransportSecurityState::ParseHeader(const std::string& value, | 70 bool StrictTransportSecurityState::ParseHeader(const std::string& value, |
| 71 int* max_age, | 71 int* max_age, |
| 72 bool* include_subdomains) { | 72 bool* include_subdomains) { |
| 73 DCHECK(max_age); | 73 DCHECK(max_age); |
| 74 DCHECK(include_subdomains); | 74 DCHECK(include_subdomains); |
| 75 | 75 |
| 76 int max_age_candidate; | 76 int max_age_candidate; |
| 77 | 77 |
| 78 enum ParserState { | 78 enum ParserState { |
| 79 START, | 79 START, |
| 80 AFTER_MAX_AGE_LABEL, | 80 AFTER_MAX_AGE_LABEL, |
| 81 AFTER_MAX_AGE_EQUALS, | 81 AFTER_MAX_AGE_EQUALS, |
| 82 AFTER_MAX_AGE, | 82 AFTER_MAX_AGE, |
| 83 AFTER_MAX_AGE_INCLUDE_SUB_DOMAINS_DELIMITER, | 83 AFTER_MAX_AGE_INCLUDE_SUB_DOMAINS_DELIMITER, |
| 84 AFTER_INCLUDE_SUBDOMAINS, | 84 AFTER_INCLUDE_SUBDOMAINS, |
| 85 } state = START; | 85 } state = START; |
| 86 | 86 |
| 87 StringTokenizer tokenizer(value, " ="); | 87 StringTokenizer tokenizer(value, " \t=;"); |
|
agl
2009/09/08 17:11:41
:( HTTP is such a terrible protocol
| |
| 88 tokenizer.set_options(StringTokenizer::RETURN_DELIMS); | 88 tokenizer.set_options(StringTokenizer::RETURN_DELIMS); |
| 89 while (tokenizer.GetNext()) { | 89 while (tokenizer.GetNext()) { |
| 90 DCHECK(!tokenizer.token_is_delim() || tokenizer.token().length() == 1); | 90 DCHECK(!tokenizer.token_is_delim() || tokenizer.token().length() == 1); |
| 91 DCHECK(tokenizer.token_is_delim() || *tokenizer.token_begin() != ' '); | |
| 92 switch (state) { | 91 switch (state) { |
| 93 case START: | 92 case START: |
| 94 if (*tokenizer.token_begin() == ' ') | 93 if (IsAsciiWhitespace(*tokenizer.token_begin())) |
| 95 continue; | 94 continue; |
| 96 if (!LowerCaseEqualsASCII(tokenizer.token(), "max-age")) | 95 if (!LowerCaseEqualsASCII(tokenizer.token(), "max-age")) |
| 97 return false; | 96 return false; |
| 98 state = AFTER_MAX_AGE_LABEL; | 97 state = AFTER_MAX_AGE_LABEL; |
| 99 break; | 98 break; |
| 100 | 99 |
| 101 case AFTER_MAX_AGE_LABEL: | 100 case AFTER_MAX_AGE_LABEL: |
| 102 if (*tokenizer.token_begin() == ' ') | 101 if (IsAsciiWhitespace(*tokenizer.token_begin())) |
| 103 continue; | 102 continue; |
| 104 if (*tokenizer.token_begin() != '=') | 103 if (*tokenizer.token_begin() != '=') |
| 105 return false; | 104 return false; |
| 106 DCHECK(tokenizer.token().length() == 1); | 105 DCHECK(tokenizer.token().length() == 1); |
| 107 state = AFTER_MAX_AGE_EQUALS; | 106 state = AFTER_MAX_AGE_EQUALS; |
| 108 break; | 107 break; |
| 109 | 108 |
| 110 case AFTER_MAX_AGE_EQUALS: | 109 case AFTER_MAX_AGE_EQUALS: |
| 111 if (*tokenizer.token_begin() == ' ') | 110 if (IsAsciiWhitespace(*tokenizer.token_begin())) |
| 112 continue; | 111 continue; |
| 113 if (!StringToInt(tokenizer.token(), &max_age_candidate)) | 112 if (!StringToInt(tokenizer.token(), &max_age_candidate)) |
| 114 return false; | 113 return false; |
| 115 if (max_age_candidate < 0) | 114 if (max_age_candidate < 0) |
| 116 return false; | 115 return false; |
| 117 state = AFTER_MAX_AGE; | 116 state = AFTER_MAX_AGE; |
| 118 break; | 117 break; |
| 119 | 118 |
| 120 case AFTER_MAX_AGE: | 119 case AFTER_MAX_AGE: |
| 121 if (*tokenizer.token_begin() != ' ') | 120 if (IsAsciiWhitespace(*tokenizer.token_begin())) |
| 121 continue; | |
| 122 if (*tokenizer.token_begin() != ';') | |
| 122 return false; | 123 return false; |
| 123 state = AFTER_MAX_AGE_INCLUDE_SUB_DOMAINS_DELIMITER; | 124 state = AFTER_MAX_AGE_INCLUDE_SUB_DOMAINS_DELIMITER; |
| 124 break; | 125 break; |
| 125 | 126 |
| 126 case AFTER_MAX_AGE_INCLUDE_SUB_DOMAINS_DELIMITER: | 127 case AFTER_MAX_AGE_INCLUDE_SUB_DOMAINS_DELIMITER: |
| 127 if (*tokenizer.token_begin() == ' ') | 128 if (IsAsciiWhitespace(*tokenizer.token_begin())) |
| 128 continue; | 129 continue; |
| 129 if (!LowerCaseEqualsASCII(tokenizer.token(), "includesubdomains")) | 130 if (!LowerCaseEqualsASCII(tokenizer.token(), "includesubdomains")) |
| 130 return false; | 131 return false; |
| 131 state = AFTER_INCLUDE_SUBDOMAINS; | 132 state = AFTER_INCLUDE_SUBDOMAINS; |
| 132 break; | 133 break; |
| 133 | 134 |
| 134 case AFTER_INCLUDE_SUBDOMAINS: | 135 case AFTER_INCLUDE_SUBDOMAINS: |
| 135 if (*tokenizer.token_begin() != ' ') | 136 if (!IsAsciiWhitespace(*tokenizer.token_begin())) |
| 136 return false; | 137 return false; |
| 137 break; | 138 break; |
| 138 | 139 |
| 139 default: | 140 default: |
| 140 NOTREACHED(); | 141 NOTREACHED(); |
| 141 } | 142 } |
| 142 } | 143 } |
| 143 | 144 |
| 144 // We've consumed all the input. Let's see what state we ended up in. | 145 // We've consumed all the input. Let's see what state we ended up in. |
| 145 switch (state) { | 146 switch (state) { |
| 146 case START: | 147 case START: |
| 147 case AFTER_MAX_AGE_LABEL: | 148 case AFTER_MAX_AGE_LABEL: |
| 148 case AFTER_MAX_AGE_EQUALS: | 149 case AFTER_MAX_AGE_EQUALS: |
| 149 return false; | 150 return false; |
| 150 case AFTER_MAX_AGE: | 151 case AFTER_MAX_AGE: |
| 151 case AFTER_MAX_AGE_INCLUDE_SUB_DOMAINS_DELIMITER: | |
| 152 *max_age = max_age_candidate; | 152 *max_age = max_age_candidate; |
| 153 *include_subdomains = false; | 153 *include_subdomains = false; |
| 154 return true; | 154 return true; |
| 155 case AFTER_MAX_AGE_INCLUDE_SUB_DOMAINS_DELIMITER: | |
| 156 return false; | |
| 155 case AFTER_INCLUDE_SUBDOMAINS: | 157 case AFTER_INCLUDE_SUBDOMAINS: |
| 156 *max_age = max_age_candidate; | 158 *max_age = max_age_candidate; |
| 157 *include_subdomains = true; | 159 *include_subdomains = true; |
| 158 return true; | 160 return true; |
| 159 default: | 161 default: |
| 160 NOTREACHED(); | 162 NOTREACHED(); |
| 161 return false; | 163 return false; |
| 162 } | 164 } |
| 163 } | 165 } |
| 164 | 166 |
| (...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 224 | 226 |
| 225 return enabled_hosts_.size() > 0; | 227 return enabled_hosts_.size() > 0; |
| 226 } | 228 } |
| 227 | 229 |
| 228 void StrictTransportSecurityState::DirtyNotify() { | 230 void StrictTransportSecurityState::DirtyNotify() { |
| 229 if (delegate_) | 231 if (delegate_) |
| 230 delegate_->StateIsDirty(this); | 232 delegate_->StateIsDirty(this); |
| 231 } | 233 } |
| 232 | 234 |
| 233 } // namespace | 235 } // namespace |
| OLD | NEW |
