net/base/strict_transport_security_state.cc - Issue 200033: Update the Strict-Transport-Security grammar to match the spec.

Unified Diff: net/base/strict_transport_security_state.cc

Issue 200033: Update the Strict-Transport-Security grammar to match the spec. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/

Patch Set: '' Created 11 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/base/strict_transport_security_state.cc

===================================================================

--- net/base/strict_transport_security_state.cc (revision 25577)

+++ net/base/strict_transport_security_state.cc (working copy)

@@ -65,8 +65,8 @@

return true;

}

-// "X-Force-TLS" ":" "max-age" "=" delta-seconds *1INCLUDESUBDOMAINS

-// INCLUDESUBDOMAINS = [ " includeSubDomains" ]

+// "Strict-Transport-Security" ":"

+// "max-age" "=" delta-seconds [ ";" "includeSubDomains" ]

bool StrictTransportSecurityState::ParseHeader(const std::string& value,

int* max_age,

bool* include_subdomains) {

@@ -84,14 +84,13 @@

AFTER_INCLUDE_SUBDOMAINS,

} state = START;

- StringTokenizer tokenizer(value, " =");

+ StringTokenizer tokenizer(value, " \t=;");

agl 2009/09/08 17:11:41 :( HTTP is such a terrible protocol

tokenizer.set_options(StringTokenizer::RETURN_DELIMS);

while (tokenizer.GetNext()) {

DCHECK(!tokenizer.token_is_delim() || tokenizer.token().length() == 1);

- DCHECK(tokenizer.token_is_delim() || *tokenizer.token_begin() != ' ');

switch (state) {

case START:

- if (*tokenizer.token_begin() == ' ')

+ if (IsAsciiWhitespace(*tokenizer.token_begin()))

continue;

if (!LowerCaseEqualsASCII(tokenizer.token(), "max-age"))

return false;

@@ -99,7 +98,7 @@

break;

case AFTER_MAX_AGE_LABEL:

- if (*tokenizer.token_begin() == ' ')

+ if (IsAsciiWhitespace(*tokenizer.token_begin()))

continue;

if (*tokenizer.token_begin() != '=')

return false;

@@ -108,7 +107,7 @@

break;

case AFTER_MAX_AGE_EQUALS:

- if (*tokenizer.token_begin() == ' ')

+ if (IsAsciiWhitespace(*tokenizer.token_begin()))

continue;

if (!StringToInt(tokenizer.token(), &max_age_candidate))

return false;

@@ -118,13 +117,15 @@

break;

case AFTER_MAX_AGE:

- if (*tokenizer.token_begin() != ' ')

+ if (IsAsciiWhitespace(*tokenizer.token_begin()))

+ continue;

+ if (*tokenizer.token_begin() != ';')

return false;

state = AFTER_MAX_AGE_INCLUDE_SUB_DOMAINS_DELIMITER;

break;

case AFTER_MAX_AGE_INCLUDE_SUB_DOMAINS_DELIMITER:

- if (*tokenizer.token_begin() == ' ')

+ if (IsAsciiWhitespace(*tokenizer.token_begin()))

continue;

if (!LowerCaseEqualsASCII(tokenizer.token(), "includesubdomains"))

return false;

@@ -132,7 +133,7 @@

break;

case AFTER_INCLUDE_SUBDOMAINS:

- if (*tokenizer.token_begin() != ' ')

+ if (!IsAsciiWhitespace(*tokenizer.token_begin()))

return false;

break;

@@ -148,10 +149,11 @@

case AFTER_MAX_AGE_EQUALS:

return false;

case AFTER_MAX_AGE:

- case AFTER_MAX_AGE_INCLUDE_SUB_DOMAINS_DELIMITER:

*max_age = max_age_candidate;

*include_subdomains = false;

return true;

+ case AFTER_MAX_AGE_INCLUDE_SUB_DOMAINS_DELIMITER:

+ return false;

case AFTER_INCLUDE_SUBDOMAINS:

*max_age = max_age_candidate;

*include_subdomains = true;

« no previous file with comments | « no previous file | net/base/strict_transport_security_state_unittest.cc » ('j') | no next file with comments »