| Index: net/base/strict_transport_security_state.h
|
| diff --git a/net/base/strict_transport_security_state.h b/net/base/strict_transport_security_state.h
|
| index b41be1ea31ab77c3ff8896316bac11b064301692..463382ce5694191492725d81d9535b7856327133 100644
|
| --- a/net/base/strict_transport_security_state.h
|
| +++ b/net/base/strict_transport_security_state.h
|
| @@ -70,7 +70,9 @@ class StrictTransportSecurityState :
|
| // our state is dirty.
|
| void DirtyNotify();
|
|
|
| - // The set of hosts that have enabled StrictTransportSecurity.
|
| + // The set of hosts that have enabled StrictTransportSecurity. The keys here
|
| + // are SHA256(DNSForm(domain)) where DNSForm converts from dotted form
|
| + // ('www.google.com') to the form used in DNS: "\x03www\x06google\x03com"
|
| std::map<std::string, State> enabled_hosts_;
|
|
|
| // Protect access to our data members with this lock.
|
| @@ -79,6 +81,8 @@ class StrictTransportSecurityState :
|
| // Our delegate who gets notified when we are dirtied, or NULL.
|
| Delegate* delegate_;
|
|
|
| + static std::string CanonicaliseHost(const std::string& host);
|
| +
|
| DISALLOW_COPY_AND_ASSIGN(StrictTransportSecurityState);
|
| };
|
|
|
|
|
Chromium Code Reviews
Issue 201033:
ForceTLS: hash hostnames, handle subdomains, canonicalise. (Closed)
