| OLD | NEW |
|---|
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/ocsp/nss_ocsp.h" | 5 #include "net/ocsp/nss_ocsp.h" |
| 6 | 6 |
| 7 #include <certt.h> | 7 #include <certt.h> |
| 8 #include <certdb.h> | 8 #include <certdb.h> |
| 9 #include <ocsp.h> | 9 #include <ocsp.h> |
| 10 #include <nspr.h> | 10 #include <nspr.h> |
| (...skipping 230 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 241 const std::string& http_response_headers() const { | 241 const std::string& http_response_headers() const { |
| 242 DCHECK(finished_); | 242 DCHECK(finished_); |
| 243 return response_headers_->raw_headers(); | 243 return response_headers_->raw_headers(); |
| 244 } | 244 } |
| 245 | 245 |
| 246 const std::string& http_response_data() const { | 246 const std::string& http_response_data() const { |
| 247 DCHECK(finished_); | 247 DCHECK(finished_); |
| 248 return data_; | 248 return data_; |
| 249 } | 249 } |
| 250 | 250 |
| 251 virtual void OnReceivedRedirect(URLRequest* request, |
| 252 const GURL& new_url, |
| 253 bool* defer_redirect) { |
| 254 DCHECK_EQ(request, request_); |
| 255 DCHECK_EQ(MessageLoopForIO::current(), io_loop_); |
| 256 |
| 257 if (!new_url.SchemeIs("http")) { |
| 258 // Prevent redirects to non-HTTP schemes, including HTTPS. This matches |
| 259 // the initial check in OCSPServerSession::CreateRequest(). |
| 260 CancelURLRequest(); |
| 261 } |
| 262 } |
| 263 |
| 251 virtual void OnResponseStarted(URLRequest* request) { | 264 virtual void OnResponseStarted(URLRequest* request) { |
| 252 DCHECK_EQ(request, request_); | 265 DCHECK_EQ(request, request_); |
| 253 DCHECK_EQ(MessageLoopForIO::current(), io_loop_); | 266 DCHECK_EQ(MessageLoopForIO::current(), io_loop_); |
| 254 | 267 |
| 255 int bytes_read = 0; | 268 int bytes_read = 0; |
| 256 if (request->status().is_success()) { | 269 if (request->status().is_success()) { |
| 257 response_code_ = request_->GetResponseCode(); | 270 response_code_ = request_->GetResponseCode(); |
| 258 response_headers_ = request_->response_headers(); | 271 response_headers_ = request_->response_headers(); |
| 259 response_headers_->GetMimeType(&response_content_type_); | 272 response_headers_->GetMimeType(&response_content_type_); |
| 260 request_->Read(buffer_, kRecvBufferSize, &bytes_read); | 273 request_->Read(buffer_, kRecvBufferSize, &bytes_read); |
| (...skipping 635 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 896 | 909 |
| 897 URLRequestContext* GetURLRequestContextForOCSP() { | 910 URLRequestContext* GetURLRequestContextForOCSP() { |
| 898 pthread_mutex_lock(&g_request_context_lock); | 911 pthread_mutex_lock(&g_request_context_lock); |
| 899 URLRequestContext* request_context = g_request_context; | 912 URLRequestContext* request_context = g_request_context; |
| 900 pthread_mutex_unlock(&g_request_context_lock); | 913 pthread_mutex_unlock(&g_request_context_lock); |
| 901 DCHECK(!request_context || request_context->is_main()); | 914 DCHECK(!request_context || request_context->is_main()); |
| 902 return request_context; | 915 return request_context; |
| 903 } | 916 } |
| 904 | 917 |
| 905 } // namespace net | 918 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 5372002:
Prevent redirects to non-HTTP URLs when fetching CRLs/OCSP responses (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src