net/ocsp/nss_ocsp.cc - Issue 5372002: Prevent redirects to non-HTTP URLs when fetching CRLs/OCSP responses - Code Review

Chromium Code Reviews

chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out

(2156)

My Issues | Starred Open | Closed | All

Unified Diff: net/ocsp/nss_ocsp.cc

Issue 5372002: Prevent redirects to non-HTTP URLs when fetching CRLs/OCSP responses (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 10 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

« no previous file with comments | « no previous file | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: net/ocsp/nss_ocsp.cc

diff --git a/net/ocsp/nss_ocsp.cc b/net/ocsp/nss_ocsp.cc

index 7618f9e70959f2d409027bfebb1dcbacb6cfe9c7..7db2fb5aa1d4bfe0cb60d9e1a88e2e38a34b7b3e 100644

--- a/net/ocsp/nss_ocsp.cc

+++ b/net/ocsp/nss_ocsp.cc

@@ -248,6 +248,19 @@ class OCSPRequestSession

return data_;

}

+ virtual void OnReceivedRedirect(URLRequest* request,

+ const GURL& new_url,

+ bool* defer_redirect) {

+ DCHECK_EQ(request, request_);

+ DCHECK_EQ(MessageLoopForIO::current(), io_loop_);

+

+ if (!new_url.SchemeIs("http")) {

+ // Prevent redirects to non-HTTP schemes, including HTTPS. This matches

+ // the initial check in OCSPServerSession::CreateRequest().

+ CancelURLRequest();

+ }

+ }

+

virtual void OnResponseStarted(URLRequest* request) {

DCHECK_EQ(request, request_);

DCHECK_EQ(MessageLoopForIO::current(), io_loop_);

« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine

This is Rietveld 408576698