HSTS: add net-internals UI.

net/base/transport_security_state.cc

 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/base/transport_security_state.h"
 
 #include "base/base64.h"
 #include "base/json/json_reader.h"
 #include "base/json/json_writer.h"
 #include "base/logging.h"
@@ skipping 27 matching lines @@
 
   char hashed[base::SHA256_LENGTH];
   base::SHA256HashString(canonicalised_host, hashed, sizeof(hashed));
 
   // Use the original creation date if we already have this host.
   DomainState state_copy(state);
   DomainState existing_state;
   if (IsEnabledForHost(&existing_state, host))
     state_copy.created = existing_state.created;
 
+  // We don't store these values.
+  state_copy.preloaded = false;
+  state_copy.domain.clear();
+
   enabled_hosts_[std::string(hashed, sizeof(hashed))] = state_copy;
   DirtyNotify();
 }
 
+bool TransportSecurityState::DeleteHost(const std::string& host) {
+  const std::string canonicalised_host = CanonicaliseHost(host);
+  if (canonicalised_host.empty())
+    return false;
+
+  char hashed[base::SHA256_LENGTH];
+  base::SHA256HashString(canonicalised_host, hashed, sizeof(hashed));

[willchan no longer on Chromium, 2011/02/11 21:16:27]

arraysize

+
+  std::map<std::string, DomainState>::iterator i = enabled_hosts_.find(
+      std::string(hashed, sizeof(hashed)));
+  if (i != enabled_hosts_.end()) {
+    enabled_hosts_.erase(i);
+    DirtyNotify();
+    return true;
+  }
+  return false;
+}
+
 // IncludeNUL converts a char* to a std::string and includes the terminating
 // NUL in the result.
 static std::string IncludeNUL(const char* in) {
   return std::string(in, strlen(in) + 1);
 }
 
 bool TransportSecurityState::IsEnabledForHost(DomainState* result,
                                               const std::string& host) {
   const std::string canonicalised_host = CanonicaliseHost(host);
   if (canonicalised_host.empty())
     return false;
 
   bool include_subdomains;
   if (IsPreloadedSTS(canonicalised_host, &include_subdomains)) {
     result->created = result->expiry = base::Time::FromTimeT(0);
     result->mode = DomainState::MODE_STRICT;
     result->include_subdomains = include_subdomains;
+    result->preloaded = true;
     return true;
   }
 
+  result->preloaded = false;
   base::Time current_time(base::Time::Now());
 
   for (size_t i = 0; canonicalised_host[i]; i += canonicalised_host[i] + 1) {
     char hashed_domain[base::SHA256_LENGTH];
 
     base::SHA256HashString(IncludeNUL(&canonicalised_host[i]), &hashed_domain,
                            sizeof(hashed_domain));
     std::map<std::string, DomainState>::iterator j =
         enabled_hosts_.find(std::string(hashed_domain, sizeof(hashed_domain)));
     if (j == enabled_hosts_.end())
       continue;
 
     if (current_time > j->second.expiry) {
       enabled_hosts_.erase(j);
       DirtyNotify();
       continue;
     }
 
     *result = j->second;
+    result->domain = DNSDomainToString(&canonicalised_host[i]);
 
     // If we matched the domain exactly, it doesn't matter what the value of
     // include_subdomains is.
     if (i == 0)
       return true;
 
     return j->second.include_subdomains;
   }
 
   return false;
@@ skipping 350 matching lines @@
         *include_subdomains = kPreloadedSTS[j].include_subdomains;
         return true;
       }
     }
   }
 
   return false;
 }
 
 }  // namespace