OLD | NEW |
---|---|
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/url_request/url_request_http_job.h" | 5 #include "net/url_request/url_request_http_job.h" |
6 | 6 |
7 #include "base/bind.h" | 7 #include "base/bind.h" |
8 #include "base/base_switches.h" | 8 #include "base/base_switches.h" |
9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
10 #include "base/compiler_specific.h" | 10 #include "base/compiler_specific.h" |
(...skipping 668 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
679 UMA_HISTOGRAM_BOOLEAN("Net.CertificatePinSuccess", false); | 679 UMA_HISTOGRAM_BOOLEAN("Net.CertificatePinSuccess", false); |
680 } else { | 680 } else { |
681 UMA_HISTOGRAM_BOOLEAN("Net.CertificatePinSuccess", true); | 681 UMA_HISTOGRAM_BOOLEAN("Net.CertificatePinSuccess", true); |
682 } | 682 } |
683 } | 683 } |
684 } | 684 } |
685 #endif | 685 #endif |
686 | 686 |
687 if (result == OK) { | 687 if (result == OK) { |
688 SaveCookiesAndNotifyHeadersComplete(); | 688 SaveCookiesAndNotifyHeadersComplete(); |
689 } else if (ShouldTreatAsCertificateError(result)) { | 689 } else if (IsCertificateError(result)) { |
690 // We encountered an SSL certificate error. Ask our delegate to decide | 690 // We encountered an SSL certificate error. Ask our delegate to decide |
691 // what we should do. | 691 // what we should do. |
692 // TODO(wtc): also pass ssl_info.cert_status, or just pass the whole | 692 |
693 // ssl_info. | 693 TransportSecurityState::DomainState domain_state; |
694 NotifySSLCertificateError( | 694 const bool is_hsts_host = |
695 result, transaction_->GetResponseInfo()->ssl_info.cert); | 695 context_->transport_security_state() && |
696 context_->transport_security_state()->IsEnabledForHost( | |
697 &domain_state, request_info_.url.host(), | |
698 SSLConfigService::IsSNIAvailable(context_->ssl_config_service())); | |
699 NotifySSLCertificateError(transaction_->GetResponseInfo()->ssl_info, | |
700 is_hsts_host); | |
wtc
2011/09/26 19:15:10
We can consider making is_hsts_host a bit flag in
| |
696 } else if (result == ERR_SSL_CLIENT_AUTH_CERT_NEEDED) { | 701 } else if (result == ERR_SSL_CLIENT_AUTH_CERT_NEEDED) { |
697 NotifyCertificateRequested( | 702 NotifyCertificateRequested( |
698 transaction_->GetResponseInfo()->cert_request_info); | 703 transaction_->GetResponseInfo()->cert_request_info); |
699 } else { | 704 } else { |
700 NotifyStartError(URLRequestStatus(URLRequestStatus::FAILED, result)); | 705 NotifyStartError(URLRequestStatus(URLRequestStatus::FAILED, result)); |
701 } | 706 } |
702 } | 707 } |
703 | 708 |
704 void URLRequestHttpJob::OnReadCompleted(int result) { | 709 void URLRequestHttpJob::OnReadCompleted(int result) { |
705 read_in_progress_ = false; | 710 read_in_progress_ = false; |
706 | 711 |
707 if (ShouldFixMismatchedContentLength(result)) | 712 if (ShouldFixMismatchedContentLength(result)) |
708 result = 0; | 713 result = 0; |
709 | 714 |
710 if (result == 0) { | 715 if (result == 0) { |
711 NotifyDone(URLRequestStatus()); | 716 NotifyDone(URLRequestStatus()); |
712 } else if (result < 0) { | 717 } else if (result < 0) { |
713 NotifyDone(URLRequestStatus(URLRequestStatus::FAILED, result)); | 718 NotifyDone(URLRequestStatus(URLRequestStatus::FAILED, result)); |
714 } else { | 719 } else { |
715 // Clear the IO_PENDING status | 720 // Clear the IO_PENDING status |
716 SetStatus(URLRequestStatus()); | 721 SetStatus(URLRequestStatus()); |
717 } | 722 } |
718 | 723 |
719 NotifyReadComplete(result); | 724 NotifyReadComplete(result); |
720 } | 725 } |
721 | 726 |
722 bool URLRequestHttpJob::ShouldTreatAsCertificateError(int result) { | |
723 if (!IsCertificateError(result)) | |
724 return false; | |
725 | |
726 // Revocation check failures are always certificate errors, even if the host | |
727 // is using Strict-Transport-Security. | |
728 if (result == ERR_CERT_UNABLE_TO_CHECK_REVOCATION) | |
729 return true; | |
730 | |
731 // Check whether our context is using Strict-Transport-Security. | |
732 if (!context_->transport_security_state()) | |
733 return true; | |
734 | |
735 TransportSecurityState::DomainState domain_state; | |
736 const bool r = context_->transport_security_state()->IsEnabledForHost( | |
737 &domain_state, request_info_.url.host(), | |
738 SSLConfigService::IsSNIAvailable(context_->ssl_config_service())); | |
739 | |
740 return !r; | |
741 } | |
742 | |
743 void URLRequestHttpJob::RestartTransactionWithAuth( | 727 void URLRequestHttpJob::RestartTransactionWithAuth( |
744 const string16& username, | 728 const string16& username, |
745 const string16& password) { | 729 const string16& password) { |
746 username_ = username; | 730 username_ = username; |
747 password_ = password; | 731 password_ = password; |
748 | 732 |
749 // These will be reset in OnStartCompleted. | 733 // These will be reset in OnStartCompleted. |
750 response_info_ = NULL; | 734 response_info_ = NULL; |
751 response_cookies_.clear(); | 735 response_cookies_.clear(); |
752 | 736 |
(...skipping 635 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1388 if (done_) | 1372 if (done_) |
1389 return; | 1373 return; |
1390 done_ = true; | 1374 done_ = true; |
1391 | 1375 |
1392 RecordPerfHistograms(reason); | 1376 RecordPerfHistograms(reason); |
1393 if (reason == FINISHED) | 1377 if (reason == FINISHED) |
1394 RecordCompressionHistograms(); | 1378 RecordCompressionHistograms(); |
1395 } | 1379 } |
1396 | 1380 |
1397 } // namespace net | 1381 } // namespace net |
OLD | NEW |