Index: net/url_request/url_request.h |
diff --git a/net/url_request/url_request.h b/net/url_request/url_request.h |
index 640f045e60f73970f74a5c73fb44237be1c08bb3..ef542e9a8d8b56fb78f97b9b27a5bfc5fc150a60 100644 |
--- a/net/url_request/url_request.h |
+++ b/net/url_request/url_request.h |
@@ -83,6 +83,7 @@ class CookieOptions; |
class HostPortPair; |
class IOBuffer; |
class SSLCertRequestInfo; |
+class SSLInfo; |
class UploadData; |
class URLRequestContext; |
class URLRequestJob; |
@@ -266,9 +267,13 @@ class NET_EXPORT URLRequest : NON_EXPORTED_BASE(public base::NonThreadSafe) { |
// safe thing and Cancel() the request or decide to proceed by calling |
// ContinueDespiteLastError(). cert_error is a ERR_* error code |
// indicating what's wrong with the certificate. |
+ // If |must_be_fatal| is true then the host in question is an HSTS host |
+ // which demands a higher level of security. In this case, errors must not |
+ // be bypassable by the user. |
virtual void OnSSLCertificateError(URLRequest* request, |
int cert_error, |
- X509Certificate* cert); |
+ const SSLInfo& ssl_info, |
+ bool must_be_fatal); |
wtc
2011/09/23 00:04:51
The cert_error argument should be removed because
|
// Called when reading cookies to allow the delegate to block access to the |
// cookie. This method will never be invoked when LOAD_DO_NOT_SEND_COOKIES |
@@ -713,7 +718,9 @@ class NET_EXPORT URLRequest : NON_EXPORTED_BASE(public base::NonThreadSafe) { |
// of these functions. |
void NotifyAuthRequired(AuthChallengeInfo* auth_info); |
void NotifyCertificateRequested(SSLCertRequestInfo* cert_request_info); |
- void NotifySSLCertificateError(int cert_error, X509Certificate* cert); |
+ void NotifySSLCertificateError(int cert_error, |
+ const SSLInfo& ssl_info, |
+ bool must_be_fatal); |
bool CanGetCookies(const CookieList& cookie_list) const; |
bool CanSetCookie(const std::string& cookie_line, |
CookieOptions* options) const; |