| Index: chrome/browser/transport_security_persister.h
|
| ===================================================================
|
| --- chrome/browser/transport_security_persister.h (revision 128526)
|
| +++ chrome/browser/transport_security_persister.h (working copy)
|
| @@ -14,7 +14,7 @@
|
| // correct transport security information.
|
| //
|
| // To load the state, we schedule a Task on the file thread which loads,
|
| -// deserialises and configures the TransportSecurityState.
|
| +// deserializes and configures the TransportSecurityState.
|
| //
|
| // The TransportSecurityState object supports running a callback function
|
| // when it changes. This object registers the callback, pointing at itself.
|
| @@ -26,8 +26,8 @@
|
| //
|
| // ...
|
| //
|
| -// TransportSecurityPersister::SerialiseState
|
| -// copies the current state of the TransportSecurityState, serialises
|
| +// TransportSecurityPersister::SerializeState
|
| +// copies the current state of the TransportSecurityState, serializes
|
| // and writes to disk.
|
|
|
| #ifndef CHROME_BROWSER_TRANSPORT_SECURITY_PERSISTER_H_
|
| @@ -61,6 +61,52 @@
|
| private:
|
| class Loader;
|
|
|
| + // Serializes |transport_security_state_| into |*output|. Returns true if
|
| + // all DomainStates were serialized correctly.
|
| + //
|
| + // The serialization format is JSON; the JSON represents a dictionary of
|
| + // host:DomainState pairs (host is a string). The DomainState is
|
| + // represented as a dictionary containing the following keys and value
|
| + // types (not all keys will always be present):
|
| + //
|
| + // "include_subdomains": true|false
|
| + // "created": double
|
| + // "expiry": double
|
| + // "dynamic_spki_hashes_expiry": double
|
| + // "mode": "always"|"never"
|
| + // legacy value synonyms "strict"|"pinning-only"
|
| + // legacy value "spdy-only" is unused and ignored
|
| + // "static_spki_hashes": list of strings
|
| + // legacy key synonym "preloaded_spki_hashes"
|
| + // "bad_static_spki_hashes": list of strings
|
| + // legacy key synonym "bad_preloaded_spki_hashes"
|
| + // "dynamic_spki_hashes": list of strings
|
| + //
|
| + // The keys are
|
| + // SHA256(net::TransportSecurityState::CanonicalizeHost(domain)). The
|
| + // reason for hashing them is so that the stored state does not trivially
|
| + // reveal a user's browsing history to an attacker reading the serialized
|
| + // state on disk.
|
| + bool Serialize(std::string* output) const;
|
| +
|
| + // Populates |state| from the JSON string |serialized|. Returns true if
|
| + // all entries were parsed and deserialized correctly.
|
| + //
|
| + // Sets |*dirty| to true if the new state differs from the persisted
|
| + // state; false otherwise.
|
| + static bool Deserialize(const std::string& serialized,
|
| + bool* dirty,
|
| + net::TransportSecurityState* state);
|
| +
|
| + // Clears any existing non-static entries, and then re-populates |state|
|
| + // by invoking |Deserialize|.
|
| + //
|
| + // Sets |*dirty| to true if the new state differs from the persisted
|
| + // state; false otherwise.
|
| + bool LoadEntries(const std::string& serialized,
|
| + bool* dirty,
|
| + net::TransportSecurityState* state);
|
| +
|
| void CompleteLoad(const std::string& state);
|
|
|
| net::TransportSecurityState* transport_security_state_;
|
|
|
Chromium Code Reviews
Issue 9415040:
Refactor TransportSecurityState. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/