Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(34)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/ui/webui/net_internals/net_internals_ui.cc

Issue 103803012: Make HSTS headers not clobber preloaded pins. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Rebase and refactor. (Not done yet.) Created 6 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/browser/resources/net_internals/hsts_view.js ('k') | chrome/test/data/webui/net_internals/hsts_view.js » ('j') | net/http/http_security_headers_unittest.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/ui/webui/net_internals/net_internals_ui.h" 5 #include "chrome/browser/ui/webui/net_internals/net_internals_ui.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 #include <list> 8 #include <list>
9 #include <string> 9 #include <string>
10 #include <utility> 10 #include <utility>
(...skipping 1191 matching lines...) Expand 10 before | Expand all | Expand 10 after
1202 base::DictionaryValue* result = new base::DictionaryValue(); 1202 base::DictionaryValue* result = new base::DictionaryValue();
1203 1203
1204 if (!IsStringASCII(domain)) { 1204 if (!IsStringASCII(domain)) {
1205 result->SetString("error", "non-ASCII domain name"); 1205 result->SetString("error", "non-ASCII domain name");
1206 } else { 1206 } else {
1207 net::TransportSecurityState* transport_security_state = 1207 net::TransportSecurityState* transport_security_state =
1208 GetMainContext()->transport_security_state(); 1208 GetMainContext()->transport_security_state();
1209 if (!transport_security_state) { 1209 if (!transport_security_state) {
1210 result->SetString("error", "no TransportSecurityState active"); 1210 result->SetString("error", "no TransportSecurityState active");
1211 } else { 1211 } else {
1212 net::TransportSecurityState::DomainState state; 1212 net::TransportSecurityState::DomainState static_state;
1213 const bool found = transport_security_state->GetDomainState( 1213 const bool found_static = transport_security_state->GetStaticDomainState(
1214 domain, true, &state); 1214 domain, true, &static_state);
1215 if (found_static) {
1216 // TODO(palmer): Make this use a real check for STS, PKP presence.
1217 result->SetBoolean("has_static_sts", found_static);
1218 result->SetInteger("static_upgrade_mode",
1219 static_cast<int>(static_state.sts.upgrade_mode));
1220 result->SetBoolean("static_sts_include_subdomains",
1221 static_state.sts.include_subdomains);
1222 result->SetDouble("static_sts_observed",
1223 static_state.sts.last_observed.ToDoubleT());
1224 result->SetDouble("static_sts_expiry",
1225 static_state.sts.expiry.ToDoubleT());
1226 // TODO(palmer): Make this use a real check for STS, PKP presence.
1227 result->SetBoolean("has_static_pkp", found_static);
1228 result->SetBoolean("static_pkp_include_subdomains",
1229 static_state.pkp.include_subdomains);
1230 result->SetDouble("static_pkp_observed",
1231 static_state.pkp.last_observed.ToDoubleT());
1232 result->SetDouble("static_pkp_expiry",
1233 static_state.pkp.expiry.ToDoubleT());
1234 result->SetString("static_spki_hashes",
1235 HashesToBase64String(static_state.pkp.spki_hashes));
1236 }
1215 1237
1216 result->SetBoolean("result", found); 1238 net::TransportSecurityState::DomainState dynamic_state;
1217 if (found) { 1239 const bool found_dynamic =
1218 result->SetInteger("mode", static_cast<int>(state.upgrade_mode)); 1240 transport_security_state->GetDynamicDomainState(domain,
1219 result->SetBoolean("sts_subdomains", state.sts_include_subdomains); 1241 &dynamic_state);
1220 result->SetBoolean("pkp_subdomains", state.pkp_include_subdomains); 1242 if (found_dynamic) {
1221 result->SetDouble("sts_observed", state.sts_observed.ToDoubleT()); 1243 result->SetInteger("dynamic_upgrade_mode",
1222 result->SetDouble("pkp_observed", state.pkp_observed.ToDoubleT()); 1244 static_cast<int>(dynamic_state.sts.upgrade_mode));
1223 result->SetString("domain", state.domain); 1245 result->SetBoolean("dynamic_sts_include_subdomains",
1224 result->SetDouble("expiry", state.upgrade_expiry.ToDoubleT()); 1246 dynamic_state.sts.include_subdomains);
1225 result->SetDouble("dynamic_spki_hashes_expiry", 1247 result->SetBoolean("dynamic_pkp_include_subdomains",
1226 state.dynamic_spki_hashes_expiry.ToDoubleT()); 1248 dynamic_state.pkp.include_subdomains);
1249 result->SetDouble("dynamic_sts_observed",
1250 dynamic_state.sts.last_observed.ToDoubleT());
1251 result->SetDouble("dynamic_pkp_observed",
1252 dynamic_state.pkp.last_observed.ToDoubleT());
1253 result->SetDouble("dynamic_sts_expiry",
1254 dynamic_state.sts.expiry.ToDoubleT());
1255 result->SetDouble("dynamic_pkp_expiry",
1256 dynamic_state.pkp.expiry.ToDoubleT());
1257 result->SetString("dynamic_spki_hashes",
1258 HashesToBase64String(dynamic_state.pkp.spki_hashes));
1227 1259
1228 result->SetString("static_spki_hashes",
1229 HashesToBase64String(state.static_spki_hashes));
1230 result->SetString("dynamic_spki_hashes",
1231 HashesToBase64String(state.dynamic_spki_hashes));
1232 } 1260 }
1261
1262 result->SetBoolean("result", found_static || found_dynamic);
1263 // TODO(palmer): It might be good? to distinguish between the domain
1264 // of the static state and the domain of the dynamic state.
1265 result->SetString("domain", static_state.domain);
1233 } 1266 }
1234 } 1267 }
1235 1268
1236 SendJavascriptCommand("receivedHSTSResult", result); 1269 SendJavascriptCommand("receivedHSTSResult", result);
1237 } 1270 }
1238 1271
1239 void NetInternalsMessageHandler::IOThreadImpl::OnHSTSAdd( 1272 void NetInternalsMessageHandler::IOThreadImpl::OnHSTSAdd(
1240 const base::ListValue* list) { 1273 const base::ListValue* list) {
1241 // |list| should be: [<domain to query>, <STS include subdomains>, <PKP 1274 // |list| should be: [<domain to query>, <STS include subdomains>, <PKP
1242 // include subdomains>, <key pins>]. 1275 // include subdomains>, <key pins>].
(...skipping 607 matching lines...) Expand 10 before | Expand all | Expand 10 after
1850 } 1883 }
1851 1884
1852 NetInternalsUI::NetInternalsUI(content::WebUI* web_ui) 1885 NetInternalsUI::NetInternalsUI(content::WebUI* web_ui)
1853 : WebUIController(web_ui) { 1886 : WebUIController(web_ui) {
1854 web_ui->AddMessageHandler(new NetInternalsMessageHandler()); 1887 web_ui->AddMessageHandler(new NetInternalsMessageHandler());
1855 1888
1856 // Set up the chrome://net-internals/ source. 1889 // Set up the chrome://net-internals/ source.
1857 Profile* profile = Profile::FromWebUI(web_ui); 1890 Profile* profile = Profile::FromWebUI(web_ui);
1858 content::WebUIDataSource::Add(profile, CreateNetInternalsHTMLSource()); 1891 content::WebUIDataSource::Add(profile, CreateNetInternalsHTMLSource());
1859 } 1892 }
OLDNEW
« no previous file with comments | « chrome/browser/resources/net_internals/hsts_view.js ('k') | chrome/test/data/webui/net_internals/hsts_view.js » ('j') | net/http/http_security_headers_unittest.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698