Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(97)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/resources/net_internals/hsts_view.js

Issue 103803012: Make HSTS headers not clobber preloaded pins. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Respond to comments and fix compilation errors. Created 6 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/browser/net/predictor.cc ('k') | chrome/browser/ui/webui/net_internals/net_internals_ui.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 /** 5 /**
6 * HSTS is HTTPS Strict Transport Security: a way for sites to elect to always 6 * HSTS is HTTPS Strict Transport Security: a way for sites to elect to always
7 * use HTTPS. See http://dev.chromium.org/sts 7 * use HTTPS. See http://dev.chromium.org/sts
8 * 8 *
9 * This UI allows a user to query and update the browser's list of HSTS domains. 9 * This UI allows a user to query and update the browser's list of HSTS domains.
10 * It also allows users to query and update the browser's list of public key 10 * It also allows users to query and update the browser's list of public key
(...skipping 98 matching lines...) Expand 10 before | Expand all | Expand 10 after
109 109
110 if (result.result == false) { 110 if (result.result == false) {
111 this.queryOutputDiv_.innerHTML = '<b>Not found</b>'; 111 this.queryOutputDiv_.innerHTML = '<b>Not found</b>';
112 yellowFade(this.queryOutputDiv_); 112 yellowFade(this.queryOutputDiv_);
113 return; 113 return;
114 } 114 }
115 115
116 this.queryOutputDiv_.innerHTML = ''; 116 this.queryOutputDiv_.innerHTML = '';
117 117
118 var s = addNode(this.queryOutputDiv_, 'span'); 118 var s = addNode(this.queryOutputDiv_, 'span');
119 s.innerHTML = '<b>Found</b>: mode: '; 119 s.innerHTML = '<b>Found:</b><br/>';
120 var t;
eroman 2014/05/07 21:17:16 Is there any point to the variables "t" and "b"? T
121 var b;
120 122
121 // TODO(palmer): Combine these 2-line pairs into 1: 123 addTextNode(this.queryOutputDiv_, ' domain: ');
122 // addNodeWithText(this.queryOutputDiv_, 'tt', results.sts_observed); 124 t = addNodeWithText(this.queryOutputDiv_, 'tt', result.domain);
123 var t = addNode(this.queryOutputDiv_, 'tt'); 125 b = addNode(this.queryOutputDiv_, 'br');
124 t.textContent = modeToString(result.mode);
125 126
126 addTextNode(this.queryOutputDiv_, ' sts_include_subdomains:'); 127 addTextNode(this.queryOutputDiv_, ' static_upgrade_mode: ');
128 t = addNodeWithText(this.queryOutputDiv_, 'tt',
129 modeToString(result.static_upgrade_mode));
130 b = addNode(this.queryOutputDiv_, 'br');
127 131
128 t = addNode(this.queryOutputDiv_, 'tt'); 132 addTextNode(this.queryOutputDiv_, ' static_sts_include_subdomains: ');
eroman 2014/05/07 21:17:16 I feel like this code has reached a critical mass
129 t.textContent = result.sts_subdomains; 133 t = addNodeWithText(this.queryOutputDiv_, 'tt',
134 result.static_sts_include_subdomains);
135 b = addNode(this.queryOutputDiv_, 'br');
130 136
131 addTextNode(this.queryOutputDiv_, ' pkp_include_subdomains:'); 137 addTextNode(this.queryOutputDiv_, ' static_pkp_include_subdomains: ');
138 t = addNodeWithText(this.queryOutputDiv_, 'tt',
139 result.static_pkp_include_subdomains);
140 b = addNode(this.queryOutputDiv_, 'br');
132 141
133 t = addNode(this.queryOutputDiv_, 'tt'); 142 addTextNode(this.queryOutputDiv_, ' static_sts_observed: ');
134 t.textContent = result.pkp_subdomains; 143 t = addNodeWithText(this.queryOutputDiv_, 'tt',
144 result.static_sts_observed);
145 b = addNode(this.queryOutputDiv_, 'br');
135 146
136 addTextNode(this.queryOutputDiv_, ' sts_observed:'); 147 addTextNode(this.queryOutputDiv_, ' static_pkp_observed: ');
148 t = addNodeWithText(this.queryOutputDiv_, 'tt',
149 result.static_pkp_observed);
150 b = addNode(this.queryOutputDiv_, 'br');
137 151
138 t = addNode(this.queryOutputDiv_, 'tt'); 152 addTextNode(this.queryOutputDiv_, ' static_spki_hashes: ');
139 t.textContent = result.sts_observed;
140
141 addTextNode(this.queryOutputDiv_, ' pkp_observed:');
142
143 t = addNode(this.queryOutputDiv_, 'tt');
144 t.textContent = result.pkp_observed;
145
146 addTextNode(this.queryOutputDiv_, ' domain:');
147
148 t = addNode(this.queryOutputDiv_, 'tt');
149 t.textContent = result.domain;
150
151 addTextNode(this.queryOutputDiv_, ' pubkey_hashes:');
152
153 t = addNode(this.queryOutputDiv_, 'tt'); 153 t = addNode(this.queryOutputDiv_, 'tt');
154 154
155 // |public_key_hashes| is an old synonym for what is now 155 // |public_key_hashes| is an old synonym for what is now
156 // |preloaded_spki_hashes|, which in turn is a legacy synonym for 156 // |preloaded_spki_hashes|, which in turn is a legacy synonym for
157 // |static_spki_hashes|. Look for all three, and also for 157 // |static_spki_hashes|.
158 // |dynamic_spki_hashes|.
159 if (typeof result.public_key_hashes === 'undefined') 158 if (typeof result.public_key_hashes === 'undefined')
160 result.public_key_hashes = ''; 159 result.public_key_hashes = '';
161 if (typeof result.preloaded_spki_hashes === 'undefined') 160 if (typeof result.preloaded_spki_hashes === 'undefined')
162 result.preloaded_spki_hashes = ''; 161 result.preloaded_spki_hashes = '';
163 if (typeof result.static_spki_hashes === 'undefined') 162 if (typeof result.static_spki_hashes === 'undefined')
164 result.static_spki_hashes = ''; 163 result.static_spki_hashes = '';
165 if (typeof result.dynamic_spki_hashes === 'undefined')
166 result.dynamic_spki_hashes = '';
167 164
168 var hashes = []; 165 var hashes = [];
169 if (result.public_key_hashes) 166 if (result.public_key_hashes)
170 hashes.push(result.public_key_hashes); 167 hashes.push(result.public_key_hashes);
171 if (result.preloaded_spki_hashes) 168 if (result.preloaded_spki_hashes)
172 hashes.push(result.preloaded_spki_hashes); 169 hashes.push(result.preloaded_spki_hashes);
173 if (result.static_spki_hashes) 170 if (result.static_spki_hashes)
174 hashes.push(result.static_spki_hashes); 171 hashes.push(result.static_spki_hashes);
175 if (result.dynamic_spki_hashes)
176 hashes.push(result.dynamic_spki_hashes);
177 172
178 t.textContent = hashes.join(','); 173 t.textContent = hashes.join(',');
174 b = addNode(this.queryOutputDiv_, 'br');
175
176 addTextNode(this.queryOutputDiv_, ' dynamic_upgrade_mode: ');
177 t = addNodeWithText(this.queryOutputDiv_, 'tt',
178 modeToString(result.dynamic_upgrade_mode));
179 b = addNode(this.queryOutputDiv_, 'br');
180
181 addTextNode(this.queryOutputDiv_, ' dynamic_sts_include_subdomains: ');
182 t = addNodeWithText(this.queryOutputDiv_, 'tt',
183 result.dynamic_sts_include_subdomains || '');
184 b = addNode(this.queryOutputDiv_, 'br');
185
186 addTextNode(this.queryOutputDiv_, ' dynamic_pkp_include_subdomains: ');
187 t = addNodeWithText(this.queryOutputDiv_, 'tt',
188 result.dynamic_pkp_include_subdomains || '');
189 b = addNode(this.queryOutputDiv_, 'br');
190
191 addTextNode(this.queryOutputDiv_, ' dynamic_sts_observed: ');
192 t = addNodeWithText(this.queryOutputDiv_, 'tt',
193 result.dynamic_sts_observed || '');
194 b = addNode(this.queryOutputDiv_, 'br');
195
196 addTextNode(this.queryOutputDiv_, ' dynamic_pkp_observed: ');
197 t = addNodeWithText(this.queryOutputDiv_, 'tt',
198 result.dynamic_pkp_observed || '');
199 b = addNode(this.queryOutputDiv_, 'br');
200
201 addTextNode(this.queryOutputDiv_, ' dynamic_spki_hashes: ');
202 t = addNodeWithText(this.queryOutputDiv_, 'tt',
203 result.dynamic_spki_hashes || '');
204
179 yellowFade(this.queryOutputDiv_); 205 yellowFade(this.queryOutputDiv_);
180 } 206 }
181 }; 207 };
182 208
183 function modeToString(m) { 209 function modeToString(m) {
184 // These numbers must match those in 210 // These numbers must match those in
185 // TransportSecurityState::DomainState::UpgradeMode. 211 // TransportSecurityState::DomainState::UpgradeMode.
186 if (m == 0) { 212 if (m == 0) {
187 return 'STRICT'; 213 return 'STRICT';
188 } else if (m == 1) { 214 } else if (m == 1) {
189 return 'OPPORTUNISTIC'; 215 return 'OPPORTUNISTIC';
190 } else { 216 } else {
191 return 'UNKNOWN'; 217 return 'UNKNOWN';
192 } 218 }
193 } 219 }
194 220
195 function yellowFade(element) { 221 function yellowFade(element) {
196 element.style.webkitTransitionProperty = 'background-color'; 222 element.style.webkitTransitionProperty = 'background-color';
197 element.style.webkitTransitionDuration = '0'; 223 element.style.webkitTransitionDuration = '0';
198 element.style.backgroundColor = '#fffccf'; 224 element.style.backgroundColor = '#fffccf';
199 setTimeout(function() { 225 setTimeout(function() {
200 element.style.webkitTransitionDuration = '1000ms'; 226 element.style.webkitTransitionDuration = '1000ms';
201 element.style.backgroundColor = '#fff'; 227 element.style.backgroundColor = '#fff';
202 }, 0); 228 }, 0);
203 } 229 }
204 230
205 return HSTSView; 231 return HSTSView;
206 })(); 232 })();
OLDNEW
« no previous file with comments | « chrome/browser/net/predictor.cc ('k') | chrome/browser/ui/webui/net_internals/net_internals_ui.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698