Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(207)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/ui/webui/net_internals/net_internals_ui.cc

Issue 103803012: Make HSTS headers not clobber preloaded pins. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Fix browser_tests by setting the domain name correctly. Rebase. Created 6 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/resources/net_internals/hsts_view.js ('k') | chrome/test/data/webui/net_internals/hsts_view.js » ('j') | net/http/http_security_headers_unittest.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/ui/webui/net_internals/net_internals_ui.cc
diff --git a/chrome/browser/ui/webui/net_internals/net_internals_ui.cc b/chrome/browser/ui/webui/net_internals/net_internals_ui.cc
index 6ca3b5e09c8984b98a696f7fd6e4f1dcf42a7efd..46d4f88156c98f6aac9e683878082ffe4008984a 100644
--- a/chrome/browser/ui/webui/net_internals/net_internals_ui.cc
+++ b/chrome/browser/ui/webui/net_internals/net_internals_ui.cc
@@ -1209,26 +1209,62 @@ void NetInternalsMessageHandler::IOThreadImpl::OnHSTSQuery(
if (!transport_security_state) {
result->SetString("error", "no TransportSecurityState active");
} else {
- net::TransportSecurityState::DomainState state;
- const bool found = transport_security_state->GetDomainState(
- domain, true, &state);
-
- result->SetBoolean("result", found);
- if (found) {
- result->SetInteger("mode", static_cast<int>(state.upgrade_mode));
- result->SetBoolean("sts_subdomains", state.sts_include_subdomains);
- result->SetBoolean("pkp_subdomains", state.pkp_include_subdomains);
- result->SetDouble("sts_observed", state.sts_observed.ToDoubleT());
- result->SetDouble("pkp_observed", state.pkp_observed.ToDoubleT());
- result->SetString("domain", state.domain);
- result->SetDouble("expiry", state.upgrade_expiry.ToDoubleT());
- result->SetDouble("dynamic_spki_hashes_expiry",
- state.dynamic_spki_hashes_expiry.ToDoubleT());
-
+ net::TransportSecurityState::DomainState static_state;
+ const bool found_static = transport_security_state->GetStaticDomainState(
+ domain, true, &static_state);
+ if (found_static) {
+ result->SetBoolean("has_static_sts",
+ found_static && static_state.ShouldUpgradeToSSL());
+ result->SetInteger("static_upgrade_mode",
+ static_cast<int>(static_state.sts.upgrade_mode));
+ result->SetBoolean("static_sts_include_subdomains",
+ static_state.sts.include_subdomains);
+ result->SetDouble("static_sts_observed",
+ static_state.sts.last_observed.ToDoubleT());
+ result->SetDouble("static_sts_expiry",
+ static_state.sts.expiry.ToDoubleT());
+ result->SetBoolean("has_static_pkp",
+ found_static && static_state.HasPublicKeyPins());
+ result->SetBoolean("static_pkp_include_subdomains",
+ static_state.pkp.include_subdomains);
+ result->SetDouble("static_pkp_observed",
+ static_state.pkp.last_observed.ToDoubleT());
+ result->SetDouble("static_pkp_expiry",
+ static_state.pkp.expiry.ToDoubleT());
result->SetString("static_spki_hashes",
- HashesToBase64String(state.static_spki_hashes));
+ HashesToBase64String(static_state.pkp.spki_hashes));
+ }
+
+ net::TransportSecurityState::DomainState dynamic_state;
+ const bool found_dynamic =
+ transport_security_state->GetDynamicDomainState(domain,
+ &dynamic_state);
+ if (found_dynamic) {
+ result->SetInteger("dynamic_upgrade_mode",
+ static_cast<int>(dynamic_state.sts.upgrade_mode));
+ result->SetBoolean("dynamic_sts_include_subdomains",
+ dynamic_state.sts.include_subdomains);
+ result->SetBoolean("dynamic_pkp_include_subdomains",
+ dynamic_state.pkp.include_subdomains);
+ result->SetDouble("dynamic_sts_observed",
+ dynamic_state.sts.last_observed.ToDoubleT());
+ result->SetDouble("dynamic_pkp_observed",
+ dynamic_state.pkp.last_observed.ToDoubleT());
+ result->SetDouble("dynamic_sts_expiry",
+ dynamic_state.sts.expiry.ToDoubleT());
+ result->SetDouble("dynamic_pkp_expiry",
+ dynamic_state.pkp.expiry.ToDoubleT());
result->SetString("dynamic_spki_hashes",
- HashesToBase64String(state.dynamic_spki_hashes));
+ HashesToBase64String(dynamic_state.pkp.spki_hashes));
+ }
+
+ result->SetBoolean("result", found_static || found_dynamic);
+ if (found_static) {
+ result->SetString("domain", static_state.domain);
+ } else if (found_dynamic) {
+ result->SetString("domain", dynamic_state.domain);
+ } else {
+ result->SetString("domain", domain);
Ryan Sleevi 2014/04/24 21:40:21 Let's file a follow-up bug to fix this domain ambi
palmer 2014/04/25 00:59:59 https://code.google.com/p/chromium/issues/detail?i
}
}
}
« no previous file with comments | « chrome/browser/resources/net_internals/hsts_view.js ('k') | chrome/test/data/webui/net_internals/hsts_view.js » ('j') | net/http/http_security_headers_unittest.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698