Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(742)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/test/spawned_test_server/base_test_server.cc

Issue 1059303002: Don't process HSTS/HPKP headers when host is an IP address (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: add tests for HPKP/HSTS headers on IPs Created 5 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« net/data/ssl/scripts/generate-test-certs.sh ('K') | « net/test/spawned_test_server/base_test_server.h ('k') | net/url_request/url_request_http_job.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/test/spawned_test_server/base_test_server.cc
diff --git a/net/test/spawned_test_server/base_test_server.cc b/net/test/spawned_test_server/base_test_server.cc
index b5306899c2ac08ba99a5156866d68f9f388da659..3d83ed7ce362e0b9b477c09edc444a0686e3144f 100644
--- a/net/test/spawned_test_server/base_test_server.cc
+++ b/net/test/spawned_test_server/base_test_server.cc
@@ -29,11 +29,17 @@ namespace {
std::string GetHostname(BaseTestServer::Type type,
const BaseTestServer::SSLOptions& options) {
- if (BaseTestServer::UsingSSL(type) &&
- options.server_certificate ==
- BaseTestServer::SSLOptions::CERT_MISMATCHED_NAME) {
- // Return a different hostname string that resolves to the same hostname.
- return "localhost";
+ if (BaseTestServer::UsingSSL(type)) {
+ if (options.server_certificate ==
+ BaseTestServer::SSLOptions::CERT_MISMATCHED_NAME ||
+ options.server_certificate ==
+ BaseTestServer::SSLOptions::CERT_COMMON_NAME_IS_DOMAIN) {
+ // For CERT_MISMATCHED_NAME, return a different hostname string
palmer 2015/04/03 21:04:51 Nit: It's good to delimit identifiers in comments
estark 2015/04/03 21:22:30 Done.
+ // that resolves to the same hostname. For
+ // CERT_COMMON_NAME_IS_DOMAIN, the certificate is issued for
+ // "localhost" instead of "127.0.0.1".
+ return "localhost";
+ }
}
// Use the 127.0.0.1 as default.
@@ -133,6 +139,8 @@ base::FilePath BaseTestServer::SSLOptions::GetCertificateFile() const {
case CERT_OK:
case CERT_MISMATCHED_NAME:
return base::FilePath(FILE_PATH_LITERAL("ok_cert.pem"));
+ case CERT_COMMON_NAME_IS_DOMAIN:
+ return base::FilePath(FILE_PATH_LITERAL("localhost_cert.pem"));
case CERT_EXPIRED:
return base::FilePath(FILE_PATH_LITERAL("expired_cert.pem"));
case CERT_CHAIN_WRONG_ROOT:
« net/data/ssl/scripts/generate-test-certs.sh ('K') | « net/test/spawned_test_server/base_test_server.h ('k') | net/url_request/url_request_http_job.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698