| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ui/webui/net_internals/net_internals_ui.h" | 5 #include "chrome/browser/ui/webui/net_internals/net_internals_ui.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 #include <list> | 8 #include <list> |
| 9 #include <string> | 9 #include <string> |
| 10 #include <utility> | 10 #include <utility> |
| (...skipping 92 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 103 // encounters a new version. This should be incremented when significant | 103 // encounters a new version. This should be incremented when significant |
| 104 // changes are made that will invalidate the old loading code. | 104 // changes are made that will invalidate the old loading code. |
| 105 const int kLogFormatVersion = 1; | 105 const int kLogFormatVersion = 1; |
| 106 | 106 |
| 107 // Returns the HostCache for |context|'s primary HostResolver, or NULL if | 107 // Returns the HostCache for |context|'s primary HostResolver, or NULL if |
| 108 // there is none. | 108 // there is none. |
| 109 net::HostCache* GetHostResolverCache(net::URLRequestContext* context) { | 109 net::HostCache* GetHostResolverCache(net::URLRequestContext* context) { |
| 110 return context->host_resolver()->GetHostCache(); | 110 return context->host_resolver()->GetHostCache(); |
| 111 } | 111 } |
| 112 | 112 |
| 113 std::string HashesToBase64String(const net::HashValueVector& hashes) { |
| 114 std::string str; |
| 115 for (size_t i = 0; i != hashes.size(); ++i) { |
| 116 if (i != 0) |
| 117 str += ","; |
| 118 str += hashes[i].ToString(); |
| 119 } |
| 120 return str; |
| 121 } |
| 122 |
| 123 bool Base64StringToHashes(const std::string& hashes_str, |
| 124 net::HashValueVector* hashes) { |
| 125 hashes->clear(); |
| 126 std::vector<std::string> vector_hash_str; |
| 127 base::SplitString(hashes_str, ',', &vector_hash_str); |
| 128 |
| 129 for (size_t i = 0; i != vector_hash_str.size(); ++i) { |
| 130 std::string hash_str; |
| 131 RemoveChars(vector_hash_str[i], " \t\r\n", &hash_str); |
| 132 net::HashValue hash; |
| 133 // Skip past unrecognized hash algos |
| 134 // But return false on malformatted input |
| 135 if (hash_str.empty()) |
| 136 return false; |
| 137 if (hash_str.compare(0, 5, "sha1/") != 0 && |
| 138 hash_str.compare(0, 7, "sha256/") != 0) { |
| 139 continue; |
| 140 } |
| 141 if (!hash.FromString(hash_str)) |
| 142 return false; |
| 143 hashes->push_back(hash); |
| 144 } |
| 145 return true; |
| 146 } |
| 147 |
| 113 // Returns a Value representing the state of a pre-existing URLRequest when | 148 // Returns a Value representing the state of a pre-existing URLRequest when |
| 114 // net-internals was opened. | 149 // net-internals was opened. |
| 115 Value* RequestStateToValue(const net::URLRequest* request, | 150 Value* RequestStateToValue(const net::URLRequest* request, |
| 116 net::NetLog::LogLevel log_level) { | 151 net::NetLog::LogLevel log_level) { |
| 117 DictionaryValue* dict = new DictionaryValue(); | 152 DictionaryValue* dict = new DictionaryValue(); |
| 118 dict->SetString("url", request->original_url().possibly_invalid_spec()); | 153 dict->SetString("url", request->original_url().possibly_invalid_spec()); |
| 119 | 154 |
| 120 const std::vector<GURL>& url_chain = request->url_chain(); | 155 const std::vector<GURL>& url_chain = request->url_chain(); |
| 121 if (url_chain.size() > 1) { | 156 if (url_chain.size() > 1) { |
| 122 ListValue* list = new ListValue(); | 157 ListValue* list = new ListValue(); |
| (...skipping 1046 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1169 // For example, turn "www.google.com" into "http://www.google.com". | 1204 // For example, turn "www.google.com" into "http://www.google.com". |
| 1170 GURL url(URLFixerUpper::FixupURL(UTF16ToUTF8(url_str), std::string())); | 1205 GURL url(URLFixerUpper::FixupURL(UTF16ToUTF8(url_str), std::string())); |
| 1171 | 1206 |
| 1172 connection_tester_.reset(new ConnectionTester( | 1207 connection_tester_.reset(new ConnectionTester( |
| 1173 this, | 1208 this, |
| 1174 io_thread_->globals()->proxy_script_fetcher_context.get(), | 1209 io_thread_->globals()->proxy_script_fetcher_context.get(), |
| 1175 net_log())); | 1210 net_log())); |
| 1176 connection_tester_->RunAllTests(url); | 1211 connection_tester_->RunAllTests(url); |
| 1177 } | 1212 } |
| 1178 | 1213 |
| 1179 void SPKIHashesToString(const net::HashValueVector& hashes, | |
| 1180 std::string* string) { | |
| 1181 for (net::HashValueVector::const_iterator | |
| 1182 i = hashes.begin(); i != hashes.end(); ++i) { | |
| 1183 base::StringPiece hash_str(reinterpret_cast<const char*>(i->data()), | |
| 1184 i->size()); | |
| 1185 std::string encoded; | |
| 1186 base::Base64Encode(hash_str, &encoded); | |
| 1187 | |
| 1188 if (i != hashes.begin()) | |
| 1189 *string += ","; | |
| 1190 *string += net::TransportSecurityState::HashValueLabel(*i) + encoded; | |
| 1191 } | |
| 1192 } | |
| 1193 | |
| 1194 void NetInternalsMessageHandler::IOThreadImpl::OnHSTSQuery( | 1214 void NetInternalsMessageHandler::IOThreadImpl::OnHSTSQuery( |
| 1195 const ListValue* list) { | 1215 const ListValue* list) { |
| 1196 // |list| should be: [<domain to query>]. | 1216 // |list| should be: [<domain to query>]. |
| 1197 std::string domain; | 1217 std::string domain; |
| 1198 CHECK(list->GetString(0, &domain)); | 1218 CHECK(list->GetString(0, &domain)); |
| 1199 DictionaryValue* result = new DictionaryValue(); | 1219 DictionaryValue* result = new DictionaryValue(); |
| 1200 | 1220 |
| 1201 if (!IsStringASCII(domain)) { | 1221 if (!IsStringASCII(domain)) { |
| 1202 result->SetString("error", "non-ASCII domain name"); | 1222 result->SetString("error", "non-ASCII domain name"); |
| 1203 } else { | 1223 } else { |
| 1204 net::TransportSecurityState* transport_security_state = | 1224 net::TransportSecurityState* transport_security_state = |
| 1205 GetMainContext()->transport_security_state(); | 1225 GetMainContext()->transport_security_state(); |
| 1206 if (!transport_security_state) { | 1226 if (!transport_security_state) { |
| 1207 result->SetString("error", "no TransportSecurityState active"); | 1227 result->SetString("error", "no TransportSecurityState active"); |
| 1208 } else { | 1228 } else { |
| 1209 net::TransportSecurityState::DomainState state; | 1229 net::TransportSecurityState::DomainState state; |
| 1210 const bool found = transport_security_state->GetDomainState( | 1230 const bool found = transport_security_state->GetDomainState( |
| 1211 domain, true, &state); | 1231 domain, true, &state); |
| 1212 | 1232 |
| 1213 result->SetBoolean("result", found); | 1233 result->SetBoolean("result", found); |
| 1214 if (found) { | 1234 if (found) { |
| 1215 result->SetInteger("mode", static_cast<int>(state.upgrade_mode)); | 1235 result->SetInteger("mode", static_cast<int>(state.upgrade_mode)); |
| 1216 result->SetBoolean("subdomains", state.include_subdomains); | 1236 result->SetBoolean("subdomains", state.include_subdomains); |
| 1217 result->SetString("domain", state.domain); | 1237 result->SetString("domain", state.domain); |
| 1218 result->SetDouble("expiry", state.upgrade_expiry.ToDoubleT()); | 1238 result->SetDouble("expiry", state.upgrade_expiry.ToDoubleT()); |
| 1219 result->SetDouble("dynamic_spki_hashes_expiry", | 1239 result->SetDouble("dynamic_spki_hashes_expiry", |
| 1220 state.dynamic_spki_hashes_expiry.ToDoubleT()); | 1240 state.dynamic_spki_hashes_expiry.ToDoubleT()); |
| 1221 | 1241 |
| 1222 std::string hashes; | 1242 result->SetString("static_spki_hashes", |
| 1223 SPKIHashesToString(state.static_spki_hashes, &hashes); | 1243 HashesToBase64String(state.static_spki_hashes)); |
| 1224 result->SetString("static_spki_hashes", hashes); | 1244 result->SetString("dynamic_spki_hashes", |
| 1225 | 1245 HashesToBase64String(state.dynamic_spki_hashes)); |
| 1226 hashes.clear(); | |
| 1227 SPKIHashesToString(state.dynamic_spki_hashes, &hashes); | |
| 1228 result->SetString("dynamic_spki_hashes", hashes); | |
| 1229 } | 1246 } |
| 1230 } | 1247 } |
| 1231 } | 1248 } |
| 1232 | 1249 |
| 1233 SendJavascriptCommand("receivedHSTSResult", result); | 1250 SendJavascriptCommand("receivedHSTSResult", result); |
| 1234 } | 1251 } |
| 1235 | 1252 |
| 1236 void NetInternalsMessageHandler::IOThreadImpl::OnHSTSAdd( | 1253 void NetInternalsMessageHandler::IOThreadImpl::OnHSTSAdd( |
| 1237 const ListValue* list) { | 1254 const ListValue* list) { |
| 1238 // |list| should be: [<domain to query>, <include subdomains>, <cert pins>]. | 1255 // |list| should be: [<domain to query>, <include subdomains>, <cert pins>]. |
| (...skipping 11 matching lines...) Expand all Loading... |
| 1250 | 1267 |
| 1251 net::TransportSecurityState* transport_security_state = | 1268 net::TransportSecurityState* transport_security_state = |
| 1252 GetMainContext()->transport_security_state(); | 1269 GetMainContext()->transport_security_state(); |
| 1253 if (!transport_security_state) | 1270 if (!transport_security_state) |
| 1254 return; | 1271 return; |
| 1255 | 1272 |
| 1256 net::TransportSecurityState::DomainState state; | 1273 net::TransportSecurityState::DomainState state; |
| 1257 state.upgrade_expiry = state.created + base::TimeDelta::FromDays(1000); | 1274 state.upgrade_expiry = state.created + base::TimeDelta::FromDays(1000); |
| 1258 state.include_subdomains = include_subdomains; | 1275 state.include_subdomains = include_subdomains; |
| 1259 if (!hashes_str.empty()) { | 1276 if (!hashes_str.empty()) { |
| 1260 std::vector<std::string> type_and_b64s; | 1277 if (!Base64StringToHashes(hashes_str, &state.dynamic_spki_hashes)) |
| 1261 base::SplitString(hashes_str, ',', &type_and_b64s); | 1278 return; |
| 1262 for (std::vector<std::string>::const_iterator | |
| 1263 i = type_and_b64s.begin(); i != type_and_b64s.end(); ++i) { | |
| 1264 std::string type_and_b64; | |
| 1265 RemoveChars(*i, " \t\r\n", &type_and_b64); | |
| 1266 net::HashValue hash; | |
| 1267 if (!net::TransportSecurityState::ParsePin(type_and_b64, &hash)) | |
| 1268 continue; | |
| 1269 | |
| 1270 state.dynamic_spki_hashes.push_back(hash); | |
| 1271 } | |
| 1272 } | 1279 } |
| 1273 | |
| 1274 transport_security_state->EnableHost(domain, state); | 1280 transport_security_state->EnableHost(domain, state); |
| 1275 } | 1281 } |
| 1276 | 1282 |
| 1277 void NetInternalsMessageHandler::IOThreadImpl::OnHSTSDelete( | 1283 void NetInternalsMessageHandler::IOThreadImpl::OnHSTSDelete( |
| 1278 const ListValue* list) { | 1284 const ListValue* list) { |
| 1279 // |list| should be: [<domain to query>]. | 1285 // |list| should be: [<domain to query>]. |
| 1280 std::string domain; | 1286 std::string domain; |
| 1281 CHECK(list->GetString(0, &domain)); | 1287 CHECK(list->GetString(0, &domain)); |
| 1282 if (!IsStringASCII(domain)) { | 1288 if (!IsStringASCII(domain)) { |
| 1283 // There cannot be a unicode entry in the HSTS set. | 1289 // There cannot be a unicode entry in the HSTS set. |
| (...skipping 645 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1929 } | 1935 } |
| 1930 | 1936 |
| 1931 NetInternalsUI::NetInternalsUI(content::WebUI* web_ui) | 1937 NetInternalsUI::NetInternalsUI(content::WebUI* web_ui) |
| 1932 : WebUIController(web_ui) { | 1938 : WebUIController(web_ui) { |
| 1933 web_ui->AddMessageHandler(new NetInternalsMessageHandler()); | 1939 web_ui->AddMessageHandler(new NetInternalsMessageHandler()); |
| 1934 | 1940 |
| 1935 // Set up the chrome://net-internals/ source. | 1941 // Set up the chrome://net-internals/ source. |
| 1936 Profile* profile = Profile::FromWebUI(web_ui); | 1942 Profile* profile = Profile::FromWebUI(web_ui); |
| 1937 ChromeURLDataManager::AddDataSource(profile, CreateNetInternalsHTMLSource()); | 1943 ChromeURLDataManager::AddDataSource(profile, CreateNetInternalsHTMLSource()); |
| 1938 } | 1944 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 11274032:
Separate http_security_headers from transport_security_state (Closed)
Base URL: https://src.chromium.org/chrome/trunk/src/