Chromium Code Reviews
Help | Chromium Project | Sign in
(952)

Side by Side Diff: chrome/browser/ui/webui/net_internals/net_internals_ui.cc

Issue 11274032: Separate http_security_headers from transport_security_state (Closed) Base URL: https://src.chromium.org/chrome/trunk/src/
Patch Set: Created 1 year, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Please Sign in to add in-line comments.
Jump to:
View unified diff | Download patch
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/ui/webui/net_internals/net_internals_ui.h" 5 #include "chrome/browser/ui/webui/net_internals/net_internals_ui.h"
6 6
7 #include <list> 7 #include <list>
8 #include <string> 8 #include <string>
9 #include <utility> 9 #include <utility>
10 #include <vector> 10 #include <vector>
(...skipping 1082 matching lines...) Expand 10 before | Expand all | Expand 10 after
1093 // For example, turn "www.google.com" into "http://www.google.com". 1093 // For example, turn "www.google.com" into "http://www.google.com".
1094 GURL url(URLFixerUpper::FixupURL(UTF16ToUTF8(url_str), std::string())); 1094 GURL url(URLFixerUpper::FixupURL(UTF16ToUTF8(url_str), std::string()));
1095 1095
1096 connection_tester_.reset(new ConnectionTester( 1096 connection_tester_.reset(new ConnectionTester(
1097 this, 1097 this,
1098 io_thread_->globals()->proxy_script_fetcher_context.get(), 1098 io_thread_->globals()->proxy_script_fetcher_context.get(),
1099 net_log())); 1099 net_log()));
1100 connection_tester_->RunAllTests(url); 1100 connection_tester_->RunAllTests(url);
1101 } 1101 }
1102 1102
1103 void SPKIHashesToString(const net::HashValueVector& hashes, 1103 std::string HashesToBase64String(const net::HashValueVector& hashes) {
1104 std::string* string) { 1104 std::string str;
1105 for (net::HashValueVector::const_iterator 1105 for (size_t i = 0; i != hashes.size(); ++i) {
1106 i = hashes.begin(); i != hashes.end(); ++i) { 1106 if (i != 0)
1107 base::StringPiece hash_str(reinterpret_cast<const char*>(i->data()), 1107 str += ",";
1108 i->size()); 1108 str += hashes[i].ToString();
1109 std::string encoded; 1109 }
1110 base::Base64Encode(hash_str, &encoded); 1110 return str;
1111 }
1111 1112
1112 if (i != hashes.begin()) 1113 bool Base64StringToHashes(const std::string& hashes_str,
1113 *string += ","; 1114 net::HashValueVector* hashes) {
1114 *string += net::TransportSecurityState::HashValueLabel(*i) + encoded; 1115 hashes->clear();
1116 if (hashes_str.empty())
1117 return true;
1118 std::vector<std::string> vector_hash_str;
1119 base::SplitString(hashes_str, ',', &vector_hash_str);
1120
1121 for (size_t i = 0; i != vector_hash_str.size(); ++i) {
1122 std::string hash_str;
1123 RemoveChars(vector_hash_str[i], " \t\r\n", &hash_str);
1124 net::HashValue hash;
1125 if (!hash.FromString(hash_str))
1126 return false;
1127 hashes->push_back(hash);
1115 } 1128 }
1129 return true;
1116 } 1130 }
1117 1131
1118 void NetInternalsMessageHandler::IOThreadImpl::OnHSTSQuery( 1132 void NetInternalsMessageHandler::IOThreadImpl::OnHSTSQuery(
1119 const ListValue* list) { 1133 const ListValue* list) {
1120 // |list| should be: [<domain to query>]. 1134 // |list| should be: [<domain to query>].
1121 std::string domain; 1135 std::string domain;
1122 CHECK(list->GetString(0, &domain)); 1136 CHECK(list->GetString(0, &domain));
1123 DictionaryValue* result = new DictionaryValue(); 1137 DictionaryValue* result = new DictionaryValue();
1124 1138
1125 if (!IsStringASCII(domain)) { 1139 if (!IsStringASCII(domain)) {
(...skipping 10 matching lines...) Expand all
1136 1150
1137 result->SetBoolean("result", found); 1151 result->SetBoolean("result", found);
1138 if (found) { 1152 if (found) {
1139 result->SetInteger("mode", static_cast<int>(state.upgrade_mode)); 1153 result->SetInteger("mode", static_cast<int>(state.upgrade_mode));
1140 result->SetBoolean("subdomains", state.include_subdomains); 1154 result->SetBoolean("subdomains", state.include_subdomains);
1141 result->SetString("domain", state.domain); 1155 result->SetString("domain", state.domain);
1142 result->SetDouble("expiry", state.upgrade_expiry.ToDoubleT()); 1156 result->SetDouble("expiry", state.upgrade_expiry.ToDoubleT());
1143 result->SetDouble("dynamic_spki_hashes_expiry", 1157 result->SetDouble("dynamic_spki_hashes_expiry",
1144 state.dynamic_spki_hashes_expiry.ToDoubleT()); 1158 state.dynamic_spki_hashes_expiry.ToDoubleT());
1145 1159
1146 std::string hashes; 1160 std::string hashes_str;
1147 SPKIHashesToString(state.static_spki_hashes, &hashes); 1161 hashes_str = HashesToBase64String(state.static_spki_hashes);
1148 result->SetString("static_spki_hashes", hashes); 1162 result->SetString("static_spki_hashes", hashes_str);
1149 1163
1150 hashes.clear(); 1164 hashes_str = HashesToBase64String(state.dynamic_spki_hashes);
1151 SPKIHashesToString(state.dynamic_spki_hashes, &hashes); 1165 result->SetString("dynamic_spki_hashes", hashes_str);
1152 result->SetString("dynamic_spki_hashes", hashes);
1153 } 1166 }
1154 } 1167 }
1155 } 1168 }
1156 1169
1157 SendJavascriptCommand("receivedHSTSResult", result); 1170 SendJavascriptCommand("receivedHSTSResult", result);
1158 } 1171 }
1159 1172
1160 void NetInternalsMessageHandler::IOThreadImpl::OnHSTSAdd( 1173 void NetInternalsMessageHandler::IOThreadImpl::OnHSTSAdd(
1161 const ListValue* list) { 1174 const ListValue* list) {
1162 // |list| should be: [<domain to query>, <include subdomains>, <cert pins>]. 1175 // |list| should be: [<domain to query>, <include subdomains>, <cert pins>].
(...skipping 10 matching lines...) Expand all
1173 CHECK(list->GetString(2, &hashes_str)); 1186 CHECK(list->GetString(2, &hashes_str));
1174 1187
1175 net::TransportSecurityState* transport_security_state = 1188 net::TransportSecurityState* transport_security_state =
1176 context_getter_->GetURLRequestContext()->transport_security_state(); 1189 context_getter_->GetURLRequestContext()->transport_security_state();
1177 if (!transport_security_state) 1190 if (!transport_security_state)
1178 return; 1191 return;
1179 1192
1180 net::TransportSecurityState::DomainState state; 1193 net::TransportSecurityState::DomainState state;
1181 state.upgrade_expiry = state.created + base::TimeDelta::FromDays(1000); 1194 state.upgrade_expiry = state.created + base::TimeDelta::FromDays(1000);
1182 state.include_subdomains = include_subdomains; 1195 state.include_subdomains = include_subdomains;
1183 if (!hashes_str.empty()) { 1196 Base64StringToHashes(hashes_str, &state.dynamic_spki_hashes);
Ryan Sleevi 2012/11/13 19:02:32 In the original code, if a hash failed to parse, i
unsafe 2012/11/13 23:20:18 Hmm, how about if it handles the false return by N
Ryan Sleevi 2012/11/13 23:32:05 I think the old behaviour was better, for reasons
1184 std::vector<std::string> type_and_b64s;
1185 base::SplitString(hashes_str, ',', &type_and_b64s);
1186 for (std::vector<std::string>::const_iterator
1187 i = type_and_b64s.begin(); i != type_and_b64s.end(); ++i) {
1188 std::string type_and_b64;
1189 RemoveChars(*i, " \t\r\n", &type_and_b64);
1190 net::HashValue hash;
1191 if (!net::TransportSecurityState::ParsePin(type_and_b64, &hash))
1192 continue;
1193
1194 state.dynamic_spki_hashes.push_back(hash);
1195 }
1196 }
1197
1198 transport_security_state->EnableHost(domain, state); 1197 transport_security_state->EnableHost(domain, state);
1199 } 1198 }
1200 1199
1201 void NetInternalsMessageHandler::IOThreadImpl::OnHSTSDelete( 1200 void NetInternalsMessageHandler::IOThreadImpl::OnHSTSDelete(
1202 const ListValue* list) { 1201 const ListValue* list) {
1203 // |list| should be: [<domain to query>]. 1202 // |list| should be: [<domain to query>].
1204 std::string domain; 1203 std::string domain;
1205 CHECK(list->GetString(0, &domain)); 1204 CHECK(list->GetString(0, &domain));
1206 if (!IsStringASCII(domain)) { 1205 if (!IsStringASCII(domain)) {
1207 // There cannot be a unicode entry in the HSTS set. 1206 // There cannot be a unicode entry in the HSTS set.
(...skipping 567 matching lines...) Expand 10 before | Expand all | Expand 10 after
1775 } 1774 }
1776 1775
1777 NetInternalsUI::NetInternalsUI(content::WebUI* web_ui) 1776 NetInternalsUI::NetInternalsUI(content::WebUI* web_ui)
1778 : WebUIController(web_ui) { 1777 : WebUIController(web_ui) {
1779 web_ui->AddMessageHandler(new NetInternalsMessageHandler()); 1778 web_ui->AddMessageHandler(new NetInternalsMessageHandler());
1780 1779
1781 // Set up the chrome://net-internals/ source. 1780 // Set up the chrome://net-internals/ source.
1782 Profile* profile = Profile::FromWebUI(web_ui); 1781 Profile* profile = Profile::FromWebUI(web_ui);
1783 ChromeURLDataManager::AddDataSource(profile, CreateNetInternalsHTMLSource()); 1782 ChromeURLDataManager::AddDataSource(profile, CreateNetInternalsHTMLSource());
1784 } 1783 }
OLDNEW

Powered by Google App Engine
RSS Feeds Recent Issues | This issue
This is Rietveld 1280:2d3e6564b7b6