Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(696)

Side by Side Diff: net/http/http_security_headers.h

Issue 11274032: Separate http_security_headers from transport_security_state (Closed) Base URL: https://src.chromium.org/chrome/trunk/src/
Patch Set: Created 8 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
(Empty)
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #ifndef NET_HTTP_HTTP_SECURITY_HEADERS_H_
6 #define NET_HTTP_HTTP_SECURITY_HEADERS_H_
7
8 #include <string>
9
10 #include "base/basictypes.h"
11 #include "base/gtest_prod_util.h"
12 #include "base/time.h"
13 #include "base/values.h"
14 #include "net/base/hash_value.h"
15 #include "net/base/net_export.h"
16
17 namespace net {
18
19 const int64 kMaxHSTSAgeSecs = 86400 * 365; // 1 year
20
21 // Parses |value| as a Strict-Transport-Security header value. If successful,
22 // returns true and sets |*expiry| and |*include_subdomains|.
23 // Otherwise returns false and leaves the output parameters unchanged.
24 // Interprets the max-age directive relative to |now|.
25 //
26 // value is the right-hand side of:
27 //
28 // "Strict-Transport-Security" ":"
29 // [ directive ] *( ";" [ directive ] )
30 bool NET_EXPORT_PRIVATE ParseHSTSHeader(const base::Time& now,
31 const std::string& value,
32 base::Time* expiry, // OUT
Ryan Sleevi 2012/11/13 19:02:32 drop the "// OUT"
unsafe 2012/11/13 23:20:18 Done.
33 bool* include_subdomains); // OUT
34
35 // Parses |value| as a Public-Key-Pins header value. If successful,
36 // returns true and populates the expiry and hashes values.
37 // Otherwise returns false and leaves the output parameters unchanged.
38 // Interprets the max-age directive relative to |now|.
39 // Checks that the header's public key pins overlaps with the SSL chain
40 // as specified in chain_hashes.
Ryan Sleevi 2012/11/13 19:02:32 nit: Could you expand on this comment more. In pa
palmer 2012/11/13 19:35:04 Well, we might decide against allowing coalescing,
unsafe 2012/11/13 23:20:18 Expanded the comment more. Did not say anything a
41 //
42 // value is the right-hand side of:
43 //
44 // "Public-Key-Pins" ":"
45 // "max-age" "=" delta-seconds ";"
46 // "pin-" algo "=" base64 [ ";" ... ]
47 bool NET_EXPORT_PRIVATE ParseHPKPHeader(const base::Time& now,
48 const std::string& value,
49 const HashValueVector& chain_hashes,
50 base::Time* expiry, // OUT
51 HashValueVector* hashes); // OUT
52
53 } // namespace net
54
55
56 #endif // NET_HTTP_HTTP_SECURITY_HEADERS_H_
57
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698