OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/url_request/url_request_http_job.h" | 5 #include "net/url_request/url_request_http_job.h" |
6 | 6 |
7 #include "base/base_switches.h" | 7 #include "base/base_switches.h" |
8 #include "base/bind.h" | 8 #include "base/bind.h" |
9 #include "base/bind_helpers.h" | 9 #include "base/bind_helpers.h" |
10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
(...skipping 649 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
660 void* iter = NULL; | 660 void* iter = NULL; |
661 HttpResponseHeaders* headers = GetResponseHeaders(); | 661 HttpResponseHeaders* headers = GetResponseHeaders(); |
662 while (headers->EnumerateHeader(&iter, name, &value)) { | 662 while (headers->EnumerateHeader(&iter, name, &value)) { |
663 if (!value.empty()) | 663 if (!value.empty()) |
664 cookies->push_back(value); | 664 cookies->push_back(value); |
665 } | 665 } |
666 } | 666 } |
667 | 667 |
668 // NOTE: |ProcessStrictTransportSecurityHeader| and | 668 // NOTE: |ProcessStrictTransportSecurityHeader| and |
669 // |ProcessPublicKeyPinsHeader| have very similar structures, by design. | 669 // |ProcessPublicKeyPinsHeader| have very similar structures, by design. |
670 // They manipulate different parts of |TransportSecurityState::DomainState|, | |
671 // and they must remain complementary. If, in future changes here, there is | |
672 // any conflict between their policies (such as in |domain_state.mode|), you | |
673 // should resolve the conflict in favor of the more strict policy. | |
674 void URLRequestHttpJob::ProcessStrictTransportSecurityHeader() { | 670 void URLRequestHttpJob::ProcessStrictTransportSecurityHeader() { |
675 DCHECK(response_info_); | 671 DCHECK(response_info_); |
676 | 672 TransportSecurityState* security_state = |
677 const URLRequestContext* ctx = request_->context(); | 673 request_->context()->transport_security_state(); |
678 const SSLInfo& ssl_info = response_info_->ssl_info; | 674 const SSLInfo& ssl_info = response_info_->ssl_info; |
679 | 675 |
680 // Only accept strict transport security headers on HTTPS connections that | 676 // Only accept HSTS headers on HTTPS connections that have no |
681 // have no certificate errors. | 677 // certificate errors. |
682 if (!ssl_info.is_valid() || IsCertStatusError(ssl_info.cert_status) || | 678 if (!ssl_info.is_valid() || IsCertStatusError(ssl_info.cert_status) || |
683 !ctx->transport_security_state()) { | 679 !security_state) |
684 return; | 680 return; |
685 } | |
686 | |
687 TransportSecurityState* security_state = ctx->transport_security_state(); | |
688 TransportSecurityState::DomainState domain_state; | |
689 const std::string& host = request_info_.url.host(); | |
690 | |
691 bool sni_available = | |
692 SSLConfigService::IsSNIAvailable(ctx->ssl_config_service()); | |
693 if (!security_state->GetDomainState(host, sni_available, &domain_state)) | |
694 // |GetDomainState| may have altered |domain_state| while searching. If | |
695 // not found, start with a fresh state. | |
696 domain_state.upgrade_mode = | |
697 TransportSecurityState::DomainState::MODE_FORCE_HTTPS; | |
698 | |
699 HttpResponseHeaders* headers = GetResponseHeaders(); | |
700 std::string value; | |
701 void* iter = NULL; | |
702 base::Time now = base::Time::Now(); | |
703 | 681 |
704 // http://tools.ietf.org/html/draft-ietf-websec-strict-transport-sec: | 682 // http://tools.ietf.org/html/draft-ietf-websec-strict-transport-sec: |
705 // | 683 // |
706 // If a UA receives more than one STS header field in a HTTP response | 684 // If a UA receives more than one STS header field in a HTTP response |
707 // message over secure transport, then the UA MUST process only the | 685 // message over secure transport, then the UA MUST process only the |
708 // first such header field. | 686 // first such header field. |
709 bool seen_sts = false; | 687 HttpResponseHeaders* headers = GetResponseHeaders(); |
710 while (headers->EnumerateHeader(&iter, "Strict-Transport-Security", &value)) { | 688 std::string value; |
711 if (seen_sts) | 689 if (headers->EnumerateHeader(NULL, "Strict-Transport-Security", &value)) |
712 return; | 690 security_state->AddHSTSHeader(request_info_.url.host(), value); |
713 seen_sts = true; | |
714 TransportSecurityState::DomainState domain_state; | |
715 if (domain_state.ParseSTSHeader(now, value)) | |
716 security_state->EnableHost(host, domain_state); | |
717 } | |
718 } | 691 } |
719 | 692 |
720 void URLRequestHttpJob::ProcessPublicKeyPinsHeader() { | 693 void URLRequestHttpJob::ProcessPublicKeyPinsHeader() { |
721 DCHECK(response_info_); | 694 DCHECK(response_info_); |
722 | 695 TransportSecurityState* security_state = |
723 const URLRequestContext* ctx = request_->context(); | 696 request_->context()->transport_security_state(); |
724 const SSLInfo& ssl_info = response_info_->ssl_info; | 697 const SSLInfo& ssl_info = response_info_->ssl_info; |
725 | 698 |
726 // Only accept public key pins headers on HTTPS connections that have no | 699 // Only accept HPKP headers on HTTPS connections that have no |
727 // certificate errors. | 700 // certificate errors. |
728 if (!ssl_info.is_valid() || IsCertStatusError(ssl_info.cert_status) || | 701 if (!ssl_info.is_valid() || IsCertStatusError(ssl_info.cert_status) || |
729 !ctx->transport_security_state()) { | 702 !security_state) |
730 return; | 703 return; |
731 } | |
732 | |
733 TransportSecurityState* security_state = ctx->transport_security_state(); | |
734 TransportSecurityState::DomainState domain_state; | |
735 const std::string& host = request_info_.url.host(); | |
736 | |
737 bool sni_available = | |
738 SSLConfigService::IsSNIAvailable(ctx->ssl_config_service()); | |
739 if (!security_state->GetDomainState(host, sni_available, &domain_state)) | |
740 // |GetDomainState| may have altered |domain_state| while searching. If | |
741 // not found, start with a fresh state. | |
742 domain_state.upgrade_mode = | |
743 TransportSecurityState::DomainState::MODE_DEFAULT; | |
744 | 704 |
745 HttpResponseHeaders* headers = GetResponseHeaders(); | 705 HttpResponseHeaders* headers = GetResponseHeaders(); |
746 void* iter = NULL; | |
747 std::string value; | 706 std::string value; |
748 base::Time now = base::Time::Now(); | 707 if (headers->EnumerateHeader(NULL, "Public-Key-Pins", &value)) |
palmer
2012/12/06 21:20:17
NIT: Duplicate the comment about how we MUST proce
unsafe
2012/12/07 09:58:26
Done.
| |
749 | 708 security_state->AddHPKPHeader(request_info_.url.host(), value, ssl_info); |
750 while (headers->EnumerateHeader(&iter, "Public-Key-Pins", &value)) { | |
751 // Note that ParsePinsHeader updates |domain_state| (iff the header parses | |
752 // correctly), but does not completely overwrite it. It just updates the | |
753 // dynamic pinning metadata. | |
754 if (domain_state.ParsePinsHeader(now, value, ssl_info)) | |
755 security_state->EnableHost(host, domain_state); | |
756 } | |
757 } | 709 } |
758 | 710 |
759 void URLRequestHttpJob::OnStartCompleted(int result) { | 711 void URLRequestHttpJob::OnStartCompleted(int result) { |
760 RecordTimer(); | 712 RecordTimer(); |
761 | 713 |
762 // If the request was destroyed, then there is no more work to do. | 714 // If the request was destroyed, then there is no more work to do. |
763 if (!request_) | 715 if (!request_) |
764 return; | 716 return; |
765 | 717 |
766 // If the transaction was destroyed, then the job was cancelled, and | 718 // If the transaction was destroyed, then the job was cancelled, and |
(...skipping 792 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1559 | 1511 |
1560 void URLRequestHttpJob::NotifyURLRequestDestroyed() { | 1512 void URLRequestHttpJob::NotifyURLRequestDestroyed() { |
1561 awaiting_callback_ = false; | 1513 awaiting_callback_ = false; |
1562 } | 1514 } |
1563 | 1515 |
1564 void URLRequestHttpJob::OnDetachRequest() { | 1516 void URLRequestHttpJob::OnDetachRequest() { |
1565 http_transaction_delegate_->OnDetachRequest(); | 1517 http_transaction_delegate_->OnDetachRequest(); |
1566 } | 1518 } |
1567 | 1519 |
1568 } // namespace net | 1520 } // namespace net |
OLD | NEW |