OLD | NEW |
---|---|
(Empty) | |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #ifndef NET_HTTP_HTTP_SECURITY_HEADERS_H_ | |
6 #define NET_HTTP_HTTP_SECURITY_HEADERS_H_ | |
7 | |
8 #include <string> | |
9 | |
10 #include "base/basictypes.h" | |
11 #include "base/gtest_prod_util.h" | |
12 #include "base/time.h" | |
13 #include "base/values.h" | |
14 #include "net/base/net_export.h" | |
15 #include "net/base/ssl_info.h" | |
16 #include "net/base/x509_cert_types.h" | |
17 | |
18 namespace net { | |
19 | |
20 const long kMaxHSTSAgeSecs = 86400 * 365; // 1 year | |
Ryan Sleevi
2012/10/25 01:59:09
For seconds, we tend to use either int or use int6
unsafe
2012/10/25 06:59:54
This was existing code; changed to int64.
| |
21 | |
22 // Parses |value| as a Strict-Transport-Security header value. If successful, | |
23 // returns true and populates the expiry and include_subdomains values. | |
Ryan Sleevi
2012/10/25 01:59:09
nit: and sets |*expiry| and and |*include_subdomai
unsafe
2012/10/25 06:59:54
Done.
| |
24 // Otherwise returns false and leaves the output parameters unchanged. | |
25 // Interprets the max-age directive relative to |now|. | |
26 // | |
27 // value is the right-hand side of: | |
28 // | |
29 // "Strict-Transport-Security" ":" | |
30 // [ directive ] *( ";" [ directive ] ) | |
31 bool ParseHSTSHeader(const base::Time& now, const std::string& value, | |
Ryan Sleevi
2012/10/25 01:59:09
style nit: |now| and |value| belong on separate li
unsafe
2012/10/25 06:59:54
What rule applies here? Couldn't figure it out!
| |
32 base::Time* expiry, // OUT | |
33 bool* include_subdomains); // OUT | |
Ryan Sleevi
2012/10/25 01:59:09
Neither Google C++ Guide nor Chromium style guide
unsafe
2012/10/25 06:59:54
Should I remove them?
| |
34 | |
35 // Parses |value| as a Public-Key-Pins header value. If successful, | |
36 // returns true and populates the expiry and hashes values. | |
37 // Otherwise returns false and leaves the output parameters unchanged. | |
38 // Interprets the max-age directive relative to |now|. | |
39 // Checks that the header's public key pins overlaps with the SSL chain | |
40 // as specified in ssl_info. | |
Ryan Sleevi
2012/10/25 01:59:09
nit: This API behaviour should be separated out.
unsafe
2012/10/25 06:59:54
I think I agree, this was how the function was bef
| |
41 // | |
42 // value is the right-hand side of: | |
43 // | |
44 // "Public-Key-Pins" ":" | |
45 // "max-age" "=" delta-seconds ";" | |
46 // "pin-" algo "=" base64 [ ";" ... ] | |
47 bool ParseHPKPHeader(const base::Time& now, | |
48 const std::string& value, | |
49 const SSLInfo& ssl_info, | |
50 base::Time* expiry, // OUT | |
51 HashValueVector* hashes); // OUT | |
52 | |
53 } // namespace net | |
54 | |
55 | |
56 #endif // NET_HTTP_HTTP_SECURITY_HEADERS_H_ | |
57 | |
OLD | NEW |