Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1464)

Unified Diff: chrome/browser/ui/webui/net_internals/net_internals_ui.cc

Issue 11274032: Separate http_security_headers from transport_security_state (Closed) Base URL: https://src.chromium.org/chrome/trunk/src/
Patch Set: Created 8 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: chrome/browser/ui/webui/net_internals/net_internals_ui.cc
===================================================================
--- chrome/browser/ui/webui/net_internals/net_internals_ui.cc (revision 165283)
+++ chrome/browser/ui/webui/net_internals/net_internals_ui.cc (working copy)
@@ -1100,19 +1100,33 @@
connection_tester_->RunAllTests(url);
}
-void SPKIHashesToString(const net::HashValueVector& hashes,
- std::string* string) {
- for (net::HashValueVector::const_iterator
- i = hashes.begin(); i != hashes.end(); ++i) {
- base::StringPiece hash_str(reinterpret_cast<const char*>(i->data()),
- i->size());
- std::string encoded;
- base::Base64Encode(hash_str, &encoded);
+std::string HashesToBase64String(const net::HashValueVector& hashes) {
+ std::string str;
+ for (size_t i = 0; i != hashes.size(); ++i) {
+ if (i != 0)
+ str += ",";
+ str += hashes[i].ToString();
+ }
+ return str;
+}
- if (i != hashes.begin())
- *string += ",";
- *string += net::TransportSecurityState::HashValueLabel(*i) + encoded;
+bool Base64StringToHashes(const std::string& hashes_str,
+ net::HashValueVector* hashes) {
+ hashes->clear();
+ if (hashes_str.empty())
+ return true;
+ std::vector<std::string> vector_hash_str;
+ base::SplitString(hashes_str, ',', &vector_hash_str);
+
+ for (size_t i = 0; i != vector_hash_str.size(); ++i) {
+ std::string hash_str;
+ RemoveChars(vector_hash_str[i], " \t\r\n", &hash_str);
+ net::HashValue hash;
+ if (!hash.FromString(hash_str))
+ return false;
+ hashes->push_back(hash);
}
+ return true;
}
void NetInternalsMessageHandler::IOThreadImpl::OnHSTSQuery(
@@ -1143,13 +1157,12 @@
result->SetDouble("dynamic_spki_hashes_expiry",
state.dynamic_spki_hashes_expiry.ToDoubleT());
- std::string hashes;
- SPKIHashesToString(state.static_spki_hashes, &hashes);
- result->SetString("static_spki_hashes", hashes);
+ std::string hashes_str;
+ hashes_str = HashesToBase64String(state.static_spki_hashes);
+ result->SetString("static_spki_hashes", hashes_str);
- hashes.clear();
- SPKIHashesToString(state.dynamic_spki_hashes, &hashes);
- result->SetString("dynamic_spki_hashes", hashes);
+ hashes_str = HashesToBase64String(state.dynamic_spki_hashes);
+ result->SetString("dynamic_spki_hashes", hashes_str);
}
}
}
@@ -1180,21 +1193,7 @@
net::TransportSecurityState::DomainState state;
state.upgrade_expiry = state.created + base::TimeDelta::FromDays(1000);
state.include_subdomains = include_subdomains;
- if (!hashes_str.empty()) {
- std::vector<std::string> type_and_b64s;
- base::SplitString(hashes_str, ',', &type_and_b64s);
- for (std::vector<std::string>::const_iterator
- i = type_and_b64s.begin(); i != type_and_b64s.end(); ++i) {
- std::string type_and_b64;
- RemoveChars(*i, " \t\r\n", &type_and_b64);
- net::HashValue hash;
- if (!net::TransportSecurityState::ParsePin(type_and_b64, &hash))
- continue;
-
- state.dynamic_spki_hashes.push_back(hash);
- }
- }
-
+ Base64StringToHashes(hashes_str, &state.dynamic_spki_hashes);
Ryan Sleevi 2012/11/13 19:02:32 In the original code, if a hash failed to parse, i
unsafe 2012/11/13 23:20:18 Hmm, how about if it handles the false return by N
Ryan Sleevi 2012/11/13 23:32:05 I think the old behaviour was better, for reasons
transport_security_state->EnableHost(domain, state);
}

Powered by Google App Engine
This is Rietveld 408576698