Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(583)

Unified Diff: net/url_request/url_request_http_job.cc

Issue 11274032: Separate http_security_headers from transport_security_state (Closed) Base URL: https://src.chromium.org/chrome/trunk/src/
Patch Set: Created 8 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« net/http/http_security_headers.cc ('K') | « net/net.gyp ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/url_request/url_request_http_job.cc
===================================================================
--- net/url_request/url_request_http_job.cc (revision 165283)
+++ net/url_request/url_request_http_job.cc (working copy)
@@ -667,93 +667,45 @@
// NOTE: |ProcessStrictTransportSecurityHeader| and
// |ProcessPublicKeyPinsHeader| have very similar structures, by design.
-// They manipulate different parts of |TransportSecurityState::DomainState|,
-// and they must remain complementary. If, in future changes here, there is
-// any conflict between their policies (such as in |domain_state.mode|), you
-// should resolve the conflict in favor of the more strict policy.
void URLRequestHttpJob::ProcessStrictTransportSecurityHeader() {
DCHECK(response_info_);
-
- const URLRequestContext* ctx = request_->context();
+ TransportSecurityState* security_state =
+ request_->context()->transport_security_state();
const SSLInfo& ssl_info = response_info_->ssl_info;
- // Only accept strict transport security headers on HTTPS connections that
- // have no certificate errors.
+ // Only accept HSTS headers on HTTPS connections that have no
+ // certificate errors.
if (!ssl_info.is_valid() || IsCertStatusError(ssl_info.cert_status) ||
- !ctx->transport_security_state()) {
+ !security_state)
return;
- }
- TransportSecurityState* security_state = ctx->transport_security_state();
- TransportSecurityState::DomainState domain_state;
- const std::string& host = request_info_.url.host();
-
- bool sni_available =
- SSLConfigService::IsSNIAvailable(ctx->ssl_config_service());
- if (!security_state->GetDomainState(host, sni_available, &domain_state))
- // |GetDomainState| may have altered |domain_state| while searching. If
- // not found, start with a fresh state.
- domain_state.upgrade_mode =
- TransportSecurityState::DomainState::MODE_FORCE_HTTPS;
-
- HttpResponseHeaders* headers = GetResponseHeaders();
- std::string value;
- void* iter = NULL;
- base::Time now = base::Time::Now();
-
// http://tools.ietf.org/html/draft-ietf-websec-strict-transport-sec:
//
// If a UA receives more than one STS header field in a HTTP response
// message over secure transport, then the UA MUST process only the
// first such header field.
- bool seen_sts = false;
- while (headers->EnumerateHeader(&iter, "Strict-Transport-Security", &value)) {
- if (seen_sts)
- return;
- seen_sts = true;
- TransportSecurityState::DomainState domain_state;
- if (domain_state.ParseSTSHeader(now, value))
- security_state->EnableHost(host, domain_state);
- }
+ HttpResponseHeaders* headers = GetResponseHeaders();
+ std::string value;
+ if (headers->EnumerateHeader(NULL, "Strict-Transport-Security", &value))
+ security_state->AddHSTSHeader(request_info_.url.host(), value);
}
void URLRequestHttpJob::ProcessPublicKeyPinsHeader() {
DCHECK(response_info_);
-
- const URLRequestContext* ctx = request_->context();
+ TransportSecurityState* security_state =
+ request_->context()->transport_security_state();
const SSLInfo& ssl_info = response_info_->ssl_info;
- // Only accept public key pins headers on HTTPS connections that have no
+ // Only accept HPKP headers on HTTPS connections that have no
// certificate errors.
if (!ssl_info.is_valid() || IsCertStatusError(ssl_info.cert_status) ||
- !ctx->transport_security_state()) {
+ !security_state)
return;
- }
- TransportSecurityState* security_state = ctx->transport_security_state();
- TransportSecurityState::DomainState domain_state;
- const std::string& host = request_info_.url.host();
-
- bool sni_available =
- SSLConfigService::IsSNIAvailable(ctx->ssl_config_service());
- if (!security_state->GetDomainState(host, sni_available, &domain_state))
- // |GetDomainState| may have altered |domain_state| while searching. If
- // not found, start with a fresh state.
- domain_state.upgrade_mode =
- TransportSecurityState::DomainState::MODE_DEFAULT;
-
HttpResponseHeaders* headers = GetResponseHeaders();
- void* iter = NULL;
std::string value;
- base::Time now = base::Time::Now();
-
- while (headers->EnumerateHeader(&iter, "Public-Key-Pins", &value)) {
- // Note that ParsePinsHeader updates |domain_state| (iff the header parses
- // correctly), but does not completely overwrite it. It just updates the
- // dynamic pinning metadata.
- if (domain_state.ParsePinsHeader(now, value, ssl_info))
- security_state->EnableHost(host, domain_state);
- }
+ if (headers->EnumerateHeader(NULL, "Public-Key-Pins", &value))
+ security_state->AddHPKPHeader(request_info_.url.host(), value, ssl_info);
Ryan Sleevi 2012/11/13 19:02:32 Pretty sure that HPKP should be using HasHeader &&
palmer 2012/11/13 19:35:04 As mentioned in previous comments, I tend to think
Ryan Sleevi 2012/11/13 19:43:15 RFC 2616 4.2 is what causes the problems "Multipl
unsafe 2012/11/13 23:20:18 I like that sentiment, if it means what I think wh
}
void URLRequestHttpJob::OnStartCompleted(int result) {
« net/http/http_security_headers.cc ('K') | « net/net.gyp ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698