net/http/http_security_headers.h - Issue 11274032: Separate http_security_headers from transport_security_state

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/http/http_security_headers.h

Issue 11274032: Separate http_security_headers from transport_security_state (Closed) Base URL: https://src.chromium.org/chrome/trunk/src/

Patch Set: Created 8 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/http/http_security_headers.h

===================================================================

--- net/http/http_security_headers.h (revision 0)

+++ net/http/http_security_headers.h (revision 0)

@@ -0,0 +1,60 @@

+// Use of this source code is governed by a BSD-style license that can be

+// found in the LICENSE file.

+#ifndef NET_HTTP_HTTP_SECURITY_HEADERS_H_

+#define NET_HTTP_HTTP_SECURITY_HEADERS_H_

+#include <string>

+#include "base/basictypes.h"

+#include "base/gtest_prod_util.h"

+#include "base/time.h"

+#include "base/values.h"

+#include "net/base/hash_value.h"

+#include "net/base/net_export.h"

+namespace net {

+const int64 kMaxHSTSAgeSecs = 86400 * 365; // 1 year

+// Parses |value| as a Strict-Transport-Security header value. If successful,

+// returns true and sets |*expiry| and |*include_subdomains|.

+// Otherwise returns false and leaves the output parameters unchanged.

+// Interprets the max-age directive relative to |now|.

+//

+// value is the right-hand side of:

+//

+// "Strict-Transport-Security" ":"

+// [ directive ] *( ";" [ directive ] )

+bool NET_EXPORT_PRIVATE ParseHSTSHeader(const base::Time& now,

+ const std::string& value,

+ base::Time* expiry,

+ bool* include_subdomains);

+// Parses |value| as a Public-Key-Pins header value. If successful,

+// returns true and populates the expiry and hashes values.

+// Otherwise returns false and leaves the output parameters unchanged.

+// Interprets the max-age directive relative to |now|.

+//

+// value is the right-hand side of:

+//

+// "Public-Key-Pins" ":"

+// "max-age" "=" delta-seconds ";"

+// "pin-" algo "=" base64 [ ";" ... ]

+//

+// For this function to return true, the key hashes specified by the HPKP

+// header must pass two additional checks. There MUST be at least one

+// key hash which matches the SSL certificate chain of the current site

+// (as specified by the chain_hashes) parameter. In addition, there MUST

+// be at least one key hash which does NOT match the site's SSL certificate

+// chain (this is the "backup pin").

+bool NET_EXPORT_PRIVATE ParseHPKPHeader(const base::Time& now,

+ const std::string& value,

+ const HashValueVector& chain_hashes,

+ base::Time* expiry,

+ HashValueVector* hashes);

+} // namespace net

+#endif // NET_HTTP_HTTP_SECURITY_HEADERS_H_

« net/base/hash_value.cc ('K') | « net/base/x509_cert_types.cc ('k') | net/http/http_security_headers.cc » ('j') | net/http/http_security_headers.cc » ('J')