Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(266)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/http/transport_security_state.h

Issue 1157033008: Normalize hostnames before searching for HSTS/HPKP preloads (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@2357
Patch Set: Created 5 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | net/http/transport_security_state.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_HTTP_TRANSPORT_SECURITY_STATE_H_ 5 #ifndef NET_HTTP_TRANSPORT_SECURITY_STATE_H_
6 #define NET_HTTP_TRANSPORT_SECURITY_STATE_H_ 6 #define NET_HTTP_TRANSPORT_SECURITY_STATE_H_
7 7
8 #include <map> 8 #include <map>
9 #include <string> 9 #include <string>
10 #include <utility> 10 #include <utility>
(...skipping 175 matching lines...) Expand 10 before | Expand all | Expand 10 after
186 186
187 // Clears all dynamic data (e.g. HSTS and HPKP data). 187 // Clears all dynamic data (e.g. HSTS and HPKP data).
188 // 188 //
189 // Does NOT persist changes using the Delegate, as this function is only 189 // Does NOT persist changes using the Delegate, as this function is only
190 // used to clear any dynamic data prior to re-loading it from a file. 190 // used to clear any dynamic data prior to re-loading it from a file.
191 // Note: This is only used for serializing/deserializing the 191 // Note: This is only used for serializing/deserializing the
192 // TransportSecurityState. 192 // TransportSecurityState.
193 void ClearDynamicData(); 193 void ClearDynamicData();
194 194
195 // Inserts |state| into |enabled_hosts_| under the key |hashed_host|. 195 // Inserts |state| into |enabled_hosts_| under the key |hashed_host|.
196 // |hashed_host| is already in the internal representation 196 // |hashed_host| is already in the internal representation.
197 // HashHost(CanonicalizeHost(host)).
198 // Note: This is only used for serializing/deserializing the 197 // Note: This is only used for serializing/deserializing the
199 // TransportSecurityState. 198 // TransportSecurityState.
200 void AddOrUpdateEnabledHosts(const std::string& hashed_host, 199 void AddOrUpdateEnabledHosts(const std::string& hashed_host,
201 const DomainState& state); 200 const DomainState& state);
202 201
203 // Deletes all dynamic data (e.g. HSTS or HPKP data) created since a given 202 // Deletes all dynamic data (e.g. HSTS or HPKP data) created since a given
204 // time. 203 // time.
205 // 204 //
206 // If any entries are deleted, the new state will be persisted through 205 // If any entries are deleted, the new state will be persisted through
207 // the Delegate (if any). 206 // the Delegate (if any).
(...skipping 104 matching lines...) Expand 10 before | Expand all | Expand 10 after
312 const base::Time& expiry, 311 const base::Time& expiry,
313 bool include_subdomains, 312 bool include_subdomains,
314 const HashValueVector& hashes); 313 const HashValueVector& hashes);
315 314
316 // Enable TransportSecurity for |host|. |state| supercedes any previous 315 // Enable TransportSecurity for |host|. |state| supercedes any previous
317 // state for the |host|, including static entries. 316 // state for the |host|, including static entries.
318 // 317 //
319 // The new state for |host| is persisted using the Delegate (if any). 318 // The new state for |host| is persisted using the Delegate (if any).
320 void EnableHost(const std::string& host, const DomainState& state); 319 void EnableHost(const std::string& host, const DomainState& state);
321 320
322 // Converts |hostname| from dotted form ("www.google.com") to the form
323 // used in DNS: "\x03www\x06google\x03com", lowercases that, and returns
324 // the result.
325 static std::string CanonicalizeHost(const std::string& hostname);
326
327 // The set of hosts that have enabled TransportSecurity. |sts.domain| and 321 // The set of hosts that have enabled TransportSecurity. |sts.domain| and
328 // |pkp.domain| will always be empty for a DomainState in this map; the domain 322 // |pkp.domain| will always be empty for a DomainState in this map; the domain
329 // comes from the map key instead. 323 // comes from the map key instead.
330 DomainStateMap enabled_hosts_; 324 DomainStateMap enabled_hosts_;
331 325
332 Delegate* delegate_; 326 Delegate* delegate_;
333 327
334 // True if static pins should be used. 328 // True if static pins should be used.
335 bool enable_static_pins_; 329 bool enable_static_pins_;
336 330
337 DISALLOW_COPY_AND_ASSIGN(TransportSecurityState); 331 DISALLOW_COPY_AND_ASSIGN(TransportSecurityState);
338 }; 332 };
339 333
340 } // namespace net 334 } // namespace net
341 335
342 #endif // NET_HTTP_TRANSPORT_SECURITY_STATE_H_ 336 #endif // NET_HTTP_TRANSPORT_SECURITY_STATE_H_
OLDNEW
« no previous file with comments | « no previous file | net/http/transport_security_state.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698