Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(759)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/transport_security_state_static.json

Issue 11938026: Preload HSTS and pins for two more Google domains. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 7 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/base/transport_security_state_static.h ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // This file contains the HSTS preloaded list in a machine readable format. 5 // This file contains the HSTS preloaded list in a machine readable format.
6 6
7 // The top-level element is a dictionary with two keys: "pinsets" maps details 7 // The top-level element is a dictionary with two keys: "pinsets" maps details
8 // of certificate pinning to a name and "entries" contains the HSTS details for 8 // of certificate pinning to a name and "entries" contains the HSTS details for
9 // each host. 9 // each host.
10 // 10 //
(...skipping 158 matching lines...) Expand 10 before | Expand all | Expand 10 after
169 { "name": "mail.google.com", "include_subdomains": true, "mode": "force-http s", "pins": "google" }, 169 { "name": "mail.google.com", "include_subdomains": true, "mode": "force-http s", "pins": "google" },
170 { "name": "talkgadget.google.com", "include_subdomains": true, "mode": "forc e-https", "pins": "google" }, 170 { "name": "talkgadget.google.com", "include_subdomains": true, "mode": "forc e-https", "pins": "google" },
171 { "name": "talk.google.com", "include_subdomains": true, "mode": "force-http s", "pins": "google" }, 171 { "name": "talk.google.com", "include_subdomains": true, "mode": "force-http s", "pins": "google" },
172 { "name": "hostedtalkgadget.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" }, 172 { "name": "hostedtalkgadget.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
173 { "name": "plus.google.com", "include_subdomains": true, "mode": "force-http s", "pins": "google" }, 173 { "name": "plus.google.com", "include_subdomains": true, "mode": "force-http s", "pins": "google" },
174 { "name": "script.google.com", "include_subdomains": true, "mode": "force-ht tps", "pins": "google" }, 174 { "name": "script.google.com", "include_subdomains": true, "mode": "force-ht tps", "pins": "google" },
175 { "name": "history.google.com", "include_subdomains": true, "mode": "force-h ttps", "pins": "google" }, 175 { "name": "history.google.com", "include_subdomains": true, "mode": "force-h ttps", "pins": "google" },
176 176
177 // Other Google-related domains that must use HTTPS. 177 // Other Google-related domains that must use HTTPS.
178 { "name": "market.android.com", "include_subdomains": true, "mode": "force-h ttps", "pins": "google" }, 178 { "name": "market.android.com", "include_subdomains": true, "mode": "force-h ttps", "pins": "google" },
179 { "name": "developer.android.com", "include_subdomains": true, "mode": "forc e-https", "pins": "google" },
agl 2013/01/18 19:08:38 This breaks for me in HTTPS.
179 { "name": "ssl.google-analytics.com", "include_subdomains": true, "mode": "f orce-https", "pins": "google" }, 180 { "name": "ssl.google-analytics.com", "include_subdomains": true, "mode": "f orce-https", "pins": "google" },
180 { "name": "drive.google.com", "include_subdomains": true, "mode": "force-htt ps", "pins": "google" }, 181 { "name": "drive.google.com", "include_subdomains": true, "mode": "force-htt ps", "pins": "google" },
181 { "name": "googleplex.com", "include_subdomains": true, "mode": "force-https ", "pins": "google" }, 182 { "name": "googleplex.com", "include_subdomains": true, "mode": "force-https ", "pins": "google" },
182 { "name": "groups.google.com", "include_subdomains": true, "mode": "force-ht tps", "pins": "google" }, 183 { "name": "groups.google.com", "include_subdomains": true, "mode": "force-ht tps", "pins": "google" },
183 { "name": "apis.google.com", "include_subdomains": true, "mode": "force-http s", "pins": "google" }, 184 { "name": "apis.google.com", "include_subdomains": true, "mode": "force-http s", "pins": "google" },
184 { "name": "chromiumcodereview.appspot.com", "include_subdomains": true, "mod e": "force-https", "pins": "google" }, 185 { "name": "chromiumcodereview.appspot.com", "include_subdomains": true, "mod e": "force-https", "pins": "google" },
185 { "name": "codereview.appspot.com", "include_subdomains": true, "mode": "for ce-https", "pins": "google" }, 186 { "name": "codereview.appspot.com", "include_subdomains": true, "mode": "for ce-https", "pins": "google" },
186 { "name": "codereview.chromium.org", "include_subdomains": true, "mode": "fo rce-https", "pins": "google" }, 187 { "name": "codereview.chromium.org", "include_subdomains": true, "mode": "fo rce-https", "pins": "google" },
187 { "name": "code.google.com", "include_subdomains": true, "mode": "force-http s", "pins": "google" }, 188 { "name": "code.google.com", "include_subdomains": true, "mode": "force-http s", "pins": "google" },
188 { "name": "googlecode.com", "include_subdomains": true, "pins": "google" }, 189 { "name": "googlecode.com", "include_subdomains": true, "pins": "google" },
190 { "name": "dl.google.com", "include_subdomains": true, "mode": "force-https" , "pins": "google" },
agl 2013/01/18 19:08:38 Have you checked with jchacon@?
189 191
190 // chart.apis.google.com is *not* HSTS because the certificate doesn't match 192 // chart.apis.google.com is *not* HSTS because the certificate doesn't match
191 // and there are lots of links out there that still use the name. The correc t 193 // and there are lots of links out there that still use the name. The correc t
192 // hostname for this is chart.googleapis.com. 194 // hostname for this is chart.googleapis.com.
193 { "name": "chart.apis.google.com", "include_subdomains": true, "pins": "goog le" }, 195 { "name": "chart.apis.google.com", "include_subdomains": true, "pins": "goog le" },
194 196
195 // Other Google-related domains that must use an acceptable certificate 197 // Other Google-related domains that must use an acceptable certificate
196 // iff using SSL. 198 // iff using SSL.
197 { "name": "ytimg.com", "include_subdomains": true, "pins": "google" }, 199 { "name": "ytimg.com", "include_subdomains": true, "pins": "google" },
198 { "name": "googleusercontent.com", "include_subdomains": true, "pins": "goog le" }, 200 { "name": "googleusercontent.com", "include_subdomains": true, "pins": "goog le" },
(...skipping 369 matching lines...) Expand 10 before | Expand all | Expand 10 after
568 570
569 // Entries that are only valid if the client supports SNI. 571 // Entries that are only valid if the client supports SNI.
570 { "name": "gmail.com", "mode": "force-https", "pins": "google", "snionly": t rue }, 572 { "name": "gmail.com", "mode": "force-https", "pins": "google", "snionly": t rue },
571 { "name": "googlemail.com", "mode": "force-https", "pins": "google", "snionl y": true }, 573 { "name": "googlemail.com", "mode": "force-https", "pins": "google", "snionl y": true },
572 { "name": "www.gmail.com", "mode": "force-https", "pins": "google", "snionly ": true }, 574 { "name": "www.gmail.com", "mode": "force-https", "pins": "google", "snionly ": true },
573 { "name": "www.googlemail.com", "mode": "force-https", "pins": "google", "sn ionly": true }, 575 { "name": "www.googlemail.com", "mode": "force-https", "pins": "google", "sn ionly": true },
574 { "name": "google-analytics.com", "include_subdomains": true, "pins": "googl e", "snionly": true }, 576 { "name": "google-analytics.com", "include_subdomains": true, "pins": "googl e", "snionly": true },
575 { "name": "googlegroups.com", "include_subdomains": true, "pins": "google", "snionly": true } 577 { "name": "googlegroups.com", "include_subdomains": true, "pins": "google", "snionly": true }
576 ] 578 ]
577 } 579 }
OLDNEW
« no previous file with comments | « net/base/transport_security_state_static.h ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698