Issue 1235263002: UPGRADE: Rename the 'https' header.

Issue 1235263002: UPGRADE: Rename the 'https' header. (Closed)

Created:
5 years, 5 months ago by Mike West

Modified:
5 years, 5 months ago

Reviewers:
Nate Chapin

CC:
blink-reviews, gavinp+loader_chromium.org, Nate Chapin, tyoshino+watch_chromium.org, Yoav Weiss

Base URL:
https://chromium.googlesource.com/chromium/blink.git@master

Target Ref:
refs/heads/master

Project:
blink

Visibility:
Public.

More Reviews

Description

UPGRADE: Rename the 'https' header. The 'https' header broke a number of websites that depended on it not being set. This patch renames the header to match the CSP directive for which it advertises support[1]. [1]: https://w3c.github.io/webappsec/specs/upgrade/#preference BUG=501842 Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=198924

Patch Set 1 #

Patch Set 2 : Layouttest. #

Total comments: 1

Created: 5 years, 5 months ago

Download [raw] [tar.bz2]

	Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+9 lines, -9 lines)			Patch
M	LayoutTests/http/tests/security/upgrade-insecure-requests/https-header-auxiliary.html	View	1	1 chunk	+1 line, -1 line	0 comments	Download
M	LayoutTests/http/tests/security/upgrade-insecure-requests/https-header-nested.html	View	1	1 chunk	+1 line, -1 line	0 comments	Download
M	LayoutTests/http/tests/security/upgrade-insecure-requests/https-header-subresource.html	View	1	1 chunk	+1 line, -1 line	0 comments	Download
M	LayoutTests/http/tests/security/upgrade-insecure-requests/resources/check-https-header.pl	View	1	1 chunk	+2 lines, -2 lines	0 comments	Download
M	LayoutTests/http/tests/security/upgrade-insecure-requests/resources/echo-https-header.pl	View	1	1 chunk	+1 line, -1 line	0 comments	Download
M	LayoutTests/http/tests/security/upgrade-insecure-requests/resources/post-https-header.pl	View	1	1 chunk	+1 line, -1 line	0 comments	Download
M	Source/core/loader/FrameFetchContext.cpp	View		1 chunk	+1 line, -1 line	1 comment	Download
M	Source/core/loader/FrameFetchContextTest.cpp	View		1 chunk	+1 line, -1 line	0 comments	Download

Messages

Total messages: 9 (3 generated)

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages

Mike West

Hey Nate! Based on some breakage in the wild (see the associated bug), the WebAppSec ...

5 years, 5 months ago (2015-07-14 21:38:27 UTC) #2

commit-bot: I haz the power

CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1235263002/20001

5 years, 5 months ago (2015-07-15 04:44:44 UTC) #6

Avi (use Gerrit)

drive-by https://codereview.chromium.org/1235263002/diff/20001/Source/core/loader/FrameFetchContext.cpp File Source/core/loader/FrameFetchContext.cpp (right): https://codereview.chromium.org/1235263002/diff/20001/Source/core/loader/FrameFetchContext.cpp#newcode584 Source/core/loader/FrameFetchContext.cpp:584: // Tack an 'HTTPS' header to outgoing navigational ...

5 years, 5 months ago (2015-07-15 04:47:32 UTC) #7

commit-bot: I haz the power

Committed patchset #2 (id:20001) as https://src.chromium.org/viewvc/blink?view=rev&revision=198924

5 years, 5 months ago (2015-07-15 04:48:48 UTC) #8

Mike West

5 years, 5 months ago (2015-07-15 04:54:08 UTC) #9

Message was sent while issue was closed.

On 2015/07/15 at 04:47:32, avi wrote:
> drive-by
> 
>
https://codereview.chromium.org/1235263002/diff/20001/Source/core/loader/Fram...
> File Source/core/loader/FrameFetchContext.cpp (right):
> 
>
https://codereview.chromium.org/1235263002/diff/20001/Source/core/loader/Fram...
> Source/core/loader/FrameFetchContext.cpp:584: // Tack an 'HTTPS' header to
outgoing navigational requests, as described in
> This comment is now obsolete.

Ah, nuts. You're right. I'll send you a CL in a second.

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages