Index: net/url_request/url_request_http_job.cc |
diff --git a/net/url_request/url_request_http_job.cc b/net/url_request/url_request_http_job.cc |
index 019a0a76caec400b52e2a422923f29a0b3105a69..318aa4f44a787dd8791fb7ca4aec525d9fff4844 100644 |
--- a/net/url_request/url_request_http_job.cc |
+++ b/net/url_request/url_request_http_job.cc |
@@ -883,15 +883,20 @@ void URLRequestHttpJob::ProcessPublicKeyPinsHeader() { |
if (request_info_.url.HostIsIPAddress()) |
return; |
- // http://tools.ietf.org/html/draft-ietf-websec-key-pinning: |
+ // http://tools.ietf.org/html/rfc7469: |
// |
// If a UA receives more than one PKP header field in an HTTP |
// response message over secure transport, then the UA MUST process |
// only the first such header field. |
HttpResponseHeaders* headers = GetResponseHeaders(); |
std::string value; |
- if (headers->EnumerateHeader(NULL, "Public-Key-Pins", &value)) |
+ if (headers->EnumerateHeader(nullptr, "Public-Key-Pins", &value)) |
security_state->AddHPKPHeader(request_info_.url.host(), value, ssl_info); |
+ if (headers->EnumerateHeader(nullptr, "Public-Key-Pins-Report-Only", |
+ &value)) { |
+ security_state->ProcessHPKPReportOnlyHeader( |
+ value, HostPortPair::FromURL(request_info_.url), ssl_info); |
+ } |
} |
void URLRequestHttpJob::OnStartCompleted(int result) { |