Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(150)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/ui/webui/net_internals/net_internals_ui.cc

Issue 12974003: Improve TransportSecurityState data storage. (Closed) Base URL: https://src.chromium.org/chrome/trunk/src/
Patch Set: Created 7 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/browser/resources/net_internals/hsts_view.js ('k') | chrome/common/chrome_switches.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/ui/webui/net_internals/net_internals_ui.h" 5 #include "chrome/browser/ui/webui/net_internals/net_internals_ui.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 #include <list> 8 #include <list>
9 #include <string> 9 #include <string>
10 #include <utility> 10 #include <utility>
(...skipping 1215 matching lines...) Expand 10 before | Expand all | Expand 10 after
1226 GetMainContext()->transport_security_state(); 1226 GetMainContext()->transport_security_state();
1227 if (!transport_security_state) { 1227 if (!transport_security_state) {
1228 result->SetString("error", "no TransportSecurityState active"); 1228 result->SetString("error", "no TransportSecurityState active");
1229 } else { 1229 } else {
1230 net::TransportSecurityState::DomainState state; 1230 net::TransportSecurityState::DomainState state;
1231 const bool found = transport_security_state->GetDomainState( 1231 const bool found = transport_security_state->GetDomainState(
1232 domain, true, &state); 1232 domain, true, &state);
1233 1233
1234 result->SetBoolean("result", found); 1234 result->SetBoolean("result", found);
1235 if (found) { 1235 if (found) {
1236 result->SetInteger("mode", static_cast<int>(state.upgrade_mode)); 1236 result->SetBoolean("HSTS", state.ShouldUpgradeToSSL());
1237 result->SetBoolean("subdomains", state.include_subdomains); 1237 if (state.HasPublicKeyPins()) {
1238 result->SetString("domain", state.domain); 1238 const net::HashValueVector& good_hashes =
1239 result->SetDouble("expiry", state.upgrade_expiry.ToDoubleT()); 1239 state.GetPublicKeyPinsGoodHashes();
1240 result->SetDouble("dynamic_spki_hashes_expiry", 1240 const net::HashValueVector& bad_hashes =
1241 state.dynamic_spki_hashes_expiry.ToDoubleT()); 1241 state.GetPublicKeyPinsBadHashes();
1242 1242 if (!good_hashes.empty())
1243 result->SetString("static_spki_hashes", 1243 result->SetString("Public_Key_Pins_Good",
1244 HashesToBase64String(state.static_spki_hashes)); 1244 HashesToBase64String(
1245 result->SetString("dynamic_spki_hashes", 1245 state.GetPublicKeyPinsGoodHashes()));
1246 HashesToBase64String(state.dynamic_spki_hashes)); 1246 if (!bad_hashes.empty())
1247 result->SetString("Public_Key_Pins_Bad",
1248 HashesToBase64String(
1249 state.GetPublicKeyPinsBadHashes()));
1250 }
1247 } 1251 }
1248 } 1252 }
1249 } 1253 }
1250 1254
1251 SendJavascriptCommand("receivedHSTSResult", result); 1255 SendJavascriptCommand("receivedHSTSResult", result);
1252 } 1256 }
1253 1257
1254 void NetInternalsMessageHandler::IOThreadImpl::OnHSTSAdd( 1258 void NetInternalsMessageHandler::IOThreadImpl::OnHSTSAdd(
1255 const ListValue* list) { 1259 const ListValue* list) {
1256 // |list| should be: [<domain to query>, <include subdomains>, <cert pins>]. 1260 // |list| should be: [<domain to query>, <include subdomains>, <cert pins>].
1257 std::string domain; 1261 std::string domain;
1258 CHECK(list->GetString(0, &domain)); 1262 CHECK(list->GetString(0, &domain));
1259 if (!IsStringASCII(domain)) { 1263 if (!IsStringASCII(domain)) {
1260 // Silently fail. The user will get a helpful error if they query for the 1264 // Silently fail. The user will get a helpful error if they query for the
1261 // name. 1265 // name.
1262 return; 1266 return;
1263 } 1267 }
1264 bool include_subdomains; 1268 bool include_subdomains;
1265 CHECK(list->GetBoolean(1, &include_subdomains)); 1269 CHECK(list->GetBoolean(1, &include_subdomains));
1266 std::string hashes_str; 1270 std::string hashes_str;
1267 CHECK(list->GetString(2, &hashes_str)); 1271 CHECK(list->GetString(2, &hashes_str));
1268 1272
1269 net::TransportSecurityState* transport_security_state = 1273 net::TransportSecurityState* transport_security_state =
1270 GetMainContext()->transport_security_state(); 1274 GetMainContext()->transport_security_state();
1271 if (!transport_security_state) 1275 if (!transport_security_state)
1272 return; 1276 return;
1273 1277
1274 base::Time expiry = base::Time::Now() + base::TimeDelta::FromDays(1000); 1278 base::Time now = base::Time::Now();
1279 base::Time expiry = now + base::TimeDelta::FromDays(1000);
1275 net::HashValueVector hashes; 1280 net::HashValueVector hashes;
1276 if (!hashes_str.empty()) { 1281 if (!hashes_str.empty()) {
1277 if (!Base64StringToHashes(hashes_str, &hashes)) 1282 if (!Base64StringToHashes(hashes_str, &hashes))
1278 return; 1283 return;
1279 } 1284 }
1280 1285
1281 transport_security_state->AddHSTS(domain, expiry, include_subdomains); 1286 transport_security_state->AddHSTS(domain, now, expiry, include_subdomains);
1282 transport_security_state->AddHPKP(domain, expiry, include_subdomains, 1287 transport_security_state->AddHPKP(domain, now, expiry, include_subdomains,
1283 hashes); 1288 hashes);
1284 } 1289 }
1285 1290
1286 void NetInternalsMessageHandler::IOThreadImpl::OnHSTSDelete( 1291 void NetInternalsMessageHandler::IOThreadImpl::OnHSTSDelete(
1287 const ListValue* list) { 1292 const ListValue* list) {
1288 // |list| should be: [<domain to query>]. 1293 // |list| should be: [<domain to query>].
1289 std::string domain; 1294 std::string domain;
1290 CHECK(list->GetString(0, &domain)); 1295 CHECK(list->GetString(0, &domain));
1291 if (!IsStringASCII(domain)) { 1296 if (!IsStringASCII(domain)) {
1292 // There cannot be a unicode entry in the HSTS set. 1297 // There cannot be a unicode entry in the HSTS set.
(...skipping 645 matching lines...) Expand 10 before | Expand all | Expand 10 after
1938 } 1943 }
1939 1944
1940 NetInternalsUI::NetInternalsUI(content::WebUI* web_ui) 1945 NetInternalsUI::NetInternalsUI(content::WebUI* web_ui)
1941 : WebUIController(web_ui) { 1946 : WebUIController(web_ui) {
1942 web_ui->AddMessageHandler(new NetInternalsMessageHandler()); 1947 web_ui->AddMessageHandler(new NetInternalsMessageHandler());
1943 1948
1944 // Set up the chrome://net-internals/ source. 1949 // Set up the chrome://net-internals/ source.
1945 Profile* profile = Profile::FromWebUI(web_ui); 1950 Profile* profile = Profile::FromWebUI(web_ui);
1946 content::WebUIDataSource::Add(profile, CreateNetInternalsHTMLSource()); 1951 content::WebUIDataSource::Add(profile, CreateNetInternalsHTMLSource());
1947 } 1952 }
OLDNEW
« no previous file with comments | « chrome/browser/resources/net_internals/hsts_view.js ('k') | chrome/common/chrome_switches.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698