Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(261)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/net/transport_security_persister.h

Issue 14125003: Do not roll back to SSL 3.0 for Google properties. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 7 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | chrome/browser/net/transport_security_persister.cc » ('j') | chrome/browser/net/transport_security_persister.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // TransportSecurityState maintains an in memory database containing the 5 // TransportSecurityState maintains an in memory database containing the
6 // list of hosts that currently have transport security enabled. This 6 // list of hosts that currently have transport security enabled. This
7 // singleton object deals with writing that data out to disk as needed and 7 // singleton object deals with writing that data out to disk as needed and
8 // loading it at startup. 8 // loading it at startup.
9 9
10 // At startup we need to load the transport security state from the 10 // At startup we need to load the transport security state from the
(...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after
70 // "dynamic_spki_hashes_expiry": double 70 // "dynamic_spki_hashes_expiry": double
71 // "mode": "default"|"force-https" 71 // "mode": "default"|"force-https"
72 // legacy value synonyms "strict" = "force-https" 72 // legacy value synonyms "strict" = "force-https"
73 // "pinning-only" = "default" 73 // "pinning-only" = "default"
74 // legacy value "spdy-only" is unused and ignored 74 // legacy value "spdy-only" is unused and ignored
75 // "static_spki_hashes": list of strings 75 // "static_spki_hashes": list of strings
76 // legacy key synonym "preloaded_spki_hashes" 76 // legacy key synonym "preloaded_spki_hashes"
77 // "bad_static_spki_hashes": list of strings 77 // "bad_static_spki_hashes": list of strings
78 // legacy key synonym "bad_preloaded_spki_hashes" 78 // legacy key synonym "bad_preloaded_spki_hashes"
79 // "dynamic_spki_hashes": list of strings 79 // "dynamic_spki_hashes": list of strings
80 // "ssl_version": integer
thaidn_google 2013/04/11 01:31:52 should be ssl_version_min. will fix in another pat
80 // 81 //
81 // The JSON dictionary keys are strings containing 82 // The JSON dictionary keys are strings containing
82 // Base64(SHA256(net::TransportSecurityState::CanonicalizeHost(domain))). 83 // Base64(SHA256(net::TransportSecurityState::CanonicalizeHost(domain))).
83 // The reason for hashing them is so that the stored state does not 84 // The reason for hashing them is so that the stored state does not
84 // trivially reveal a user's browsing history to an attacker reading the 85 // trivially reveal a user's browsing history to an attacker reading the
85 // serialized state on disk. 86 // serialized state on disk.
86 virtual bool SerializeData(std::string* data) OVERRIDE; 87 virtual bool SerializeData(std::string* data) OVERRIDE;
87 88
88 // Parses an array of JSON-encoded TransportSecurityState::DomainState 89 // Parses an array of JSON-encoded TransportSecurityState::DomainState
89 // entries. For use in loading entries defined on the command line 90 // entries. For use in loading entries defined on the command line
(...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after
121 122
122 // Whether or not we're in read-only mode. 123 // Whether or not we're in read-only mode.
123 const bool readonly_; 124 const bool readonly_;
124 125
125 base::WeakPtrFactory<TransportSecurityPersister> weak_ptr_factory_; 126 base::WeakPtrFactory<TransportSecurityPersister> weak_ptr_factory_;
126 127
127 DISALLOW_COPY_AND_ASSIGN(TransportSecurityPersister); 128 DISALLOW_COPY_AND_ASSIGN(TransportSecurityPersister);
128 }; 129 };
129 130
130 #endif // CHROME_BROWSER_NET_TRANSPORT_SECURITY_PERSISTER_H_ 131 #endif // CHROME_BROWSER_NET_TRANSPORT_SECURITY_PERSISTER_H_
OLDNEW
« no previous file with comments | « no previous file | chrome/browser/net/transport_security_persister.cc » ('j') | chrome/browser/net/transport_security_persister.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698