Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(297)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/http/http_security_headers.h

Issue 1733973004: Limit Public-Key-Pins max-age to 60 days (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Update tests Created 4 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | net/http/http_security_headers.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_HTTP_HTTP_SECURITY_HEADERS_H_ 5 #ifndef NET_HTTP_HTTP_SECURITY_HEADERS_H_
6 #define NET_HTTP_HTTP_SECURITY_HEADERS_H_ 6 #define NET_HTTP_HTTP_SECURITY_HEADERS_H_
7 7
8 #include <stdint.h> 8 #include <stdint.h>
9 9
10 #include <string> 10 #include <string>
11 11
12 #include "base/time/time.h" 12 #include "base/time/time.h"
13 #include "base/values.h" 13 #include "base/values.h"
14 #include "net/base/hash_value.h" 14 #include "net/base/hash_value.h"
15 #include "net/base/net_export.h" 15 #include "net/base/net_export.h"
16 16
17 class GURL; 17 class GURL;
18 18
19 namespace net { 19 namespace net {
20 20
21 const int64_t kMaxHSTSAgeSecs = 86400 * 365; // 1 year 21 const int64_t kMaxHSTSAgeSecs = 86400 * 365; // 1 year
22 22
23 // RFC7469 suggests that 60 days is a reasonable maximum max-age value
24 // http://tools.ietf.org/html/rfc7469#section-4.1
25 const int64_t kMaxHPKPAgeSecs = 86400 * 60; // 60 days
26
23 // Parses |value| as a Strict-Transport-Security header value. If successful, 27 // Parses |value| as a Strict-Transport-Security header value. If successful,
24 // returns true and sets |*max_age| and |*include_subdomains|. 28 // returns true and sets |*max_age| and |*include_subdomains|.
25 // Otherwise returns false and leaves the output parameters unchanged. 29 // Otherwise returns false and leaves the output parameters unchanged.
26 // 30 //
27 // value is the right-hand side of: 31 // value is the right-hand side of:
28 // 32 //
29 // "Strict-Transport-Security" ":" 33 // "Strict-Transport-Security" ":"
30 // [ directive ] *( ";" [ directive ] ) 34 // [ directive ] *( ";" [ directive ] )
31 bool NET_EXPORT_PRIVATE ParseHSTSHeader(const std::string& value, 35 bool NET_EXPORT_PRIVATE ParseHSTSHeader(const std::string& value,
32 base::TimeDelta* max_age, 36 base::TimeDelta* max_age,
(...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after
71 // [ ";" "includeSubdomains" ] 75 // [ ";" "includeSubdomains" ]
72 // [ ";" "report-uri" "=" uri-reference ] 76 // [ ";" "report-uri" "=" uri-reference ]
73 // 77 //
74 bool NET_EXPORT_PRIVATE ParseHPKPReportOnlyHeader(const std::string& value, 78 bool NET_EXPORT_PRIVATE ParseHPKPReportOnlyHeader(const std::string& value,
75 bool* include_subdomains, 79 bool* include_subdomains,
76 HashValueVector* hashes, 80 HashValueVector* hashes,
77 GURL* report_uri); 81 GURL* report_uri);
78 } // namespace net 82 } // namespace net
79 83
80 #endif // NET_HTTP_HTTP_SECURITY_HEADERS_H_ 84 #endif // NET_HTTP_HTTP_SECURITY_HEADERS_H_
OLDNEW
« no previous file with comments | « no previous file | net/http/http_security_headers.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698