Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(316)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/http/http_response_headers.h

Issue 18533: Merge r5767 - Protect cookie headers from XHR... (Closed) Base URL: svn://chrome-svn/chrome/branches/release_154.next/src/
Patch Set: Created 11 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/http/http_cache.cc ('k') | net/http/http_response_headers.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/http/http_response_headers.h
===================================================================
--- net/http/http_response_headers.h (revision 8522)
+++ net/http/http_response_headers.h (working copy)
@@ -41,11 +41,19 @@
// be passed to the pickle's various Read* methods.
HttpResponseHeaders(const Pickle& pickle, void** pickle_iter);
- // Appends a representation of this object to the given pickle. If the
- // for_cache argument is true, then non-cacheable headers will be pruned from
- // the persisted version of the response headers.
- void Persist(Pickle* pickle, bool for_cache);
+ // Persist options.
+ typedef int PersistOptions;
+ static const PersistOptions PERSIST_RAW = -1; // Raw, unparsed headers.
+ static const PersistOptions PERSIST_ALL = 0; // Parsed headers.
+ static const PersistOptions PERSIST_SANS_COOKIES = 1 << 0;
+ static const PersistOptions PERSIST_SANS_CHALLENGES = 1 << 1;
+ static const PersistOptions PERSIST_SANS_HOP_BY_HOP = 1 << 2;
+ static const PersistOptions PERSIST_SANS_NON_CACHEABLE = 1 << 3;
+ // Appends a representation of this object to the given pickle.
+ // The options argument can be a combination of PersistOptions.
+ void Persist(Pickle* pickle, PersistOptions options);
+
// Performs header merging as described in 13.5.3 of RFC 2616.
void Update(const HttpResponseHeaders& new_headers);
@@ -239,11 +247,21 @@
typedef base::hash_set<std::string> HeaderSet;
- // Returns the values from any 'cache-control: no-cache="foo,bar"' headers as
- // well as other known-to-be-transient header names. The header names are
- // all lowercase to support fast lookup.
- void GetTransientHeaders(HeaderSet* header_names) const;
+ // Adds the values from any 'cache-control: no-cache="foo,bar"' headers.
+ void AddNonCacheableHeaders(HeaderSet* header_names) const;
+ // Adds the set of header names that contain cookie values.
+ static void AddSensitiveHeaders(HeaderSet* header_names);
+
+ // Adds the set of rfc2616 hop-by-hop response headers.
+ static void AddHopByHopHeaders(HeaderSet* header_names);
+
+ // Adds the set of challenge response headers.
+ static void AddChallengeHeaders(HeaderSet* header_names);
+
+ // Adds the set of cookie response headers.
+ static void AddCookieHeaders(HeaderSet* header_names);
+
// The members of this structure point into raw_headers_.
struct ParsedHeader {
std::string::const_iterator name_begin;
« no previous file with comments | « net/http/http_cache.cc ('k') | net/http/http_response_headers.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698