Removal of SignedCertificateTimestampStore

content/browser/loader/resource_dispatcher_host_impl.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // See http://dev.chromium.org/developers/design-documents/multi-process-resource-loading
 
 #include "content/browser/loader/resource_dispatcher_host_impl.h"
 
 #include <stddef.h>
 
@@ skipping 1558 matching lines @@
       request_data.origin_pid, request_id, request_data.render_frame_id,
       request_data.is_main_frame, request_data.parent_is_main_frame,
       request_data.resource_type, request_data.transition_type,
       request_data.should_replace_current_entry,
       false,  // is download
       false,  // is stream
       allow_download, request_data.has_user_gesture,
       request_data.enable_load_timing, request_data.enable_upload_progress,
       do_not_prompt_for_login, request_data.referrer_policy,
       request_data.visiblity_state, resource_context, filter_->GetWeakPtr(),
-      report_raw_headers, !is_sync_load,
+      report_raw_headers, report_raw_headers, !is_sync_load,

[Charlie Reis, 2016/05/11 22:30:23]

Why is this passed in twice?

Maybe it would be clearer to have a local send_extra_cert_info initialized to
report_raw_headers, with a comment saying why they use the same value?  (It's
not clear to me right now.)

[estark, 2016/05/12 00:16:55]

Daniel: sorry, I wasn't clear; I was suggesting this extra flag as a possibility
for the future, if it was too confusing to use ShouldReportRawHeaders(). I think
that Charlie's right that using ShouldReportRawHeaders() with a comment would
probably be more clear than introducing the second flag.

Charlie: ShouldReportRawHeaders() is set when the network panel is open (which
is what we use to populate requests in the security panel, which is where
Daniel's going to add the SCT details). I thought it might be confusing to
re-use ShouldReportRawHeaders() for the SCTs, since SCTs aren't really raw
headers, but we can probably just clear this up with a comment explaining why
we're using it.

[dwaxweiler, 2016/05/12 07:28:16]

Ah, okay, I will add a comment. Thanks for the explanation!

       IsUsingLoFi(request_data.lofi_state, delegate_, *new_request,
                   resource_context,
                   request_data.resource_type == RESOURCE_TYPE_MAIN_FRAME),
       support_async_revalidation ? request_data.headers : std::string());
   // Request takes ownership.
   extra_info->AssociateWithRequest(new_request.get());
 
   if (new_request->url().SchemeIs(url::kBlobScheme)) {
     // Hang on to a reference to ensure the blob is not released prior
     // to the job being started.
@@ skipping 278 matching lines @@
       download,  // allow_download
       false,     // has_user_gesture
       false,     // enable_load_timing
       false,     // enable_upload_progress
       false,     // do_not_prompt_for_login
       blink::WebReferrerPolicyDefault,
       blink::WebPageVisibilityStateVisible,
       context,
       base::WeakPtr<ResourceMessageFilter>(),  // filter
       false,                                   // report_raw_headers
+      false,                                   // send_extra_certificate_info
       true,                                    // is_async
       false,                                   // is_using_lofi
       std::string());                          // original_headers
 }
 
 void ResourceDispatcherHostImpl::OnRenderFrameDeleted(
     const GlobalFrameRoutingId& global_routing_id) {
   CancelRequestsForRoute(global_routing_id);
 }
 
@@ skipping 403 matching lines @@
       true,   // enable_load_timing
       false,  // enable_upload_progress
       false,  // do_not_prompt_for_login
       info.common_params.referrer.policy,
       // TODO(davidben): This is only used for prerenders. Replace
       // is_showing with something for that. Or maybe it just comes from the
       // same mechanism as the cookie one.
       blink::WebPageVisibilityStateVisible, resource_context,
       base::WeakPtr<ResourceMessageFilter>(),  // filter
       false,  // request_data.report_raw_headers
+      false,

[Charlie Reis, 2016/05/11 22:30:23]

Please document this one like the others.

       true,   // is_async
       IsUsingLoFi(info.common_params.lofi_state, delegate_, *new_request,
                   resource_context, info.is_main_frame),
       // The original_headers field is for stale-while-revalidate but the
       // feature doesn't work with PlzNavigate, so it's just a placeholder
       // here.
       // TODO(ricea): Make the feature work with stale-while-revalidate
       // and clean this up.
       std::string());  // original_headers
   // Request takes ownership.
@@ skipping 377 matching lines @@
   ssl.cert_id = GetCertStore()->StoreCert(ssl_info.cert.get(), child_id);
   response->head.security_info = SerializeSecurityInfo(ssl);
 }
 
 CertStore* ResourceDispatcherHostImpl::GetCertStore() {
   return cert_store_for_testing_ ? cert_store_for_testing_
                                  : CertStore::GetInstance();
 }
 
 }  // namespace content