Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(808)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/url_request/url_request.cc

Issue 2053593002: WIP: URLRequest-based UIR implementation. Base URL: https://chromium.googlesource.com/chromium/src.git@replicate
Patch Set: Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/url_request/url_request.h ('k') | net/url_request/url_request_http_job.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/url_request/url_request.cc
diff --git a/net/url_request/url_request.cc b/net/url_request/url_request.cc
index a8f62510247d0067d7bbd0d61c6fbeee1b1a4c81..240312433de4ff6a15da2d4b17fa39428169d570 100644
--- a/net/url_request/url_request.cc
+++ b/net/url_request/url_request.cc
@@ -455,6 +455,12 @@ void URLRequest::set_first_party_url_policy(
first_party_url_policy_ = first_party_url_policy;
}
+void URLRequest::set_insecure_request_policy(
+ InsecureRequestPolicy insecure_request_policy) {
+ DCHECK(!is_pending_);
+ insecure_request_policy_ = insecure_request_policy;
+}
+
void URLRequest::set_initiator(const url::Origin& initiator) {
DCHECK(!is_pending_);
initiator_ = initiator;
@@ -1021,17 +1027,29 @@ void URLRequest::SetPriority(RequestPriority priority) {
}
}
-bool URLRequest::GetHSTSRedirect(GURL* redirect_url) const {
+bool URLRequest::GetSecureRedirect(GURL* redirect_url, std::string* redirect_type) const {
const GURL& url = this->url();
bool scheme_is_http = url.SchemeIs("http");
if (!scheme_is_http && !url.SchemeIs("ws"))
return false;
- TransportSecurityState* state = context()->transport_security_state();
- if (state && state->ShouldUpgradeToSSL(url.host())) {
+
+ // Upgrade-Insecure-Requests applies if the policy upgrades all insecure requests, or
+ // if the policy upgrades requests whose hosts match the initiator's origin's host.
+ bool upgrade_applies = insecure_request_policy_ == UPGRADE_ALL_INSECURE_REQUESTS || (insecure_request_policy_ == UPGRADE_SAME_HOST_INSECURE_REQUESTS && url.host() == initiator_.host());
+ bool hsts_applies = false;
+
+ // Skip the HSTS check if we already know that we're upgrading the request.
+ if (!upgrade_applies) {
+ TransportSecurityState* state = context()->transport_security_state();
+ hsts_applies = state && state->ShouldUpgradeToSSL(url.host());
+ }
+
+ if (hsts_applies || upgrade_applies) {
GURL::Replacements replacements;
const char* new_scheme = scheme_is_http ? "https" : "wss";
replacements.SetSchemeStr(new_scheme);
*redirect_url = url.ReplaceComponents(replacements);
+ *redirect_type = upgrade_applies ? "Upgrade" : "HSTS";
return true;
}
return false;
« no previous file with comments | « net/url_request/url_request.h ('k') | net/url_request/url_request_http_job.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698