Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(253)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/url_request/url_request_http_job.cc

Issue 2053693002: WIP: Move 'Upgrade-Insecure-Requests' to the browser process. Base URL: https://chromium.googlesource.com/chromium/src.git@replicate
Patch Set: Rebase. :( Created 3 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/url_request/url_request_http_job.h ('k') | net/url_request/url_request_job.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/url_request/url_request_http_job.h" 5 #include "net/url_request/url_request_http_job.h"
6 6
7 #include <vector> 7 #include <vector>
8 8
9 #include "base/base_switches.h" 9 #include "base/base_switches.h"
10 #include "base/bind.h" 10 #include "base/bind.h"
(...skipping 1113 matching lines...) Expand 10 before | Expand all | Expand 10 after
1124 return nullptr; 1124 return nullptr;
1125 } 1125 }
1126 if (downstream == nullptr) 1126 if (downstream == nullptr)
1127 return nullptr; 1127 return nullptr;
1128 upstream = std::move(downstream); 1128 upstream = std::move(downstream);
1129 } 1129 }
1130 1130
1131 return upstream; 1131 return upstream;
1132 } 1132 }
1133 1133
1134 RedirectInfo URLRequestHttpJob::ComputeRedirectInfo(const GURL& location,
1135 int http_status_code) {
1136 // If |request|'s insecure request policy matches its URL, then upgrade it
1137 // from a non-secure protocol to a secure protocol (e.g. "http" => "https").
1138 // See https://www.w3.org/TR/upgrade-insecure-requests/ for details.
1139 //
1140 // TODO(mkwst): HSTS is currently modeled as a redirect, which makes sense,
1141 // given the web-exposed behavior developers currently rely upon. At some
1142 // point, however, https://wicg.github.io/hsts-priming/ will change that
1143 // expectation. Once those changes are in place, it might make sense to
1144 // merge the HSTS logic from 'MaybeInternallyRedirect' into this function.
1145 if (request_->insecure_request_policy() ==
1146 net::URLRequest::DO_NOT_UPGRADE_INSECURE_REQUESTS ||
1147 location.SchemeIsCryptographic() ||
1148 (request_->initiator() &&
1149 request_->insecure_request_policy() ==
1150 net::URLRequest::UPGRADE_SAME_HOST_INSECURE_REQUESTS &&
1151 request_->initiator()->host() != location.host())) {
1152 return URLRequestJob::ComputeRedirectInfo(location, http_status_code);
1153 }
1154
1155 request_->net_log().AddEvent(
1156 NetLogEventType::URL_REQUEST_REWRITTEN,
1157 NetLog::StringCallback("reason", "Upgrade-Insecure-Requests"));
1158
1159 DCHECK(location.SchemeIs(url::kHttpScheme) ||
1160 location.SchemeIs(url::kWsScheme));
1161 GURL::Replacements replacements;
1162 replacements.SetSchemeStr(location.SchemeIs(url::kHttpScheme)
1163 ? url::kHttpsScheme
1164 : url::kWssScheme);
1165 return URLRequestJob::ComputeRedirectInfo(
1166 location.ReplaceComponents(replacements), http_status_code);
1167 }
1168
1134 bool URLRequestHttpJob::CopyFragmentOnRedirect(const GURL& location) const { 1169 bool URLRequestHttpJob::CopyFragmentOnRedirect(const GURL& location) const {
1135 // Allow modification of reference fragments by default, unless 1170 // Allow modification of reference fragments by default, unless
1136 // |allowed_unsafe_redirect_url_| is set and equal to the redirect URL. 1171 // |allowed_unsafe_redirect_url_| is set and equal to the redirect URL.
1137 // When this is the case, we assume that the network delegate has set the 1172 // When this is the case, we assume that the network delegate has set the
1138 // desired redirect URL (with or without fragment), so it must not be changed 1173 // desired redirect URL (with or without fragment), so it must not be changed
1139 // any more. 1174 // any more.
1140 return !allowed_unsafe_redirect_url_.is_valid() || 1175 return !allowed_unsafe_redirect_url_.is_valid() ||
1141 allowed_unsafe_redirect_url_ != location; 1176 allowed_unsafe_redirect_url_ != location;
1142 } 1177 }
1143 1178
(...skipping 407 matching lines...) Expand 10 before | Expand all | Expand 10 after
1551 awaiting_callback_ = false; 1586 awaiting_callback_ = false;
1552 1587
1553 // Notify NetworkQualityEstimator. 1588 // Notify NetworkQualityEstimator.
1554 NetworkQualityEstimator* network_quality_estimator = 1589 NetworkQualityEstimator* network_quality_estimator =
1555 request()->context()->network_quality_estimator(); 1590 request()->context()->network_quality_estimator();
1556 if (network_quality_estimator) 1591 if (network_quality_estimator)
1557 network_quality_estimator->NotifyURLRequestDestroyed(*request()); 1592 network_quality_estimator->NotifyURLRequestDestroyed(*request());
1558 } 1593 }
1559 1594
1560 } // namespace net 1595 } // namespace net
OLDNEW
« no previous file with comments | « net/url_request/url_request_http_job.h ('k') | net/url_request/url_request_job.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698