OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_HTTP_TRANSPORT_SECURITY_STATE_H_ | 5 #ifndef NET_HTTP_TRANSPORT_SECURITY_STATE_H_ |
6 #define NET_HTTP_TRANSPORT_SECURITY_STATE_H_ | 6 #define NET_HTTP_TRANSPORT_SECURITY_STATE_H_ |
7 | 7 |
8 #include <stdint.h> | 8 #include <stdint.h> |
9 | 9 |
10 #include <map> | 10 #include <map> |
(...skipping 423 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
434 // 1. The header value is "preload", indicating that the site wants to | 434 // 1. The header value is "preload", indicating that the site wants to |
435 // be opted in to Expect CT. | 435 // be opted in to Expect CT. |
436 // 2. The given host is present on the Expect CT preload list with a | 436 // 2. The given host is present on the Expect CT preload list with a |
437 // valid report-uri, and the build is timely (i.e. preload list is fresh). | 437 // valid report-uri, and the build is timely (i.e. preload list is fresh). |
438 // 3. |ssl_info| indicates that the connection violated the Expect CT policy. | 438 // 3. |ssl_info| indicates that the connection violated the Expect CT policy. |
439 // 4. An Expect CT reporter has been provided with SetExpectCTReporter(). | 439 // 4. An Expect CT reporter has been provided with SetExpectCTReporter(). |
440 void ProcessExpectCTHeader(const std::string& value, | 440 void ProcessExpectCTHeader(const std::string& value, |
441 const HostPortPair& host_port_pair, | 441 const HostPortPair& host_port_pair, |
442 const SSLInfo& ssl_info); | 442 const SSLInfo& ssl_info); |
443 | 443 |
| 444 // For unit tests only; causes ShouldRequireCT() to return |*required| |
| 445 // by default (that is, unless a RequireCTDelegate overrides). Set to |
| 446 // nullptr to reset. |
| 447 static void SetShouldRequireCTForTesting(bool* required); |
| 448 |
444 private: | 449 private: |
445 friend class TransportSecurityStateTest; | 450 friend class TransportSecurityStateTest; |
446 FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, UpdateDynamicPKPOnly); | 451 FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, UpdateDynamicPKPOnly); |
447 FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, UpdateDynamicPKPMaxAge0); | 452 FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, UpdateDynamicPKPMaxAge0); |
448 FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, NoClobberPins); | 453 FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, NoClobberPins); |
449 FRIEND_TEST_ALL_PREFIXES(URLRequestTestHTTP, ExpectCTHeader); | 454 FRIEND_TEST_ALL_PREFIXES(URLRequestTestHTTP, ExpectCTHeader); |
450 | 455 |
451 typedef std::map<std::string, STSState> STSStateMap; | 456 typedef std::map<std::string, STSState> STSStateMap; |
452 typedef std::map<std::string, PKPState> PKPStateMap; | 457 typedef std::map<std::string, PKPState> PKPStateMap; |
453 | 458 |
(...skipping 106 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
560 // rate-limiting. | 565 // rate-limiting. |
561 ExpiringCache<std::string, bool, base::TimeTicks, std::less<base::TimeTicks>> | 566 ExpiringCache<std::string, bool, base::TimeTicks, std::less<base::TimeTicks>> |
562 sent_reports_cache_; | 567 sent_reports_cache_; |
563 | 568 |
564 DISALLOW_COPY_AND_ASSIGN(TransportSecurityState); | 569 DISALLOW_COPY_AND_ASSIGN(TransportSecurityState); |
565 }; | 570 }; |
566 | 571 |
567 } // namespace net | 572 } // namespace net |
568 | 573 |
569 #endif // NET_HTTP_TRANSPORT_SECURITY_STATE_H_ | 574 #endif // NET_HTTP_TRANSPORT_SECURITY_STATE_H_ |
OLD | NEW |