Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(437)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/http/transport_security_state.h

Issue 2102783003: Add enterprise policy to exempt hosts from Certificate Transparency (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@enterprise_ct
Patch Set: Comment tweak to remove () Created 4 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « components/policy/resources/policy_templates.json ('k') | net/http/transport_security_state.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_HTTP_TRANSPORT_SECURITY_STATE_H_ 5 #ifndef NET_HTTP_TRANSPORT_SECURITY_STATE_H_
6 #define NET_HTTP_TRANSPORT_SECURITY_STATE_H_ 6 #define NET_HTTP_TRANSPORT_SECURITY_STATE_H_
7 7
8 #include <stdint.h> 8 #include <stdint.h>
9 9
10 #include <map> 10 #include <map>
(...skipping 423 matching lines...) Expand 10 before | Expand all | Expand 10 after
434 // 1. The header value is "preload", indicating that the site wants to 434 // 1. The header value is "preload", indicating that the site wants to
435 // be opted in to Expect CT. 435 // be opted in to Expect CT.
436 // 2. The given host is present on the Expect CT preload list with a 436 // 2. The given host is present on the Expect CT preload list with a
437 // valid report-uri, and the build is timely (i.e. preload list is fresh). 437 // valid report-uri, and the build is timely (i.e. preload list is fresh).
438 // 3. |ssl_info| indicates that the connection violated the Expect CT policy. 438 // 3. |ssl_info| indicates that the connection violated the Expect CT policy.
439 // 4. An Expect CT reporter has been provided with SetExpectCTReporter(). 439 // 4. An Expect CT reporter has been provided with SetExpectCTReporter().
440 void ProcessExpectCTHeader(const std::string& value, 440 void ProcessExpectCTHeader(const std::string& value,
441 const HostPortPair& host_port_pair, 441 const HostPortPair& host_port_pair,
442 const SSLInfo& ssl_info); 442 const SSLInfo& ssl_info);
443 443
444 // For unit tests only; causes ShouldRequireCT() to return |*required|
445 // by default (that is, unless a RequireCTDelegate overrides). Set to
446 // nullptr to reset.
447 static void SetShouldRequireCTForTesting(bool* required);
448
444 private: 449 private:
445 friend class TransportSecurityStateTest; 450 friend class TransportSecurityStateTest;
446 FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, UpdateDynamicPKPOnly); 451 FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, UpdateDynamicPKPOnly);
447 FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, UpdateDynamicPKPMaxAge0); 452 FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, UpdateDynamicPKPMaxAge0);
448 FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, NoClobberPins); 453 FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, NoClobberPins);
449 FRIEND_TEST_ALL_PREFIXES(URLRequestTestHTTP, ExpectCTHeader); 454 FRIEND_TEST_ALL_PREFIXES(URLRequestTestHTTP, ExpectCTHeader);
450 455
451 typedef std::map<std::string, STSState> STSStateMap; 456 typedef std::map<std::string, STSState> STSStateMap;
452 typedef std::map<std::string, PKPState> PKPStateMap; 457 typedef std::map<std::string, PKPState> PKPStateMap;
453 458
(...skipping 106 matching lines...) Expand 10 before | Expand all | Expand 10 after
560 // rate-limiting. 565 // rate-limiting.
561 ExpiringCache<std::string, bool, base::TimeTicks, std::less<base::TimeTicks>> 566 ExpiringCache<std::string, bool, base::TimeTicks, std::less<base::TimeTicks>>
562 sent_reports_cache_; 567 sent_reports_cache_;
563 568
564 DISALLOW_COPY_AND_ASSIGN(TransportSecurityState); 569 DISALLOW_COPY_AND_ASSIGN(TransportSecurityState);
565 }; 570 };
566 571
567 } // namespace net 572 } // namespace net
568 573
569 #endif // NET_HTTP_TRANSPORT_SECURITY_STATE_H_ 574 #endif // NET_HTTP_TRANSPORT_SECURITY_STATE_H_
OLDNEW
« no previous file with comments | « components/policy/resources/policy_templates.json ('k') | net/http/transport_security_state.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698