chrome/browser/profiles/profile_io_data.cc - Issue 2102783003: Add enterprise policy to exempt hosts from Certificate Transparency

Unified Diff: chrome/browser/profiles/profile_io_data.cc

Issue 2102783003: Add enterprise policy to exempt hosts from Certificate Transparency (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@enterprise_ct

Patch Set: Fully shutdown prefs Created 4 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« no previous file with comments | « chrome/browser/profiles/profile_io_data.h ('k') | chrome/test/data/policy/policy_test_cases.json » ('j') | components/certificate_transparency/ct_policy_manager_unittest.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: chrome/browser/profiles/profile_io_data.cc

diff --git a/chrome/browser/profiles/profile_io_data.cc b/chrome/browser/profiles/profile_io_data.cc

index 395dfa2b218018b07752d4ff7059ac38d2f6be1a..1ac33c4f4d5fec393a781e23d957bf0346542e59 100644

--- a/chrome/browser/profiles/profile_io_data.cc

+++ b/chrome/browser/profiles/profile_io_data.cc

@@ -58,6 +58,7 @@

#include "chrome/common/pref_names.h"

#include "chrome/common/url_constants.h"

#include "components/about_handler/about_protocol_handler.h"

+#include "components/certificate_transparency/ct_policy_manager.h"

#include "components/certificate_transparency/tree_state_tracker.h"

#include "components/content_settings/core/browser/content_settings_provider.h"

#include "components/content_settings/core/browser/cookie_settings.h"

@@ -529,6 +530,11 @@ void ProfileIOData::InitializeOnUIThread(Profile* profile) {

pref_service, background_task_runner, io_task_runner, callback,

base::Bind(policy::OverrideBlacklistForURL)));

+ // The CTPolicyManager shares the same constraints of needing to be cleaned

+ // up on the UI thread.

+ ct_policy_manager_.reset(new certificate_transparency::CTPolicyManager(

+ pref_service, io_task_runner));

if (!IsOffTheRecord()) {

// Add policy headers for non-incognito requests.

policy::PolicyHeaderService* policy_header_service =

@@ -675,6 +681,9 @@ ProfileIOData::~ProfileIOData() {

transport_security_state_->SetExpectCTReporter(nullptr);

expect_ct_reporter_.reset();

+ if (transport_security_state_)

+ transport_security_state_->SetRequireCTDelegate(nullptr);

// TODO(ajwong): These AssertNoURLRequests() calls are unnecessary since they

// are already done in the URLRequestContext destructor.

if (main_request_context_)

@@ -1091,6 +1100,9 @@ void ProfileIOData::Init(

new ChromeExpectCTReporter(main_request_context_.get()));

transport_security_state_->SetExpectCTReporter(expect_ct_reporter_.get());

+ transport_security_state_->SetRequireCTDelegate(

+ ct_policy_manager_->GetDelegate());

// Take ownership over these parameters.

cookie_settings_ = profile_params_->cookie_settings;

host_content_settings_map_ = profile_params_->host_content_settings_map;

@@ -1285,6 +1297,8 @@ void ProfileIOData::ShutdownOnUIThread(

session_startup_pref_.Destroy();

if (url_blacklist_manager_)

url_blacklist_manager_->ShutdownOnUIThread();

+ if (ct_policy_manager_)

+ ct_policy_manager_->Shutdown();

if (chrome_http_user_agent_settings_)

chrome_http_user_agent_settings_->CleanupOnUIThread();

incognito_availibility_pref_.Destroy();