| Index: net/http/transport_security_state.cc
|
| diff --git a/net/http/transport_security_state.cc b/net/http/transport_security_state.cc
|
| index e0ccedffe6316caad50ba0486c07b9d62dd70fb7..34039cecb05775f0e2ee3c57c6925ffdc80b5736 100644
|
| --- a/net/http/transport_security_state.cc
|
| +++ b/net/http/transport_security_state.cc
|
| @@ -616,7 +616,6 @@
|
| : enable_static_pins_(true),
|
| enable_static_expect_ct_(true),
|
| enable_static_expect_staple_(false),
|
| - enable_pkp_bypass_for_local_trust_anchors_(true),
|
| sent_reports_cache_(kMaxHPKPReportCacheEntries) {
|
| // Static pinning is only enabled for official builds to make sure that
|
| // others don't end up with pins that cannot be easily updated.
|
| @@ -773,11 +772,6 @@
|
| pkp_state.report_uri = report_uri;
|
|
|
| EnablePKPHost(host, pkp_state);
|
| -}
|
| -
|
| -void TransportSecurityState::
|
| - SetEnablePublicKeyPinningBypassForLocalTrustAnchors(bool value) {
|
| - enable_pkp_bypass_for_local_trust_anchors_ = value;
|
| }
|
|
|
| void TransportSecurityState::EnableSTSHost(const std::string& host,
|
| @@ -844,7 +838,7 @@
|
| return PKPStatus::OK;
|
|
|
| // Don't report violations for certificates that chain to local roots.
|
| - if (!is_issued_by_known_root && enable_pkp_bypass_for_local_trust_anchors_)
|
| + if (!is_issued_by_known_root)
|
| return PKPStatus::BYPASSED;
|
|
|
| if (!report_sender_ ||
|
|
|