OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <limits> | 5 #include <limits> |
6 | 6 |
7 #include "base/base64.h" | 7 #include "base/base64.h" |
8 #include "base/strings/string_piece.h" | 8 #include "base/strings/string_piece.h" |
9 #include "base/strings/string_tokenizer.h" | 9 #include "base/strings/string_tokenizer.h" |
10 #include "base/strings/string_util.h" | 10 #include "base/strings/string_util.h" |
(...skipping 347 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
358 bool ParseHPKPReportOnlyHeader(const std::string& value, | 358 bool ParseHPKPReportOnlyHeader(const std::string& value, |
359 bool* include_subdomains, | 359 bool* include_subdomains, |
360 HashValueVector* hashes, | 360 HashValueVector* hashes, |
361 GURL* report_uri) { | 361 GURL* report_uri) { |
362 // max-age is irrelevant for Report-Only headers. | 362 // max-age is irrelevant for Report-Only headers. |
363 base::TimeDelta unused_max_age; | 363 base::TimeDelta unused_max_age; |
364 return ParseHPKPHeaderImpl(value, DO_NOT_REQUIRE_MAX_AGE, &unused_max_age, | 364 return ParseHPKPHeaderImpl(value, DO_NOT_REQUIRE_MAX_AGE, &unused_max_age, |
365 include_subdomains, hashes, report_uri); | 365 include_subdomains, hashes, report_uri); |
366 } | 366 } |
367 | 367 |
| 368 // "Expect-CT" ":" |
| 369 // "max-age" "=" delta-seconds |
| 370 // [ "," "enforce" ] |
| 371 // [ "," "report-uri" "=" uri-reference ] |
| 372 bool ParseExpectCTHeader(const std::string& value, |
| 373 base::TimeDelta* max_age, |
| 374 bool* enforce, |
| 375 GURL* report_uri) { |
| 376 bool parsed_max_age = false; |
| 377 bool enforce_candidate = false; |
| 378 bool has_report_uri = false; |
| 379 uint32_t max_age_candidate = 0; |
| 380 GURL parsed_report_uri; |
| 381 |
| 382 HttpUtil::NameValuePairsIterator name_value_pairs( |
| 383 value.begin(), value.end(), ',', |
| 384 HttpUtil::NameValuePairsIterator::Values::NOT_REQUIRED, |
| 385 // Use STRICT_QUOTES because "UAs must not attempt to fix malformed header |
| 386 // fields." |
| 387 HttpUtil::NameValuePairsIterator::Quotes::STRICT_QUOTES); |
| 388 |
| 389 while (name_value_pairs.GetNext()) { |
| 390 base::StringPiece name(name_value_pairs.name_begin(), |
| 391 name_value_pairs.name_end()); |
| 392 if (base::LowerCaseEqualsASCII(name, "max-age")) { |
| 393 // "A given directive MUST NOT appear more than once in a given header |
| 394 // field." |
| 395 if (parsed_max_age) |
| 396 return false; |
| 397 if (!MaxAgeToLimitedInt(name_value_pairs.value_begin(), |
| 398 name_value_pairs.value_end(), kMaxExpectCTAgeSecs, |
| 399 &max_age_candidate)) { |
| 400 return false; |
| 401 } |
| 402 parsed_max_age = true; |
| 403 } else if (base::LowerCaseEqualsASCII(name, "enforce")) { |
| 404 // "A given directive MUST NOT appear more than once in a given header |
| 405 // field." |
| 406 if (enforce_candidate) |
| 407 return false; |
| 408 if (!name_value_pairs.value().empty()) |
| 409 return false; |
| 410 enforce_candidate = true; |
| 411 } else if (base::LowerCaseEqualsASCII(name, "report-uri")) { |
| 412 // "A given directive MUST NOT appear more than once in a given header |
| 413 // field." |
| 414 if (has_report_uri) |
| 415 return false; |
| 416 // report-uris are always quoted. |
| 417 if (!name_value_pairs.value_is_quoted()) |
| 418 return false; |
| 419 |
| 420 has_report_uri = true; |
| 421 parsed_report_uri = GURL(base::StringPiece(name_value_pairs.value_begin(), |
| 422 name_value_pairs.value_end())); |
| 423 if (parsed_report_uri.is_empty() || !parsed_report_uri.is_valid()) |
| 424 return false; |
| 425 } else { |
| 426 // Silently ignore unknown directives for forward compatibility. |
| 427 } |
| 428 } |
| 429 |
| 430 if (!name_value_pairs.valid()) |
| 431 return false; |
| 432 |
| 433 if (!parsed_max_age) |
| 434 return false; |
| 435 |
| 436 *max_age = base::TimeDelta::FromSeconds(max_age_candidate); |
| 437 *enforce = enforce_candidate; |
| 438 *report_uri = parsed_report_uri; |
| 439 return true; |
| 440 } |
| 441 |
368 } // namespace net | 442 } // namespace net |
OLD | NEW |