Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(105)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/http/http_security_headers.h

Issue 2753703002: Add Expect-CT header parsing (Closed)
Patch Set: add txt extensions to seed corpus Created 3 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/data/fuzzer_dictionaries/net_http_security_headers_fuzzer.dict ('k') | net/http/http_security_headers.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_HTTP_HTTP_SECURITY_HEADERS_H_ 5 #ifndef NET_HTTP_HTTP_SECURITY_HEADERS_H_
6 #define NET_HTTP_HTTP_SECURITY_HEADERS_H_ 6 #define NET_HTTP_HTTP_SECURITY_HEADERS_H_
7 7
8 #include <stdint.h> 8 #include <stdint.h>
9 9
10 #include <string> 10 #include <string>
11 11
12 #include "base/time/time.h" 12 #include "base/time/time.h"
13 #include "base/values.h" 13 #include "base/values.h"
14 #include "net/base/hash_value.h" 14 #include "net/base/hash_value.h"
15 #include "net/base/net_export.h" 15 #include "net/base/net_export.h"
16 16
17 class GURL; 17 class GURL;
18 18
19 namespace net { 19 namespace net {
20 20
21 const uint32_t kMaxHSTSAgeSecs = 86400 * 365; // 1 year 21 const uint32_t kMaxHSTSAgeSecs = 86400 * 365; // 1 year
22 22
23 // RFC7469 suggests that 60 days is a reasonable maximum max-age value 23 // RFC7469 suggests that 60 days is a reasonable maximum max-age value
24 // http://tools.ietf.org/html/rfc7469#section-4.1 24 // http://tools.ietf.org/html/rfc7469#section-4.1
25 const uint32_t kMaxHPKPAgeSecs = 86400 * 60; // 60 days 25 const uint32_t kMaxHPKPAgeSecs = 86400 * 60; // 60 days
26 26
27 // https://tools.ietf.org/html/draft-ietf-httpbis-expect-ct-00 suggests a
28 // conservative maximum max-age, at least while Expect-CT is new.
29 const uint32_t kMaxExpectCTAgeSecs = 86400 * 30; // 30 days
30
27 // Parses |value| as a Strict-Transport-Security header value. If successful, 31 // Parses |value| as a Strict-Transport-Security header value. If successful,
28 // returns true and sets |*max_age| and |*include_subdomains|. 32 // returns true and sets |*max_age| and |*include_subdomains|.
29 // Otherwise returns false and leaves the output parameters unchanged. 33 // Otherwise returns false and leaves the output parameters unchanged.
30 // 34 //
31 // value is the right-hand side of: 35 // value is the right-hand side of:
32 // 36 //
33 // "Strict-Transport-Security" ":" 37 // "Strict-Transport-Security" ":"
34 // [ directive ] *( ";" [ directive ] ) 38 // [ directive ] *( ";" [ directive ] )
35 bool NET_EXPORT_PRIVATE ParseHSTSHeader(const std::string& value, 39 bool NET_EXPORT_PRIVATE ParseHSTSHeader(const std::string& value,
36 base::TimeDelta* max_age, 40 base::TimeDelta* max_age,
(...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after
72 // "Public-Key-Pins-Report-Only" ":" 76 // "Public-Key-Pins-Report-Only" ":"
73 // [ "max-age" "=" delta-seconds ";" ] 77 // [ "max-age" "=" delta-seconds ";" ]
74 // "pin-" algo "=" base64 [ ";" ... ] 78 // "pin-" algo "=" base64 [ ";" ... ]
75 // [ ";" "includeSubdomains" ] 79 // [ ";" "includeSubdomains" ]
76 // [ ";" "report-uri" "=" uri-reference ] 80 // [ ";" "report-uri" "=" uri-reference ]
77 // 81 //
78 bool NET_EXPORT_PRIVATE ParseHPKPReportOnlyHeader(const std::string& value, 82 bool NET_EXPORT_PRIVATE ParseHPKPReportOnlyHeader(const std::string& value,
79 bool* include_subdomains, 83 bool* include_subdomains,
80 HashValueVector* hashes, 84 HashValueVector* hashes,
81 GURL* report_uri); 85 GURL* report_uri);
86
87 // Parses |value| as an Expect-CT header value. If successful, returns true and
88 // populates the |*max_age|, |*enforce|, and |*report_uri| values. Otherwise
89 // returns false and leaves the output parameters unchanged.
90 //
91 // |value| is the right-hand side of:
92 // "Expect-CT" ":"
93 // "max-age" "=" delta-seconds
94 // [ "," "enforce" ]
95 // [ "," "report-uri" "=" uri-reference ]
96 //
97 bool NET_EXPORT_PRIVATE ParseExpectCTHeader(const std::string& value,
98 base::TimeDelta* max_age,
99 bool* enforce,
100 GURL* report_uri);
101
82 } // namespace net 102 } // namespace net
83 103
84 #endif // NET_HTTP_HTTP_SECURITY_HEADERS_H_ 104 #endif // NET_HTTP_HTTP_SECURITY_HEADERS_H_
OLDNEW
« no previous file with comments | « net/data/fuzzer_dictionaries/net_http_security_headers_fuzzer.dict ('k') | net/http/http_security_headers.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698