OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_HTTP_HTTP_SECURITY_HEADERS_H_ | 5 #ifndef NET_HTTP_HTTP_SECURITY_HEADERS_H_ |
6 #define NET_HTTP_HTTP_SECURITY_HEADERS_H_ | 6 #define NET_HTTP_HTTP_SECURITY_HEADERS_H_ |
7 | 7 |
8 #include <stdint.h> | 8 #include <stdint.h> |
9 | 9 |
10 #include <string> | 10 #include <string> |
11 | 11 |
12 #include "base/time/time.h" | 12 #include "base/time/time.h" |
13 #include "base/values.h" | 13 #include "base/values.h" |
14 #include "net/base/hash_value.h" | 14 #include "net/base/hash_value.h" |
15 #include "net/base/net_export.h" | 15 #include "net/base/net_export.h" |
16 | 16 |
17 class GURL; | 17 class GURL; |
18 | 18 |
19 namespace net { | 19 namespace net { |
20 | 20 |
21 const uint32_t kMaxHSTSAgeSecs = 86400 * 365; // 1 year | 21 const uint32_t kMaxHSTSAgeSecs = 86400 * 365; // 1 year |
22 | 22 |
23 // RFC7469 suggests that 60 days is a reasonable maximum max-age value | 23 // RFC7469 suggests that 60 days is a reasonable maximum max-age value |
24 // http://tools.ietf.org/html/rfc7469#section-4.1 | 24 // http://tools.ietf.org/html/rfc7469#section-4.1 |
25 const uint32_t kMaxHPKPAgeSecs = 86400 * 60; // 60 days | 25 const uint32_t kMaxHPKPAgeSecs = 86400 * 60; // 60 days |
26 | 26 |
| 27 // https://tools.ietf.org/html/draft-ietf-httpbis-expect-ct-00 suggests a |
| 28 // conservative maximum max-age, at least while Expect-CT is new. |
| 29 const uint32_t kMaxExpectCTAgeSecs = 86400 * 30; // 30 days |
| 30 |
27 // Parses |value| as a Strict-Transport-Security header value. If successful, | 31 // Parses |value| as a Strict-Transport-Security header value. If successful, |
28 // returns true and sets |*max_age| and |*include_subdomains|. | 32 // returns true and sets |*max_age| and |*include_subdomains|. |
29 // Otherwise returns false and leaves the output parameters unchanged. | 33 // Otherwise returns false and leaves the output parameters unchanged. |
30 // | 34 // |
31 // value is the right-hand side of: | 35 // value is the right-hand side of: |
32 // | 36 // |
33 // "Strict-Transport-Security" ":" | 37 // "Strict-Transport-Security" ":" |
34 // [ directive ] *( ";" [ directive ] ) | 38 // [ directive ] *( ";" [ directive ] ) |
35 bool NET_EXPORT_PRIVATE ParseHSTSHeader(const std::string& value, | 39 bool NET_EXPORT_PRIVATE ParseHSTSHeader(const std::string& value, |
36 base::TimeDelta* max_age, | 40 base::TimeDelta* max_age, |
(...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
72 // "Public-Key-Pins-Report-Only" ":" | 76 // "Public-Key-Pins-Report-Only" ":" |
73 // [ "max-age" "=" delta-seconds ";" ] | 77 // [ "max-age" "=" delta-seconds ";" ] |
74 // "pin-" algo "=" base64 [ ";" ... ] | 78 // "pin-" algo "=" base64 [ ";" ... ] |
75 // [ ";" "includeSubdomains" ] | 79 // [ ";" "includeSubdomains" ] |
76 // [ ";" "report-uri" "=" uri-reference ] | 80 // [ ";" "report-uri" "=" uri-reference ] |
77 // | 81 // |
78 bool NET_EXPORT_PRIVATE ParseHPKPReportOnlyHeader(const std::string& value, | 82 bool NET_EXPORT_PRIVATE ParseHPKPReportOnlyHeader(const std::string& value, |
79 bool* include_subdomains, | 83 bool* include_subdomains, |
80 HashValueVector* hashes, | 84 HashValueVector* hashes, |
81 GURL* report_uri); | 85 GURL* report_uri); |
| 86 |
| 87 // Parses |value| as an Expect-CT header value. If successful, returns true and |
| 88 // populates the |*max_age|, |*enforce|, and |*report_uri| values. Otherwise |
| 89 // returns false and leaves the output parameters unchanged. |
| 90 // |
| 91 // |value| is the right-hand side of: |
| 92 // "Expect-CT" ":" |
| 93 // "max-age" "=" delta-seconds |
| 94 // [ "," "enforce" ] |
| 95 // [ "," "report-uri" "=" uri-reference ] |
| 96 // |
| 97 bool NET_EXPORT_PRIVATE ParseExpectCTHeader(const std::string& value, |
| 98 base::TimeDelta* max_age, |
| 99 bool* enforce, |
| 100 GURL* report_uri); |
| 101 |
82 } // namespace net | 102 } // namespace net |
83 | 103 |
84 #endif // NET_HTTP_HTTP_SECURITY_HEADERS_H_ | 104 #endif // NET_HTTP_HTTP_SECURITY_HEADERS_H_ |
OLD | NEW |