Index: components/security_state/core/security_state.cc |
diff --git a/components/security_state/core/security_state.cc b/components/security_state/core/security_state.cc |
index 577d93b4af174c4371b688476614c504b657fa19..111c465e25e321ae704aa010998c24e76256dc05 100644 |
--- a/components/security_state/core/security_state.cc |
+++ b/components/security_state/core/security_state.cc |
@@ -222,6 +222,12 @@ void SecurityInfoForRequest( |
visible_security_state.displayed_password_field_on_http; |
security_info->displayed_credit_card_field_on_http = |
visible_security_state.displayed_credit_card_field_on_http; |
+ if (visible_security_state.certificate) { |
elawrence
2017/03/21 16:49:04
Could we change this to:
if (visible_security_sta
Ryan Sleevi
2017/03/21 16:50:39
I intentionally omitted this, because like SHA-1,
|
+ std::vector<std::string> dns_names; |
+ std::vector<std::string> ip_addrs; |
+ visible_security_state.certificate.GetSubjectAltName(&dns_names, &ip_addrs); |
elawrence
2017/03/21 16:22:54
Would it make sense to just have a HasSubjectAltNa
Ryan Sleevi
2017/03/21 16:41:41
No. Generally, I explicitly try to avoid adding th
elawrence
2017/03/21 16:49:04
Ok. I was slightly worried about the perf of doing
Ryan Sleevi
2017/03/21 16:50:39
I don't think we can/should, but I think that make
|
+ security_info->san_is_missing = dns_names.empty() && ip_addrs.empty(); |
+ } |
security_info->security_level = GetSecurityLevelForRequest( |
visible_security_state, used_policy_installed_certificate, |
@@ -249,7 +255,8 @@ SecurityInfo::SecurityInfo() |
obsolete_ssl_status(net::OBSOLETE_SSL_NONE), |
pkp_bypassed(false), |
displayed_password_field_on_http(false), |
- displayed_credit_card_field_on_http(false) {} |
+ displayed_credit_card_field_on_http(false), |
+ san_is_missing(false) {} |
SecurityInfo::~SecurityInfo() {} |