Index: components/ssl_errors/error_classification.h |
diff --git a/components/ssl_errors/error_classification.h b/components/ssl_errors/error_classification.h |
index b8c472df6697f0607b8cd6b37185ed63fd3c3d9a..efe07c39ab72e85cb62fc28d5cc6e8e58971b6f4 100644 |
--- a/components/ssl_errors/error_classification.h |
+++ b/components/ssl_errors/error_classification.h |
@@ -110,14 +110,20 @@ bool IsCertLikelyFromMultiTenantHosting(const GURL& request_url, |
bool IsCertLikelyFromSameDomain(const GURL& request_url, |
const net::X509Certificate& cert); |
-// Returns true if the site's hostname differs from one of the DNS |
-// names in the certificate (CN or SANs) only by the presence or |
-// absence of the single-label prefix "www". E.g.: (The first domain |
-// is hostname and the second domain is a DNS name in the certificate) |
+// Returns true if the site's hostname differs from one of the DNS names in the |
+// certificate (SANs) only by the presence or absence of the single-label prefix |
+// "www". E.g.: (The first domain is the url's hostname and the second domain is |
+// a DNS name in the certificate): |
// www.example.com ~ example.com -> true |
// example.com ~ www.example.com -> true |
// www.food.example.com ~ example.com -> false |
// mail.example.com ~ example.com -> false |
+bool IsWWWSubDomainMatch(const GURL& request_url, |
estark
2017/04/03 02:01:42
Does this need to live in the public interface? Lo
elawrence
2017/04/04 15:52:28
Done.
|
+ const net::X509Certificate& cert); |
+ |
+// Returns true if the site's hostname differs from one of the DNS names in |
+// |dns_names| only by the presence or absence of the single-label prefix "www". |
+// The matching name from the certificate is returned in |www_match_host_name|. |
bool GetWWWSubDomainMatch(const GURL& request_url, |
const std::vector<std::string>& dns_names, |
std::string* www_match_host_name); |