Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(47)

Issue 294733002: Require HTTPS for crbug.com. (Closed)

Created:
6 years, 7 months ago by engedy
Modified:
6 years, 6 months ago
Reviewers:
palmer, agl, Peter Kasting
CC:
chromium-reviews, cbentzel+watch_chromium.org, Ryan Sleevi, friedman, Vadim Sh., ghost stip (do not use)
Visibility:
Public.

Description

Patch Set 1 #

Patch Set 2 : #

Patch Set 3 : Rebase. #

Total comments: 2
Unified diffs Side-by-side diffs Delta from patch set Stats (+2 lines, -0 lines) Patch
M net/http/transport_security_state_static.h View 1 2 1 chunk +1 line, -0 lines 0 comments Download
M net/http/transport_security_state_static.json View 1 2 1 chunk +1 line, -0 lines 2 comments Download

Messages

Total messages: 22 (0 generated)
engedy
PTAL, this is adding "crbug.com" to the HSTS preload list. @Vadim, @Mike: Would there be ...
6 years, 7 months ago (2014-05-19 19:19:03 UTC) #1
agl
Please move the addition to the bottom of the "// Force HTTPS for sites that ...
6 years, 7 months ago (2014-05-19 19:23:09 UTC) #2
ghost stip (do not use)
This can work as long as the cert isn't pinned. When https://code.google.com/p/chromium/issues/detail?id=162555 is fixed, we'll ...
6 years, 7 months ago (2014-05-19 19:23:23 UTC) #3
engedy
@Mike: Great, glad to hear that! @Adam: Done, I have changed the ordering.
6 years, 7 months ago (2014-05-19 23:37:35 UTC) #4
agl
lgtm
6 years, 7 months ago (2014-05-19 23:38:53 UTC) #5
engedy
@Chris, may I proceed with landing this?
6 years, 7 months ago (2014-05-20 00:00:47 UTC) #6
palmer
LGTM, thanks!
6 years, 7 months ago (2014-05-27 17:30:43 UTC) #7
engedy
The CQ bit was checked by engedy@chromium.org
6 years, 7 months ago (2014-05-27 18:17:03 UTC) #8
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/engedy@chromium.org/294733002/40001
6 years, 7 months ago (2014-05-27 18:18:46 UTC) #9
commit-bot: I haz the power
FYI, CQ is re-trying this CL (attempt #1). The failing builders are: android_aosp on tryserver.chromium ...
6 years, 7 months ago (2014-05-27 18:50:23 UTC) #10
commit-bot: I haz the power
The CQ bit was unchecked by commit-bot@chromium.org
6 years, 7 months ago (2014-05-27 18:57:29 UTC) #11
commit-bot: I haz the power
Try jobs failed on following builders: mac_gpu on tryserver.chromium.gpu (http://build.chromium.org/p/tryserver.chromium.gpu/builders/mac_gpu/builds/9527)
6 years, 7 months ago (2014-05-27 18:57:31 UTC) #12
engedy
The CQ bit was checked by engedy@chromium.org
6 years, 6 months ago (2014-05-28 09:05:29 UTC) #13
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/engedy@chromium.org/294733002/60001
6 years, 6 months ago (2014-05-28 09:05:41 UTC) #14
commit-bot: I haz the power
FYI, CQ is re-trying this CL (attempt #1). The failing builders are: android_dbg_triggered_tests on tryserver.chromium ...
6 years, 6 months ago (2014-05-28 10:55:28 UTC) #15
commit-bot: I haz the power
The CQ bit was unchecked by commit-bot@chromium.org
6 years, 6 months ago (2014-05-28 11:54:17 UTC) #16
commit-bot: I haz the power
Try jobs failed on following builders: android_dbg_triggered_tests on tryserver.chromium (http://build.chromium.org/p/tryserver.chromium/builders/android_dbg_triggered_tests/builds/157540)
6 years, 6 months ago (2014-05-28 11:54:18 UTC) #17
engedy
The CQ bit was checked by engedy@chromium.org
6 years, 6 months ago (2014-05-28 11:55:32 UTC) #18
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/engedy@chromium.org/294733002/60001
6 years, 6 months ago (2014-05-28 11:55:49 UTC) #19
commit-bot: I haz the power
Change committed as 273220
6 years, 6 months ago (2014-05-28 14:28:36 UTC) #20
Peter Kasting
https://codereview.chromium.org/294733002/diff/60001/net/http/transport_security_state_static.json File net/http/transport_security_state_static.json (right): https://codereview.chromium.org/294733002/diff/60001/net/http/transport_security_state_static.json#newcode778 net/http/transport_security_state_static.json:778: { "name": "crbug.com", "include_subdomains": true, "mode": "force-https" }, Shouldn't ...
6 years, 6 months ago (2014-05-28 18:57:23 UTC) #21
engedy
6 years, 6 months ago (2014-05-28 20:57:57 UTC) #22
Message was sent while issue was closed.
https://codereview.chromium.org/294733002/diff/60001/net/http/transport_secur...
File net/http/transport_security_state_static.json (right):

https://codereview.chromium.org/294733002/diff/60001/net/http/transport_secur...
net/http/transport_security_state_static.json:778: { "name": "crbug.com",
"include_subdomains": true, "mode": "force-https" },
The domains in the two Google-related groups all have pinned certs, this one
cannot, therefore Adam preferred to have this down here.

I agree that we should alphabetize this.
 
On 2014/05/28 18:57:23, Peter Kasting wrote:
> Shouldn't this go in the "Other Google-related domains that must use HTTPS"
> section like http://codereview.chromium.org does?
> 
> Also, is there any chance we can alphabetize the entries in these lists, or
> something?  The current ordering (or lack thereof) seems like a problem.

Powered by Google App Engine
This is Rietveld 408576698