| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/profiles/profile_io_data.h" | 5 #include "chrome/browser/profiles/profile_io_data.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 | 8 |
| 9 #include <string> | 9 #include <string> |
| 10 #include <utility> | 10 #include <utility> |
| (...skipping 1045 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1056 std::move(network_delegate)); | 1056 std::move(network_delegate)); |
| 1057 | 1057 |
| 1058 std::unique_ptr<net::TransportSecurityState> transport_security_state( | 1058 std::unique_ptr<net::TransportSecurityState> transport_security_state( |
| 1059 base::MakeUnique<net::TransportSecurityState>()); | 1059 base::MakeUnique<net::TransportSecurityState>()); |
| 1060 transport_security_persister_.reset(new net::TransportSecurityPersister( | 1060 transport_security_persister_.reset(new net::TransportSecurityPersister( |
| 1061 transport_security_state.get(), profile_params_->path, | 1061 transport_security_state.get(), profile_params_->path, |
| 1062 base::CreateSequencedTaskRunnerWithTraits( | 1062 base::CreateSequencedTaskRunnerWithTraits( |
| 1063 {base::MayBlock(), base::TaskPriority::BACKGROUND, | 1063 {base::MayBlock(), base::TaskPriority::BACKGROUND, |
| 1064 base::TaskShutdownBehavior::BLOCK_SHUTDOWN}), | 1064 base::TaskShutdownBehavior::BLOCK_SHUTDOWN}), |
| 1065 IsOffTheRecord())); | 1065 IsOffTheRecord())); |
| 1066 | |
| 1067 net::NetworkTrafficAnnotationTag traffic_annotation = | |
| 1068 net::DefineNetworkTrafficAnnotation("domain_security_policy", R"( | |
| 1069 semantics { | |
| 1070 sender: "Domain Security Policy" | |
| 1071 description: | |
| 1072 "Websites can opt in to have Chrome send reports to them when " | |
| 1073 "Chrome observes connections to that website that do not meet " | |
| 1074 "stricter security policies, such as with HTTP Public Key Pinning. " | |
| 1075 "Websites can use this feature to discover misconfigurations that " | |
| 1076 "prevent them from complying with stricter security policies that " | |
| 1077 "they've opted in to." | |
| 1078 trigger: | |
| 1079 "Chrome observes that a user is loading a resource from a website " | |
| 1080 "that has opted in for security policy reports, and the connection " | |
| 1081 "does not meet the required security policies." | |
| 1082 data: | |
| 1083 "The time of the request, the hostname and port being requested, " | |
| 1084 "the certificate chain, and sometimes certificate revocation " | |
| 1085 "information included on the connection." | |
| 1086 destination: OTHER | |
| 1087 } | |
| 1088 policy { | |
| 1089 cookies_allowed: false | |
| 1090 setting: "This feature cannot be disabled by settings." | |
| 1091 policy_exception_justification: | |
| 1092 "Not implemented, this is a feature that websites can opt into and " | |
| 1093 "thus there is no Chrome-wide policy to disable it." | |
| 1094 })"); | |
| 1095 certificate_report_sender_.reset( | |
| 1096 new net::ReportSender(main_request_context_.get(), traffic_annotation)); | |
| 1097 transport_security_state->SetReportSender(certificate_report_sender_.get()); | |
| 1098 | |
| 1099 expect_ct_reporter_.reset( | |
| 1100 new ChromeExpectCTReporter(main_request_context_.get())); | |
| 1101 transport_security_state->SetExpectCTReporter(expect_ct_reporter_.get()); | |
| 1102 | |
| 1103 transport_security_state->SetRequireCTDelegate( | |
| 1104 ct_policy_manager_->GetDelegate()); | |
| 1105 main_request_context_storage_->set_transport_security_state( | 1066 main_request_context_storage_->set_transport_security_state( |
| 1106 std::move(transport_security_state)); | 1067 std::move(transport_security_state)); |
| 1107 | 1068 |
| 1108 // Take ownership over these parameters. | 1069 // Take ownership over these parameters. |
| 1109 cookie_settings_ = profile_params_->cookie_settings; | 1070 cookie_settings_ = profile_params_->cookie_settings; |
| 1110 host_content_settings_map_ = profile_params_->host_content_settings_map; | 1071 host_content_settings_map_ = profile_params_->host_content_settings_map; |
| 1111 #if BUILDFLAG(ENABLE_EXTENSIONS) | 1072 #if BUILDFLAG(ENABLE_EXTENSIONS) |
| 1112 extension_info_map_ = profile_params_->extension_info_map; | 1073 extension_info_map_ = profile_params_->extension_info_map; |
| 1113 #endif | 1074 #endif |
| 1114 | 1075 |
| (...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1175 ct_tree_tracker_unregistration_ = | 1136 ct_tree_tracker_unregistration_ = |
| 1176 base::Bind(&IOThread::UnregisterSTHObserver, base::Unretained(io_thread), | 1137 base::Bind(&IOThread::UnregisterSTHObserver, base::Unretained(io_thread), |
| 1177 ct_tree_tracker_.get()); | 1138 ct_tree_tracker_.get()); |
| 1178 | 1139 |
| 1179 main_request_context_->set_ct_policy_enforcer( | 1140 main_request_context_->set_ct_policy_enforcer( |
| 1180 io_thread_globals->system_request_context->ct_policy_enforcer()); | 1141 io_thread_globals->system_request_context->ct_policy_enforcer()); |
| 1181 | 1142 |
| 1182 InitializeInternal(profile_params_.get(), protocol_handlers, | 1143 InitializeInternal(profile_params_.get(), protocol_handlers, |
| 1183 std::move(request_interceptors)); | 1144 std::move(request_interceptors)); |
| 1184 | 1145 |
| 1146 net::NetworkTrafficAnnotationTag traffic_annotation = |
| 1147 net::DefineNetworkTrafficAnnotation("domain_security_policy", R"( |
| 1148 semantics { |
| 1149 sender: "Domain Security Policy" |
| 1150 description: |
| 1151 "Websites can opt in to have Chrome send reports to them when " |
| 1152 "Chrome observes connections to that website that do not meet " |
| 1153 "stricter security policies, such as with HTTP Public Key Pinning. " |
| 1154 "Websites can use this feature to discover misconfigurations that " |
| 1155 "prevent them from complying with stricter security policies that " |
| 1156 "they've opted in to." |
| 1157 trigger: |
| 1158 "Chrome observes that a user is loading a resource from a website " |
| 1159 "that has opted in for security policy reports, and the connection " |
| 1160 "does not meet the required security policies." |
| 1161 data: |
| 1162 "The time of the request, the hostname and port being requested, " |
| 1163 "the certificate chain, and sometimes certificate revocation " |
| 1164 "information included on the connection." |
| 1165 destination: OTHER |
| 1166 } |
| 1167 policy { |
| 1168 cookies_allowed: false |
| 1169 setting: "This feature cannot be disabled by settings." |
| 1170 policy_exception_justification: |
| 1171 "Not implemented, this is a feature that websites can opt into and " |
| 1172 "thus there is no Chrome-wide policy to disable it." |
| 1173 })"); |
| 1174 certificate_report_sender_.reset( |
| 1175 new net::ReportSender(main_request_context_.get(), traffic_annotation)); |
| 1176 main_request_context_->transport_security_state()->SetReportSender( |
| 1177 certificate_report_sender_.get()); |
| 1178 |
| 1179 expect_ct_reporter_.reset( |
| 1180 new ChromeExpectCTReporter(main_request_context_.get())); |
| 1181 main_request_context_->transport_security_state()->SetExpectCTReporter( |
| 1182 expect_ct_reporter_.get()); |
| 1183 |
| 1184 main_request_context_->transport_security_state()->SetRequireCTDelegate( |
| 1185 ct_policy_manager_->GetDelegate()); |
| 1186 |
| 1185 profile_params_.reset(); | 1187 profile_params_.reset(); |
| 1186 initialized_ = true; | 1188 initialized_ = true; |
| 1187 } | 1189 } |
| 1188 | 1190 |
| 1189 void ProfileIOData::ApplyProfileParamsToContext( | 1191 void ProfileIOData::ApplyProfileParamsToContext( |
| 1190 net::URLRequestContext* context) const { | 1192 net::URLRequestContext* context) const { |
| 1191 context->set_http_user_agent_settings( | 1193 context->set_http_user_agent_settings( |
| 1192 chrome_http_user_agent_settings_.get()); | 1194 chrome_http_user_agent_settings_.get()); |
| 1193 context->set_ssl_config_service(profile_params_->ssl_config_service.get()); | 1195 context->set_ssl_config_service(profile_params_->ssl_config_service.get()); |
| 1194 } | 1196 } |
| (...skipping 166 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1361 void ProfileIOData::SetCookieSettingsForTesting( | 1363 void ProfileIOData::SetCookieSettingsForTesting( |
| 1362 content_settings::CookieSettings* cookie_settings) { | 1364 content_settings::CookieSettings* cookie_settings) { |
| 1363 DCHECK(!cookie_settings_.get()); | 1365 DCHECK(!cookie_settings_.get()); |
| 1364 cookie_settings_ = cookie_settings; | 1366 cookie_settings_ = cookie_settings; |
| 1365 } | 1367 } |
| 1366 | 1368 |
| 1367 policy::URLBlacklist::URLBlacklistState ProfileIOData::GetURLBlacklistState( | 1369 policy::URLBlacklist::URLBlacklistState ProfileIOData::GetURLBlacklistState( |
| 1368 const GURL& url) const { | 1370 const GURL& url) const { |
| 1369 return url_blacklist_manager_->GetURLBlacklistState(url); | 1371 return url_blacklist_manager_->GetURLBlacklistState(url); |
| 1370 } | 1372 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2957453002:
Set up TransportSecurityState subcomponents last in ProfileIOData. (Closed)
