OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/profiles/profile_io_data.h" | 5 #include "chrome/browser/profiles/profile_io_data.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 | 8 |
9 #include <string> | 9 #include <string> |
10 #include <utility> | 10 #include <utility> |
(...skipping 1045 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1056 std::move(network_delegate)); | 1056 std::move(network_delegate)); |
1057 | 1057 |
1058 std::unique_ptr<net::TransportSecurityState> transport_security_state( | 1058 std::unique_ptr<net::TransportSecurityState> transport_security_state( |
1059 base::MakeUnique<net::TransportSecurityState>()); | 1059 base::MakeUnique<net::TransportSecurityState>()); |
1060 transport_security_persister_.reset(new net::TransportSecurityPersister( | 1060 transport_security_persister_.reset(new net::TransportSecurityPersister( |
1061 transport_security_state.get(), profile_params_->path, | 1061 transport_security_state.get(), profile_params_->path, |
1062 base::CreateSequencedTaskRunnerWithTraits( | 1062 base::CreateSequencedTaskRunnerWithTraits( |
1063 {base::MayBlock(), base::TaskPriority::BACKGROUND, | 1063 {base::MayBlock(), base::TaskPriority::BACKGROUND, |
1064 base::TaskShutdownBehavior::BLOCK_SHUTDOWN}), | 1064 base::TaskShutdownBehavior::BLOCK_SHUTDOWN}), |
1065 IsOffTheRecord())); | 1065 IsOffTheRecord())); |
1066 | |
1067 net::NetworkTrafficAnnotationTag traffic_annotation = | |
1068 net::DefineNetworkTrafficAnnotation("domain_security_policy", R"( | |
1069 semantics { | |
1070 sender: "Domain Security Policy" | |
1071 description: | |
1072 "Websites can opt in to have Chrome send reports to them when " | |
1073 "Chrome observes connections to that website that do not meet " | |
1074 "stricter security policies, such as with HTTP Public Key Pinning. " | |
1075 "Websites can use this feature to discover misconfigurations that " | |
1076 "prevent them from complying with stricter security policies that " | |
1077 "they've opted in to." | |
1078 trigger: | |
1079 "Chrome observes that a user is loading a resource from a website " | |
1080 "that has opted in for security policy reports, and the connection " | |
1081 "does not meet the required security policies." | |
1082 data: | |
1083 "The time of the request, the hostname and port being requested, " | |
1084 "the certificate chain, and sometimes certificate revocation " | |
1085 "information included on the connection." | |
1086 destination: OTHER | |
1087 } | |
1088 policy { | |
1089 cookies_allowed: false | |
1090 setting: "This feature cannot be disabled by settings." | |
1091 policy_exception_justification: | |
1092 "Not implemented, this is a feature that websites can opt into and " | |
1093 "thus there is no Chrome-wide policy to disable it." | |
1094 })"); | |
1095 certificate_report_sender_.reset( | |
1096 new net::ReportSender(main_request_context_.get(), traffic_annotation)); | |
1097 transport_security_state->SetReportSender(certificate_report_sender_.get()); | |
1098 | |
1099 expect_ct_reporter_.reset( | |
1100 new ChromeExpectCTReporter(main_request_context_.get())); | |
1101 transport_security_state->SetExpectCTReporter(expect_ct_reporter_.get()); | |
1102 | |
1103 transport_security_state->SetRequireCTDelegate( | |
1104 ct_policy_manager_->GetDelegate()); | |
1105 main_request_context_storage_->set_transport_security_state( | 1066 main_request_context_storage_->set_transport_security_state( |
1106 std::move(transport_security_state)); | 1067 std::move(transport_security_state)); |
1107 | 1068 |
1108 // Take ownership over these parameters. | 1069 // Take ownership over these parameters. |
1109 cookie_settings_ = profile_params_->cookie_settings; | 1070 cookie_settings_ = profile_params_->cookie_settings; |
1110 host_content_settings_map_ = profile_params_->host_content_settings_map; | 1071 host_content_settings_map_ = profile_params_->host_content_settings_map; |
1111 #if BUILDFLAG(ENABLE_EXTENSIONS) | 1072 #if BUILDFLAG(ENABLE_EXTENSIONS) |
1112 extension_info_map_ = profile_params_->extension_info_map; | 1073 extension_info_map_ = profile_params_->extension_info_map; |
1113 #endif | 1074 #endif |
1114 | 1075 |
(...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1175 ct_tree_tracker_unregistration_ = | 1136 ct_tree_tracker_unregistration_ = |
1176 base::Bind(&IOThread::UnregisterSTHObserver, base::Unretained(io_thread), | 1137 base::Bind(&IOThread::UnregisterSTHObserver, base::Unretained(io_thread), |
1177 ct_tree_tracker_.get()); | 1138 ct_tree_tracker_.get()); |
1178 | 1139 |
1179 main_request_context_->set_ct_policy_enforcer( | 1140 main_request_context_->set_ct_policy_enforcer( |
1180 io_thread_globals->system_request_context->ct_policy_enforcer()); | 1141 io_thread_globals->system_request_context->ct_policy_enforcer()); |
1181 | 1142 |
1182 InitializeInternal(profile_params_.get(), protocol_handlers, | 1143 InitializeInternal(profile_params_.get(), protocol_handlers, |
1183 std::move(request_interceptors)); | 1144 std::move(request_interceptors)); |
1184 | 1145 |
| 1146 net::NetworkTrafficAnnotationTag traffic_annotation = |
| 1147 net::DefineNetworkTrafficAnnotation("domain_security_policy", R"( |
| 1148 semantics { |
| 1149 sender: "Domain Security Policy" |
| 1150 description: |
| 1151 "Websites can opt in to have Chrome send reports to them when " |
| 1152 "Chrome observes connections to that website that do not meet " |
| 1153 "stricter security policies, such as with HTTP Public Key Pinning. " |
| 1154 "Websites can use this feature to discover misconfigurations that " |
| 1155 "prevent them from complying with stricter security policies that " |
| 1156 "they've opted in to." |
| 1157 trigger: |
| 1158 "Chrome observes that a user is loading a resource from a website " |
| 1159 "that has opted in for security policy reports, and the connection " |
| 1160 "does not meet the required security policies." |
| 1161 data: |
| 1162 "The time of the request, the hostname and port being requested, " |
| 1163 "the certificate chain, and sometimes certificate revocation " |
| 1164 "information included on the connection." |
| 1165 destination: OTHER |
| 1166 } |
| 1167 policy { |
| 1168 cookies_allowed: false |
| 1169 setting: "This feature cannot be disabled by settings." |
| 1170 policy_exception_justification: |
| 1171 "Not implemented, this is a feature that websites can opt into and " |
| 1172 "thus there is no Chrome-wide policy to disable it." |
| 1173 })"); |
| 1174 certificate_report_sender_.reset( |
| 1175 new net::ReportSender(main_request_context_.get(), traffic_annotation)); |
| 1176 main_request_context_->transport_security_state()->SetReportSender( |
| 1177 certificate_report_sender_.get()); |
| 1178 |
| 1179 expect_ct_reporter_.reset( |
| 1180 new ChromeExpectCTReporter(main_request_context_.get())); |
| 1181 main_request_context_->transport_security_state()->SetExpectCTReporter( |
| 1182 expect_ct_reporter_.get()); |
| 1183 |
| 1184 main_request_context_->transport_security_state()->SetRequireCTDelegate( |
| 1185 ct_policy_manager_->GetDelegate()); |
| 1186 |
1185 profile_params_.reset(); | 1187 profile_params_.reset(); |
1186 initialized_ = true; | 1188 initialized_ = true; |
1187 } | 1189 } |
1188 | 1190 |
1189 void ProfileIOData::ApplyProfileParamsToContext( | 1191 void ProfileIOData::ApplyProfileParamsToContext( |
1190 net::URLRequestContext* context) const { | 1192 net::URLRequestContext* context) const { |
1191 context->set_http_user_agent_settings( | 1193 context->set_http_user_agent_settings( |
1192 chrome_http_user_agent_settings_.get()); | 1194 chrome_http_user_agent_settings_.get()); |
1193 context->set_ssl_config_service(profile_params_->ssl_config_service.get()); | 1195 context->set_ssl_config_service(profile_params_->ssl_config_service.get()); |
1194 } | 1196 } |
(...skipping 166 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1361 void ProfileIOData::SetCookieSettingsForTesting( | 1363 void ProfileIOData::SetCookieSettingsForTesting( |
1362 content_settings::CookieSettings* cookie_settings) { | 1364 content_settings::CookieSettings* cookie_settings) { |
1363 DCHECK(!cookie_settings_.get()); | 1365 DCHECK(!cookie_settings_.get()); |
1364 cookie_settings_ = cookie_settings; | 1366 cookie_settings_ = cookie_settings; |
1365 } | 1367 } |
1366 | 1368 |
1367 policy::URLBlacklist::URLBlacklistState ProfileIOData::GetURLBlacklistState( | 1369 policy::URLBlacklist::URLBlacklistState ProfileIOData::GetURLBlacklistState( |
1368 const GURL& url) const { | 1370 const GURL& url) const { |
1369 return url_blacklist_manager_->GetURLBlacklistState(url); | 1371 return url_blacklist_manager_->GetURLBlacklistState(url); |
1370 } | 1372 } |
OLD | NEW |