OLD | NEW |
1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2009 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // StrictTransportSecurityState maintains an in memory database containing the | 5 // StrictTransportSecurityState maintains an in memory database containing the |
6 // list of hosts that currently have strict transport security enabled. This | 6 // list of hosts that currently have strict transport security enabled. This |
7 // singleton object deals with writing that data out to disk as needed and | 7 // singleton object deals with writing that data out to disk as needed and |
8 // loading it at startup. | 8 // loading it at startup. |
9 | 9 |
10 // At startup we need to load the strict transport security state from the | 10 // At startup we need to load the strict transport security state from the |
11 // disk. For the moment, we don't want to delay startup for this load, so we | 11 // disk. For the moment, we don't want to delay startup for this load, so we |
12 // let the StrictTransportSecurityState run for a while without being loaded. | 12 // let the StrictTransportSecurityState run for a while without being loaded. |
13 // This means that it's possible for pages opened very quickly not to get the | 13 // This means that it's possible for pages opened very quickly not to get the |
14 // correct strict transport security information. | 14 // correct strict transport security information. |
15 // | 15 // |
16 // To load the state, we schedule a Task on the file thread which loads, | 16 // To load the state, we schedule a Task on the file thread which loads, |
17 // deserialises and configures the StrictTransportSecurityState. | 17 // deserialises and configures the StrictTransportSecurityState. |
18 // | 18 // |
19 // The StrictTransportSecurityState object supports running a callback function | 19 // The StrictTransportSecurityState object supports running a callback function |
20 // when it changes. This object registers the callback, pointing at itself. | 20 // when it changes. This object registers the callback, pointing at itself. |
21 // | 21 // |
22 // StrictTransportSecurityState calls... | 22 // StrictTransportSecurityState calls... |
23 // StrictTransportSecurityPersister::StateIsDirty | 23 // StrictTransportSecurityPersister::StateIsDirty |
24 // since the callback isn't allowed to block or reenter, we schedule a Task | 24 // since the callback isn't allowed to block or reenter, we schedule a Task |
25 // on |file_thread_| after some small amount of time | 25 // on the file thread after some small amount of time |
26 // | 26 // |
27 // ... | 27 // ... |
28 // | 28 // |
29 // StrictTransportSecurityPersister::SerialiseState | 29 // StrictTransportSecurityPersister::SerialiseState |
30 // copies the current state of the StrictTransportSecurityState, serialises | 30 // copies the current state of the StrictTransportSecurityState, serialises |
31 // and writes to disk. | 31 // and writes to disk. |
32 | 32 |
33 #include "base/file_path.h" | 33 #include "base/file_path.h" |
34 #include "base/lock.h" | 34 #include "base/lock.h" |
35 #include "base/ref_counted.h" | 35 #include "base/ref_counted.h" |
36 #include "net/base/strict_transport_security_state.h" | 36 #include "net/base/strict_transport_security_state.h" |
37 | 37 |
38 namespace base { | |
39 class Thread; | |
40 } | |
41 | 38 |
42 class StrictTransportSecurityPersister : | 39 class StrictTransportSecurityPersister : |
43 public base::RefCountedThreadSafe<StrictTransportSecurityPersister>, | 40 public base::RefCountedThreadSafe<StrictTransportSecurityPersister>, |
44 public net::StrictTransportSecurityState::Delegate { | 41 public net::StrictTransportSecurityState::Delegate { |
45 public: | 42 public: |
46 StrictTransportSecurityPersister(net::StrictTransportSecurityState* state, | 43 StrictTransportSecurityPersister(net::StrictTransportSecurityState* state, |
47 base::Thread* file_thread, | |
48 const FilePath& profile_path); | 44 const FilePath& profile_path); |
49 | 45 |
50 ~StrictTransportSecurityPersister(); | 46 ~StrictTransportSecurityPersister(); |
51 | 47 |
52 // Called by the StrictTransportSecurityState when it changes its state. | 48 // Called by the StrictTransportSecurityState when it changes its state. |
53 virtual void StateIsDirty(net::StrictTransportSecurityState*); | 49 virtual void StateIsDirty(net::StrictTransportSecurityState*); |
54 | 50 |
55 private: | 51 private: |
56 // a Task callback for when the state needs to be written out. | 52 // a Task callback for when the state needs to be written out. |
57 void SerialiseState(); | 53 void SerialiseState(); |
58 | 54 |
59 // a Task callback for when the state needs to be loaded from disk at startup. | 55 // a Task callback for when the state needs to be loaded from disk at startup. |
60 void LoadState(); | 56 void LoadState(); |
61 | 57 |
62 Lock lock_; // protects all the members | 58 Lock lock_; // protects all the members |
63 | 59 |
64 // true when the state object has signaled that we're dirty and we haven't | 60 // true when the state object has signaled that we're dirty and we haven't |
65 // serialised the state yet. | 61 // serialised the state yet. |
66 bool state_is_dirty_; | 62 bool state_is_dirty_; |
67 | 63 |
68 scoped_refptr<net::StrictTransportSecurityState> | 64 scoped_refptr<net::StrictTransportSecurityState> |
69 strict_transport_security_state_; | 65 strict_transport_security_state_; |
70 | |
71 // This is a thread which can perform file access. | |
72 base::Thread* const file_thread_; | |
73 | |
74 // The path to the file in which we store the serialised state. | 66 // The path to the file in which we store the serialised state. |
75 const FilePath state_file_; | 67 const FilePath state_file_; |
76 }; | 68 }; |
OLD | NEW |