Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(742)

Unified Diff: net/http/transport_security_state_static.json

Issue 359803002: net: add HSTS and pinning for Dropbox. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: ... Created 6 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/http/transport_security_state_static.certs ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/http/transport_security_state_static.json
diff --git a/net/http/transport_security_state_static.json b/net/http/transport_security_state_static.json
index 93cdb3c0f7a33241d1faac74967781d2213f4440..578ccfef89b870d7265abc253a2ce54645f50402 100644
--- a/net/http/transport_security_state_static.json
+++ b/net/http/transport_security_state_static.json
@@ -151,6 +151,29 @@
"static_spki_hashes": [
"Libertylavabitcom"
]
+ },
+ {
+ "name": "dropbox",
+ "static_spki_hashes": [
+ "DigiCertAssuredIDRoot",
+ "DigiCertGlobalRoot",
+ "DigiCertEVRoot",
+ "EntrustRootEC1",
+ "Entrust_G2",
+ "Entrust_EV",
+ "Entrust_2048",
+ "GeoTrustGlobal",
+ "GeoTrustPrimary_G2",
+ "GeoTrustPrimary_G3",
+ "GeoTrustPrimary",
+ "TheGoDaddyGroupClass2",
+ "GoDaddyRoot_G2",
+ "GoDaddySecure",
+ "ThawtePremiumServer",
+ "ThawtePrimaryRootCA_G2",
+ "ThawtePrimaryRootCA_G3",
+ "ThawtePrimaryRootCA"
+ ]
}
],
@@ -786,6 +809,8 @@
{ "name": "webcollect.org.uk", "include_subdomains": true, "mode": "force-https" },
{ "name": "www.capitainetrain.com", "mode": "force-https" },
{ "name": "accounts.firefox.com", "include_subdomains": true, "mode": "force-https" },
+ { "name": "dropbox.com", "mode": "force-https", "pins": "dropbox" },
+ { "name": "www.dropbox.com", "include_subdomains": true, "mode": "force-https", "pins": "dropbox" },
Ryan Sleevi 2014/07/01 03:03:58 Weird to include sub-domains for www, but I can se
// Entries that are only valid if the client supports SNI.
{ "name": "gmail.com", "mode": "force-https", "pins": "google", "snionly": true },
« no previous file with comments | « net/http/transport_security_state_static.certs ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698