Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(54)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/http/transport_security_state_static.json

Issue 578553004: Remove the "snionly" concept from the HSTS preload. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: ... Created 6 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/http/transport_security_state_static.h ('k') | net/http/transport_security_state_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // This file contains the HSTS preloaded list in a machine readable format. 5 // This file contains the HSTS preloaded list in a machine readable format.
6 6
7 // The top-level element is a dictionary with two keys: "pinsets" maps details 7 // The top-level element is a dictionary with two keys: "pinsets" maps details
8 // of certificate pinning to a name and "entries" contains the HSTS details for 8 // of certificate pinning to a name and "entries" contains the HSTS details for
9 // each host. 9 // each host.
10 // 10 //
(...skipping 200 matching lines...) Expand 10 before | Expand all | Expand 10 after
211 { "name": "goto.google.com", "include_subdomains": true, "mode": "force-http s", "pins": "google" }, 211 { "name": "goto.google.com", "include_subdomains": true, "mode": "force-http s", "pins": "google" },
212 { "name": "cloud.google.com", "include_subdomains": true, "mode": "force-htt ps", "pins": "google" }, 212 { "name": "cloud.google.com", "include_subdomains": true, "mode": "force-htt ps", "pins": "google" },
213 { "name": "glass.google.com", "include_subdomains": true, "mode": "force-htt ps", "pins": "google" }, 213 { "name": "glass.google.com", "include_subdomains": true, "mode": "force-htt ps", "pins": "google" },
214 { "name": "admin.google.com", "include_subdomains": true, "mode": "force-htt ps", "pins": "google" }, 214 { "name": "admin.google.com", "include_subdomains": true, "mode": "force-htt ps", "pins": "google" },
215 { "name": "login.corp.google.com", "include_subdomains": true, "mode": "forc e-https", "pins": "google" }, 215 { "name": "login.corp.google.com", "include_subdomains": true, "mode": "forc e-https", "pins": "google" },
216 // play.google.com doesn't have include_subdomains because of crbug.com/3278 34. 216 // play.google.com doesn't have include_subdomains because of crbug.com/3278 34.
217 { "name": "play.google.com", "mode": "force-https", "pins": "google" }, 217 { "name": "play.google.com", "mode": "force-https", "pins": "google" },
218 { "name": "passwords.google.com", "include_subdomains": true, "mode": "force -https", "pins": "google" }, 218 { "name": "passwords.google.com", "include_subdomains": true, "mode": "force -https", "pins": "google" },
219 219
220 // Other Google-related domains that must use HTTPS. 220 // Other Google-related domains that must use HTTPS.
221 { "name": "gmail.com", "mode": "force-https", "pins": "google" },
222 { "name": "m.gmail.com", "mode": "force-https", "pins": "google" },
223 { "name": "googlemail.com", "mode": "force-https", "pins": "google" },
224 { "name": "m.googlemail.com", "mode": "force-https", "pins": "google" },
225 { "name": "www.gmail.com", "mode": "force-https", "pins": "google" },
226 { "name": "www.googlemail.com", "mode": "force-https", "pins": "google" },
221 { "name": "market.android.com", "include_subdomains": true, "mode": "force-h ttps", "pins": "google" }, 227 { "name": "market.android.com", "include_subdomains": true, "mode": "force-h ttps", "pins": "google" },
222 { "name": "ssl.google-analytics.com", "include_subdomains": true, "mode": "f orce-https", "pins": "google" }, 228 { "name": "ssl.google-analytics.com", "include_subdomains": true, "mode": "f orce-https", "pins": "google" },
223 { "name": "drive.google.com", "include_subdomains": true, "mode": "force-htt ps", "pins": "google" }, 229 { "name": "drive.google.com", "include_subdomains": true, "mode": "force-htt ps", "pins": "google" },
224 { "name": "googleplex.com", "include_subdomains": true, "mode": "force-https ", "pins": "google" }, 230 { "name": "googleplex.com", "include_subdomains": true, "mode": "force-https ", "pins": "google" },
225 { "name": "groups.google.com", "include_subdomains": true, "mode": "force-ht tps", "pins": "google" }, 231 { "name": "groups.google.com", "include_subdomains": true, "mode": "force-ht tps", "pins": "google" },
226 { "name": "apis.google.com", "include_subdomains": true, "mode": "force-http s", "pins": "google" }, 232 { "name": "apis.google.com", "include_subdomains": true, "mode": "force-http s", "pins": "google" },
227 { "name": "chromiumcodereview.appspot.com", "include_subdomains": true, "mod e": "force-https", "pins": "google" }, 233 { "name": "chromiumcodereview.appspot.com", "include_subdomains": true, "mod e": "force-https", "pins": "google" },
228 { "name": "chrome-devtools-frontend.appspot.com", "include_subdomains": true , "mode": "force-https", "pins": "google" }, 234 { "name": "chrome-devtools-frontend.appspot.com", "include_subdomains": true , "mode": "force-https", "pins": "google" },
229 { "name": "codereview.appspot.com", "include_subdomains": true, "mode": "for ce-https", "pins": "google" }, 235 { "name": "codereview.appspot.com", "include_subdomains": true, "mode": "for ce-https", "pins": "google" },
230 { "name": "codereview.chromium.org", "include_subdomains": true, "mode": "fo rce-https", "pins": "google" }, 236 { "name": "codereview.chromium.org", "include_subdomains": true, "mode": "fo rce-https", "pins": "google" },
(...skipping 18 matching lines...) Expand all
249 { "name": "wf-training-master.appspot.com", "include_subdomains": true, "mod e": "force-https", "pins": "google" }, 255 { "name": "wf-training-master.appspot.com", "include_subdomains": true, "mod e": "force-https", "pins": "google" },
250 { "name": "wf-dogfood-hrd.appspot.com", "include_subdomains": true, "mode": "force-https", "pins": "google" }, 256 { "name": "wf-dogfood-hrd.appspot.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
251 257
252 // chart.apis.google.com is *not* HSTS because the certificate doesn't match 258 // chart.apis.google.com is *not* HSTS because the certificate doesn't match
253 // and there are lots of links out there that still use the name. The correc t 259 // and there are lots of links out there that still use the name. The correc t
254 // hostname for this is chart.googleapis.com. 260 // hostname for this is chart.googleapis.com.
255 { "name": "chart.apis.google.com", "include_subdomains": true, "pins": "goog le" }, 261 { "name": "chart.apis.google.com", "include_subdomains": true, "pins": "goog le" },
256 262
257 // Other Google-related domains that must use an acceptable certificate 263 // Other Google-related domains that must use an acceptable certificate
258 // iff using SSL. 264 // iff using SSL.
265 { "name": "google-analytics.com", "include_subdomains": true, "pins": "googl e" },
266 { "name": "googlegroups.com", "include_subdomains": true, "pins": "google" } ,
259 { "name": "ytimg.com", "include_subdomains": true, "pins": "google" }, 267 { "name": "ytimg.com", "include_subdomains": true, "pins": "google" },
260 { "name": "googleusercontent.com", "include_subdomains": true, "pins": "goog le" }, 268 { "name": "googleusercontent.com", "include_subdomains": true, "pins": "goog le" },
261 { "name": "youtube.com", "include_subdomains": true, "pins": "google" }, 269 { "name": "youtube.com", "include_subdomains": true, "pins": "google" },
262 { "name": "youtube-nocookie.com", "include_subdomains": true, "pins": "googl e" }, 270 { "name": "youtube-nocookie.com", "include_subdomains": true, "pins": "googl e" },
263 { "name": "googleapis.com", "include_subdomains": true, "pins": "google" }, 271 { "name": "googleapis.com", "include_subdomains": true, "pins": "google" },
264 { "name": "googleadservices.com", "include_subdomains": true, "pins": "googl e" }, 272 { "name": "googleadservices.com", "include_subdomains": true, "pins": "googl e" },
265 { "name": "appspot.com", "include_subdomains": true, "pins": "google" }, 273 { "name": "appspot.com", "include_subdomains": true, "pins": "google" },
266 { "name": "googlesyndication.com", "include_subdomains": true, "pins": "goog le" }, 274 { "name": "googlesyndication.com", "include_subdomains": true, "pins": "goog le" },
267 { "name": "doubleclick.net", "include_subdomains": true, "pins": "google" }, 275 { "name": "doubleclick.net", "include_subdomains": true, "pins": "google" },
268 { "name": "2mdn.net", "include_subdomains": true, "pins": "google" }, 276 { "name": "2mdn.net", "include_subdomains": true, "pins": "google" },
(...skipping 903 matching lines...) Expand 10 before | Expand all | Expand 10 after
1172 { "name": "reishunger.de", "include_subdomains": true, "mode": "force-https" }, 1180 { "name": "reishunger.de", "include_subdomains": true, "mode": "force-https" },
1173 { "name": "salserocafe.com", "include_subdomains": true, "mode": "force-http s" }, 1181 { "name": "salserocafe.com", "include_subdomains": true, "mode": "force-http s" },
1174 { "name": "samizdat.cz", "include_subdomains": true, "mode": "force-https" } , 1182 { "name": "samizdat.cz", "include_subdomains": true, "mode": "force-https" } ,
1175 { "name": "sslmate.com", "include_subdomains": true, "mode": "force-https" } , 1183 { "name": "sslmate.com", "include_subdomains": true, "mode": "force-https" } ,
1176 { "name": "steventress.com", "include_subdomains": true, "mode": "force-http s" }, 1184 { "name": "steventress.com", "include_subdomains": true, "mode": "force-http s" },
1177 { "name": "tekshrek.com", "include_subdomains": true, "mode": "force-https" }, 1185 { "name": "tekshrek.com", "include_subdomains": true, "mode": "force-https" },
1178 { "name": "temehu.com", "include_subdomains": true, "mode": "force-https" }, 1186 { "name": "temehu.com", "include_subdomains": true, "mode": "force-https" },
1179 { "name": "tobias-kluge.de", "include_subdomains": true, "mode": "force-http s" }, 1187 { "name": "tobias-kluge.de", "include_subdomains": true, "mode": "force-http s" },
1180 { "name": "vortexhobbies.com", "include_subdomains": true, "mode": "force-ht tps" }, 1188 { "name": "vortexhobbies.com", "include_subdomains": true, "mode": "force-ht tps" },
1181 { "name": "willnorris.com", "include_subdomains": true, "mode": "force-https " }, 1189 { "name": "willnorris.com", "include_subdomains": true, "mode": "force-https " },
1182 1190 { "name": "mykolab.com", "include_subdomains": true, "mode": "force-https" } ,
1183 // Entries that are only valid if the client supports SNI. 1191 { "name": "semenkovich.com", "include_subdomains": true, "mode": "force-http s" },
1184 { "name": "gmail.com", "mode": "force-https", "pins": "google", "snionly": t rue }, 1192 { "name": "rme.li", "mode": "force-https" },
1185 { "name": "googlemail.com", "mode": "force-https", "pins": "google", "snionl y": true }, 1193 { "name": "www.rme.li", "mode": "force-https" }
Ryan Sleevi 2014/09/25 17:50:37 What's the deal with these domains? Why'd we ever
agl 2014/09/25 18:16:35 There are sites that requested preloading but whic
1186 { "name": "www.gmail.com", "mode": "force-https", "pins": "google", "snionly ": true },
1187 { "name": "www.googlemail.com", "mode": "force-https", "pins": "google", "sn ionly": true },
1188 { "name": "google-analytics.com", "include_subdomains": true, "pins": "googl e", "snionly": true },
1189 { "name": "googlegroups.com", "include_subdomains": true, "pins": "google", "snionly": true },
1190 { "name": "mykolab.com", "include_subdomains": true, "mode": "force-https", "snionly": true },
1191 { "name": "semenkovich.com", "include_subdomains": true, "mode": "force-http s", "snionly": true },
1192 { "name": "rme.li", "mode": "force-https", "snionly": true },
1193 { "name": "www.rme.li", "mode": "force-https", "snionly": true }
1194 ] 1194 ]
1195 } 1195 }
OLDNEW
« no previous file with comments | « net/http/transport_security_state_static.h ('k') | net/http/transport_security_state_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698