Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(541)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/http/transport_security_state_static.json

Issue 669813003: Update from chromium https://crrev.com/301725/ (Closed) Base URL: git@github.com:domokit/mojo.git@master
Patch Set: Created 6 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/http/transport_security_state_static.certs ('k') | net/http/transport_security_state_unittest.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/http/transport_security_state_static.json
diff --git a/net/http/transport_security_state_static.json b/net/http/transport_security_state_static.json
index 06ad36173bb1d3c42a9fb5489fe9d2fa06c71e2b..45220335c1f29c5c3b30071253f9915d5fcb0272 100644
--- a/net/http/transport_security_state_static.json
+++ b/net/http/transport_security_state_static.json
@@ -177,6 +177,15 @@
"ThawtePrimaryRootCA_G3",
"ThawtePrimaryRootCA"
]
+ },
+ {
+ "name": "facebook",
+ "static_spki_hashes": [
+ "SymantecClass3EVG3",
+ "DigiCertECCSecureServerCA",
+ "DigiCertEVRoot",
+ "FacebookBackup"
+ ]
}
],
@@ -1382,7 +1391,85 @@
{ "name": "southside-crew.com", "include_subdomains": true, "mode": "force-https" },
{ "name": "tickopa.co.uk", "include_subdomains": true, "mode": "force-https" },
{ "name": "wieninternational.at", "include_subdomains": true, "mode": "force-https" },
- { "name": "fleximus.org", "include_subdomains": true, "mode": "force-https" }
+ { "name": "fleximus.org", "include_subdomains": true, "mode": "force-https" },
+
+ // Facebook would like to have pinning enforced on (*.)facebook.com and
+ // HSTS enforced on specific names. We can't (yet) represent that in JSON
+ // So we're currently only applying pinning on the specific names.
+ { "name": "facebook.com", "mode": "force-https", "pins": "facebook" },
+ { "name": "www.facebook.com", "include_subdomains": true, "mode": "force-https", "pins": "facebook" },
+ { "name": "m.facebook.com", "include_subdomains": true, "mode": "force-https", "pins": "facebook" },
+ { "name": "tablet.facebook.com", "include_subdomains": true, "mode": "force-https", "pins": "facebook" },
+ { "name": "secure.facebook.com", "include_subdomains": true, "mode": "force-https", "pins": "facebook" },
+ { "name": "pixel.facebook.com", "include_subdomains": true, "mode": "force-https", "pins": "facebook" },
+ { "name": "apps.facebook.com", "include_subdomains": true, "mode": "force-https", "pins": "facebook" },
+ { "name": "upload.facebook.com", "include_subdomains": true, "mode": "force-https", "pins": "facebook" },
+ { "name": "developers.facebook.com", "include_subdomains": true, "mode": "force-https", "pins": "facebook" },
+ { "name": "touch.facebook.com", "include_subdomains": true, "mode": "force-https", "pins": "facebook" },
+ { "name": "mbasic.facebook.com", "include_subdomains": true, "mode": "force-https", "pins": "facebook" },
+ { "name": "code.facebook.com", "include_subdomains": true, "mode": "force-https", "pins": "facebook" },
+ { "name": "t.facebook.com", "include_subdomains": true, "mode": "force-https", "pins": "facebook" },
+ { "name": "mtouch.facebook.com", "include_subdomains": true, "mode": "force-https", "pins": "facebook" },
+ { "name": "business.facebook.com", "include_subdomains": true, "mode": "force-https", "pins": "facebook" },
+ { "name": "research.facebook.com", "include_subdomains": true, "mode": "force-https", "pins": "facebook" },
+
+ { "name": "0x0a.net", "include_subdomains": true, "mode": "force-https" },
+ { "name": "animurecs.com", "include_subdomains": true, "mode": "force-https" },
+ { "name": "arendburgers.nl", "include_subdomains": true, "mode": "force-https" },
+ { "name": "big-andy.co.uk", "include_subdomains": true, "mode": "force-https" },
+ { "name": "bitgo.com", "include_subdomains": true, "mode": "force-https" },
+ { "name": "buttercoin.com", "include_subdomains": true, "mode": "force-https" },
+ { "name": "chainmonitor.com", "include_subdomains": true, "mode": "force-https" },
+ { "name": "coinapult.com", "include_subdomains": true, "mode": "force-https" },
+ { "name": "comssa.org.au", "include_subdomains": true, "mode": "force-https" },
+ { "name": "coursella.com", "include_subdomains": true, "mode": "force-https" },
+ { "name": "crowdjuris.com", "include_subdomains": true, "mode": "force-https" },
+ { "name": "curlybracket.co.uk", "include_subdomains": true, "mode": "force-https" },
+ { "name": "cyanogenmod.xxx", "include_subdomains": true, "mode": "force-https" },
+ { "name": "czbix.com", "include_subdomains": true, "mode": "force-https" },
+ { "name": "dealcruiser.nl", "include_subdomains": true, "mode": "force-https" },
+ { "name": "derevtsov.com", "include_subdomains": true, "mode": "force-https" },
+ { "name": "dzlibs.io", "include_subdomains": true, "mode": "force-https" },
+ { "name": "easysimplecrm.com", "include_subdomains": true, "mode": "force-https" },
+ { "name": "fralef.me", "include_subdomains": true, "mode": "force-https" },
+ { "name": "glossopnorthendafc.co.uk", "include_subdomains": true, "mode": "force-https" },
+ { "name": "gtraxapp.com", "include_subdomains": true, "mode": "force-https" },
+ { "name": "hansvaneijsden.com", "include_subdomains": true, "mode": "force-https" },
+ { "name": "horseboners.xxx", "include_subdomains": true, "mode": "force-https" },
+ { "name": "horza.org", "include_subdomains": true, "mode": "force-https" },
+ { "name": "iamcarrico.com", "include_subdomains": true, "mode": "force-https" },
+ { "name": "kartonmodellbau.org", "include_subdomains": true, "mode": "force-https" },
+ { "name": "keycdn.com", "include_subdomains": true, "mode": "force-https" },
+ { "name": "komandakovalchuk.com", "include_subdomains": true, "mode": "force-https" },
+ { "name": "kryptera.se", "include_subdomains": true, "mode": "force-https" },
+ { "name": "lukonet.com", "include_subdomains": true, "mode": "force-https" },
+ { "name": "meetfinch.com", "include_subdomains": true, "mode": "force-https" },
+ { "name": "megaxchange.com", "include_subdomains": true, "mode": "force-https" },
+ { "name": "moriz.de", "include_subdomains": true, "mode": "force-https" },
+ { "name": "myplaceonline.com", "include_subdomains": true, "mode": "force-https" },
+ { "name": "nectarleaf.com", "include_subdomains": true, "mode": "force-https" },
+ { "name": "nos-oignons.net", "include_subdomains": true, "mode": "force-https" },
+ { "name": "phoenixlogan.com", "include_subdomains": true, "mode": "force-https" },
+ { "name": "redteam-pentesting.de", "include_subdomains": true, "mode": "force-https" },
+ { "name": "roland.io", "include_subdomains": true, "mode": "force-https" },
+ { "name": "servergno.me", "include_subdomains": true, "mode": "force-https" },
+ { "name": "siriad.com", "include_subdomains": true, "mode": "force-https" },
+ { "name": "smartcoin.com.br", "include_subdomains": true, "mode": "force-https" },
+ { "name": "spartantheatre.org", "include_subdomains": true, "mode": "force-https" },
+ { "name": "spencerbaer.com", "include_subdomains": true, "mode": "force-https" },
+ { "name": "stretchmyan.us", "include_subdomains": true, "mode": "force-https" },
+ { "name": "taxsquirrel.com", "include_subdomains": true, "mode": "force-https" },
+ { "name": "techhipster.net", "include_subdomains": true, "mode": "force-https" },
+ { "name": "timtaubert.de", "include_subdomains": true, "mode": "force-https" },
+ { "name": "tribut.de", "include_subdomains": true, "mode": "force-https" },
+ { "name": "triop.se", "include_subdomains": true, "mode": "force-https" },
+ { "name": "twentymilliseconds.com", "include_subdomains": true, "mode": "force-https" },
+ { "name": "ukdefencejournal.org.uk", "include_subdomains": true, "mode": "force-https" },
+ { "name": "ukhas.net", "include_subdomains": true, "mode": "force-https" },
+ { "name": "vpnzoom.com", "include_subdomains": true, "mode": "force-https" },
+ { "name": "watsonhall.uk", "include_subdomains": true, "mode": "force-https" },
+ { "name": "weblogzwolle.nl", "include_subdomains": true, "mode": "force-https" },
+ { "name": "ypart.eu", "include_subdomains": true, "mode": "force-https" }
],
// |ReportUMAOnPinFailure| uses these to report which domain was associated
@@ -1643,6 +1730,7 @@
"GOOGLETAGSERVICES_COM",
"DROPBOX_COM",
"YOUTUBE_NOCOOKIE_COM",
- "2MDN_NET"
+ "2MDN_NET",
+ "FACEBOOK_COM"
]
}
« no previous file with comments | « net/http/transport_security_state_static.certs ('k') | net/http/transport_security_state_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698