OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/url_request/url_request.h" | 5 #include "net/url_request/url_request.h" |
6 | 6 |
7 #include "base/bind.h" | 7 #include "base/bind.h" |
8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
9 #include "base/callback.h" | 9 #include "base/callback.h" |
10 #include "base/compiler_specific.h" | 10 #include "base/compiler_specific.h" |
(...skipping 1009 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1020 NetLog::IntegerCallback("priority", priority_)); | 1020 NetLog::IntegerCallback("priority", priority_)); |
1021 job_->SetPriority(priority_); | 1021 job_->SetPriority(priority_); |
1022 } | 1022 } |
1023 } | 1023 } |
1024 | 1024 |
1025 bool URLRequest::GetHSTSRedirect(GURL* redirect_url) const { | 1025 bool URLRequest::GetHSTSRedirect(GURL* redirect_url) const { |
1026 const GURL& url = this->url(); | 1026 const GURL& url = this->url(); |
1027 if (!url.SchemeIs("http")) | 1027 if (!url.SchemeIs("http")) |
1028 return false; | 1028 return false; |
1029 TransportSecurityState* state = context()->transport_security_state(); | 1029 TransportSecurityState* state = context()->transport_security_state(); |
1030 if (state && state->ShouldUpgradeToSSL(url.host())) { | 1030 bool shouldUpgradeDueToHost = state && state->ShouldUpgradeToSSL(url.host()); |
| 1031 // If the port is 443, always redirect. This prevents sites from using AJAX |
| 1032 // calls to tell if HSTS is set for a domain (by visiting |
| 1033 // http://example.com:443), which is a privacy leak if the site is not on the |
| 1034 // preload list. |
| 1035 // https://code.google.com/p/chromium/issues/detail?id=436451 |
| 1036 bool shouldUpgradeDueToPort = url.has_port() && url.IntPort() == 443; |
| 1037 if (shouldUpgradeDueToHost || shouldUpgradeDueToPort) { |
1031 url::Replacements<char> replacements; | 1038 url::Replacements<char> replacements; |
1032 const char kNewScheme[] = "https"; | 1039 const char kNewScheme[] = "https"; |
1033 replacements.SetScheme(kNewScheme, url::Component(0, strlen(kNewScheme))); | 1040 replacements.SetScheme(kNewScheme, url::Component(0, strlen(kNewScheme))); |
1034 *redirect_url = url.ReplaceComponents(replacements); | 1041 *redirect_url = url.ReplaceComponents(replacements); |
1035 return true; | 1042 return true; |
1036 } | 1043 } |
1037 return false; | 1044 return false; |
1038 } | 1045 } |
1039 | 1046 |
1040 void URLRequest::NotifyAuthRequired(AuthChallengeInfo* auth_info) { | 1047 void URLRequest::NotifyAuthRequired(AuthChallengeInfo* auth_info) { |
(...skipping 184 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1225 new base::debug::StackTrace(NULL, 0); | 1232 new base::debug::StackTrace(NULL, 0); |
1226 *stack_trace_copy = stack_trace; | 1233 *stack_trace_copy = stack_trace; |
1227 stack_trace_.reset(stack_trace_copy); | 1234 stack_trace_.reset(stack_trace_copy); |
1228 } | 1235 } |
1229 | 1236 |
1230 const base::debug::StackTrace* URLRequest::stack_trace() const { | 1237 const base::debug::StackTrace* URLRequest::stack_trace() const { |
1231 return stack_trace_.get(); | 1238 return stack_trace_.get(); |
1232 } | 1239 } |
1233 | 1240 |
1234 } // namespace net | 1241 } // namespace net |
OLD | NEW |