Index: net/url_request/url_request.cc |
diff --git a/net/url_request/url_request.cc b/net/url_request/url_request.cc |
index c61a14b3bac939e6dc727fdeb7d4be18cd7dc43c..04832a181ea16ca5cd92020a040fd93e5f8375b4 100644 |
--- a/net/url_request/url_request.cc |
+++ b/net/url_request/url_request.cc |
@@ -1027,7 +1027,14 @@ bool URLRequest::GetHSTSRedirect(GURL* redirect_url) const { |
if (!url.SchemeIs("http")) |
return false; |
TransportSecurityState* state = context()->transport_security_state(); |
- if (state && state->ShouldUpgradeToSSL(url.host())) { |
+ bool shouldUpgradeDueToHost = state && state->ShouldUpgradeToSSL(url.host()); |
+ // If the port is 443, always redirect. This prevents sites from using AJAX |
+ // calls to tell if HSTS is set for a domain (by visiting |
+ // http://example.com:443), which is a privacy leak if the site is not on the |
+ // preload list. |
+ // https://code.google.com/p/chromium/issues/detail?id=436451 |
+ bool shouldUpgradeDueToPort = url.has_port() && url.IntPort() == 443; |
+ if (shouldUpgradeDueToHost || shouldUpgradeDueToPort) { |
url::Replacements<char> replacements; |
const char kNewScheme[] = "https"; |
replacements.SetScheme(kNewScheme, url::Component(0, strlen(kNewScheme))); |