| Index: net/url_request/url_request.cc
|
| diff --git a/net/url_request/url_request.cc b/net/url_request/url_request.cc
|
| index c61a14b3bac939e6dc727fdeb7d4be18cd7dc43c..04832a181ea16ca5cd92020a040fd93e5f8375b4 100644
|
| --- a/net/url_request/url_request.cc
|
| +++ b/net/url_request/url_request.cc
|
| @@ -1027,7 +1027,14 @@ bool URLRequest::GetHSTSRedirect(GURL* redirect_url) const {
|
| if (!url.SchemeIs("http"))
|
| return false;
|
| TransportSecurityState* state = context()->transport_security_state();
|
| - if (state && state->ShouldUpgradeToSSL(url.host())) {
|
| + bool shouldUpgradeDueToHost = state && state->ShouldUpgradeToSSL(url.host());
|
| + // If the port is 443, always redirect. This prevents sites from using AJAX
|
| + // calls to tell if HSTS is set for a domain (by visiting
|
| + // http://example.com:443), which is a privacy leak if the site is not on the
|
| + // preload list.
|
| + // https://code.google.com/p/chromium/issues/detail?id=436451
|
| + bool shouldUpgradeDueToPort = url.has_port() && url.IntPort() == 443;
|
| + if (shouldUpgradeDueToHost || shouldUpgradeDueToPort) {
|
| url::Replacements<char> replacements;
|
| const char kNewScheme[] = "https";
|
| replacements.SetScheme(kNewScheme, url::Component(0, strlen(kNewScheme)));
|
|
|
Chromium Code Reviews
Issue 764473002:
Rewrite HTTP requests over port 443 to HTTPS (in the HSTS code). (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master