Index: net/base/net_util.cc |
diff --git a/net/base/net_util.cc b/net/base/net_util.cc |
index 3b49dffb5c20d889003a09755276ddaa8e41542d..5d773e62b705fcc580e099d4ce2b4df6f8476dc3 100644 |
--- a/net/base/net_util.cc |
+++ b/net/base/net_util.cc |
@@ -107,6 +107,7 @@ static const int kRestrictedPorts[] = { |
143, // imap2 |
179, // BGP |
389, // ldap |
+ 443, // https / wss |
465, // smtp+ssl |
512, // print / exec |
513, // login |
@@ -144,6 +145,11 @@ static const int kAllowedFtpPorts[] = { |
22, // ssh |
}; |
+// HTTPS and WSS override the following restricted port. |
+static const int kAllowedHttpsOrWssPorts[] = { |
+ 443, // https / wss |
+}; |
+ |
bool IPNumberPrefixCheck(const IPAddressNumber& ip_number, |
const unsigned char* ip_prefix, |
size_t prefix_length_in_bits) { |
@@ -320,6 +326,18 @@ bool IsPortAllowedByFtp(int port) { |
return IsPortAllowedByDefault(port); |
} |
+bool IsPortAllowedByHttpsOrWss(int port) { |
+ int array_size = arraysize(kAllowedHttpsOrWssPorts); |
+ for (int i = 0; i < array_size; i++) { |
+ if (kAllowedHttpsOrWssPorts[i] == port) { |
+ return true; |
+ } |
+ } |
+ // Port not explicitly allowed by HTTPS or WSS, so return the default |
+ // restrictions. |
+ return IsPortAllowedByDefault(port); |
+} |
+ |
bool IsPortAllowedByOverride(int port) { |
if (g_explicitly_allowed_ports.Get().empty()) |
return false; |