| Index: chrome/browser/net/chrome_fraudulent_certificate_reporter.cc
|
| diff --git a/chrome/browser/net/chrome_fraudulent_certificate_reporter.cc b/chrome/browser/net/chrome_fraudulent_certificate_reporter.cc
|
| index d5584938a7fe8e07f83636351ca752d4a03eda1a..e669cf7e244a526001a7aaafe9717900964ad8b0 100644
|
| --- a/chrome/browser/net/chrome_fraudulent_certificate_reporter.cc
|
| +++ b/chrome/browser/net/chrome_fraudulent_certificate_reporter.cc
|
| @@ -27,10 +27,13 @@ namespace chrome_browser_net {
|
| static const char kFraudulentCertificateUploadEndpoint[] =
|
| "http://clients3.google.com/log_cert_error";
|
|
|
| +static const char kInvalidCertificateChainUploadEndpoint[] = "";
|
| +
|
| ChromeFraudulentCertificateReporter::ChromeFraudulentCertificateReporter(
|
| net::URLRequestContext* request_context)
|
| : request_context_(request_context),
|
| - upload_url_(kFraudulentCertificateUploadEndpoint) {
|
| + pinning_violation_upload_url_(kFraudulentCertificateUploadEndpoint),
|
| + invalid_chain_upload_url_(kInvalidCertificateChainUploadEndpoint) {
|
| }
|
|
|
| ChromeFraudulentCertificateReporter::~ChromeFraudulentCertificateReporter() {
|
| @@ -61,15 +64,16 @@ static std::string BuildReport(const std::string& hostname,
|
|
|
| scoped_ptr<net::URLRequest>
|
| ChromeFraudulentCertificateReporter::CreateURLRequest(
|
| - net::URLRequestContext* context) {
|
| + net::URLRequestContext* context,
|
| + const GURL& upload_url) {
|
| scoped_ptr<net::URLRequest> request =
|
| - context->CreateRequest(upload_url_, net::DEFAULT_PRIORITY, this, NULL);
|
| + context->CreateRequest(upload_url, net::DEFAULT_PRIORITY, this, NULL);
|
| request->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES |
|
| net::LOAD_DO_NOT_SAVE_COOKIES);
|
| return request.Pass();
|
| }
|
|
|
| -void ChromeFraudulentCertificateReporter::SendReport(
|
| +void ChromeFraudulentCertificateReporter::SendPinningViolationReport(
|
| const std::string& hostname,
|
| const net::SSLInfo& ssl_info) {
|
| // We do silent/automatic reporting ONLY for Google properties. For other
|
| @@ -80,7 +84,8 @@ void ChromeFraudulentCertificateReporter::SendReport(
|
|
|
| std::string report = BuildReport(hostname, ssl_info);
|
|
|
| - scoped_ptr<net::URLRequest> url_request = CreateURLRequest(request_context_);
|
| + scoped_ptr<net::URLRequest> url_request =
|
| + CreateURLRequest(request_context_, pinning_violation_upload_url_);
|
| url_request->set_method("POST");
|
|
|
| scoped_ptr<net::UploadElementReader> reader(
|
| @@ -98,6 +103,17 @@ void ChromeFraudulentCertificateReporter::SendReport(
|
| raw_url_request->Start();
|
| }
|
|
|
| +void ChromeFraudulentCertificateReporter::SendInvalidChainReport(
|
| + const std::string& hostname,
|
| + const net::SSLInfo& ssl_info) {
|
| + // TODO(estark): Double-check that the user is opted in.
|
| +
|
| + // TODO(estark): Temporarily, since there is no upload endpoint, just log
|
| + // the information.
|
| + LOG(ERROR) << "SSL report for " << hostname << ":\n"
|
| + << BuildReport(hostname, ssl_info) << "\n\n";
|
| +}
|
| +
|
| void ChromeFraudulentCertificateReporter::RequestComplete(
|
| net::URLRequest* request) {
|
| std::set<net::URLRequest*>::iterator i = inflight_requests_.find(request);
|
|
|
Chromium Code Reviews
Issue 935663004:
Add checkbox for reporting invalid TLS/SSL cert chains (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master