Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(3056)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/net/certificate_error_reporter.cc

Issue 935663004: Add checkbox for reporting invalid TLS/SSL cert chains (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: send cookies on SB requests, and use .Pass instead of .release Created 5 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/net/certificate_error_reporter.h ('k') | chrome/browser/net/chrome_fraudulent_certificate_reporter_unittest.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/net/certificate_error_reporter.cc
diff --git a/chrome/browser/net/certificate_error_reporter.cc b/chrome/browser/net/certificate_error_reporter.cc
index 57e737fce6d530e8c87fdbab7736527ab0d8a418..6e42cb149b799dde6bd3fce8563d76acdea61305 100644
--- a/chrome/browser/net/certificate_error_reporter.cc
+++ b/chrome/browser/net/certificate_error_reporter.cc
@@ -20,6 +20,10 @@
namespace chrome_browser_net {
+// URL to upload invalid certificate chain reports
+// TODO(estark): Fill this in with the real URL when live.
+const char kExtendedReportingUploadUrl[] = "http://example.test";
mattm 2015/03/24 21:56:39 Should this just go in ping_manager.cc?
estark 2015/03/24 23:06:06 Done.
+
CertificateErrorReporter::CertificateErrorReporter(
net::URLRequestContext* request_context,
const GURL& upload_url)
@@ -41,14 +45,13 @@ void CertificateErrorReporter::SendReport(ReportType type,
switch (type) {
case REPORT_TYPE_PINNING_VIOLATION:
- SendCertLoggerRequest(request);
+ SendCertLoggerRequest(type, request);
break;
case REPORT_TYPE_EXTENDED_REPORTING:
// TODO(estark): Double-check that the user is opted in.
// TODO(estark): Temporarily, since this is no upload endpoint, just
// log the information.
- request.SerializeToString(&out);
- DVLOG(3) << "SSL report for " << hostname << ":\n" << out << "\n\n";
+ DVLOG(1) << "Would send certificate report for " << hostname;
break;
default:
NOTREACHED();
@@ -73,20 +76,27 @@ void CertificateErrorReporter::OnReadCompleted(net::URLRequest* request,
}
scoped_ptr<net::URLRequest> CertificateErrorReporter::CreateURLRequest(
- net::URLRequestContext* context) {
+ net::URLRequestContext* context,
+ CookiesPreference cookies_preference) {
scoped_ptr<net::URLRequest> request =
context->CreateRequest(upload_url_, net::DEFAULT_PRIORITY, this, NULL);
- request->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES |
- net::LOAD_DO_NOT_SAVE_COOKIES);
+ if (cookies_preference != SEND_COOKIES) {
+ request->SetLoadFlags(net::LOAD_DO_NOT_SEND_COOKIES |
+ net::LOAD_DO_NOT_SAVE_COOKIES);
+ }
return request.Pass();
}
void CertificateErrorReporter::SendCertLoggerRequest(
+ ReportType type,
const CertLoggerRequest& request) {
std::string serialized_request;
request.SerializeToString(&serialized_request);
- scoped_ptr<net::URLRequest> url_request = CreateURLRequest(request_context_);
+ scoped_ptr<net::URLRequest> url_request =
+ CreateURLRequest(request_context_, type == REPORT_TYPE_EXTENDED_REPORTING
+ ? SEND_COOKIES
+ : DO_NOT_SEND_COOKIES);
mattm 2015/03/24 21:56:39 Feels like this would make sense to be controlled
estark 2015/03/24 23:06:06 Done.
url_request->set_method("POST");
scoped_ptr<net::UploadElementReader> reader(
« no previous file with comments | « chrome/browser/net/certificate_error_reporter.h ('k') | chrome/browser/net/chrome_fraudulent_certificate_reporter_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698