Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(722)

Side by Side Diff: net/http/http_security_headers.cc

Issue 13483007: Don't set MODE_DEFAULT when adding HPKP header. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Disable new test on Chrome Frame since it can't work. Created 7 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "base/base64.h" 5 #include "base/base64.h"
6 #include "base/basictypes.h" 6 #include "base/basictypes.h"
7 #include "base/string_number_conversions.h" 7 #include "base/string_number_conversions.h"
8 #include "base/string_util.h" 8 #include "base/string_util.h"
9 #include "base/strings/string_tokenizer.h" 9 #include "base/strings/string_tokenizer.h"
10 #include "net/http/http_security_headers.h" 10 #include "net/http/http_security_headers.h"
(...skipping 146 matching lines...) Expand 10 before | Expand all | Expand 10 after
157 // 3. Directive names are case-insensitive. 157 // 3. Directive names are case-insensitive.
158 // 158 //
159 // 4. UAs MUST ignore any STS header fields containing directives, or 159 // 4. UAs MUST ignore any STS header fields containing directives, or
160 // other header field value data, that does not conform to the 160 // other header field value data, that does not conform to the
161 // syntax defined in this specification. 161 // syntax defined in this specification.
162 // 162 //
163 // 5. If an STS header field contains directive(s) not recognized by 163 // 5. If an STS header field contains directive(s) not recognized by
164 // the UA, the UA MUST ignore the unrecognized directives and if the 164 // the UA, the UA MUST ignore the unrecognized directives and if the
165 // STS header field otherwise satisfies the above requirements (1 165 // STS header field otherwise satisfies the above requirements (1
166 // through 4), the UA MUST process the recognized directives. 166 // through 4), the UA MUST process the recognized directives.
167 bool ParseHSTSHeader(const base::Time& now, const std::string& value, 167 bool ParseHSTSHeader(const base::Time& now,
168 base::Time* expiry, // OUT 168 const std::string& value,
169 bool* include_subdomains) { // OUT 169 base::Time* expiry,
170 bool* include_subdomains) {
170 uint32 max_age_candidate = 0; 171 uint32 max_age_candidate = 0;
171 bool include_subdomains_candidate = false; 172 bool include_subdomains_candidate = false;
172 173
173 // We must see max-age exactly once. 174 // We must see max-age exactly once.
174 int max_age_observed = 0; 175 int max_age_observed = 0;
175 // We must see includeSubdomains exactly 0 or 1 times. 176 // We must see includeSubdomains exactly 0 or 1 times.
176 int include_subdomains_observed = 0; 177 int include_subdomains_observed = 0;
177 178
178 enum ParserState { 179 enum ParserState {
179 START, 180 START,
(...skipping 141 matching lines...) Expand 10 before | Expand all | Expand 10 after
321 *expiry = now + base::TimeDelta::FromSeconds(max_age_candidate); 322 *expiry = now + base::TimeDelta::FromSeconds(max_age_candidate);
322 for (HashValueVector::const_iterator i = pins.begin(); 323 for (HashValueVector::const_iterator i = pins.begin();
323 i != pins.end(); ++i) { 324 i != pins.end(); ++i) {
324 hashes->push_back(*i); 325 hashes->push_back(*i);
325 } 326 }
326 327
327 return true; 328 return true;
328 } 329 }
329 330
330 } // namespace net 331 } // namespace net
OLDNEW
« no previous file with comments | « net/data/url_request_unittest/hsts-and-hpkp-headers.html.mock-http-headers ('k') | net/http/http_security_headers_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698