diff options
| author | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-01-27 23:09:01 +0000 |
|---|---|---|
| committer | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2014-01-27 23:09:01 +0000 |
| commit | c05e153581d9407006da4bb17b07b6e9e4b67705 (patch) | |
| tree | cc4a5654dbf80d8066a083600249239c9b1aeb0c | |
| parent | bf358277a99bcb8afc35e10cbaded5f18351a61f (diff) | |
| download | chromium_src-c05e153581d9407006da4bb17b07b6e9e4b67705.zip chromium_src-c05e153581d9407006da4bb17b07b6e9e4b67705.tar.gz chromium_src-c05e153581d9407006da4bb17b07b6e9e4b67705.tar.bz2 | |
Merge 246360 "net: pin (*.)gstatic.com, not just ssl.gstatic.com"
> net: pin (*.)gstatic.com, not just ssl.gstatic.com
>
> BUG=335567
> R=cevans@chromium.org, palmer@chromium.org
>
> Review URL: https://codereview.chromium.org/134643021
TBR=agl@chromium.org
Review URL: https://codereview.chromium.org/148443005
git-svn-id: svn://svn.chromium.org/chrome/branches/1750/src@247335 0039d316-1c4b-4281-b951-d872f2087c98
| -rw-r--r-- | net/http/transport_security_state_static.h | 2 | ||||
| -rw-r--r-- | net/http/transport_security_state_static.json | 2 | ||||
| -rw-r--r-- | net/http/transport_security_state_unittest.cc | 3 |
3 files changed, 4 insertions, 3 deletions
diff --git a/net/http/transport_security_state_static.h b/net/http/transport_security_state_static.h index 48ee98c..bd7dd1c 100644 --- a/net/http/transport_security_state_static.h +++ b/net/http/transport_security_state_static.h @@ -429,7 +429,7 @@ static const struct HSTSPreload kPreloadedSTS[] = { {13, true, "\007appspot\003com", false, kGooglePins, DOMAIN_APPSPOT_COM }, {23, true, "\021googlesyndication\003com", false, kGooglePins, DOMAIN_GOOGLESYNDICATION_COM }, {17, true, "\013doubleclick\003net", false, kGooglePins, DOMAIN_DOUBLECLICK_NET }, - {17, true, "\003ssl\007gstatic\003com", false, kGooglePins, DOMAIN_GSTATIC_COM }, + {13, true, "\007gstatic\003com", false, kGooglePins, DOMAIN_GSTATIC_COM }, {10, true, "\005youtu\002be", false, kGooglePins, DOMAIN_YOUTU_BE }, {13, true, "\007android\003com", false, kGooglePins, DOMAIN_ANDROID_COM }, {20, true, "\016googlecommerce\003com", false, kGooglePins, DOMAIN_GOOGLECOMMERCE_COM }, diff --git a/net/http/transport_security_state_static.json b/net/http/transport_security_state_static.json index 96b0988..9b70467 100644 --- a/net/http/transport_security_state_static.json +++ b/net/http/transport_security_state_static.json @@ -218,7 +218,7 @@ { "name": "appspot.com", "include_subdomains": true, "pins": "google" }, { "name": "googlesyndication.com", "include_subdomains": true, "pins": "google" }, { "name": "doubleclick.net", "include_subdomains": true, "pins": "google" }, - { "name": "ssl.gstatic.com", "include_subdomains": true, "pins": "google" }, + { "name": "gstatic.com", "include_subdomains": true, "pins": "google" }, { "name": "youtu.be", "include_subdomains": true, "pins": "google" }, { "name": "android.com", "include_subdomains": true, "pins": "google" }, { "name": "googlecommerce.com", "include_subdomains": true, "pins": "google" }, diff --git a/net/http/transport_security_state_unittest.cc b/net/http/transport_security_state_unittest.cc index c3a791c..c3d15da 100644 --- a/net/http/transport_security_state_unittest.cc +++ b/net/http/transport_security_state_unittest.cc @@ -519,7 +519,8 @@ TEST_F(TransportSecurityStateTest, BuiltinCertPins) { EXPECT_TRUE(HasPublicKeyPins("apis.google.com")); EXPECT_TRUE(HasPublicKeyPins("ssl.gstatic.com")); - EXPECT_FALSE(HasPublicKeyPins("www.gstatic.com")); + EXPECT_TRUE(HasPublicKeyPins("gstatic.com")); + EXPECT_TRUE(HasPublicKeyPins("www.gstatic.com")); EXPECT_TRUE(HasPublicKeyPins("ssl.google-analytics.com")); EXPECT_TRUE(HasPublicKeyPins("www.googleplex.com")); |