Rename X-Force-TLS to Strict-Transport-Security.

Also, remove StrictTransportSecurity code from SSLPolicy because that code
doesn't work.

R=agl

Review URL: http://codereview.chromium.org/198035

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@25577 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 74 insertions, 0 deletions

diff --git a/chrome/browser/strict_transport_security_persister.h b/chrome/browser/strict_transport_security_persister.h
new file mode 100644
index 0000000..f7457304
--- /dev/null
+++ b/chrome/browser/strict_transport_security_persister.h
@@ -0,0 +1,74 @@
+// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// StrictTransportSecurityState maintains an in memory database containing the
+// list of hosts that currently have strict transport security enabled. This
+// singleton object deals with writing that data out to disk as needed and
+// loading it at startup.
+
+// At startup we need to load the strict transport security state from the
+// disk. For the moment, we don't want to delay startup for this load, so we
+// let the StrictTransportSecurityState run for a while without being loaded.
+// This means that it's possible for pages opened very quickly not to get the
+// correct strict transport security information.
+//
+// To load the state, we schedule a Task on the file thread which loads,
+// deserialises and configures the StrictTransportSecurityState.
+//
+// The StrictTransportSecurityState object supports running a callback function
+// when it changes. This object registers the callback, pointing at itself.
+//
+// StrictTransportSecurityState calls...
+// StrictTransportSecurityPersister::StateIsDirty
+//   since the callback isn't allowed to block or reenter, we schedule a Task
+//   on |file_thread_| after some small amount of time
+//
+// ...
+//
+// StrictTransportSecurityPersister::SerialiseState
+//   copies the current state of the StrictTransportSecurityState, serialises
+//   and writes to disk.
+
+#include "base/file_path.h"
+#include "base/lock.h"
+#include "base/ref_counted.h"
+#include "net/base/strict_transport_security_state.h"
+
+namespace base {
+class Thread;
+}
+
+class StrictTransportSecurityPersister :
+    public base::RefCountedThreadSafe<StrictTransportSecurityPersister>,
+    public net::StrictTransportSecurityState::Delegate {
+ public:
+  StrictTransportSecurityPersister(net::StrictTransportSecurityState* state,
+                                   base::Thread* file_thread,
+                                   const FilePath& profile_path);
+
+  // Called by the StrictTransportSecurityState when it changes its state.
+  virtual void StateIsDirty(net::StrictTransportSecurityState*);
+
+ private:
+  // a Task callback for when the state needs to be written out.
+  void SerialiseState();
+
+  // a Task callback for when the state needs to be loaded from disk at startup.
+  void LoadState();
+
+  Lock lock_;  // protects all the members
+
+  // true when the state object has signaled that we're dirty and we haven't
+  // serialised the state yet.
+  bool state_is_dirty_;
+
+  scoped_refptr<net::StrictTransportSecurityState>
+      strict_transport_security_state_;
+
+  // This is a thread which can perform file access.
+  base::Thread* const file_thread_;
+
+  // The path to the file in which we store the serialised state.
+  const FilePath state_file_;
+};