SPDY: augment Strict Transport Security with the beginnings of SPDY upgrade.

This adds an opportunistic flag to the information that we store in
the Strict Transport Security State. Given this, STSS might be
misnamed now, but renaming it in this patch would add huge amounts of
noise.

We process the 'X-Bodge-Transport-Security' header which has the same
format as the STS header. When we see this on an HTTP connection,
we'll probe for a clean HTTPS path to the host and then remember it.
This header should be considered mutually exclusive with STS, although
this isn't enforced in the code.

The remembered flag is currently ignored by the rest of the code. This
will be addressed in a future patch.

The header should be called 'Opportunistic-Transport-Security' in the
future, but we have some issues to work out before we take that name.

http://codereview.chromium.org/456011

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@34380 0039d316-1c4b-4281-b951-d872f2087c98

7 files changed, 81 insertions, 81 deletions

diff --git a/chrome/browser/automation/automation_profile_impl.cc b/chrome/browser/automation/automation_profile_impl.cc
index ce0949e..0acd37d 100644
--- a/chrome/browser/automation/automation_profile_impl.cc
+++ b/chrome/browser/automation/automation_profile_impl.cc
@@ -38,7 +38,7 @@ class AutomationURLRequestContext : public ChromeURLRequestContext {
     http_transaction_factory_ = NULL;
     ftp_transaction_factory_ = NULL;
     cookie_store_ = NULL;
-    strict_transport_security_state_ = NULL;
+    transport_security_state_ = NULL;
   }
 
   scoped_refptr<ChromeURLRequestContext> original_context_;
diff --git a/chrome/browser/net/chrome_url_request_context.cc b/chrome/browser/net/chrome_url_request_context.cc
index 51b5517..97fba69 100644
--- a/chrome/browser/net/chrome_url_request_context.cc
+++ b/chrome/browser/net/chrome_url_request_context.cc
@@ -750,7 +750,7 @@ ChromeURLRequestContext::ChromeURLRequestContext(
   ftp_transaction_factory_ = other->ftp_transaction_factory_;
   cookie_store_ = other->cookie_store_;
   cookie_policy_.set_type(other->cookie_policy_.type());
-  strict_transport_security_state_ = other->strict_transport_security_state_;
+  transport_security_state_ = other->transport_security_state_;
   accept_language_ = other->accept_language_;
   accept_charset_ = other->accept_charset_;
   referrer_charset_ = other->referrer_charset_;
@@ -835,7 +835,7 @@ ChromeURLRequestContextFactory::ChromeURLRequestContextFactory(Profile* profile)
   blacklist_manager_ = profile->GetBlacklistManager();
 
   // TODO(eroman): this doesn't look safe; sharing between IO and UI threads!
-  strict_transport_security_state_ = profile->GetStrictTransportSecurityState();
+  transport_security_state_ = profile->GetTransportSecurityState();
 
   if (profile->GetExtensionsService()) {
     const ExtensionList* extensions =
@@ -872,8 +872,8 @@ void ChromeURLRequestContextFactory::ApplyProfileParametersToContext(
   context->set_user_script_dir_path(user_script_dir_path_);
   context->set_host_zoom_map(host_zoom_map_);
   context->set_blacklist_manager(blacklist_manager_.get());
-  context->set_strict_transport_security_state(
-      strict_transport_security_state_);
+  context->set_transport_security_state(
+      transport_security_state_);
   context->set_ssl_config_service(ssl_config_service_);
 }
 
diff --git a/chrome/browser/net/chrome_url_request_context.h b/chrome/browser/net/chrome_url_request_context.h
index 55c497a..912f484 100644
--- a/chrome/browser/net/chrome_url_request_context.h
+++ b/chrome/browser/net/chrome_url_request_context.h
@@ -212,9 +212,9 @@ class ChromeURLRequestContext : public URLRequestContext {
   void set_cookie_policy_type(net::CookiePolicy::Type type) {
     cookie_policy_.set_type(type);
   }
-  void set_strict_transport_security_state(
-      net::StrictTransportSecurityState* state) {
-    strict_transport_security_state_ = state;
+  void set_transport_security_state(
+      net::TransportSecurityState* state) {
+    transport_security_state_ = state;
   }
   void set_ssl_config_service(net::SSLConfigService* service) {
     ssl_config_service_ = service;
@@ -317,7 +317,7 @@ class ChromeURLRequestContextFactory {
   FilePath user_script_dir_path_;
   scoped_refptr<HostZoomMap> host_zoom_map_;
   scoped_refptr<BlacklistManager> blacklist_manager_;
-  net::StrictTransportSecurityState* strict_transport_security_state_;
+  net::TransportSecurityState* transport_security_state_;
   scoped_refptr<net::SSLConfigService> ssl_config_service_;
 
   FilePath profile_dir_path_;
diff --git a/chrome/browser/profile.cc b/chrome/browser/profile.cc
index fa245e0..3f5deee 100644
--- a/chrome/browser/profile.cc
+++ b/chrome/browser/profile.cc
@@ -27,7 +27,7 @@
 #include "chrome/browser/extensions/user_script_master.h"
 #include "chrome/browser/favicon_service.h"
 #include "chrome/browser/spellcheck_host.h"
-#include "chrome/browser/strict_transport_security_persister.h"
+#include "chrome/browser/transport_security_persister.h"
 #include "chrome/browser/history/history.h"
 #include "chrome/browser/host_zoom_map.h"
 #include "chrome/browser/in_process_webkit/webkit_context.h"
@@ -59,7 +59,7 @@
 #include "chrome/common/pref_names.h"
 #include "chrome/common/render_messages.h"
 #include "grit/locale_settings.h"
-#include "net/base/strict_transport_security_state.h"
+#include "net/base/transport_security_state.h"
 #include "webkit/database/database_tracker.h"
 
 #if defined(OS_LINUX)
@@ -273,13 +273,13 @@ class OffTheRecordProfileImpl : public Profile,
     return ssl_host_state_.get();
   }
 
-  virtual net::StrictTransportSecurityState* GetStrictTransportSecurityState() {
-    if (!strict_transport_security_state_.get()) {
-      strict_transport_security_state_ =
-          new net::StrictTransportSecurityState();
+  virtual net::TransportSecurityState* GetTransportSecurityState() {
+    if (!transport_security_state_.get()) {
+      transport_security_state_ =
+          new net::TransportSecurityState();
     }
 
-    return strict_transport_security_state_.get();
+    return transport_security_state_.get();
   }
 
   virtual HistoryService* GetHistoryService(ServiceAccessType sat) {
@@ -551,9 +551,9 @@ class OffTheRecordProfileImpl : public Profile,
   // the user visited while OTR.
   scoped_ptr<SSLHostState> ssl_host_state_;
 
-  // The StrictTransportSecurityState that only stores enabled sites in memory.
-  scoped_refptr<net::StrictTransportSecurityState>
-      strict_transport_security_state_;
+  // The TransportSecurityState that only stores enabled sites in memory.
+  scoped_refptr<net::TransportSecurityState>
+      transport_security_state_;
 
   // Time we were started.
   Time start_time_;
@@ -855,17 +855,17 @@ SSLHostState* ProfileImpl::GetSSLHostState() {
   return ssl_host_state_.get();
 }
 
-net::StrictTransportSecurityState*
-    ProfileImpl::GetStrictTransportSecurityState() {
-  if (!strict_transport_security_state_.get()) {
-    strict_transport_security_state_ = new net::StrictTransportSecurityState();
-    strict_transport_security_persister_ =
-        new StrictTransportSecurityPersister();
-    strict_transport_security_persister_->Initialize(
-        strict_transport_security_state_.get(), path_);
+net::TransportSecurityState*
+    ProfileImpl::GetTransportSecurityState() {
+  if (!transport_security_state_.get()) {
+    transport_security_state_ = new net::TransportSecurityState();
+    transport_security_persister_ =
+        new TransportSecurityPersister();
+    transport_security_persister_->Initialize(
+        transport_security_state_.get(), path_);
   }
 
-  return strict_transport_security_state_.get();
+  return transport_security_state_.get();
 }
 
 PrefService* ProfileImpl::GetPrefs() {
diff --git a/chrome/browser/profile.h b/chrome/browser/profile.h
index 2a1c065..815dc22 100644
--- a/chrome/browser/profile.h
+++ b/chrome/browser/profile.h
@@ -22,7 +22,7 @@
 #endif
 
 namespace net {
-class StrictTransportSecurityState;
+class TransportSecurityState;
 class SSLConfigService;
 }
 
@@ -55,7 +55,7 @@ class SessionService;
 class SpellCheckHost;
 class SSLConfigServiceManager;
 class SSLHostState;
-class StrictTransportSecurityPersister;
+class TransportSecurityPersister;
 class SQLitePersistentCookieStore;
 class TabRestoreService;
 class TemplateURLFetcher;
@@ -174,11 +174,11 @@ class Profile {
   // called.
   virtual SSLHostState* GetSSLHostState() = 0;
 
-  // Retrieves a pointer to the StrictTransportSecurityState associated with
-  // this profile.  The StrictTransportSecurityState is lazily created the
+  // Retrieves a pointer to the TransportSecurityState associated with
+  // this profile.  The TransportSecurityState is lazily created the
   // first time that this method is called.
-  virtual net::StrictTransportSecurityState*
-      GetStrictTransportSecurityState() = 0;
+  virtual net::TransportSecurityState*
+      GetTransportSecurityState() = 0;
 
   // Retrieves a pointer to the FaviconService associated with this
   // profile.  The FaviconService is lazily created the first time
@@ -408,7 +408,7 @@ class ProfileImpl : public Profile,
   virtual VisitedLinkMaster* GetVisitedLinkMaster();
   virtual UserScriptMaster* GetUserScriptMaster();
   virtual SSLHostState* GetSSLHostState();
-  virtual net::StrictTransportSecurityState* GetStrictTransportSecurityState();
+  virtual net::TransportSecurityState* GetTransportSecurityState();
   virtual ExtensionsService* GetExtensionsService();
   virtual ExtensionDevToolsManager* GetExtensionDevToolsManager();
   virtual ExtensionProcessManager* GetExtensionProcessManager();
@@ -499,10 +499,10 @@ class ProfileImpl : public Profile,
   scoped_ptr<ExtensionProcessManager> extension_process_manager_;
   scoped_refptr<ExtensionMessageService> extension_message_service_;
   scoped_ptr<SSLHostState> ssl_host_state_;
-  scoped_refptr<net::StrictTransportSecurityState>
-      strict_transport_security_state_;
-  scoped_refptr<StrictTransportSecurityPersister>
-      strict_transport_security_persister_;
+  scoped_refptr<net::TransportSecurityState>
+      transport_security_state_;
+  scoped_refptr<TransportSecurityPersister>
+      transport_security_persister_;
   scoped_ptr<PrefService> prefs_;
   scoped_refptr<ThumbnailStore> thumbnail_store_;
   scoped_ptr<TemplateURLFetcher> template_url_fetcher_;
diff --git a/chrome/browser/strict_transport_security_persister.cc b/chrome/browser/transport_security_persister.cc
index ce6078a..ffc1ab3 100644
--- a/chrome/browser/strict_transport_security_persister.cc
+++ b/chrome/browser/transport_security_persister.cc
@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-#include "chrome/browser/strict_transport_security_persister.h"
+#include "chrome/browser/transport_security_persister.h"
 
 #include "base/file_path.h"
 #include "base/file_util.h"
@@ -10,29 +10,29 @@
 #include "base/path_service.h"
 #include "chrome/browser/chrome_thread.h"
 #include "chrome/common/chrome_paths.h"
-#include "net/base/strict_transport_security_state.h"
+#include "net/base/transport_security_state.h"
 
-StrictTransportSecurityPersister::StrictTransportSecurityPersister()
+TransportSecurityPersister::TransportSecurityPersister()
     : state_is_dirty_(false) {
 }
 
-StrictTransportSecurityPersister::~StrictTransportSecurityPersister() {
-  strict_transport_security_state_->SetDelegate(NULL);
+TransportSecurityPersister::~TransportSecurityPersister() {
+  transport_security_state_->SetDelegate(NULL);
 }
 
-void StrictTransportSecurityPersister::Initialize(
-    net::StrictTransportSecurityState* state, const FilePath& profile_path) {
-  strict_transport_security_state_ = state;
+void TransportSecurityPersister::Initialize(
+    net::TransportSecurityState* state, const FilePath& profile_path) {
+  transport_security_state_ = state;
   state_file_ =
-      profile_path.Append(FILE_PATH_LITERAL("StrictTransportSecurity"));
+      profile_path.Append(FILE_PATH_LITERAL("TransportSecurity"));
   state->SetDelegate(this);
 
   Task* task = NewRunnableMethod(this,
-      &StrictTransportSecurityPersister::LoadState);
+      &TransportSecurityPersister::LoadState);
   ChromeThread::PostDelayedTask(ChromeThread::FILE, FROM_HERE, task, 1000);
 }
 
-void StrictTransportSecurityPersister::LoadState() {
+void TransportSecurityPersister::LoadState() {
   AutoLock locked_(lock_);
   DCHECK(ChromeThread::CurrentlyOn(ChromeThread::FILE));
 
@@ -40,26 +40,26 @@ void StrictTransportSecurityPersister::LoadState() {
   if (!file_util::ReadFileToString(state_file_, &state))
     return;
 
-  strict_transport_security_state_->Deserialise(state);
+  transport_security_state_->Deserialise(state);
 }
 
-void StrictTransportSecurityPersister::StateIsDirty(
-    net::StrictTransportSecurityState* state) {
+void TransportSecurityPersister::StateIsDirty(
+    net::TransportSecurityState* state) {
   // Runs on arbitary thread, may not block nor reenter
-  // |strict_transport_security_state_|.
+  // |transport_security_state_|.
   AutoLock locked_(lock_);
-  DCHECK(state == strict_transport_security_state_);
+  DCHECK(state == transport_security_state_);
 
   if (state_is_dirty_)
     return;  // we already have a serialisation scheduled
 
   Task* task = NewRunnableMethod(this,
-      &StrictTransportSecurityPersister::SerialiseState);
+      &TransportSecurityPersister::SerialiseState);
   ChromeThread::PostDelayedTask(ChromeThread::FILE, FROM_HERE, task, 1000);
   state_is_dirty_ = true;
 }
 
-void StrictTransportSecurityPersister::SerialiseState() {
+void TransportSecurityPersister::SerialiseState() {
   AutoLock locked_(lock_);
   DCHECK(ChromeThread::CurrentlyOn(ChromeThread::FILE));
 
@@ -67,7 +67,7 @@ void StrictTransportSecurityPersister::SerialiseState() {
   state_is_dirty_ = false;
 
   std::string state;
-  if (!strict_transport_security_state_->Serialise(&state))
+  if (!transport_security_state_->Serialise(&state))
     return;
 
   file_util::WriteFile(state_file_, state.data(), state.size());
diff --git a/chrome/browser/strict_transport_security_persister.h b/chrome/browser/transport_security_persister.h
index 8a24660..660faa7 100644
--- a/chrome/browser/strict_transport_security_persister.h
+++ b/chrome/browser/transport_security_persister.h
@@ -2,32 +2,32 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
-// StrictTransportSecurityState maintains an in memory database containing the
-// list of hosts that currently have strict transport security enabled. This
+// TransportSecurityState maintains an in memory database containing the
+// list of hosts that currently have transport security enabled. This
 // singleton object deals with writing that data out to disk as needed and
 // loading it at startup.
 
-// At startup we need to load the strict transport security state from the
+// At startup we need to load the transport security state from the
 // disk. For the moment, we don't want to delay startup for this load, so we
-// let the StrictTransportSecurityState run for a while without being loaded.
+// let the TransportSecurityState run for a while without being loaded.
 // This means that it's possible for pages opened very quickly not to get the
-// correct strict transport security information.
+// correct transport security information.
 //
 // To load the state, we schedule a Task on the file thread which loads,
-// deserialises and configures the StrictTransportSecurityState.
+// deserialises and configures the TransportSecurityState.
 //
-// The StrictTransportSecurityState object supports running a callback function
+// The TransportSecurityState object supports running a callback function
 // when it changes. This object registers the callback, pointing at itself.
 //
-// StrictTransportSecurityState calls...
-// StrictTransportSecurityPersister::StateIsDirty
+// TransportSecurityState calls...
+// TransportSecurityPersister::StateIsDirty
 //   since the callback isn't allowed to block or reenter, we schedule a Task
 //   on the file thread after some small amount of time
 //
 // ...
 //
-// StrictTransportSecurityPersister::SerialiseState
-//   copies the current state of the StrictTransportSecurityState, serialises
+// TransportSecurityPersister::SerialiseState
+//   copies the current state of the TransportSecurityState, serialises
 //   and writes to disk.
 
 #ifndef CHROME_BROWSER_STRICT_TRANSPORT_SECURITY_PERSISTER_H_
@@ -36,23 +36,23 @@
 #include "base/file_path.h"
 #include "base/lock.h"
 #include "base/ref_counted.h"
-#include "net/base/strict_transport_security_state.h"
+#include "net/base/transport_security_state.h"
 
-class StrictTransportSecurityPersister
-    : public base::RefCountedThreadSafe<StrictTransportSecurityPersister>,
-      public net::StrictTransportSecurityState::Delegate {
+class TransportSecurityPersister
+    : public base::RefCountedThreadSafe<TransportSecurityPersister>,
+      public net::TransportSecurityState::Delegate {
  public:
-  StrictTransportSecurityPersister();
-  void Initialize(net::StrictTransportSecurityState* state,
+  TransportSecurityPersister();
+  void Initialize(net::TransportSecurityState* state,
                   const FilePath& profile_path);
 
-  // Called by the StrictTransportSecurityState when it changes its state.
-  virtual void StateIsDirty(net::StrictTransportSecurityState*);
+  // Called by the TransportSecurityState when it changes its state.
+  virtual void StateIsDirty(net::TransportSecurityState*);
 
  private:
-  friend class base::RefCountedThreadSafe<StrictTransportSecurityPersister>;
+  friend class base::RefCountedThreadSafe<TransportSecurityPersister>;
 
-  ~StrictTransportSecurityPersister();
+  ~TransportSecurityPersister();
 
   // a Task callback for when the state needs to be written out.
   void SerialiseState();
@@ -66,8 +66,8 @@ class StrictTransportSecurityPersister
   // serialised the state yet.
   bool state_is_dirty_;
 
-  scoped_refptr<net::StrictTransportSecurityState>
-      strict_transport_security_state_;
+  scoped_refptr<net::TransportSecurityState>
+      transport_security_state_;
   // The path to the file in which we store the serialised state.
   FilePath state_file_;
 };