diff options
author | abarth@chromium.org <abarth@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-09-05 14:21:09 +0000 |
---|---|---|
committer | abarth@chromium.org <abarth@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-09-05 14:21:09 +0000 |
commit | 77f6fb43d125edea5fe8b76d663de95098baf1de (patch) | |
tree | 3d0edff4af0ca2e5aea5b4520cf31526b249036e /chrome | |
parent | 78d4c52c925f79756e5c1cc8ae1095cdf61f3745 (diff) | |
download | chromium_src-77f6fb43d125edea5fe8b76d663de95098baf1de.zip chromium_src-77f6fb43d125edea5fe8b76d663de95098baf1de.tar.gz chromium_src-77f6fb43d125edea5fe8b76d663de95098baf1de.tar.bz2 |
Rename X-Force-TLS to Strict-Transport-Security.
Also, remove StrictTransportSecurity code from SSLPolicy because that code
doesn't work.
R=agl
Review URL: http://codereview.chromium.org/198035
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@25577 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome')
-rw-r--r-- | chrome/browser/automation/automation_profile_impl.cc | 2 | ||||
-rw-r--r-- | chrome/browser/automation/automation_profile_impl.h | 4 | ||||
-rw-r--r-- | chrome/browser/force_tls_persister.h | 69 | ||||
-rw-r--r-- | chrome/browser/net/chrome_url_request_context.cc | 4 | ||||
-rw-r--r-- | chrome/browser/profile.cc | 33 | ||||
-rw-r--r-- | chrome/browser/profile.h | 21 | ||||
-rw-r--r-- | chrome/browser/ssl/ssl_policy.cc | 6 | ||||
-rw-r--r-- | chrome/browser/ssl/ssl_policy_backend.cc | 8 | ||||
-rw-r--r-- | chrome/browser/ssl/ssl_policy_backend.h | 10 | ||||
-rw-r--r-- | chrome/browser/strict_transport_security_persister.cc (renamed from chrome/browser/force_tls_persister.cc) | 38 | ||||
-rw-r--r-- | chrome/browser/strict_transport_security_persister.h | 74 | ||||
-rw-r--r-- | chrome/chrome.gyp | 4 | ||||
-rw-r--r-- | chrome/test/testing_profile.h | 2 |
13 files changed, 137 insertions, 138 deletions
diff --git a/chrome/browser/automation/automation_profile_impl.cc b/chrome/browser/automation/automation_profile_impl.cc index 7ea154c..8d6118b 100644 --- a/chrome/browser/automation/automation_profile_impl.cc +++ b/chrome/browser/automation/automation_profile_impl.cc @@ -29,7 +29,7 @@ class AutomationURLRequestContext : public ChromeURLRequestContext { http_transaction_factory_ = NULL; ftp_transaction_factory_ = NULL; cookie_store_ = NULL; - force_tls_state_ = NULL; + strict_transport_security_state_ = NULL; // Clear ChromeURLRequestContext members. prefs_ = NULL; diff --git a/chrome/browser/automation/automation_profile_impl.h b/chrome/browser/automation/automation_profile_impl.h index c9aedbe..22a41c8 100644 --- a/chrome/browser/automation/automation_profile_impl.h +++ b/chrome/browser/automation/automation_profile_impl.h @@ -69,8 +69,8 @@ class AutomationProfileImpl : public Profile { virtual SSLHostState* GetSSLHostState() { return original_profile_->GetSSLHostState(); } - virtual net::ForceTLSState* GetForceTLSState() { - return original_profile_->GetForceTLSState(); + virtual net::StrictTransportSecurityState* GetStrictTransportSecurityState() { + return original_profile_->GetStrictTransportSecurityState(); } virtual FaviconService* GetFaviconService(ServiceAccessType access) { return original_profile_->GetFaviconService(access); diff --git a/chrome/browser/force_tls_persister.h b/chrome/browser/force_tls_persister.h deleted file mode 100644 index f7b1d2d..0000000 --- a/chrome/browser/force_tls_persister.h +++ /dev/null @@ -1,69 +0,0 @@ -// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -// ForceTLSState maintains an in memory database containing the list of hosts -// that currently have ForceTLS enabled. This singleton object deals with -// writing that data out to disk as needed and loading it at startup. - -// At startup we need to load the ForceTLS state from the disk. For the moment, -// we don't want to delay startup for this load, so we let the ForceTLSState -// run for a while without being loaded. This means that it's possible for -// pages opened very quickly not to get the correct ForceTLS information. -// -// To load the state, we schedule a Task on the file thread which loads, -// deserialises and configures the ForceTLSState. -// -// The ForceTLSState object supports running a callback function when it -// changes. This object registers the callback, pointing at itself. -// -// ForceTLSState calls... -// ForceTLSPersister::StateIsDirty -// since the callback isn't allowed to block or reenter, we schedule a Task -// on |file_thread_| after some small amount of time -// -// ... -// -// ForceTLSPersister::SerialiseState -// copies the current state of the ForceTLSState, serialises and writes to -// disk. - -#include "base/file_path.h" -#include "base/lock.h" -#include "base/ref_counted.h" -#include "net/base/force_tls_state.h" - -namespace base { -class Thread; -} - -class ForceTLSPersister : public base::RefCountedThreadSafe<ForceTLSPersister>, - public net::ForceTLSState::Delegate { - public: - ForceTLSPersister(net::ForceTLSState* state, base::Thread* file_thread, - const FilePath& profile_path); - - // Called by the ForceTLSState when it changes its state. - virtual void StateIsDirty(net::ForceTLSState*); - - private: - // a Task callback for when the state needs to be written out. - void SerialiseState(); - - // a Task callback for when the state needs to be loaded from disk at startup. - void LoadState(); - - Lock lock_; // protects all the members - - // true when the state object has signaled that we're dirty and we haven't - // serialised the state yet. - bool state_is_dirty_; - - scoped_refptr<net::ForceTLSState> force_tls_state_; - - // This is a thread which can perform file access. - base::Thread* const file_thread_; - - // The path to the file in which we store the serialised state. - const FilePath state_file_; -}; diff --git a/chrome/browser/net/chrome_url_request_context.cc b/chrome/browser/net/chrome_url_request_context.cc index ed69b03..4683e61 100644 --- a/chrome/browser/net/chrome_url_request_context.cc +++ b/chrome/browser/net/chrome_url_request_context.cc @@ -331,7 +331,7 @@ ChromeURLRequestContext::ChromeURLRequestContext(Profile* profile) blacklist_ = profile->GetBlacklist(); - force_tls_state_ = profile->GetForceTLSState(); + strict_transport_security_state_ = profile->GetStrictTransportSecurityState(); if (profile->GetExtensionsService()) { const ExtensionList* extensions = @@ -371,7 +371,7 @@ ChromeURLRequestContext::ChromeURLRequestContext( ftp_transaction_factory_ = other->ftp_transaction_factory_; cookie_store_ = other->cookie_store_; cookie_policy_.set_type(other->cookie_policy_.type()); - force_tls_state_ = other->force_tls_state_; + strict_transport_security_state_ = other->strict_transport_security_state_; accept_language_ = other->accept_language_; accept_charset_ = other->accept_charset_; referrer_charset_ = other->referrer_charset_; diff --git a/chrome/browser/profile.cc b/chrome/browser/profile.cc index 88d02e8..f4fb817 100644 --- a/chrome/browser/profile.cc +++ b/chrome/browser/profile.cc @@ -20,7 +20,7 @@ #include "chrome/browser/extensions/extensions_service.h" #include "chrome/browser/extensions/user_script_master.h" #include "chrome/browser/favicon_service.h" -#include "chrome/browser/force_tls_persister.h" +#include "chrome/browser/strict_transport_security_persister.h" #include "chrome/browser/history/history.h" #include "chrome/browser/in_process_webkit/webkit_context.h" #include "chrome/browser/net/chrome_url_request_context.h" @@ -50,7 +50,7 @@ #include "chrome/common/pref_names.h" #include "chrome/common/render_messages.h" #include "grit/locale_settings.h" -#include "net/base/force_tls_state.h" +#include "net/base/strict_transport_security_state.h" #if defined(OS_LINUX) #include "net/ocsp/nss_ocsp.h" @@ -263,11 +263,13 @@ class OffTheRecordProfileImpl : public Profile, return ssl_host_state_.get(); } - virtual net::ForceTLSState* GetForceTLSState() { - if (!force_tls_state_.get()) - force_tls_state_ = new net::ForceTLSState(); + virtual net::StrictTransportSecurityState* GetStrictTransportSecurityState() { + if (!strict_transport_security_state_.get()) { + strict_transport_security_state_ = + new net::StrictTransportSecurityState(); + } - return force_tls_state_.get(); + return strict_transport_security_state_.get(); } virtual HistoryService* GetHistoryService(ServiceAccessType sat) { @@ -521,8 +523,9 @@ class OffTheRecordProfileImpl : public Profile, // the user visited while OTR. scoped_ptr<SSLHostState> ssl_host_state_; - // The ForceTLSState that only stores enabled sites in memory. - scoped_refptr<net::ForceTLSState> force_tls_state_; + // The StrictTransportSecurityState that only stores enabled sites in memory. + scoped_refptr<net::StrictTransportSecurityState> + strict_transport_security_state_; // Time we were started. Time start_time_; @@ -823,14 +826,16 @@ SSLHostState* ProfileImpl::GetSSLHostState() { return ssl_host_state_.get(); } -net::ForceTLSState* ProfileImpl::GetForceTLSState() { - if (!force_tls_state_.get()) { - force_tls_state_ = new net::ForceTLSState(); - force_tls_persister_ = new ForceTLSPersister( - force_tls_state_.get(), g_browser_process->file_thread(), path_); +net::StrictTransportSecurityState* + ProfileImpl::GetStrictTransportSecurityState() { + if (!strict_transport_security_state_.get()) { + strict_transport_security_state_ = new net::StrictTransportSecurityState(); + strict_transport_security_persister_ = new StrictTransportSecurityPersister( + strict_transport_security_state_.get(), + g_browser_process->file_thread(), path_); } - return force_tls_state_.get(); + return strict_transport_security_state_.get(); } PrefService* ProfileImpl::GetPrefs() { diff --git a/chrome/browser/profile.h b/chrome/browser/profile.h index 97e747b..1769ec8 100644 --- a/chrome/browser/profile.h +++ b/chrome/browser/profile.h @@ -19,7 +19,7 @@ #include "chrome/common/notification_registrar.h" namespace net { -class ForceTLSState; +class StrictTransportSecurityState; class SSLConfigService; } class Blacklist; @@ -34,7 +34,6 @@ class ExtensionProcessManager; class ExtensionMessageService; class ExtensionsService; class FaviconService; -class ForceTLSPersister; class HistoryService; class NavigationController; class PasswordStore; @@ -44,6 +43,7 @@ class SessionService; class SpellChecker; class SSLConfigServiceManager; class SSLHostState; +class StrictTransportSecurityPersister; class SQLitePersistentCookieStore; class TabRestoreService; class TemplateURLFetcher; @@ -155,10 +155,11 @@ class Profile { // called. virtual SSLHostState* GetSSLHostState() = 0; - // Retrieves a pointer to the ForceTLSState associated with this profile. - // The ForceTLSState is lazily created the first time that this method is - // called. - virtual net::ForceTLSState* GetForceTLSState() = 0; + // Retrieves a pointer to the StrictTransportSecurityState associated with + // this profile. The StrictTransportSecurityState is lazily created the + // first time that this method is called. + virtual net::StrictTransportSecurityState* + GetStrictTransportSecurityState() = 0; // Retrieves a pointer to the FaviconService associated with this // profile. The FaviconService is lazily created the first time @@ -370,7 +371,7 @@ class ProfileImpl : public Profile, virtual VisitedLinkMaster* GetVisitedLinkMaster(); virtual UserScriptMaster* GetUserScriptMaster(); virtual SSLHostState* GetSSLHostState(); - virtual net::ForceTLSState* GetForceTLSState(); + virtual net::StrictTransportSecurityState* GetStrictTransportSecurityState(); virtual ExtensionsService* GetExtensionsService(); virtual ExtensionDevToolsManager* GetExtensionDevToolsManager(); virtual ExtensionProcessManager* GetExtensionProcessManager(); @@ -461,8 +462,10 @@ class ProfileImpl : public Profile, scoped_ptr<ExtensionProcessManager> extension_process_manager_; scoped_refptr<ExtensionMessageService> extension_message_service_; scoped_ptr<SSLHostState> ssl_host_state_; - scoped_refptr<net::ForceTLSState> force_tls_state_; - scoped_refptr<ForceTLSPersister> force_tls_persister_; + scoped_refptr<net::StrictTransportSecurityState> + strict_transport_security_state_; + scoped_refptr<StrictTransportSecurityPersister> + strict_transport_security_persister_; scoped_ptr<PrefService> prefs_; scoped_refptr<ThumbnailStore> thumbnail_store_; scoped_ptr<TemplateURLFetcher> template_url_fetcher_; diff --git a/chrome/browser/ssl/ssl_policy.cc b/chrome/browser/ssl/ssl_policy.cc index dd536ef..a5ecfdc 100644 --- a/chrome/browser/ssl/ssl_policy.cc +++ b/chrome/browser/ssl/ssl_policy.cc @@ -118,11 +118,7 @@ void SSLPolicy::OnMixedContent(SSLMixedContentHandler* handler) { // If the user has added an exception, doctor the |filter_policy|. std::string host = GURL(handler->main_frame_origin()).host(); - if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kForceHTTPS) && - backend_->IsForceTLSEnabledForHost(host)) { - // We're supposed to block all mixed content for this host. - filter_policy = FilterPolicy::FILTER_ALL; - } else if (backend_->DidAllowMixedContentForHost(host) || + if (backend_->DidAllowMixedContentForHost(host) || backend_->DidMarkHostAsBroken(host, handler->pid())) { // Let the mixed content through. filter_policy = FilterPolicy::DONT_FILTER; diff --git a/chrome/browser/ssl/ssl_policy_backend.cc b/chrome/browser/ssl/ssl_policy_backend.cc index 592ccc0..310f3ba 100644 --- a/chrome/browser/ssl/ssl_policy_backend.cc +++ b/chrome/browser/ssl/ssl_policy_backend.cc @@ -14,7 +14,6 @@ #include "chrome/common/notification_service.h" #include "grit/generated_resources.h" #include "grit/theme_resources.h" -#include "net/base/force_tls_state.h" using WebKit::WebConsoleMessage; @@ -69,8 +68,7 @@ class SSLInfoBarDelegate : public ConfirmInfoBarDelegate { SSLPolicyBackend::SSLPolicyBackend(NavigationController* controller) : controller_(controller), - ssl_host_state_(controller->profile()->GetSSLHostState()), - force_tls_state_(controller->profile()->GetForceTLSState()) { + ssl_host_state_(controller->profile()->GetSSLHostState()) { DCHECK(controller_); } @@ -162,10 +160,6 @@ bool SSLPolicyBackend::DidAllowMixedContentForHost( return ssl_host_state_->DidAllowMixedContentForHost(host); } -bool SSLPolicyBackend::IsForceTLSEnabledForHost(const std::string& host) const { - return force_tls_state_->IsEnabledForHost(host); -} - void SSLPolicyBackend::Reload() { controller_->Reload(true); } diff --git a/chrome/browser/ssl/ssl_policy_backend.h b/chrome/browser/ssl/ssl_policy_backend.h index 2d84232..f8a829c 100644 --- a/chrome/browser/ssl/ssl_policy_backend.h +++ b/chrome/browser/ssl/ssl_policy_backend.h @@ -13,9 +13,6 @@ #include "net/base/x509_certificate.h" #include "webkit/api/public/WebConsoleMessage.h" -namespace net { -class ForceTLSState; -} class NavigationController; class SSLHostState; class Task; @@ -71,9 +68,6 @@ class SSLPolicyBackend { // Returns whether the specified host is allowed to show mixed content. bool DidAllowMixedContentForHost(const std::string& host) const; - // Returns whether ForceTLS is enabled for |host|. - bool IsForceTLSEnabledForHost(const std::string& host) const; - // Reloads the tab. void Reload(); @@ -118,10 +112,6 @@ class SSLPolicyBackend { // SSL state specific for each host. SSLHostState* ssl_host_state_; - // ForceTLS state. - // TODO(abarth): Consider combining with SSLHostState? - net::ForceTLSState* force_tls_state_; - // The list of messages that should be displayed (in info bars) when the page // currently loading had loaded. std::vector<SSLMessageInfo> pending_messages_; diff --git a/chrome/browser/force_tls_persister.cc b/chrome/browser/strict_transport_security_persister.cc index 4bcec6f..c9120ad 100644 --- a/chrome/browser/force_tls_persister.cc +++ b/chrome/browser/strict_transport_security_persister.cc @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "chrome/browser/force_tls_persister.h" +#include "chrome/browser/strict_transport_security_persister.h" #include "base/file_path.h" #include "base/file_util.h" @@ -10,23 +10,26 @@ #include "base/path_service.h" #include "base/thread.h" #include "chrome/common/chrome_paths.h" -#include "net/base/force_tls_state.h" +#include "net/base/strict_transport_security_state.h" -ForceTLSPersister::ForceTLSPersister(net::ForceTLSState* state, - base::Thread* file_thread, - const FilePath& profile_path) +StrictTransportSecurityPersister::StrictTransportSecurityPersister( + net::StrictTransportSecurityState* state, + base::Thread* file_thread, + const FilePath& profile_path) : state_is_dirty_(false), - force_tls_state_(state), + strict_transport_security_state_(state), file_thread_(file_thread), - state_file_(profile_path.Append(FILE_PATH_LITERAL("ForceTLS"))) { + state_file_(profile_path.Append( + FILE_PATH_LITERAL("StrictTransportSecurity"))) { state->SetDelegate(this); - Task* task = NewRunnableMethod(this, &ForceTLSPersister::LoadState); + Task* task = NewRunnableMethod(this, + &StrictTransportSecurityPersister::LoadState); file_thread->message_loop()->PostDelayedTask(FROM_HERE, task, 1000 /* 1 second */); } -void ForceTLSPersister::LoadState() { +void StrictTransportSecurityPersister::LoadState() { // Runs on |file_thread_| AutoLock locked_(lock_); DCHECK(file_thread_->message_loop() == MessageLoop::current()); @@ -35,24 +38,27 @@ void ForceTLSPersister::LoadState() { if (!file_util::ReadFileToString(state_file_, &state)) return; - force_tls_state_->Deserialise(state); + strict_transport_security_state_->Deserialise(state); } -void ForceTLSPersister::StateIsDirty(net::ForceTLSState* state) { - // Runs on arbitary thread, may not block nor reenter |force_tls_state_| +void StrictTransportSecurityPersister::StateIsDirty( + net::StrictTransportSecurityState* state) { + // Runs on arbitary thread, may not block nor reenter + // |strict_transport_security_state_|. AutoLock locked_(lock_); - DCHECK(state == force_tls_state_); + DCHECK(state == strict_transport_security_state_); if (state_is_dirty_) return; // we already have a serialisation scheduled - Task* task = NewRunnableMethod(this, &ForceTLSPersister::SerialiseState); + Task* task = NewRunnableMethod(this, + &StrictTransportSecurityPersister::SerialiseState); file_thread_->message_loop()->PostDelayedTask(FROM_HERE, task, 1000 /* 1 second */); state_is_dirty_ = true; } -void ForceTLSPersister::SerialiseState() { +void StrictTransportSecurityPersister::SerialiseState() { // Runs on |file_thread_| AutoLock locked_(lock_); DCHECK(file_thread_->message_loop() == MessageLoop::current()); @@ -61,7 +67,7 @@ void ForceTLSPersister::SerialiseState() { state_is_dirty_ = false; std::string state; - if (!force_tls_state_->Serialise(&state)) + if (!strict_transport_security_state_->Serialise(&state)) return; file_util::WriteFile(state_file_, state.data(), state.size()); diff --git a/chrome/browser/strict_transport_security_persister.h b/chrome/browser/strict_transport_security_persister.h new file mode 100644 index 0000000..f7457304 --- /dev/null +++ b/chrome/browser/strict_transport_security_persister.h @@ -0,0 +1,74 @@ +// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +// StrictTransportSecurityState maintains an in memory database containing the +// list of hosts that currently have strict transport security enabled. This +// singleton object deals with writing that data out to disk as needed and +// loading it at startup. + +// At startup we need to load the strict transport security state from the +// disk. For the moment, we don't want to delay startup for this load, so we +// let the StrictTransportSecurityState run for a while without being loaded. +// This means that it's possible for pages opened very quickly not to get the +// correct strict transport security information. +// +// To load the state, we schedule a Task on the file thread which loads, +// deserialises and configures the StrictTransportSecurityState. +// +// The StrictTransportSecurityState object supports running a callback function +// when it changes. This object registers the callback, pointing at itself. +// +// StrictTransportSecurityState calls... +// StrictTransportSecurityPersister::StateIsDirty +// since the callback isn't allowed to block or reenter, we schedule a Task +// on |file_thread_| after some small amount of time +// +// ... +// +// StrictTransportSecurityPersister::SerialiseState +// copies the current state of the StrictTransportSecurityState, serialises +// and writes to disk. + +#include "base/file_path.h" +#include "base/lock.h" +#include "base/ref_counted.h" +#include "net/base/strict_transport_security_state.h" + +namespace base { +class Thread; +} + +class StrictTransportSecurityPersister : + public base::RefCountedThreadSafe<StrictTransportSecurityPersister>, + public net::StrictTransportSecurityState::Delegate { + public: + StrictTransportSecurityPersister(net::StrictTransportSecurityState* state, + base::Thread* file_thread, + const FilePath& profile_path); + + // Called by the StrictTransportSecurityState when it changes its state. + virtual void StateIsDirty(net::StrictTransportSecurityState*); + + private: + // a Task callback for when the state needs to be written out. + void SerialiseState(); + + // a Task callback for when the state needs to be loaded from disk at startup. + void LoadState(); + + Lock lock_; // protects all the members + + // true when the state object has signaled that we're dirty and we haven't + // serialised the state yet. + bool state_is_dirty_; + + scoped_refptr<net::StrictTransportSecurityState> + strict_transport_security_state_; + + // This is a thread which can perform file access. + base::Thread* const file_thread_; + + // The path to the file in which we store the serialised state. + const FilePath state_file_; +}; diff --git a/chrome/chrome.gyp b/chrome/chrome.gyp index aa95491..2167098 100644 --- a/chrome/chrome.gyp +++ b/chrome/chrome.gyp @@ -1185,8 +1185,6 @@ 'browser/external_protocol_handler.h', 'browser/external_tab_container.cc', 'browser/external_tab_container.h', - 'browser/force_tls_persister.cc', - 'browser/force_tls_persister.h', 'browser/global_keyboard_shortcuts_mac.h', 'browser/global_keyboard_shortcuts_mac.mm', 'browser/fav_icon_helper.cc', @@ -1805,6 +1803,8 @@ 'browser/ssl/ssl_policy_backend.h', 'browser/ssl/ssl_request_info.h', 'browser/status_bubble.h', + 'browser/strict_transport_security_persister.cc', + 'browser/strict_transport_security_persister.h', 'browser/sync/engine/syncapi.h', 'browser/sync/glue/bookmark_model_worker.cc', 'browser/sync/glue/bookmark_model_worker.h', diff --git a/chrome/test/testing_profile.h b/chrome/test/testing_profile.h index bc06a3d..b61e88d 100644 --- a/chrome/test/testing_profile.h +++ b/chrome/test/testing_profile.h @@ -100,7 +100,7 @@ class TestingProfile : public Profile { virtual SSLHostState* GetSSLHostState() { return NULL; } - virtual net::ForceTLSState* GetForceTLSState() { + virtual net::StrictTransportSecurityState* GetStrictTransportSecurityState() { return NULL; } virtual FaviconService* GetFaviconService(ServiceAccessType access) { |