chromium_src.git - central chromium sources

diff options

author	palmer@chromium.org <palmer@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2012-01-05 02:26:15 +0000
committer	palmer@chromium.org <palmer@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2012-01-05 02:26:15 +0000
commit	fecef22a0e8711a8f6c3309540f27098eeeabc57 (patch)
tree	c728ffcbb7f8bec5843e53eeee3aa53915d84d4f /content/content_utility.gypi
parent	ddc9c9e6708ceeb6428455546b0550715e5fb49f (diff)
download	chromium_src-fecef22a0e8711a8f6c3309540f27098eeeabc57.zip chromium_src-fecef22a0e8711a8f6c3309540f27098eeeabc57.tar.gz chromium_src-fecef22a0e8711a8f6c3309540f27098eeeabc57.tar.bz2

Implement HTTP header-based public key pinning.

Upon receipt of the Public-Key-Pins header, check the syntax and the pins, and set the pins in the TransportSecurityState. From then on, use these new dynamic pins to validate TLS connections: as with preloaded pins, refuse to connect to TLS servers that fail the pin check. The Public-Key-Pins header is defined in an IETF Internet-Draft, and discussed on the websec@ietf.org mailing list. Clarified TransportSecurityState member function and field documentation. Also: Minor "gcl lint" repairs, and a new typedef std::vector<net::SHA1Fingerprint> FingerprintVector used everywhere relevant. BUG=78369 TEST=net_unittests TransportSecurityStateTest.*, browser_tests NetInternalsTest.* Review URL: http://codereview.chromium.org/8082016 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@116443 0039d316-1c4b-4281-b951-d872f2087c98

Diffstat (limited to 'content/content_utility.gypi')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: