net: don't check revocation when fetching PAC files.

If a PAC file is configured on an HTTPS URL we get into trouble. In order to
check revocation we need to make an HTTP request to the OCSP/CRL server, which
needs the PAC script to load and so we deadlock.

With this change we don't check revocation for PAC fetches.

BUG=86219
TEST=Configure a PAC script on HTTPS.


Review URL: http://codereview.chromium.org/7170026

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@89489 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 3 insertions, 3 deletions

diff --git a/net/base/load_flags_list.h b/net/base/load_flags_list.h
index 364ef94..242a3de 100644
--- a/net/base/load_flags_list.h
+++ b/net/base/load_flags_list.h
@@ -51,9 +51,9 @@ LOAD_FLAG(IGNORE_CERT_DATE_INVALID, 1 << 9)
 // (The default behavior is to trigger an OnSSLCertificateError callback).
 LOAD_FLAG(IGNORE_CERT_AUTHORITY_INVALID, 1 << 10)
 
-// If present, ignores certificate revocation
-// (The default behavior is to trigger an OnSSLCertificateError callback).
-LOAD_FLAG(IGNORE_CERT_REVOCATION, 1 << 11)
+// If present, causes certificate revocation checks to be skipped on secure
+// connections.
+LOAD_FLAG(DISABLE_CERT_REVOCATION_CHECKING, 1 << 11)
 
 // If present, ignores wrong key usage of the certificate
 // (The default behavior is to trigger an OnSSLCertificateError callback).