summaryrefslogtreecommitdiffstats
path: root/net/base/transport_security_state.h
diff options
context:
space:
mode:
authorcevans@chromium.org <cevans@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2010-02-23 01:03:10 +0000
committercevans@chromium.org <cevans@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2010-02-23 01:03:10 +0000
commit4d0d808d8a3d9bc767d01aa1c04c739ea4e22ec8 (patch)
tree6963f6ea74f16a8d15f288b6d8d8292ac33133f9 /net/base/transport_security_state.h
parentf76850951b5929898b36d9f61284ca2d7972e6ec (diff)
downloadchromium_src-4d0d808d8a3d9bc767d01aa1c04c739ea4e22ec8.zip
chromium_src-4d0d808d8a3d9bc767d01aa1c04c739ea4e22ec8.tar.gz
chromium_src-4d0d808d8a3d9bc767d01aa1c04c739ea4e22ec8.tar.bz2
Tie the lifetime of persisted transport-security metatdata to clearing cookies,
thus giving the user control over it. This involved adding in a "creation" date to the metadata so we can respect the user's choice of how far back to go when deleting browsing data. Care is taken to handle older metadata without the creation date set. Also fix a bug whereby we weren't making sure to persist the removed metadata when it expires. BUG=33445 TEST=TransportSecurityStateTest.DeleteSince, TransportSecurityStateTest.SerializeOld Review URL: http://codereview.chromium.org/652035 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@39684 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/base/transport_security_state.h')
-rw-r--r--net/base/transport_security_state.h7
1 files changed, 6 insertions, 1 deletions
diff --git a/net/base/transport_security_state.h b/net/base/transport_security_state.h
index 360eb0b..523f28e 100644
--- a/net/base/transport_security_state.h
+++ b/net/base/transport_security_state.h
@@ -48,8 +48,10 @@ class TransportSecurityState :
DomainState()
: mode(MODE_STRICT),
+ created(base::Time::Now()),
include_subdomains(false) { }
+ base::Time created; // when this host entry was first created
base::Time expiry; // the absolute time (UTC) when this record expires
bool include_subdomains; // subdomains included?
};
@@ -61,6 +63,9 @@ class TransportSecurityState :
// *result is filled out.
bool IsEnabledForHost(DomainState* result, const std::string& host);
+ // Deletes all records created since a given time.
+ void DeleteSince(const base::Time& time);
+
// Returns |true| if |value| parses as a valid *-Transport-Security
// header value. The values of max-age and and includeSubDomains are
// returned in |max_age| and |include_subdomains|, respectively. The out
@@ -79,7 +84,7 @@ class TransportSecurityState :
void SetDelegate(Delegate*);
bool Serialise(std::string* output);
- bool Deserialise(const std::string& state);
+ bool Deserialise(const std::string& state, bool* dirty);
private:
friend class base::RefCountedThreadSafe<TransportSecurityState>;