diff options
author | palmer@chromium.org <palmer@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-02-13 22:41:27 +0000 |
---|---|---|
committer | palmer@chromium.org <palmer@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-02-13 22:41:27 +0000 |
commit | 69d7ff44b9e354ffd8a65f6ab911c0870b012535 (patch) | |
tree | a8e8fed22c22587c5b5f7201e45763d997580fba /net/http/http_response_headers_unittest.cc | |
parent | 503f335d165ca13e35fe137ba89a2389fd94515b (diff) | |
download | chromium_src-69d7ff44b9e354ffd8a65f6ab911c0870b012535.zip chromium_src-69d7ff44b9e354ffd8a65f6ab911c0870b012535.tar.gz chromium_src-69d7ff44b9e354ffd8a65f6ab911c0870b012535.tar.bz2 |
Do not cache Strict-Transport-Security and Public-Key-Pins headers.
This stops them from being honored (since they are absent) when loading
pages from cache. These headers should only take effect on live, error-free
HTTPS connections.
BUG=110817
TEST=net_unittests, HTTPSRequestTest.HTTPSErrorsNoClobberTSSTest
Review URL: http://codereview.chromium.org/9233026
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@121747 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/http/http_response_headers_unittest.cc')
-rw-r--r-- | net/http/http_response_headers_unittest.cc | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/net/http/http_response_headers_unittest.cc b/net/http/http_response_headers_unittest.cc index eec259a..775946c 100644 --- a/net/http/http_response_headers_unittest.cc +++ b/net/http/http_response_headers_unittest.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Copyright (c) 2012 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -452,6 +452,18 @@ TEST(HttpResponseHeadersTest, Persist) { "Content-Length: 450\n" "Content-Encoding: gzip\n" }, + // Test filtering of transport security state headers. + { net::HttpResponseHeaders::PERSIST_SANS_SECURITY_STATE, + "HTTP/1.1 200 OK\n" + "Strict-Transport-Security: max-age=1576800\n" + "Bar: 1\n" + "Public-Key-Pins: max-age=100000; " + "pin-sha1=\"ObT42aoSpAqWdY9WfRfL7i0HsVk=\";" + "pin-sha1=\"7kW49EVwZG0hSNx41ZO/fUPN0ek=\"", + + "HTTP/1.1 200 OK\n" + "Bar: 1\n" + }, }; for (size_t i = 0; i < ARRAYSIZE_UNSAFE(tests); ++i) { |