diff options
| author | palmer@chromium.org <palmer@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-02-13 22:41:27 +0000 |
|---|---|---|
| committer | palmer@chromium.org <palmer@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-02-13 22:41:27 +0000 |
| commit | 69d7ff44b9e354ffd8a65f6ab911c0870b012535 (patch) | |
| tree | a8e8fed22c22587c5b5f7201e45763d997580fba /net/http/http_response_info.cc | |
| parent | 503f335d165ca13e35fe137ba89a2389fd94515b (diff) | |
| download | chromium_src-69d7ff44b9e354ffd8a65f6ab911c0870b012535.zip chromium_src-69d7ff44b9e354ffd8a65f6ab911c0870b012535.tar.gz chromium_src-69d7ff44b9e354ffd8a65f6ab911c0870b012535.tar.bz2 | |
Do not cache Strict-Transport-Security and Public-Key-Pins headers.
This stops them from being honored (since they are absent) when loading
pages from cache. These headers should only take effect on live, error-free
HTTPS connections.
BUG=110817
TEST=net_unittests, HTTPSRequestTest.HTTPSErrorsNoClobberTSSTest
Review URL: http://codereview.chromium.org/9233026
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@121747 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/http/http_response_info.cc')
| -rw-r--r-- | net/http/http_response_info.cc | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/net/http/http_response_info.cc b/net/http/http_response_info.cc index 50cd388..951e2b6 100644 --- a/net/http/http_response_info.cc +++ b/net/http/http_response_info.cc @@ -1,4 +1,4 @@ -// Copyright (c) 2011 The Chromium Authors. All rights reserved. +// Copyright (c) 2012 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. @@ -250,7 +250,8 @@ void HttpResponseInfo::Persist(Pickle* pickle, net::HttpResponseHeaders::PERSIST_SANS_CHALLENGES | net::HttpResponseHeaders::PERSIST_SANS_HOP_BY_HOP | net::HttpResponseHeaders::PERSIST_SANS_NON_CACHEABLE | - net::HttpResponseHeaders::PERSIST_SANS_RANGES; + net::HttpResponseHeaders::PERSIST_SANS_RANGES | + net::HttpResponseHeaders::PERSIST_SANS_SECURITY_STATE; } headers->Persist(pickle, persist_options); |