More progress on ForceHTTPS.

Instead of turning on strict HTTPS error processing for every site, we now track which sites have opted in.  Our implementation is still experimental and hidden behing the command line switch --force-https.

R=darin
TEST=No tests yet because this is just an experiment.

Review URL: http://codereview.chromium.org/113503

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@16464 0039d316-1c4b-4281-b951-d872f2087c98

3 files changed, 64 insertions, 5 deletions

diff --git a/net/url_request/url_request_context.h b/net/url_request/url_request_context.h
index 29735ac..8e32c97 100644
--- a/net/url_request/url_request_context.h
+++ b/net/url_request/url_request_context.h
@@ -17,6 +17,7 @@
 
 namespace net {
 class CookieMonster;
+class ForceTLSState;
 class FtpTransactionFactory;
 class HttpTransactionFactory;
 class ProxyService;
@@ -30,7 +31,8 @@ class URLRequestContext :
       : proxy_service_(NULL),
         http_transaction_factory_(NULL),
         ftp_transaction_factory_(NULL),
-        cookie_store_(NULL) {
+        cookie_store_(NULL),
+        force_tls_state_(NULL) {
   }
 
   // Get the proxy service for this context.
@@ -54,6 +56,8 @@ class URLRequestContext :
   // Gets the cookie policy for this context.
   net::CookiePolicy* cookie_policy() { return &cookie_policy_; }
 
+  net::ForceTLSState* force_tls_state() { return force_tls_state_; }
+
   // Gets the FTP authentication cache for this context.
   net::FtpAuthCache* ftp_auth_cache() { return &ftp_auth_cache_; }
 
@@ -89,6 +93,7 @@ class URLRequestContext :
   net::FtpTransactionFactory* ftp_transaction_factory_;
   net::CookieMonster* cookie_store_;
   net::CookiePolicy cookie_policy_;
+  net::ForceTLSState* force_tls_state_;;
   net::FtpAuthCache ftp_auth_cache_;
   std::string accept_language_;
   std::string accept_charset_;
diff --git a/net/url_request/url_request_http_job.cc b/net/url_request/url_request_http_job.cc
index a86edbd..eff2344 100644
--- a/net/url_request/url_request_http_job.cc
+++ b/net/url_request/url_request_http_job.cc
@@ -12,8 +12,10 @@
 #include "base/message_loop.h"
 #include "base/rand_util.h"
 #include "base/string_util.h"
+#include "net/base/cert_status_flags.h"
 #include "net/base/cookie_monster.h"
 #include "net/base/filter.h"
+#include "net/base/force_tls_state.h"
 #include "net/base/load_flags.h"
 #include "net/base/net_errors.h"
 #include "net/base/net_util.h"
@@ -47,7 +49,10 @@ URLRequestJob* URLRequestHttpJob::Factory(URLRequest* request,
   // network request.
   static const bool kForceHTTPS =
       CommandLine::ForCurrentProcess()->HasSwitch(switches::kForceHTTPS);
-  if (kForceHTTPS && scheme != "https")
+  if (kForceHTTPS && scheme == "http" &&
+      request->context()->force_tls_state() &&
+      request->context()->force_tls_state()->IsEnabledForHost(
+          request->url().host()))
     return new URLRequestErrorJob(request, net::ERR_DISALLOWED_URL_SCHEME);
 
   return new URLRequestHttpJob(request);
@@ -441,9 +446,7 @@ void URLRequestHttpJob::OnStartCompleted(int result) {
 
   if (result == net::OK) {
     NotifyHeadersComplete();
-  } else if (net::IsCertificateError(result) &&
-             !CommandLine::ForCurrentProcess()->HasSwitch(
-                 switches::kForceHTTPS)) {
+  } else if (ShouldTreatAsCertificateError(result)) {
     // We encountered an SSL certificate error.  Ask our delegate to decide
     // what we should do.
     // TODO(wtc): also pass ssl_info.cert_status, or just pass the whole
@@ -470,6 +473,22 @@ void URLRequestHttpJob::OnReadCompleted(int result) {
   NotifyReadComplete(result);
 }
 
+bool URLRequestHttpJob::ShouldTreatAsCertificateError(int result) {
+  if (!net::IsCertificateError(result))
+    return false;
+
+  // Hide the fancy processing behind a command line switch.
+  if (!CommandLine::ForCurrentProcess()->HasSwitch(switches::kForceHTTPS))
+    return true;
+
+  // Check whether our context is using ForceTLS.
+  if (!context_->force_tls_state())
+    return true;
+
+  return !context_->force_tls_state()->IsEnabledForHost(
+      request_info_.url.host());
+}
+
 void URLRequestHttpJob::NotifyHeadersComplete() {
   DCHECK(!response_info_);
 
@@ -494,6 +513,8 @@ void URLRequestHttpJob::NotifyHeadersComplete() {
     }
   }
 
+  ProcessForceTLSHeader();
+
   if (SdchManager::Global() &&
       SdchManager::Global()->IsInSupportedDomain(request_->url())) {
     static const std::string name = "Get-Dictionary";
@@ -657,3 +678,31 @@ void URLRequestHttpJob::FetchResponseCookies() {
   while (response_info_->headers->EnumerateHeader(&iter, name, &value))
     response_cookies_.push_back(value);
 }
+
+
+void URLRequestHttpJob::ProcessForceTLSHeader() {
+  DCHECK(response_info_);
+
+  // Hide processing behind a command line flag.
+  if (!CommandLine::ForCurrentProcess()->HasSwitch(switches::kForceHTTPS))
+    return;
+
+  // Only process X-Force-TLS from HTTPS responses.
+  if (request_info_.url.scheme() != "https")
+    return;
+
+  // Only process X-Force-TLS from responses with valid certificates.
+  if (response_info_->ssl_info.cert_status & net::CERT_STATUS_ALL_ERRORS)
+    return;
+
+  URLRequestContext* ctx = request_->context();
+  if (!ctx || !ctx->force_tls_state())
+    return;
+
+  std::string name = "X-Force-TLS";
+  std::string value;
+
+  void* iter = NULL;
+  while (response_info_->headers->EnumerateHeader(&iter, name, &value))
+    ctx->force_tls_state()->DidReceiveHeader(request_info_.url, value);
+}
diff --git a/net/url_request/url_request_http_job.h b/net/url_request/url_request_http_job.h
index a946f62..7853f83 100644
--- a/net/url_request/url_request_http_job.h
+++ b/net/url_request/url_request_http_job.h
@@ -67,9 +67,14 @@ class URLRequestHttpJob : public URLRequestJob {
   std::string AssembleRequestCookies();
   void FetchResponseCookies();
 
+  // Process the X-Force-TLS header, if one exists.
+  void ProcessForceTLSHeader();
+
   void OnStartCompleted(int result);
   void OnReadCompleted(int result);
 
+  bool ShouldTreatAsCertificateError(int result);
+
   void RestartTransactionWithAuth(const std::wstring& username,
                                   const std::wstring& password);