diff options
author | michaeln@google.com <michaeln@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-05-04 19:47:17 +0000 |
---|---|---|
committer | michaeln@google.com <michaeln@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-05-04 19:47:17 +0000 |
commit | ce572df0311dec942316db18a03529533bba74f3 (patch) | |
tree | 4d9ab7112e1701e7c9cc3ae86b43b298417fb276 /net | |
parent | 9c50237078dc59dfb8ba67b4fc17eaf8a86effa4 (diff) | |
download | chromium_src-ce572df0311dec942316db18a03529533bba74f3.zip chromium_src-ce572df0311dec942316db18a03529533bba74f3.tar.gz chromium_src-ce572df0311dec942316db18a03529533bba74f3.tar.bz2 |
Take client-side HSTS redirects into account when determining whether to show the "Offline Page".
BUG=chromium-os:29996
Review URL: https://chromiumcodereview.appspot.com/10356005
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@135395 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net')
-rw-r--r-- | net/url_request/url_request.cc | 21 | ||||
-rw-r--r-- | net/url_request/url_request.h | 4 | ||||
-rw-r--r-- | net/url_request/url_request_http_job.cc | 21 |
3 files changed, 28 insertions, 18 deletions
diff --git a/net/url_request/url_request.cc b/net/url_request/url_request.cc index d3fa6d1..f3d813d 100644 --- a/net/url_request/url_request.cc +++ b/net/url_request/url_request.cc @@ -769,6 +769,27 @@ int64 URLRequest::GetExpectedContentSize() const { return expected_content_size; } +bool URLRequest::GetHSTSRedirect(GURL* redirect_url) const { + const GURL& url = this->url(); + if (!url.SchemeIs("http")) + return false; + TransportSecurityState::DomainState domain_state; + if (context()->transport_security_state() && + context()->transport_security_state()->GetDomainState( + url.host(), + SSLConfigService::IsSNIAvailable(context()->ssl_config_service()), + &domain_state) && + domain_state.ShouldRedirectHTTPToHTTPS()) { + url_canon::Replacements<char> replacements; + const char kNewScheme[] = "https"; + replacements.SetScheme(kNewScheme, + url_parse::Component(0, strlen(kNewScheme))); + *redirect_url = url.ReplaceComponents(replacements); + return true; + } + return false; +} + void URLRequest::NotifyAuthRequired(AuthChallengeInfo* auth_info) { NetworkDelegate::AuthRequiredResponse rv = NetworkDelegate::AUTH_REQUIRED_RESPONSE_NO_ACTION; diff --git a/net/url_request/url_request.h b/net/url_request/url_request.h index bff16d7..b00cf88 100644 --- a/net/url_request/url_request.h +++ b/net/url_request/url_request.h @@ -585,6 +585,10 @@ class NET_EXPORT URLRequest : NON_EXPORTED_BASE(public base::NonThreadSafe), priority_ = priority; } + // Returns true iff this request would be internally redirected to HTTPS + // due to HSTS. If so, |redirect_url| is rewritten to the new HTTPS URL. + bool GetHSTSRedirect(GURL* redirect_url) const; + // This method is intended only for unit tests, but it is being used by // unit tests outside of net :(. URLRequestJob* job() { return job_; } diff --git a/net/url_request/url_request_http_job.cc b/net/url_request/url_request_http_job.cc index 4e31963..1062563 100644 --- a/net/url_request/url_request_http_job.cc +++ b/net/url_request/url_request_http_job.cc @@ -140,24 +140,9 @@ URLRequestJob* URLRequestHttpJob::Factory(URLRequest* request, return new URLRequestErrorJob(request, ERR_INVALID_ARGUMENT); } - TransportSecurityState::DomainState domain_state; - if (scheme == "http" && - request->context()->transport_security_state() && - request->context()->transport_security_state()->GetDomainState( - request->url().host(), - SSLConfigService::IsSNIAvailable( - request->context()->ssl_config_service()), - &domain_state) && - domain_state.ShouldRedirectHTTPToHTTPS()) { - DCHECK_EQ(request->url().scheme(), "http"); - url_canon::Replacements<char> replacements; - static const char kNewScheme[] = "https"; - replacements.SetScheme(kNewScheme, - url_parse::Component(0, strlen(kNewScheme))); - GURL new_location = request->url().ReplaceComponents(replacements); - return new URLRequestRedirectJob(request, new_location); - } - + GURL redirect_url; + if (request->GetHSTSRedirect(&redirect_url)) + return new URLRequestRedirectJob(request, redirect_url); return new URLRequestHttpJob(request); } |