diff options
| author | palmer@chromium.org <palmer@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-06-06 01:17:26 +0000 |
|---|---|---|
| committer | palmer@chromium.org <palmer@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-06-06 01:17:26 +0000 |
| commit | 6f8857be519c1d732b0012c88fbe707983bffbd1 (patch) | |
| tree | 8af0e13e5c9d5ebbca080415b6c977cfc50fb44f /net | |
| parent | 2e67a9a2121b358dcc2252a8ebe120583061140c (diff) | |
| download | chromium_src-6f8857be519c1d732b0012c88fbe707983bffbd1.zip chromium_src-6f8857be519c1d732b0012c88fbe707983bffbd1.tar.gz chromium_src-6f8857be519c1d732b0012c88fbe707983bffbd1.tar.bz2 | |
Preload HSTS for paypal.com.
Not just www.paypal.com.
BUG=245148
TEST=Navigating to http://paypal.com causes no HTTP traffic, only HTTPS
traffic.
Review URL: https://chromiumcodereview.appspot.com/16261002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@204373 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net')
| -rw-r--r-- | net/http/transport_security_state_static.h | 1 | ||||
| -rw-r--r-- | net/http/transport_security_state_static.json | 1 | ||||
| -rw-r--r-- | net/http/transport_security_state_unittest.cc | 6 |
3 files changed, 6 insertions, 2 deletions
diff --git a/net/http/transport_security_state_static.h b/net/http/transport_security_state_static.h index 255509b3..4d3226b 100644 --- a/net/http/transport_security_state_static.h +++ b/net/http/transport_security_state_static.h @@ -649,6 +649,7 @@ static const struct HSTSPreload kPreloadedSTS[] = { {11, true, "\006google\002ws", false, kGooglePins, DOMAIN_GOOGLE_WS }, {23, true, "\005learn\013doubleclick\003net", false, kNoPins, DOMAIN_NOT_PINNED }, {16, false, "\003www\006paypal\003com", true, kNoPins, DOMAIN_NOT_PINNED }, + {12, false, "\006paypal\003com", true, kNoPins, DOMAIN_NOT_PINNED }, {16, false, "\003www\006elanex\003biz", true, kNoPins, DOMAIN_NOT_PINNED }, {12, true, "\006jottit\003com", true, kNoPins, DOMAIN_NOT_PINNED }, {19, true, "\015sunshinepress\003org", true, kNoPins, DOMAIN_NOT_PINNED }, diff --git a/net/http/transport_security_state_static.json b/net/http/transport_security_state_static.json index 4deb8e9..aafeeb5 100644 --- a/net/http/transport_security_state_static.json +++ b/net/http/transport_security_state_static.json @@ -439,6 +439,7 @@ // Force HTTPS for sites that have requested it. { "name": "www.paypal.com", "mode": "force-https" }, + { "name": "paypal.com", "mode": "force-https" }, { "name": "www.elanex.biz", "mode": "force-https" }, { "name": "jottit.com", "include_subdomains": true, "mode": "force-https" }, { "name": "sunshinepress.org", "include_subdomains": true, "mode": "force-https" }, diff --git a/net/http/transport_security_state_unittest.cc b/net/http/transport_security_state_unittest.cc index 65a187b..465c340 100644 --- a/net/http/transport_security_state_unittest.cc +++ b/net/http/transport_security_state_unittest.cc @@ -151,6 +151,7 @@ TEST_F(TransportSecurityStateTest, DeleteDynamicDataForHost) { TEST_F(TransportSecurityStateTest, IsPreloaded) { const std::string paypal = CanonicalizeHost("paypal.com"); const std::string www_paypal = CanonicalizeHost("www.paypal.com"); + const std::string foo_paypal = CanonicalizeHost("foo.paypal.com"); const std::string a_www_paypal = CanonicalizeHost("a.www.paypal.com"); const std::string abc_paypal = CanonicalizeHost("a.b.c.paypal.com"); const std::string example = CanonicalizeHost("example.com"); @@ -159,8 +160,9 @@ TEST_F(TransportSecurityStateTest, IsPreloaded) { TransportSecurityState state; TransportSecurityState::DomainState domain_state; - EXPECT_FALSE(GetStaticDomainState(&state, paypal, true, &domain_state)); + EXPECT_TRUE(GetStaticDomainState(&state, paypal, true, &domain_state)); EXPECT_TRUE(GetStaticDomainState(&state, www_paypal, true, &domain_state)); + EXPECT_FALSE(GetStaticDomainState(&state, foo_paypal, true, &domain_state)); EXPECT_FALSE(domain_state.include_subdomains); EXPECT_FALSE(GetStaticDomainState(&state, a_www_paypal, true, &domain_state)); EXPECT_FALSE(GetStaticDomainState(&state, abc_paypal, true, &domain_state)); @@ -229,7 +231,7 @@ TEST_F(TransportSecurityStateTest, Preloaded) { TransportSecurityState::DomainState::MODE_FORCE_HTTPS); EXPECT_FALSE(domain_state.include_subdomains); - EXPECT_FALSE(HasState("paypal.com")); + EXPECT_TRUE(HasState("paypal.com")); EXPECT_FALSE(HasState("www2.paypal.com")); EXPECT_FALSE(HasState("www2.paypal.com")); |