diff options
| author | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-09-10 18:35:16 +0000 |
|---|---|---|
| committer | agl@chromium.org <agl@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-09-10 18:35:16 +0000 |
| commit | 90b15301bced121bee671159f826b7917ac89afb (patch) | |
| tree | 3476fd1e996da8fa7930e0d36c0c1e6474be7354 /net | |
| parent | 6b60f1d102f4f41adfc00c32316b0b3e3ef7f1d4 (diff) | |
| download | chromium_src-90b15301bced121bee671159f826b7917ac89afb.zip chromium_src-90b15301bced121bee671159f826b7917ac89afb.tar.gz chromium_src-90b15301bced121bee671159f826b7917ac89afb.tar.bz2 | |
Strict transport security: come out from behind the flag.
With this change, Strict Transport Security is active by default and
doesn't need the --force-https flag any more.
http://codereview.chromium.org/193067
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@25888 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net')
| -rw-r--r-- | net/url_request/url_request_http_job.cc | 14 |
1 files changed, 1 insertions, 13 deletions
diff --git a/net/url_request/url_request_http_job.cc b/net/url_request/url_request_http_job.cc index ada4ad1..8d71b36 100644 --- a/net/url_request/url_request_http_job.cc +++ b/net/url_request/url_request_http_job.cc @@ -46,11 +46,7 @@ URLRequestJob* URLRequestHttpJob::Factory(URLRequest* request, return new URLRequestErrorJob(request, net::ERR_INVALID_ARGUMENT); } - // We cache the value of the switch because this code path is hit on every - // network request. - static const bool kForceHTTPS = - CommandLine::ForCurrentProcess()->HasSwitch(switches::kForceHTTPS); - if (kForceHTTPS && scheme == "http" && + if (scheme == "http" && request->context()->strict_transport_security_state() && request->context()->strict_transport_security_state()->IsEnabledForHost( request->url().host())) { @@ -486,10 +482,6 @@ bool URLRequestHttpJob::ShouldTreatAsCertificateError(int result) { if (!net::IsCertificateError(result)) return false; - // Hide the fancy processing behind a command line switch. - if (!CommandLine::ForCurrentProcess()->HasSwitch(switches::kForceHTTPS)) - return true; - // Check whether our context is using Strict-Transport-Security. if (!context_->strict_transport_security_state()) return true; @@ -698,10 +690,6 @@ void URLRequestHttpJob::FetchResponseCookies() { void URLRequestHttpJob::ProcessStrictTransportSecurityHeader() { DCHECK(response_info_); - // Hide processing behind a command line flag. - if (!CommandLine::ForCurrentProcess()->HasSwitch(switches::kForceHTTPS)) - return; - // Only process Strict-Transport-Security from HTTPS responses. if (request_info_.url.scheme() != "https") return; |