diff options
| -rw-r--r-- | chrome/browser/renderer_host/chrome_resource_dispatcher_host_delegate.cc | 3 | ||||
| -rw-r--r-- | net/base/transport_security_state.cc | 10 | ||||
| -rw-r--r-- | net/base/transport_security_state.h | 10 | ||||
| -rw-r--r-- | net/url_request/url_request_http_job.cc | 3 |
4 files changed, 2 insertions, 24 deletions
diff --git a/chrome/browser/renderer_host/chrome_resource_dispatcher_host_delegate.cc b/chrome/browser/renderer_host/chrome_resource_dispatcher_host_delegate.cc index ab72c1b..b7426c4 100644 --- a/chrome/browser/renderer_host/chrome_resource_dispatcher_host_delegate.cc +++ b/chrome/browser/renderer_host/chrome_resource_dispatcher_host_delegate.cc @@ -330,8 +330,7 @@ void ChromeResourceDispatcherHostDelegate::OnResponseStarted( bool has_sni = net::SSLConfigService::IsSNIAvailable( context->ssl_config_service()); if (state->GetDomainState( - &domain_state, request->url().host(), has_sni) && - domain_state.ShouldMixedScriptingBeBlocked()) { + &domain_state, request->url().host(), has_sni)) { filter->Send(new ChromeViewMsg_AddStrictSecurityHost( info->route_id(), request->url().host())); } diff --git a/net/base/transport_security_state.cc b/net/base/transport_security_state.cc index dc72239..23ecd98 100644 --- a/net/base/transport_security_state.cc +++ b/net/base/transport_security_state.cc @@ -1389,19 +1389,9 @@ bool TransportSecurityState::DomainState::IsChainOfPublicKeysPermitted( return false; } -bool TransportSecurityState::DomainState::ShouldCertificateErrorsBeFatal() - const { - return true; -} - bool TransportSecurityState::DomainState::ShouldRedirectHTTPToHTTPS() const { return mode == MODE_STRICT; } -bool TransportSecurityState::DomainState::ShouldMixedScriptingBeBlocked() - const { - return true; -} - } // namespace diff --git a/net/base/transport_security_state.h b/net/base/transport_security_state.h index 01c095b..7ff4a2f 100644 --- a/net/base/transport_security_state.h +++ b/net/base/transport_security_state.h @@ -76,20 +76,10 @@ class NET_EXPORT TransportSecurityState bool IsChainOfPublicKeysPermitted( const std::vector<SHA1Fingerprint>& hashes); - // ShouldCertificateErrorsBeFatal returns true iff, given the |mode| of this - // DomainState, certificate errors on this domain should be fatal (i.e. no - // user bypass). - bool ShouldCertificateErrorsBeFatal() const; - // ShouldRedirectHTTPToHTTPS returns true iff, given the |mode| of this // DomainState, HTTP requests should be internally redirected to HTTPS. bool ShouldRedirectHTTPToHTTPS() const; - // ShouldMixedScriptingBeBlocked returns true iff, given the |mode| of this - // DomainState, mixed scripting (the loading of Javascript, CSS or plugins - // over HTTP for an HTTPS page) should be blocked. - bool ShouldMixedScriptingBeBlocked() const; - Mode mode; base::Time created; // when this host entry was first created base::Time expiry; // the absolute time (UTC) when this record expires diff --git a/net/url_request/url_request_http_job.cc b/net/url_request/url_request_http_job.cc index de9a044..5b6b986f 100644 --- a/net/url_request/url_request_http_job.cc +++ b/net/url_request/url_request_http_job.cc @@ -701,8 +701,7 @@ void URLRequestHttpJob::OnStartCompleted(int result) { context_->transport_security_state() && context_->transport_security_state()->GetDomainState( &domain_state, request_info_.url.host(), - SSLConfigService::IsSNIAvailable(context_->ssl_config_service())) && - domain_state.ShouldCertificateErrorsBeFatal(); + SSLConfigService::IsSNIAvailable(context_->ssl_config_service())); NotifySSLCertificateError(transaction_->GetResponseInfo()->ssl_info, is_hsts_host); } else if (result == ERR_SSL_CLIENT_AUTH_CERT_NEEDED) { |