diff options
| -rw-r--r-- | net/base/net_error_list.h | 3 | ||||
| -rw-r--r-- | net/quic/quic_http_stream.cc | 7 |
2 files changed, 10 insertions, 0 deletions
diff --git a/net/base/net_error_list.h b/net/base/net_error_list.h index 5ceaf44..b2ddd4a 100644 --- a/net/base/net_error_list.h +++ b/net/base/net_error_list.h @@ -572,6 +572,9 @@ NET_ERROR(RESPONSE_HEADERS_TRUNCATED, -357) // to read any requests sent, so they may be resent. NET_ERROR(QUIC_HANDSHAKE_FAILED, -358) +// An https resource was requested over an insecure QUIC connection. +NET_ERROR(REQUEST_FOR_SECURE_RESOURCE_OVER_INSECURE_QUIC, -359) + // The cache does not have the requested entry. NET_ERROR(CACHE_MISS, -400) diff --git a/net/quic/quic_http_stream.cc b/net/quic/quic_http_stream.cc index 992f254..8b70d0b 100644 --- a/net/quic/quic_http_stream.cc +++ b/net/quic/quic_http_stream.cc @@ -59,6 +59,13 @@ int QuicHttpStream::InitializeStream(const HttpRequestInfo* request_info, return was_handshake_confirmed_ ? ERR_CONNECTION_CLOSED : ERR_QUIC_HANDSHAKE_FAILED; + if (request_info->url.SchemeIsSecure()) { + SSLInfo ssl_info; + if (!session_->GetSSLInfo(&ssl_info) || !ssl_info.cert) { + return ERR_REQUEST_FOR_SECURE_RESOURCE_OVER_INSECURE_QUIC; + } + } + stream_net_log_ = stream_net_log; request_info_ = request_info; priority_ = priority; |