blob: 988e9c07f80f9cd975719bc31d4d71327ce41523 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
|
// Copyright (c) 2009 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef NET_BASE_FORCE_TLS_STATE_H_
#define NET_BASE_FORCE_TLS_STATE_H_
#include <set>
#include <string>
#include "base/basictypes.h"
#include "base/lock.h"
class GURL;
namespace net {
// ForceTLSState
//
// Tracks which hosts have enabled ForceTLS. After a host enables ForceTLS,
// then we refuse to talk to the host over HTTP, treat all certificate errors as
// fatal, and refuses to load any mixed content.
//
class ForceTLSState {
public:
ForceTLSState();
// Called when we see an X-Force-TLS header that we should process. Modifies
// our state as instructed by the header.
void DidReceiveHeader(const GURL& url, const std::string& value);
// Enable ForceTLS for |host|.
void EnableHost(const std::string& host);
// Returns whether |host| has had ForceTLS enabled.
bool IsEnabledForHost(const std::string& host);
private:
// The set of hosts that have enabled ForceTLS.
std::set<std::string> enabled_hosts_;
// Protect access to our data members with this lock.
Lock lock_;
DISALLOW_COPY_AND_ASSIGN(ForceTLSState);
};
} // namespace net
#endif // NET_BASE_FORCE_TLS_STATE_H_
|
