From 90b15301bced121bee671159f826b7917ac89afb Mon Sep 17 00:00:00 2001 From: "agl@chromium.org" Date: Thu, 10 Sep 2009 18:35:16 +0000 Subject: [PATCH] Strict transport security: come out from behind the flag. With this change, Strict Transport Security is active by default and doesn't need the --force-https flag any more. http://codereview.chromium.org/193067 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@25888 0039d316-1c4b-4281-b951-d872f2087c98 --- base/base_switches.cc | 10 ---------- base/base_switches.h | 1 - net/url_request/url_request_http_job.cc | 14 +------------- 3 files changed, 1 insertion(+), 24 deletions(-) diff --git a/base/base_switches.cc b/base/base_switches.cc index 900f2173dea821..b13517abe5e35f 100644 --- a/base/base_switches.cc +++ b/base/base_switches.cc @@ -34,14 +34,4 @@ const wchar_t kEnableDCHECK[] = L"enable-dcheck"; // scripts that do not have a user interface. const wchar_t kNoMessageBox[] = L"no-message-box"; -// Refuse to make HTTP connections and refuse to accept certificate errors. -// For more information about the design of this feature, please see -// -// ForceHTTPS: Protecting High-Security Web Sites from Network Attacks -// Collin Jackson and Adam Barth -// In Proc. of the 17th International World Wide Web Conference (WWW 2008) -// -// Available at http://www.adambarth.com/papers/2008/jackson-barth.pdf -const wchar_t kForceHTTPS[] = L"force-https"; - } // namespace switches diff --git a/base/base_switches.h b/base/base_switches.h index 34c0b0ea5dc69f..e708ee419a5390 100644 --- a/base/base_switches.h +++ b/base/base_switches.h @@ -17,7 +17,6 @@ extern const wchar_t kNoErrorDialogs[]; extern const wchar_t kProcessType[]; extern const wchar_t kEnableDCHECK[]; extern const wchar_t kNoMessageBox[]; -extern const wchar_t kForceHTTPS[]; } // namespace switches diff --git a/net/url_request/url_request_http_job.cc b/net/url_request/url_request_http_job.cc index ada4ad1cb0e132..8d71b362514499 100644 --- a/net/url_request/url_request_http_job.cc +++ b/net/url_request/url_request_http_job.cc @@ -46,11 +46,7 @@ URLRequestJob* URLRequestHttpJob::Factory(URLRequest* request, return new URLRequestErrorJob(request, net::ERR_INVALID_ARGUMENT); } - // We cache the value of the switch because this code path is hit on every - // network request. - static const bool kForceHTTPS = - CommandLine::ForCurrentProcess()->HasSwitch(switches::kForceHTTPS); - if (kForceHTTPS && scheme == "http" && + if (scheme == "http" && request->context()->strict_transport_security_state() && request->context()->strict_transport_security_state()->IsEnabledForHost( request->url().host())) { @@ -486,10 +482,6 @@ bool URLRequestHttpJob::ShouldTreatAsCertificateError(int result) { if (!net::IsCertificateError(result)) return false; - // Hide the fancy processing behind a command line switch. - if (!CommandLine::ForCurrentProcess()->HasSwitch(switches::kForceHTTPS)) - return true; - // Check whether our context is using Strict-Transport-Security. if (!context_->strict_transport_security_state()) return true; @@ -698,10 +690,6 @@ void URLRequestHttpJob::FetchResponseCookies() { void URLRequestHttpJob::ProcessStrictTransportSecurityHeader() { DCHECK(response_info_); - // Hide processing behind a command line flag. - if (!CommandLine::ForCurrentProcess()->HasSwitch(switches::kForceHTTPS)) - return; - // Only process Strict-Transport-Security from HTTPS responses. if (request_info_.url.scheme() != "https") return;