-
Notifications
You must be signed in to change notification settings - Fork 868
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #13062 from /issues/18830
Add partitioned HSTS storage support.
- Loading branch information
Showing
19 changed files
with
1,660 additions
and
23 deletions.
There are no files selected for viewing
659 changes: 659 additions & 0 deletions
659
browser/ephemeral_storage/hsts_partitioning_browsertest.cc
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
/* Copyright (c) 2022 The Brave Authors. All rights reserved. | ||
* This Source Code Form is subject to the terms of the Mozilla Public | ||
* License, v. 2.0. If a copy of the MPL was not distributed with this file, | ||
* You can obtain one at http://mozilla.org/MPL/2.0/. */ | ||
|
||
#ifndef BRAVE_CHROMIUM_SRC_NET_BASE_SCHEMEFUL_SITE_H_ | ||
#define BRAVE_CHROMIUM_SRC_NET_BASE_SCHEMEFUL_SITE_H_ | ||
|
||
#define NetworkIsolationKey \ | ||
NetworkIsolationKey; \ | ||
friend class HSTSPartitionHashHelper | ||
|
||
#include "src/net/base/schemeful_site.h" | ||
|
||
#undef NetworkIsolationKey | ||
|
||
#endif // BRAVE_CHROMIUM_SRC_NET_BASE_SCHEMEFUL_SITE_H_ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
/* Copyright 2022 The Brave Authors. All rights reserved. | ||
* This Source Code Form is subject to the terms of the Mozilla Public | ||
* License, v. 2.0. If a copy of the MPL was not distributed with this file, | ||
* You can obtain one at https://mozilla.org/MPL/2.0/. */ | ||
|
||
#include "net/http/transport_security_persister.h" | ||
|
||
// Use upstream version of TransportSerurityState to reference | ||
// TransportSecurityState::Delegate without build issues. | ||
#define TransportSecurityState TransportSecurityState_ChromiumImpl | ||
#include "src/net/http/transport_security_persister.cc" | ||
#undef TransportSecurityState |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
/* Copyright 2022 The Brave Authors. All rights reserved. | ||
* This Source Code Form is subject to the terms of the Mozilla Public | ||
* License, v. 2.0. If a copy of the MPL was not distributed with this file, | ||
* You can obtain one at https://mozilla.org/MPL/2.0/. */ | ||
|
||
#ifndef BRAVE_CHROMIUM_SRC_NET_HTTP_TRANSPORT_SECURITY_PERSISTER_H_ | ||
#define BRAVE_CHROMIUM_SRC_NET_HTTP_TRANSPORT_SECURITY_PERSISTER_H_ | ||
|
||
#include "net/http/transport_security_state.h" | ||
|
||
// Use upstream version of TransportSerurityState to reference | ||
// TransportSecurityState::Delegate without build issues. | ||
#define TransportSecurityState TransportSecurityState_ChromiumImpl | ||
#include "src/net/http/transport_security_persister.h" | ||
#undef TransportSecurityState | ||
|
||
#endif // BRAVE_CHROMIUM_SRC_NET_HTTP_TRANSPORT_SECURITY_PERSISTER_H_ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
/* Copyright 2022 The Brave Authors. All rights reserved. | ||
* This Source Code Form is subject to the terms of the Mozilla Public | ||
* License, v. 2.0. If a copy of the MPL was not distributed with this file, | ||
* You can obtain one at https://mozilla.org/MPL/2.0/. */ | ||
|
||
#ifndef BRAVE_CHROMIUM_SRC_NET_HTTP_TRANSPORT_SECURITY_STATE_H_ | ||
#define BRAVE_CHROMIUM_SRC_NET_HTTP_TRANSPORT_SECURITY_STATE_H_ | ||
|
||
#include "brave/net/http/partitioned_host_state_map.h" | ||
#include "net/base/isolation_info.h" | ||
|
||
namespace net { | ||
class TransportSecurityState; | ||
using TransportSecurityState_BraveImpl = TransportSecurityState; | ||
} // namespace net | ||
|
||
#define TransportSecurityState TransportSecurityState_ChromiumImpl | ||
|
||
#define enabled_sts_hosts_ \ | ||
enabled_sts_hosts_unused_; \ | ||
friend TransportSecurityState_BraveImpl; \ | ||
PartitionedHostStateMap<STSStateMap> enabled_sts_hosts_ | ||
|
||
#include "src/net/http/transport_security_state.h" | ||
|
||
#undef enabled_sts_hosts_ | ||
#undef TransportSecurityState | ||
|
||
namespace net { | ||
|
||
class NET_EXPORT TransportSecurityState | ||
: public TransportSecurityState_ChromiumImpl { | ||
public: | ||
using TransportSecurityState_ChromiumImpl:: | ||
TransportSecurityState_ChromiumImpl; | ||
|
||
bool ShouldSSLErrorsBeFatal(const NetworkIsolationKey& network_isolation_key, | ||
const std::string& host); | ||
bool ShouldUpgradeToSSL(const NetworkIsolationKey& network_isolation_key, | ||
const std::string& host, | ||
const NetLogWithSource& net_log = NetLogWithSource()); | ||
bool AddHSTSHeader(const IsolationInfo& isolation_info, | ||
const std::string& host, | ||
const std::string& value); | ||
|
||
// This is used only for manual adding via net-internals page. | ||
void AddHSTS(const std::string& host, | ||
const base::Time& expiry, | ||
bool include_subdomains); | ||
// These are used in some places where no NIK is available. | ||
bool ShouldSSLErrorsBeFatal(const std::string& host); | ||
bool ShouldUpgradeToSSL(const std::string& host, | ||
const NetLogWithSource& net_log = NetLogWithSource()); | ||
bool GetDynamicSTSState(const std::string& host, STSState* result); | ||
bool DeleteDynamicDataForHost(const std::string& host); | ||
}; | ||
|
||
} // namespace net | ||
|
||
#endif // BRAVE_CHROMIUM_SRC_NET_HTTP_TRANSPORT_SECURITY_STATE_H_ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
/* Copyright 2022 The Brave Authors. All rights reserved. | ||
* This Source Code Form is subject to the terms of the Mozilla Public | ||
* License, v. 2.0. If a copy of the MPL was not distributed with this file, | ||
* You can obtain one at http://mozilla.org/MPL/2.0/. */ | ||
|
||
#include "net/http/transport_security_state.h" | ||
|
||
#define ShouldSSLErrorsBeFatal(host) \ | ||
ShouldSSLErrorsBeFatal(proof_verifier_->network_isolation_key_, host) | ||
|
||
#include "src/net/quic/crypto/proof_verifier_chromium.cc" | ||
|
||
#undef ShouldSSLErrorsBeFatal |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
/* Copyright 2022 The Brave Authors. All rights reserved. | ||
* This Source Code Form is subject to the terms of the Mozilla Public | ||
* License, v. 2.0. If a copy of the MPL was not distributed with this file, | ||
* You can obtain one at http://mozilla.org/MPL/2.0/. */ | ||
|
||
#include "net/http/transport_security_state.h" | ||
|
||
#define ShouldSSLErrorsBeFatal(host) \ | ||
ShouldSSLErrorsBeFatal(ssl_config_.network_isolation_key, host) | ||
|
||
#include "src/net/socket/ssl_client_socket_impl.cc" | ||
|
||
#undef ShouldSSLErrorsBeFatal |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.