| commit | 4d4079814f598cefeea9cf6b1513465a86ad6804 | [log] [tgz] |
|---|---|---|
| author | Kunihiko Sakamoto <[email protected]> | Tue Jul 10 04:56:29 2018 |
| committer | Commit Bot <[email protected]> | Tue Jul 10 04:56:29 2018 |
| tree | 81e8546e25f3a0306f1657d7ce880355fc5e3e42 | |
| parent | e4264428b06a891e13315d57ffb04532d7c6d7b8 [diff] [blame] |
Signed Exchange: Require CanSignHttpExchangesDraft cert extension After this patch, certificates for signed exchanges must have the CanSignHttpExchangesDraft extension [1]. Since currently there's no CA supporting this extension, this patch also adds a flag to ignore this error, so that people can test signed exchanges using their existing certificates. [1] https://wicg.github.io/webpackage/draft-yasskin-http-origin-signed-responses.html#cross-origin-cert-req Bug: 851778 Change-Id: I184ab6533fb4cc172ff91b090626cac5dc45274c Reviewed-on: https://chromium-review.googlesource.com/1111485 Commit-Queue: Kunihiko Sakamoto <[email protected]> Reviewed-by: Ryan Sleevi <[email protected]> Reviewed-by: Kouhei Ueno <[email protected]> Reviewed-by: Kinuko Yasuda <[email protected]> Cr-Commit-Position: refs/heads/master@{#573614}
diff --git a/chrome/browser/flag_descriptions.h b/chrome/browser/flag_descriptions.h index 92cb4481..759acd2 100644 --- a/chrome/browser/flag_descriptions.h +++ b/chrome/browser/flag_descriptions.h
@@ -49,6 +49,9 @@ extern const char kAllowNaclSocketApiName[]; extern const char kAllowNaclSocketApiDescription[]; +extern const char kAllowSignedHTTPExchangeCertsWithoutExtensionName[]; +extern const char kAllowSignedHTTPExchangeCertsWithoutExtensionDescription[]; + extern const char kAndroidMessagesIntegrationName[]; extern const char kAndroidMessagesIntegrationDescription[];