| // Copyright (c) 2009 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #ifndef NET_BASE_STRICT_TRANSPORT_SECURITY_STATE_H_ |
| #define NET_BASE_STRICT_TRANSPORT_SECURITY_STATE_H_ |
| |
| #include <map> |
| #include <string> |
| |
| #include "base/basictypes.h" |
| #include "base/lock.h" |
| #include "base/ref_counted.h" |
| #include "base/time.h" |
| |
| class GURL; |
| |
| namespace net { |
| |
| // StrictTransportSecurityState |
| // |
| // Tracks which hosts have enabled StrictTransportSecurityState. After a host |
| // enables StrictTransportSecurityState, then we refuse to talk to the host |
| // over HTTP, treat all certificate errors as fatal, and refuse to load any |
| // mixed content. |
| // |
| class StrictTransportSecurityState : |
| public base::RefCountedThreadSafe<StrictTransportSecurityState> { |
| public: |
| StrictTransportSecurityState(); |
| |
| // Called when we see an X-Force-TLS header that we should process. Modifies |
| // our state as instructed by the header. |
| void DidReceiveHeader(const GURL& url, const std::string& value); |
| |
| // Enable StrictTransportSecurity for |host|. |
| void EnableHost(const std::string& host, base::Time expiry, |
| bool include_subdomains); |
| |
| // Returns whether |host| has had StrictTransportSecurity enabled. |
| bool IsEnabledForHost(const std::string& host); |
| |
| // Returns |true| if |value| parses as a valid X-Force-TLS header value. |
| // The values of max-age and and includeSubDomains are returned in |max_age| |
| // and |include_subdomains|, respectively. The out parameters are not |
| // modified if the function returns |false|. |
| static bool ParseHeader(const std::string& value, |
| int* max_age, |
| bool* include_subdomains); |
| |
| struct State { |
| base::Time expiry; // the absolute time (UTC) when this record expires |
| bool include_subdomains; // subdomains included? |
| }; |
| |
| class Delegate { |
| public: |
| // This function may not block and may be called with internal locks held. |
| // Thus it must not reenter the StrictTransportSecurityState object. |
| virtual void StateIsDirty(StrictTransportSecurityState* state) = 0; |
| }; |
| |
| void SetDelegate(Delegate*); |
| |
| bool Serialise(std::string* output); |
| bool Deserialise(const std::string& state); |
| |
| private: |
| // If we have a callback configured, call it to let our serialiser know that |
| // our state is dirty. |
| void DirtyNotify(); |
| |
| // The set of hosts that have enabled StrictTransportSecurity. The keys here |
| // are SHA256(DNSForm(domain)) where DNSForm converts from dotted form |
| // ('www.google.com') to the form used in DNS: "\x03www\x06google\x03com" |
| std::map<std::string, State> enabled_hosts_; |
| |
| // Protect access to our data members with this lock. |
| Lock lock_; |
| |
| // Our delegate who gets notified when we are dirtied, or NULL. |
| Delegate* delegate_; |
| |
| static std::string CanonicaliseHost(const std::string& host); |
| |
| DISALLOW_COPY_AND_ASSIGN(StrictTransportSecurityState); |
| }; |
| |
| } // namespace net |
| |
| #endif // NET_BASE_STRICT_TRANSPORT_SECURITY_STATE_H_ |
