1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/ssl/chrome_fraudulent_certificate_reporter.h"
7 #include "base/profiler/scoped_tracker.h"
8 #include "chrome/browser/net/certificate_error_reporter.h"
9 #include "chrome/browser/ssl/certificate_error_report.h"
10 #include "net/ssl/ssl_info.h"
11 #include "net/url_request/url_request_context.h"
16 // TODO(palmer): Switch to HTTPS when the error handling delegate is more
17 // sophisticated. Ultimately we plan to attempt the report on many transports.
18 const char kFraudulentCertificateUploadEndpoint
[] =
19 "http://clients3.google.com/log_cert_error";
23 ChromeFraudulentCertificateReporter::ChromeFraudulentCertificateReporter(
24 net::URLRequestContext
* request_context
)
25 : certificate_reporter_(new chrome_browser_net::CertificateErrorReporter(
27 GURL(kFraudulentCertificateUploadEndpoint
),
28 chrome_browser_net::CertificateErrorReporter::DO_NOT_SEND_COOKIES
)) {
31 ChromeFraudulentCertificateReporter::ChromeFraudulentCertificateReporter(
32 scoped_ptr
<chrome_browser_net::CertificateErrorReporter
>
34 : certificate_reporter_(certificate_reporter
.Pass()) {
37 ChromeFraudulentCertificateReporter::~ChromeFraudulentCertificateReporter() {
40 void ChromeFraudulentCertificateReporter::SendReport(
41 const std::string
& hostname
,
42 const net::SSLInfo
& ssl_info
) {
43 // Do silent/automatic reporting ONLY for Google properties. For other
44 // domains (when that is supported), Chrome will ask for user permission.
45 if (!net::TransportSecurityState::IsGooglePinnedProperty(hostname
))
48 CertificateErrorReport
report(hostname
, ssl_info
);
49 std::string serialized_report
;
50 if (!report
.Serialize(&serialized_report
)) {
51 LOG(ERROR
) << "Failed to serialize pinning violation report.";
55 certificate_reporter_
->SendReport(
56 chrome_browser_net::CertificateErrorReporter::
57 REPORT_TYPE_PINNING_VIOLATION
,
