search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
(parent: 823988c) | patch
Apply HSTS to WebSocket connections.
commitcb76ac67dca0a133cdfa96678ac5cd2a65af96a3
authorAdam Rice <ricea@chromium.org>
Fri, 20 Feb 2015 05:33:25 +0000 (20 14:33 +0900)
committerAdam Rice <ricea@chromium.org>
Fri, 20 Feb 2015 05:35:09 +0000 (20 05:35 +0000)
treea9ca07e14b06bbf44a07e16214434846c610fee5tree | snapshot (tar.gz zip)
parent823988c5d8dbc7756882a86fa471b542310739e8commit | diff
Apply HSTS to WebSocket connections.

With this change, ws: connections to hosts which have an existing HSTS
pin will be automatically changed to use wss:, ie. SSL.

In addition, Strict-Transport-Security headers that are sent from a wss:
server with a valid SSL certificate will be enforced on subsequent ws:
and http: connections to the same host.

This CL also modifies HttpNetworkTransaction to treat wss: the same as
https:.

BUG=455215, 446480
TEST=net_unittests
R=rsleevi@chromium.org, tyoshino@chromium.org

Review URL: https://codereview.chromium.org/903553005

Cr-Commit-Position: refs/heads/master@{#317252}
12 files changed:
chrome/browser/net/websocket_browsertest.cc diff | blob | blame | history
chrome/test/data/websocket/check-hsts.html [new file with mode: 0644] blob
chrome/test/data/websocket/set-hsts.html [new file with mode: 0644] blob
chrome/test/data/websocket/set-hsts.html.mock-http-headers [new file with mode: 0644] blob
net/data/websocket/set-hsts_wsh.py [new file with mode: 0644] blob
net/http/http_network_transaction.cc diff | blob | blame | history
net/http/http_network_transaction.h diff | blob | blame | history
net/http/http_network_transaction_unittest.cc diff | blob | blame | history
net/url_request/url_request.cc diff | blob | blame | history
net/url_request/url_request_unittest.cc diff | blob | blame | history
net/websockets/websocket_end_to_end_test.cc diff | blob | blame | history
net/websockets/websocket_stream.cc diff | blob | blame | history