Parent Directory
| 
Revision Log
| Links to HEAD: | (view) (annotate) |
| Sticky Revision: |
net: add HSTS for login.corp.google.com BUG=none R=palmer@chromium.org Review URL: https://codereview.chromium.org/490613002
net: a batch of manual HSTS preloads. This includes the removal of an entry at the request of the site. I've confirmed that the entry didn't make it into the M38 branch.
net: add a batch of HSTS preload sites. Also remove accelerated.de by request of the site.
net: add a batch of HSTS preloads.
net: add a set of HSTS preload sites.
net: add a batch of HSTS preloads.
net: set a batch of HSTS preloads.
net: add pinning for two more Google domains. BUG=none R=palmer@chromium.org Review URL: https://codereview.chromium.org/444053002
net: add a couple of domain to HSTS list.
Break labels apart in preloaded list. Since the hosts are stored in DNS wire format (with length-prefixed labels), any labels that start with a digit cause an escape like "\0071..." (that's length=7, first byte of the label = "1"). But this causes a warning in Visual Studio and breaks the build. This change splits the length bytes from the labels so that this warning doesn't happen. BUG=none R=palmer@chromium.org Review URL: https://codereview.chromium.org/456853002
net: several HSTS preloaded additions.
net: add (*.)domains.google.com to HSTS preloaded.
net: add a couple of sites to HSTS preloaded.
net: a couple of domains for HSTS preloading.
net: add (*.)code-poets.co.uk to HSTS preloaded.
net: add HSTS and pinning for Dropbox. BUG=none R=rsleevi@chromium.org Review URL: https://codereview.chromium.org/359803002
net: add a handful of sites to HSTS preloaded list
net: add accounts.firefox.com to HSTS preloaded.
net: add www.capitainetrain.com to HSTS preloaded.
net: HSTS preload updates.
net: a batch of HSTS preloaded updates.
Require HTTPS for crbug.com. BUG=373864 NOTRY=true Review URL: https://codereview.chromium.org/294733002
net: a batch of HSTS preloaded updates.
net: a batch of HSTS preload updates.
net: add airbnb.com to HSTS preloaded.
net: add (*.)noexpect.org to HSTS preloaded.
net: batch of HSTS preloaded additions.
net: add (*.)app.manilla.com to HSTS preloaded.
net: add a batch of entries to the HSTS preloaded list.
net: a batch of updates to the HSTS preloaded list.
net: add a batch of HSTS preload entries.
net: add (*.)googletagservices.com for Google pins. BUG=362144
net: two additions to the HSTS preloaded list.
net: add a batch of HSTS preload entries.
net: add (*.)passwordbox.com to HSTS preloaded.
Include subdomains for AppEngine preloaded HSTS/pinning. BUG=358571 R=agl@chromium.org Review URL: https://codereview.chromium.org/220593005
net: add (*.)heha.co to HSTS preloaded list.
Require HTTPS for admin.google.com. BUG=353013 R=agl@chromium.org, palmer@chromium.org Review URL: https://codereview.chromium.org/206063006
net: various additions to the HSTS list.
net: add (www.)roddis.net to HSTS preloaded list.
net: add (*.)mailbox.org to HSTS preloaded.
net: add (*.)prodpad.com to HSTS preloaded.
net: add (www.)aclu.org to HSTS preloaded list.
net: add (*.)boxcryptor.com to HSTS preloaded.
net: add (*.)blacklane.com to HSTS preloaded list.
net: pin (*.)googletagmanager.com BUG=340280 Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=248500 R=palmer@chromium.org Review URL: https://codereview.chromium.org/151163004
net: add (www.)calyxinstitute.com to HSTS preloaded list.
Revert "net: pin (*.)googletagmanager.com" Got my branches mixed up and didn't mean to land that yet. This reverts commit r248500.
net: pin (*.)googletagmanager.com BUG=340280 Review URL: https://codereview.chromium.org/151163004
net: add neilwynne.com to HSTS preloaded list.
net: add HSTS entries for mykolab.com and Evernote
net: pin (*.)gstatic.com, not just ssl.gstatic.com BUG=335567 R=cevans@chromium.org, palmer@chromium.org Review URL: https://codereview.chromium.org/134643021
net: add a couple of HSTS entries.
net: add (*.)www.heliosnet.com to HSTS preloaded.
net: add GlobalSign to Twitter CDN pins. BUG=329961 R=palmer@chromium.org Review URL: https://codereview.chromium.org/119403002
net: don't include subdomains for play.google.com HSTS. BUG=327834 R=palmer@chromium.org Review URL: https://codereview.chromium.org/125313002
net: add (*.)matteomarescotti.name to HSTS preloaded.
net: add HSTS for (www.)getcloak.com.
net: several HSTS preload additions. This change adds a handful of Yandex domains and (*.)mnsure.org to the HSTS preload list.
net: add (*.)mail.de to HSTS preloaded.
net: add (*.)eff.org to HSTS preloaded.
net: add (*.)(go|login|my|payroll|in|api).xero.com to HSTS preloaded.
net: add (data|publications).qld.gov.au to HSTS preloaded.
net: fixup transport_security_state_static.h from JSON data. TBR=palmer@chromium.org BUG=none Review URL: https://codereview.chromium.org/98603009
Add {cloud,glass,play}.google.com to the preloads.
R=rsleevi@chromium.org
Review URL: https://codereview.chromium.org/82703005
net: add (*.)lifeguard.aecom.com to HSTS preloaded.
net: remove a couple of domains from the HSTS list, by request.
net: add (*.)skydrive.live.com to HSTS preloaded.
Revert: "net: don't allow SSLv3 fallback for Google properties." This reverts r221192. We are going to try a different approach. See http://www.ietf.org/mail-archive/web/tls/current/msg10676.html BUG=323598 Review URL: https://codereview.chromium.org/88913003
net: update HSTS for lookout.com and gernert-server.de.
net: add several zenpayroll.com hosts to HSTS preloaded.
net: add (www.)simbolo.co.uk to HSTS preloaded.
net: add Baltimore CyberTrust Root to the twitterCDN pinning set. This was previously an intermediate but has been promoted to a root in some root stores. This is causing chain truncation and pinning mismatches for, at least, twimg0-a.akamaihd.net. BUG=285472 R=cbentzel@chromium.org Review URL: https://codereview.chromium.org/68113025
net: add (*.)goto.google.com to HSTS preloaded. BUG=none R=palmer@chromium.org Review URL: https://codereview.chromium.org/69863005
net: add kinsights.com to HSTS preloaded.
net: add (*.)getlantern.org to HSTS preloading.
net: trim allowed Google pins now that we have switched to GIAG2. BUG=none R=palmer@chromium.org Review URL: https://codereview.chromium.org/55893003
net: add pinning for liberty.lavabit.com. BUG=none R=palmer@chromium.org Review URL: https://codereview.chromium.org/45373002
Remove HSTS preload for translate.google.com. Works around a server-side bug. BUG=309176 TBR=rsleevi@chromium.org Review URL: https://codereview.chromium.org/28743003
net: add (*.)medium.com to HSTS preloaded.
Add oraprodmv.corp.google.com to HSTS preloaded to allow TLS version fallback. R=agl@chromium.org BUG=305017 TEST=none NOTRY=true Review URL: https://codereview.chromium.org/26296004
net: add (*.)cybozu.com and (*.)davidlyness.com to HSTS preloaded.
net: add cupcake.(io|is) and tent.io to HSTS preloaded.
net: add several Atlassian sites to HSTS preloaded.
net: add (*.)strongest-privacy.com to HSTS preloaded.
net: add (*.)saturngames.co.uk to HSTS preloaded.
net: add (*.)crowdcurity.com to HSTS preloaded.
Blacklist semi-private intermediate issuers from issuing for Google domains. These issuers do not issue certificates for Google properties. BUG=173460 TBR=agl@chromium.org,rsleevi@chromium.org,cevans@chromium.org Review URL: https://chromiumcodereview.appspot.com/23523051
net: add (*.)appseccalifornia.org to HSTS preloaded.
net: add lumi.do to HSTS preloaded.
net: add (*.)wiki.python.org to HSTS preloaded.
net: don't allow SSLv3 fallback for Google properties. This change reverts r199185 ("Disable SSL3 fallback restriction on Google properties") and pokes a whole in the HSTS tables to account for crbug.com/237055. BUG=237055 R=palmer@chromium.org, rsleevi@chromium.org, wtc@chromium.org Review URL: https://codereview.chromium.org/23523016
net: add DigiCert to Twitter pins. BUG=none Review URL: https://chromiumcodereview.appspot.com/22865046
Add wallet to the Google HSTS list (replacing defunct health). BUG=279359 R=palmer@chromium.org, rsleevi@chromium.org Review URL: https://codereview.chromium.org/23606005
net: add bcrook.com to HSTS preloaded.
Revert 219811 "Opt *.corp.google.com into HSTS." > Opt *.corp.google.com into HSTS. > > BUG=270911 > R=mal@chromium.org, rsleevi@chromium.org > > Review URL: https://codereview.chromium.org/23251006 TBR=cevans@chromium.org Review URL: https://codereview.chromium.org/23672012
Opt *.corp.google.com into HSTS. BUG=270911 R=mal@chromium.org, rsleevi@chromium.org Review URL: https://codereview.chromium.org/23251006
net: forbid Thawte for Google properties. We have not used Thawte certificates on Google properties for a while now. This change removes Thawte from the allowed pins. BUG=none Review URL: https://chromiumcodereview.appspot.com/23477002
net: add (*.)oplop.appspot.com to HSTS preloaded.
net: add (*.)lolicore.ch and (*.)cloudns.com.au to HSTS preloaded.
Set preloaded HSTS policy for Google Translate. BUG=240490 TEST=translate.google.com, and Chrome's "Translate This Page" feature, still work. R=agl@chromium.org Review URL: https://codereview.chromium.org/15147002
net: add (*.)mediacru.sh to HSTS preloaded list.
net: add (*.)mudcrab.us to HSTS preloaded.
net: add (*.)haste.ch to HSTS preloaded.
Correct HSTS list entry: surkatty.com -> .org.
net: add (*.)securityheaders.com to HSTS.
net: add (*.)surkatty.org to HSTS preloaded.
net: add (*.)rapidresearch.me to HSTS preloaded.
net: include subdomains for square.com HSTS. (By request of Square.)
net: add (*.)bank.simple.com to HSTS preloaded.
net: add (*.)shodan.io to HSTS preloaded.
net: add (*.)whonix.org, (*.)blueseed.co and (*.)forum.quantifiedself.com to HSTS preloaded.
net: add (*.)[blog|www].cyveillance.com to HSTS preloaded.
net: add (*.)launchkey.com and (*.)carlolly.co.uk to HSTS preloaded list.
net: add (*.)bccx.com to HSTS preloaded list.
net: (*.)logotype.se to HSTS preloaded.
net: add (*.)conformal.com, (*.)cyphertite.com to HSTS preloaded.
net: add carezone.com to HSTS preloaded list.
net: add (*.)inertianetworks.com to HSTS preloaded list.
Preload HSTS for paypal.com. Not just www.paypal.com. BUG=245148 TEST=Navigating to http://paypal.com causes no HTTP traffic, only HTTPS traffic. Review URL: https://chromiumcodereview.appspot.com/16261002
net: HSTS preloading for several linode.com domains
Preload strict HSTS for security.google.com. BUG=243385 R=rsleevi@chromium.org Review URL: https://codereview.chromium.org/15755015
net: remove include_subdomains for square.com They realised that they can't do that yet.
net: add (*.)square.com to HSTS preloaded.
net: add (www.)grc.com to HSTS preloaded list.
net: add (*.)sah3.net to HSTS preloaded list. By request of Jorn Mineur.
net: add (*.)bassh.net to the HSTS preloaded list.
Adding preloaded pin and HSTS for Chrome Dev Tools. New host that must be pinned and HTTPS: chrome-devtools-frontend.appspot.com. Review URL: https://codereview.chromium.org/13390007
net: add GoogleG2 to allowed Google pins. BUG=none Review URL: https://chromiumcodereview.appspot.com/13170002
net: change HSTS for (*.)simple.com to specific subdomains. Simple requested that the HSTS entry be split up to avoid status.simple.com.
net: several HSTS updates. 1) Add (*.)simple.com 1) Sync the JSON with the header for gigahost.dk. 2) Include subdomains for members.nearlyfreespeech.net
net: remove kyps.net from HSTS preloaded.
net: split net/ssl out of net/base Also moves transport_security_state files to net/http. This change also updates the callers. R=wtc TBR=rsleevi,lambroslambrou,tony BUG=70818 Review URL: https://codereview.chromium.org/12680003
... ter ZZrge branch 'master' into hsts net: add kiwiirc.com to HSTS preloaded.
net: add ssl.panoramio.com and "members.nearlyfreespeech.net to HSTS preloaded.
net: add bugzilla.mozilla.org to HSTS preloaded.
net: add writeapp.me to HSTS preloaded
net: add (*.)paymill.de to HSTS preloaded.
net: add (*.)lockify.com to HSTS preloaded.
net: add mega.co.nz and (*.)api.mega.co.nz to HSTS
Preload HSTS and pins for two more Google domains. developer.android.com and dl.google.com. BUG=170913 TEST=developer.android.com and dl.google.com still work Review URL: https://chromiumcodereview.appspot.com/11938026
net: add (*.)zoo24.de to HSTS preloaded list.
Force HTTPS and public keys for sandbox.google.com and subdomains.
This would have helped mitigate a recent security bug.
BUG=172984
TEST=visit http://{plus,www,}.sandbox.google.com and make sure the request
is upgraded to HTTPS.
Review URL: https://codereview.chromium.org/12093100
net: add gocardless.com and espra.com to HSTS preloaded
net: add (*.)paymill.{com|de} to HSTS preloaded.
net: add two Google backup pins. (Details will be distributed internally to reviewers.) BUG=171444 Review URL: https://codereview.chromium.org/12045026
net: don't pin crypto.cat's subdomains. By request of Nadim Kobeissi. BUG=169788 Review URL: https://chromiumcodereview.appspot.com/11906007
Revert "net: don't pin crypto.cat's subdomains." This reverts commit r176672. Preloaded test broke.
net: don't pin crypto.cat's subdomains. By request of Nadim Kobeissi. BUG=169788
This is the first in an intended sequence of CLs to refactor TransportSecurityState, fix some book-keeping bugs, and hopefully add TACK. This sequence of CLs will be derived from the original, overly-large CL #11191005. This CL does a few things: - Adds a high-level API for processing HSTS/HPKP - Move the code for handling HSTS/HPKP headers out of transport_security_state - Move HashValue out of x509_cert_types - Addresses several HSTS/HPKP parsing bugs identified during review of the cleanup - Ignore unknown HSTS/HPKP directives - Ignore unknown hash algorithms - Handle overly-large (> int64) expirations without parsing issues - Reject invalid pins entered by users Review URL: https://chromiumcodereview.appspot.com/11274032
Complete HSTS preload for *.code.google.com. BUG=158594 Review URL: https://codereview.chromium.org/11794040
net: add GeoTrust Global to the Google pinning set. This is another Symantec root and brings Google2048 in line with GIA by having the CA above it be an acceptable pin. BUG=166044 Review URL: https://codereview.chromium.org/11564022
net: add my.alfresco.com and webmail.gigahost.dk to HSTS preloaded.
Correct dists -> dist in HSTS preloaded list for Tor. (Their typo, not mine!)
net: add dists.torproject.org to HSTS preload with pinning.
net: remove include_subdomains from therapynotes.com by request of the site owner.
net: add (*.)serverdensity.io to HSTS preloaded.
net: HSTS preloading for www.gov.uk and silentcircle.[com|org]
net: HSTS updates for onlime.ch and mayfirst.org (Yes, it's really onlime, not online)
Add certificate pinning for crypto.cat. BUG=None Review URL: https://codereview.chromium.org/11358199
net: add a couple of entries to the HSTS preloaded list. This change also alters some previous entries that were added manually. Review URL: https://codereview.chromium.org/11369156
Add HSTS preload for code.google.com. BUG=158594 TEST=Navigate to code.google.com and expect to get https://. uploads.code.google.com should NOT get upgraded to https:// yet. Review URL: https://codereview.chromium.org/11362014
Add an HSTS preload for history.google.com. BUG=158612 TEST=Navigate to history.google.com and expect to get https://. Review URL: https://codereview.chromium.org/11345041
Add an HSTS preload for another alias of Chromium Rietveld. BUG=158522 TEST=Navigate to codereview.chromium.org and expect to get https://. Review URL: https://codereview.chromium.org/11346037
net: update Twitter HSTS entry. This change makes twitter.com and (*.)www.twitter.com force HTTPS at the request of Twitter.
net: add a couple of RedHat domains to the HSTS preloaded list.
net: add (*.)stocktrade.de to HSTS preloaded.
net: add (*.)itriskltd.com" to HSTS preloaded list.
net: add lookout.com (and friends) to HSTS preloaded.
net: add packagist.org to HSTS preloaded.
net: add surfeasy.com to HSTS preloaded.
net: set Google pins for our ccTLDs domains and others. BUG=141444 Review URL: https://chromiumcodereview.appspot.com/10834300
net: add (*.)iop.intuit.com to HSTS preloaded
net: add (www.)makeyourlaws.org to HSTS preloaded.
net: add (*.)csawctf.poly.edu to HSTS preloaded.
net: add (*.)fatzebra.com.au to HSTS preloaded
net: remove duplicate HSTS entry for arivo.com.br This change also adds a check in the script to prevent this occuring again.
net: add intercom.io to HSTS preloaded.
net: add howrandom.org to HSTS preloaded.
net: add arivo.com.br to HSTS preloaded.
net: add (*.)piratenlogin.de to HSTS preloaded.
net: add several neonisi.com domains to HSTS preloaded.
net: add codereview sites to HSTS preloaded. Review URL: https://chromiumcodereview.appspot.com/10830118
net: add browserid.org and login.persona.org to HSTS preloaded. BUG=139471
Add irccloud.com to HSTS preloaded list
Add sol.io to HSTS preloaded
Remove the rest of #pragma once in one big CL. For context see this thread: https://groups.google.com/a/chromium.org/forum/?fromgroups#!topic/chromium-dev/RMcVNGjB4II TBR=thakis,pkasting,jam
Don't include PEM certificates in generated HSTS file. (No semantic change: only alters comments.)
Add jitsi.org to HSTS preloaded.
Add (*.)www.cueup.com to HSTS preloaded list. Also correct an error that I made in a the last set of entries and add a test to prevent it happening again.
Add script.google.com to HSTS preloaded.
Add www.apollo-auto.com as HSTS preloaded.
Remove splendidbacon.com from HSTS list.
Add arivo.com.br to HSTS preloaded.
Revert 140300 - Remove splendidbacon.com from HSTS preload. The site is shutting down: http://blog.kiskolabs.com/post/20108267834/the-regrettable-end-of-splendid-bacon TBR=agl@chromium.org Review URL: https://chromiumcodereview.appspot.com/10479011
Remove splendidbacon.com from HSTS preload. The site is shutting down: http://blog.kiskolabs.com/post/20108267834/the-regrettable-end-of-splendid-bacon
Add business.medbank.com.mt to HSTS preloaded.
Revert 138795 - Revert "nss: revert encrypted and origin bound certificates support." Cleaning up git-svn mess with drover. TBR=agl@chromium.org Review URL: https://chromiumcodereview.appspot.com/10451012
Revert "nss: revert encrypted and origin bound certificates support." Screwed up git branches in that change.
net: add certificate pins for tor2web.org BUG=none TEST=none https://chromiumcodereview.appspot.com/10411075/
Add braintreegateway.com/braintreepayments.com to HSTS preloaded.
net: move HSTS preloaded and pinning info out of code. (This is a reland of r132012, which was reverted in r132016 because it broke net_unittests on ChromeOS.) This change moves information about HSTS preloaded and public key pinning, that were previously written in code, into external files that can be consumed by other programs. Those files are converted by a program (that is not part of the build process) into hsts_preloaded.h. In order to make this change easier to review, hsts_preloaded.h was created by concatenating public_key_hashes.h and transport_security_state.cc. Therefore, the diffs will show where the new, generated file differs from the previous code. public_key_hashes.h and public_key_hashes_check.go are removed and subsumed by hsts_preloaded.h. BUG=none TEST=net_unittests Review URL: https://chromiumcodereview.appspot.com/9863001
Revert 132012 - net: move HSTS preloaded and pinning info out of code. This change moves information about HSTS preloaded and public key pinning, that were previously written in code, into external files that can be consumed by other programs. Those files are converted by a program (that is not part of the build process) into hsts_preloaded.h. In order to make this change easier to review, hsts_preloaded.h was created by concatenating public_key_hashes.h and transport_security_state.cc. Therefore, the diffs will show where the new, generated file differs from the previous code. public_key_hashes.h and public_key_hashes_check.go are removed and subsumed by hsts_preloaded.h. BUG=none TEST=net_unittests Review URL: https://chromiumcodereview.appspot.com/9863001 TBR=agl@chromium.org Review URL: https://chromiumcodereview.appspot.com/10003002
net: move HSTS preloaded and pinning info out of code. This change moves information about HSTS preloaded and public key pinning, that were previously written in code, into external files that can be consumed by other programs. Those files are converted by a program (that is not part of the build process) into hsts_preloaded.h. In order to make this change easier to review, hsts_preloaded.h was created by concatenating public_key_hashes.h and transport_security_state.cc. Therefore, the diffs will show where the new, generated file differs from the previous code. public_key_hashes.h and public_key_hashes_check.go are removed and subsumed by hsts_preloaded.h. BUG=none TEST=net_unittests Review URL: https://chromiumcodereview.appspot.com/9863001
Rename hsts_preloaded.h to transport_security_state_static.h. This is a complete no-op as neither filename is actually used. This is just to make a future change easier to review. (Not reviewed.)
Manually merge some broken lines in hsts_preloaded.h This change merges some > 80-char lines together. hsts_preloaded.h is a dummy file to make a future CL easier to review. (Not reviewed)
Add hsts_preloaded.h This CL is the result of: % cat public_key_hashes.h transport_security_state.cc > hsts_preloaded.h This is purely to make a future CL easier to review. (Not reviewed)
This form allows you to request diffs between any two revisions of this file. For each of the two "sides" of the diff, enter a numeric revision.
| Powered by ViewVC 1.1.26 | ViewVC Help |