gecko-dev

Граф коммитов

Автор	SHA1	Сообщение	Дата
Sam Gibson	257616da50	servo: Merge #8776 - Fix the parsing of the chromium HSTS preload list (from samfoo:hsts-preload-download-fix); r=jdm Urg! The Chromium HSTS preload JSON file contains single line comments. Previously these were filtered out with a very simple regex that just looked for '//' and removed the line. Now the file has added a couple fields that have URLs in them that were erroneously removed and caused the JSON parsing to fail. This commit slightly complicates the regex to fix this specific problem. If this happens again, it's likely worth it to figure out how to use a real parser to remove the comments. servo/servo#8760 Source-Repo: https://github.com/servo/servo Source-Revision: 2be60be062e14c937af601faed78a6aceccdb062	2015-12-02 09:56:05 +05:01
Sam Gibson	69f6c7e1ca	servo: Merge #6490 - Implement HSTS (preload-only) (from samfoo:hsts-preload); r=jdm Implement HSTS (preload-only) servo/servo#6105 * Downloads the HSTS preload list from the chromium repo (same as gecko), then convert it to a list appropriate for servo. * Reads the preload list when creating a resource task, and implements STS for those domains. Still todo: * Read Strict-Transport-Security headers from servers and add details to the in-memory HSTS list. (note: this requires hyper or servo to implement an STS header struct. Hyper seems like the appropriate location, so I will create an issue/PR there soon). The work for this is nearly done with the exception of adding a new ControlMsg and the new header. * Persist HSTS list to disk with known hosts (perhaps a different issue should be raised for this?) Source-Repo: https://github.com/servo/servo Source-Revision: ab3d6c472d409c1602c873dcdcb495a7fec9d4b0	2015-07-22 10:23:05 -06:00

Автор

SHA1

Сообщение

Дата

Sam Gibson

257616da50

servo: Merge #8776 - Fix the parsing of the chromium HSTS preload list (from samfoo:hsts-preload-download-fix); r=jdm

Urg! The Chromium HSTS preload JSON file contains single line comments. Previously these were filtered out with a very simple regex that just looked for '//' and removed the line. Now the file has added a couple fields that have URLs in them that were erroneously removed and caused the JSON parsing to fail. This commit slightly complicates the regex to fix this specific problem.

If this happens again, it's likely worth it to figure out how to use a real parser to remove the comments.

servo/servo#8760

Source-Repo: https://github.com/servo/servo
Source-Revision: 2be60be062e14c937af601faed78a6aceccdb062

2015-12-02 09:56:05 +05:01

Sam Gibson

69f6c7e1ca

servo: Merge #6490 - Implement HSTS (preload-only) (from samfoo:hsts-preload); r=jdm

Implement HSTS (preload-only) servo/servo#6105

* Downloads the HSTS preload list from the chromium repo (same as gecko), then convert it to a list appropriate for servo.
* Reads the preload list when creating a resource task, and implements STS for those domains.

Still todo:

* Read Strict-Transport-Security headers from servers and add details to the in-memory HSTS list. (note: this requires hyper or servo to implement an STS header struct. Hyper seems like the appropriate location, so I will create an issue/PR there soon). The work for this is nearly done with the exception of adding a new ControlMsg and the new header.
* Persist HSTS list to disk with known hosts (perhaps a different issue should be raised for this?)

Source-Repo: https://github.com/servo/servo
Source-Revision: ab3d6c472d409c1602c873dcdcb495a7fec9d4b0

2015-07-22 10:23:05 -06:00

2 Коммитов