Strict transport security: come out from behind the flag.
With this change, Strict Transport Security is active by default and
doesn't need the --force-https flag any more.
http://codereview.chromium.org/193067
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@25888 0039d316-1c4b-4281-b951-d872f2087c98
diff --git a/net/url_request/url_request_http_job.cc b/net/url_request/url_request_http_job.cc
index ada4ad1c..8d71b362 100644
--- a/net/url_request/url_request_http_job.cc
+++ b/net/url_request/url_request_http_job.cc
@@ -46,11 +46,7 @@
return new URLRequestErrorJob(request, net::ERR_INVALID_ARGUMENT);
}
- // We cache the value of the switch because this code path is hit on every
- // network request.
- static const bool kForceHTTPS =
- CommandLine::ForCurrentProcess()->HasSwitch(switches::kForceHTTPS);
- if (kForceHTTPS && scheme == "http" &&
+ if (scheme == "http" &&
request->context()->strict_transport_security_state() &&
request->context()->strict_transport_security_state()->IsEnabledForHost(
request->url().host())) {
@@ -486,10 +482,6 @@
if (!net::IsCertificateError(result))
return false;
- // Hide the fancy processing behind a command line switch.
- if (!CommandLine::ForCurrentProcess()->HasSwitch(switches::kForceHTTPS))
- return true;
-
// Check whether our context is using Strict-Transport-Security.
if (!context_->strict_transport_security_state())
return true;
@@ -698,10 +690,6 @@
void URLRequestHttpJob::ProcessStrictTransportSecurityHeader() {
DCHECK(response_info_);
- // Hide processing behind a command line flag.
- if (!CommandLine::ForCurrentProcess()->HasSwitch(switches::kForceHTTPS))
- return;
-
// Only process Strict-Transport-Security from HTTPS responses.
if (request_info_.url.scheme() != "https")
return;
