commit bb5ec78508daf2f667aac87369d519018729895c
author davidben@chromium.org <davidben@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> Wed Apr 02 00:45:49 2014
committer davidben@chromium.org <davidben@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> Wed Apr 02 00:45:49 2014
tree 09d8d9d447c2ab944428369234d543482f2c5fe4
parent 15754c107f29ec566651a0d26f2ee0a00549bb22

Make the network predictor HSTS-aware.

If preconnecting to an http URL on the HSTS list, switch to the https version.
Also apply the HSTS redirect before looking a URL up in referrers so
preconnecting subresources for, e.g., http://mail.google.com, picks up
subresources for https://mail.google.com.

BUG=344925

Review URL: https://codereview.chromium.org/219953002

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@261009 0039d316-1c4b-4281-b951-d872f2087c98

chrome/browser/net/predictor.h

diff --git a/chrome/browser/net/predictor.h b/chrome/browser/net/predictor.h
index 04725e8..3234e17 100644
--- a/chrome/browser/net/predictor.h
+++ b/chrome/browser/net/predictor.h
@@ -46,6 +46,8 @@
 
 namespace net {
 class HostResolver;
+class SSLConfigService;
+class TransportSecurityState;
 class URLRequestContextGetter;
 }
 
@@ -59,6 +61,17 @@
 typedef chrome_common_net::NameList NameList;
 typedef std::map<GURL, UrlInfo> Results;
 
+// An observer for testing.
+class PredictorObserver {
+ public:
+  virtual ~PredictorObserver() {}
+
+  virtual void OnPreconnectUrl(const GURL& original_url,
+                               const GURL& first_party_for_cookies,
+                               UrlInfo::ResolutionMotivation motivation,
+                               int count) = 0;
+};
+
 // Predictor is constructed during Profile construction (on the UI thread),
 // but it is destroyed on the IO thread when ProfileIOData goes away. All of
 // its core state and functionality happens on the IO thread. The only UI
@@ -268,6 +281,11 @@
     host_resolver_ = host_resolver;
   }
   // Used for testing.
+  void SetTransportSecurityState(
+      net::TransportSecurityState* transport_security_state) {
+    transport_security_state_ = transport_security_state;
+  }
+  // Used for testing.
   void SetProxyAdvisor(ProxyAdvisor* proxy_advisor) {
     proxy_advisor_.reset(proxy_advisor);
   }
@@ -279,6 +297,10 @@
   void SetShutdown(bool shutdown) {
     shutdown_ = shutdown;
   }
+  // Used for testing.
+  void SetObserver(PredictorObserver* observer) {
+    observer_ = observer;
+  }
 
   // Flag setting to use preconnection instead of just DNS pre-fetching.
   bool preconnect_enabled() const {
@@ -481,6 +503,9 @@
                              UrlInfo::ResolutionMotivation motivation,
                              bool is_preconnect);
 
+  // Applies the HSTS redirect for |url|, if any.
+  GURL GetHSTSRedirectOnIOThread(const GURL& url);
+
   // ------------- End IO thread methods.
 
   scoped_ptr<InitialObserver> initial_observer_;
@@ -520,6 +545,13 @@
   // The host resolver we warm DNS entries for.
   net::HostResolver* host_resolver_;
 
+  // The TransportSecurityState instance we query HSTS redirects from.
+  net::TransportSecurityState* transport_security_state_;
+
+  // The SSLConfigService we query SNI support from (used in querying HSTS
+  // redirects).
+  net::SSLConfigService* ssl_config_service_;
+
   // Are we currently using preconnection, rather than just DNS resolution, for
   // subresources and omni-box search URLs.
   bool preconnect_enabled_;
@@ -557,6 +589,9 @@
 
   scoped_ptr<ProxyAdvisor> proxy_advisor_;
 
+  // An observer for testing.
+  PredictorObserver* observer_;
+
   DISALLOW_COPY_AND_ASSIGN(Predictor);
 };