Issue 1211363005: Parse HPKP report-uri and persist in TransportSecurityPersister

Issue 1211363005: Parse HPKP report-uri and persist in TransportSecurityPersister (Closed)

Created:
5 years, 6 months ago by estark

Modified:
5 years, 4 months ago

Reviewers:
eroman, davidben, Ryan Sleevi

CC:
chromium-reviews, cbentzel+watch_chromium.org, eroman, palmer

Base URL:
https://chromium.googlesource.com/chromium/src.git@master

Target Ref:
refs/pending/heads/master

Project:
chromium

Visibility:
Public.

More Reviews

Description

Parse HPKP report-uri and persist in TransportSecurityPersister This CL parses the report-uri attribute on HPKP headers and stores them in TransportSecurityPersister. This is CL #1. CL #2: crrev.com/1212973002 (add net::CertificateReportSender) CL #3: crrev.com/1212613004 (build and send HPKP reports) BUG=445793 Committed: https://crrev.com/1320e36d908427d615357df1630348bfb38cb5c4 Cr-Commit-Position: refs/heads/master@{#339667} Committed: https://crrev.com/83487b6773bbda6a46191dede6010ec90e5a9ae8 Cr-Commit-Position: refs/heads/master@{#340490}

Patch Set 1 #

Patch Set 2 : minor cleanup #

Total comments: 13

Patch Set 3 : rsleevi comments #

Total comments: 3

Patch Set 4 : use a values-optional mode for NameValuePairsIterator #

Patch Set 5 : style tweaks #

Patch Set 6 : rebase #

Total comments: 21

Patch Set 7 : davidben comments #

Total comments: 12

Patch Set 8 : rsleevi comments #

Patch Set 9 : another rsleevi comment #

Total comments: 2

Patch Set 10 : pass iterators to LowerCaseEqualsASCII #

Total comments: 4

Patch Set 11 : style fixes #

Patch Set 12 : update LowerCaseEqualsAscii() call sites #

Patch Set 13 : GetNext() fix #

Created: 5 years, 5 months ago

Download [raw] [tar.bz2]

	Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+432 lines, -222 lines)			Patch
M	chrome/browser/ui/webui/net_internals/net_internals_ui.cc	View	1 2 3 4 5 6 7 8 9 10 11	1 chunk	+1 line, -1 line	0 comments	Download
M	net/http/http_security_headers.h	View	1 2 3 4 5 6 7	3 chunks	+5 lines, -1 line	0 comments	Download
M	net/http/http_security_headers.cc	View	1 2 3 4 5 6 7 8 9 10 11	5 chunks	+67 lines, -55 lines	0 comments	Download
M	net/http/http_security_headers_unittest.cc	View	1 2 3 4 5 6 7	9 chunks	+179 lines, -77 lines	0 comments	Download
M	net/http/http_util.h	View	1 2 3 4 5 6 7 8	4 chunks	+19 lines, -8 lines	0 comments	Download
M	net/http/http_util.cc	View	1 2 3 4 5 6 7 8 9 10 11 12	4 chunks	+28 lines, -49 lines	0 comments	Download
M	net/http/http_util_unittest.cc	View	1 2 3 4 5 6 7 8 9 10	1 chunk	+42 lines, -0 lines	0 comments	Download
M	net/http/transport_security_persister.cc	View	1 2 3 4 5 6 7	3 chunks	+10 lines, -0 lines	0 comments	Download
M	net/http/transport_security_persister_unittest.cc	View	1 2 3 4 5 6 7	7 chunks	+11 lines, -5 lines	0 comments	Download
M	net/http/transport_security_state.h	View	1 2 3 4 5 6 7 8 9 10	4 chunks	+9 lines, -2 lines	0 comments	Download
M	net/http/transport_security_state.cc	View	1 2 3 4 5 6 7	4 chunks	+12 lines, -5 lines	0 comments	Download
M	net/http/transport_security_state_unittest.cc	View	1 2 3 4 5 6 7	16 chunks	+49 lines, -19 lines	0 comments	Download

Messages

Total messages: 36 (7 generated)

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages

estark

This is CL 1/4 split out from https://codereview.chromium.org/1211933005/.

5 years, 6 months ago (2015-06-26 19:28:17 UTC) #2

Ryan Sleevi

https://codereview.chromium.org/1211363005/diff/20001/net/http/http_security_headers.cc File net/http/http_security_headers.cc (right): https://codereview.chromium.org/1211363005/diff/20001/net/http/http_security_headers.cc#newcode319 net/http/http_security_headers.cc:319: if (!HttpUtil::IsQuote(equals.second[0])) SECURITY BUG: equals.second.empty() may be true, in ...

5 years, 6 months ago (2015-06-26 19:41:53 UTC) #4

estark

Thanks Ryan. https://codereview.chromium.org/1211363005/diff/20001/net/http/http_security_headers.cc File net/http/http_security_headers.cc (right): https://codereview.chromium.org/1211363005/diff/20001/net/http/http_security_headers.cc#newcode319 net/http/http_security_headers.cc:319: if (!HttpUtil::IsQuote(equals.second[0])) On 2015/06/26 19:41:52, Ryan Sleevi ...

5 years, 6 months ago (2015-06-26 22:42:11 UTC) #5

Ryan Sleevi

https://codereview.chromium.org/1211363005/diff/20001/net/http/http_security_headers_unittest.cc File net/http/http_security_headers_unittest.cc (right): https://codereview.chromium.org/1211363005/diff/20001/net/http/http_security_headers_unittest.cc#newcode526 net/http/http_security_headers_unittest.cc:526: backup_pin + ";" + good_pin + "; report-uri=\"/foo\"", On ...

5 years, 5 months ago (2015-06-27 12:13:59 UTC) #6

davidben

https://codereview.chromium.org/1211363005/diff/40001/net/http/http_security_headers.cc File net/http/http_security_headers.cc (right): https://codereview.chromium.org/1211363005/diff/40001/net/http/http_security_headers.cc#newcode109 net/http/http_security_headers.cc:109: size_t point = HttpUtil::FindDelimiter(source, 0, delimiter); On 2015/06/27 12:13:59, ...

5 years, 5 months ago (2015-06-29 22:38:44 UTC) #7

https://codereview.chromium.org/1211363005/diff/40001/net/http/http_security_...
File net/http/http_security_headers.cc (right):

https://codereview.chromium.org/1211363005/diff/40001/net/http/http_security_...
net/http/http_security_headers.cc:109: size_t point =
HttpUtil::FindDelimiter(source, 0, delimiter);
On 2015/06/27 12:13:59, Ryan Sleevi (slow through 7-15 wrote:
> Hrm, this was previously dead code, and nothing uses this function - not even
> unit tests!
> 
> It makes me wonder if we should be tweaking HttpUtil::NameValuePairsIterator
to
> allow optionally omitted values, which would at least be consistent with all
the
> other code we use.

That sounds reasonable to me, assuming you mean that value-less is some opt-in
mode for NameValuePairsIterator. Too bad there isn't a clear name for this
syntax that specs and NameValuePairsIterator could clearly refer to. There seem
to be a handful of parsing problems with the current code, like the one Emily
caught. We also don't accept quoted max-ages right now, if I'm reading this code
right, but RFC 6797 explicitly allows it quoted. <insert davidben's usual rant
about text-based encodings here>

Although note, by the way, that NameValuePairsIterator also accepts this broken
syntax:
http://crbug.com/39836

[Aside: Is HPKP quiiite the same syntax? I suspect this is a spec error but:

http://tools.ietf.org/html/rfc6797#section-6.1
This cites the "implied *LWS" variant and so it allows spaces (and the
line-folding craziness!) everywhere.

http://tools.ietf.org/html/rfc7469#section-2.1
This cites the RFC 7230 formulation (which says, if obsolete line folding is
supported, it's replaced with one or more SP before further processing) and has
explicit OWS in places. But there isn't OWS around the =.

Anyway, I'm guessing this is a spec error and so it's safe to use an omitted
values variant of NameValuePairsIterator.]

https://codereview.chromium.org/1211363005/diff/40001/net/http/http_security_...
net/http/http_security_headers.cc:319: // report-uris are always quoted.
Not quoting would be insane, but I don't actually see anything in the spec that
requires that. (Spec error? Pins explicitly say they have to be quoted.)

estark

Hello, I'm back from vacation. Patchset #5 adds an optional-values mode to NameValuePairsIterator, uses it ...

5 years, 5 months ago (2015-07-06 23:42:02 UTC) #8

Hello, I'm back from vacation. Patchset #5 adds an optional-values mode to
NameValuePairsIterator, uses it for HPKP parsing, and deletes the dead code
(FindDelimiter).

On 2015/06/29 22:38:44, David Benjamin wrote:
>
https://codereview.chromium.org/1211363005/diff/40001/net/http/http_security_...
> File net/http/http_security_headers.cc (right):
> 
>
https://codereview.chromium.org/1211363005/diff/40001/net/http/http_security_...
> net/http/http_security_headers.cc:109: size_t point =
> HttpUtil::FindDelimiter(source, 0, delimiter);
> On 2015/06/27 12:13:59, Ryan Sleevi (slow through 7-15 wrote:
> > Hrm, this was previously dead code, and nothing uses this function - not
even
> > unit tests!
> > 
> > It makes me wonder if we should be tweaking HttpUtil::NameValuePairsIterator
> to
> > allow optionally omitted values, which would at least be consistent with all
> the
> > other code we use.
> 
> That sounds reasonable to me, assuming you mean that value-less is some opt-in
> mode for NameValuePairsIterator. Too bad there isn't a clear name for this
> syntax that specs and NameValuePairsIterator could clearly refer to. There
seem
> to be a handful of parsing problems with the current code, like the one Emily
> caught. We also don't accept quoted max-ages right now, if I'm reading this
code
> right, but RFC 6797 explicitly allows it quoted. <insert davidben's usual rant
> about text-based encodings here>

Added a test for quoted max-ages.

> 
> Although note, by the way, that NameValuePairsIterator also accepts this
broken
> syntax:
> http://crbug.com/39836
> 
> 
> [Aside: Is HPKP quiiite the same syntax? I suspect this is a spec error but:
> 
> http://tools.ietf.org/html/rfc6797#section-6.1
> This cites the "implied *LWS" variant and so it allows spaces (and the
> line-folding craziness!) everywhere.
> 
> http://tools.ietf.org/html/rfc7469#section-2.1
> This cites the RFC 7230 formulation (which says, if obsolete line folding is
> supported, it's replaced with one or more SP before further processing) and
has
> explicit OWS in places. But there isn't OWS around the =.
> 
> Anyway, I'm guessing this is a spec error and so it's safe to use an omitted
> values variant of NameValuePairsIterator.]
> 
>
https://codereview.chromium.org/1211363005/diff/40001/net/http/http_security_...
> net/http/http_security_headers.cc:319: // report-uris are always quoted.
> Not quoting would be insane, but I don't actually see anything in the spec
that
> requires that. (Spec error? Pins explicitly say they have to be quoted.)

A couple things have come up so far that are in the category of possible spec
errors or improvements, but I'm not sure what to do with them. I'm just keeping
a list of them so far and doing what seems sensible, and figure I'll deal with
them in a batch later, though I'm not quite sure what "deal with them" means.
(File errata?)

estark

On 2015/07/06 23:42:02, estark wrote: > Hello, I'm back from vacation. Patchset #5 adds an ...

5 years, 5 months ago (2015-07-13 17:33:30 UTC) #9

On 2015/07/06 23:42:02, estark wrote:
> Hello, I'm back from vacation. Patchset #5 adds an optional-values mode to
> NameValuePairsIterator, uses it for HPKP parsing, and deletes the dead code
> (FindDelimiter).
> 
> On 2015/06/29 22:38:44, David Benjamin wrote:
> >
>
https://codereview.chromium.org/1211363005/diff/40001/net/http/http_security_...
> > File net/http/http_security_headers.cc (right):
> > 
> >
>
https://codereview.chromium.org/1211363005/diff/40001/net/http/http_security_...
> > net/http/http_security_headers.cc:109: size_t point =
> > HttpUtil::FindDelimiter(source, 0, delimiter);
> > On 2015/06/27 12:13:59, Ryan Sleevi (slow through 7-15 wrote:
> > > Hrm, this was previously dead code, and nothing uses this function - not
> even
> > > unit tests!
> > > 
> > > It makes me wonder if we should be tweaking
HttpUtil::NameValuePairsIterator
> > to
> > > allow optionally omitted values, which would at least be consistent with
all
> > the
> > > other code we use.
> > 
> > That sounds reasonable to me, assuming you mean that value-less is some
opt-in
> > mode for NameValuePairsIterator. Too bad there isn't a clear name for this
> > syntax that specs and NameValuePairsIterator could clearly refer to. There
> seem
> > to be a handful of parsing problems with the current code, like the one
Emily
> > caught. We also don't accept quoted max-ages right now, if I'm reading this
> code
> > right, but RFC 6797 explicitly allows it quoted. <insert davidben's usual
rant
> > about text-based encodings here>
> 
> Added a test for quoted max-ages.
> 
> > 
> > Although note, by the way, that NameValuePairsIterator also accepts this
> broken
> > syntax:
> > http://crbug.com/39836
> > 
> > 
> > [Aside: Is HPKP quiiite the same syntax? I suspect this is a spec error but:
> > 
> > http://tools.ietf.org/html/rfc6797#section-6.1
> > This cites the "implied *LWS" variant and so it allows spaces (and the
> > line-folding craziness!) everywhere.
> > 
> > http://tools.ietf.org/html/rfc7469#section-2.1
> > This cites the RFC 7230 formulation (which says, if obsolete line folding is
> > supported, it's replaced with one or more SP before further processing) and
> has
> > explicit OWS in places. But there isn't OWS around the =.
> > 
> > Anyway, I'm guessing this is a spec error and so it's safe to use an omitted
> > values variant of NameValuePairsIterator.]
> > 
> >
>
https://codereview.chromium.org/1211363005/diff/40001/net/http/http_security_...
> > net/http/http_security_headers.cc:319: // report-uris are always quoted.
> > Not quoting would be insane, but I don't actually see anything in the spec
> that
> > requires that. (Spec error? Pins explicitly say they have to be quoted.)
> 
> A couple things have come up so far that are in the category of possible spec
> errors or improvements, but I'm not sure what to do with them. I'm just
keeping
> a list of them so far and doing what seems sensible, and figure I'll deal with
> them in a batch later, though I'm not quite sure what "deal with them" means.
> (File errata?)

Friendly ping to davidben and rsleevi

davidben

Sorry about the delay. A few comments, but they're fairly minor. Thanks for doing the ...

5 years, 5 months ago (2015-07-15 22:21:07 UTC) #10

estark

Thanks David. https://codereview.chromium.org/1211363005/diff/100001/net/http/http_security_headers.cc File net/http/http_security_headers.cc (right): https://codereview.chromium.org/1211363005/diff/100001/net/http/http_security_headers.cc#newcode300 net/http/http_security_headers.cc:300: !HttpUtil::IsQuote(name_value_pairs.raw_value()[0]) || On 2015/07/15 22:21:06, David Benjamin ...

5 years, 5 months ago (2015-07-16 00:07:01 UTC) #11

Ryan Sleevi

https://codereview.chromium.org/1211363005/diff/120001/net/http/http_security_headers.cc File net/http/http_security_headers.cc (right): https://codereview.chromium.org/1211363005/diff/120001/net/http/http_security_headers.cc#newcode275 net/http/http_security_headers.cc:275: if (name_value_pairs.value().empty() || It's worth noting that you force ...

5 years, 5 months ago (2015-07-16 02:25:44 UTC) #12

https://codereview.chromium.org/1211363005/diff/120001/net/http/http_security...
File net/http/http_security_headers.cc (right):

https://codereview.chromium.org/1211363005/diff/120001/net/http/http_security...
net/http/http_security_headers.cc:275: if (name_value_pairs.value().empty() ||
It's worth noting that you force a string coercion here, only to discard it,
only to make a new copy in MaxAgeToInt, which isn't needed because it's a
base::StringPiece.

Oh the silliness abounds here (in the existing code)

Suggestion:

if (!MaxAgeToInt(...begin(), ...end(), &max_age_candidate)) {
  return false;
}

and in MaxAgeToInt(iter begin, iter end, result) {
  const base::StringPiece s(begin, end);
  if (s.empty())
    return false;

  int64_t i = 0;
  ...
}

(since base::StringToInt64 is perfectly happy with a base::StringPiece)

Avoids all copies :)

https://codereview.chromium.org/1211363005/diff/120001/net/http/http_security...
net/http/http_security_headers.cc:283: if
(!ParseAndAppendPin(name_value_pairs.raw_value(), HASH_VALUE_SHA1,
Man, never realized how many copies we were making for this, unnecessarily. Oh
well. Bonus cleanups for more StringPiece's (sorry, brettw@ keeps sending me
cleanups to reduce strings, this stood out as well)

(It's also unfortunate that we don't just update ParseAndAppendPin to expect the
value to be unquoted already, as a base::StringPiece, but that's neither here
nor there)

https://codereview.chromium.org/1211363005/diff/120001/net/http/http_security...
net/http/http_security_headers.cc:304: return false;
So this makes me a little uncomfortable, because usually with API contracts, we
don't modify output variables unless/until we return true - see lines 319-321.

So I think you want a temporary here and to update it down there, to be entirely
consistent.

https://codereview.chromium.org/1211363005/diff/120001/net/http/http_security...
net/http/http_security_headers.cc:304: return false;
BUG: We parse the other fields for validity and conformance, but here, we don't
do anything to validate that report-uri is a valid URL that is understood.

It seems like we should at least run through a GURL and canonicalize it (by
virtue of the string ctor), and then check validity. This also implies that
report_uri should return a GURL (which would thus indicate it's always in a
canonical form).

For example, under the current code, report-uri of "foo" seems like it would be
valid and persisted. Have I missed a check?

https://codereview.chromium.org/1211363005/diff/120001/net/http/http_util.cc
File net/http/http_util.cc (right):

https://codereview.chromium.org/1211363005/diff/120001/net/http/http_util.cc#...
net/http/http_util.cc:874: : NameValuePairsIterator(begin, end, delimiter,
VALUES_NOT_OPTIONAL) {
Had to double check, but yeah, delegated ctors are now allowed in
https://chromium-cpp.appspot.com/. Awesome.

https://codereview.chromium.org/1211363005/diff/120001/net/http/http_util.cc#...
net/http/http_util.cc:942: 
Interesting - we don't complain about empty quoted values.

https://codereview.chromium.org/1211363005/diff/120001/net/http/http_util.h
File net/http/http_util.h (right):

https://codereview.chromium.org/1211363005/diff/120001/net/http/http_util.h#n...
net/http/http_util.h:321: // corresponding equals sign. Default is
VALUES_NOT_OPTIONAL.
This last sentence arguably belongs to the NameValuePairsIterator ctor that
doesn't take a value, not to the definition of the enum itself.

estark

5 years, 5 months ago (2015-07-16 04:52:18 UTC) #13

https://codereview.chromium.org/1211363005/diff/120001/net/http/http_security...
File net/http/http_security_headers.cc (right):

https://codereview.chromium.org/1211363005/diff/120001/net/http/http_security...
net/http/http_security_headers.cc:275: if (name_value_pairs.value().empty() ||
On 2015/07/16 02:25:44, Ryan Sleevi (slow through 7-15 wrote:
> It's worth noting that you force a string coercion here, only to discard it,
> only to make a new copy in MaxAgeToInt, which isn't needed because it's a
> base::StringPiece.
> 
> Oh the silliness abounds here (in the existing code)
> 
> Suggestion:
> 
> if (!MaxAgeToInt(...begin(), ...end(), &max_age_candidate)) {
>   return false;
> }
> 
> and in MaxAgeToInt(iter begin, iter end, result) {
>   const base::StringPiece s(begin, end);
>   if (s.empty())
>     return false;
> 
>   int64_t i = 0;
>   ...
> }
> 
> (since base::StringToInt64 is perfectly happy with a base::StringPiece)
> 
> Avoids all copies :)

Done.

https://codereview.chromium.org/1211363005/diff/120001/net/http/http_security...
net/http/http_security_headers.cc:283: if
(!ParseAndAppendPin(name_value_pairs.raw_value(), HASH_VALUE_SHA1,
On 2015/07/16 02:25:44, Ryan Sleevi (slow through 7-15 wrote:
> Man, never realized how many copies we were making for this, unnecessarily. Oh
> well. Bonus cleanups for more StringPiece's (sorry, brettw@ keeps sending me
> cleanups to reduce strings, this stood out as well)
> 
> (It's also unfortunate that we don't just update ParseAndAppendPin to expect
the
> value to be unquoted already, as a base::StringPiece, but that's neither here
> nor there)

Done, I think -- please check and make sure I did something that makes sense?
(Moved the quoted check outside of ParseAndAppendPin(); passed begin and end
iterators to ParseAndAppendPin() and constructed a StringPiece from them)

https://codereview.chromium.org/1211363005/diff/120001/net/http/http_security...
net/http/http_security_headers.cc:304: return false;
On 2015/07/16 02:25:44, Ryan Sleevi (slow through 7-15 wrote:
> So this makes me a little uncomfortable, because usually with API contracts,
we
> don't modify output variables unless/until we return true - see lines 319-321.
> 
> So I think you want a temporary here and to update it down there, to be
entirely
> consistent.

Done.

https://codereview.chromium.org/1211363005/diff/120001/net/http/http_security...
net/http/http_security_headers.cc:304: return false;
On 2015/07/16 02:25:44, Ryan Sleevi (slow through 7-15 wrote:
> BUG: We parse the other fields for validity and conformance, but here, we
don't
> do anything to validate that report-uri is a valid URL that is understood.
> 
> It seems like we should at least run through a GURL and canonicalize it (by
> virtue of the string ctor), and then check validity. This also implies that
> report_uri should return a GURL (which would thus indicate it's always in a
> canonical form).
> 
> For example, under the current code, report-uri of "foo" seems like it would
be
> valid and persisted. Have I missed a check?

Ah, good point... Done. I'm now passing around GURL references everywhere
instead of strings and just converting to/from strings when
serializing/deserializing to/from disk; do you think that makes sense?

https://codereview.chromium.org/1211363005/diff/120001/net/http/http_util.h
File net/http/http_util.h (right):

https://codereview.chromium.org/1211363005/diff/120001/net/http/http_util.h#n...
net/http/http_util.h:321: // corresponding equals sign. Default is
VALUES_NOT_OPTIONAL.
On 2015/07/16 02:25:44, Ryan Sleevi (slow through 7-15 wrote:
> This last sentence arguably belongs to the NameValuePairsIterator ctor that
> doesn't take a value, not to the definition of the enum itself.

Done.

Ryan Sleevi

LGTM % inhumane nits https://codereview.chromium.org/1211363005/diff/160001/net/http/http_security_headers.cc File net/http/http_security_headers.cc (right): https://codereview.chromium.org/1211363005/diff/160001/net/http/http_security_headers.cc#newcode277 net/http/http_security_headers.cc:277: if (base::LowerCaseEqualsASCII(name_value_pairs.name(), "max-age")) { World's ...

5 years, 5 months ago (2015-07-16 05:07:51 UTC) #14

Ryan Sleevi

On 2015/07/16 05:07:51, Ryan Sleevi (slow through 7-15 wrote: > base::LowerCaseEqualsASCII(name_value_pairs.name_begin(), > name_value_pairs.name_end(), ...)) Longer-term, ...

5 years, 5 months ago (2015-07-16 05:11:10 UTC) #15

Ryan Sleevi

On 2015/07/16 05:11:10, Ryan Sleevi (slow through 7-15 wrote: > and more of a cleanup ...

5 years, 5 months ago (2015-07-16 05:15:03 UTC) #16

estark

Haha. Thanks! https://codereview.chromium.org/1211363005/diff/160001/net/http/http_security_headers.cc File net/http/http_security_headers.cc (right): https://codereview.chromium.org/1211363005/diff/160001/net/http/http_security_headers.cc#newcode277 net/http/http_security_headers.cc:277: if (base::LowerCaseEqualsASCII(name_value_pairs.name(), "max-age")) { On 2015/07/16 05:07:51, ...

5 years, 5 months ago (2015-07-16 05:18:49 UTC) #17

estark

eroman@chromium.org: can you please review //c/b/ui/webui/net_internals? (David I'll wait for your l-g-t-m as well before ...

5 years, 5 months ago (2015-07-16 17:34:15 UTC) #19

davidben

lgtm https://codereview.chromium.org/1211363005/diff/180001/net/http/http_util_unittest.cc File net/http/http_util_unittest.cc (right): https://codereview.chromium.org/1211363005/diff/180001/net/http/http_util_unittest.cc#newcode1114 net/http/http_util_unittest.cc:1114: EXPECT_FALSE(values_required_parser.valid()); Nit: This one is probably unnecessary since ...

5 years, 5 months ago (2015-07-16 20:13:01 UTC) #20

estark

Thanks David. https://codereview.chromium.org/1211363005/diff/180001/net/http/http_util_unittest.cc File net/http/http_util_unittest.cc (right): https://codereview.chromium.org/1211363005/diff/180001/net/http/http_util_unittest.cc#newcode1114 net/http/http_util_unittest.cc:1114: EXPECT_FALSE(values_required_parser.valid()); On 2015/07/16 20:13:01, David Benjamin wrote: ...

5 years, 5 months ago (2015-07-17 00:56:32 UTC) #21

estark

On 2015/07/17 00:56:32, estark wrote: > Thanks David. > > https://codereview.chromium.org/1211363005/diff/180001/net/http/http_util_unittest.cc > File net/http/http_util_unittest.cc (right): ...

5 years, 5 months ago (2015-07-17 21:14:21 UTC) #22

commit-bot: I haz the power

CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1211363005/200001

5 years, 5 months ago (2015-07-21 15:02:07 UTC) #26

commit-bot: I haz the power

Patchset 11 (id:??) landed as https://crrev.com/1320e36d908427d615357df1630348bfb38cb5c4 Cr-Commit-Position: refs/heads/master@{#339667}

5 years, 5 months ago (2015-07-21 16:41:10 UTC) #28

Ryan Sleevi

A revert of this CL (patchset #11 id:200001) has been created in https://codereview.chromium.org/1249823002/ by rsleevi@chromium.org. ...

5 years, 5 months ago (2015-07-21 22:02:24 UTC) #29

estark

https://build.chromium.org/p/chromium.win/builders/Win7%20Tests%20%28dbg%29%281%29/builds/40097 is an example of the BogusPinHeaders tests hanging

5 years, 5 months ago (2015-07-21 22:10:57 UTC) #30

estark

cc'ing palmer@ because he expressed interest, thanks palmer! Feel free to add yourself to any ...

5 years, 5 months ago (2015-07-22 00:18:45 UTC) #31

commit-bot: I haz the power

CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1211363005/240001 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1211363005/240001

5 years, 4 months ago (2015-07-27 14:12:23 UTC) #34

commit-bot: I haz the power

5 years, 4 months ago (2015-07-27 17:12:18 UTC) #36

Message was sent while issue was closed.

Patchset 13 (id:??) landed as
https://crrev.com/83487b6773bbda6a46191dede6010ec90e5a9ae8
Cr-Commit-Position: refs/heads/master@{#340490}

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages