| <style> |
| #domain-security-policy-view-tab-content tt { |
| word-wrap: break-word; |
| } |
| </style> |
| |
| <!-- HSTS/PKP/Expect-CT tab --> |
| <div id=domain-security-policy-view-tab-content class=content-box> |
| <!-- This UI allows a user to query and update the browser's list of |
| HSTS/PKP/Expect-CT domains. --> |
| |
| <h3>HSTS/PKP</h3> |
| |
| <div class=deindent-header> |
| HSTS is HTTP Strict Transport Security: a way for sites to elect to |
| always use HTTPS. See <a href="https://www.chromium.org/hsts" target=_blank> |
| https://www.chromium.org/hsts</a>. PKP is Public Key Pinning: Chrome "pins" |
| certain public keys for certain sites in official builds.</div> |
| |
| <h4>Add HSTS domain</h4> |
| |
| <p>Input a domain name to add it to the HSTS set:</p> |
| <form id=hsts-view-add-form> |
| Domain: <input type=text id=hsts-view-add-input type="url" |
| placeholder="example.com"><br> |
| <label>Include subdomains for STS: <input type="checkbox" id=hsts-view-check-sts-input></label><br> |
| <input type=submit value="Add" id=hsts-view-add-submit> |
| </form> |
| |
| <h4>Query HSTS/PKP domain</h4> |
| |
| <p>Input a domain name to query the current HSTS/PKP set:</p> |
| <form id=hsts-view-query-form> |
| Domain: <input type=text id=hsts-view-query-input type="url" |
| placeholder="example.com"> |
| <input type=submit value="Query" id=hsts-view-query-submit> |
| </form> |
| <div style="margin-top: 1em; margin-left: 2em;" id=hsts-view-query-output></div> |
| |
| |
| <h3>Expect-CT</h3> |
| |
| <div class=deindent-header> |
| Expect-CT allows sites to elect to always require valid Certificate |
| Transparency information. See |
| <a href="https://tools.ietf.org/html/draft-ietf-httpbis-expect-ct" target=_blank>https://tools.ietf.org/html/draft-ietf-httpbis-expect-ct</a>.</div> |
| |
| <h4>Add Expect-CT domain</h4> |
| |
| <p>Input a domain name to add it to the Expect-CT set. Leave Enforce unchecked |
| to configure Expect-CT in report-only mode.</p> |
| <form id=expect-ct-view-add-form> |
| <div><label>Domain: <input type=text id=expect-ct-view-add-input type="url" |
| placeholder="example.com"></label></div> |
| <div><label>Report URI (optional): |
| <input type=text id=expect-ct-view-add-report-uri-input type="url" |
| placeholder="https://reporting.example.com/expect-ct"></label> |
| </div> |
| <div><label>Enforce: |
| <input type="checkbox" id=expect-ct-view-check-enforce-input></label> |
| </div> |
| <input type=submit value="Add" id=expect-ct-view-add-submit> |
| </form> |
| |
| <h4>Query Expect-CT domain</h4> |
| |
| <p>Input a domain name to query the current Expect-CT set:</p> |
| <form id=expect-ct-view-query-form> |
| <label>Domain: <input type=text id=expect-ct-view-query-input type="url" |
| placeholder="example.com"></label> |
| <input type=submit value="Query" id=expect-ct-view-query-submit> |
| </form> |
| <div style="margin-top: 1em; margin-left: 2em;" |
| id=expect-ct-view-query-output> |
| </div> |
| |
| <h4>Send test Expect-CT report</h4> |
| |
| <p>Trigger a test report to the given report URI. The report will contain a |
| hostname of "expect-ct-report.test" and dummy data in other fields.</p> |
| <form id=expect-ct-view-test-report-form> |
| <label>Report URI: <input type=text id=expect-ct-view-test-report-uri |
| type="url"></label> |
| <input type=submit value="Send" id=expect-ct-view-test-report-submit> |
| </form> |
| <div style="margin-top: 1em; margin-left: 2em;" |
| id=expect-ct-view-test-report-output> |
| </div> |
| |
| <h3>Delete domain security policies</h3> |
| |
| <p> |
| Input a domain name to delete its dynamic domain security policies (HSTS |
| and Expect-CT). (<i>You cannot delete preloaded entries.</i>): |
| </p> |
| <form id=domain-security-policy-view-delete-form> |
| <label>Domain: <input type=text id=domain-security-policy-view-delete-input |
| type="url" |
| placeholder="example.com"></label> |
| <input type=submit value="Delete" |
| id=domain-security-policy-view-delete-submit> |
| </form> |
| |
| </div> |