blob: aaac84b199cfb5eb0e560b1ee8c0bc45f6ad1484 [file] [log] [blame]
<style>
#domain-security-policy-view-tab-content tt {
word-wrap: break-word;
}
</style>
<!-- HSTS/PKP/Expect-CT tab -->
<div id=domain-security-policy-view-tab-content class=content-box>
<!-- This UI allows a user to query and update the browser's list of
HSTS/PKP/Expect-CT domains. -->
<h3>HSTS/PKP</h3>
<div class=deindent-header>
HSTS is HTTP Strict Transport Security: a way for sites to elect to
always use HTTPS. See <a href="https://www.chromium.org/hsts" target=_blank>
https://www.chromium.org/hsts</a>. PKP is Public Key Pinning: Chrome "pins"
certain public keys for certain sites in official builds.</div>
<h4>Add HSTS domain</h4>
<p>Input a domain name to add it to the HSTS set:</p>
<form id=hsts-view-add-form>
Domain: <input type=text id=hsts-view-add-input type="url"
placeholder="example.com"><br>
<label>Include subdomains for STS: <input type="checkbox" id=hsts-view-check-sts-input></label><br>
<input type=submit value="Add" id=hsts-view-add-submit>
</form>
<h4>Query HSTS/PKP domain</h4>
<p>Input a domain name to query the current HSTS/PKP set:</p>
<form id=hsts-view-query-form>
Domain: <input type=text id=hsts-view-query-input type="url"
placeholder="example.com">
<input type=submit value="Query" id=hsts-view-query-submit>
</form>
<div style="margin-top: 1em; margin-left: 2em;" id=hsts-view-query-output></div>
<h3>Expect-CT</h3>
<div class=deindent-header>
Expect-CT allows sites to elect to always require valid Certificate
Transparency information. See
<a href="https://tools.ietf.org/html/draft-ietf-httpbis-expect-ct" target=_blank>https://tools.ietf.org/html/draft-ietf-httpbis-expect-ct</a>.</div>
<h4>Add Expect-CT domain</h4>
<p>Input a domain name to add it to the Expect-CT set. Leave Enforce unchecked
to configure Expect-CT in report-only mode.</p>
<form id=expect-ct-view-add-form>
<div><label>Domain: <input type=text id=expect-ct-view-add-input type="url"
placeholder="example.com"></label></div>
<div><label>Report URI (optional):
<input type=text id=expect-ct-view-add-report-uri-input type="url"
placeholder="https://reporting.example.com/expect-ct"></label>
</div>
<div><label>Enforce:
<input type="checkbox" id=expect-ct-view-check-enforce-input></label>
</div>
<input type=submit value="Add" id=expect-ct-view-add-submit>
</form>
<h4>Query Expect-CT domain</h4>
<p>Input a domain name to query the current Expect-CT set:</p>
<form id=expect-ct-view-query-form>
<label>Domain: <input type=text id=expect-ct-view-query-input type="url"
placeholder="example.com"></label>
<input type=submit value="Query" id=expect-ct-view-query-submit>
</form>
<div style="margin-top: 1em; margin-left: 2em;"
id=expect-ct-view-query-output>
</div>
<h4>Send test Expect-CT report</h4>
<p>Trigger a test report to the given report URI. The report will contain a
hostname of "expect-ct-report.test" and dummy data in other fields.</p>
<form id=expect-ct-view-test-report-form>
<label>Report URI: <input type=text id=expect-ct-view-test-report-uri
type="url"></label>
<input type=submit value="Send" id=expect-ct-view-test-report-submit>
</form>
<div style="margin-top: 1em; margin-left: 2em;"
id=expect-ct-view-test-report-output>
</div>
<h3>Delete domain security policies</h3>
<p>
Input a domain name to delete its dynamic domain security policies (HSTS
and Expect-CT). (<i>You cannot delete preloaded entries.</i>):
</p>
<form id=domain-security-policy-view-delete-form>
<label>Domain: <input type=text id=domain-security-policy-view-delete-input
type="url"
placeholder="example.com"></label>
<input type=submit value="Delete"
id=domain-security-policy-view-delete-submit>
</form>
</div>