diff options
| author | Claudio Saavedra <csaavedra@igalia.com> | 2018-06-07 10:38:17 +0300 |
|---|---|---|
| committer | Claudio Saavedra <csaavedra@igalia.com> | 2019-05-22 14:59:14 +0000 |
| commit | 08424cf79dcbfaf62c9cf11c0ef63519609157b3 (patch) | |
| tree | a87f54cca11c857d7e32547c658504ac086d2660 /docs | |
| parent | 4924ab7665f223e7fb24f9fa624b3570cfcadce7 (diff) | |
| download | libsoup-08424cf79dcbfaf62c9cf11c0ef63519609157b3.tar.gz | |
HSTS: Rewrite the HSTS feature and add tests
This is a comprehensive rework of the HSTS enforcer and related
classes, based upon Adrien Plazas work. A summary of the most
relevant changes:
SoupHSTSEnforcer:
- The enforcer will listen on headers both on message queueing
and restarting. This is necessary in order to be able to enforce
HSTS redirections on messages that are restarted for whatever
reason.
- Instead of causing a redirection, the URI will be overwritten
directly on the message before it is sent. Redirections
are for use on the server side, and the tests added show that
it is not a reliable way to do HSTS enforcing. Currently,
the only way to find out that a HSTS policy has been enforced
is by listening to the SoupMessage:uri property changes, but
this might be impractical, so this could be revisited in the
future.
- soup_hsts_enforcer_policy() will not steal the given policy.
Doing so is prone to leaks and not customary.
- SoupHSTSEnforcerClass now has a has_valid_policy() vfunc.
It currently works exactly as before, but the idea here is to
make it possible for subclasses to implement their own check
for existence of valid policies for domains, instead of all
subclasses having to add their policies to the base
SoupHSTSEnforcer class. This will be useful when having a large
number of pre-loaded HSTS policies (either in SoupHSTSEnforcerDB
or in an enforcer using libhsts as a backend) to avoid having
potentially thousands of policies in memory at all times.
- HSTS headers are parsed using soup's available utilities,
instead of parsing them by hand. The specification is carefully
followed so as to not accept any header that is not fully
compliant.
SoupHSTSEnforcerDB:
- Store the max-age attribute in the database. This was done before
errata 5372 was reported to RFC 6797, and its necessity will
depend on how the errata is treated.
Other:
- Added tests for both enforcer classes that cover most of the
specification.
- Added the gtk-doc documentation and update all the documentation
comments.
- Rename SoupHsts classes to SoupHSTS for consistent naming and
other minor renaming of parameters and methods.
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/reference/libsoup-2.4-docs.sgml | 2 | ||||
| -rw-r--r-- | docs/reference/libsoup-2.4-sections.txt | 52 | ||||
| -rw-r--r-- | docs/reference/meson.build | 1 |
3 files changed, 55 insertions, 0 deletions
diff --git a/docs/reference/libsoup-2.4-docs.sgml b/docs/reference/libsoup-2.4-docs.sgml index 7bd4858e..36215abe 100644 --- a/docs/reference/libsoup-2.4-docs.sgml +++ b/docs/reference/libsoup-2.4-docs.sgml @@ -54,6 +54,8 @@ <xi:include href="xml/soup-cookie-jar.xml"/> <xi:include href="xml/soup-cookie-jar-text.xml"/> <xi:include href="xml/soup-cookie-jar-db.xml"/> + <xi:include href="xml/soup-hsts-enforcer.xml"/> + <xi:include href="xml/soup-hsts-enforcer-db.xml"/> <xi:include href="xml/soup-logger.xml"/> <xi:include href="xml/soup-proxy-resolver-default.xml"/> </chapter> diff --git a/docs/reference/libsoup-2.4-sections.txt b/docs/reference/libsoup-2.4-sections.txt index ecbcc954..64e9796d 100644 --- a/docs/reference/libsoup-2.4-sections.txt +++ b/docs/reference/libsoup-2.4-sections.txt @@ -1346,3 +1346,55 @@ soup_websocket_error_get_quark soup_websocket_error_get_type soup_websocket_state_get_type </SECTION> + +<SECTION> +<FILE>soup-hsts-enforcer</FILE> +<TITLE>SoupHSTSEnforcer</TITLE> +SoupHSTSEnforcer +SoupHSTSEnforcerClass +soup_hsts_enforcer_new +soup_hsts_enforcer_is_persistent +soup_hsts_enforcer_has_valid_policy +soup_hsts_enforcer_set_session_policy +<SUBSECTION> +SoupHSTSPolicy +soup_hsts_policy_new +soup_hsts_policy_new_full +soup_hsts_policy_new_permanent +soup_hsts_policy_new_from_response +soup_hsts_policy_copy +soup_hsts_policy_equal +soup_hsts_policy_free +<SUBSECTION> +soup_hsts_policy_get_domain +soup_hsts_policy_is_expired +soup_hsts_policy_includes_subdomains +soup_hsts_policy_is_session_policy +SOUP_HSTS_POLICY_MAX_AGE_PAST +<SUBSECTION Standard> +SOUP_HSTS_ENFORCER +SOUP_HSTS_ENFORCER_CLASS +SOUP_HSTS_ENFORCER_GET_CLASS +SOUP_TYPE_HSTS_ENFORCER +SOUP_IS_HSTS_ENFORCER +SOUP_IS_HSTS_ENFORCER_CLASS +soup_hsts_enforcer_get_type +SOUP_TYPE_HSTS_POLICY +soup_hsts_policy_get_type +</SECTION> + +<SECTION> +<FILE>soup-hsts-enforcer-db</FILE> +<TITLE>SoupHSTSEnforcerDB</TITLE> +SoupHSTSEnforcerDB +soup_hsts_enforcer_db_new +<SUBSECTION Standard> +SoupHSTSEnforcerDBClass +SOUP_HSTS_ENFORCER_DB +SOUP_HSTS_ENFORCER_DB_CLASS +SOUP_HSTS_ENFORCER_DB_GET_CLASS +SOUP_TYPE_HSTS_ENFORCER_DB +SOUP_IS_HSTS_ENFORCER_DB +SOUP_IS_HSTS_ENFORCER_DB_CLASS +soup_hsts_enforcer_db_get_type +</SECTION> diff --git a/docs/reference/meson.build b/docs/reference/meson.build index 99b991a9..cf36fb2b 100644 --- a/docs/reference/meson.build +++ b/docs/reference/meson.build @@ -40,6 +40,7 @@ ignore_headers = [ 'soup-socket-private.h', 'soup-value-utils.h', 'soup-xmlrpc-old.h' + 'soup-hsts-enforcer-private.h' ] mkdb_args = [ |