diff options
author | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2019-02-13 16:23:34 +0100 |
---|---|---|
committer | Allan Sandfeld Jensen <allan.jensen@qt.io> | 2019-02-14 10:37:21 +0000 |
commit | 38a9a29f4f9436cace7f0e7abf9c586057df8a4e (patch) | |
tree | c4e8c458dc595bc0ddb435708fa2229edfd00bd4 /chromium/net/http | |
parent | e684a3455bcc29a6e3e66a004e352dea4e1141e7 (diff) | |
download | qtwebengine-chromium-38a9a29f4f9436cace7f0e7abf9c586057df8a4e.tar.gz |
BASELINE: Update Chromium to 73.0.3683.37
Change-Id: I08c9af2948b645f671e5d933aca1f7a90ea372f2
Reviewed-by: Michael BrĂ¼ning <michael.bruning@qt.io>
Diffstat (limited to 'chromium/net/http')
69 files changed, 6345 insertions, 1115 deletions
diff --git a/chromium/net/http/bidirectional_stream.cc b/chromium/net/http/bidirectional_stream.cc index e033260eaf4..404602b0e92 100644 --- a/chromium/net/http/bidirectional_stream.cc +++ b/chromium/net/http/bidirectional_stream.cc @@ -28,7 +28,7 @@ #include "net/spdy/spdy_log_util.h" #include "net/ssl/ssl_cert_request_info.h" #include "net/ssl/ssl_config.h" -#include "net/third_party/spdy/core/spdy_header_block.h" +#include "net/third_party/quiche/src/spdy/core/spdy_header_block.h" #include "net/traffic_annotation/network_traffic_annotation.h" #include "url/gurl.h" diff --git a/chromium/net/http/bidirectional_stream_unittest.cc b/chromium/net/http/bidirectional_stream_unittest.cc index 0c4cc7b31b6..1c023ec117a 100644 --- a/chromium/net/http/bidirectional_stream_unittest.cc +++ b/chromium/net/http/bidirectional_stream_unittest.cc @@ -52,7 +52,7 @@ namespace net { namespace { const char kBodyData[] = "Body data"; -const size_t kBodyDataSize = arraysize(kBodyData); +const size_t kBodyDataSize = base::size(kBodyData); const std::string kBodyDataString(kBodyData, kBodyDataSize); // Size of the buffer to be allocated for each read. const size_t kReadBufferSize = 4096; @@ -431,7 +431,8 @@ class BidirectionalStreamTest : public TestWithScopedTaskEnvironment { session_deps_.net_log = net_log_.bound().net_log(); http_session_ = SpdySessionDependencies::SpdyCreateSession(&session_deps_); SpdySessionKey key(host_port_pair_, ProxyServer::Direct(), - PRIVACY_MODE_DISABLED, socket_tag); + PRIVACY_MODE_DISABLED, + SpdySessionKey::IsProxySession::kFalse, socket_tag); session_ = CreateSpdySession(http_session_.get(), key, net_log_.bound()); } @@ -624,7 +625,8 @@ TEST_F(BidirectionalStreamTest, ClientAuthRequestIgnored) { http_session_ = SpdySessionDependencies::SpdyCreateSession(&session_deps_); SpdySessionKey key(host_port_pair_, ProxyServer::Direct(), - PRIVACY_MODE_DISABLED, SocketTag()); + PRIVACY_MODE_DISABLED, + SpdySessionKey::IsProxySession::kFalse, SocketTag()); std::unique_ptr<BidirectionalStreamRequestInfo> request_info( new BidirectionalStreamRequestInfo); request_info->method = "GET"; diff --git a/chromium/net/http/http_auth.cc b/chromium/net/http/http_auth.cc index bd8f9228cdb..54bc7812ebe 100644 --- a/chromium/net/http/http_auth.cc +++ b/chromium/net/http/http_auth.cc @@ -6,6 +6,7 @@ #include <algorithm> +#include "base/stl_util.h" #include "base/strings/string_tokenizer.h" #include "base/strings/string_util.h" #include "net/base/net_errors.h" @@ -133,7 +134,7 @@ const char* HttpAuth::SchemeToString(Scheme scheme) { static const char* const kSchemeNames[] = { kBasicAuthScheme, kDigestAuthScheme, kNtlmAuthScheme, kNegotiateAuthScheme, kSpdyProxyAuthScheme, kMockAuthScheme}; - static_assert(arraysize(kSchemeNames) == AUTH_SCHEME_MAX, + static_assert(base::size(kSchemeNames) == AUTH_SCHEME_MAX, "http auth scheme names incorrect size"); if (scheme < AUTH_SCHEME_BASIC || scheme >= AUTH_SCHEME_MAX) { NOTREACHED(); diff --git a/chromium/net/http/http_auth_filter_unittest.cc b/chromium/net/http/http_auth_filter_unittest.cc index 40d67ce799a..bf7261600e3 100644 --- a/chromium/net/http/http_auth_filter_unittest.cc +++ b/chromium/net/http/http_auth_filter_unittest.cc @@ -7,6 +7,7 @@ #include <memory> #include <ostream> +#include "base/stl_util.h" #include "testing/gtest/include/gtest/gtest.h" #include "url/gurl.h" @@ -23,9 +24,7 @@ static const char* const server_whitelist_array[] = { "gog" }; -enum { - ALL_SERVERS_MATCH = (1 << arraysize(server_whitelist_array)) - 1 -}; +enum { ALL_SERVERS_MATCH = (1 << base::size(server_whitelist_array)) - 1 }; struct UrlData { GURL url; @@ -73,7 +72,7 @@ static const UrlData urls[] = { TEST(HttpAuthFilterTest, EmptyFilter) { // Create an empty filter HttpAuthFilterWhitelist filter((std::string())); - for (size_t i = 0; i < arraysize(urls); i++) { + for (size_t i = 0; i < base::size(urls); i++) { EXPECT_EQ(urls[i].target == HttpAuth::AUTH_PROXY, filter.IsValid(urls[i].url, urls[i].target)) << " " << i << ": " << urls[i].url; @@ -83,14 +82,14 @@ TEST(HttpAuthFilterTest, EmptyFilter) { TEST(HttpAuthFilterTest, NonEmptyFilter) { // Create an non-empty filter std::string server_whitelist_filter_string; - for (size_t i = 0; i < arraysize(server_whitelist_array); ++i) { + for (size_t i = 0; i < base::size(server_whitelist_array); ++i) { if (!server_whitelist_filter_string.empty()) server_whitelist_filter_string += ","; server_whitelist_filter_string += "*"; server_whitelist_filter_string += server_whitelist_array[i]; } HttpAuthFilterWhitelist filter(server_whitelist_filter_string); - for (size_t i = 0; i < arraysize(urls); i++) { + for (size_t i = 0; i < base::size(urls); i++) { EXPECT_EQ(urls[i].matches, filter.IsValid(urls[i].url, urls[i].target)) << " " << i << ": " << urls[i].url; } diff --git a/chromium/net/http/http_auth_gssapi_posix.cc b/chromium/net/http/http_auth_gssapi_posix.cc index c83d278269c..d85cba85f48 100644 --- a/chromium/net/http/http_auth_gssapi_posix.cc +++ b/chromium/net/http/http_auth_gssapi_posix.cc @@ -11,7 +11,7 @@ #include "base/files/file_path.h" #include "base/format_macros.h" #include "base/logging.h" -#include "base/macros.h" +#include "base/stl_util.h" #include "base/strings/string_util.h" #include "base/strings/stringprintf.h" #include "base/threading/thread_restrictions.h" @@ -441,7 +441,7 @@ base::NativeLibrary GSSAPISharedLibrary::LoadSharedLibrary() { #endif }; library_names = kDefaultLibraryNames; - num_lib_names = arraysize(kDefaultLibraryNames); + num_lib_names = base::size(kDefaultLibraryNames); } for (size_t i = 0; i < num_lib_names; ++i) { diff --git a/chromium/net/http/http_auth_gssapi_posix.h b/chromium/net/http/http_auth_gssapi_posix.h index 6d9fb682b82..df88f4978e7 100644 --- a/chromium/net/http/http_auth_gssapi_posix.h +++ b/chromium/net/http/http_auth_gssapi_posix.h @@ -13,6 +13,7 @@ #include "net/base/completion_once_callback.h" #include "net/base/net_export.h" #include "net/http/http_auth.h" +#include "net/http/http_negotiate_auth_system.h" #if defined(OS_MACOSX) #include <GSS/gssapi.h> @@ -222,55 +223,25 @@ class ScopedSecurityContext { // TODO(ahendrickson): Share code with HttpAuthSSPI. -class NET_EXPORT_PRIVATE HttpAuthGSSAPI { +class NET_EXPORT_PRIVATE HttpAuthGSSAPI : public HttpNegotiateAuthSystem { public: HttpAuthGSSAPI(GSSAPILibrary* library, const std::string& scheme, const gss_OID gss_oid); - ~HttpAuthGSSAPI(); - - bool Init(); - - bool NeedsIdentity() const; - - bool AllowsExplicitCredentials() const; + ~HttpAuthGSSAPI() override; + // HttpNegotiateAuthSystem implementation: + bool Init() override; + bool NeedsIdentity() const override; + bool AllowsExplicitCredentials() const override; HttpAuth::AuthorizationResult ParseChallenge( - HttpAuthChallengeTokenizer* tok); - - // Generates an authentication token. - // - // The return value is an error code. The authentication token will be - // returned in |*auth_token|. If the result code is not |OK|, the value of - // |*auth_token| is unspecified. - // - // If the operation cannot be completed synchronously, |ERR_IO_PENDING| will - // be returned and the real result code will be passed to the completion - // callback. Otherwise the result code is returned immediately from this - // call. - // - // If the HttpAuthGSSAPI object is deleted before completion then the callback - // will not be called. - // - // If no immediate result is returned then |auth_token| must remain valid - // until the callback has been called. - // - // |spn| is the Service Principal Name of the server that the token is - // being generated for. - // - // If this is the first round of a multiple round scheme, credentials are - // obtained using |*credentials|. If |credentials| is NULL, the default - // credentials are used instead. + HttpAuthChallengeTokenizer* tok) override; int GenerateAuthToken(const AuthCredentials* credentials, const std::string& spn, const std::string& channel_bindings, std::string* auth_token, - CompletionOnceCallback callback); - - // Delegation is allowed on the Kerberos ticket. This allows certain servers - // to act as the user, such as an IIS server retrieving data from a - // Kerberized MSSQL server. - void Delegate(); + CompletionOnceCallback callback) override; + void Delegate() override; private: int GetNextSecurityToken(const std::string& spn, diff --git a/chromium/net/http/http_auth_gssapi_posix_unittest.cc b/chromium/net/http/http_auth_gssapi_posix_unittest.cc index 4dcc6c5e921..416a873a7ca 100644 --- a/chromium/net/http/http_auth_gssapi_posix_unittest.cc +++ b/chromium/net/http/http_auth_gssapi_posix_unittest.cc @@ -8,6 +8,7 @@ #include "base/logging.h" #include "base/native_library.h" +#include "base/stl_util.h" #include "net/base/net_errors.h" #include "net/http/http_auth_challenge_tokenizer.h" #include "net/http/mock_gssapi_library_posix.h" @@ -60,7 +61,7 @@ void EstablishInitialContext(test::MockGSSAPILibrary* library) { 1, // Locally initiated 0); // Open gss_buffer_desc in_buffer = {0, NULL}; - gss_buffer_desc out_buffer = {arraysize(kInitialAuthResponse), + gss_buffer_desc out_buffer = {base::size(kInitialAuthResponse), const_cast<char*>(kInitialAuthResponse)}; library->ExpectSecurityContext( "Negotiate", @@ -135,7 +136,7 @@ TEST(HttpAuthGSSAPIPOSIXTest, GSSAPICycle) { kAuthResponse) // Output token }; - for (size_t i = 0; i < arraysize(queries); ++i) { + for (size_t i = 0; i < base::size(queries); ++i) { mock_library->ExpectSecurityContext(queries[i].expected_package, queries[i].response_code, queries[i].minor_response_code, @@ -158,7 +159,7 @@ TEST(HttpAuthGSSAPIPOSIXTest, GSSAPICycle) { gss_buffer_desc output_token = { 0, NULL }; OM_uint32 ret_flags = 0; OM_uint32 time_rec = 0; - for (size_t i = 0; i < arraysize(queries); ++i) { + for (size_t i = 0; i < base::size(queries); ++i) { major_status = mock_library->init_sec_context(&minor_status, initiator_cred_handle, &context_handle, diff --git a/chromium/net/http/http_auth_handler_basic_unittest.cc b/chromium/net/http/http_auth_handler_basic_unittest.cc index be5c2e857b8..1f6ea6fc031 100644 --- a/chromium/net/http/http_auth_handler_basic_unittest.cc +++ b/chromium/net/http/http_auth_handler_basic_unittest.cc @@ -7,6 +7,7 @@ #include <memory> #include <string> +#include "base/stl_util.h" #include "base/strings/string_util.h" #include "base/strings/utf_string_conversions.h" #include "net/base/net_errors.h" @@ -39,7 +40,7 @@ TEST(HttpAuthHandlerBasicTest, GenerateAuthToken) { }; GURL origin("http://www.example.com"); HttpAuthHandlerBasic::Factory factory; - for (size_t i = 0; i < arraysize(tests); ++i) { + for (size_t i = 0; i < base::size(tests); ++i) { std::string challenge = "Basic realm=\"Atlantis\""; SSLInfo null_ssl_info; std::unique_ptr<HttpAuthHandler> basic; @@ -101,7 +102,7 @@ TEST(HttpAuthHandlerBasicTest, HandleAnotherChallenge) { tests[0].challenge, HttpAuth::AUTH_SERVER, null_ssl_info, origin, NetLogWithSource(), &basic)); - for (size_t i = 0; i < arraysize(tests); ++i) { + for (size_t i = 0; i < base::size(tests); ++i) { std::string challenge(tests[i].challenge); HttpAuthChallengeTokenizer tok(challenge.begin(), challenge.end()); @@ -194,7 +195,7 @@ TEST(HttpAuthHandlerBasicTest, InitFromChallenge) { }; HttpAuthHandlerBasic::Factory factory; GURL origin("http://www.example.com"); - for (size_t i = 0; i < arraysize(tests); ++i) { + for (size_t i = 0; i < base::size(tests); ++i) { std::string challenge = tests[i].challenge; SSLInfo null_ssl_info; std::unique_ptr<HttpAuthHandler> basic; diff --git a/chromium/net/http/http_auth_handler_digest_unittest.cc b/chromium/net/http/http_auth_handler_digest_unittest.cc index 10b969068e0..86097ff99b8 100644 --- a/chromium/net/http/http_auth_handler_digest_unittest.cc +++ b/chromium/net/http/http_auth_handler_digest_unittest.cc @@ -4,6 +4,7 @@ #include <string> +#include "base/stl_util.h" #include "base/strings/string_util.h" #include "base/strings/utf_string_conversions.h" #include "net/base/net_errors.h" @@ -358,7 +359,7 @@ TEST(HttpAuthHandlerDigestTest, ParseChallenge) { GURL origin("http://www.example.com"); std::unique_ptr<HttpAuthHandlerDigest::Factory> factory( new HttpAuthHandlerDigest::Factory()); - for (size_t i = 0; i < arraysize(tests); ++i) { + for (size_t i = 0; i < base::size(tests); ++i) { SSLInfo null_ssl_info; std::unique_ptr<HttpAuthHandler> handler; int rv = factory->CreateAuthHandlerFromString( @@ -522,7 +523,7 @@ TEST(HttpAuthHandlerDigestTest, AssembleCredentials) { GURL origin("http://www.example.com"); std::unique_ptr<HttpAuthHandlerDigest::Factory> factory( new HttpAuthHandlerDigest::Factory()); - for (size_t i = 0; i < arraysize(tests); ++i) { + for (size_t i = 0; i < base::size(tests); ++i) { SSLInfo null_ssl_info; std::unique_ptr<HttpAuthHandler> handler; int rv = factory->CreateAuthHandlerFromString( diff --git a/chromium/net/http/http_auth_handler_factory.cc b/chromium/net/http/http_auth_handler_factory.cc index dd3a643eda0..6b3dd0ea81f 100644 --- a/chromium/net/http/http_auth_handler_factory.cc +++ b/chromium/net/http/http_auth_handler_factory.cc @@ -96,16 +96,21 @@ HttpAuthHandlerFactory* HttpAuthHandlerRegistryFactory::GetSchemeFactory( // static std::unique_ptr<HttpAuthHandlerRegistryFactory> -HttpAuthHandlerFactory::CreateDefault(HostResolver* host_resolver, - const HttpAuthPreferences* prefs +HttpAuthHandlerFactory::CreateDefault( + HostResolver* host_resolver, + const HttpAuthPreferences* prefs #if defined(OS_CHROMEOS) - , - bool allow_gssapi_library_load + , + bool allow_gssapi_library_load #elif (defined(OS_POSIX) && !defined(OS_ANDROID)) || defined(OS_FUCHSIA) - , - const std::string& gssapi_library_name + , + const std::string& gssapi_library_name +#endif +#if BUILDFLAG(USE_KERBEROS) + , + NegotiateAuthSystemFactory negotiate_auth_system_factory #endif - ) { +) { std::vector<std::string> auth_types(std::begin(kDefaultAuthSchemes), std::end(kDefaultAuthSchemes)); return HttpAuthHandlerRegistryFactory::Create(host_resolver, prefs, auth_types @@ -117,7 +122,11 @@ HttpAuthHandlerFactory::CreateDefault(HostResolver* host_resolver, , allow_gssapi_library_load #endif - ); +#if BUILDFLAG(USE_KERBEROS) + , + negotiate_auth_system_factory +#endif + ); } // static @@ -133,7 +142,11 @@ HttpAuthHandlerRegistryFactory::Create( , const std::string& gssapi_library_name #endif - ) { +#if BUILDFLAG(USE_KERBEROS) + , + NegotiateAuthSystemFactory negotiate_auth_system_factory +#endif +) { std::set<std::string> auth_schemes_set(auth_schemes.begin(), auth_schemes.end()); @@ -162,7 +175,7 @@ HttpAuthHandlerRegistryFactory::Create( if (base::ContainsKey(auth_schemes_set, kNegotiateAuthScheme)) { DCHECK(host_resolver); HttpAuthHandlerNegotiate::Factory* negotiate_factory = - new HttpAuthHandlerNegotiate::Factory(); + new HttpAuthHandlerNegotiate::Factory(negotiate_auth_system_factory); #if defined(OS_WIN) negotiate_factory->set_library(std::make_unique<SSPILibraryDefault>()); #elif defined(OS_POSIX) && !defined(OS_ANDROID) && !defined(OS_CHROMEOS) diff --git a/chromium/net/http/http_auth_handler_factory.h b/chromium/net/http/http_auth_handler_factory.h index a40b55baf87..0c51a98fa8a 100644 --- a/chromium/net/http/http_auth_handler_factory.h +++ b/chromium/net/http/http_auth_handler_factory.h @@ -14,7 +14,9 @@ #include "build/build_config.h" #include "net/base/net_export.h" #include "net/http/http_auth.h" +#include "net/http/http_negotiate_auth_system.h" #include "net/http/url_security_manager.h" +#include "net/net_buildflags.h" class GURL; @@ -117,6 +119,12 @@ class NET_EXPORT HttpAuthHandlerFactory { const NetLogWithSource& net_log, std::unique_ptr<HttpAuthHandler>* handler); + // Factory callback to create the auth system used for Negotiate + // authentication. + using NegotiateAuthSystemFactory = + base::RepeatingCallback<std::unique_ptr<net::HttpNegotiateAuthSystem>( + const net::HttpAuthPreferences*)>; + // Creates a standard HttpAuthHandlerRegistryFactory. The caller is // responsible for deleting the factory. // The default factory supports Basic, Digest, NTLM, and Negotiate schemes. @@ -126,6 +134,9 @@ class NET_EXPORT HttpAuthHandlerFactory { // non-NULL. |resolver| must remain valid for the lifetime of the // HttpAuthHandlerRegistryFactory and any HttpAuthHandlers created by said // factory. + // + // |negotiate_auth_system_factory| is used to override the default auth system + // used by the Negotiate authentication handler. static std::unique_ptr<HttpAuthHandlerRegistryFactory> CreateDefault( HostResolver* resolver, const HttpAuthPreferences* prefs = nullptr @@ -136,7 +147,12 @@ class NET_EXPORT HttpAuthHandlerFactory { , const std::string& gssapi_library_name = "" #endif - ); +#if BUILDFLAG(USE_KERBEROS) + , + NegotiateAuthSystemFactory negotiate_auth_system_factory = + NegotiateAuthSystemFactory() +#endif + ); private: // The preferences for HTTP authentication. @@ -188,6 +204,9 @@ class NET_EXPORT HttpAuthHandlerRegistryFactory // // |auth_schemes| is a list of authentication schemes to support. Unknown // schemes are ignored. + // + // |negotiate_auth_system_factory| is used to override the default auth system + // used by the Negotiate authentication handler. static std::unique_ptr<HttpAuthHandlerRegistryFactory> Create( HostResolver* host_resolver, const HttpAuthPreferences* prefs, @@ -199,7 +218,12 @@ class NET_EXPORT HttpAuthHandlerRegistryFactory , const std::string& gssapi_library_name = "" #endif - ); +#if BUILDFLAG(USE_KERBEROS) + , + NegotiateAuthSystemFactory negotiate_auth_system_factory = + NegotiateAuthSystemFactory() +#endif + ); // Creates an auth handler by dispatching out to the registered factories // based on the first token in |challenge|. diff --git a/chromium/net/http/http_auth_handler_negotiate.cc b/chromium/net/http/http_auth_handler_negotiate.cc index 96940f45b55..1356fdb9d1a 100644 --- a/chromium/net/http/http_auth_handler_negotiate.cc +++ b/chromium/net/http/http_auth_handler_negotiate.cc @@ -13,9 +13,10 @@ #include "base/strings/stringprintf.h" #include "base/values.h" #include "net/base/address_family.h" +#include "net/base/address_list.h" +#include "net/base/host_port_pair.h" #include "net/base/net_errors.h" #include "net/cert/x509_util.h" -#include "net/dns/host_resolver.h" #include "net/http/http_auth_filter.h" #include "net/http/http_auth_preferences.h" #include "net/log/net_log_capture_mode.h" @@ -40,9 +41,36 @@ std::unique_ptr<base::Value> NetLogParameterChannelBindings( return std::move(dict); } +// Uses |negotiate_auth_system_factory| to create the auth system, otherwise +// creates the default auth system for each platform. +std::unique_ptr<HttpNegotiateAuthSystem> CreateAuthSystem( +#if !defined(OS_ANDROID) + HttpAuthHandlerNegotiate::AuthLibrary* auth_library, +#endif +#if defined(OS_WIN) + ULONG max_token_length, +#endif + const HttpAuthPreferences* prefs, + HttpAuthHandlerFactory::NegotiateAuthSystemFactory + negotiate_auth_system_factory) { + if (negotiate_auth_system_factory) + return negotiate_auth_system_factory.Run(prefs); +#if defined(OS_ANDROID) + return std::make_unique<net::android::HttpAuthNegotiateAndroid>(prefs); +#elif defined(OS_WIN) + return std::make_unique<HttpAuthSSPI>(auth_library, "Negotiate", NEGOSSP_NAME, + max_token_length); +#elif defined(OS_POSIX) + return std::make_unique<HttpAuthGSSAPI>(auth_library, "Negotiate", + CHROME_GSS_SPNEGO_MECH_OID_DESC); +#endif +} + } // namespace -HttpAuthHandlerNegotiate::Factory::Factory() {} +HttpAuthHandlerNegotiate::Factory::Factory( + NegotiateAuthSystemFactory negotiate_auth_system_factory) + : negotiate_auth_system_factory_(negotiate_auth_system_factory) {} HttpAuthHandlerNegotiate::Factory::~Factory() = default; @@ -80,9 +108,10 @@ int HttpAuthHandlerNegotiate::Factory::CreateAuthHandler( } // TODO(cbentzel): Move towards model of parsing in the factory // method and only constructing when valid. - std::unique_ptr<HttpAuthHandler> tmp_handler( - new HttpAuthHandlerNegotiate(auth_library_.get(), max_token_length_, - http_auth_preferences(), resolver_)); + std::unique_ptr<HttpAuthHandler> tmp_handler(new HttpAuthHandlerNegotiate( + CreateAuthSystem(auth_library_.get(), max_token_length_, + http_auth_preferences(), negotiate_auth_system_factory_), + http_auth_preferences(), resolver_)); #elif defined(OS_ANDROID) if (is_unsupported_ || !http_auth_preferences() || http_auth_preferences()->AuthAndroidNegotiateAccountType().empty() || @@ -90,8 +119,9 @@ int HttpAuthHandlerNegotiate::Factory::CreateAuthHandler( return ERR_UNSUPPORTED_AUTH_SCHEME; // TODO(cbentzel): Move towards model of parsing in the factory // method and only constructing when valid. - std::unique_ptr<HttpAuthHandler> tmp_handler( - new HttpAuthHandlerNegotiate(http_auth_preferences(), resolver_)); + std::unique_ptr<HttpAuthHandler> tmp_handler(new HttpAuthHandlerNegotiate( + CreateAuthSystem(http_auth_preferences(), negotiate_auth_system_factory_), + http_auth_preferences(), resolver_)); #elif defined(OS_POSIX) if (is_unsupported_ || !allow_gssapi_library_load_) return ERR_UNSUPPORTED_AUTH_SCHEME; @@ -102,7 +132,9 @@ int HttpAuthHandlerNegotiate::Factory::CreateAuthHandler( // TODO(ahendrickson): Move towards model of parsing in the factory // method and only constructing when valid. std::unique_ptr<HttpAuthHandler> tmp_handler(new HttpAuthHandlerNegotiate( - auth_library_.get(), http_auth_preferences(), resolver_)); + CreateAuthSystem(auth_library_.get(), http_auth_preferences(), + negotiate_auth_system_factory_), + http_auth_preferences(), resolver_)); #endif if (!tmp_handler->InitFromChallenge(challenge, target, ssl_info, origin, net_log)) @@ -112,89 +144,27 @@ int HttpAuthHandlerNegotiate::Factory::CreateAuthHandler( } HttpAuthHandlerNegotiate::HttpAuthHandlerNegotiate( -#if !defined(OS_ANDROID) - AuthLibrary* auth_library, -#endif -#if defined(OS_WIN) - ULONG max_token_length, -#endif + std::unique_ptr<HttpNegotiateAuthSystem> auth_system, const HttpAuthPreferences* prefs, HostResolver* resolver) -#if defined(OS_ANDROID) - : auth_system_(prefs), -#elif defined(OS_WIN) - : auth_system_(auth_library, "Negotiate", NEGOSSP_NAME, max_token_length), -#elif defined(OS_POSIX) - : auth_system_(auth_library, "Negotiate", CHROME_GSS_SPNEGO_MECH_OID_DESC), -#endif + : auth_system_(std::move(auth_system)), resolver_(resolver), already_called_(false), has_credentials_(false), auth_token_(NULL), next_state_(STATE_NONE), - http_auth_preferences_(prefs) { -} + http_auth_preferences_(prefs) {} HttpAuthHandlerNegotiate::~HttpAuthHandlerNegotiate() = default; -std::string HttpAuthHandlerNegotiate::CreateSPN(const AddressList& address_list, - const GURL& origin) { - // Kerberos Web Server SPNs are in the form HTTP/<host>:<port> through SSPI, - // and in the form HTTP@<host>:<port> through GSSAPI - // http://msdn.microsoft.com/en-us/library/ms677601%28VS.85%29.aspx - // - // However, reality differs from the specification. A good description of - // the problems can be found here: - // http://blog.michelbarneveld.nl/michel/archive/2009/11/14/the-reason-why-kb911149-and-kb908209-are-not-the-soluton.aspx - // - // Typically the <host> portion should be the canonical FQDN for the service. - // If this could not be resolved, the original hostname in the URL will be - // attempted instead. However, some intranets register SPNs using aliases - // for the same canonical DNS name to allow multiple web services to reside - // on the same host machine without requiring different ports. IE6 and IE7 - // have hotpatches that allow the default behavior to be overridden. - // http://support.microsoft.com/kb/911149 - // http://support.microsoft.com/kb/938305 - // - // According to the spec, the <port> option should be included if it is a - // non-standard port (i.e. not 80 or 443 in the HTTP case). However, - // historically browsers have not included the port, even on non-standard - // ports. IE6 required a hotpatch and a registry setting to enable - // including non-standard ports, and IE7 and IE8 also require the same - // registry setting, but no hotpatch. Firefox does not appear to have an - // option to include non-standard ports as of 3.6. - // http://support.microsoft.com/kb/908209 - // - // Without any command-line flags, Chrome matches the behavior of Firefox - // and IE. Users can override the behavior so aliases are allowed and - // non-standard ports are included. - int port = origin.EffectiveIntPort(); - std::string server = address_list.canonical_name(); - if (server.empty()) - server = origin.host(); -#if defined(OS_WIN) - static const char kSpnSeparator = '/'; -#elif defined(OS_POSIX) - static const char kSpnSeparator = '@'; -#endif - if (port != 80 && port != 443 && - (http_auth_preferences_ && - http_auth_preferences_->NegotiateEnablePort())) { - return base::StringPrintf("HTTP%c%s:%d", kSpnSeparator, server.c_str(), - port); - } else { - return base::StringPrintf("HTTP%c%s", kSpnSeparator, server.c_str()); - } -} - HttpAuth::AuthorizationResult HttpAuthHandlerNegotiate::HandleAnotherChallenge( HttpAuthChallengeTokenizer* challenge) { - return auth_system_.ParseChallenge(challenge); + return auth_system_->ParseChallenge(challenge); } // Require identity on first pass instead of second. bool HttpAuthHandlerNegotiate::NeedsIdentity() { - return auth_system_.NeedsIdentity(); + return auth_system_->NeedsIdentity(); } bool HttpAuthHandlerNegotiate::AllowsDefaultCredentials() { @@ -206,7 +176,7 @@ bool HttpAuthHandlerNegotiate::AllowsDefaultCredentials() { } bool HttpAuthHandlerNegotiate::AllowsExplicitCredentials() { - return auth_system_.AllowsExplicitCredentials(); + return auth_system_->AllowsExplicitCredentials(); } // The Negotiate challenge header looks like: @@ -214,7 +184,7 @@ bool HttpAuthHandlerNegotiate::AllowsExplicitCredentials() { bool HttpAuthHandlerNegotiate::Init(HttpAuthChallengeTokenizer* challenge, const SSLInfo& ssl_info) { #if defined(OS_POSIX) - if (!auth_system_.Init()) { + if (!auth_system_->Init()) { VLOG(1) << "can't initialize GSSAPI library"; return false; } @@ -226,13 +196,13 @@ bool HttpAuthHandlerNegotiate::Init(HttpAuthChallengeTokenizer* challenge, return false; #endif if (CanDelegate()) - auth_system_.Delegate(); + auth_system_->Delegate(); auth_scheme_ = HttpAuth::AUTH_SCHEME_NEGOTIATE; score_ = 4; properties_ = ENCRYPTS_IDENTITY | IS_CONNECTION_BASED; HttpAuth::AuthorizationResult auth_result = - auth_system_.ParseChallenge(challenge); + auth_system_->ParseChallenge(challenge); if (auth_result != HttpAuth::AUTHORIZATION_RESULT_ACCEPT) return false; @@ -273,6 +243,53 @@ int HttpAuthHandlerNegotiate::GenerateAuthTokenImpl( return rv; } +std::string HttpAuthHandlerNegotiate::CreateSPN(const std::string& server, + const GURL& origin) { + // Kerberos Web Server SPNs are in the form HTTP/<host>:<port> through SSPI, + // and in the form HTTP@<host>:<port> through GSSAPI + // http://msdn.microsoft.com/en-us/library/ms677601%28VS.85%29.aspx + // + // However, reality differs from the specification. A good description of + // the problems can be found here: + // http://blog.michelbarneveld.nl/michel/archive/2009/11/14/the-reason-why-kb911149-and-kb908209-are-not-the-soluton.aspx + // + // Typically the <host> portion should be the canonical FQDN for the service. + // If this could not be resolved, the original hostname in the URL will be + // attempted instead. However, some intranets register SPNs using aliases + // for the same canonical DNS name to allow multiple web services to reside + // on the same host machine without requiring different ports. IE6 and IE7 + // have hotpatches that allow the default behavior to be overridden. + // http://support.microsoft.com/kb/911149 + // http://support.microsoft.com/kb/938305 + // + // According to the spec, the <port> option should be included if it is a + // non-standard port (i.e. not 80 or 443 in the HTTP case). However, + // historically browsers have not included the port, even on non-standard + // ports. IE6 required a hotpatch and a registry setting to enable + // including non-standard ports, and IE7 and IE8 also require the same + // registry setting, but no hotpatch. Firefox does not appear to have an + // option to include non-standard ports as of 3.6. + // http://support.microsoft.com/kb/908209 + // + // Without any command-line flags, Chrome matches the behavior of Firefox + // and IE. Users can override the behavior so aliases are allowed and + // non-standard ports are included. + int port = origin.EffectiveIntPort(); +#if defined(OS_WIN) + static const char kSpnSeparator = '/'; +#elif defined(OS_POSIX) + static const char kSpnSeparator = '@'; +#endif + if (port != 80 && port != 443 && + (http_auth_preferences_ && + http_auth_preferences_->NegotiateEnablePort())) { + return base::StringPrintf("HTTP%c%s:%d", kSpnSeparator, server.c_str(), + port); + } else { + return base::StringPrintf("HTTP%c%s", kSpnSeparator, server.c_str()); + } +} + void HttpAuthHandlerNegotiate::OnIOComplete(int result) { int rv = DoLoop(result); if (rv != ERR_IO_PENDING) @@ -325,34 +342,43 @@ int HttpAuthHandlerNegotiate::DoResolveCanonicalName() { return OK; // TODO(cbentzel): Add reverse DNS lookup for numeric addresses. - HostResolver::RequestInfo info(HostPortPair(origin_.host(), 0)); - info.set_host_resolver_flags(HOST_RESOLVER_CANONNAME); - return resolver_->Resolve(info, DEFAULT_PRIORITY, &address_list_, - base::Bind(&HttpAuthHandlerNegotiate::OnIOComplete, - base::Unretained(this)), - &request_, net_log_); + HostResolver::ResolveHostParameters parameters; + parameters.include_canonical_name = true; + resolve_host_request_ = resolver_->CreateRequest( + HostPortPair(origin_.host(), 0), net_log_, parameters); + return resolve_host_request_->Start(base::BindOnce( + &HttpAuthHandlerNegotiate::OnIOComplete, base::Unretained(this))); } int HttpAuthHandlerNegotiate::DoResolveCanonicalNameComplete(int rv) { DCHECK_NE(ERR_IO_PENDING, rv); - if (rv != OK) { - // Even in the error case, try to use origin_.host instead of - // passing the failure on to the caller. - VLOG(1) << "Problem finding canonical name for SPN for host " - << origin_.host() << ": " << ErrorToString(rv); - rv = OK; + std::string server = origin_.host(); + if (resolve_host_request_) { + if (rv == OK) { + DCHECK(resolve_host_request_->GetAddressResults()); + const std::string& canonical_name = + resolve_host_request_->GetAddressResults().value().canonical_name(); + if (!canonical_name.empty()) + server = canonical_name; + } else { + // Even in the error case, try to use origin_.host instead of + // passing the failure on to the caller. + VLOG(1) << "Problem finding canonical name for SPN for host " + << origin_.host() << ": " << ErrorToString(rv); + rv = OK; + } } next_state_ = STATE_GENERATE_AUTH_TOKEN; - spn_ = CreateSPN(address_list_, origin_); - address_list_ = AddressList(); + spn_ = CreateSPN(server, origin_); + resolve_host_request_ = nullptr; return rv; } int HttpAuthHandlerNegotiate::DoGenerateAuthToken() { next_state_ = STATE_GENERATE_AUTH_TOKEN_COMPLETE; AuthCredentials* credentials = has_credentials_ ? &credentials_ : NULL; - return auth_system_.GenerateAuthToken( + return auth_system_->GenerateAuthToken( credentials, spn_, channel_bindings_, auth_token_, base::BindOnce(&HttpAuthHandlerNegotiate::OnIOComplete, base::Unretained(this))); diff --git a/chromium/net/http/http_auth_handler_negotiate.h b/chromium/net/http/http_auth_handler_negotiate.h index 0cd2e9d448a..a1f7fa86130 100644 --- a/chromium/net/http/http_auth_handler_negotiate.h +++ b/chromium/net/http/http_auth_handler_negotiate.h @@ -5,16 +5,17 @@ #ifndef NET_HTTP_HTTP_AUTH_HANDLER_NEGOTIATE_H_ #define NET_HTTP_HTTP_AUTH_HANDLER_NEGOTIATE_H_ +#include <memory> #include <string> #include <utility> #include "build/build_config.h" -#include "net/base/address_list.h" #include "net/base/completion_once_callback.h" #include "net/base/net_export.h" #include "net/dns/host_resolver.h" #include "net/http/http_auth_handler.h" #include "net/http/http_auth_handler_factory.h" +#include "net/http/http_negotiate_auth_system.h" #if defined(OS_ANDROID) #include "net/android/http_auth_negotiate_android.h" @@ -35,19 +36,15 @@ class HttpAuthPreferences; class NET_EXPORT_PRIVATE HttpAuthHandlerNegotiate : public HttpAuthHandler { public: -#if defined(OS_ANDROID) - typedef net::android::HttpAuthNegotiateAndroid AuthSystem; -#elif defined(OS_WIN) +#if defined(OS_WIN) typedef SSPILibrary AuthLibrary; - typedef HttpAuthSSPI AuthSystem; -#elif defined(OS_POSIX) +#elif defined(OS_POSIX) && !defined(OS_ANDROID) typedef GSSAPILibrary AuthLibrary; - typedef HttpAuthGSSAPI AuthSystem; #endif class NET_EXPORT_PRIVATE Factory : public HttpAuthHandlerFactory { public: - Factory(); + Factory(NegotiateAuthSystemFactory negotiate_auth_system_factory); ~Factory() override; void set_host_resolver(HostResolver* host_resolver); @@ -82,6 +79,7 @@ class NET_EXPORT_PRIVATE HttpAuthHandlerNegotiate : public HttpAuthHandler { std::unique_ptr<HttpAuthHandler>* handler) override; private: + NegotiateAuthSystemFactory negotiate_auth_system_factory_; HostResolver* resolver_ = nullptr; #if defined(OS_WIN) ULONG max_token_length_ = 0; @@ -95,22 +93,12 @@ class NET_EXPORT_PRIVATE HttpAuthHandlerNegotiate : public HttpAuthHandler { #endif // !defined(OS_ANDROID) }; - HttpAuthHandlerNegotiate( -#if !defined(OS_ANDROID) - AuthLibrary* auth_library, -#endif -#if defined(OS_WIN) - ULONG max_token_length, -#endif - const HttpAuthPreferences* prefs, - HostResolver* host_resolver); + HttpAuthHandlerNegotiate(std::unique_ptr<HttpNegotiateAuthSystem> auth_system, + const HttpAuthPreferences* prefs, + HostResolver* host_resolver); ~HttpAuthHandlerNegotiate() override; - // These are public for unit tests - std::string CreateSPN(const AddressList& address_list, const GURL& orign); - const std::string& spn() const { return spn_; } - // HttpAuthHandler: HttpAuth::AuthorizationResult HandleAnotherChallenge( HttpAuthChallengeTokenizer* challenge) override; @@ -118,6 +106,8 @@ class NET_EXPORT_PRIVATE HttpAuthHandlerNegotiate : public HttpAuthHandler { bool AllowsDefaultCredentials() override; bool AllowsExplicitCredentials() override; + const std::string& spn_for_testing() const { return spn_; } + protected: bool Init(HttpAuthChallengeTokenizer* challenge, const SSLInfo& ssl_info) override; @@ -136,6 +126,8 @@ class NET_EXPORT_PRIVATE HttpAuthHandlerNegotiate : public HttpAuthHandler { STATE_NONE, }; + std::string CreateSPN(const std::string& server, const GURL& orign); + void OnIOComplete(int result); void DoCallback(int result); int DoLoop(int result); @@ -146,12 +138,11 @@ class NET_EXPORT_PRIVATE HttpAuthHandlerNegotiate : public HttpAuthHandler { int DoGenerateAuthTokenComplete(int rv); bool CanDelegate() const; - AuthSystem auth_system_; + std::unique_ptr<HttpNegotiateAuthSystem> auth_system_; HostResolver* const resolver_; // Members which are needed for DNS lookup + SPN. - AddressList address_list_; - std::unique_ptr<net::HostResolver::Request> request_; + std::unique_ptr<HostResolver::ResolveHostRequest> resolve_host_request_; // Things which should be consistent after first call to GenerateAuthToken. bool already_called_; diff --git a/chromium/net/http/http_auth_handler_negotiate_unittest.cc b/chromium/net/http/http_auth_handler_negotiate_unittest.cc index fc5a7af863e..ca8aa08bd95 100644 --- a/chromium/net/http/http_auth_handler_negotiate_unittest.cc +++ b/chromium/net/http/http_auth_handler_negotiate_unittest.cc @@ -7,6 +7,7 @@ #include <string> #include "base/memory/ptr_util.h" +#include "base/stl_util.h" #include "base/strings/string_util.h" #include "base/strings/utf_string_conversions.h" #include "build/build_config.h" @@ -36,6 +37,8 @@ using net::test::IsOk; namespace net { +constexpr char kFakeToken[] = "FakeToken"; + #if defined(OS_ANDROID) typedef net::android::DummySpnegoAuthenticator MockAuthLibrary; #elif defined(OS_WIN) @@ -50,11 +53,12 @@ class HttpAuthHandlerNegotiateTest : public PlatformTest, void SetUp() override { auth_library_ = new MockAuthLibrary(); resolver_.reset(new MockHostResolver()); - resolver_->rules_map()[HostResolverSource::SYSTEM]->AddIPLiteralRule( + resolver_->rules_map()[HostResolverSource::ANY]->AddIPLiteralRule( "alias", "10.0.0.2", "canonical.example.com"); http_auth_preferences_.reset(new MockAllowHttpAuthPreferences()); - factory_.reset(new HttpAuthHandlerNegotiate::Factory()); + factory_.reset(new HttpAuthHandlerNegotiate::Factory( + net::HttpAuthHandlerFactory::NegotiateAuthSystemFactory())); factory_->set_http_auth_preferences(http_auth_preferences_.get()); #if defined(OS_ANDROID) http_auth_preferences_->set_auth_android_negotiate_account_type( @@ -159,7 +163,7 @@ class HttpAuthHandlerNegotiateTest : public PlatformTest, kAuthResponse) // Output token }; - for (size_t i = 0; i < arraysize(queries); ++i) { + for (size_t i = 0; i < base::size(queries); ++i) { mock_library->ExpectSecurityContext(queries[i].expected_package, queries[i].response_code, queries[i].minor_response_code, @@ -231,6 +235,10 @@ class HttpAuthHandlerNegotiateTest : public PlatformTest, } MockAuthLibrary* AuthLibrary() { return auth_library_; } + MockHostResolver* resolver() { return resolver_.get(); } + MockAllowHttpAuthPreferences* http_auth_preferences() { + return http_auth_preferences_.get(); + } private: #if defined(OS_WIN) @@ -258,9 +266,9 @@ TEST_F(HttpAuthHandlerNegotiateTest, DisableCname) { EXPECT_EQ(OK, callback.GetResult(auth_handler->GenerateAuthToken( NULL, &request_info, callback.callback(), &token))); #if defined(OS_WIN) - EXPECT_EQ("HTTP/alias", auth_handler->spn()); + EXPECT_EQ("HTTP/alias", auth_handler->spn_for_testing()); #elif defined(OS_POSIX) - EXPECT_EQ("HTTP@alias", auth_handler->spn()); + EXPECT_EQ("HTTP@alias", auth_handler->spn_for_testing()); #endif } @@ -276,9 +284,9 @@ TEST_F(HttpAuthHandlerNegotiateTest, DisableCnameStandardPort) { EXPECT_EQ(OK, callback.GetResult(auth_handler->GenerateAuthToken( NULL, &request_info, callback.callback(), &token))); #if defined(OS_WIN) - EXPECT_EQ("HTTP/alias", auth_handler->spn()); + EXPECT_EQ("HTTP/alias", auth_handler->spn_for_testing()); #elif defined(OS_POSIX) - EXPECT_EQ("HTTP@alias", auth_handler->spn()); + EXPECT_EQ("HTTP@alias", auth_handler->spn_for_testing()); #endif } @@ -294,9 +302,9 @@ TEST_F(HttpAuthHandlerNegotiateTest, DisableCnameNonstandardPort) { EXPECT_EQ(OK, callback.GetResult(auth_handler->GenerateAuthToken( NULL, &request_info, callback.callback(), &token))); #if defined(OS_WIN) - EXPECT_EQ("HTTP/alias:500", auth_handler->spn()); + EXPECT_EQ("HTTP/alias:500", auth_handler->spn_for_testing()); #elif defined(OS_POSIX) - EXPECT_EQ("HTTP@alias:500", auth_handler->spn()); + EXPECT_EQ("HTTP@alias:500", auth_handler->spn_for_testing()); #endif } @@ -312,9 +320,9 @@ TEST_F(HttpAuthHandlerNegotiateTest, CnameSync) { EXPECT_EQ(OK, callback.GetResult(auth_handler->GenerateAuthToken( NULL, &request_info, callback.callback(), &token))); #if defined(OS_WIN) - EXPECT_EQ("HTTP/canonical.example.com", auth_handler->spn()); + EXPECT_EQ("HTTP/canonical.example.com", auth_handler->spn_for_testing()); #elif defined(OS_POSIX) - EXPECT_EQ("HTTP@canonical.example.com", auth_handler->spn()); + EXPECT_EQ("HTTP@canonical.example.com", auth_handler->spn_for_testing()); #endif } @@ -331,9 +339,9 @@ TEST_F(HttpAuthHandlerNegotiateTest, CnameAsync) { NULL, &request_info, callback.callback(), &token)); EXPECT_THAT(callback.WaitForResult(), IsOk()); #if defined(OS_WIN) - EXPECT_EQ("HTTP/canonical.example.com", auth_handler->spn()); + EXPECT_EQ("HTTP/canonical.example.com", auth_handler->spn_for_testing()); #elif defined(OS_POSIX) - EXPECT_EQ("HTTP@canonical.example.com", auth_handler->spn()); + EXPECT_EQ("HTTP@canonical.example.com", auth_handler->spn_for_testing()); #endif } @@ -376,7 +384,8 @@ TEST_F(HttpAuthHandlerNegotiateTest, MissingGSSAPI) { std::unique_ptr<HostResolver> host_resolver(new MockHostResolver()); MockAllowHttpAuthPreferences http_auth_preferences; std::unique_ptr<HttpAuthHandlerNegotiate::Factory> negotiate_factory( - new HttpAuthHandlerNegotiate::Factory()); + new HttpAuthHandlerNegotiate::Factory( + net::HttpAuthHandlerFactory::NegotiateAuthSystemFactory())); negotiate_factory->set_host_resolver(host_resolver); negotiate_factory->set_http_auth_preferences(&http_auth_preferences); negotiate_factory->set_library( @@ -394,4 +403,60 @@ TEST_F(HttpAuthHandlerNegotiateTest, MissingGSSAPI) { #endif // defined(OS_POSIX) +class TestAuthSystem : public HttpNegotiateAuthSystem { + public: + TestAuthSystem() = default; + ~TestAuthSystem() override = default; + + // HttpNegotiateAuthSystem implementation: + bool Init() override { return true; } + bool NeedsIdentity() const override { return true; } + bool AllowsExplicitCredentials() const override { return true; } + + net::HttpAuth::AuthorizationResult ParseChallenge( + net::HttpAuthChallengeTokenizer* tok) override { + return net::HttpAuth::AUTHORIZATION_RESULT_ACCEPT; + } + + int GenerateAuthToken(const net::AuthCredentials* credentials, + const std::string& spn, + const std::string& channel_bindings, + std::string* auth_token, + net::CompletionOnceCallback callback) override { + *auth_token = kFakeToken; + return net::OK; + } + + void Delegate() override {} +}; + +TEST_F(HttpAuthHandlerNegotiateTest, OverrideAuthSystem) { + auto negotiate_factory = std::make_unique<HttpAuthHandlerNegotiate::Factory>( + base::BindRepeating([](const HttpAuthPreferences*) + -> std::unique_ptr<HttpNegotiateAuthSystem> { + return std::make_unique<TestAuthSystem>(); + })); + negotiate_factory->set_host_resolver(resolver()); + negotiate_factory->set_http_auth_preferences(http_auth_preferences()); +#if !defined(OS_ANDROID) + auto auth_library = std::make_unique<MockAuthLibrary>(); + SetupMocks(auth_library.get()); + negotiate_factory->set_library(std::move(auth_library)); +#endif + + GURL gurl("http://www.example.com"); + std::unique_ptr<HttpAuthHandler> handler; + EXPECT_EQ(OK, negotiate_factory->CreateAuthHandlerFromString( + "Negotiate", HttpAuth::AUTH_SERVER, SSLInfo(), gurl, + NetLogWithSource(), &handler)); + EXPECT_TRUE(handler); + + TestCompletionCallback callback; + std::string auth_token; + HttpRequestInfo request_info; + EXPECT_EQ(OK, callback.GetResult(handler->GenerateAuthToken( + nullptr, &request_info, callback.callback(), &auth_token))); + EXPECT_EQ(kFakeToken, auth_token); +} + } // namespace net diff --git a/chromium/net/http/http_auth_handler_ntlm_portable_unittest.cc b/chromium/net/http/http_auth_handler_ntlm_portable_unittest.cc index d9f861f644c..5614330b4c3 100644 --- a/chromium/net/http/http_auth_handler_ntlm_portable_unittest.cc +++ b/chromium/net/http/http_auth_handler_ntlm_portable_unittest.cc @@ -6,6 +6,7 @@ #include "base/base64.h" #include "base/containers/span.h" +#include "base/stl_util.h" #include "base/strings/string_util.h" #include "base/strings/utf_string_conversions.h" #include "build/build_config.h" @@ -230,7 +231,7 @@ TEST_F(HttpAuthHandlerNtlmPortableTest, NtlmV1AuthenticationSuccess) { // Validate the authenticate message std::string decoded; ASSERT_TRUE(DecodeChallenge(token, &decoded)); - ASSERT_EQ(arraysize(ntlm::test::kExpectedAuthenticateMsgSpecResponseV1), + ASSERT_EQ(base::size(ntlm::test::kExpectedAuthenticateMsgSpecResponseV1), decoded.size()); ASSERT_EQ(0, memcmp(decoded.data(), ntlm::test::kExpectedAuthenticateMsgSpecResponseV1, diff --git a/chromium/net/http/http_auth_sspi_win.cc b/chromium/net/http/http_auth_sspi_win.cc index c6e531a9afa..cfd8a874dac 100644 --- a/chromium/net/http/http_auth_sspi_win.cc +++ b/chromium/net/http/http_auth_sspi_win.cc @@ -261,6 +261,10 @@ HttpAuthSSPI::~HttpAuthSSPI() { } } +bool HttpAuthSSPI::Init() { + return true; +} + bool HttpAuthSSPI::NeedsIdentity() const { return decoded_server_auth_token_.empty(); } diff --git a/chromium/net/http/http_auth_sspi_win.h b/chromium/net/http/http_auth_sspi_win.h index 84c47c49715..0e393c61cd7 100644 --- a/chromium/net/http/http_auth_sspi_win.h +++ b/chromium/net/http/http_auth_sspi_win.h @@ -20,6 +20,7 @@ #include "net/base/completion_once_callback.h" #include "net/base/net_export.h" #include "net/http/http_auth.h" +#include "net/http/http_negotiate_auth_system.h" namespace net { @@ -106,54 +107,26 @@ class SSPILibraryDefault : public SSPILibrary { SECURITY_STATUS FreeContextBuffer(PVOID pvContextBuffer) override; }; -class NET_EXPORT_PRIVATE HttpAuthSSPI { +class NET_EXPORT_PRIVATE HttpAuthSSPI : public HttpNegotiateAuthSystem { public: HttpAuthSSPI(SSPILibrary* sspi_library, const std::string& scheme, const SEC_WCHAR* security_package, ULONG max_token_length); - ~HttpAuthSSPI(); - - bool NeedsIdentity() const; - - bool AllowsExplicitCredentials() const; + ~HttpAuthSSPI() override; + // HttpNegotiateAuthSystem implementation: + bool Init() override; + bool NeedsIdentity() const override; + bool AllowsExplicitCredentials() const override; HttpAuth::AuthorizationResult ParseChallenge( - HttpAuthChallengeTokenizer* tok); - - // Generates an authentication token. - // - // The return value is an error code. The authentication token will be - // returned in |*auth_token|. If the result code is not |OK|, the value of - // |*auth_token| is unspecified. - // - // If the operation cannot be completed synchronously, |ERR_IO_PENDING| will - // be returned and the real result code will be passed to the completion - // callback. Otherwise the result code is returned immediately from this - // call. - // - // If the HttpAuthSPPI object is deleted before completion then the callback - // will not be called. - // - // If no immediate result is returned then |auth_token| must remain valid - // until the callback has been called. - // - // |spn| is the Service Principal Name of the server that the token is - // being generated for. - // - // If this is the first round of a multiple round scheme, credentials are - // obtained using |*credentials|. If |credentials| is NULL, the default - // credentials are used instead. + HttpAuthChallengeTokenizer* tok) override; int GenerateAuthToken(const AuthCredentials* credentials, const std::string& spn, const std::string& channel_bindings, std::string* auth_token, - CompletionOnceCallback callback); - - // Delegation is allowed on the Kerberos ticket. This allows certain servers - // to act as the user, such as an IIS server retrieving data from a - // Kerberized MSSQL server. - void Delegate(); + CompletionOnceCallback callback) override; + void Delegate() override; private: int OnFirstRound(const AuthCredentials* credentials); diff --git a/chromium/net/http/http_auth_unittest.cc b/chromium/net/http/http_auth_unittest.cc index 58f9f04d271..43a7514b816 100644 --- a/chromium/net/http/http_auth_unittest.cc +++ b/chromium/net/http/http_auth_unittest.cc @@ -9,6 +9,7 @@ #include <string> #include "base/memory/ref_counted.h" +#include "base/stl_util.h" #include "base/strings/string_util.h" #include "build/build_config.h" #include "net/base/net_errors.h" @@ -130,7 +131,7 @@ TEST(HttpAuthTest, ChooseBestChallenge) { http_auth_handler_factory->SetHttpAuthPreferences(kNegotiateAuthScheme, &http_auth_preferences); - for (size_t i = 0; i < arraysize(tests); ++i) { + for (size_t i = 0; i < base::size(tests); ++i) { // Make a HttpResponseHeaders object. std::string headers_with_status_line("HTTP/1.1 401 Unauthorized\n"); headers_with_status_line += tests[i].headers; diff --git a/chromium/net/http/http_basic_state.cc b/chromium/net/http/http_basic_state.cc index efe92f8b10d..6a9d4b97dca 100644 --- a/chromium/net/http/http_basic_state.cc +++ b/chromium/net/http/http_basic_state.cc @@ -7,6 +7,7 @@ #include <utility> #include "base/logging.h" +#include "base/stl_util.h" #include "net/base/io_buffer.h" #include "net/http/http_request_info.h" #include "net/http/http_response_body_drainer.h" @@ -59,7 +60,7 @@ void HttpBasicState::DeleteParser() { parser_.reset(); } std::string HttpBasicState::GenerateRequestLine() const { static const char kSuffix[] = " HTTP/1.1\r\n"; - const size_t kSuffixLen = arraysize(kSuffix) - 1; + const size_t kSuffixLen = base::size(kSuffix) - 1; const std::string path = using_proxy_ ? HttpUtil::SpecForRequest(url_) : url_.PathForRequest(); // Don't use StringPrintf for concatenation because it is very inefficient. diff --git a/chromium/net/http/http_basic_stream.cc b/chromium/net/http/http_basic_stream.cc index 2f677a4db24..c623fbc7df6 100644 --- a/chromium/net/http/http_basic_stream.cc +++ b/chromium/net/http/http_basic_stream.cc @@ -106,8 +106,14 @@ int64_t HttpBasicStream::GetTotalSentBytes() const { bool HttpBasicStream::GetLoadTimingInfo( LoadTimingInfo* load_timing_info) const { - return state_.connection()->GetLoadTimingInfo(IsConnectionReused(), - load_timing_info); + if (!state_.connection()->GetLoadTimingInfo(IsConnectionReused(), + load_timing_info) || + !parser()) { + return false; + } + + load_timing_info->receive_headers_start = parser()->response_start_time(); + return true; } bool HttpBasicStream::GetAlternativeService( diff --git a/chromium/net/http/http_byte_range_unittest.cc b/chromium/net/http/http_byte_range_unittest.cc index 412c7f80109..4188bee5b05 100644 --- a/chromium/net/http/http_byte_range_unittest.cc +++ b/chromium/net/http/http_byte_range_unittest.cc @@ -2,8 +2,8 @@ // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. -#include "base/macros.h" #include "net/http/http_byte_range.h" +#include "base/stl_util.h" #include "testing/gtest/include/gtest/gtest.h" namespace net { @@ -28,7 +28,7 @@ TEST(HttpByteRangeTest, ValidRanges) { { -1, -1, 100000, true }, }; - for (size_t i = 0; i < arraysize(tests); ++i) { + for (size_t i = 0; i < base::size(tests); ++i) { HttpByteRange range; range.set_first_byte_position(tests[i].first_byte_position); range.set_last_byte_position(tests[i].last_byte_position); @@ -60,7 +60,7 @@ TEST(HttpByteRangeTest, SetInstanceSize) { { 10, 10000, -1, 1000000, true, 10, 10000 }, }; - for (size_t i = 0; i < arraysize(tests); ++i) { + for (size_t i = 0; i < base::size(tests); ++i) { HttpByteRange range; range.set_first_byte_position(tests[i].first_byte_position); range.set_last_byte_position(tests[i].last_byte_position); @@ -93,7 +93,7 @@ TEST(HttpByteRangeTest, GetHeaderValue) { {HttpByteRange::RightUnbounded(100), "bytes=100-"}, {HttpByteRange::Suffix(100), "bytes=-100"}, }; - for (size_t i = 0; i < arraysize(tests); ++i) { + for (size_t i = 0; i < base::size(tests); ++i) { EXPECT_EQ(tests[i].expected, tests[i].range.GetHeaderValue()); } } diff --git a/chromium/net/http/http_cache.cc b/chromium/net/http/http_cache.cc index 2f285fef1c4..45ac4825bb2 100644 --- a/chromium/net/http/http_cache.cc +++ b/chromium/net/http/http_cache.cc @@ -21,6 +21,7 @@ #include "base/metrics/histogram_macros.h" #include "base/pickle.h" #include "base/single_thread_task_runner.h" +#include "base/strings/strcat.h" #include "base/strings/string_number_conversions.h" #include "base/strings/string_util.h" #include "base/strings/stringprintf.h" @@ -31,6 +32,7 @@ #include "base/trace_event/memory_usage_estimator.h" #include "base/trace_event/process_memory_dump.h" #include "net/base/cache_type.h" +#include "net/base/features.h" #include "net/base/io_buffer.h" #include "net/base/load_flags.h" #include "net/base/net_errors.h" @@ -455,14 +457,17 @@ void HttpCache::CloseIdleConnections() { session->CloseIdleConnections(); } -void HttpCache::OnExternalCacheHit(const GURL& url, - const std::string& http_method) { +void HttpCache::OnExternalCacheHit( + const GURL& url, + const std::string& http_method, + base::Optional<url::Origin> top_frame_origin) { if (!disk_cache_.get() || mode_ == DISABLE) return; HttpRequestInfo request_info; request_info.url = url; request_info.method = http_method; + request_info.top_frame_origin = std::move(top_frame_origin); std::string key = GenerateCacheKey(&request_info); disk_cache_->OnExternalCacheHit(key); } @@ -580,7 +585,21 @@ int HttpCache::GetBackendForTransaction(Transaction* trans) { // Generate a key that can be used inside the cache. std::string HttpCache::GenerateCacheKey(const HttpRequestInfo* request) { // Strip out the reference, username, and password sections of the URL. - std::string url = HttpUtil::SpecForRequest(request->url); + std::string url; + + // If we're splitting the cache by top frame origin, then prefix the key with + // the origin. + if (request->top_frame_origin && + base::FeatureList::IsEnabled(features::kSplitCacheByTopFrameOrigin)) { + // Prepend the key with "_dk_" to mark it as double keyed (and makes it an + // invalid url so that it doesn't get confused with a single-keyed + // entry). Separate the origin and url with invalid whitespace and control + // characters. + url = base::StrCat({"_dk_", request->top_frame_origin->Serialize(), " \n", + HttpUtil::SpecForRequest(request->url)}); + } else { + url = HttpUtil::SpecForRequest(request->url); + } DCHECK_NE(DISABLE, mode_); // No valid URL can begin with numerals, so we should not have to worry @@ -591,6 +610,7 @@ std::string HttpCache::GenerateCacheKey(const HttpRequestInfo* request) { base::StringPrintf("%" PRId64 "/", request->upload_data_stream->identifier())); } + return url; } @@ -660,13 +680,16 @@ int HttpCache::AsyncDoomEntry(const std::string& key, Transaction* trans) { return rv; } -void HttpCache::DoomMainEntryForUrl(const GURL& url) { +void HttpCache::DoomMainEntryForUrl( + const GURL& url, + base::Optional<url::Origin> top_frame_origin) { if (!disk_cache_) return; HttpRequestInfo temp_info; temp_info.url = url; temp_info.method = "GET"; + temp_info.top_frame_origin = std::move(top_frame_origin); std::string key = GenerateCacheKey(&temp_info); // Defer to DoomEntry if there is an active entry, otherwise call diff --git a/chromium/net/http/http_cache.h b/chromium/net/http/http_cache.h index e173157f4ba..7dda9c08e56 100644 --- a/chromium/net/http/http_cache.h +++ b/chromium/net/http/http_cache.h @@ -232,8 +232,11 @@ class NET_EXPORT HttpCache : public HttpTransactionFactory { void CloseIdleConnections(); // Called whenever an external cache in the system reuses the resource - // referred to by |url| and |http_method|. - void OnExternalCacheHit(const GURL& url, const std::string& http_method); + // referred to by |url| and |http_method|, inside a page with a top-level + // URL at |top_frame_origin|. + void OnExternalCacheHit(const GURL& url, + const std::string& http_method, + base::Optional<url::Origin> top_frame_origin); // Causes all transactions created after this point to simulate lock timeout // and effectively bypass the cache lock whenever there is lock contention. @@ -409,8 +412,10 @@ class NET_EXPORT HttpCache : public HttpTransactionFactory { // be currently in use. int AsyncDoomEntry(const std::string& key, Transaction* trans); - // Dooms the entry associated with a GET for a given |url|. - void DoomMainEntryForUrl(const GURL& url); + // Dooms the entry associated with a GET for a given |url|, loaded from + // a page with top-level frame at |top_frame_origin|. + void DoomMainEntryForUrl(const GURL& url, + base::Optional<url::Origin> top_frame_origin); // Closes a previously doomed entry. void FinalizeDoomedEntry(ActiveEntry* entry); diff --git a/chromium/net/http/http_cache_transaction.cc b/chromium/net/http/http_cache_transaction.cc index 5a4331d6b23..16ece824e84 100644 --- a/chromium/net/http/http_cache_transaction.cc +++ b/chromium/net/http/http_cache_transaction.cc @@ -21,10 +21,10 @@ #include "base/compiler_specific.h" #include "base/format_macros.h" #include "base/location.h" -#include "base/macros.h" #include "base/metrics/histogram_functions.h" #include "base/metrics/histogram_macros.h" #include "base/single_thread_task_runner.h" +#include "base/stl_util.h" #include "base/strings/string_number_conversions.h" // For HexEncode. #include "base/strings/string_piece.h" #include "base/strings/string_util.h" // For LowerCaseEqualsASCII. @@ -202,7 +202,7 @@ HttpCache::Transaction::Transaction(RequestPriority priority, HttpCache* cache) weak_factory_(this) { TRACE_EVENT0("io", "HttpCacheTransaction::Transaction"); static_assert(HttpCache::Transaction::kNumValidationHeaders == - arraysize(kValidationHeaders), + base::size(kValidationHeaders), "invalid number of validation headers"); io_callback_ = base::BindRepeating(&Transaction::OnIOComplete, @@ -554,6 +554,8 @@ bool HttpCache::Transaction::GetLoadTimingInfo( // This time doesn't make much sense when reading from the cache, so just use // the same time as send_start. load_timing_info->send_end = first_cache_access_since_; + // Provide the time immediately before parsing a cached entry. + load_timing_info->receive_headers_start = read_headers_since_; return true; } @@ -1461,6 +1463,9 @@ int HttpCache::Transaction::DoCacheReadResponseComplete(int result) { TRACE_EVENT0("io", "HttpCacheTransaction::DoCacheReadResponseComplete"); net_log_.EndEventWithNetErrorCode(NetLogEventType::HTTP_CACHE_READ_INFO, result); + + // Record the time immediately before the cached response is parsed. + read_headers_since_ = TimeTicks::Now(); if (result != io_buf_len_ || !HttpCache::ParseResponseInfo(read_buf_->data(), io_buf_len_, &response_, &truncated_)) { @@ -1789,7 +1794,7 @@ int HttpCache::Transaction::DoSuccessfulSendRequest() { // Invalidate any cached GET with a successful POST. if (!(effective_load_flags_ & LOAD_DISABLE_CACHE) && method_ == "POST" && NonErrorResponse(new_response->headers->response_code())) { - cache_->DoomMainEntryForUrl(request_->url); + cache_->DoomMainEntryForUrl(request_->url, request_->top_frame_origin); } RecordNoStoreHeaderHistogram(request_->load_flags, new_response); @@ -2349,7 +2354,7 @@ void HttpCache::Transaction::SetRequest(const NetLogWithSource& net_log) { if (request_->extra_headers.HasHeader(HttpRequestHeaders::kRange)) range_found = true; - for (size_t i = 0; i < arraysize(kSpecialHeaders); ++i) { + for (size_t i = 0; i < base::size(kSpecialHeaders); ++i) { if (HeaderMatches(request_->extra_headers, kSpecialHeaders[i].search)) { effective_load_flags_ |= kSpecialHeaders[i].load_flag; special_headers = true; @@ -2359,7 +2364,7 @@ void HttpCache::Transaction::SetRequest(const NetLogWithSource& net_log) { // Check for conditionalization headers which may correspond with a // cache validation request. - for (size_t i = 0; i < arraysize(kValidationHeaders); ++i) { + for (size_t i = 0; i < base::size(kValidationHeaders); ++i) { const ValidationHeaderInfo& info = kValidationHeaders[i]; std::string validation_value; if (request_->extra_headers.GetHeader( @@ -2615,7 +2620,7 @@ int HttpCache::Transaction::BeginExternallyConditionalizedRequest() { DCHECK_EQ(UPDATE, mode_); DCHECK(external_validation_.initialized); - for (size_t i = 0; i < arraysize(kValidationHeaders); i++) { + for (size_t i = 0; i < base::size(kValidationHeaders); i++) { if (external_validation_.values[i].empty()) continue; // Retrieve either the cached response's "etag" or "last-modified" header. diff --git a/chromium/net/http/http_cache_transaction.h b/chromium/net/http/http_cache_transaction.h index 31fada99088..d489b92131c 100644 --- a/chromium/net/http/http_cache_transaction.h +++ b/chromium/net/http/http_cache_transaction.h @@ -633,6 +633,7 @@ class NET_EXPORT_PRIVATE HttpCache::Transaction : public HttpTransaction { base::TimeTicks entry_lock_waiting_since_; base::TimeTicks first_cache_access_since_; base::TimeTicks send_request_since_; + base::TimeTicks read_headers_since_; base::Time open_entry_last_used_; base::TimeDelta stale_entry_freshness_; base::TimeDelta stale_entry_age_; diff --git a/chromium/net/http/http_cache_unittest.cc b/chromium/net/http/http_cache_unittest.cc index eed5c75480e..777fe08266c 100644 --- a/chromium/net/http/http_cache_unittest.cc +++ b/chromium/net/http/http_cache_unittest.cc @@ -5673,6 +5673,66 @@ TEST_F(HttpCacheTest, SimplePOST_Invalidate_205) { RemoveMockTransaction(&transaction); } +// Tests that a successful POST invalidates a previously cached GET, +// with cache split by top-frame origin. +TEST_F(HttpCacheTest, SimplePOST_Invalidate_205_SplitCache) { + base::test::ScopedFeatureList feature_list; + feature_list.InitAndEnableFeature(net::features::kSplitCacheByTopFrameOrigin); + url::Origin origin_a = url::Origin::Create(GURL("http://a.com")); + url::Origin origin_b = url::Origin::Create(GURL("http://b.com")); + + MockHttpCache cache; + + MockTransaction transaction(kSimpleGET_Transaction); + AddMockTransaction(&transaction); + MockHttpRequest req1(transaction); + req1.top_frame_origin = origin_a; + + // Attempt to populate the cache. + RunTransactionTestWithRequest(cache.http_cache(), transaction, req1, NULL); + + // Same for a different origin. + MockHttpRequest req1b(transaction); + req1b.top_frame_origin = origin_b; + RunTransactionTestWithRequest(cache.http_cache(), transaction, req1b, NULL); + + EXPECT_EQ(2, cache.network_layer()->transaction_count()); + EXPECT_EQ(0, cache.disk_cache()->open_count()); + EXPECT_EQ(2, cache.disk_cache()->create_count()); + + std::vector<std::unique_ptr<UploadElementReader>> element_readers; + element_readers.push_back( + std::make_unique<UploadBytesElementReader>("hello", 5)); + ElementsUploadDataStream upload_data_stream(std::move(element_readers), 1); + + transaction.method = "POST"; + transaction.status = "HTTP/1.1 205 No Content"; + MockHttpRequest req2(transaction); + req2.upload_data_stream = &upload_data_stream; + req2.top_frame_origin = origin_a; + + RunTransactionTestWithRequest(cache.http_cache(), transaction, req2, NULL); + + EXPECT_EQ(3, cache.network_layer()->transaction_count()); + EXPECT_EQ(0, cache.disk_cache()->open_count()); + EXPECT_EQ(3, cache.disk_cache()->create_count()); + + // req1b should still be cached, since it has a different top-level frame + // origin. + RunTransactionTestWithRequest(cache.http_cache(), transaction, req1b, NULL); + EXPECT_EQ(3, cache.network_layer()->transaction_count()); + EXPECT_EQ(1, cache.disk_cache()->open_count()); + EXPECT_EQ(3, cache.disk_cache()->create_count()); + + // req1 should not be cached after the POST. + RunTransactionTestWithRequest(cache.http_cache(), transaction, req1, NULL); + EXPECT_EQ(4, cache.network_layer()->transaction_count()); + EXPECT_EQ(1, cache.disk_cache()->open_count()); + EXPECT_EQ(4, cache.disk_cache()->create_count()); + + RemoveMockTransaction(&transaction); +} + // Tests that a successful POST invalidates a previously cached GET, even when // there is no upload identifier. TEST_F(HttpCacheTest, SimplePOST_NoUploadId_Invalidate_205) { @@ -9405,6 +9465,100 @@ TEST_F(HttpCacheTest, UpdatesRequestResponseTimeOn304) { RemoveMockTransaction(&mock_network_response); } +TEST_F(HttpCacheTest, SplitCache) { + base::test::ScopedFeatureList feature_list; + feature_list.InitAndEnableFeature(net::features::kSplitCacheByTopFrameOrigin); + + MockHttpCache cache; + HttpResponseInfo response; + + url::Origin origin_a = url::Origin::Create(GURL("http://a.com")); + url::Origin origin_b = url::Origin::Create(GURL("http://b.com")); + + // A request without a top frame origin is cached normally. + MockHttpRequest trans_info = MockHttpRequest(kSimpleGET_Transaction); + RunTransactionTestWithRequest(cache.http_cache(), kSimpleGET_Transaction, + trans_info, &response); + EXPECT_FALSE(response.was_cached); + + RunTransactionTestWithRequest(cache.http_cache(), kSimpleGET_Transaction, + trans_info, &response); + EXPECT_TRUE(response.was_cached); + + // Now request with a.com as the top frame origin. It shouldn't be cached + // since the cached resource has a different top frame origin. + trans_info.top_frame_origin = origin_a; + RunTransactionTestWithRequest(cache.http_cache(), kSimpleGET_Transaction, + trans_info, &response); + EXPECT_FALSE(response.was_cached); + + // The second request should be cached. + RunTransactionTestWithRequest(cache.http_cache(), kSimpleGET_Transaction, + trans_info, &response); + EXPECT_TRUE(response.was_cached); + + // Now request with b.com as the top frame origin. It shouldn't be cached. + trans_info.top_frame_origin = origin_b; + RunTransactionTestWithRequest(cache.http_cache(), kSimpleGET_Transaction, + trans_info, &response); + EXPECT_FALSE(response.was_cached); + + // The second request should be cached. + RunTransactionTestWithRequest(cache.http_cache(), kSimpleGET_Transaction, + trans_info, &response); + EXPECT_TRUE(response.was_cached); + + // a.com should still be cached. + trans_info.top_frame_origin = origin_a; + RunTransactionTestWithRequest(cache.http_cache(), kSimpleGET_Transaction, + trans_info, &response); + EXPECT_TRUE(response.was_cached); + + // Verify that a post transaction with a data stream uses a separate key. + const int64_t kUploadId = 1; // Just a dummy value. + + std::vector<std::unique_ptr<UploadElementReader>> element_readers; + element_readers.push_back( + std::make_unique<UploadBytesElementReader>("hello", 5)); + ElementsUploadDataStream upload_data_stream(std::move(element_readers), + kUploadId); + + MockHttpRequest post_info = MockHttpRequest(kSimplePOST_Transaction); + post_info.top_frame_origin = origin_a; + post_info.upload_data_stream = &upload_data_stream; + + RunTransactionTestWithRequest(cache.http_cache(), kSimplePOST_Transaction, + post_info, &response); + EXPECT_FALSE(response.was_cached); +} + +TEST_F(HttpCacheTest, NonSplitCache) { + base::test::ScopedFeatureList feature_list; + feature_list.InitAndDisableFeature( + net::features::kSplitCacheByTopFrameOrigin); + + MockHttpCache cache; + HttpResponseInfo response; + + // A request without a top frame is cached normally. + MockHttpRequest trans_info = MockHttpRequest(kSimpleGET_Transaction); + RunTransactionTestWithRequest(cache.http_cache(), kSimpleGET_Transaction, + trans_info, &response); + EXPECT_FALSE(response.was_cached); + + // The second request comes from cache. + RunTransactionTestWithRequest(cache.http_cache(), kSimpleGET_Transaction, + trans_info, &response); + EXPECT_TRUE(response.was_cached); + + // Now request with a.com as the top frame origin. It should use the same + // cached object. + trans_info.top_frame_origin = url::Origin::Create(GURL("http://a.com/")); + RunTransactionTestWithRequest(cache.http_cache(), kSimpleGET_Transaction, + trans_info, &response); + EXPECT_TRUE(response.was_cached); +} + // Tests that we can write metadata to an entry. TEST_F(HttpCacheTest, WriteMetadata_OK) { base::test::ScopedFeatureList feature_list; diff --git a/chromium/net/http/http_chunked_decoder_unittest.cc b/chromium/net/http/http_chunked_decoder_unittest.cc index 2d2898c3347..246512d67bf 100644 --- a/chromium/net/http/http_chunked_decoder_unittest.cc +++ b/chromium/net/http/http_chunked_decoder_unittest.cc @@ -9,6 +9,7 @@ #include <vector> #include "base/format_macros.h" +#include "base/stl_util.h" #include "base/strings/stringprintf.h" #include "net/base/net_errors.h" #include "net/test/gtest_util.h" @@ -70,14 +71,14 @@ TEST(HttpChunkedDecoderTest, Basic) { const char* const inputs[] = { "B\r\nhello hello\r\n0\r\n\r\n" }; - RunTest(inputs, arraysize(inputs), "hello hello", true, 0); + RunTest(inputs, base::size(inputs), "hello hello", true, 0); } TEST(HttpChunkedDecoderTest, OneChunk) { const char* const inputs[] = { "5\r\nhello\r\n" }; - RunTest(inputs, arraysize(inputs), "hello", false, 0); + RunTest(inputs, base::size(inputs), "hello", false, 0); } TEST(HttpChunkedDecoderTest, Typical) { @@ -87,7 +88,7 @@ TEST(HttpChunkedDecoderTest, Typical) { "5\r\nworld\r\n", "0\r\n\r\n" }; - RunTest(inputs, arraysize(inputs), "hello world", true, 0); + RunTest(inputs, base::size(inputs), "hello world", true, 0); } TEST(HttpChunkedDecoderTest, Incremental) { @@ -104,7 +105,7 @@ TEST(HttpChunkedDecoderTest, Incremental) { "\r", "\n" }; - RunTest(inputs, arraysize(inputs), "hello", true, 0); + RunTest(inputs, base::size(inputs), "hello", true, 0); } // Same as above, but group carriage returns with previous input. @@ -118,7 +119,7 @@ TEST(HttpChunkedDecoderTest, Incremental2) { "\n\r", "\n" }; - RunTest(inputs, arraysize(inputs), "hello", true, 0); + RunTest(inputs, base::size(inputs), "hello", true, 0); } TEST(HttpChunkedDecoderTest, LF_InsteadOf_CRLF) { @@ -131,7 +132,7 @@ TEST(HttpChunkedDecoderTest, LF_InsteadOf_CRLF) { "5\nworld\n", "0\n\n" }; - RunTest(inputs, arraysize(inputs), "hello world", true, 0); + RunTest(inputs, base::size(inputs), "hello world", true, 0); } TEST(HttpChunkedDecoderTest, Extensions) { @@ -139,7 +140,7 @@ TEST(HttpChunkedDecoderTest, Extensions) { "5;x=0\r\nhello\r\n", "0;y=\"2 \"\r\n\r\n" }; - RunTest(inputs, arraysize(inputs), "hello", true, 0); + RunTest(inputs, base::size(inputs), "hello", true, 0); } TEST(HttpChunkedDecoderTest, Trailers) { @@ -150,7 +151,7 @@ TEST(HttpChunkedDecoderTest, Trailers) { "Bar: 2\r\n", "\r\n" }; - RunTest(inputs, arraysize(inputs), "hello", true, 0); + RunTest(inputs, base::size(inputs), "hello", true, 0); } TEST(HttpChunkedDecoderTest, TrailersUnfinished) { @@ -159,7 +160,7 @@ TEST(HttpChunkedDecoderTest, TrailersUnfinished) { "0\r\n", "Foo: 1\r\n" }; - RunTest(inputs, arraysize(inputs), "hello", false, 0); + RunTest(inputs, base::size(inputs), "hello", false, 0); } TEST(HttpChunkedDecoderTest, InvalidChunkSize_TooBig) { @@ -170,7 +171,7 @@ TEST(HttpChunkedDecoderTest, InvalidChunkSize_TooBig) { "48469410265455838241\r\nhello\r\n", "0\r\n\r\n" }; - RunTestUntilFailure(inputs, arraysize(inputs), 0); + RunTestUntilFailure(inputs, base::size(inputs), 0); } TEST(HttpChunkedDecoderTest, InvalidChunkSize_0X) { @@ -181,7 +182,7 @@ TEST(HttpChunkedDecoderTest, InvalidChunkSize_0X) { "0x5\r\nhello\r\n", "0\r\n\r\n" }; - RunTestUntilFailure(inputs, arraysize(inputs), 0); + RunTestUntilFailure(inputs, base::size(inputs), 0); } TEST(HttpChunkedDecoderTest, ChunkSize_TrailingSpace) { @@ -193,7 +194,7 @@ TEST(HttpChunkedDecoderTest, ChunkSize_TrailingSpace) { "5 \r\nhello\r\n", "0\r\n\r\n" }; - RunTest(inputs, arraysize(inputs), "hello", true, 0); + RunTest(inputs, base::size(inputs), "hello", true, 0); } TEST(HttpChunkedDecoderTest, InvalidChunkSize_TrailingTab) { @@ -203,7 +204,7 @@ TEST(HttpChunkedDecoderTest, InvalidChunkSize_TrailingTab) { "5\t\r\nhello\r\n", "0\r\n\r\n" }; - RunTestUntilFailure(inputs, arraysize(inputs), 0); + RunTestUntilFailure(inputs, base::size(inputs), 0); } TEST(HttpChunkedDecoderTest, InvalidChunkSize_TrailingFormFeed) { @@ -214,7 +215,7 @@ TEST(HttpChunkedDecoderTest, InvalidChunkSize_TrailingFormFeed) { "5\f\r\nhello\r\n", "0\r\n\r\n" }; - RunTestUntilFailure(inputs, arraysize(inputs), 0); + RunTestUntilFailure(inputs, base::size(inputs), 0); } TEST(HttpChunkedDecoderTest, InvalidChunkSize_TrailingVerticalTab) { @@ -225,7 +226,7 @@ TEST(HttpChunkedDecoderTest, InvalidChunkSize_TrailingVerticalTab) { "5\v\r\nhello\r\n", "0\r\n\r\n" }; - RunTestUntilFailure(inputs, arraysize(inputs), 0); + RunTestUntilFailure(inputs, base::size(inputs), 0); } TEST(HttpChunkedDecoderTest, InvalidChunkSize_TrailingNonHexDigit) { @@ -236,7 +237,7 @@ TEST(HttpChunkedDecoderTest, InvalidChunkSize_TrailingNonHexDigit) { "5H\r\nhello\r\n", "0\r\n\r\n" }; - RunTestUntilFailure(inputs, arraysize(inputs), 0); + RunTestUntilFailure(inputs, base::size(inputs), 0); } TEST(HttpChunkedDecoderTest, InvalidChunkSize_LeadingSpace) { @@ -247,7 +248,7 @@ TEST(HttpChunkedDecoderTest, InvalidChunkSize_LeadingSpace) { " 5\r\nhello\r\n", "0\r\n\r\n" }; - RunTestUntilFailure(inputs, arraysize(inputs), 0); + RunTestUntilFailure(inputs, base::size(inputs), 0); } TEST(HttpChunkedDecoderTest, InvalidLeadingSeparator) { @@ -255,7 +256,7 @@ TEST(HttpChunkedDecoderTest, InvalidLeadingSeparator) { "\r\n5\r\nhello\r\n", "0\r\n\r\n" }; - RunTestUntilFailure(inputs, arraysize(inputs), 0); + RunTestUntilFailure(inputs, base::size(inputs), 0); } TEST(HttpChunkedDecoderTest, InvalidChunkSize_NoSeparator) { @@ -264,7 +265,7 @@ TEST(HttpChunkedDecoderTest, InvalidChunkSize_NoSeparator) { "1\r\n \r\n", "0\r\n\r\n" }; - RunTestUntilFailure(inputs, arraysize(inputs), 1); + RunTestUntilFailure(inputs, base::size(inputs), 1); } TEST(HttpChunkedDecoderTest, InvalidChunkSize_Negative) { @@ -272,7 +273,7 @@ TEST(HttpChunkedDecoderTest, InvalidChunkSize_Negative) { "8\r\n12345678\r\n-5\r\nhello\r\n", "0\r\n\r\n" }; - RunTestUntilFailure(inputs, arraysize(inputs), 0); + RunTestUntilFailure(inputs, base::size(inputs), 0); } TEST(HttpChunkedDecoderTest, InvalidChunkSize_Plus) { @@ -283,7 +284,7 @@ TEST(HttpChunkedDecoderTest, InvalidChunkSize_Plus) { "+5\r\nhello\r\n", "0\r\n\r\n" }; - RunTestUntilFailure(inputs, arraysize(inputs), 0); + RunTestUntilFailure(inputs, base::size(inputs), 0); } TEST(HttpChunkedDecoderTest, InvalidConsecutiveCRLFs) { @@ -292,7 +293,7 @@ TEST(HttpChunkedDecoderTest, InvalidConsecutiveCRLFs) { "\r\n\r\n\r\n\r\n", "0\r\n\r\n" }; - RunTestUntilFailure(inputs, arraysize(inputs), 1); + RunTestUntilFailure(inputs, base::size(inputs), 1); } TEST(HttpChunkedDecoderTest, ReallyBigChunks) { @@ -339,7 +340,7 @@ TEST(HttpChunkedDecoderTest, ReallyBigChunks) { // Chunk terminator and the final chunk. char final_chunk[] = "\r\n0\r\n\r\n"; - EXPECT_EQ(OK, decoder.FilterBuf(final_chunk, arraysize(final_chunk))); + EXPECT_EQ(OK, decoder.FilterBuf(final_chunk, base::size(final_chunk))); EXPECT_TRUE(decoder.reached_eof()); // Since |data| never included any chunk headers, it should not have been @@ -353,20 +354,20 @@ TEST(HttpChunkedDecoderTest, ReallyBigChunks) { TEST(HttpChunkedDecoderTest, ExcessiveChunkLen) { // Smallest number that can't be represented as a signed int64. const char* const inputs[] = {"8000000000000000\r\nhello\r\n"}; - RunTestUntilFailure(inputs, arraysize(inputs), 0); + RunTestUntilFailure(inputs, base::size(inputs), 0); } TEST(HttpChunkedDecoderTest, ExcessiveChunkLen2) { // Smallest number that can't be represented as an unsigned int64. const char* const inputs[] = {"10000000000000000\r\nhello\r\n"}; - RunTestUntilFailure(inputs, arraysize(inputs), 0); + RunTestUntilFailure(inputs, base::size(inputs), 0); } TEST(HttpChunkedDecoderTest, BasicExtraData) { const char* const inputs[] = { "5\r\nhello\r\n0\r\n\r\nextra bytes" }; - RunTest(inputs, arraysize(inputs), "hello", true, 11); + RunTest(inputs, base::size(inputs), "hello", true, 11); } TEST(HttpChunkedDecoderTest, IncrementalExtraData) { @@ -383,7 +384,7 @@ TEST(HttpChunkedDecoderTest, IncrementalExtraData) { "\r", "\nextra bytes" }; - RunTest(inputs, arraysize(inputs), "hello", true, 11); + RunTest(inputs, base::size(inputs), "hello", true, 11); } TEST(HttpChunkedDecoderTest, MultipleExtraDataBlocks) { @@ -391,7 +392,7 @@ TEST(HttpChunkedDecoderTest, MultipleExtraDataBlocks) { "5\r\nhello\r\n0\r\n\r\nextra", " bytes" }; - RunTest(inputs, arraysize(inputs), "hello", true, 11); + RunTest(inputs, base::size(inputs), "hello", true, 11); } // Test when the line with the chunk length is too long. @@ -404,7 +405,7 @@ TEST(HttpChunkedDecoderTest, LongChunkLengthLine) { big_chunk.get(), "5" }; - RunTestUntilFailure(inputs, arraysize(inputs), 1); + RunTestUntilFailure(inputs, base::size(inputs), 1); } // Test when the extension portion of the line with the chunk length is too @@ -418,7 +419,7 @@ TEST(HttpChunkedDecoderTest, LongLengthLengthLine) { "5;", big_chunk.get() }; - RunTestUntilFailure(inputs, arraysize(inputs), 1); + RunTestUntilFailure(inputs, base::size(inputs), 1); } } // namespace diff --git a/chromium/net/http/http_content_disposition_unittest.cc b/chromium/net/http/http_content_disposition_unittest.cc index f283ce98cf4..36e39940e61 100644 --- a/chromium/net/http/http_content_disposition_unittest.cc +++ b/chromium/net/http/http_content_disposition_unittest.cc @@ -4,6 +4,7 @@ #include "net/http/http_content_disposition.h" +#include "base/stl_util.h" #include "base/strings/utf_string_conversions.h" #include "testing/gtest/include/gtest/gtest.h" @@ -201,7 +202,7 @@ TEST(HttpContentDispositionTest, Filename) { {"attachment; foobar=x; filename=\"foo.html\"", "", L"foo.html"}, }; - for (size_t i = 0; i < arraysize(tests); ++i) { + for (size_t i = 0; i < base::size(tests); ++i) { HttpContentDisposition header(tests[i].header, tests[i].referrer_charset); EXPECT_EQ(tests[i].expected, base::UTF8ToWide(header.filename())) @@ -414,7 +415,7 @@ TEST(HttpContentDispositionTest, tc2231) { // TODO(abarth): http://greenbytes.de/tech/tc2231/#attrfc2047token // TODO(abarth): http://greenbytes.de/tech/tc2231/#attrfc2047quoted }; - for (size_t i = 0; i < arraysize(tests); ++i) { + for (size_t i = 0; i < base::size(tests); ++i) { HttpContentDisposition header(tests[i].header, std::string()); EXPECT_EQ(tests[i].expected_type, header.type()) << "Failed on input: " << tests[i].header; @@ -487,7 +488,7 @@ TEST(HttpContentDispositionTest, ParseResult) { HttpContentDisposition::INVALID}, }; - for (size_t i = 0; i < arraysize(kTestCases); ++i) { + for (size_t i = 0; i < base::size(kTestCases); ++i) { const ParseResultTestCase& test_case = kTestCases[i]; HttpContentDisposition content_disposition(test_case.header, "utf-8"); int result = content_disposition.parse_result_flags(); diff --git a/chromium/net/http/http_negotiate_auth_system.h b/chromium/net/http/http_negotiate_auth_system.h new file mode 100644 index 00000000000..9d3acb0a672 --- /dev/null +++ b/chromium/net/http/http_negotiate_auth_system.h @@ -0,0 +1,70 @@ +// Copyright 2018 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef NET_HTTP_HTTP_NEGOTIATE_AUTH_SYSTEM_H_ +#define NET_HTTP_HTTP_NEGOTIATE_AUTH_SYSTEM_H_ + +#include "net/base/completion_once_callback.h" +#include "net/base/net_export.h" +#include "net/http/http_auth.h" + +namespace net { + +class AuthCredentials; +class HttpAuthChallengeTokenizer; + +class NET_EXPORT_PRIVATE HttpNegotiateAuthSystem { + public: + virtual ~HttpNegotiateAuthSystem() = default; + + virtual bool Init() = 0; + + // True if authentication needs the identity of the user from Chrome. + virtual bool NeedsIdentity() const = 0; + + // True authentication can use explicit credentials included in the URL. + virtual bool AllowsExplicitCredentials() const = 0; + + // Parse a received Negotiate challenge. + virtual HttpAuth::AuthorizationResult ParseChallenge( + HttpAuthChallengeTokenizer* tok) = 0; + + // Generates an authentication token. + // + // The return value is an error code. The authentication token will be + // returned in |*auth_token|. If the result code is not |OK|, the value of + // |*auth_token| is unspecified. + // + // If the operation cannot be completed synchronously, |ERR_IO_PENDING| will + // be returned and the real result code will be passed to the completion + // callback. Otherwise the result code is returned immediately from this + // call. + // + // If the AndroidAuthNegotiate object is deleted before completion then the + // callback will not be called. + // + // If no immediate result is returned then |auth_token| must remain valid + // until the callback has been called. + // + // |spn| is the Service Principal Name of the server that the token is + // being generated for. + // + // If this is the first round of a multiple round scheme, credentials are + // obtained using |*credentials|. If |credentials| is NULL, the default + // credentials are used instead. + virtual int GenerateAuthToken(const AuthCredentials* credentials, + const std::string& spn, + const std::string& channel_bindings, + std::string* auth_token, + CompletionOnceCallback callback) = 0; + + // Delegation is allowed on the Kerberos ticket. This allows certain servers + // to act as the user, such as an IIS server retrieving data from a + // Kerberized MSSQL server. + virtual void Delegate() = 0; +}; + +} // namespace net + +#endif // NET_HTTP_HTTP_NEGOTIATE_AUTH_SYSTEM_H_ diff --git a/chromium/net/http/http_network_layer.cc b/chromium/net/http/http_network_layer.cc index 359b4d2c10d..5a43fd334e6 100644 --- a/chromium/net/http/http_network_layer.cc +++ b/chromium/net/http/http_network_layer.cc @@ -15,7 +15,7 @@ #include "net/http/http_stream_factory_job.h" #include "net/spdy/spdy_session.h" #include "net/spdy/spdy_session_pool.h" -#include "net/third_party/spdy/core/spdy_framer.h" +#include "net/third_party/quiche/src/spdy/core/spdy_framer.h" namespace net { diff --git a/chromium/net/http/http_network_session.cc b/chromium/net/http/http_network_session.cc index a28fee76359..b71a6ebbaa8 100644 --- a/chromium/net/http/http_network_session.cc +++ b/chromium/net/http/http_network_session.cc @@ -30,7 +30,6 @@ #include "net/socket/client_socket_pool_manager_impl.h" #include "net/socket/next_proto.h" #include "net/socket/ssl_client_socket.h" -#include "net/socket/websocket_endpoint_lock_manager.h" #include "net/spdy/spdy_session_pool.h" #include "net/third_party/quic/core/crypto/quic_random.h" #include "net/third_party/quic/core/quic_packets.h" @@ -60,7 +59,8 @@ std::unique_ptr<ClientSocketPoolManager> CreateSocketPoolManager( context.cert_verifier, context.channel_id_service, context.transport_security_state, context.cert_transparency_verifier, context.ct_policy_enforcer, ssl_session_cache_shard, - context.ssl_config_service, websocket_endpoint_lock_manager, pool_type); + context.ssl_config_service, websocket_endpoint_lock_manager, + context.proxy_delegate, pool_type); } } // unnamed namespace @@ -101,7 +101,6 @@ HttpNetworkSession::Params::Params() ignore_certificate_errors(false), testing_fixed_http_port(0), testing_fixed_https_port(0), - tcp_fast_open_mode(TcpFastOpenMode::DISABLED), enable_user_alternate_protocol_ports(false), enable_spdy_ping_based_connection_checking(true), enable_http2(true), @@ -110,6 +109,7 @@ HttpNetworkSession::Params::Params() enable_http2_alternative_service(false), enable_websocket_over_http2(false), enable_quic(false), + enable_quic_proxies_for_https_urls(false), quic_max_packet_length(quic::kDefaultMaxPacketSize), quic_max_server_configs_stored_in_properties(0u), quic_enable_socket_recv_optimization(false), @@ -161,6 +161,7 @@ HttpNetworkSession::Context::Context() cert_transparency_verifier(nullptr), ct_policy_enforcer(nullptr), proxy_resolution_service(nullptr), + proxy_delegate(nullptr), ssl_config_service(nullptr), http_auth_handler_factory(nullptr), net_log(nullptr), @@ -193,8 +194,6 @@ HttpNetworkSession::HttpNetworkSession(const Params& params, #endif proxy_resolution_service_(context.proxy_resolution_service), ssl_config_service_(context.ssl_config_service), - websocket_endpoint_lock_manager_( - std::make_unique<WebSocketEndpointLockManager>()), push_delegate_(nullptr), quic_stream_factory_( context.net_log, @@ -262,10 +261,10 @@ HttpNetworkSession::HttpNetworkSession(const Params& params, "http_network_session/" + base::IntToString(g_next_shard_id.GetNext()); normal_socket_pool_manager_ = CreateSocketPoolManager( NORMAL_SOCKET_POOL, context, ssl_session_cache_shard, - websocket_endpoint_lock_manager_.get()); + &websocket_endpoint_lock_manager_); websocket_socket_pool_manager_ = CreateSocketPoolManager( WEBSOCKET_SOCKET_POOL, context, ssl_session_cache_shard, - websocket_endpoint_lock_manager_.get()); + &websocket_endpoint_lock_manager_); if (params_.enable_http2) { next_protos_.push_back(kProtoHTTP2); @@ -317,20 +316,21 @@ SSLClientSocketPool* HttpNetworkSession::GetSSLSocketPool( SOCKSClientSocketPool* HttpNetworkSession::GetSocketPoolForSOCKSProxy( SocketPoolType pool_type, - const HostPortPair& socks_proxy) { + const ProxyServer& socks_proxy) { return GetSocketPoolManager(pool_type)->GetSocketPoolForSOCKSProxy( socks_proxy); } -HttpProxyClientSocketPool* HttpNetworkSession::GetSocketPoolForHTTPProxy( +HttpProxyClientSocketPool* HttpNetworkSession::GetSocketPoolForHTTPLikeProxy( SocketPoolType pool_type, - const HostPortPair& http_proxy) { - return GetSocketPoolManager(pool_type)->GetSocketPoolForHTTPProxy(http_proxy); + const ProxyServer& http_proxy) { + return GetSocketPoolManager(pool_type)->GetSocketPoolForHTTPLikeProxy( + http_proxy); } SSLClientSocketPool* HttpNetworkSession::GetSocketPoolForSSLWithProxy( SocketPoolType pool_type, - const HostPortPair& proxy_server) { + const ProxyServer& proxy_server) { return GetSocketPoolManager(pool_type)->GetSocketPoolForSSLWithProxy( proxy_server); } @@ -461,6 +461,7 @@ void HttpNetworkSession::GetSSLConfig(const HttpRequestInfo& request, SSLConfig* proxy_config) const { ssl_config_service_->GetSSLConfig(server_config); GetAlpnProtos(&server_config->alpn_protos); + server_config->ignore_certificate_errors = params_.ignore_certificate_errors; *proxy_config = *server_config; if (request.privacy_mode == PRIVACY_MODE_ENABLED) { server_config->channel_id_enabled = false; diff --git a/chromium/net/http/http_network_session.h b/chromium/net/http/http_network_session.h index 4b3977aa639..0c42c754de3 100644 --- a/chromium/net/http/http_network_session.h +++ b/chromium/net/http/http_network_session.h @@ -32,9 +32,10 @@ #include "net/net_buildflags.h" #include "net/quic/quic_stream_factory.h" #include "net/socket/next_proto.h" +#include "net/socket/websocket_endpoint_lock_manager.h" #include "net/spdy/spdy_session_pool.h" #include "net/ssl/ssl_client_auth_cache.h" -#include "net/third_party/spdy/core/spdy_protocol.h" +#include "net/third_party/quiche/src/spdy/core/spdy_protocol.h" namespace base { class Value; @@ -43,6 +44,10 @@ class ProcessMemoryDump; } } +namespace quic { +class QuicClock; +} // namespace quic + namespace net { class CTPolicyEnforcer; @@ -62,23 +67,19 @@ class NetLog; class NetworkErrorLoggingService; #endif class NetworkQualityEstimator; +class ProxyDelegate; class ProxyResolutionService; +class ProxyServer; +class QuicCryptoClientStreamFactory; #if BUILDFLAG(ENABLE_REPORTING) class ReportingService; #endif -} // namespace net -namespace quic { -class QuicClock; -} // namespace quic -namespace net { -class QuicCryptoClientStreamFactory; class SocketPerformanceWatcherFactory; class SOCKSClientSocketPool; class SSLClientSocketPool; class SSLConfigService; class TransportClientSocketPool; class TransportSecurityState; -class WebSocketEndpointLockManager; // Specifies the maximum HPACK dynamic table size the server is allowed to set. const uint32_t kSpdyMaxHeaderTableSize = 64 * 1024; @@ -96,22 +97,11 @@ class NET_EXPORT HttpNetworkSession { Params(const Params& other); ~Params(); - enum class TcpFastOpenMode { - DISABLED, - // If true, TCP fast open will be used for all HTTPS connections. - ENABLED_FOR_SSL_ONLY, - // TCP fast open will be used for all HTTP/HTTPS connections. - // TODO(mmenke): With 0-RTT session resumption, does this option make - // sense? - ENABLED_FOR_ALL, - }; - bool enable_server_push_cancellation; HostMappingRules host_mapping_rules; bool ignore_certificate_errors; uint16_t testing_fixed_http_port; uint16_t testing_fixed_https_port; - TcpFastOpenMode tcp_fast_open_mode; bool enable_user_alternate_protocol_ports; // Use SPDY ping frames to test for connection health after idle. @@ -142,6 +132,9 @@ class NET_EXPORT HttpNetworkSession { // Enables QUIC support. bool enable_quic; + // If true, HTTPS URLs can be sent to QUIC proxies. + bool enable_quic_proxies_for_https_urls; + // QUIC runtime configuration options. // Versions of QUIC which may be used. @@ -260,6 +253,7 @@ class NET_EXPORT HttpNetworkSession { CTVerifier* cert_transparency_verifier; CTPolicyEnforcer* ct_policy_enforcer; ProxyResolutionService* proxy_resolution_service; + ProxyDelegate* proxy_delegate; SSLConfigService* ssl_config_service; HttpAuthHandlerFactory* http_auth_handler_factory; HttpServerProperties* http_server_properties; @@ -302,13 +296,13 @@ class NET_EXPORT HttpNetworkSession { SSLClientSocketPool* GetSSLSocketPool(SocketPoolType pool_type); SOCKSClientSocketPool* GetSocketPoolForSOCKSProxy( SocketPoolType pool_type, - const HostPortPair& socks_proxy); - HttpProxyClientSocketPool* GetSocketPoolForHTTPProxy( + const ProxyServer& socks_proxy); + HttpProxyClientSocketPool* GetSocketPoolForHTTPLikeProxy( SocketPoolType pool_type, - const HostPortPair& http_proxy); + const ProxyServer& http_proxy); SSLClientSocketPool* GetSocketPoolForSSLWithProxy( SocketPoolType pool_type, - const HostPortPair& proxy_server); + const ProxyServer& proxy_server); CertVerifier* cert_verifier() { return cert_verifier_; } ProxyResolutionService* proxy_resolution_service() { @@ -316,7 +310,7 @@ class NET_EXPORT HttpNetworkSession { } SSLConfigService* ssl_config_service() { return ssl_config_service_; } WebSocketEndpointLockManager* websocket_endpoint_lock_manager() { - return websocket_endpoint_lock_manager_.get(); + return &websocket_endpoint_lock_manager_; } SpdySessionPool* spdy_session_pool() { return &spdy_session_pool_; } QuicStreamFactory* quic_stream_factory() { return &quic_stream_factory_; } @@ -404,8 +398,7 @@ class NET_EXPORT HttpNetworkSession { HttpAuthCache http_auth_cache_; SSLClientAuthCache ssl_client_auth_cache_; - std::unique_ptr<WebSocketEndpointLockManager> - websocket_endpoint_lock_manager_; + WebSocketEndpointLockManager websocket_endpoint_lock_manager_; std::unique_ptr<ClientSocketPoolManager> normal_socket_pool_manager_; std::unique_ptr<ClientSocketPoolManager> websocket_socket_pool_manager_; std::unique_ptr<ServerPushDelegate> push_delegate_; diff --git a/chromium/net/http/http_network_transaction.cc b/chromium/net/http/http_network_transaction.cc index aa2e040aadc..19631949abf 100644 --- a/chromium/net/http/http_network_transaction.cc +++ b/chromium/net/http/http_network_transaction.cc @@ -74,7 +74,7 @@ #include "net/network_error_logging/network_error_logging_service.h" #include "net/reporting/reporting_header_parser.h" #include "net/reporting/reporting_service.h" -#endif +#endif // BUILDFLAG(ENABLE_REPORTING) namespace { @@ -110,6 +110,10 @@ HttpNetworkTransaction::HttpNetworkTransaction(RequestPriority priority, can_send_early_data_(false), server_ssl_client_cert_was_cached_(false), request_headers_(), +#if BUILDFLAG(ENABLE_REPORTING) + network_error_logging_report_generated_(false), + request_reporting_upload_depth_(0), +#endif // BUILDFLAG(ENABLE_REPORTING) read_buf_len_(0), total_received_bytes_(0), total_sent_bytes_(0), @@ -121,9 +125,20 @@ HttpNetworkTransaction::HttpNetworkTransaction(RequestPriority priority, net_error_details_(), retry_attempts_(0), num_restarts_(0), - ssl_version_interference_error_(OK) {} + ssl_version_interference_error_(OK) { +} HttpNetworkTransaction::~HttpNetworkTransaction() { +#if BUILDFLAG(ENABLE_REPORTING) + // Report a success if we have not already done so. Errors would have been + // reported from DoCallback(), DoReadBodyComplete(), HandleIOError(), or + // DoReadHeadersComplete(). + // Note: This may incorrectly report an error as a success, e.g. if the + // request is cancelled after successfully receiving headers but would + // otherwise have encountered an error on reading the body. + if (headers_valid_ && next_state_ == STATE_NONE) + GenerateNetworkErrorLoggingReport(OK); +#endif // BUILDFLAG(ENABLE_REPORTING) if (stream_.get()) { // TODO(mbelshe): The stream_ should be able to compute whether or not the // stream should be kept alive. No reason to compute here @@ -151,13 +166,15 @@ int HttpNetworkTransaction::Start(const HttpRequestInfo* request_info, request_ = request_info; url_ = request_->url; #if BUILDFLAG(ENABLE_REPORTING) + // Store values for later use in NEL report generation. request_method_ = request_->method; request_->extra_headers.GetHeader(HttpRequestHeaders::kReferer, &request_referrer_); request_->extra_headers.GetHeader(HttpRequestHeaders::kUserAgent, &request_user_agent_); request_reporting_upload_depth_ = request_->reporting_upload_depth; -#endif + start_timeticks_ = base::TimeTicks::Now(); +#endif // BUILDFLAG(ENABLE_REPORTING) // Now that we have an HttpRequestInfo object, update server_ssl_config_. session_->GetSSLConfig(*request_, &server_ssl_config_, &proxy_ssl_config_); @@ -178,6 +195,11 @@ int HttpNetworkTransaction::Start(const HttpRequestInfo* request_info, int rv = DoLoop(OK); if (rv == ERR_IO_PENDING) callback_ = std::move(callback); + + // This always returns ERR_IO_PENDING because DoCreateStream() does, but + // GenerateNetworkErrorLoggingReportIfError() should be called here if any + // other net::Error can be returned. + DCHECK_EQ(rv, ERR_IO_PENDING); return rv; } @@ -195,6 +217,11 @@ int HttpNetworkTransaction::RestartIgnoringLastError( int rv = DoLoop(OK); if (rv == ERR_IO_PENDING) callback_ = std::move(callback); + + // This always returns ERR_IO_PENDING because DoCreateStream() does, but + // GenerateNetworkErrorLoggingReportIfError() should be called here if any + // other net::Error can be returned. + DCHECK_EQ(rv, ERR_IO_PENDING); return rv; } @@ -226,6 +253,11 @@ int HttpNetworkTransaction::RestartWithCertificate( int rv = DoLoop(OK); if (rv == ERR_IO_PENDING) callback_ = std::move(callback); + + // This always returns ERR_IO_PENDING because DoCreateStream() does, but + // GenerateNetworkErrorLoggingReportIfError() should be called here if any + // other net::Error can be returned. + DCHECK_EQ(rv, ERR_IO_PENDING); return rv; } @@ -260,6 +292,11 @@ int HttpNetworkTransaction::RestartWithAuth(const AuthCredentials& credentials, DCHECK(stream_request_ == NULL); PrepareForAuthRestart(target); rv = DoLoop(OK); + // Note: If an error is encountered while draining the old response body, no + // Network Error Logging report will be generated, because the error was + // with the old request, which will already have had a NEL report generated + // for it due to the auth challenge (so we don't report a second error for + // that request). } if (rv == ERR_IO_PENDING) @@ -661,9 +698,9 @@ void HttpNetworkTransaction::DoCallback(int rv) { #if BUILDFLAG(ENABLE_REPORTING) // Just before invoking the caller's completion callback, generate a NEL - // report about this network request. - GenerateNetworkErrorLoggingReport(rv); -#endif + // report about this network request if the result was an error. + GenerateNetworkErrorLoggingReportIfError(rv); +#endif // BUILDFLAG(ENABLE_REPORTING) // Since Run may result in Read being called, clear user_callback_ up front. base::ResetAndReturn(&callback_).Run(rv); @@ -819,9 +856,6 @@ int HttpNetworkTransaction::DoCreateStream() { } int HttpNetworkTransaction::DoCreateStreamComplete(int result) { - // Version interference probes should not result in success. - DCHECK(!server_ssl_config_.version_interference_probe || result != OK); - // If |result| is ERR_HTTPS_PROXY_TUNNEL_RESPONSE, then // DoCreateStreamComplete is being called from OnHttpsProxyTunnelResponse, // which resets the stream request first. Therefore, we have to grab the @@ -1136,6 +1170,9 @@ int HttpNetworkTransaction::DoReadHeadersComplete(int result) { if (response_.headers.get() && response_.headers->response_code() == HTTP_REQUEST_TIMEOUT && stream_->IsConnectionReused()) { +#if BUILDFLAG(ENABLE_REPORTING) + GenerateNetworkErrorLoggingReport(OK); +#endif // BUILDFLAG(ENABLE_REPORTING) net_log_.AddEventWithNetErrorCode( NetLogEventType::HTTP_TRANSACTION_RESTART_AFTER_ERROR, response_.headers->response_code()); @@ -1186,6 +1223,9 @@ int HttpNetworkTransaction::DoReadHeadersComplete(int result) { if (response_.headers->response_code() == 421 && (enable_ip_based_pooling_ || enable_alternative_services_)) { +#if BUILDFLAG(ENABLE_REPORTING) + GenerateNetworkErrorLoggingReport(OK); +#endif // BUILDFLAG(ENABLE_REPORTING) // Retry the request with both IP based pooling and Alternative Services // disabled. enable_ip_based_pooling_ = false; @@ -1211,9 +1251,22 @@ int HttpNetworkTransaction::DoReadHeadersComplete(int result) { return rv; #if BUILDFLAG(ENABLE_REPORTING) + // Note: Unless there is a pre-existing NEL policy for this origin, any NEL + // reports generated before the NEL header is processed here will just be + // dropped by the NetworkErrorLoggingService. ProcessReportToHeader(); ProcessNetworkErrorLoggingHeader(); -#endif + + // Generate NEL report here if we have to report an HTTP error (4xx or 5xx + // code), or if the response body will not be read. + int response_code = response_.headers->response_code(); + if ((response_code >= 400 && response_code < 600) || + response_code == HTTP_NO_CONTENT || response_code == HTTP_RESET_CONTENT || + response_code == HTTP_NOT_MODIFIED || request_->method == "HEAD" || + response_.headers->GetContentLength() == 0) { + GenerateNetworkErrorLoggingReport(OK); + } +#endif // BUILDFLAG(ENABLE_REPORTING) headers_valid_ = true; @@ -1278,6 +1331,10 @@ int HttpNetworkTransaction::DoReadBodyComplete(int result) { session_->http_server_properties()->MarkAlternativeServiceBroken( retried_alternative_service_); } + +#if BUILDFLAG(ENABLE_REPORTING) + GenerateNetworkErrorLoggingReport(result); +#endif // BUILDFLAG(ENABLE_REPORTING) } // Clear these to avoid leaving around old state. @@ -1305,6 +1362,9 @@ int HttpNetworkTransaction::DoDrainBodyForAuthRestartComplete(int result) { bool done = false, keep_alive = true; if (result < 0) { // Error or closed connection while reading the socket. + // Note: No Network Error Logging report is generated here because a report + // will have already been generated for the original request due to the auth + // challenge, so a second report is not generated for the same request here. done = true; keep_alive = false; } else if (stream_->IsResponseBodyComplete()) { @@ -1382,7 +1442,20 @@ void HttpNetworkTransaction::ProcessNetworkErrorLoggingHeader() { value); } +void HttpNetworkTransaction::GenerateNetworkErrorLoggingReportIfError(int rv) { + if (rv < 0 && rv != ERR_IO_PENDING) + GenerateNetworkErrorLoggingReport(rv); +} + void HttpNetworkTransaction::GenerateNetworkErrorLoggingReport(int rv) { + // |rv| should be a valid net::Error + DCHECK_NE(rv, ERR_IO_PENDING); + DCHECK_LE(rv, 0); + + if (network_error_logging_report_generated_) + return; + network_error_logging_report_generated_ = true; + NetworkErrorLoggingService* service = session_->network_error_logging_service(); if (!service) { @@ -1391,7 +1464,11 @@ void HttpNetworkTransaction::GenerateNetworkErrorLoggingReport(int rv) { return; } - // TODO(crbug.com/903893): Ignore errors from non-HTTPS origins. + // Ignore errors from non-HTTPS origins. + if (!url_.SchemeIsCryptographic()) { + NetworkErrorLoggingService::RecordRequestDiscardedForInsecureOrigin(); + return; + } NetworkErrorLoggingService::RequestDetails details; @@ -1399,33 +1476,33 @@ void HttpNetworkTransaction::GenerateNetworkErrorLoggingReport(int rv) { if (!request_referrer_.empty()) details.referrer = GURL(request_referrer_); details.user_agent = request_user_agent_; - IPEndPoint endpoint; - if (!remote_endpoint_.address().empty()) + if (!remote_endpoint_.address().empty()) { details.server_ip = remote_endpoint_.address(); + } else { + details.server_ip = IPAddress(); + } // HttpResponseHeaders::response_code() returns 0 if response code couldn't // be parsed, which is also how NEL represents the same. - if (response_.headers) + if (response_.headers) { details.status_code = response_.headers->response_code(); - else + } else { details.status_code = 0; + } // If we got response headers, assume that the connection used HTTP/1.1 // unless ALPN negotiation tells us otherwise (handled below). - if (response_.was_alpn_negotiated) + if (response_.was_alpn_negotiated) { details.protocol = response_.alpn_negotiated_protocol; - else + } else { details.protocol = "http/1.1"; - details.method = request_method_; - if (stream_) { - LoadTimingInfo timing; - stream_->GetLoadTimingInfo(&timing); - details.elapsed_time = base::TimeTicks::Now() - timing.request_start; } + details.method = request_method_; + details.elapsed_time = base::TimeTicks::Now() - start_timeticks_; details.type = static_cast<Error>(rv); details.reporting_upload_depth = request_reporting_upload_depth_; service->OnRequest(std::move(details)); } -#endif +#endif // BUILDFLAG(ENABLE_REPORTING) int HttpNetworkTransaction::HandleCertificateRequest(int error) { // There are two paths through which the server can request a certificate @@ -1547,6 +1624,10 @@ int HttpNetworkTransaction::HandleIOError(int error) { // any time, check and handle client authentication errors. error = HandleSSLClientAuthError(error); +#if BUILDFLAG(ENABLE_REPORTING) + GenerateNetworkErrorLoggingReportIfError(error); +#endif // BUILDFLAG(ENABLE_REPORTING) + switch (error) { // If we try to reuse a connection that the server is in the process of // closing, we may end up successfully writing out our request (or a @@ -1657,6 +1738,10 @@ void HttpNetworkTransaction::ResetStateForAuthRestart() { remote_endpoint_ = IPEndPoint(); net_error_details_.quic_broken = false; net_error_details_.quic_connection_error = quic::QUIC_NO_ERROR; +#if BUILDFLAG(ENABLE_REPORTING) + network_error_logging_report_generated_ = false; + start_timeticks_ = base::TimeTicks::Now(); +#endif // BUILDFLAG(ENABLE_REPORTING) } void HttpNetworkTransaction::CacheNetErrorDetailsAndResetStream() { @@ -1701,6 +1786,12 @@ void HttpNetworkTransaction::ResetConnectionAndRequestForResend() { // the SSL tunnel. request_headers_.Clear(); next_state_ = STATE_CREATE_STREAM; // Resend the request. + +#if BUILDFLAG(ENABLE_REPORTING) + // Reset for new request. + network_error_logging_report_generated_ = false; + start_timeticks_ = base::TimeTicks::Now(); +#endif // BUILDFLAG(ENABLE_REPORTING) } bool HttpNetworkTransaction::ShouldApplyProxyAuth() const { diff --git a/chromium/net/http/http_network_transaction.h b/chromium/net/http/http_network_transaction.h index d01f72d0c02..7ccc5f9b681 100644 --- a/chromium/net/http/http_network_transaction.h +++ b/chromium/net/http/http_network_transaction.h @@ -214,6 +214,10 @@ class NET_EXPORT_PRIVATE HttpNetworkTransaction // Reporting API. void ProcessNetworkErrorLoggingHeader(); + // Calls GenerateNetworkErrorLoggingReport() if |rv| represents a NET_ERROR + // other than ERR_IO_PENDING. + void GenerateNetworkErrorLoggingReportIfError(int rv); + // Generates a NEL report about this request. The NetworkErrorLoggingService // will discard the report if there is no NEL policy registered for this // origin. @@ -356,6 +360,8 @@ class NET_EXPORT_PRIVATE HttpNetworkTransaction HttpRequestHeaders request_headers_; #if BUILDFLAG(ENABLE_REPORTING) + // Whether a NEL report has already been generated. Reset when restarting. + bool network_error_logging_report_generated_; // Cache some fields from |request_| that we'll need to construct a NEL // report about the request. (NEL report construction happens after we've // cleared the |request_| pointer.) @@ -363,6 +369,7 @@ class NET_EXPORT_PRIVATE HttpNetworkTransaction std::string request_referrer_; std::string request_user_agent_; int request_reporting_upload_depth_; + base::TimeTicks start_timeticks_; #endif // The size in bytes of the buffer we use to drain the response body that diff --git a/chromium/net/http/http_network_transaction_unittest.cc b/chromium/net/http/http_network_transaction_unittest.cc index 9bb96374760..ae5b2324085 100644 --- a/chromium/net/http/http_network_transaction_unittest.cc +++ b/chromium/net/http/http_network_transaction_unittest.cc @@ -19,10 +19,10 @@ #include "base/files/file_util.h" #include "base/json/json_writer.h" #include "base/logging.h" -#include "base/macros.h" #include "base/memory/ptr_util.h" #include "base/memory/weak_ptr.h" #include "base/run_loop.h" +#include "base/stl_util.h" #include "base/strings/string_piece.h" #include "base/strings/string_util.h" #include "base/strings/utf_string_conversions.h" @@ -96,7 +96,7 @@ #include "net/test/gtest_util.h" #include "net/test/test_data_directory.h" #include "net/test/test_with_scoped_task_environment.h" -#include "net/third_party/spdy/core/spdy_framer.h" +#include "net/third_party/quiche/src/spdy/core/spdy_framer.h" #include "net/traffic_annotation/network_traffic_annotation_test_helper.h" #include "net/websockets/websocket_handshake_stream_base.h" #include "net/websockets/websocket_test_util.h" @@ -265,6 +265,57 @@ void TestLoadTimingNotReusedWithPac(const LoadTimingInfo& load_timing_info, EXPECT_TRUE(load_timing_info.receive_headers_end.is_null()); } +// ProxyResolver that records URLs passed to it, and that can be told what +// result to return. +class CapturingProxyResolver : public ProxyResolver { + public: + CapturingProxyResolver() + : proxy_server_(ProxyServer::SCHEME_HTTP, HostPortPair("myproxy", 80)) {} + ~CapturingProxyResolver() override = default; + + int GetProxyForURL(const GURL& url, + ProxyInfo* results, + CompletionOnceCallback callback, + std::unique_ptr<Request>* request, + const NetLogWithSource& net_log) override { + results->UseProxyServer(proxy_server_); + resolved_.push_back(url); + return OK; + } + + // Sets whether the resolver should use direct connections, instead of a + // proxy. + void set_proxy_server(ProxyServer proxy_server) { + proxy_server_ = proxy_server; + } + + const std::vector<GURL>& resolved() const { return resolved_; } + + private: + std::vector<GURL> resolved_; + + ProxyServer proxy_server_; + + DISALLOW_COPY_AND_ASSIGN(CapturingProxyResolver); +}; + +class CapturingProxyResolverFactory : public ProxyResolverFactory { + public: + explicit CapturingProxyResolverFactory(CapturingProxyResolver* resolver) + : ProxyResolverFactory(false), resolver_(resolver) {} + + int CreateProxyResolver(const scoped_refptr<PacFileData>& pac_script, + std::unique_ptr<ProxyResolver>* resolver, + CompletionOnceCallback callback, + std::unique_ptr<Request>* request) override { + *resolver = std::make_unique<ForwardingProxyResolver>(resolver_); + return OK; + } + + private: + ProxyResolver* resolver_; +}; + std::unique_ptr<HttpNetworkSession> CreateSession( SpdySessionDependencies* session_deps) { return SpdySessionDependencies::SpdyCreateSession(session_deps); @@ -315,7 +366,11 @@ class HttpNetworkTransactionTest : public PlatformTest, protected: HttpNetworkTransactionTest() - : ssl_(ASYNC, OK), + : WithScopedTaskEnvironment( + base::test::ScopedTaskEnvironment::MainThreadType::IO_MOCK_TIME, + base::test::ScopedTaskEnvironment::NowSource:: + MAIN_THREAD_MOCK_TIME), + ssl_(ASYNC, OK), old_max_group_sockets_(ClientSocketPoolManager::max_sockets_per_group( HttpNetworkSession::NORMAL_SOCKET_POOL)), old_max_pool_sockets_(ClientSocketPoolManager::max_sockets_per_pool( @@ -337,6 +392,9 @@ class HttpNetworkTransactionTest : public PlatformTest, void SetUp() override { NetworkChangeNotifier::NotifyObserversOfIPAddressChangeForTests(); base::RunLoop().RunUntilIdle(); + // Set an initial delay to ensure that the first call to TimeTicks::Now() + // before incrementing the counter does not return a null value. + FastForwardBy(TimeDelta::FromSeconds(1)); } void TearDown() override { @@ -349,6 +407,8 @@ class HttpNetworkTransactionTest : public PlatformTest, base::RunLoop().RunUntilIdle(); } + void Check100ResponseTiming(bool use_spdy); + // Either |write_failure| specifies a write failure or |read_failure| // specifies a read failure when using a reused socket. In either case, the // failure should cause the network transaction to resend the request, and the @@ -613,9 +673,6 @@ class CaptureGroupNameSocketPool : public ParentPool { const ClientSocketHandle* handle) const override { return LOAD_STATE_IDLE; } - base::TimeDelta ConnectionTimeout() const override { - return base::TimeDelta(); - } private: std::string last_group_name_; @@ -641,7 +698,7 @@ template <> CaptureGroupNameHttpProxySocketPool::CaptureGroupNameSocketPool( HostResolver* /* host_resolver */, CertVerifier* /* cert_verifier */) - : HttpProxyClientSocketPool(0, 0, NULL, NULL, NULL, NULL) {} + : HttpProxyClientSocketPool(0, 0, NULL, NULL, NULL, NULL, NULL) {} template <> CaptureGroupNameSSLSocketPool::CaptureGroupNameSocketPool( @@ -660,8 +717,8 @@ CaptureGroupNameSSLSocketPool::CaptureGroupNameSocketPool( NULL, NULL, NULL, - NULL) { -} + NULL, + NULL) {} //----------------------------------------------------------------------------- @@ -1366,6 +1423,183 @@ TEST_F(HttpNetworkTransactionTest, Ignores1xx) { EXPECT_EQ("hello world", response_data); } +TEST_F(HttpNetworkTransactionTest, LoadTimingMeasuresTimeToFirstByteForHttp) { + static const base::TimeDelta kDelayAfterFirstByte = + base::TimeDelta::FromMilliseconds(10); + + HttpRequestInfo request; + request.method = "GET"; + request.url = GURL("http://www.foo.com/"); + request.traffic_annotation = + net::MutableNetworkTrafficAnnotationTag(TRAFFIC_ANNOTATION_FOR_TESTS); + + std::vector<MockWrite> data_writes = { + MockWrite(ASYNC, 0, + "GET / HTTP/1.1\r\n" + "Host: www.foo.com\r\n" + "Connection: keep-alive\r\n\r\n"), + }; + + std::vector<MockRead> data_reads = { + // Write one byte of the status line, followed by a pause. + MockRead(ASYNC, 1, "H"), + MockRead(ASYNC, ERR_IO_PENDING, 2), + MockRead(ASYNC, 3, "TTP/1.1 200 OK\r\n\r\n"), + MockRead(ASYNC, 4, "hello world"), + MockRead(SYNCHRONOUS, OK, 5), + }; + + SequencedSocketData data(data_reads, data_writes); + session_deps_.socket_factory->AddSocketDataProvider(&data); + + std::unique_ptr<HttpNetworkSession> session(CreateSession(&session_deps_)); + + HttpNetworkTransaction trans(DEFAULT_PRIORITY, session.get()); + + TestCompletionCallback callback; + + int rv = trans.Start(&request, callback.callback(), NetLogWithSource()); + EXPECT_THAT(rv, IsError(ERR_IO_PENDING)); + + data.RunUntilPaused(); + ASSERT_TRUE(data.IsPaused()); + FastForwardBy(kDelayAfterFirstByte); + data.Resume(); + + rv = callback.WaitForResult(); + EXPECT_THAT(rv, IsOk()); + + const HttpResponseInfo* response = trans.GetResponseInfo(); + ASSERT_TRUE(response); + + EXPECT_TRUE(response->headers); + EXPECT_EQ("HTTP/1.1 200 OK", response->headers->GetStatusLine()); + + LoadTimingInfo load_timing_info; + EXPECT_TRUE(trans.GetLoadTimingInfo(&load_timing_info)); + EXPECT_FALSE(load_timing_info.receive_headers_start.is_null()); + EXPECT_FALSE(load_timing_info.connect_timing.connect_end.is_null()); + // Ensure we didn't include the delay in the TTFB time. + EXPECT_EQ(load_timing_info.receive_headers_start, + load_timing_info.connect_timing.connect_end); + // Ensure that the mock clock advanced at all. + EXPECT_EQ(base::TimeTicks::Now() - load_timing_info.receive_headers_start, + kDelayAfterFirstByte); + + std::string response_data; + rv = ReadTransaction(&trans, &response_data); + EXPECT_THAT(rv, IsOk()); + EXPECT_EQ("hello world", response_data); +} + +// Tests that the time-to-first-byte reported in a transaction's load timing +// info uses the first response, even if 1XX/informational. +void HttpNetworkTransactionTest::Check100ResponseTiming(bool use_spdy) { + static const base::TimeDelta kDelayAfter100Response = + base::TimeDelta::FromMilliseconds(10); + + HttpRequestInfo request; + request.method = "GET"; + request.url = GURL("https://www.foo.com/"); + request.traffic_annotation = + net::MutableNetworkTrafficAnnotationTag(TRAFFIC_ANNOTATION_FOR_TESTS); + + SSLSocketDataProvider ssl(ASYNC, OK); + session_deps_.socket_factory->AddSSLSocketDataProvider(&ssl); + + std::vector<MockWrite> data_writes; + std::vector<MockRead> data_reads; + + spdy::SpdySerializedFrame spdy_req( + spdy_util_.ConstructSpdyGet(request.url.spec().c_str(), 1, LOWEST)); + + spdy::SpdyHeaderBlock spdy_resp1_headers; + spdy_resp1_headers[spdy::kHttp2StatusHeader] = "100"; + spdy::SpdySerializedFrame spdy_resp1( + spdy_util_.ConstructSpdyReply(1, spdy_resp1_headers.Clone())); + spdy::SpdySerializedFrame spdy_resp2( + spdy_util_.ConstructSpdyGetReply(nullptr, 0, 1)); + spdy::SpdySerializedFrame spdy_data( + spdy_util_.ConstructSpdyDataFrame(1, "hello world", true)); + + if (use_spdy) { + ssl.next_proto = kProtoHTTP2; + + data_writes = {CreateMockWrite(spdy_req, 0)}; + + data_reads = { + CreateMockRead(spdy_resp1, 1), MockRead(ASYNC, ERR_IO_PENDING, 2), + CreateMockRead(spdy_resp2, 3), CreateMockRead(spdy_data, 4), + MockRead(SYNCHRONOUS, OK, 5), + }; + } else { + data_writes = { + MockWrite(ASYNC, 0, + "GET / HTTP/1.1\r\n" + "Host: www.foo.com\r\n" + "Connection: keep-alive\r\n\r\n"), + }; + + data_reads = { + MockRead(ASYNC, 1, "HTTP/1.1 100 Continue\r\n\r\n"), + MockRead(ASYNC, ERR_IO_PENDING, 2), + + MockRead(ASYNC, 3, "HTTP/1.1 200 OK\r\n\r\n"), + MockRead(ASYNC, 4, "hello world"), + MockRead(SYNCHRONOUS, OK, 5), + }; + } + + SequencedSocketData data(data_reads, data_writes); + session_deps_.socket_factory->AddSocketDataProvider(&data); + + std::unique_ptr<HttpNetworkSession> session(CreateSession(&session_deps_)); + + HttpNetworkTransaction trans(DEFAULT_PRIORITY, session.get()); + + TestCompletionCallback callback; + + int rv = trans.Start(&request, callback.callback(), NetLogWithSource()); + EXPECT_THAT(rv, IsError(ERR_IO_PENDING)); + + data.RunUntilPaused(); + // We should now have parsed the 100 response and hit ERR_IO_PENDING. Insert + // the delay before parsing the 200 response. + ASSERT_TRUE(data.IsPaused()); + FastForwardBy(kDelayAfter100Response); + data.Resume(); + + rv = callback.WaitForResult(); + EXPECT_THAT(rv, IsOk()); + + const HttpResponseInfo* response = trans.GetResponseInfo(); + ASSERT_TRUE(response); + + LoadTimingInfo load_timing_info; + EXPECT_TRUE(trans.GetLoadTimingInfo(&load_timing_info)); + EXPECT_FALSE(load_timing_info.receive_headers_start.is_null()); + EXPECT_FALSE(load_timing_info.connect_timing.connect_end.is_null()); + // Ensure we didn't include the delay in the TTFB time. + EXPECT_EQ(load_timing_info.receive_headers_start, + load_timing_info.connect_timing.connect_end); + // Ensure that the mock clock advanced at all. + EXPECT_EQ(base::TimeTicks::Now() - load_timing_info.receive_headers_start, + kDelayAfter100Response); + + std::string response_data; + rv = ReadTransaction(&trans, &response_data); + EXPECT_THAT(rv, IsOk()); + EXPECT_EQ("hello world", response_data); +} + +TEST_F(HttpNetworkTransactionTest, MeasuresTimeToFirst100ResponseForHttp) { + Check100ResponseTiming(false /* use_spdy */); +} + +TEST_F(HttpNetworkTransactionTest, MeasuresTimeToFirst100ResponseForSpdy) { + Check100ResponseTiming(true /* use_spdy */); +} + TEST_F(HttpNetworkTransactionTest, Incomplete100ThenEOF) { HttpRequestInfo request; request.method = "POST"; @@ -2008,7 +2242,7 @@ TEST_F(HttpNetworkTransactionTest, KeepAliveAfterUnreadBody) { data.set_busy_before_sync_reads(true); session_deps_.socket_factory->AddSocketDataProvider(&data); - const int kNumUnreadBodies = arraysize(data_writes) - 1; + const int kNumUnreadBodies = base::size(data_writes) - 1; std::string response_lines[kNumUnreadBodies]; uint32_t first_socket_log_id = NetLogSource::kInvalidId; @@ -2055,7 +2289,7 @@ TEST_F(HttpNetworkTransactionTest, KeepAliveAfterUnreadBody) { "HTTP/1.1 200 Hunky-Dory", }; - static_assert(kNumUnreadBodies == arraysize(kStatusLines), + static_assert(kNumUnreadBodies == base::size(kStatusLines), "forgot to update kStatusLines"); for (int i = 0; i < kNumUnreadBodies; ++i) @@ -4691,6 +4925,12 @@ class SameProxyWithDifferentSchemesProxyResolver : public ProxyResolver { results->UsePacString("HTTPS " + ProxyHostPortPairAsString()); return OK; } + if (url.path() == "/https_trusted") { + results->UseProxyServer(ProxyServer(ProxyServer::SCHEME_HTTPS, + ProxyHostPortPair(), + true /* is_trusted_proxy */)); + return OK; + } NOTREACHED(); return ERR_NOT_IMPLEMENTED; } @@ -4718,7 +4958,7 @@ class SameProxyWithDifferentSchemesProxyResolverFactory }; // Check that when different proxy schemes are all applied to a proxy at the -// same address, the sonnections are not grouped together. i.e., a request to +// same address, the connections are not grouped together. i.e., a request to // foo.com using proxy.com as an HTTPS proxy won't use the same socket as a // request to foo.com using proxy.com as an HTTP proxy. TEST_F(HttpNetworkTransactionTest, SameDestinationForDifferentProxyTypes) { @@ -4760,7 +5000,7 @@ TEST_F(HttpNetworkTransactionTest, SameDestinationForDifferentProxyTypes) { }; MockWrite socks5_writes[] = { MockWrite(ASYNC, kSOCKS5GreetRequest, kSOCKS5GreetRequestLength), - MockWrite(ASYNC, kSOCKS5Request, arraysize(kSOCKS5Request)), + MockWrite(ASYNC, kSOCKS5Request, base::size(kSOCKS5Request)), MockWrite(SYNCHRONOUS, "GET /socks5 HTTP/1.1\r\n" "Host: test\r\n" @@ -4809,20 +5049,45 @@ TEST_F(HttpNetworkTransactionTest, SameDestinationForDifferentProxyTypes) { SSLSocketDataProvider ssl(SYNCHRONOUS, OK); session_deps_.socket_factory->AddSSLSocketDataProvider(&ssl); + MockWrite https_trusted_writes[] = { + MockWrite(SYNCHRONOUS, + "GET http://test/https_trusted HTTP/1.1\r\n" + "Host: test\r\n" + "Proxy-Connection: keep-alive\r\n\r\n"), + }; + MockRead https_trusted_reads[] = { + MockRead("HTTP/1.1 200 OK\r\n" + "Proxy-Connection: keep-alive\r\n" + "Content-Length: 22\r\n\r\n" + "HTTPS Trusted Response"), + }; + StaticSocketDataProvider trusted_https_data(https_trusted_reads, + https_trusted_writes); + session_deps_.socket_factory->AddSocketDataProvider(&trusted_https_data); + SSLSocketDataProvider ssl2(SYNCHRONOUS, OK); + session_deps_.socket_factory->AddSSLSocketDataProvider(&ssl2); + struct TestCase { GURL url; std::string expected_response; - // How many idle sockets there should be in the SOCKS proxy socket pool + // How many idle sockets there should be in the SOCKS 4/5 proxy socket pools // after the test. - int expected_idle_socks_sockets; - // How many idle sockets there should be in the HTTP proxy socket pool after - // the test. + int expected_idle_socks4_sockets; + int expected_idle_socks5_sockets; + // How many idle sockets there should be in the HTTP/HTTPS proxy socket + // pools after the test. int expected_idle_http_sockets; + int expected_idle_https_sockets; + // How many idle sockets there should be in the HTTPS proxy socket pool with + // the ProxyServer's |is_trusted_proxy| bit set after the test. + int expected_idle_trusted_https_sockets; } const kTestCases[] = { - {GURL("http://test/socks4"), "SOCKS4 Response", 1, 0}, - {GURL("http://test/socks5"), "SOCKS5 Response", 2, 0}, - {GURL("http://test/http"), "HTTP Response", 2, 1}, - {GURL("http://test/https"), "HTTPS Response", 2, 2}, + {GURL("http://test/socks4"), "SOCKS4 Response", 1, 0, 0, 0, 0}, + {GURL("http://test/socks5"), "SOCKS5 Response", 1, 1, 0, 0, 0}, + {GURL("http://test/http"), "HTTP Response", 1, 1, 1, 0, 0}, + {GURL("http://test/https"), "HTTPS Response", 1, 1, 1, 1, 0}, + {GURL("http://test/https_trusted"), "HTTPS Trusted Response", 1, 1, 1, 1, + 1}, }; for (const auto& test_case : kTestCases) { @@ -4855,20 +5120,47 @@ TEST_F(HttpNetworkTransactionTest, SameDestinationForDifferentProxyTypes) { // sockets are indeed being returned to the socket pool. If each request // doesn't return an idle socket to the pool, the test would incorrectly // pass. - EXPECT_EQ( - test_case.expected_idle_socks_sockets, - session - ->GetSocketPoolForSOCKSProxy( - HttpNetworkSession::NORMAL_SOCKET_POOL, - SameProxyWithDifferentSchemesProxyResolver::ProxyHostPortPair()) - ->IdleSocketCount()); - EXPECT_EQ( - test_case.expected_idle_http_sockets, - session - ->GetSocketPoolForHTTPProxy( - HttpNetworkSession::NORMAL_SOCKET_POOL, - SameProxyWithDifferentSchemesProxyResolver::ProxyHostPortPair()) - ->IdleSocketCount()); + EXPECT_EQ(test_case.expected_idle_socks4_sockets, + session + ->GetSocketPoolForSOCKSProxy( + HttpNetworkSession::NORMAL_SOCKET_POOL, + ProxyServer(ProxyServer::SCHEME_SOCKS4, + SameProxyWithDifferentSchemesProxyResolver:: + ProxyHostPortPair())) + ->IdleSocketCount()); + EXPECT_EQ(test_case.expected_idle_socks5_sockets, + session + ->GetSocketPoolForSOCKSProxy( + HttpNetworkSession::NORMAL_SOCKET_POOL, + ProxyServer(ProxyServer::SCHEME_SOCKS5, + SameProxyWithDifferentSchemesProxyResolver:: + ProxyHostPortPair())) + ->IdleSocketCount()); + EXPECT_EQ(test_case.expected_idle_http_sockets, + session + ->GetSocketPoolForHTTPLikeProxy( + HttpNetworkSession::NORMAL_SOCKET_POOL, + ProxyServer(ProxyServer::SCHEME_HTTP, + SameProxyWithDifferentSchemesProxyResolver:: + ProxyHostPortPair())) + ->IdleSocketCount()); + EXPECT_EQ(test_case.expected_idle_https_sockets, + session + ->GetSocketPoolForHTTPLikeProxy( + HttpNetworkSession::NORMAL_SOCKET_POOL, + ProxyServer(ProxyServer::SCHEME_HTTPS, + SameProxyWithDifferentSchemesProxyResolver:: + ProxyHostPortPair())) + ->IdleSocketCount()); + EXPECT_EQ(test_case.expected_idle_trusted_https_sockets, + session + ->GetSocketPoolForHTTPLikeProxy( + HttpNetworkSession::NORMAL_SOCKET_POOL, + ProxyServer(ProxyServer::SCHEME_HTTPS, + SameProxyWithDifferentSchemesProxyResolver:: + ProxyHostPortPair(), + true /* is_trusted_proxy */)) + ->IdleSocketCount()); } } @@ -5249,7 +5541,8 @@ TEST_F(HttpNetworkTransactionTest, HttpsProxySpdyGetWithSessionRace) { // Race a session to the proxy, which completes first. session_deps_.host_resolver->set_ondemand_mode(false); SpdySessionKey key(HostPortPair("proxy", 70), ProxyServer::Direct(), - PRIVACY_MODE_DISABLED, SocketTag()); + PRIVACY_MODE_DISABLED, + SpdySessionKey::IsProxySession::kTrue, SocketTag()); base::WeakPtr<SpdySession> spdy_session = CreateSpdySession(session.get(), key, log.bound()); @@ -5296,7 +5589,7 @@ TEST_F(HttpNetworkTransactionTest, HttpsProxySpdyGetWithProxyAuth) { "proxy-authorization", "Basic Zm9vOmJhcg==" }; spdy::SpdySerializedFrame req_get_authorization(spdy_util_.ConstructSpdyGet( - kExtraAuthorizationHeaders, arraysize(kExtraAuthorizationHeaders) / 2, 3, + kExtraAuthorizationHeaders, base::size(kExtraAuthorizationHeaders) / 2, 3, LOWEST)); MockWrite spdy_writes[] = { CreateMockWrite(req_get, 0), CreateMockWrite(req_get_authorization, 3), @@ -5311,7 +5604,7 @@ TEST_F(HttpNetworkTransactionTest, HttpsProxySpdyGetWithProxyAuth) { spdy::SpdySerializedFrame resp_authentication( spdy_util_.ConstructSpdyReplyError( "407", kExtraAuthenticationHeaders, - arraysize(kExtraAuthenticationHeaders) / 2, 1)); + base::size(kExtraAuthenticationHeaders) / 2, 1)); spdy::SpdySerializedFrame body_authentication( spdy_util_.ConstructSpdyDataFrame(1, true)); spdy::SpdySerializedFrame resp_data( @@ -5598,6 +5891,149 @@ TEST_F(HttpNetworkTransactionTest, HttpsProxySpdyConnectFailure) { // TODO(juliatuttle): Anything else to check here? } +// Test the case where a proxied H2 session doesn't exist when an auth challenge +// is observed, but does exist by the time auth credentials are provided. +// Proxy-Connection: Close is used so that there's a second DNS lookup, which is +// what causes the existing H2 session to be noticed and reused. +TEST_F(HttpNetworkTransactionTest, ProxiedH2SessionAppearsDuringAuth) { + ProxyConfig proxy_config; + proxy_config.set_auto_detect(true); + proxy_config.set_pac_url(GURL("http://fooproxyurl")); + + CapturingProxyResolver capturing_proxy_resolver; + capturing_proxy_resolver.set_proxy_server( + ProxyServer(ProxyServer::SCHEME_HTTP, HostPortPair("myproxy", 70))); + session_deps_.proxy_resolution_service = + std::make_unique<ProxyResolutionService>( + std::make_unique<ProxyConfigServiceFixed>(ProxyConfigWithAnnotation( + proxy_config, TRAFFIC_ANNOTATION_FOR_TESTS)), + std::make_unique<CapturingProxyResolverFactory>( + &capturing_proxy_resolver), + nullptr); + + std::unique_ptr<HttpNetworkSession> session(CreateSession(&session_deps_)); + + const char kMyUrl[] = "https://www.example.org/"; + spdy::SpdySerializedFrame get(spdy_util_.ConstructSpdyGet(kMyUrl, 1, LOWEST)); + spdy::SpdySerializedFrame get_resp( + spdy_util_.ConstructSpdyGetReply(NULL, 0, 1)); + spdy::SpdySerializedFrame body(spdy_util_.ConstructSpdyDataFrame(1, true)); + + spdy_util_.UpdateWithStreamDestruction(1); + spdy::SpdySerializedFrame get2( + spdy_util_.ConstructSpdyGet(kMyUrl, 3, LOWEST)); + spdy::SpdySerializedFrame get_resp2( + spdy_util_.ConstructSpdyGetReply(NULL, 0, 3)); + spdy::SpdySerializedFrame body2(spdy_util_.ConstructSpdyDataFrame(3, true)); + + MockWrite auth_challenge_writes[] = { + MockWrite(ASYNC, 0, + "CONNECT www.example.org:443 HTTP/1.1\r\n" + "Host: www.example.org:443\r\n" + "Proxy-Connection: keep-alive\r\n\r\n"), + }; + + MockRead auth_challenge_reads[] = { + MockRead(ASYNC, 1, + "HTTP/1.1 407 Authentication Required\r\n" + "Content-Length: 0\r\n" + "Proxy-Connection: close\r\n" + "Proxy-Authenticate: Basic realm=\"MyRealm1\"\r\n\r\n"), + }; + + MockWrite spdy_writes[] = { + MockWrite(ASYNC, 0, + "CONNECT www.example.org:443 HTTP/1.1\r\n" + "Host: www.example.org:443\r\n" + "Proxy-Connection: keep-alive\r\n" + "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"), + CreateMockWrite(get, 2), + CreateMockWrite(get2, 5), + }; + + MockRead spdy_reads[] = { + MockRead(ASYNC, 1, "HTTP/1.1 200 OK\r\n\r\n"), + CreateMockRead(get_resp, 3, ASYNC), + CreateMockRead(body, 4, ASYNC), + CreateMockRead(get_resp2, 6, ASYNC), + CreateMockRead(body2, 7, ASYNC), + + MockRead(SYNCHRONOUS, ERR_IO_PENDING, 8), + }; + + SequencedSocketData auth_challenge1(auth_challenge_reads, + auth_challenge_writes); + session_deps_.socket_factory->AddSocketDataProvider(&auth_challenge1); + + SequencedSocketData auth_challenge2(auth_challenge_reads, + auth_challenge_writes); + session_deps_.socket_factory->AddSocketDataProvider(&auth_challenge2); + + SequencedSocketData spdy_data(spdy_reads, spdy_writes); + session_deps_.socket_factory->AddSocketDataProvider(&spdy_data); + + SSLSocketDataProvider ssl(ASYNC, OK); + ssl.next_proto = kProtoHTTP2; + session_deps_.socket_factory->AddSSLSocketDataProvider(&ssl); + + TestCompletionCallback callback; + std::string response_data; + + // Run first request until an auth challenge is observed. + HttpRequestInfo request1; + request1.method = "GET"; + request1.url = GURL(kMyUrl); + request1.traffic_annotation = + net::MutableNetworkTrafficAnnotationTag(TRAFFIC_ANNOTATION_FOR_TESTS); + HttpNetworkTransaction trans1(LOWEST, session.get()); + int rv = trans1.Start(&request1, callback.callback(), NetLogWithSource()); + EXPECT_THAT(callback.GetResult(rv), IsOk()); + const HttpResponseInfo* response = trans1.GetResponseInfo(); + ASSERT_TRUE(response); + ASSERT_TRUE(response->headers); + EXPECT_EQ(407, response->headers->response_code()); + EXPECT_TRUE(HttpVersion(1, 1) == response->headers->GetHttpVersion()); + EXPECT_TRUE(CheckBasicProxyAuth(response->auth_challenge.get())); + + // Run second request until an auth challenge is observed. + HttpRequestInfo request2; + request2.method = "GET"; + request2.url = GURL(kMyUrl); + request2.traffic_annotation = + net::MutableNetworkTrafficAnnotationTag(TRAFFIC_ANNOTATION_FOR_TESTS); + HttpNetworkTransaction trans2(LOWEST, session.get()); + rv = trans2.Start(&request2, callback.callback(), NetLogWithSource()); + EXPECT_THAT(callback.GetResult(rv), IsOk()); + response = trans2.GetResponseInfo(); + ASSERT_TRUE(response); + ASSERT_TRUE(response->headers); + EXPECT_EQ(407, response->headers->response_code()); + EXPECT_TRUE(HttpVersion(1, 1) == response->headers->GetHttpVersion()); + EXPECT_TRUE(CheckBasicProxyAuth(response->auth_challenge.get())); + + // Now provide credentials for the first request, and wait for it to complete. + rv = trans1.RestartWithAuth(AuthCredentials(kFoo, kBar), callback.callback()); + rv = callback.GetResult(rv); + EXPECT_THAT(rv, IsOk()); + response = trans1.GetResponseInfo(); + ASSERT_TRUE(response); + ASSERT_TRUE(response->headers); + EXPECT_EQ("HTTP/1.1 200", response->headers->GetStatusLine()); + ASSERT_THAT(ReadTransaction(&trans1, &response_data), IsOk()); + EXPECT_EQ(kUploadData, response_data); + + // Now provide credentials for the second request. It should notice the + // existing session, and reuse it. + rv = trans2.RestartWithAuth(AuthCredentials(kFoo, kBar), callback.callback()); + EXPECT_THAT(callback.GetResult(rv), IsOk()); + response = trans2.GetResponseInfo(); + ASSERT_TRUE(response); + ASSERT_TRUE(response->headers); + EXPECT_EQ("HTTP/1.1 200", response->headers->GetStatusLine()); + ASSERT_THAT(ReadTransaction(&trans2, &response_data), IsOk()); + EXPECT_EQ(kUploadData, response_data); +} + // Test load timing in the case of two HTTPS (non-SPDY) requests through a SPDY // HTTPS Proxy to different servers. TEST_F(HttpNetworkTransactionTest, @@ -5965,6 +6401,272 @@ TEST_F(HttpNetworkTransactionTest, HttpsProxySpdyLoadTimingTwoHttpRequests) { EXPECT_EQ(2, callback.GetResult(rv)); } +// Test that an HTTP/2 CONNECT through an HTTPS Proxy to a HTTP/2 server and a +// direct (non-proxied) request to the proxy server are not pooled, as that +// would break socket pool isolation. +TEST_F(HttpNetworkTransactionTest, SpdyProxyIsolation1) { + ProxyConfig proxy_config; + proxy_config.set_auto_detect(true); + proxy_config.set_pac_url(GURL("http://fooproxyurl")); + + CapturingProxyResolver capturing_proxy_resolver; + session_deps_.proxy_resolution_service = + std::make_unique<ProxyResolutionService>( + std::make_unique<ProxyConfigServiceFixed>(ProxyConfigWithAnnotation( + proxy_config, TRAFFIC_ANNOTATION_FOR_TESTS)), + std::make_unique<CapturingProxyResolverFactory>( + &capturing_proxy_resolver), + nullptr); + + std::unique_ptr<HttpNetworkSession> session(CreateSession(&session_deps_)); + + SpdyTestUtil spdy_util1; + // CONNECT to www.example.org:443 via HTTP/2. + spdy::SpdySerializedFrame connect(spdy_util_.ConstructSpdyConnect( + NULL, 0, 1, LOWEST, HostPortPair("www.example.org", 443))); + // fetch https://www.example.org/ via HTTP/2. + const char kMyUrl[] = "https://www.example.org/"; + spdy::SpdySerializedFrame get(spdy_util1.ConstructSpdyGet(kMyUrl, 1, LOWEST)); + spdy::SpdySerializedFrame wrapped_get( + spdy_util_.ConstructWrappedSpdyFrame(get, 1)); + spdy::SpdySerializedFrame conn_resp( + spdy_util_.ConstructSpdyGetReply(NULL, 0, 1)); + spdy::SpdySerializedFrame get_resp( + spdy_util1.ConstructSpdyGetReply(NULL, 0, 1)); + spdy::SpdySerializedFrame wrapped_get_resp( + spdy_util_.ConstructWrappedSpdyFrame(get_resp, 1)); + spdy::SpdySerializedFrame body(spdy_util1.ConstructSpdyDataFrame(1, true)); + spdy::SpdySerializedFrame wrapped_body( + spdy_util_.ConstructWrappedSpdyFrame(body, 1)); + spdy::SpdySerializedFrame window_update_get_resp( + spdy_util_.ConstructSpdyWindowUpdate(1, wrapped_get_resp.size())); + spdy::SpdySerializedFrame window_update_body( + spdy_util_.ConstructSpdyWindowUpdate(1, wrapped_body.size())); + + MockWrite spdy_writes1[] = { + CreateMockWrite(connect, 0), + CreateMockWrite(wrapped_get, 2), + CreateMockWrite(window_update_get_resp, 6), + CreateMockWrite(window_update_body, 7), + }; + + MockRead spdy_reads1[] = { + CreateMockRead(conn_resp, 1, ASYNC), + MockRead(ASYNC, ERR_IO_PENDING, 3), + CreateMockRead(wrapped_get_resp, 4, ASYNC), + CreateMockRead(wrapped_body, 5, ASYNC), + MockRead(ASYNC, 0, 8), + }; + + SequencedSocketData spdy_data1(spdy_reads1, spdy_writes1); + session_deps_.socket_factory->AddSocketDataProvider(&spdy_data1); + + // Fetch https://proxy:70/ via HTTP/2. Needs a new SpdyTestUtil, since it uses + // a new pipe. + SpdyTestUtil spdy_util2; + spdy::SpdySerializedFrame req( + spdy_util2.ConstructSpdyGet("https://proxy:70/", 1, LOWEST)); + MockWrite spdy_writes2[] = {CreateMockWrite(req, 0)}; + + spdy::SpdySerializedFrame resp( + spdy_util2.ConstructSpdyGetReply(nullptr, 0, 1)); + spdy::SpdySerializedFrame data(spdy_util2.ConstructSpdyDataFrame(1, true)); + MockRead spdy_reads2[] = { + CreateMockRead(resp, 1), + CreateMockRead(data, 2), + MockRead(ASYNC, 0, 3), + }; + SequencedSocketData spdy_data2(spdy_reads2, spdy_writes2); + session_deps_.socket_factory->AddSocketDataProvider(&spdy_data2); + + SSLSocketDataProvider ssl(ASYNC, OK); + ssl.next_proto = kProtoHTTP2; + session_deps_.socket_factory->AddSSLSocketDataProvider(&ssl); + SSLSocketDataProvider ssl2(ASYNC, OK); + ssl2.next_proto = kProtoHTTP2; + session_deps_.socket_factory->AddSSLSocketDataProvider(&ssl2); + SSLSocketDataProvider ssl3(ASYNC, OK); + ssl3.next_proto = kProtoHTTP2; + session_deps_.socket_factory->AddSSLSocketDataProvider(&ssl3); + + TestCompletionCallback callback; + std::string response_data; + + // Make a request using proxy:70 as a HTTP/2 proxy. + capturing_proxy_resolver.set_proxy_server( + ProxyServer(ProxyServer::SCHEME_HTTPS, HostPortPair("proxy", 70))); + HttpRequestInfo request1; + request1.method = "GET"; + request1.url = GURL("https://www.example.org/"); + request1.traffic_annotation = + net::MutableNetworkTrafficAnnotationTag(TRAFFIC_ANNOTATION_FOR_TESTS); + + HttpNetworkTransaction trans1(LOWEST, session.get()); + int rv = trans1.Start(&request1, callback.callback(), NetLogWithSource()); + EXPECT_THAT(rv, IsError(ERR_IO_PENDING)); + + // Allow the SpdyProxyClientSocket's write callback to complete. + base::RunLoop().RunUntilIdle(); + // Now allow the read of the response to complete. + spdy_data1.Resume(); + rv = callback.WaitForResult(); + EXPECT_THAT(rv, IsOk()); + + const HttpResponseInfo* response = trans1.GetResponseInfo(); + ASSERT_TRUE(response); + ASSERT_TRUE(response->headers); + EXPECT_EQ("HTTP/1.1 200", response->headers->GetStatusLine()); + + ASSERT_THAT(ReadTransaction(&trans1, &response_data), IsOk()); + EXPECT_EQ(kUploadData, response_data); + RunUntilIdle(); + + // Make a direct HTTP/2 request to proxy:70. + capturing_proxy_resolver.set_proxy_server(ProxyServer::Direct()); + HttpRequestInfo request2; + request2.method = "GET"; + request2.url = GURL("https://proxy:70/"); + request2.traffic_annotation = + net::MutableNetworkTrafficAnnotationTag(TRAFFIC_ANNOTATION_FOR_TESTS); + HttpNetworkTransaction trans2(LOWEST, session.get()); + EXPECT_THAT(callback.GetResult(trans2.Start(&request2, callback.callback(), + NetLogWithSource())), + IsOk()); + ASSERT_THAT(ReadTransaction(&trans2, &response_data), IsOk()); +} + +// Same as above, but reverse request order, since the code to check for an +// existing session is different for tunnels and direct connections. +TEST_F(HttpNetworkTransactionTest, SpdyProxyIsolation2) { + // Configure against https proxy server "myproxy:80". + ProxyConfig proxy_config; + proxy_config.set_auto_detect(true); + proxy_config.set_pac_url(GURL("http://fooproxyurl")); + + CapturingProxyResolver capturing_proxy_resolver; + session_deps_.proxy_resolution_service = + std::make_unique<ProxyResolutionService>( + std::make_unique<ProxyConfigServiceFixed>(ProxyConfigWithAnnotation( + proxy_config, TRAFFIC_ANNOTATION_FOR_TESTS)), + std::make_unique<CapturingProxyResolverFactory>( + &capturing_proxy_resolver), + nullptr); + + std::unique_ptr<HttpNetworkSession> session(CreateSession(&session_deps_)); + // Fetch https://proxy:70/ via HTTP/2. + SpdyTestUtil spdy_util1; + spdy::SpdySerializedFrame req( + spdy_util1.ConstructSpdyGet("https://proxy:70/", 1, LOWEST)); + MockWrite spdy_writes1[] = {CreateMockWrite(req, 0)}; + + spdy::SpdySerializedFrame resp( + spdy_util1.ConstructSpdyGetReply(nullptr, 0, 1)); + spdy::SpdySerializedFrame data(spdy_util1.ConstructSpdyDataFrame(1, true)); + MockRead spdy_reads1[] = { + CreateMockRead(resp, 1), + CreateMockRead(data, 2), + MockRead(ASYNC, 0, 3), + }; + SequencedSocketData spdy_data1(spdy_reads1, spdy_writes1); + session_deps_.socket_factory->AddSocketDataProvider(&spdy_data1); + + SpdyTestUtil spdy_util2; + // CONNECT to www.example.org:443 via HTTP/2. + spdy::SpdySerializedFrame connect(spdy_util_.ConstructSpdyConnect( + nullptr, 0, 1, LOWEST, HostPortPair("www.example.org", 443))); + // fetch https://www.example.org/ via HTTP/2. + const char kMyUrl[] = "https://www.example.org/"; + spdy::SpdySerializedFrame get(spdy_util2.ConstructSpdyGet(kMyUrl, 1, LOWEST)); + spdy::SpdySerializedFrame wrapped_get( + spdy_util_.ConstructWrappedSpdyFrame(get, 1)); + spdy::SpdySerializedFrame conn_resp( + spdy_util_.ConstructSpdyGetReply(nullptr, 0, 1)); + spdy::SpdySerializedFrame get_resp( + spdy_util2.ConstructSpdyGetReply(nullptr, 0, 1)); + spdy::SpdySerializedFrame wrapped_get_resp( + spdy_util_.ConstructWrappedSpdyFrame(get_resp, 1)); + spdy::SpdySerializedFrame body(spdy_util2.ConstructSpdyDataFrame(1, true)); + spdy::SpdySerializedFrame wrapped_body( + spdy_util_.ConstructWrappedSpdyFrame(body, 1)); + spdy::SpdySerializedFrame window_update_get_resp( + spdy_util_.ConstructSpdyWindowUpdate(1, wrapped_get_resp.size())); + spdy::SpdySerializedFrame window_update_body( + spdy_util_.ConstructSpdyWindowUpdate(1, wrapped_body.size())); + + MockWrite spdy_writes2[] = { + CreateMockWrite(connect, 0), + CreateMockWrite(wrapped_get, 2), + CreateMockWrite(window_update_get_resp, 6), + CreateMockWrite(window_update_body, 7), + }; + + MockRead spdy_reads2[] = { + CreateMockRead(conn_resp, 1, ASYNC), + MockRead(ASYNC, ERR_IO_PENDING, 3), + CreateMockRead(wrapped_get_resp, 4, ASYNC), + CreateMockRead(wrapped_body, 5, ASYNC), + MockRead(ASYNC, 0, 8), + }; + + SequencedSocketData spdy_data2(spdy_reads2, spdy_writes2); + session_deps_.socket_factory->AddSocketDataProvider(&spdy_data2); + + SSLSocketDataProvider ssl(ASYNC, OK); + ssl.next_proto = kProtoHTTP2; + session_deps_.socket_factory->AddSSLSocketDataProvider(&ssl); + SSLSocketDataProvider ssl2(ASYNC, OK); + ssl2.next_proto = kProtoHTTP2; + session_deps_.socket_factory->AddSSLSocketDataProvider(&ssl2); + SSLSocketDataProvider ssl3(ASYNC, OK); + ssl3.next_proto = kProtoHTTP2; + session_deps_.socket_factory->AddSSLSocketDataProvider(&ssl3); + + TestCompletionCallback callback; + std::string response_data; + + // Make a direct HTTP/2 request to proxy:70. + capturing_proxy_resolver.set_proxy_server(ProxyServer::Direct()); + HttpRequestInfo request1; + request1.method = "GET"; + request1.url = GURL("https://proxy:70/"); + request1.traffic_annotation = + net::MutableNetworkTrafficAnnotationTag(TRAFFIC_ANNOTATION_FOR_TESTS); + HttpNetworkTransaction trans1(LOWEST, session.get()); + EXPECT_THAT(callback.GetResult(trans1.Start(&request1, callback.callback(), + NetLogWithSource())), + IsOk()); + ASSERT_THAT(ReadTransaction(&trans1, &response_data), IsOk()); + RunUntilIdle(); + + // Make a request using proxy:70 as a HTTP/2 proxy. + capturing_proxy_resolver.set_proxy_server( + ProxyServer(ProxyServer::SCHEME_HTTPS, HostPortPair("proxy", 70))); + HttpRequestInfo request2; + request2.method = "GET"; + request2.url = GURL("https://www.example.org/"); + request2.traffic_annotation = + net::MutableNetworkTrafficAnnotationTag(TRAFFIC_ANNOTATION_FOR_TESTS); + + HttpNetworkTransaction trans2(LOWEST, session.get()); + int rv = trans2.Start(&request2, callback.callback(), NetLogWithSource()); + EXPECT_THAT(rv, IsError(ERR_IO_PENDING)); + + // Allow the SpdyProxyClientSocket's write callback to complete. + base::RunLoop().RunUntilIdle(); + // Now allow the read of the response to complete. + spdy_data2.Resume(); + rv = callback.WaitForResult(); + EXPECT_THAT(rv, IsOk()); + + const HttpResponseInfo* response2 = trans2.GetResponseInfo(); + ASSERT_TRUE(response2); + ASSERT_TRUE(response2->headers); + EXPECT_EQ("HTTP/1.1 200", response2->headers->GetStatusLine()); + + ASSERT_THAT(ReadTransaction(&trans2, &response_data), IsOk()); + EXPECT_EQ(kUploadData, response_data); +} + // Test the challenge-response-retry sequence through an HTTPS Proxy TEST_F(HttpNetworkTransactionTest, HttpsProxyAuthRetry) { HttpRequestInfo request; @@ -6435,18 +7137,18 @@ TEST_F(HttpNetworkTransactionTest, NTLMAuthV2) { base::Base64Encode( base::StringPiece( reinterpret_cast<const char*>(ntlm::test::kExpectedNegotiateMsg), - arraysize(ntlm::test::kExpectedNegotiateMsg)), + base::size(ntlm::test::kExpectedNegotiateMsg)), &negotiate_msg); base::Base64Encode( base::StringPiece( reinterpret_cast<const char*>(ntlm::test::kChallengeMsgFromSpecV2), - arraysize(ntlm::test::kChallengeMsgFromSpecV2)), + base::size(ntlm::test::kChallengeMsgFromSpecV2)), &challenge_msg); base::Base64Encode( base::StringPiece( reinterpret_cast<const char*>( ntlm::test::kExpectedAuthenticateMsgEmptyChannelBindingsV2), - arraysize( + base::size( ntlm::test::kExpectedAuthenticateMsgEmptyChannelBindingsV2)), &authenticate_msg); @@ -6587,18 +7289,18 @@ TEST_F(HttpNetworkTransactionTest, NTLMAuthV2WrongThenRightPassword) { base::Base64Encode( base::StringPiece( reinterpret_cast<const char*>(ntlm::test::kExpectedNegotiateMsg), - arraysize(ntlm::test::kExpectedNegotiateMsg)), + base::size(ntlm::test::kExpectedNegotiateMsg)), &negotiate_msg); base::Base64Encode( base::StringPiece( reinterpret_cast<const char*>(ntlm::test::kChallengeMsgFromSpecV2), - arraysize(ntlm::test::kChallengeMsgFromSpecV2)), + base::size(ntlm::test::kChallengeMsgFromSpecV2)), &challenge_msg); base::Base64Encode( base::StringPiece( reinterpret_cast<const char*>( ntlm::test::kExpectedAuthenticateMsgEmptyChannelBindingsV2), - arraysize( + base::size( ntlm::test::kExpectedAuthenticateMsgEmptyChannelBindingsV2)), &authenticate_msg); @@ -6833,18 +7535,18 @@ TEST_F(HttpNetworkTransactionTest, NTLMOverHttp2) { base::Base64Encode( base::StringPiece( reinterpret_cast<const char*>(ntlm::test::kExpectedNegotiateMsg), - arraysize(ntlm::test::kExpectedNegotiateMsg)), + base::size(ntlm::test::kExpectedNegotiateMsg)), &negotiate_msg); base::Base64Encode( base::StringPiece( reinterpret_cast<const char*>(ntlm::test::kChallengeMsgFromSpecV2), - arraysize(ntlm::test::kChallengeMsgFromSpecV2)), + base::size(ntlm::test::kChallengeMsgFromSpecV2)), &challenge_msg); base::Base64Encode( base::StringPiece( reinterpret_cast<const char*>( ntlm::test::kExpectedAuthenticateMsgEmptyChannelBindingsV2), - arraysize( + base::size( ntlm::test::kExpectedAuthenticateMsgEmptyChannelBindingsV2)), &authenticate_msg); @@ -6997,18 +7699,18 @@ TEST_F(HttpNetworkTransactionTest, NTLMProxyTLSHandshakeReset) { base::Base64Encode( base::StringPiece( reinterpret_cast<const char*>(ntlm::test::kExpectedNegotiateMsg), - arraysize(ntlm::test::kExpectedNegotiateMsg)), + base::size(ntlm::test::kExpectedNegotiateMsg)), &negotiate_msg); base::Base64Encode( base::StringPiece( reinterpret_cast<const char*>(ntlm::test::kChallengeMsgFromSpecV2), - arraysize(ntlm::test::kChallengeMsgFromSpecV2)), + base::size(ntlm::test::kChallengeMsgFromSpecV2)), &challenge_msg); base::Base64Encode( base::StringPiece( reinterpret_cast<const char*>( ntlm::test::kExpectedAuthenticateMsgEmptyChannelBindingsV2), - arraysize( + base::size( ntlm::test::kExpectedAuthenticateMsgEmptyChannelBindingsV2)), &authenticate_msg); @@ -8913,7 +9615,7 @@ TEST_F(HttpNetworkTransactionTest, RedirectOfHttpsConnectViaSpdyProxy) { "http://login.example.com/", }; spdy::SpdySerializedFrame resp(spdy_util_.ConstructSpdyReplyError( - "302", kExtraHeaders, arraysize(kExtraHeaders) / 2, 1)); + "302", kExtraHeaders, base::size(kExtraHeaders) / 2, 1)); MockRead data_reads[] = { CreateMockRead(resp, 1), MockRead(ASYNC, 0, 3), // EOF }; @@ -9013,7 +9715,7 @@ TEST_F(HttpNetworkTransactionTest, ErrorResponseToHttpsConnectViaSpdyProxy) { "http://login.example.com/", }; spdy::SpdySerializedFrame resp(spdy_util_.ConstructSpdyReplyError( - "404", kExtraHeaders, arraysize(kExtraHeaders) / 2, 1)); + "404", kExtraHeaders, base::size(kExtraHeaders) / 2, 1)); spdy::SpdySerializedFrame body( spdy_util_.ConstructSpdyDataFrame(1, "The host does not exist", true)); MockRead data_reads[] = { @@ -9074,7 +9776,7 @@ TEST_F(HttpNetworkTransactionTest, BasicAuthSpdyProxy) { "proxy-authorization", "Basic Zm9vOmJhcg==", }; spdy::SpdySerializedFrame connect2(spdy_util_.ConstructSpdyConnect( - kAuthCredentials, arraysize(kAuthCredentials) / 2, 3, LOWEST, + kAuthCredentials, base::size(kAuthCredentials) / 2, 3, LOWEST, HostPortPair("www.example.org", 443))); // fetch https://www.example.org/ via HTTP const char get[] = @@ -9096,7 +9798,7 @@ TEST_F(HttpNetworkTransactionTest, BasicAuthSpdyProxy) { "proxy-authenticate", "Basic realm=\"MyRealm1\"", }; spdy::SpdySerializedFrame conn_auth_resp(spdy_util_.ConstructSpdyReplyError( - kAuthStatus, kAuthChallenge, arraysize(kAuthChallenge) / 2, 1)); + kAuthStatus, kAuthChallenge, base::size(kAuthChallenge) / 2, 1)); spdy::SpdySerializedFrame conn_resp( spdy_util_.ConstructSpdyGetReply(NULL, 0, 3)); @@ -9973,19 +10675,16 @@ TEST_F(HttpNetworkTransactionTest, SOCKS4_HTTP_GET) { char read_buffer[] = { 0x00, 0x5A, 0x00, 0x00, 0, 0, 0, 0 }; MockWrite data_writes[] = { - MockWrite(ASYNC, write_buffer, arraysize(write_buffer)), - MockWrite( - "GET / HTTP/1.1\r\n" - "Host: www.example.org\r\n" - "Connection: keep-alive\r\n\r\n")}; + MockWrite(ASYNC, write_buffer, base::size(write_buffer)), + MockWrite("GET / HTTP/1.1\r\n" + "Host: www.example.org\r\n" + "Connection: keep-alive\r\n\r\n")}; MockRead data_reads[] = { - MockRead(ASYNC, read_buffer, arraysize(read_buffer)), - MockRead("HTTP/1.0 200 OK\r\n"), - MockRead("Content-Type: text/html; charset=iso-8859-1\r\n\r\n"), - MockRead("Payload"), - MockRead(SYNCHRONOUS, OK) - }; + MockRead(ASYNC, read_buffer, base::size(read_buffer)), + MockRead("HTTP/1.0 200 OK\r\n"), + MockRead("Content-Type: text/html; charset=iso-8859-1\r\n\r\n"), + MockRead("Payload"), MockRead(SYNCHRONOUS, OK)}; StaticSocketDataProvider data(data_reads, data_writes); session_deps_.socket_factory->AddSocketDataProvider(&data); @@ -10034,20 +10733,17 @@ TEST_F(HttpNetworkTransactionTest, SOCKS4_SSL_GET) { MockWrite data_writes[] = { MockWrite(ASYNC, reinterpret_cast<char*>(write_buffer), - arraysize(write_buffer)), - MockWrite( - "GET / HTTP/1.1\r\n" - "Host: www.example.org\r\n" - "Connection: keep-alive\r\n\r\n")}; + base::size(write_buffer)), + MockWrite("GET / HTTP/1.1\r\n" + "Host: www.example.org\r\n" + "Connection: keep-alive\r\n\r\n")}; MockRead data_reads[] = { - MockRead(ASYNC, reinterpret_cast<char*>(read_buffer), - arraysize(read_buffer)), - MockRead("HTTP/1.0 200 OK\r\n"), - MockRead("Content-Type: text/html; charset=iso-8859-1\r\n\r\n"), - MockRead("Payload"), - MockRead(SYNCHRONOUS, OK) - }; + MockRead(ASYNC, reinterpret_cast<char*>(read_buffer), + base::size(read_buffer)), + MockRead("HTTP/1.0 200 OK\r\n"), + MockRead("Content-Type: text/html; charset=iso-8859-1\r\n\r\n"), + MockRead("Payload"), MockRead(SYNCHRONOUS, OK)}; StaticSocketDataProvider data(data_reads, data_writes); session_deps_.socket_factory->AddSocketDataProvider(&data); @@ -10097,19 +10793,16 @@ TEST_F(HttpNetworkTransactionTest, SOCKS4_HTTP_GET_no_PAC) { char read_buffer[] = { 0x00, 0x5A, 0x00, 0x00, 0, 0, 0, 0 }; MockWrite data_writes[] = { - MockWrite(ASYNC, write_buffer, arraysize(write_buffer)), - MockWrite( - "GET / HTTP/1.1\r\n" - "Host: www.example.org\r\n" - "Connection: keep-alive\r\n\r\n")}; + MockWrite(ASYNC, write_buffer, base::size(write_buffer)), + MockWrite("GET / HTTP/1.1\r\n" + "Host: www.example.org\r\n" + "Connection: keep-alive\r\n\r\n")}; MockRead data_reads[] = { - MockRead(ASYNC, read_buffer, arraysize(read_buffer)), - MockRead("HTTP/1.0 200 OK\r\n"), - MockRead("Content-Type: text/html; charset=iso-8859-1\r\n\r\n"), - MockRead("Payload"), - MockRead(SYNCHRONOUS, OK) - }; + MockRead(ASYNC, read_buffer, base::size(read_buffer)), + MockRead("HTTP/1.0 200 OK\r\n"), + MockRead("Content-Type: text/html; charset=iso-8859-1\r\n\r\n"), + MockRead("Payload"), MockRead(SYNCHRONOUS, OK)}; StaticSocketDataProvider data(data_reads, data_writes); session_deps_.socket_factory->AddSocketDataProvider(&data); @@ -10167,21 +10860,19 @@ TEST_F(HttpNetworkTransactionTest, SOCKS5_HTTP_GET) { { 0x05, 0x00, 0x00, 0x01, 127, 0, 0, 1, 0x00, 0x50 }; MockWrite data_writes[] = { - MockWrite(ASYNC, kSOCKS5GreetRequest, arraysize(kSOCKS5GreetRequest)), - MockWrite(ASYNC, kSOCKS5OkRequest, arraysize(kSOCKS5OkRequest)), - MockWrite( - "GET / HTTP/1.1\r\n" - "Host: www.example.org\r\n" - "Connection: keep-alive\r\n\r\n")}; + MockWrite(ASYNC, kSOCKS5GreetRequest, base::size(kSOCKS5GreetRequest)), + MockWrite(ASYNC, kSOCKS5OkRequest, base::size(kSOCKS5OkRequest)), + MockWrite("GET / HTTP/1.1\r\n" + "Host: www.example.org\r\n" + "Connection: keep-alive\r\n\r\n")}; MockRead data_reads[] = { - MockRead(ASYNC, kSOCKS5GreetResponse, arraysize(kSOCKS5GreetResponse)), - MockRead(ASYNC, kSOCKS5OkResponse, arraysize(kSOCKS5OkResponse)), - MockRead("HTTP/1.0 200 OK\r\n"), - MockRead("Content-Type: text/html; charset=iso-8859-1\r\n\r\n"), - MockRead("Payload"), - MockRead(SYNCHRONOUS, OK) - }; + MockRead(ASYNC, kSOCKS5GreetResponse, base::size(kSOCKS5GreetResponse)), + MockRead(ASYNC, kSOCKS5OkResponse, base::size(kSOCKS5OkResponse)), + MockRead("HTTP/1.0 200 OK\r\n"), + MockRead("Content-Type: text/html; charset=iso-8859-1\r\n\r\n"), + MockRead("Payload"), + MockRead(SYNCHRONOUS, OK)}; StaticSocketDataProvider data(data_reads, data_writes); session_deps_.socket_factory->AddSocketDataProvider(&data); @@ -10241,22 +10932,20 @@ TEST_F(HttpNetworkTransactionTest, SOCKS5_SSL_GET) { { 0x05, 0x00, 0x00, 0x01, 0, 0, 0, 0, 0x00, 0x00 }; MockWrite data_writes[] = { - MockWrite(ASYNC, kSOCKS5GreetRequest, arraysize(kSOCKS5GreetRequest)), + MockWrite(ASYNC, kSOCKS5GreetRequest, base::size(kSOCKS5GreetRequest)), MockWrite(ASYNC, reinterpret_cast<const char*>(kSOCKS5OkRequest), - arraysize(kSOCKS5OkRequest)), - MockWrite( - "GET / HTTP/1.1\r\n" - "Host: www.example.org\r\n" - "Connection: keep-alive\r\n\r\n")}; + base::size(kSOCKS5OkRequest)), + MockWrite("GET / HTTP/1.1\r\n" + "Host: www.example.org\r\n" + "Connection: keep-alive\r\n\r\n")}; MockRead data_reads[] = { - MockRead(ASYNC, kSOCKS5GreetResponse, arraysize(kSOCKS5GreetResponse)), - MockRead(ASYNC, kSOCKS5OkResponse, arraysize(kSOCKS5OkResponse)), - MockRead("HTTP/1.0 200 OK\r\n"), - MockRead("Content-Type: text/html; charset=iso-8859-1\r\n\r\n"), - MockRead("Payload"), - MockRead(SYNCHRONOUS, OK) - }; + MockRead(ASYNC, kSOCKS5GreetResponse, base::size(kSOCKS5GreetResponse)), + MockRead(ASYNC, kSOCKS5OkResponse, base::size(kSOCKS5OkResponse)), + MockRead("HTTP/1.0 200 OK\r\n"), + MockRead("Content-Type: text/html; charset=iso-8859-1\r\n\r\n"), + MockRead("Payload"), + MockRead(SYNCHRONOUS, OK)}; StaticSocketDataProvider data(data_reads, data_writes); session_deps_.socket_factory->AddSocketDataProvider(&data); @@ -10367,7 +11056,7 @@ TEST_F(HttpNetworkTransactionTest, GroupNameForDirectConnections) { }, }; - for (size_t i = 0; i < arraysize(tests); ++i) { + for (size_t i = 0; i < base::size(tests); ++i) { session_deps_.proxy_resolution_service = ProxyResolutionService::CreateFixed(tests[i].proxy_server, TRAFFIC_ANNOTATION_FOR_TESTS); @@ -10425,7 +11114,7 @@ TEST_F(HttpNetworkTransactionTest, GroupNameForHTTPProxyConnections) { }, }; - for (size_t i = 0; i < arraysize(tests); ++i) { + for (size_t i = 0; i < base::size(tests); ++i) { session_deps_.proxy_resolution_service = ProxyResolutionService::CreateFixed(tests[i].proxy_server, TRAFFIC_ANNOTATION_FOR_TESTS); @@ -10434,26 +11123,28 @@ TEST_F(HttpNetworkTransactionTest, GroupNameForHTTPProxyConnections) { HttpNetworkSessionPeer peer(session.get()); - HostPortPair proxy_host("http_proxy", 80); + ProxyServer proxy_server(ProxyServer::SCHEME_HTTP, + HostPortPair("http_proxy", 80)); CaptureGroupNameHttpProxySocketPool* http_proxy_pool = new CaptureGroupNameHttpProxySocketPool(NULL, NULL); CaptureGroupNameSSLSocketPool* ssl_conn_pool = new CaptureGroupNameSSLSocketPool(NULL, NULL); auto mock_pool_manager = std::make_unique<MockClientSocketPoolManager>(); mock_pool_manager->SetSocketPoolForHTTPProxy( - proxy_host, base::WrapUnique(http_proxy_pool)); + proxy_server, base::WrapUnique(http_proxy_pool)); mock_pool_manager->SetSocketPoolForSSLWithProxy( - proxy_host, base::WrapUnique(ssl_conn_pool)); + proxy_server, base::WrapUnique(ssl_conn_pool)); peer.SetClientSocketPoolManager(std::move(mock_pool_manager)); EXPECT_EQ(ERR_IO_PENDING, GroupNameTransactionHelper(tests[i].url, session.get())); - if (tests[i].ssl) + if (tests[i].ssl) { EXPECT_EQ(tests[i].expected_group_name, ssl_conn_pool->last_group_name_received()); - else + } else { EXPECT_EQ(tests[i].expected_group_name, http_proxy_pool->last_group_name_received()); + } } } @@ -10494,7 +11185,7 @@ TEST_F(HttpNetworkTransactionTest, GroupNameForSOCKSConnections) { }, }; - for (size_t i = 0; i < arraysize(tests); ++i) { + for (size_t i = 0; i < base::size(tests); ++i) { session_deps_.proxy_resolution_service = ProxyResolutionService::CreateFixed(tests[i].proxy_server, TRAFFIC_ANNOTATION_FOR_TESTS); @@ -10503,16 +11194,18 @@ TEST_F(HttpNetworkTransactionTest, GroupNameForSOCKSConnections) { HttpNetworkSessionPeer peer(session.get()); - HostPortPair proxy_host("socks_proxy", 1080); + ProxyServer proxy_server( + ProxyServer::FromURI(tests[i].proxy_server, ProxyServer::SCHEME_HTTP)); + ASSERT_TRUE(proxy_server.is_valid()); CaptureGroupNameSOCKSSocketPool* socks_conn_pool = new CaptureGroupNameSOCKSSocketPool(NULL, NULL); CaptureGroupNameSSLSocketPool* ssl_conn_pool = new CaptureGroupNameSSLSocketPool(NULL, NULL); auto mock_pool_manager = std::make_unique<MockClientSocketPoolManager>(); mock_pool_manager->SetSocketPoolForSOCKSProxy( - proxy_host, base::WrapUnique(socks_conn_pool)); + proxy_server, base::WrapUnique(socks_conn_pool)); mock_pool_manager->SetSocketPoolForSSLWithProxy( - proxy_host, base::WrapUnique(ssl_conn_pool)); + proxy_server, base::WrapUnique(ssl_conn_pool)); peer.SetClientSocketPoolManager(std::move(mock_pool_manager)); HttpNetworkTransaction trans(DEFAULT_PRIORITY, session.get()); @@ -12280,48 +12973,6 @@ TEST_F(HttpNetworkTransactionTest, StallAlternativeServiceForNpnSpdy) { EXPECT_EQ("hello world", response_data); } -class CapturingProxyResolver : public ProxyResolver { - public: - CapturingProxyResolver() = default; - ~CapturingProxyResolver() override = default; - - int GetProxyForURL(const GURL& url, - ProxyInfo* results, - CompletionOnceCallback callback, - std::unique_ptr<Request>* request, - const NetLogWithSource& net_log) override { - ProxyServer proxy_server(ProxyServer::SCHEME_HTTP, - HostPortPair("myproxy", 80)); - results->UseProxyServer(proxy_server); - resolved_.push_back(url); - return OK; - } - - const std::vector<GURL>& resolved() const { return resolved_; } - - private: - std::vector<GURL> resolved_; - - DISALLOW_COPY_AND_ASSIGN(CapturingProxyResolver); -}; - -class CapturingProxyResolverFactory : public ProxyResolverFactory { - public: - explicit CapturingProxyResolverFactory(CapturingProxyResolver* resolver) - : ProxyResolverFactory(false), resolver_(resolver) {} - - int CreateProxyResolver(const scoped_refptr<PacFileData>& pac_script, - std::unique_ptr<ProxyResolver>* resolver, - CompletionOnceCallback callback, - std::unique_ptr<Request>* request) override { - *resolver = std::make_unique<ForwardingProxyResolver>(resolver_); - return OK; - } - - private: - ProxyResolver* resolver_; -}; - // Test that proxy is resolved using the origin url, // regardless of the alternative server. TEST_F(HttpNetworkTransactionTest, UseOriginNotAlternativeForProxy) { @@ -12589,7 +13240,8 @@ TEST_F(HttpNetworkTransactionTest, // Set up an initial SpdySession in the pool to reuse. HostPortPair host_port_pair("www.example.org", 443); SpdySessionKey key(host_port_pair, ProxyServer::Direct(), - PRIVACY_MODE_DISABLED, SocketTag()); + PRIVACY_MODE_DISABLED, + SpdySessionKey::IsProxySession::kFalse, SocketTag()); base::WeakPtr<SpdySession> spdy_session = CreateSpdySession(session.get(), key, NetLogWithSource()); @@ -14256,7 +14908,8 @@ TEST_F(HttpNetworkTransactionTest, PreconnectWithExistingSpdySession) { // Set up an initial SpdySession in the pool to reuse. HostPortPair host_port_pair("www.example.org", 443); SpdySessionKey key(host_port_pair, ProxyServer::Direct(), - PRIVACY_MODE_DISABLED, SocketTag()); + PRIVACY_MODE_DISABLED, + SpdySessionKey::IsProxySession::kFalse, SocketTag()); base::WeakPtr<SpdySession> spdy_session = CreateSpdySession(session.get(), key, NetLogWithSource()); @@ -14310,7 +14963,7 @@ TEST_F(HttpNetworkTransactionTest, SSLWriteCertError) { ERR_CERT_AUTHORITY_INVALID, ERR_CERT_DATE_INVALID, }; - for (size_t i = 0; i < arraysize(kErrors); i++) { + for (size_t i = 0; i < base::size(kErrors); i++) { CheckErrorIsPassedBack(kErrors[i], ASYNC); CheckErrorIsPassedBack(kErrors[i], SYNCHRONOUS); } @@ -14594,7 +15247,7 @@ TEST_F(HttpNetworkTransactionTest, ClientAuthCertCache_Proxy_Fail) { requests[1].traffic_annotation = net::MutableNetworkTrafficAnnotationTag(TRAFFIC_ANNOTATION_FOR_TESTS); - for (size_t i = 0; i < arraysize(requests); ++i) { + for (size_t i = 0; i < base::size(requests); ++i) { session_deps_.socket_factory->ResetNextMockIndexes(); std::unique_ptr<HttpNetworkSession> session(CreateSession(&session_deps_)); HttpNetworkTransaction trans(DEFAULT_PRIORITY, session.get()); @@ -15927,8 +16580,9 @@ TEST_F(HttpNetworkTransactionTest, CloseIdleSpdySessionToOpenNewOne) { session_deps_.socket_factory->AddSocketDataProvider(&http_data); HostPortPair host_port_pair_a("www.a.com", 443); - SpdySessionKey spdy_session_key_a(host_port_pair_a, ProxyServer::Direct(), - PRIVACY_MODE_DISABLED, SocketTag()); + SpdySessionKey spdy_session_key_a( + host_port_pair_a, ProxyServer::Direct(), PRIVACY_MODE_DISABLED, + SpdySessionKey::IsProxySession::kFalse, SocketTag()); EXPECT_FALSE( HasSpdySession(session->spdy_session_pool(), spdy_session_key_a)); @@ -15961,8 +16615,9 @@ TEST_F(HttpNetworkTransactionTest, CloseIdleSpdySessionToOpenNewOne) { HasSpdySession(session->spdy_session_pool(), spdy_session_key_a)); HostPortPair host_port_pair_b("www.b.com", 443); - SpdySessionKey spdy_session_key_b(host_port_pair_b, ProxyServer::Direct(), - PRIVACY_MODE_DISABLED, SocketTag()); + SpdySessionKey spdy_session_key_b( + host_port_pair_b, ProxyServer::Direct(), PRIVACY_MODE_DISABLED, + SpdySessionKey::IsProxySession::kFalse, SocketTag()); EXPECT_FALSE( HasSpdySession(session->spdy_session_pool(), spdy_session_key_b)); HttpRequestInfo request2; @@ -15992,8 +16647,9 @@ TEST_F(HttpNetworkTransactionTest, CloseIdleSpdySessionToOpenNewOne) { HasSpdySession(session->spdy_session_pool(), spdy_session_key_b)); HostPortPair host_port_pair_a1("www.a.com", 80); - SpdySessionKey spdy_session_key_a1(host_port_pair_a1, ProxyServer::Direct(), - PRIVACY_MODE_DISABLED, SocketTag()); + SpdySessionKey spdy_session_key_a1( + host_port_pair_a1, ProxyServer::Direct(), PRIVACY_MODE_DISABLED, + SpdySessionKey::IsProxySession::kFalse, SocketTag()); EXPECT_FALSE( HasSpdySession(session->spdy_session_pool(), spdy_session_key_a1)); HttpRequestInfo request3; @@ -17486,7 +18142,13 @@ class HttpNetworkTransactionReportingTest : public HttpNetworkTransactionTest { } // Makes an HTTPS request that should install a valid Reporting policy. - void RequestPolicy() { + void RequestPolicy(CertStatus cert_status = 0) { + HttpRequestInfo request; + request.method = "GET"; + request.url = GURL(url_); + request.traffic_annotation = + net::MutableNetworkTrafficAnnotationTag(TRAFFIC_ANNOTATION_FOR_TESTS); + MockRead data_reads[] = { MockRead("HTTP/1.0 200 OK\r\n"), MockRead("Report-To: {\"group\": \"nel\", \"max_age\": 86400, " @@ -17502,35 +18164,27 @@ class HttpNetworkTransactionReportingTest : public HttpNetworkTransactionTest { "Connection: keep-alive\r\n\r\n"), }; - HttpRequestInfo request; - request.method = "GET"; - request.url = GURL(url_); - request.traffic_annotation = - net::MutableNetworkTrafficAnnotationTag(TRAFFIC_ANNOTATION_FOR_TESTS); + StaticSocketDataProvider reads(data_reads, data_writes); + session_deps_.socket_factory->AddSocketDataProvider(&reads); SSLSocketDataProvider ssl(ASYNC, OK); if (request.url.SchemeIsCryptographic()) { ssl.ssl_info.cert = ImportCertFromFile(GetTestCertsDirectory(), "wildcard.pem"); ASSERT_TRUE(ssl.ssl_info.cert); - ssl.ssl_info.cert_status = cert_status_; + ssl.ssl_info.cert_status = cert_status; session_deps_.socket_factory->AddSSLSocketDataProvider(&ssl); } - StaticSocketDataProvider reads(data_reads, data_writes); - session_deps_.socket_factory->AddSocketDataProvider(&reads); - TestCompletionCallback callback; auto session = CreateSession(&session_deps_); HttpNetworkTransaction trans(DEFAULT_PRIORITY, session.get()); int rv = trans.Start(&request, callback.callback(), NetLogWithSource()); - EXPECT_THAT(rv, IsError(ERR_IO_PENDING)); - EXPECT_THAT(callback.WaitForResult(), IsOk()); + EXPECT_THAT(callback.GetResult(rv), IsOk()); } protected: std::string url_ = "https://www.example.org/"; - CertStatus cert_status_ = 0; private: TestReportingContext* test_reporting_context_; @@ -17570,8 +18224,8 @@ TEST_F(HttpNetworkTransactionReportingTest, ProcessReportToHeaderHttps) { TEST_F(HttpNetworkTransactionReportingTest, DontProcessReportToHeaderInvalidHttps) { base::HistogramTester histograms; - cert_status_ = CERT_STATUS_COMMON_NAME_INVALID; - RequestPolicy(); + CertStatus cert_status = CERT_STATUS_COMMON_NAME_INVALID; + RequestPolicy(cert_status); histograms.ExpectBucketCount( ReportingHeaderParser::kHeaderOutcomeHistogram, ReportingHeaderParser::HeaderOutcome::DISCARDED_CERT_STATUS_ERROR, 1); @@ -17582,6 +18236,13 @@ TEST_F(HttpNetworkTransactionReportingTest, // Network Error Logging tests #if BUILDFLAG(ENABLE_REPORTING) +namespace { + +const char kUserAgent[] = "Mozilla/1.0"; +const char kReferrer[] = "https://www.referrer.org/"; + +} // namespace + class HttpNetworkTransactionNetworkErrorLoggingTest : public HttpNetworkTransactionTest { protected: @@ -17592,6 +18253,16 @@ class HttpNetworkTransactionNetworkErrorLoggingTest test_network_error_logging_service_ = network_error_logging_service.get(); session_deps_.network_error_logging_service = std::move(network_error_logging_service); + + extra_headers_.SetHeader("User-Agent", kUserAgent); + extra_headers_.SetHeader("Referer", kReferrer); + + request_.method = "GET"; + request_.url = GURL(url_); + request_.extra_headers = extra_headers_; + request_.reporting_upload_depth = reporting_upload_depth_; + request_.traffic_annotation = + net::MutableNetworkTrafficAnnotationTag(TRAFFIC_ANNOTATION_FOR_TESTS); } TestNetworkErrorLoggingService* network_error_logging_service() const { @@ -17604,7 +18275,7 @@ class HttpNetworkTransactionNetworkErrorLoggingTest } // Makes an HTTPS request that should install a valid NEL policy. - void RequestPolicy() { + void RequestPolicy(CertStatus cert_status = 0) { std::string extra_header_string = extra_headers_.ToString(); MockRead data_reads[] = { MockRead("HTTP/1.0 200 OK\r\n"), @@ -17621,37 +18292,52 @@ class HttpNetworkTransactionNetworkErrorLoggingTest extra_header_string.size()), }; - HttpRequestInfo request; - request.method = "GET"; - request.url = GURL(url_); - request.extra_headers = extra_headers_; - request.reporting_upload_depth = reporting_upload_depth_; - request.traffic_annotation = - net::MutableNetworkTrafficAnnotationTag(TRAFFIC_ANNOTATION_FOR_TESTS); + StaticSocketDataProvider reads(data_reads, data_writes); + session_deps_.socket_factory->AddSocketDataProvider(&reads); SSLSocketDataProvider ssl(ASYNC, OK); - if (request.url.SchemeIsCryptographic()) { + if (request_.url.SchemeIsCryptographic()) { ssl.ssl_info.cert = ImportCertFromFile(GetTestCertsDirectory(), "wildcard.pem"); ASSERT_TRUE(ssl.ssl_info.cert); - ssl.ssl_info.cert_status = cert_status_; + ssl.ssl_info.cert_status = cert_status; session_deps_.socket_factory->AddSSLSocketDataProvider(&ssl); } - StaticSocketDataProvider reads(data_reads, data_writes); - session_deps_.socket_factory->AddSocketDataProvider(&reads); - TestCompletionCallback callback; auto session = CreateSession(&session_deps_); HttpNetworkTransaction trans(DEFAULT_PRIORITY, session.get()); - int rv = trans.Start(&request, callback.callback(), NetLogWithSource()); - EXPECT_THAT(rv, IsError(ERR_IO_PENDING)); - EXPECT_THAT(callback.WaitForResult(), IsOk()); + int rv = trans.Start(&request_, callback.callback(), NetLogWithSource()); + EXPECT_THAT(callback.GetResult(rv), IsOk()); + + std::string response_data; + ASSERT_THAT(ReadTransaction(&trans, &response_data), IsOk()); + EXPECT_EQ("hello world", response_data); + } + + void CheckReport(size_t index, + int status_code, + int error_type, + IPAddress server_ip = IPAddress::IPv4Localhost()) { + ASSERT_LT(index, network_error_logging_service()->errors().size()); + + const NetworkErrorLoggingService::RequestDetails& error = + network_error_logging_service()->errors()[index]; + EXPECT_EQ(url_, error.uri); + EXPECT_EQ(kReferrer, error.referrer); + EXPECT_EQ(kUserAgent, error.user_agent); + EXPECT_EQ(server_ip, error.server_ip); + EXPECT_EQ("http/1.1", error.protocol); + EXPECT_EQ("GET", error.method); + EXPECT_EQ(status_code, error.status_code); + EXPECT_EQ(error_type, error.type); + EXPECT_EQ(0, error.reporting_upload_depth); } protected: std::string url_ = "https://www.example.org/"; CertStatus cert_status_ = 0; + HttpRequestInfo request_; HttpRequestHeaders extra_headers_; int reporting_upload_depth_ = 0; @@ -17675,6 +18361,7 @@ TEST_F(HttpNetworkTransactionNetworkErrorLoggingTest, DontProcessNelHeaderHttp) { base::HistogramTester histograms; url_ = "http://www.example.org/"; + request_.url = GURL(url_); RequestPolicy(); histograms.ExpectBucketCount( NetworkErrorLoggingService::kHeaderOutcomeHistogram, @@ -17694,55 +18381,861 @@ TEST_F(HttpNetworkTransactionNetworkErrorLoggingTest, ProcessNelHeaderHttps) { TEST_F(HttpNetworkTransactionNetworkErrorLoggingTest, DontProcessNelHeaderInvalidHttps) { base::HistogramTester histograms; - cert_status_ = CERT_STATUS_COMMON_NAME_INVALID; - RequestPolicy(); + CertStatus cert_status = CERT_STATUS_COMMON_NAME_INVALID; + RequestPolicy(cert_status); histograms.ExpectBucketCount( NetworkErrorLoggingService::kHeaderOutcomeHistogram, NetworkErrorLoggingService::HeaderOutcome::DISCARDED_CERT_STATUS_ERROR, 1); } -TEST_F(HttpNetworkTransactionNetworkErrorLoggingTest, CreateReportHttps) { +TEST_F(HttpNetworkTransactionNetworkErrorLoggingTest, CreateReportSuccess) { RequestPolicy(); ASSERT_EQ(1u, network_error_logging_service()->errors().size()); - const auto& error = network_error_logging_service()->errors()[0]; - EXPECT_EQ(GURL("https://www.example.org/"), error.uri); - EXPECT_TRUE(error.referrer.is_empty()); - EXPECT_EQ("", error.user_agent); - EXPECT_EQ(IPAddress::IPv4Localhost(), error.server_ip); - EXPECT_EQ("http/1.1", error.protocol); - EXPECT_EQ("GET", error.method); - EXPECT_EQ(200, error.status_code); - EXPECT_EQ(OK, error.type); - EXPECT_EQ(0, error.reporting_upload_depth); -} - -TEST_F(HttpNetworkTransactionNetworkErrorLoggingTest, ReportContainsReferrer) { - constexpr char kReferrer[] = "https://www.example.org/login/"; - extra_headers_.SetHeader("Referer", kReferrer); - RequestPolicy(); + CheckReport(0 /* index */, 200 /* status_code */, OK); +} + +TEST_F(HttpNetworkTransactionNetworkErrorLoggingTest, + CreateReportErrorAfterStart) { + std::unique_ptr<HttpNetworkSession> session(CreateSession(&session_deps_)); + auto trans = + std::make_unique<HttpNetworkTransaction>(DEFAULT_PRIORITY, session.get()); + + MockConnect mock_connect(SYNCHRONOUS, ERR_NAME_NOT_RESOLVED); + StaticSocketDataProvider data; + data.set_connect_data(mock_connect); + session_deps_.socket_factory->AddSocketDataProvider(&data); + + TestCompletionCallback callback; + + int rv = trans->Start(&request_, callback.callback(), NetLogWithSource()); + EXPECT_THAT(callback.GetResult(rv), IsError(ERR_NAME_NOT_RESOLVED)); + + trans.reset(); + + ASSERT_EQ(1u, network_error_logging_service()->errors().size()); + CheckReport(0 /* index */, 0 /* status_code */, ERR_NAME_NOT_RESOLVED, + IPAddress() /* server_ip */); +} + +// Same as above except the error is ASYNC +TEST_F(HttpNetworkTransactionNetworkErrorLoggingTest, + CreateReportErrorAfterStartAsync) { + std::unique_ptr<HttpNetworkSession> session(CreateSession(&session_deps_)); + auto trans = + std::make_unique<HttpNetworkTransaction>(DEFAULT_PRIORITY, session.get()); + + MockConnect mock_connect(ASYNC, ERR_NAME_NOT_RESOLVED); + StaticSocketDataProvider data; + data.set_connect_data(mock_connect); + session_deps_.socket_factory->AddSocketDataProvider(&data); + + TestCompletionCallback callback; + + int rv = trans->Start(&request_, callback.callback(), NetLogWithSource()); + EXPECT_THAT(callback.GetResult(rv), IsError(ERR_NAME_NOT_RESOLVED)); + + trans.reset(); + + ASSERT_EQ(1u, network_error_logging_service()->errors().size()); + CheckReport(0 /* index */, 0 /* status_code */, ERR_NAME_NOT_RESOLVED, + IPAddress() /* server_ip */); +} + +TEST_F(HttpNetworkTransactionNetworkErrorLoggingTest, + CreateReportReadBodyError) { + std::string extra_header_string = extra_headers_.ToString(); + MockRead data_reads[] = { + MockRead("HTTP/1.0 200 OK\r\n"), + MockRead("Content-Length: 100\r\n\r\n"), // wrong content length + MockRead("hello world"), + MockRead(SYNCHRONOUS, OK), + }; + MockWrite data_writes[] = { + MockWrite("GET / HTTP/1.1\r\n" + "Host: www.example.org\r\n" + "Connection: keep-alive\r\n"), + MockWrite(ASYNC, extra_header_string.data(), extra_header_string.size()), + }; + + StaticSocketDataProvider reads(data_reads, data_writes); + session_deps_.socket_factory->AddSocketDataProvider(&reads); + + SSLSocketDataProvider ssl(ASYNC, OK); + session_deps_.socket_factory->AddSSLSocketDataProvider(&ssl); + + // Log start time + base::TimeTicks start_time = base::TimeTicks::Now(); + + TestCompletionCallback callback; + auto session = CreateSession(&session_deps_); + auto trans = + std::make_unique<HttpNetworkTransaction>(DEFAULT_PRIORITY, session.get()); + int rv = trans->Start(&request_, callback.callback(), NetLogWithSource()); + EXPECT_THAT(callback.GetResult(rv), IsOk()); + + const HttpResponseInfo* response = trans->GetResponseInfo(); + ASSERT_TRUE(response); + + EXPECT_TRUE(response->headers); + EXPECT_EQ("HTTP/1.0 200 OK", response->headers->GetStatusLine()); + + std::string response_data; + rv = ReadTransaction(trans.get(), &response_data); + EXPECT_THAT(rv, IsError(ERR_CONTENT_LENGTH_MISMATCH)); + + trans.reset(); + + ASSERT_EQ(1u, network_error_logging_service()->errors().size()); + + CheckReport(0 /* index */, 200 /* status_code */, + ERR_CONTENT_LENGTH_MISMATCH); + const NetworkErrorLoggingService::RequestDetails& error = + network_error_logging_service()->errors()[0]; + EXPECT_LE(error.elapsed_time, base::TimeTicks::Now() - start_time); +} + +// Same as above except the final read is ASYNC. +TEST_F(HttpNetworkTransactionNetworkErrorLoggingTest, + CreateReportReadBodyErrorAsync) { + std::string extra_header_string = extra_headers_.ToString(); + MockRead data_reads[] = { + MockRead("HTTP/1.0 200 OK\r\n"), + MockRead("Content-Length: 100\r\n\r\n"), // wrong content length + MockRead("hello world"), + MockRead(ASYNC, OK), + }; + MockWrite data_writes[] = { + MockWrite("GET / HTTP/1.1\r\n" + "Host: www.example.org\r\n" + "Connection: keep-alive\r\n"), + MockWrite(ASYNC, extra_header_string.data(), extra_header_string.size()), + }; + + StaticSocketDataProvider reads(data_reads, data_writes); + session_deps_.socket_factory->AddSocketDataProvider(&reads); + + SSLSocketDataProvider ssl(ASYNC, OK); + session_deps_.socket_factory->AddSSLSocketDataProvider(&ssl); + + // Log start time + base::TimeTicks start_time = base::TimeTicks::Now(); + + TestCompletionCallback callback; + auto session = CreateSession(&session_deps_); + auto trans = + std::make_unique<HttpNetworkTransaction>(DEFAULT_PRIORITY, session.get()); + int rv = trans->Start(&request_, callback.callback(), NetLogWithSource()); + EXPECT_THAT(callback.GetResult(rv), IsOk()); + + const HttpResponseInfo* response = trans->GetResponseInfo(); + ASSERT_TRUE(response); + + EXPECT_TRUE(response->headers); + EXPECT_EQ("HTTP/1.0 200 OK", response->headers->GetStatusLine()); + + std::string response_data; + rv = ReadTransaction(trans.get(), &response_data); + EXPECT_THAT(rv, IsError(ERR_CONTENT_LENGTH_MISMATCH)); + + trans.reset(); + + ASSERT_EQ(1u, network_error_logging_service()->errors().size()); + + CheckReport(0 /* index */, 200 /* status_code */, + ERR_CONTENT_LENGTH_MISMATCH); + const NetworkErrorLoggingService::RequestDetails& error = + network_error_logging_service()->errors()[0]; + EXPECT_LE(error.elapsed_time, base::TimeTicks::Now() - start_time); +} + +TEST_F(HttpNetworkTransactionNetworkErrorLoggingTest, + CreateReportRestartWithAuth) { + std::string extra_header_string = extra_headers_.ToString(); + static const base::TimeDelta kSleepDuration = + base::TimeDelta::FromMilliseconds(10); + + MockWrite data_writes1[] = { + MockWrite("GET / HTTP/1.1\r\n" + "Host: www.example.org\r\n" + "Connection: keep-alive\r\n"), + MockWrite(ASYNC, extra_header_string.data(), extra_header_string.size()), + }; + + MockRead data_reads1[] = { + MockRead("HTTP/1.0 401 Unauthorized\r\n"), + // Give a couple authenticate options (only the middle one is actually + // supported). + MockRead("WWW-Authenticate: Basic invalid\r\n"), // Malformed. + MockRead("WWW-Authenticate: Basic realm=\"MyRealm1\"\r\n"), + MockRead("WWW-Authenticate: UNSUPPORTED realm=\"FOO\"\r\n"), + MockRead("Content-Type: text/html; charset=iso-8859-1\r\n"), + // Large content-length -- won't matter, as connection will be reset. + MockRead("Content-Length: 10000\r\n\r\n"), + MockRead(SYNCHRONOUS, ERR_FAILED), + }; + + // After calling trans->RestartWithAuth(), this is the request we should + // be issuing -- the final header line contains the credentials. + MockWrite data_writes2[] = { + MockWrite("GET / HTTP/1.1\r\n" + "Host: www.example.org\r\n" + "Connection: keep-alive\r\n" + "Authorization: Basic Zm9vOmJhcg==\r\n"), + MockWrite(ASYNC, extra_header_string.data(), extra_header_string.size()), + }; + + // Lastly, the server responds with the actual content. + MockRead data_reads2[] = { + MockRead("HTTP/1.0 200 OK\r\n\r\n"), + MockRead("hello world"), + MockRead(SYNCHRONOUS, OK), + }; + + StaticSocketDataProvider data1(data_reads1, data_writes1); + StaticSocketDataProvider data2(data_reads2, data_writes2); + session_deps_.socket_factory->AddSocketDataProvider(&data1); + session_deps_.socket_factory->AddSocketDataProvider(&data2); + + SSLSocketDataProvider ssl1(ASYNC, OK); + session_deps_.socket_factory->AddSSLSocketDataProvider(&ssl1); + SSLSocketDataProvider ssl2(ASYNC, OK); + session_deps_.socket_factory->AddSSLSocketDataProvider(&ssl2); + + base::TimeTicks start_time = base::TimeTicks::Now(); + base::TimeTicks restart_time; + + std::unique_ptr<HttpNetworkSession> session(CreateSession(&session_deps_)); + auto trans = + std::make_unique<HttpNetworkTransaction>(DEFAULT_PRIORITY, session.get()); + + TestCompletionCallback callback1; + + int rv = trans->Start(&request_, callback1.callback(), NetLogWithSource()); + EXPECT_THAT(callback1.GetResult(rv), IsOk()); + + ASSERT_EQ(1u, network_error_logging_service()->errors().size()); + + TestCompletionCallback callback2; + + // Wait 10 ms then restart with auth + FastForwardBy(kSleepDuration); + restart_time = base::TimeTicks::Now(); + rv = + trans->RestartWithAuth(AuthCredentials(kFoo, kBar), callback2.callback()); + EXPECT_THAT(callback2.GetResult(rv), IsOk()); + + std::string response_data; + ASSERT_THAT(ReadTransaction(trans.get(), &response_data), IsOk()); + EXPECT_EQ("hello world", response_data); + + trans.reset(); + + // One 401 report for the auth challenge, then a 200 report for the successful + // retry. Note that we don't report the error draining the body, as the first + // request already generated a report for the auth challenge. + ASSERT_EQ(2u, network_error_logging_service()->errors().size()); + + // Check error report contents + CheckReport(0 /* index */, 401 /* status_code */, OK); + CheckReport(1 /* index */, 200 /* status_code */, OK); + + const NetworkErrorLoggingService::RequestDetails& error1 = + network_error_logging_service()->errors()[0]; + const NetworkErrorLoggingService::RequestDetails& error2 = + network_error_logging_service()->errors()[1]; + + // Sanity-check elapsed time values + EXPECT_EQ(error1.elapsed_time, restart_time - start_time - kSleepDuration); + // Check that the start time is refreshed when restarting with auth. + EXPECT_EQ(error2.elapsed_time, base::TimeTicks::Now() - restart_time); +} + +// Same as above, except draining the body before restarting fails +// asynchronously. +TEST_F(HttpNetworkTransactionNetworkErrorLoggingTest, + CreateReportRestartWithAuthAsync) { + std::string extra_header_string = extra_headers_.ToString(); + static const base::TimeDelta kSleepDuration = + base::TimeDelta::FromMilliseconds(10); + + MockWrite data_writes1[] = { + MockWrite("GET / HTTP/1.1\r\n" + "Host: www.example.org\r\n" + "Connection: keep-alive\r\n"), + MockWrite(ASYNC, extra_header_string.data(), extra_header_string.size()), + }; + + MockRead data_reads1[] = { + MockRead("HTTP/1.0 401 Unauthorized\r\n"), + // Give a couple authenticate options (only the middle one is actually + // supported). + MockRead("WWW-Authenticate: Basic invalid\r\n"), // Malformed. + MockRead("WWW-Authenticate: Basic realm=\"MyRealm1\"\r\n"), + MockRead("WWW-Authenticate: UNSUPPORTED realm=\"FOO\"\r\n"), + MockRead("Content-Type: text/html; charset=iso-8859-1\r\n"), + // Large content-length -- won't matter, as connection will be reset. + MockRead("Content-Length: 10000\r\n\r\n"), + MockRead(ASYNC, ERR_FAILED), + }; + + // After calling trans->RestartWithAuth(), this is the request we should + // be issuing -- the final header line contains the credentials. + MockWrite data_writes2[] = { + MockWrite("GET / HTTP/1.1\r\n" + "Host: www.example.org\r\n" + "Connection: keep-alive\r\n" + "Authorization: Basic Zm9vOmJhcg==\r\n"), + MockWrite(ASYNC, extra_header_string.data(), extra_header_string.size()), + }; + + // Lastly, the server responds with the actual content. + MockRead data_reads2[] = { + MockRead("HTTP/1.0 200 OK\r\n\r\n"), + MockRead("hello world"), + MockRead(SYNCHRONOUS, OK), + }; + + StaticSocketDataProvider data1(data_reads1, data_writes1); + StaticSocketDataProvider data2(data_reads2, data_writes2); + session_deps_.socket_factory->AddSocketDataProvider(&data1); + session_deps_.socket_factory->AddSocketDataProvider(&data2); + + SSLSocketDataProvider ssl1(ASYNC, OK); + session_deps_.socket_factory->AddSSLSocketDataProvider(&ssl1); + SSLSocketDataProvider ssl2(ASYNC, OK); + session_deps_.socket_factory->AddSSLSocketDataProvider(&ssl2); + + base::TimeTicks start_time = base::TimeTicks::Now(); + base::TimeTicks restart_time; + + std::unique_ptr<HttpNetworkSession> session(CreateSession(&session_deps_)); + auto trans = + std::make_unique<HttpNetworkTransaction>(DEFAULT_PRIORITY, session.get()); + + TestCompletionCallback callback1; + + int rv = trans->Start(&request_, callback1.callback(), NetLogWithSource()); + EXPECT_THAT(callback1.GetResult(rv), IsOk()); + + ASSERT_EQ(1u, network_error_logging_service()->errors().size()); + + TestCompletionCallback callback2; + + // Wait 10 ms then restart with auth + FastForwardBy(kSleepDuration); + restart_time = base::TimeTicks::Now(); + rv = + trans->RestartWithAuth(AuthCredentials(kFoo, kBar), callback2.callback()); + EXPECT_THAT(callback2.GetResult(rv), IsOk()); + + std::string response_data; + ASSERT_THAT(ReadTransaction(trans.get(), &response_data), IsOk()); + EXPECT_EQ("hello world", response_data); + + trans.reset(); + + // One 401 report for the auth challenge, then a 200 report for the successful + // retry. Note that we don't report the error draining the body, as the first + // request already generated a report for the auth challenge. + ASSERT_EQ(2u, network_error_logging_service()->errors().size()); + + // Check error report contents + CheckReport(0 /* index */, 401 /* status_code */, OK); + CheckReport(1 /* index */, 200 /* status_code */, OK); + + const NetworkErrorLoggingService::RequestDetails& error1 = + network_error_logging_service()->errors()[0]; + const NetworkErrorLoggingService::RequestDetails& error2 = + network_error_logging_service()->errors()[1]; + + // Sanity-check elapsed time values + EXPECT_EQ(error1.elapsed_time, restart_time - start_time - kSleepDuration); + // Check that the start time is refreshed when restarting with auth. + EXPECT_EQ(error2.elapsed_time, base::TimeTicks::Now() - restart_time); +} + +TEST_F(HttpNetworkTransactionNetworkErrorLoggingTest, + CreateReportRetryKeepAliveConnectionReset) { + std::string extra_header_string = extra_headers_.ToString(); + MockWrite data_writes1[] = { + MockWrite("GET / HTTP/1.1\r\n" + "Host: www.example.org\r\n" + "Connection: keep-alive\r\n"), + MockWrite(ASYNC, extra_header_string.data(), extra_header_string.size()), + MockWrite("GET / HTTP/1.1\r\n" + "Host: www.example.org\r\n" + "Connection: keep-alive\r\n"), + MockWrite(ASYNC, extra_header_string.data(), extra_header_string.size()), + }; + + MockRead data_reads1[] = { + MockRead("HTTP/1.1 200 OK\r\nContent-Length: 5\r\n\r\n"), + MockRead("hello"), + // Connection is reset + MockRead(ASYNC, ERR_CONNECTION_RESET), + }; + + // Successful retry + MockRead data_reads2[] = { + MockRead("HTTP/1.1 200 OK\r\nContent-Length: 5\r\n\r\n"), + MockRead("world"), + MockRead(ASYNC, OK), + }; + + StaticSocketDataProvider data1(data_reads1, data_writes1); + StaticSocketDataProvider data2(data_reads2, base::span<MockWrite>()); + session_deps_.socket_factory->AddSocketDataProvider(&data1); + session_deps_.socket_factory->AddSocketDataProvider(&data2); + + SSLSocketDataProvider ssl1(ASYNC, OK); + session_deps_.socket_factory->AddSSLSocketDataProvider(&ssl1); + SSLSocketDataProvider ssl2(ASYNC, OK); + session_deps_.socket_factory->AddSSLSocketDataProvider(&ssl2); + + std::unique_ptr<HttpNetworkSession> session(CreateSession(&session_deps_)); + auto trans1 = + std::make_unique<HttpNetworkTransaction>(DEFAULT_PRIORITY, session.get()); + + TestCompletionCallback callback1; + + int rv = trans1->Start(&request_, callback1.callback(), NetLogWithSource()); + EXPECT_THAT(callback1.GetResult(rv), IsOk()); + + std::string response_data; + ASSERT_THAT(ReadTransaction(trans1.get(), &response_data), IsOk()); + EXPECT_EQ("hello", response_data); + + ASSERT_EQ(1u, network_error_logging_service()->errors().size()); + + auto trans2 = + std::make_unique<HttpNetworkTransaction>(DEFAULT_PRIORITY, session.get()); + + TestCompletionCallback callback2; + + rv = trans2->Start(&request_, callback2.callback(), NetLogWithSource()); + EXPECT_THAT(callback2.GetResult(rv), IsOk()); + + ASSERT_THAT(ReadTransaction(trans2.get(), &response_data), IsOk()); + EXPECT_EQ("world", response_data); + + trans1.reset(); + trans2.reset(); + + // One OK report from first request, then a ERR_CONNECTION_RESET report from + // the second request, then an OK report from the successful retry. + ASSERT_EQ(3u, network_error_logging_service()->errors().size()); + + // Check error report contents + CheckReport(0 /* index */, 200 /* status_code */, OK); + CheckReport(1 /* index */, 0 /* status_code */, ERR_CONNECTION_RESET); + CheckReport(2 /* index */, 200 /* status_code */, OK); +} + +TEST_F(HttpNetworkTransactionNetworkErrorLoggingTest, + CreateReportRetryKeepAlive408) { + std::string extra_header_string = extra_headers_.ToString(); + MockWrite data_writes1[] = { + MockWrite("GET / HTTP/1.1\r\n" + "Host: www.example.org\r\n" + "Connection: keep-alive\r\n"), + MockWrite(ASYNC, extra_header_string.data(), extra_header_string.size()), + MockWrite("GET / HTTP/1.1\r\n" + "Host: www.example.org\r\n" + "Connection: keep-alive\r\n"), + MockWrite(ASYNC, extra_header_string.data(), extra_header_string.size()), + }; + + MockRead data_reads1[] = { + MockRead("HTTP/1.1 200 OK\r\nContent-Length: 5\r\n\r\n"), + MockRead("hello"), + // 408 Request Timeout + MockRead(SYNCHRONOUS, + "HTTP/1.1 408 Request Timeout\r\n" + "Connection: Keep-Alive\r\n" + "Content-Length: 6\r\n\r\n" + "Pickle"), + }; + + // Successful retry + MockRead data_reads2[] = { + MockRead("HTTP/1.1 200 OK\r\nContent-Length: 5\r\n\r\n"), + MockRead("world"), + MockRead(ASYNC, OK), + }; + + StaticSocketDataProvider data1(data_reads1, data_writes1); + StaticSocketDataProvider data2(data_reads2, base::span<MockWrite>()); + session_deps_.socket_factory->AddSocketDataProvider(&data1); + session_deps_.socket_factory->AddSocketDataProvider(&data2); + + SSLSocketDataProvider ssl1(ASYNC, OK); + session_deps_.socket_factory->AddSSLSocketDataProvider(&ssl1); + SSLSocketDataProvider ssl2(ASYNC, OK); + session_deps_.socket_factory->AddSSLSocketDataProvider(&ssl2); + + std::unique_ptr<HttpNetworkSession> session(CreateSession(&session_deps_)); + auto trans1 = + std::make_unique<HttpNetworkTransaction>(DEFAULT_PRIORITY, session.get()); + + TestCompletionCallback callback1; + + int rv = trans1->Start(&request_, callback1.callback(), NetLogWithSource()); + EXPECT_THAT(callback1.GetResult(rv), IsOk()); + + std::string response_data; + ASSERT_THAT(ReadTransaction(trans1.get(), &response_data), IsOk()); + EXPECT_EQ("hello", response_data); + + ASSERT_EQ(1u, network_error_logging_service()->errors().size()); + + auto trans2 = + std::make_unique<HttpNetworkTransaction>(DEFAULT_PRIORITY, session.get()); + + TestCompletionCallback callback2; + + rv = trans2->Start(&request_, callback2.callback(), NetLogWithSource()); + EXPECT_THAT(callback2.GetResult(rv), IsOk()); + + ASSERT_THAT(ReadTransaction(trans2.get(), &response_data), IsOk()); + EXPECT_EQ("world", response_data); + + trans1.reset(); + trans2.reset(); + + // One 200 report from first request, then a 408 report from + // the second request, then a 200 report from the successful retry. + ASSERT_EQ(3u, network_error_logging_service()->errors().size()); + + // Check error report contents + CheckReport(0 /* index */, 200 /* status_code */, OK); + CheckReport(1 /* index */, 408 /* status_code */, OK); + CheckReport(2 /* index */, 200 /* status_code */, OK); +} + +TEST_F(HttpNetworkTransactionNetworkErrorLoggingTest, + CreateReportRetry421WithoutConnectionPooling) { + // Two hosts resolve to the same IP address. + const std::string ip_addr = "1.2.3.4"; + IPAddress ip; + ASSERT_TRUE(ip.AssignFromIPLiteral(ip_addr)); + IPEndPoint peer_addr = IPEndPoint(ip, 443); + + session_deps_.host_resolver = std::make_unique<MockCachingHostResolver>(); + session_deps_.host_resolver->rules()->AddRule("www.example.org", ip_addr); + session_deps_.host_resolver->rules()->AddRule("mail.example.org", ip_addr); + + std::unique_ptr<HttpNetworkSession> session(CreateSession(&session_deps_)); + + // Two requests on the first connection. + spdy::SpdySerializedFrame req1( + spdy_util_.ConstructSpdyGet("https://www.example.org", 1, LOWEST)); + spdy_util_.UpdateWithStreamDestruction(1); + spdy::SpdySerializedFrame req2( + spdy_util_.ConstructSpdyGet("https://mail.example.org", 3, LOWEST)); + spdy::SpdySerializedFrame rst( + spdy_util_.ConstructSpdyRstStream(3, spdy::ERROR_CODE_CANCEL)); + MockWrite writes1[] = { + CreateMockWrite(req1, 0), + CreateMockWrite(req2, 3), + CreateMockWrite(rst, 6), + }; + + // The first one succeeds, the second gets error 421 Misdirected Request. + spdy::SpdySerializedFrame resp1( + spdy_util_.ConstructSpdyGetReply(nullptr, 0, 1)); + spdy::SpdySerializedFrame body1(spdy_util_.ConstructSpdyDataFrame(1, true)); + spdy::SpdyHeaderBlock response_headers; + response_headers[spdy::kHttp2StatusHeader] = "421"; + spdy::SpdySerializedFrame resp2( + spdy_util_.ConstructSpdyReply(3, std::move(response_headers))); + MockRead reads1[] = {CreateMockRead(resp1, 1), CreateMockRead(body1, 2), + CreateMockRead(resp2, 4), MockRead(ASYNC, 0, 5)}; + + MockConnect connect1(ASYNC, OK, peer_addr); + SequencedSocketData data1(connect1, reads1, writes1); + session_deps_.socket_factory->AddSocketDataProvider(&data1); + + AddSSLSocketData(); + + // Retry the second request on a second connection. + SpdyTestUtil spdy_util2; + spdy::SpdySerializedFrame req3( + spdy_util2.ConstructSpdyGet("https://mail.example.org", 1, LOWEST)); + MockWrite writes2[] = { + CreateMockWrite(req3, 0), + }; + + spdy::SpdySerializedFrame resp3( + spdy_util2.ConstructSpdyGetReply(nullptr, 0, 1)); + spdy::SpdySerializedFrame body3(spdy_util2.ConstructSpdyDataFrame(1, true)); + MockRead reads2[] = {CreateMockRead(resp3, 1), CreateMockRead(body3, 2), + MockRead(ASYNC, 0, 3)}; + + MockConnect connect2(ASYNC, OK, peer_addr); + SequencedSocketData data2(connect2, reads2, writes2); + session_deps_.socket_factory->AddSocketDataProvider(&data2); + + AddSSLSocketData(); + + // Preload mail.example.org into HostCache. + HostPortPair host_port("mail.example.org", 443); + HostResolver::RequestInfo resolve_info(host_port); + AddressList ignored; + std::unique_ptr<HostResolver::Request> request; + TestCompletionCallback callback; + int rv = session_deps_.host_resolver->Resolve(resolve_info, DEFAULT_PRIORITY, + &ignored, callback.callback(), + &request, NetLogWithSource()); + EXPECT_THAT(callback.GetResult(rv), IsOk()); + + HttpRequestInfo request1; + request1.method = "GET"; + request1.url = GURL("https://www.example.org/"); + request1.load_flags = 0; + request1.traffic_annotation = + net::MutableNetworkTrafficAnnotationTag(TRAFFIC_ANNOTATION_FOR_TESTS); + auto trans1 = + std::make_unique<HttpNetworkTransaction>(DEFAULT_PRIORITY, session.get()); + + rv = trans1->Start(&request1, callback.callback(), NetLogWithSource()); + EXPECT_THAT(callback.GetResult(rv), IsOk()); + + const HttpResponseInfo* response = trans1->GetResponseInfo(); + ASSERT_TRUE(response); + ASSERT_TRUE(response->headers); + EXPECT_EQ("HTTP/1.1 200", response->headers->GetStatusLine()); + EXPECT_TRUE(response->was_fetched_via_spdy); + EXPECT_TRUE(response->was_alpn_negotiated); + std::string response_data; + ASSERT_THAT(ReadTransaction(trans1.get(), &response_data), IsOk()); + EXPECT_EQ("hello!", response_data); + + trans1.reset(); + ASSERT_EQ(1u, network_error_logging_service()->errors().size()); - const auto& error = network_error_logging_service()->errors()[0]; - EXPECT_EQ(GURL(kReferrer), error.referrer); + + HttpRequestInfo request2; + request2.method = "GET"; + request2.url = GURL("https://mail.example.org/"); + request2.load_flags = 0; + request2.traffic_annotation = + net::MutableNetworkTrafficAnnotationTag(TRAFFIC_ANNOTATION_FOR_TESTS); + auto trans2 = + std::make_unique<HttpNetworkTransaction>(DEFAULT_PRIORITY, session.get()); + + BoundTestNetLog log; + rv = trans2->Start(&request2, callback.callback(), log.bound()); + EXPECT_THAT(callback.GetResult(rv), IsOk()); + + response = trans2->GetResponseInfo(); + ASSERT_TRUE(response); + ASSERT_TRUE(response->headers); + EXPECT_EQ("HTTP/1.1 200", response->headers->GetStatusLine()); + EXPECT_TRUE(response->was_fetched_via_spdy); + EXPECT_TRUE(response->was_alpn_negotiated); + ASSERT_THAT(ReadTransaction(trans2.get(), &response_data), IsOk()); + EXPECT_EQ("hello!", response_data); + + trans2.reset(); + + // One 200 report from the first request, then a 421 report from the + // second request, then a 200 report from the successful retry. + ASSERT_EQ(3u, network_error_logging_service()->errors().size()); + + // Check error report contents + const NetworkErrorLoggingService::RequestDetails& error1 = + network_error_logging_service()->errors()[0]; + EXPECT_EQ(GURL("https://www.example.org/"), error1.uri); + EXPECT_TRUE(error1.referrer.is_empty()); + EXPECT_EQ("", error1.user_agent); + EXPECT_EQ(ip, error1.server_ip); + EXPECT_EQ("h2", error1.protocol); + EXPECT_EQ("GET", error1.method); + EXPECT_EQ(200, error1.status_code); + EXPECT_EQ(OK, error1.type); + EXPECT_EQ(0, error1.reporting_upload_depth); + + const NetworkErrorLoggingService::RequestDetails& error2 = + network_error_logging_service()->errors()[1]; + EXPECT_EQ(GURL("https://mail.example.org/"), error2.uri); + EXPECT_TRUE(error2.referrer.is_empty()); + EXPECT_EQ("", error2.user_agent); + EXPECT_EQ(ip, error2.server_ip); + EXPECT_EQ("h2", error2.protocol); + EXPECT_EQ("GET", error2.method); + EXPECT_EQ(421, error2.status_code); + EXPECT_EQ(OK, error2.type); + EXPECT_EQ(0, error2.reporting_upload_depth); + + const NetworkErrorLoggingService::RequestDetails& error3 = + network_error_logging_service()->errors()[2]; + EXPECT_EQ(GURL("https://mail.example.org/"), error3.uri); + EXPECT_TRUE(error3.referrer.is_empty()); + EXPECT_EQ("", error3.user_agent); + EXPECT_EQ(ip, error3.server_ip); + EXPECT_EQ("h2", error3.protocol); + EXPECT_EQ("GET", error3.method); + EXPECT_EQ(200, error3.status_code); + EXPECT_EQ(OK, error3.type); + EXPECT_EQ(0, error3.reporting_upload_depth); +} + +TEST_F(HttpNetworkTransactionNetworkErrorLoggingTest, DontCreateReportHttp) { + base::HistogramTester histograms; + RequestPolicy(); + EXPECT_EQ(1u, network_error_logging_service()->headers().size()); + EXPECT_EQ(1u, network_error_logging_service()->errors().size()); + + // Make HTTP request + std::string extra_header_string = extra_headers_.ToString(); + MockRead data_reads[] = { + MockRead("HTTP/1.0 200 OK\r\n\r\n"), + MockRead("hello world"), + MockRead(SYNCHRONOUS, OK), + }; + MockWrite data_writes[] = { + MockWrite("GET / HTTP/1.1\r\n" + "Host: www.example.org\r\n" + "Connection: keep-alive\r\n"), + MockWrite(ASYNC, extra_header_string.data(), extra_header_string.size()), + }; + + StaticSocketDataProvider reads(data_reads, data_writes); + session_deps_.socket_factory->AddSocketDataProvider(&reads); + + // Insecure url + url_ = "http://www.example.org/"; + request_.url = GURL(url_); + + TestCompletionCallback callback; + auto session = CreateSession(&session_deps_); + auto trans = + std::make_unique<HttpNetworkTransaction>(DEFAULT_PRIORITY, session.get()); + int rv = trans->Start(&request_, callback.callback(), NetLogWithSource()); + EXPECT_THAT(callback.GetResult(rv), IsOk()); + + std::string response_data; + ASSERT_THAT(ReadTransaction(trans.get(), &response_data), IsOk()); + EXPECT_EQ("hello world", response_data); + + // Insecure request does not generate a report + histograms.ExpectBucketCount( + NetworkErrorLoggingService::kRequestOutcomeHistogram, + NetworkErrorLoggingService::RequestOutcome::DISCARDED_INSECURE_ORIGIN, 1); + + EXPECT_EQ(1u, network_error_logging_service()->errors().size()); +} + +TEST_F(HttpNetworkTransactionNetworkErrorLoggingTest, + DontCreateReportHttpError) { + base::HistogramTester histograms; + RequestPolicy(); + EXPECT_EQ(1u, network_error_logging_service()->headers().size()); + EXPECT_EQ(1u, network_error_logging_service()->errors().size()); + + // Make HTTP request that fails + MockRead data_reads[] = { + MockRead("hello world"), + MockRead(SYNCHRONOUS, OK), + }; + + StaticSocketDataProvider data(data_reads, base::span<MockWrite>()); + session_deps_.socket_factory->AddSocketDataProvider(&data); + + url_ = "http://www.originwithoutpolicy.com:2000/"; + request_.url = GURL(url_); + + std::unique_ptr<HttpNetworkSession> session(CreateSession(&session_deps_)); + + auto trans = + std::make_unique<HttpNetworkTransaction>(DEFAULT_PRIORITY, session.get()); + TestCompletionCallback callback; + int rv = trans->Start(&request_, callback.callback(), NetLogWithSource()); + EXPECT_THAT(callback.GetResult(rv), IsError(ERR_INVALID_HTTP_RESPONSE)); + + // Insecure request does not generate a report, regardless of existence of a + // policy for the origin. + histograms.ExpectBucketCount( + NetworkErrorLoggingService::kRequestOutcomeHistogram, + NetworkErrorLoggingService::RequestOutcome::DISCARDED_INSECURE_ORIGIN, 1); + + EXPECT_EQ(1u, network_error_logging_service()->errors().size()); } TEST_F(HttpNetworkTransactionNetworkErrorLoggingTest, ReportContainsUploadDepth) { reporting_upload_depth_ = 7; + request_.reporting_upload_depth = reporting_upload_depth_; RequestPolicy(); ASSERT_EQ(1u, network_error_logging_service()->errors().size()); - const auto& error = network_error_logging_service()->errors()[0]; + const NetworkErrorLoggingService::RequestDetails& error = + network_error_logging_service()->errors()[0]; EXPECT_EQ(7, error.reporting_upload_depth); } -TEST_F(HttpNetworkTransactionNetworkErrorLoggingTest, ReportContainsUserAgent) { - constexpr char kUserAgent[] = "Mozilla/1.0"; - extra_headers_.SetHeader("User-Agent", kUserAgent); - RequestPolicy(); +TEST_F(HttpNetworkTransactionNetworkErrorLoggingTest, ReportElapsedTime) { + std::string extra_header_string = extra_headers_.ToString(); + static const base::TimeDelta kSleepDuration = + base::TimeDelta::FromMilliseconds(10); + + std::vector<MockWrite> data_writes = { + MockWrite(ASYNC, 0, + "GET / HTTP/1.1\r\n" + "Host: www.example.org\r\n" + "Connection: keep-alive\r\n"), + MockWrite(ASYNC, 1, extra_header_string.data()), + }; + + std::vector<MockRead> data_reads = { + // Write one byte of the status line, followed by a pause. + MockRead(ASYNC, 2, "H"), + MockRead(ASYNC, ERR_IO_PENDING, 3), + MockRead(ASYNC, 4, "TTP/1.1 200 OK\r\n\r\n"), + MockRead(ASYNC, 5, "hello world"), + MockRead(SYNCHRONOUS, OK, 6), + }; + + SequencedSocketData data(data_reads, data_writes); + session_deps_.socket_factory->AddSocketDataProvider(&data); + + SSLSocketDataProvider ssl(ASYNC, OK); + session_deps_.socket_factory->AddSSLSocketDataProvider(&ssl); + + std::unique_ptr<HttpNetworkSession> session(CreateSession(&session_deps_)); + + auto trans = + std::make_unique<HttpNetworkTransaction>(DEFAULT_PRIORITY, session.get()); + + TestCompletionCallback callback; + + int rv = trans->Start(&request_, callback.callback(), NetLogWithSource()); + EXPECT_THAT(rv, IsError(ERR_IO_PENDING)); + + data.RunUntilPaused(); + ASSERT_TRUE(data.IsPaused()); + FastForwardBy(kSleepDuration); + data.Resume(); + + EXPECT_THAT(callback.GetResult(rv), IsOk()); + + std::string response_data; + ASSERT_THAT(ReadTransaction(trans.get(), &response_data), IsOk()); + EXPECT_EQ("hello world", response_data); + + trans.reset(); + ASSERT_EQ(1u, network_error_logging_service()->errors().size()); - const auto& error = network_error_logging_service()->errors()[0]; - EXPECT_EQ(kUserAgent, error.user_agent); + + CheckReport(0 /* index */, 200 /* status_code */, OK); + + const NetworkErrorLoggingService::RequestDetails& error = + network_error_logging_service()->errors()[0]; + + // Sanity-check elapsed time in error report + EXPECT_EQ(kSleepDuration, error.elapsed_time); } + #endif // BUILDFLAG(ENABLE_REPORTING) } // namespace net diff --git a/chromium/net/http/http_proxy_client_socket.cc b/chromium/net/http/http_proxy_client_socket.cc index e55a99d1165..12cfb3dfea9 100644 --- a/chromium/net/http/http_proxy_client_socket.cc +++ b/chromium/net/http/http_proxy_client_socket.cc @@ -14,6 +14,7 @@ #include "net/base/auth.h" #include "net/base/host_port_pair.h" #include "net/base/io_buffer.h" +#include "net/base/proxy_delegate.h" #include "net/http/http_basic_stream.h" #include "net/http/http_network_session.h" #include "net/http/http_request_info.h" @@ -33,10 +34,12 @@ HttpProxyClientSocket::HttpProxyClientSocket( std::unique_ptr<ClientSocketHandle> transport_socket, const std::string& user_agent, const HostPortPair& endpoint, + const ProxyServer& proxy_server, HttpAuthController* http_auth_controller, bool tunnel, bool using_spdy, NextProto negotiated_protocol, + ProxyDelegate* proxy_delegate, bool is_https_proxy, const NetworkTrafficAnnotationTag& traffic_annotation) : io_callback_(base::BindRepeating(&HttpProxyClientSocket::OnIOComplete, @@ -50,6 +53,8 @@ HttpProxyClientSocket::HttpProxyClientSocket( negotiated_protocol_(negotiated_protocol), is_https_proxy_(is_https_proxy), redirect_has_load_timing_info_(false), + proxy_server_(proxy_server), + proxy_delegate_(proxy_delegate), traffic_annotation_(traffic_annotation), net_log_(transport_->socket()->NetLog()) { // Synthesize the bits of a request that we actually use. @@ -382,16 +387,25 @@ int HttpProxyClientSocket::DoSendRequest() { // we have proxy info available. if (request_line_.empty()) { DCHECK(request_headers_.IsEmpty()); - HttpRequestHeaders authorization_headers; + + HttpRequestHeaders extra_headers; if (auth_->HaveAuth()) - auth_->AddAuthorizationHeader(&authorization_headers); + auth_->AddAuthorizationHeader(&extra_headers); + + if (proxy_delegate_) { + HttpRequestHeaders proxy_delegate_headers; + proxy_delegate_->OnBeforeTunnelRequest(proxy_server_, + &proxy_delegate_headers); + extra_headers.MergeFrom(proxy_delegate_headers); + } + std::string user_agent; if (!request_.extra_headers.GetHeader(HttpRequestHeaders::kUserAgent, &user_agent)) { user_agent.clear(); } - BuildTunnelRequest(endpoint_, authorization_headers, user_agent, - &request_line_, &request_headers_); + BuildTunnelRequest(endpoint_, extra_headers, user_agent, &request_line_, + &request_headers_); net_log_.AddEvent( NetLogEventType::HTTP_TRANSACTION_SEND_TUNNEL_HEADERS, @@ -432,6 +446,15 @@ int HttpProxyClientSocket::DoReadHeadersComplete(int result) { NetLogEventType::HTTP_TRANSACTION_READ_TUNNEL_RESPONSE_HEADERS, base::Bind(&HttpResponseHeaders::NetLogCallback, response_.headers)); + if (proxy_delegate_) { + int rv = proxy_delegate_->OnTunnelHeadersReceived(proxy_server_, + *response_.headers); + if (rv != OK) { + DCHECK_NE(ERR_IO_PENDING, rv); + return rv; + } + } + switch (response_.headers->response_code()) { case 200: // OK if (http_stream_parser_->IsMoreDataBuffered()) diff --git a/chromium/net/http/http_proxy_client_socket.h b/chromium/net/http/http_proxy_client_socket.h index 38c65bf8cb9..45a4130d686 100644 --- a/chromium/net/http/http_proxy_client_socket.h +++ b/chromium/net/http/http_proxy_client_socket.h @@ -18,6 +18,7 @@ #include "net/base/host_port_pair.h" #include "net/base/load_timing_info.h" #include "net/base/net_export.h" +#include "net/base/proxy_server.h" #include "net/http/http_auth_controller.h" #include "net/http/http_request_headers.h" #include "net/http/http_request_info.h" @@ -34,6 +35,7 @@ class GrowableIOBuffer; class HttpStream; class HttpStreamParser; class IOBuffer; +class ProxyDelegate; class NET_EXPORT_PRIVATE HttpProxyClientSocket : public ProxyClientSocket { public: @@ -43,10 +45,12 @@ class NET_EXPORT_PRIVATE HttpProxyClientSocket : public ProxyClientSocket { HttpProxyClientSocket(std::unique_ptr<ClientSocketHandle> transport_socket, const std::string& user_agent, const HostPortPair& endpoint, + const ProxyServer& proxy_server, HttpAuthController* http_auth_controller, bool tunnel, bool using_spdy, NextProto negotiated_protocol, + ProxyDelegate* proxy_delegate, bool is_https_proxy, const NetworkTrafficAnnotationTag& traffic_annotation); @@ -167,6 +171,11 @@ class NET_EXPORT_PRIVATE HttpProxyClientSocket : public ProxyClientSocket { bool redirect_has_load_timing_info_; LoadTimingInfo redirect_load_timing_info_; + const ProxyServer proxy_server_; + + // This delegate must outlive this proxy client socket. + ProxyDelegate* proxy_delegate_; + // Network traffic annotation for handshaking and setup. const NetworkTrafficAnnotationTag traffic_annotation_; diff --git a/chromium/net/http/http_proxy_client_socket_fuzzer.cc b/chromium/net/http/http_proxy_client_socket_fuzzer.cc index e74ef307fbb..af12e96c197 100644 --- a/chromium/net/http/http_proxy_client_socket_fuzzer.cc +++ b/chromium/net/http/http_proxy_client_socket_fuzzer.cc @@ -66,8 +66,11 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) { bool is_https_proxy = data_provider.ConsumeBool(); net::HttpProxyClientSocket socket( std::move(socket_handle), "Bond/007", net::HostPortPair("foo", 80), + net::ProxyServer(net::ProxyServer::SCHEME_HTTP, + net::HostPortPair("proxy", 42)), auth_controller.get(), true /* tunnel */, false /* using_spdy */, - net::kProtoUnknown, is_https_proxy, TRAFFIC_ANNOTATION_FOR_TESTS); + net::kProtoUnknown, nullptr /* proxy_delegate */, is_https_proxy, + TRAFFIC_ANNOTATION_FOR_TESTS); int result = socket.Connect(callback.callback()); result = callback.GetResult(result); diff --git a/chromium/net/http/http_proxy_client_socket_pool.cc b/chromium/net/http/http_proxy_client_socket_pool.cc index 95331e3cf84..21ace98a69e 100644 --- a/chromium/net/http/http_proxy_client_socket_pool.cc +++ b/chromium/net/http/http_proxy_client_socket_pool.cc @@ -12,6 +12,8 @@ #include "base/compiler_specific.h" #include "base/metrics/field_trial.h" #include "base/metrics/field_trial_params.h" +#include "base/no_destructor.h" +#include "base/numerics/ranges.h" #include "base/optional.h" #include "base/strings/string_number_conversions.h" #include "base/strings/string_util.h" @@ -30,6 +32,7 @@ #include "net/socket/ssl_client_socket.h" #include "net/socket/ssl_client_socket_pool.h" #include "net/socket/transport_client_socket_pool.h" +#include "net/socket/transport_connect_job.h" #include "net/spdy/spdy_proxy_client_socket.h" #include "net/spdy/spdy_session.h" #include "net/spdy/spdy_session_pool.h" @@ -41,25 +44,85 @@ namespace net { namespace { -// HttpProxyConnectJobs will time out after this many seconds. Note this is on -// top of the timeout for the transport socket. +// HttpProxyConnectJobs will time out after this many seconds. Note this is in +// addition to the timeout for the transport socket. #if defined(OS_ANDROID) || defined(OS_IOS) static const int kHttpProxyConnectJobTimeoutInSeconds = 10; #else static const int kHttpProxyConnectJobTimeoutInSeconds = 30; #endif -// Return the value of the parameter |param_name| for the field trial -// "NetAdaptiveProxyConnectionTimeout". If the value of the parameter is -// unavailable, then |default_value| is available. -int32_t GetInt32Param(const std::string& param_name, int32_t default_value) { - int32_t param; - if (!base::StringToInt(base::GetFieldTrialParamValue( - "NetAdaptiveProxyConnectionTimeout", param_name), - ¶m)) { - return default_value; +class HttpProxyTimeoutExperiments { + public: + HttpProxyTimeoutExperiments() { Init(); } + + ~HttpProxyTimeoutExperiments() = default; + + void Init() { +#if defined(OS_ANDROID) || defined(OS_IOS) + min_proxy_connection_timeout_ = base::TimeDelta::FromSeconds( + GetInt32Param("min_proxy_connection_timeout_seconds", 8)); + max_proxy_connection_timeout_ = base::TimeDelta::FromSeconds( + GetInt32Param("max_proxy_connection_timeout_seconds", 30)); +#else + min_proxy_connection_timeout_ = base::TimeDelta::FromSeconds( + GetInt32Param("min_proxy_connection_timeout_seconds", 30)); + max_proxy_connection_timeout_ = base::TimeDelta::FromSeconds( + GetInt32Param("max_proxy_connection_timeout_seconds", 60)); +#endif + ssl_http_rtt_multiplier_ = GetInt32Param("ssl_http_rtt_multiplier", 10); + non_ssl_http_rtt_multiplier_ = + GetInt32Param("non_ssl_http_rtt_multiplier", 5); + + DCHECK_LT(0, ssl_http_rtt_multiplier_); + DCHECK_LT(0, non_ssl_http_rtt_multiplier_); + DCHECK_LE(base::TimeDelta(), min_proxy_connection_timeout_); + DCHECK_LE(base::TimeDelta(), max_proxy_connection_timeout_); + DCHECK_LE(min_proxy_connection_timeout_, max_proxy_connection_timeout_); + } + + base::TimeDelta min_proxy_connection_timeout() const { + return min_proxy_connection_timeout_; + } + base::TimeDelta max_proxy_connection_timeout() const { + return max_proxy_connection_timeout_; + } + int32_t ssl_http_rtt_multiplier() const { return ssl_http_rtt_multiplier_; } + int32_t non_ssl_http_rtt_multiplier() const { + return non_ssl_http_rtt_multiplier_; } - return param; + + private: + // Return the value of the parameter |param_name| for the field trial + // "NetAdaptiveProxyConnectionTimeout". If the value of the parameter is + // unavailable, then |default_value| is available. + static int32_t GetInt32Param(const std::string& param_name, + int32_t default_value) { + int32_t param; + if (!base::StringToInt(base::GetFieldTrialParamValue( + "NetAdaptiveProxyConnectionTimeout", param_name), + ¶m)) { + return default_value; + } + return param; + } + + // For secure proxies, the connection timeout is set to + // |ssl_http_rtt_multiplier_| times the HTTP RTT estimate. For insecure + // proxies, the connection timeout is set to |non_ssl_http_rtt_multiplier_| + // times the HTTP RTT estimate. In either case, the connection timeout + // is clamped to be between |min_proxy_connection_timeout_| and + // |max_proxy_connection_timeout_|. + base::TimeDelta min_proxy_connection_timeout_; + base::TimeDelta max_proxy_connection_timeout_; + int32_t ssl_http_rtt_multiplier_; + int32_t non_ssl_http_rtt_multiplier_; +}; + +HttpProxyTimeoutExperiments* GetProxyTimeoutExperiments() { + static base::NoDestructor<HttpProxyTimeoutExperiments> + proxy_timeout_experiments; + return proxy_timeout_experiments.get(); } } // namespace @@ -102,14 +165,6 @@ HttpProxySocketParams::HttpProxySocketParams( DCHECK(!transport_params_ || !ssl_params_); } -const HostResolver::RequestInfo& HttpProxySocketParams::destination() const { - if (transport_params_.get() == NULL) { - return ssl_params_->GetDirectConnectionParams()->destination(); - } else { - return transport_params_->destination(); - } -} - HttpProxySocketParams::~HttpProxySocketParams() = default; HttpProxyConnectJob::HttpProxyConnectJob( @@ -118,9 +173,10 @@ HttpProxyConnectJob::HttpProxyConnectJob( const SocketTag& socket_tag, ClientSocketPool::RespectLimits respect_limits, const scoped_refptr<HttpProxySocketParams>& params, - const base::TimeDelta& timeout_duration, + ProxyDelegate* proxy_delegate, TransportClientSocketPool* transport_pool, SSLClientSocketPool* ssl_pool, + NetworkQualityEstimator* network_quality_estimator, Delegate* delegate, NetLog* net_log) : ConnectJob( @@ -128,7 +184,7 @@ HttpProxyConnectJob::HttpProxyConnectJob( base::TimeDelta() /* The socket takes care of timeouts */, priority, socket_tag, - respect_limits, + respect_limits == ClientSocketPool::RespectLimits::ENABLED, delegate, NetLogWithSource::Make(net_log, NetLogSourceType::HTTP_PROXY_CONNECT_JOB)), @@ -137,7 +193,7 @@ HttpProxyConnectJob::HttpProxyConnectJob( priority, socket_tag, respect_limits, - timeout_duration, + ConnectionTimeout(*params, network_quality_estimator), base::TimeDelta::FromSeconds(kHttpProxyConnectJobTimeoutInSeconds), transport_pool, ssl_pool, @@ -152,6 +208,7 @@ HttpProxyConnectJob::HttpProxyConnectJob( params->quic_stream_factory(), params->is_trusted_proxy(), params->tunnel(), + proxy_delegate, params->traffic_annotation(), this->net_log())) {} @@ -168,6 +225,51 @@ void HttpProxyConnectJob::GetAdditionalErrorState(ClientSocketHandle * handle) { } } +base::TimeDelta HttpProxyConnectJob::ConnectionTimeout( + const HttpProxySocketParams& params, + const NetworkQualityEstimator* network_quality_estimator) { + bool is_https = params.ssl_params() != nullptr; + // HTTP proxy connections can't be on top of proxy connections. + DCHECK(!is_https || + params.ssl_params()->GetConnectionType() == SSLSocketParams::DIRECT); + + if (network_quality_estimator) { + base::Optional<base::TimeDelta> http_rtt_estimate = + network_quality_estimator->GetHttpRTT(); + if (http_rtt_estimate) { + int32_t multiplier = + is_https + ? GetProxyTimeoutExperiments()->ssl_http_rtt_multiplier() + : GetProxyTimeoutExperiments()->non_ssl_http_rtt_multiplier(); + base::TimeDelta timeout = base::TimeDelta::FromMicroseconds( + multiplier * http_rtt_estimate.value().InMicroseconds()); + // Ensure that connection timeout is between + // |min_proxy_connection_timeout_| and |max_proxy_connection_timeout_|. + return base::ClampToRange( + timeout, GetProxyTimeoutExperiments()->min_proxy_connection_timeout(), + GetProxyTimeoutExperiments()->max_proxy_connection_timeout()); + } + } + + // Return the default proxy connection timeout. + base::TimeDelta nested_job_timeout; +#if !defined(OS_ANDROID) && !defined(OS_IOS) + if (is_https) { + nested_job_timeout = SSLConnectJob::ConnectionTimeout( + *params.ssl_params(), network_quality_estimator); + } else { + nested_job_timeout = TransportConnectJob::ConnectionTimeout(); + } +#endif // !defined(OS_ANDROID) && !defined(OS_IOS) + + return nested_job_timeout + + base::TimeDelta::FromSeconds(kHttpProxyConnectJobTimeoutInSeconds); +} + +void HttpProxyConnectJob::UpdateFieldTrialParametersForTesting() { + GetProxyTimeoutExperiments()->Init(); +} + int HttpProxyConnectJob::ConnectInternal() { int result = client_socket_->Connect(base::Bind( &HttpProxyConnectJob::OnConnectComplete, base::Unretained(this))); @@ -201,89 +303,25 @@ HttpProxyClientSocketPool::HttpProxyConnectJobFactory:: HttpProxyConnectJobFactory( TransportClientSocketPool* transport_pool, SSLClientSocketPool* ssl_pool, + ProxyDelegate* proxy_delegate, NetworkQualityEstimator* network_quality_estimator, NetLog* net_log) : transport_pool_(transport_pool), ssl_pool_(ssl_pool), + proxy_delegate_(proxy_delegate), network_quality_estimator_(network_quality_estimator), - ssl_http_rtt_multiplier_(GetInt32Param("ssl_http_rtt_multiplier", 10)), - non_ssl_http_rtt_multiplier_( - GetInt32Param("non_ssl_http_rtt_multiplier", 5)), -#if defined(OS_ANDROID) || defined(OS_IOS) - min_proxy_connection_timeout_(base::TimeDelta::FromSeconds( - GetInt32Param("min_proxy_connection_timeout_seconds", 8))), - max_proxy_connection_timeout_(base::TimeDelta::FromSeconds( - GetInt32Param("max_proxy_connection_timeout_seconds", 30))), -#else - min_proxy_connection_timeout_(base::TimeDelta::FromSeconds( - GetInt32Param("min_proxy_connection_timeout_seconds", 30))), - max_proxy_connection_timeout_(base::TimeDelta::FromSeconds( - GetInt32Param("max_proxy_connection_timeout_seconds", 60))), -#endif - net_log_(net_log) { - DCHECK_LT(0, ssl_http_rtt_multiplier_); - DCHECK_LT(0, non_ssl_http_rtt_multiplier_); - DCHECK_LE(base::TimeDelta(), min_proxy_connection_timeout_); - DCHECK_LE(base::TimeDelta(), max_proxy_connection_timeout_); - DCHECK_LE(min_proxy_connection_timeout_, max_proxy_connection_timeout_); -} + net_log_(net_log) {} std::unique_ptr<ConnectJob> HttpProxyClientSocketPool::HttpProxyConnectJobFactory::NewConnectJob( const std::string& group_name, const PoolBase::Request& request, ConnectJob::Delegate* delegate) const { - bool is_secure_connection = (request.params()->ssl_params() != nullptr); - - return std::unique_ptr<ConnectJob>(new HttpProxyConnectJob( + return std::make_unique<HttpProxyConnectJob>( group_name, request.priority(), request.socket_tag(), - request.respect_limits(), request.params(), - ConnectionTimeoutWithConnectionProperty(is_secure_connection), - transport_pool_, ssl_pool_, delegate, net_log_)); -} - -base::TimeDelta -HttpProxyClientSocketPool::HttpProxyConnectJobFactory::ConnectionTimeout() - const { - // Take a conservative approach: Return the timeout for the secure proxies - // which is higher than the connection timeout for the insecure proxies. - return ConnectionTimeoutWithConnectionProperty( - true /* is_secure_connection */); -} - -base::TimeDelta HttpProxyClientSocketPool::HttpProxyConnectJobFactory:: - ConnectionTimeoutWithConnectionProperty(bool is_secure_connection) const { - if (network_quality_estimator_) { - base::Optional<base::TimeDelta> http_rtt_estimate = - network_quality_estimator_->GetHttpRTT(); - if (http_rtt_estimate) { - int32_t multiplier = is_secure_connection ? ssl_http_rtt_multiplier_ - : non_ssl_http_rtt_multiplier_; - base::TimeDelta timeout = base::TimeDelta::FromMicroseconds( - multiplier * http_rtt_estimate.value().InMicroseconds()); - // Ensure that connection timeout is between - // |min_proxy_connection_timeout_| and |max_proxy_connection_timeout_|. - if (timeout < min_proxy_connection_timeout_) - return min_proxy_connection_timeout_; - if (timeout > max_proxy_connection_timeout_) - return max_proxy_connection_timeout_; - return timeout; - } - } - - // Return the default proxy connection timeout. - base::TimeDelta max_pool_timeout = base::TimeDelta(); -#if (!defined(OS_ANDROID) && !defined(OS_IOS)) - if (transport_pool_) - max_pool_timeout = transport_pool_->ConnectionTimeout(); - if (ssl_pool_) { - max_pool_timeout = - std::max(max_pool_timeout, ssl_pool_->ConnectionTimeout()); - } -#endif // !defined(OS_ANDROID) && !defined(OS_IOS) - - return max_pool_timeout + - base::TimeDelta::FromSeconds(kHttpProxyConnectJobTimeoutInSeconds); + request.respect_limits(), request.params(), proxy_delegate_, + transport_pool_, ssl_pool_, network_quality_estimator_, delegate, + net_log_); } HttpProxyClientSocketPool::HttpProxyClientSocketPool( @@ -291,6 +329,7 @@ HttpProxyClientSocketPool::HttpProxyClientSocketPool( int max_sockets_per_group, TransportClientSocketPool* transport_pool, SSLClientSocketPool* ssl_pool, + ProxyDelegate* proxy_delegate, NetworkQualityEstimator* network_quality_estimator, NetLog* net_log) : transport_pool_(transport_pool), @@ -302,6 +341,7 @@ HttpProxyClientSocketPool::HttpProxyClientSocketPool( ClientSocketPool::used_idle_socket_timeout(), new HttpProxyConnectJobFactory(transport_pool, ssl_pool, + proxy_delegate, network_quality_estimator, net_log)) { // We should always have a |transport_pool_| except in unit tests. @@ -408,10 +448,6 @@ HttpProxyClientSocketPool::GetInfoAsValue(const std::string& name, return dict; } -base::TimeDelta HttpProxyClientSocketPool::ConnectionTimeout() const { - return base_.ConnectionTimeout(); -} - bool HttpProxyClientSocketPool::IsStalled() const { return base_.IsStalled(); } diff --git a/chromium/net/http/http_proxy_client_socket_pool.h b/chromium/net/http/http_proxy_client_socket_pool.h index 90f49f5f61a..a8696319c63 100644 --- a/chromium/net/http/http_proxy_client_socket_pool.h +++ b/chromium/net/http/http_proxy_client_socket_pool.h @@ -33,6 +33,7 @@ class HttpAuthHandlerFactory; class HttpProxyClientSocketWrapper; class NetLog; class NetworkQualityEstimator; +class ProxyDelegate; class QuicStreamFactory; class SSLClientSocketPool; class SSLSocketParams; @@ -81,7 +82,6 @@ class NET_EXPORT_PRIVATE HttpProxySocketParams QuicStreamFactory* quic_stream_factory() const { return quic_stream_factory_; } - const HostResolver::RequestInfo& destination() const; bool is_trusted_proxy() const { return is_trusted_proxy_; } bool tunnel() const { return tunnel_; } const NetworkTrafficAnnotationTag traffic_annotation() const { @@ -117,9 +117,10 @@ class HttpProxyConnectJob : public ConnectJob { const SocketTag& socket_tag, ClientSocketPool::RespectLimits respect_limits, const scoped_refptr<HttpProxySocketParams>& params, - const base::TimeDelta& timeout_duration, + ProxyDelegate* proxy_delegate, TransportClientSocketPool* transport_pool, SSLClientSocketPool* ssl_pool, + NetworkQualityEstimator* network_quality_estimator, Delegate* delegate, NetLog* net_log); ~HttpProxyConnectJob() override; @@ -129,6 +130,15 @@ class HttpProxyConnectJob : public ConnectJob { void GetAdditionalErrorState(ClientSocketHandle* handle) override; + // Returns the connection timeout that will be used by a HttpProxyConnectJob + // created with the specified parameters, given current network conditions. + NET_EXPORT_PRIVATE static base::TimeDelta ConnectionTimeout( + const HttpProxySocketParams& params, + const NetworkQualityEstimator* network_quality_estimator); + + // Updates the field trial parameters used in calculating timeouts. + NET_EXPORT_PRIVATE static void UpdateFieldTrialParametersForTesting(); + private: // Begins the tcp connection and the optional Http proxy tunnel. If the // request is not immediately servicable (likely), the request will return @@ -162,6 +172,7 @@ class NET_EXPORT_PRIVATE HttpProxyClientSocketPool int max_sockets_per_group, TransportClientSocketPool* transport_pool, SSLClientSocketPool* ssl_pool, + ProxyDelegate* proxy_delegate, NetworkQualityEstimator* network_quality_estimator, NetLog* net_log); @@ -211,8 +222,6 @@ class NET_EXPORT_PRIVATE HttpProxyClientSocketPool const std::string& type, bool include_nested_pools) const override; - base::TimeDelta ConnectionTimeout() const override; - // LowerLayeredPool implementation. bool IsStalled() const override; @@ -235,6 +244,7 @@ class NET_EXPORT_PRIVATE HttpProxyClientSocketPool HttpProxyConnectJobFactory( TransportClientSocketPool* transport_pool, SSLClientSocketPool* ssl_pool, + ProxyDelegate* proxy_delegate, NetworkQualityEstimator* network_quality_estimator, NetLog* net_log); @@ -244,33 +254,15 @@ class NET_EXPORT_PRIVATE HttpProxyClientSocketPool const PoolBase::Request& request, ConnectJob::Delegate* delegate) const override; - base::TimeDelta ConnectionTimeout() const override; - private: FRIEND_TEST_ALL_PREFIXES(HttpProxyClientSocketPoolTest, ProxyPoolTimeoutWithConnectionProperty); - // Returns proxy connection timeout for secure proxies if - // |is_secure_connection| is true. Otherwise, returns timeout for insecure - // proxies. - base::TimeDelta ConnectionTimeoutWithConnectionProperty( - bool is_secure_connection) const; - TransportClientSocketPool* const transport_pool_; SSLClientSocketPool* const ssl_pool_; + ProxyDelegate* const proxy_delegate_; NetworkQualityEstimator* const network_quality_estimator_; - // For secure proxies, the connection timeout is set to - // |ssl_http_rtt_multiplier_| times the HTTP RTT estimate. For insecure - // proxies, the connection timeout is set to |non_ssl_http_rtt_multiplier_| - // times the HTTP RTT estimate. In either case, the connection timeout - // is clamped to be between |min_proxy_connection_timeout_| and - // |max_proxy_connection_timeout_|. - const int32_t ssl_http_rtt_multiplier_; - const int32_t non_ssl_http_rtt_multiplier_; - const base::TimeDelta min_proxy_connection_timeout_; - const base::TimeDelta max_proxy_connection_timeout_; - NetLog* net_log_; DISALLOW_COPY_AND_ASSIGN(HttpProxyConnectJobFactory); diff --git a/chromium/net/http/http_proxy_client_socket_pool_unittest.cc b/chromium/net/http/http_proxy_client_socket_pool_unittest.cc index edc4273c4e8..4397ae6c31c 100644 --- a/chromium/net/http/http_proxy_client_socket_pool_unittest.cc +++ b/chromium/net/http/http_proxy_client_socket_pool_unittest.cc @@ -13,6 +13,7 @@ #include "base/metrics/field_trial.h" #include "base/metrics/field_trial_param_associator.h" #include "base/metrics/field_trial_params.h" +#include "base/stl_util.h" #include "base/strings/string_number_conversions.h" #include "base/strings/string_util.h" #include "base/strings/utf_string_conversions.h" @@ -20,6 +21,7 @@ #include "build/build_config.h" #include "net/base/net_errors.h" #include "net/base/test_completion_callback.h" +#include "net/base/test_proxy_delegate.h" #include "net/http/http_network_session.h" #include "net/http/http_proxy_client_socket.h" #include "net/http/http_response_headers.h" @@ -29,10 +31,11 @@ #include "net/socket/next_proto.h" #include "net/socket/socket_tag.h" #include "net/socket/socket_test_util.h" +#include "net/socket/transport_connect_job.h" #include "net/spdy/spdy_test_util_common.h" #include "net/test/gtest_util.h" #include "net/test/test_with_scoped_task_environment.h" -#include "net/third_party/spdy/core/spdy_protocol.h" +#include "net/third_party/quiche/src/spdy/core/spdy_protocol.h" #include "net/traffic_annotation/network_traffic_annotation_test_helper.h" #include "testing/gmock/include/gmock/gmock.h" #include "testing/gtest/include/gtest/gtest.h" @@ -49,7 +52,7 @@ const int kMaxSocketsPerGroup = 6; const char * const kAuthHeaders[] = { "proxy-authorization", "Basic Zm9vOmJhcg==" }; -const int kAuthHeadersSize = arraysize(kAuthHeaders) / 2; +const int kAuthHeadersSize = base::size(kAuthHeaders) / 2; enum HttpProxyType { HTTP, @@ -80,9 +83,10 @@ class HttpProxyClientSocketPoolTest std::string() /* ssl_session_cache_shard */, &socket_factory_, &transport_socket_pool_, - NULL, - NULL, + NULL /* socks_pool */, + NULL /* http_proxy_pool */, session_deps_.ssl_config_service.get(), + NULL /* network_quality_estimator */, NetLogWithSource().net_log()), field_trial_list_(nullptr), pool_( @@ -90,12 +94,17 @@ class HttpProxyClientSocketPoolTest kMaxSocketsPerGroup, &transport_socket_pool_, &ssl_socket_pool_, + nullptr, &estimator_, nullptr)) { session_ = CreateNetworkSession(); } - virtual ~HttpProxyClientSocketPoolTest() = default; + virtual ~HttpProxyClientSocketPoolTest() { + // Reset global field trial parameters to defaults values. + base::FieldTrialParamAssociator::GetInstance()->ClearAllParamsForTesting(); + HttpProxyConnectJob::UpdateFieldTrialParametersForTesting(); + } // Initializes the field trial paramters for the field trial that determines // connection timeout based on the network quality. @@ -124,11 +133,14 @@ class HttpProxyClientSocketPoolTest base::AssociateFieldTrialParams(trial_name, group_name, params)); EXPECT_TRUE(base::FieldTrialList::CreateFieldTrial(trial_name, group_name)); - // Reset |pool_| so that the field trial parameters are read by the - // |pool_|. + // Force static global that reads the field trials to update. + HttpProxyConnectJob::UpdateFieldTrialParametersForTesting(); + } + + void InitPoolWithProxyDelegate(ProxyDelegate* proxy_delegate) { pool_ = std::make_unique<HttpProxyClientSocketPool>( kMaxSockets, kMaxSocketsPerGroup, &transport_socket_pool_, - &ssl_socket_pool_, &estimator_, NetLogWithSource().net_log()); + &ssl_socket_pool_, proxy_delegate, &estimator_, nullptr); } void AddAuthToCache() { @@ -148,23 +160,18 @@ class HttpProxyClientSocketPoolTest scoped_refptr<TransportSocketParams> CreateHttpProxyParams() const { if (GetParam() != HTTP) return NULL; - return new TransportSocketParams( - HostPortPair(kHttpProxyHost, 80), - false, - OnHostResolutionCallback(), - TransportSocketParams::COMBINE_CONNECT_AND_WRITE_DEFAULT); + return new TransportSocketParams(HostPortPair(kHttpProxyHost, 80), false, + OnHostResolutionCallback()); } scoped_refptr<SSLSocketParams> CreateHttpsProxyParams() const { if (GetParam() == HTTP) return NULL; return new SSLSocketParams( - new TransportSocketParams( - HostPortPair(kHttpsProxyHost, 443), false, - OnHostResolutionCallback(), - TransportSocketParams::COMBINE_CONNECT_AND_WRITE_DEFAULT), + new TransportSocketParams(HostPortPair(kHttpsProxyHost, 443), false, + OnHostResolutionCallback()), NULL, NULL, HostPortPair(kHttpsProxyHost, 443), SSLConfig(), - PRIVACY_MODE_DISABLED, false /* ignore_certificate_errors */); + PRIVACY_MODE_DISABLED); } // Returns the a correctly constructed HttpProxyParms @@ -235,7 +242,15 @@ class HttpProxyClientSocketPoolTest } SSLClientSocketPool* ssl_socket_pool() { return &ssl_socket_pool_; } - private: + base::TimeDelta GetProxyConnectionTimeout() { + // Doesn't actually matter whether or not this is for a tunnel - the + // connection timeout is the same, though it probably shouldn't be the same, + // since tunnels need an extra round trip. + return HttpProxyConnectJob::ConnectionTimeout( + *CreateParams(true /* tunnel */), &estimator_); + } + + protected: MockTaggingClientSocketFactory socket_factory_; SpdySessionDependencies session_deps_; @@ -252,7 +267,6 @@ class HttpProxyClientSocketPoolTest base::FieldTrialList field_trial_list_; - protected: SpdyTestUtil spdy_util_; std::unique_ptr<SSLSocketDataProvider> ssl_data_; std::unique_ptr<SequencedSocketData> data_; @@ -268,6 +282,9 @@ INSTANTIATE_TEST_CASE_P(HttpProxyType, ::testing::Values(HTTP, HTTPS, SPDY)); TEST_P(HttpProxyClientSocketPoolTest, NoTunnel) { + TestProxyDelegate proxy_delegate; + InitPoolWithProxyDelegate(&proxy_delegate); + Initialize(base::span<MockRead>(), base::span<MockWrite>(), base::span<MockRead>(), base::span<MockWrite>()); @@ -279,6 +296,7 @@ TEST_P(HttpProxyClientSocketPoolTest, NoTunnel) { EXPECT_TRUE(handle_.is_initialized()); ASSERT_TRUE(handle_.socket()); EXPECT_TRUE(handle_.socket()->IsConnected()); + EXPECT_FALSE(proxy_delegate.on_before_tunnel_request_called()); bool is_secure_proxy = GetParam() == HTTPS || GetParam() == SPDY; histogram_tester().ExpectTotalCount( @@ -287,6 +305,49 @@ TEST_P(HttpProxyClientSocketPoolTest, NoTunnel) { "Net.HttpProxy.ConnectLatency.Secure.Success", is_secure_proxy ? 1 : 0); } +TEST_P(HttpProxyClientSocketPoolTest, ProxyDelegateExtraHeaders) { + // It's pretty much impossible to make the SPDY case behave synchronously + // so we skip this test for SPDY. + if (GetParam() == SPDY) + return; + + TestProxyDelegate proxy_delegate; + InitPoolWithProxyDelegate(&proxy_delegate); + + const ProxyServer proxy_server( + GetParam() == HTTP ? ProxyServer::SCHEME_HTTP : ProxyServer::SCHEME_HTTPS, + HostPortPair(GetParam() == HTTP ? kHttpProxyHost : kHttpsProxyHost, + GetParam() == HTTP ? 80 : 443)); + const std::string request = + "CONNECT www.google.com:443 HTTP/1.1\r\n" + "Host: www.google.com:443\r\n" + "Proxy-Connection: keep-alive\r\n" + "Foo: " + + proxy_server.ToURI() + "\r\n\r\n"; + MockWrite writes[] = { + MockWrite(SYNCHRONOUS, 0, request.c_str()), + }; + + const std::string response_header_name = "Foo"; + const std::string response_header_value = "Response"; + const std::string response = "HTTP/1.1 200 Connection Established\r\n" + + response_header_name + ": " + + response_header_value + "\r\n\r\n"; + MockRead reads[] = { + MockRead(SYNCHRONOUS, 1, response.c_str()), + }; + + Initialize(reads, writes, base::span<MockRead>(), base::span<MockWrite>()); + + int rv = handle_.Init("a", CreateTunnelParams(), LOW, SocketTag(), + ClientSocketPool::RespectLimits::ENABLED, + callback_.callback(), pool_.get(), NetLogWithSource()); + EXPECT_THAT(rv, IsOk()); + + proxy_delegate.VerifyOnTunnelHeadersReceived( + proxy_server, response_header_name, response_header_value); +} + // Make sure that HttpProxyConnectJob passes on its priority to its // (non-SSL) socket request on Init. TEST_P(HttpProxyClientSocketPoolTest, SetSocketRequestPriorityOnInit) { @@ -378,16 +439,12 @@ TEST_P(HttpProxyClientSocketPoolTest, HaveAuth) { // so we skip this test for SPDY if (GetParam() == SPDY) return; - std::string proxy_host_port = GetParam() == HTTP - ? (kHttpProxyHost + std::string(":80")) - : (kHttpsProxyHost + std::string(":443")); - std::string request = - "CONNECT www.google.com:443 HTTP/1.1\r\n" - "Host: www.google.com:443\r\n" - "Proxy-Connection: keep-alive\r\n" - "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"; MockWrite writes[] = { - MockWrite(SYNCHRONOUS, 0, request.c_str()), + MockWrite(SYNCHRONOUS, 0, + "CONNECT www.google.com:443 HTTP/1.1\r\n" + "Host: www.google.com:443\r\n" + "Proxy-Connection: keep-alive\r\n" + "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"), }; MockRead reads[] = { MockRead(SYNCHRONOUS, 1, "HTTP/1.1 200 Connection Established\r\n\r\n"), @@ -406,16 +463,12 @@ TEST_P(HttpProxyClientSocketPoolTest, HaveAuth) { } TEST_P(HttpProxyClientSocketPoolTest, AsyncHaveAuth) { - std::string proxy_host_port = GetParam() == HTTP - ? (kHttpProxyHost + std::string(":80")) - : (kHttpsProxyHost + std::string(":443")); - std::string request = - "CONNECT www.google.com:443 HTTP/1.1\r\n" - "Host: www.google.com:443\r\n" - "Proxy-Connection: keep-alive\r\n" - "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"; MockWrite writes[] = { - MockWrite(ASYNC, 0, request.c_str()), + MockWrite(ASYNC, 0, + "CONNECT www.google.com:443 HTTP/1.1\r\n" + "Host: www.google.com:443\r\n" + "Proxy-Connection: keep-alive\r\n" + "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"), }; MockRead reads[] = { MockRead(ASYNC, 1, "HTTP/1.1 200 Connection Established\r\n\r\n"), @@ -714,7 +767,7 @@ TEST_P(HttpProxyClientSocketPoolTest, TunnelSetupRedirect) { "location", redirectTarget.c_str(), "set-cookie", "foo=bar", }; - const int responseHeadersSize = arraysize(responseHeaders) / 2; + const int responseHeadersSize = base::size(responseHeaders) / 2; spdy::SpdySerializedFrame resp(spdy_util_.ConstructSpdyReplyError( "302", responseHeaders, responseHeadersSize, 1)); MockRead spdy_reads[] = { @@ -767,15 +820,15 @@ TEST_P(HttpProxyClientSocketPoolTest, ProxyPoolMinTimeout) { base::TimeDelta rtt_estimate = base::TimeDelta::FromMilliseconds(1); estimator()->SetStartTimeNullHttpRtt(rtt_estimate); - EXPECT_LE(base::TimeDelta(), pool_->ConnectionTimeout()); + EXPECT_LE(base::TimeDelta(), GetProxyConnectionTimeout()); // Test against a large value. - EXPECT_GE(base::TimeDelta::FromMinutes(10), pool_->ConnectionTimeout()); + EXPECT_GE(base::TimeDelta::FromMinutes(10), GetProxyConnectionTimeout()); #if (defined(OS_ANDROID) || defined(OS_IOS)) - EXPECT_EQ(base::TimeDelta::FromSeconds(8), pool_->ConnectionTimeout()); + EXPECT_EQ(base::TimeDelta::FromSeconds(8), GetProxyConnectionTimeout()); #else - EXPECT_EQ(base::TimeDelta::FromSeconds(30), pool_->ConnectionTimeout()); + EXPECT_EQ(base::TimeDelta::FromSeconds(30), GetProxyConnectionTimeout()); #endif } @@ -784,15 +837,15 @@ TEST_P(HttpProxyClientSocketPoolTest, ProxyPoolMaxTimeout) { base::TimeDelta rtt_estimate = base::TimeDelta::FromSeconds(100); estimator()->SetStartTimeNullHttpRtt(rtt_estimate); - EXPECT_LE(base::TimeDelta(), pool_->ConnectionTimeout()); + EXPECT_LE(base::TimeDelta(), GetProxyConnectionTimeout()); // Test against a large value. - EXPECT_GE(base::TimeDelta::FromMinutes(10), pool_->ConnectionTimeout()); + EXPECT_GE(base::TimeDelta::FromMinutes(10), GetProxyConnectionTimeout()); #if (defined(OS_ANDROID) || defined(OS_IOS)) - EXPECT_EQ(base::TimeDelta::FromSeconds(30), pool_->ConnectionTimeout()); + EXPECT_EQ(base::TimeDelta::FromSeconds(30), GetProxyConnectionTimeout()); #else - EXPECT_EQ(base::TimeDelta::FromSeconds(60), pool_->ConnectionTimeout()); + EXPECT_EQ(base::TimeDelta::FromSeconds(60), GetProxyConnectionTimeout()); #endif } @@ -806,22 +859,22 @@ TEST_P(HttpProxyClientSocketPoolTest, ProxyPoolTimeoutWithExperiment) { InitAdaptiveTimeoutFieldTrialWithParams(false, kMultiplier, kMultiplier, kMinTimeout, kMaxTimeout); - EXPECT_LE(base::TimeDelta(), pool_->ConnectionTimeout()); + EXPECT_LE(base::TimeDelta(), GetProxyConnectionTimeout()); base::TimeDelta rtt_estimate = base::TimeDelta::FromSeconds(4); estimator()->SetStartTimeNullHttpRtt(rtt_estimate); base::TimeDelta expected_connection_timeout = kMultiplier * rtt_estimate; - EXPECT_EQ(expected_connection_timeout, pool_->ConnectionTimeout()); + EXPECT_EQ(expected_connection_timeout, GetProxyConnectionTimeout()); // Connection timeout should not exceed kMaxTimeout. rtt_estimate = base::TimeDelta::FromSeconds(25); estimator()->SetStartTimeNullHttpRtt(rtt_estimate); - EXPECT_EQ(kMaxTimeout, pool_->ConnectionTimeout()); + EXPECT_EQ(kMaxTimeout, GetProxyConnectionTimeout()); // Connection timeout should not be less than kMinTimeout. rtt_estimate = base::TimeDelta::FromSeconds(0); estimator()->SetStartTimeNullHttpRtt(rtt_estimate); - EXPECT_EQ(kMinTimeout, pool_->ConnectionTimeout()); + EXPECT_EQ(kMinTimeout, GetProxyConnectionTimeout()); } // Tests the connection timeout values when the field trial parameters are @@ -835,26 +888,26 @@ TEST_P(HttpProxyClientSocketPoolTest, InitAdaptiveTimeoutFieldTrialWithParams(false, kMultiplier, kMultiplier, kMinTimeout, kMaxTimeout); - EXPECT_LE(base::TimeDelta(), pool_->ConnectionTimeout()); + EXPECT_LE(base::TimeDelta(), GetProxyConnectionTimeout()); base::TimeDelta rtt_estimate = base::TimeDelta::FromSeconds(2); estimator()->SetStartTimeNullHttpRtt(rtt_estimate); - EXPECT_EQ(kMultiplier * rtt_estimate, pool_->ConnectionTimeout()); + EXPECT_EQ(kMultiplier * rtt_estimate, GetProxyConnectionTimeout()); // A change in RTT estimate should also change the connection timeout. rtt_estimate = base::TimeDelta::FromSeconds(7); estimator()->SetStartTimeNullHttpRtt(rtt_estimate); - EXPECT_EQ(kMultiplier * rtt_estimate, pool_->ConnectionTimeout()); + EXPECT_EQ(kMultiplier * rtt_estimate, GetProxyConnectionTimeout()); // Connection timeout should not exceed kMaxTimeout. rtt_estimate = base::TimeDelta::FromSeconds(35); estimator()->SetStartTimeNullHttpRtt(rtt_estimate); - EXPECT_EQ(kMaxTimeout, pool_->ConnectionTimeout()); + EXPECT_EQ(kMaxTimeout, GetProxyConnectionTimeout()); // Connection timeout should not be less than kMinTimeout. rtt_estimate = base::TimeDelta::FromSeconds(0); estimator()->SetStartTimeNullHttpRtt(rtt_estimate); - EXPECT_EQ(kMinTimeout, pool_->ConnectionTimeout()); + EXPECT_EQ(kMinTimeout, GetProxyConnectionTimeout()); } TEST_P(HttpProxyClientSocketPoolTest, ProxyPoolTimeoutWithConnectionProperty) { @@ -867,17 +920,18 @@ TEST_P(HttpProxyClientSocketPoolTest, ProxyPoolTimeoutWithConnectionProperty) { false, kSecureMultiplier, kNonSecureMultiplier, kMinTimeout, kMaxTimeout); HttpProxyClientSocketPool::HttpProxyConnectJobFactory job_factory( - transport_socket_pool(), ssl_socket_pool(), estimator(), nullptr); + transport_socket_pool(), ssl_socket_pool(), nullptr, estimator(), + nullptr); const base::TimeDelta kRttEstimate = base::TimeDelta::FromSeconds(2); estimator()->SetStartTimeNullHttpRtt(kRttEstimate); // By default, connection timeout should return the timeout for secure // proxies. - EXPECT_EQ(kSecureMultiplier * kRttEstimate, job_factory.ConnectionTimeout()); - EXPECT_EQ(kSecureMultiplier * kRttEstimate, - job_factory.ConnectionTimeoutWithConnectionProperty(true)); - EXPECT_EQ(kNonSecureMultiplier * kRttEstimate, - job_factory.ConnectionTimeoutWithConnectionProperty(false)); + if (GetParam() != HTTP) { + EXPECT_EQ(kSecureMultiplier * kRttEstimate, GetProxyConnectionTimeout()); + } else { + EXPECT_EQ(kNonSecureMultiplier * kRttEstimate, GetProxyConnectionTimeout()); + } } // Tests the connection timeout values when the field trial parameters are not @@ -886,30 +940,30 @@ TEST_P(HttpProxyClientSocketPoolTest, ProxyPoolTimeoutWithExperimentDefaultParams) { InitAdaptiveTimeoutFieldTrialWithParams(true, 0, 0, base::TimeDelta(), base::TimeDelta()); - EXPECT_LE(base::TimeDelta(), pool_->ConnectionTimeout()); + EXPECT_LE(base::TimeDelta(), GetProxyConnectionTimeout()); // Timeout should be |http_rtt_multiplier| times the HTTP RTT // estimate. base::TimeDelta rtt_estimate = base::TimeDelta::FromMilliseconds(10); estimator()->SetStartTimeNullHttpRtt(rtt_estimate); // Connection timeout should not be less than the HTTP RTT estimate. - EXPECT_LE(rtt_estimate, pool_->ConnectionTimeout()); + EXPECT_LE(rtt_estimate, GetProxyConnectionTimeout()); // A change in RTT estimate should also change the connection timeout. rtt_estimate = base::TimeDelta::FromSeconds(10); estimator()->SetStartTimeNullHttpRtt(rtt_estimate); // Connection timeout should not be less than the HTTP RTT estimate. - EXPECT_LE(rtt_estimate, pool_->ConnectionTimeout()); + EXPECT_LE(rtt_estimate, GetProxyConnectionTimeout()); // Set RTT to a very large value. rtt_estimate = base::TimeDelta::FromMinutes(60); estimator()->SetStartTimeNullHttpRtt(rtt_estimate); - EXPECT_GT(rtt_estimate, pool_->ConnectionTimeout()); + EXPECT_GT(rtt_estimate, GetProxyConnectionTimeout()); // Set RTT to a very small value. rtt_estimate = base::TimeDelta::FromSeconds(0); estimator()->SetStartTimeNullHttpRtt(rtt_estimate); - EXPECT_LT(rtt_estimate, pool_->ConnectionTimeout()); + EXPECT_LT(rtt_estimate, GetProxyConnectionTimeout()); } // It would be nice to also test the timeouts in HttpProxyClientSocketPool. @@ -918,6 +972,10 @@ TEST_P(HttpProxyClientSocketPoolTest, // returned underlying TCP sockets. #if defined(OS_ANDROID) TEST_P(HttpProxyClientSocketPoolTest, Tag) { + // Socket tagging only supports Android without data reduction proxy, so only + // HTTP proxies are supported. + if (GetParam() != HTTP) + return; Initialize(base::span<MockRead>(), base::span<MockWrite>(), base::span<MockRead>(), base::span<MockWrite>()); SocketTag tag1(SocketTag::UNSET_UID, 0x12345678); @@ -950,6 +1008,57 @@ TEST_P(HttpProxyClientSocketPoolTest, Tag) { handle_.socket()->Disconnect(); handle_.Reset(); } + +TEST_P(HttpProxyClientSocketPoolTest, TagWithProxy) { + // Socket tagging only supports Android without data reduction proxy, so only + // HTTP proxies are supported. + if (GetParam() != HTTP) + return; + std::string request = + "CONNECT www.google.com:443 HTTP/1.1\r\n" + "Host: www.google.com:443\r\n" + "Proxy-Connection: keep-alive\r\n" + "Proxy-Authorization: Basic Zm9vOmJhcg==\r\n\r\n"; + MockWrite writes[] = { + MockWrite(SYNCHRONOUS, 0, request.c_str()), + }; + MockRead reads[] = { + MockRead(SYNCHRONOUS, 1, "HTTP/1.1 200 Connection Established\r\n\r\n"), + }; + + Initialize(reads, writes, base::span<MockRead>(), base::span<MockWrite>()); + AddAuthToCache(); + + SocketTag tag1(SocketTag::UNSET_UID, 0x12345678); + SocketTag tag2(getuid(), 0x87654321); + + // Verify requested socket is tagged properly. + int rv = + handle_.Init("a", CreateTunnelParams(), LOW, tag1, + ClientSocketPool::RespectLimits::ENABLED, + CompletionOnceCallback(), pool_.get(), NetLogWithSource()); + EXPECT_THAT(rv, IsOk()); + EXPECT_TRUE(handle_.is_initialized()); + ASSERT_TRUE(handle_.socket()); + EXPECT_TRUE(handle_.socket()->IsConnected()); + EXPECT_EQ(socket_factory()->GetLastProducedTCPSocket()->tag(), tag1); + EXPECT_TRUE( + socket_factory()->GetLastProducedTCPSocket()->tagged_before_connected()); + + // Verify reused socket is retagged properly. + StreamSocket* socket = handle_.socket(); + handle_.Reset(); + rv = handle_.Init("a", CreateNoTunnelParams(), LOW, tag2, + ClientSocketPool::RespectLimits::ENABLED, + CompletionOnceCallback(), pool_.get(), NetLogWithSource()); + EXPECT_THAT(rv, IsOk()); + EXPECT_TRUE(handle_.socket()); + EXPECT_TRUE(handle_.socket()->IsConnected()); + EXPECT_EQ(handle_.socket(), socket); + EXPECT_EQ(socket_factory()->GetLastProducedTCPSocket()->tag(), tag2); + handle_.socket()->Disconnect(); + handle_.Reset(); +} #endif } // namespace net diff --git a/chromium/net/http/http_proxy_client_socket_unittest.cc b/chromium/net/http/http_proxy_client_socket_unittest.cc index 6b9706711ad..d4d11b99d7f 100644 --- a/chromium/net/http/http_proxy_client_socket_unittest.cc +++ b/chromium/net/http/http_proxy_client_socket_unittest.cc @@ -7,6 +7,7 @@ #include "build/build_config.h" #include "net/base/address_list.h" #include "net/base/host_port_pair.h" +#include "net/base/proxy_server.h" #include "net/log/test_net_log.h" #include "net/socket/next_proto.h" #include "net/socket/socket_tag.h" @@ -29,9 +30,9 @@ TEST(HttpProxyClientSocketTest, Tag) { // |connection| takes ownership of |tagging_sock|, but keep a // non-owning pointer to it. connection->SetSocket(std::unique_ptr<StreamSocket>(tagging_sock)); - HttpProxyClientSocket socket(std::move(connection), "", HostPortPair(), - nullptr, false, false, NextProto(), false, - TRAFFIC_ANNOTATION_FOR_TESTS); + HttpProxyClientSocket socket( + std::move(connection), "", HostPortPair(), ProxyServer(), nullptr, false, + false, NextProto(), nullptr, false, TRAFFIC_ANNOTATION_FOR_TESTS); EXPECT_EQ(tagging_sock->tag(), SocketTag()); #if defined(OS_ANDROID) diff --git a/chromium/net/http/http_proxy_client_socket_wrapper.cc b/chromium/net/http/http_proxy_client_socket_wrapper.cc index 74bea38e08a..dcc9c6ae6e6 100644 --- a/chromium/net/http/http_proxy_client_socket_wrapper.cc +++ b/chromium/net/http/http_proxy_client_socket_wrapper.cc @@ -12,6 +12,7 @@ #include "base/memory/weak_ptr.h" #include "base/metrics/histogram_macros.h" #include "base/values.h" +#include "net/base/proxy_delegate.h" #include "net/http/http_proxy_client_socket.h" #include "net/http/http_response_info.h" #include "net/log/net_log_event_type.h" @@ -22,6 +23,8 @@ #include "net/socket/client_socket_factory.h" #include "net/socket/client_socket_handle.h" #include "net/socket/socket_tag.h" +#include "net/socket/transport_client_socket_pool.h" +#include "net/socket/transport_connect_job.h" #include "net/spdy/spdy_proxy_client_socket.h" #include "net/spdy/spdy_session.h" #include "net/spdy/spdy_session_pool.h" @@ -52,6 +55,7 @@ HttpProxyClientSocketWrapper::HttpProxyClientSocketWrapper( QuicStreamFactory* quic_stream_factory, bool is_trusted_proxy, bool tunnel, + ProxyDelegate* proxy_delegate, const NetworkTrafficAnnotationTag& traffic_annotation, const NetLogWithSource& net_log) : next_state_(STATE_NONE), @@ -71,6 +75,7 @@ HttpProxyClientSocketWrapper::HttpProxyClientSocketWrapper( spdy_session_pool_(spdy_session_pool), has_restarted_(false), tunnel_(tunnel), + proxy_delegate_(proxy_delegate), using_spdy_(false), is_trusted_proxy_(is_trusted_proxy), quic_stream_factory_(quic_stream_factory), @@ -307,12 +312,25 @@ int64_t HttpProxyClientSocketWrapper::GetTotalReceivedBytes() const { } void HttpProxyClientSocketWrapper::ApplySocketTag(const SocketTag& tag) { - // HttpProxyClientSocketPool only tags once connected, when transport_socket_ - // is set. Socket tagging is not supported with tunneling. Socket tagging is - // also not supported with proxy auth so ApplySocketTag() won't be called with - // a specific (non-default) tag when transport_socket_ is cleared by - // RestartWithAuth(). - if (tunnel_ || !transport_socket_) { + // Applying a socket tag to an HttpProxyClientSocketWrapper is done by simply + // applying the socket tag to the underlying socket. + + // In the case of a connection to the proxy using HTTP/2 or HTTP/3 where the + // underlying socket may multiplex multiple streams, applying this request's + // socket tag to the multiplexed session would incorrectly apply the socket + // tag to all mutliplexed streams. In reality this would hit the CHECK(false) + // in QuicProxyClientSocket::ApplySocketTag() or + // SpdyProxyClientSocket::ApplySocketTag(). Fortunately socket tagging is only + // supported on Android without the data reduction proxy, so only simple HTTP + // proxies are supported, so proxies won't be using HTTP/2 or HTTP/3. Detect + // this case (|ssl_params_| must be set for HTTP/2 and HTTP/3 proxies) and + // enforce that a specific (non-default) tag isn't being applied. + if (ssl_params_ || + // Android also doesn't support proxy auth, so RestartWithAuth() should't + // be called so |transport_socket_| shouldn't be cleared. If + // |transport_socket_| is cleared, enforce that a specific (non-default) + // tag isn't being applied. + !transport_socket_) { CHECK(tag == SocketTag()); } else { transport_socket_->ApplySocketTag(tag); @@ -379,6 +397,16 @@ int HttpProxyClientSocketWrapper::GetLocalAddress(IPEndPoint* address) const { return ERR_SOCKET_NOT_CONNECTED; } +ProxyServer::Scheme HttpProxyClientSocketWrapper::GetProxyServerScheme() const { + if (quic_version_ != quic::QUIC_VERSION_UNSUPPORTED) + return ProxyServer::SCHEME_QUIC; + + if (transport_params_) + return ProxyServer::SCHEME_HTTP; + + return ProxyServer::SCHEME_HTTPS; +} + void HttpProxyClientSocketWrapper::OnIOComplete(int result) { int rv = DoLoop(result); if (rv != ERR_IO_PENDING) { @@ -458,12 +486,18 @@ int HttpProxyClientSocketWrapper::DoLoop(int result) { int HttpProxyClientSocketWrapper::DoBeginConnect() { connect_start_time_ = base::TimeTicks::Now(); SetConnectTimer(connect_timeout_duration_); - if (quic_version_ != quic::QUIC_VERSION_UNSUPPORTED) { - next_state_ = STATE_QUIC_PROXY_CREATE_SESSION; - } else if (transport_params_) { - next_state_ = STATE_TCP_CONNECT; - } else { - next_state_ = STATE_SSL_CONNECT; + switch (GetProxyServerScheme()) { + case ProxyServer::SCHEME_QUIC: + next_state_ = STATE_QUIC_PROXY_CREATE_SESSION; + break; + case ProxyServer::SCHEME_HTTP: + next_state_ = STATE_TCP_CONNECT; + break; + case ProxyServer::SCHEME_HTTPS: + next_state_ = STATE_SSL_CONNECT; + break; + default: + NOTREACHED(); } return OK; } @@ -472,8 +506,10 @@ int HttpProxyClientSocketWrapper::DoTransportConnect() { next_state_ = STATE_TCP_CONNECT_COMPLETE; transport_socket_handle_.reset(new ClientSocketHandle()); return transport_socket_handle_->Init( - group_name_, transport_params_, priority_, initial_socket_tag_, - respect_limits_, + group_name_, + TransportClientSocketPool::SocketParams::CreateFromTransportSocketParams( + transport_params_), + priority_, initial_socket_tag_, respect_limits_, base::Bind(&HttpProxyClientSocketWrapper::OnIOComplete, base::Unretained(this)), transport_pool_, net_log_); @@ -483,6 +519,12 @@ int HttpProxyClientSocketWrapper::DoTransportConnectComplete(int result) { if (result != OK) { UMA_HISTOGRAM_MEDIUM_TIMES("Net.HttpProxy.ConnectLatency.Insecure.Error", base::TimeTicks::Now() - connect_start_time_); + // This is a special error code meaning to reuse an existing SPDY session + // rather than use a fresh socket. Overriding it with a proxy error message + // would cause the request to fail, instead of switching to using the SPDY + // session. + if (result == ERR_SPDY_SESSION_ALREADY_EXISTS) + return result; return ERR_PROXY_CONNECTION_FAILED; } @@ -502,6 +544,7 @@ int HttpProxyClientSocketWrapper::DoSSLConnect() { ->destination() .host_port_pair(), ProxyServer::Direct(), PRIVACY_MODE_DISABLED, + SpdySessionKey::IsProxySession::kTrue, initial_socket_tag_); if (spdy_session_pool_->FindAvailableSession( key, /* enable_ip_based_pooling = */ true, @@ -535,14 +578,10 @@ int HttpProxyClientSocketWrapper::DoSSLConnectComplete(int result) { if (IsCertificateError(result)) { UMA_HISTOGRAM_MEDIUM_TIMES("Net.HttpProxy.ConnectLatency.Secure.Error", base::TimeTicks::Now() - connect_start_time_); - if (ssl_params_->ignore_certificate_errors()) { - result = OK; - } else { - // TODO(rch): allow the user to deal with proxy cert errors in the - // same way as server cert errors. - transport_socket_handle_->socket()->Disconnect(); - return ERR_PROXY_CERTIFICATE_INVALID; - } + // TODO(rch): allow the user to deal with proxy cert errors in the + // same way as server cert errors. + transport_socket_handle_->socket()->Disconnect(); + return ERR_PROXY_CERTIFICATE_INVALID; } // A SPDY session to the proxy completed prior to resolving the proxy // hostname. Surface this error, and allow the delegate to retry. @@ -597,8 +636,10 @@ int HttpProxyClientSocketWrapper::DoHttpProxyConnect() { transport_socket_ = transport_pool_->client_socket_factory()->CreateProxyClientSocket( std::move(transport_socket_handle_), user_agent_, endpoint_, + ProxyServer(GetProxyServerScheme(), + GetDestination().host_port_pair()), http_auth_controller_.get(), tunnel_, using_spdy_, - negotiated_protocol_, ssl_params_.get() != nullptr, + negotiated_protocol_, proxy_delegate_, ssl_params_.get() != nullptr, traffic_annotation_); return transport_socket_->Connect(base::Bind( &HttpProxyClientSocketWrapper::OnIOComplete, base::Unretained(this))); @@ -617,7 +658,8 @@ int HttpProxyClientSocketWrapper::DoSpdyProxyCreateStream() { DCHECK(ssl_params_); SpdySessionKey key( ssl_params_->GetDirectConnectionParams()->destination().host_port_pair(), - ProxyServer::Direct(), PRIVACY_MODE_DISABLED, initial_socket_tag_); + ProxyServer::Direct(), PRIVACY_MODE_DISABLED, + SpdySessionKey::IsProxySession::kTrue, initial_socket_tag_); base::WeakPtr<SpdySession> spdy_session = spdy_session_pool_->FindAvailableSession( key, /* enable_ip_based_pooling = */ true, diff --git a/chromium/net/http/http_proxy_client_socket_wrapper.h b/chromium/net/http/http_proxy_client_socket_wrapper.h index 8ddfcb849f0..a28efa3ec6d 100644 --- a/chromium/net/http/http_proxy_client_socket_wrapper.h +++ b/chromium/net/http/http_proxy_client_socket_wrapper.h @@ -18,6 +18,7 @@ #include "net/base/completion_once_callback.h" #include "net/base/host_port_pair.h" #include "net/base/load_timing_info.h" +#include "net/base/proxy_server.h" #include "net/http/http_auth_controller.h" #include "net/http/proxy_client_socket.h" #include "net/log/net_log_with_source.h" @@ -25,7 +26,6 @@ #include "net/socket/next_proto.h" #include "net/socket/ssl_client_socket.h" #include "net/socket/ssl_client_socket_pool.h" -#include "net/socket/transport_client_socket_pool.h" #include "net/spdy/spdy_session.h" #include "net/traffic_annotation/network_traffic_annotation.h" @@ -37,9 +37,11 @@ class HttpAuthCache; class HttpResponseInfo; class HttpStream; class IOBuffer; +class ProxyDelegate; class SpdySessionPool; class SSLClientSocketPool; class TransportClientSocketPool; +class TransportSocketParams; // Class that establishes connections by calling into the lower layer socket // pools, creates a HttpProxyClientSocket, SpdyProxyClientSocket, or @@ -75,6 +77,7 @@ class NET_EXPORT_PRIVATE HttpProxyClientSocketWrapper QuicStreamFactory* quic_stream_factory, bool is_trusted_proxy, bool tunnel, + ProxyDelegate* proxy_delegate, const NetworkTrafficAnnotationTag& traffic_annotation, const NetLogWithSource& net_log); @@ -151,6 +154,8 @@ class NET_EXPORT_PRIVATE HttpProxyClientSocketWrapper STATE_NONE, }; + ProxyServer::Scheme GetProxyServerScheme() const; + void OnIOComplete(int result); // Runs the state transition loop. @@ -205,6 +210,7 @@ class NET_EXPORT_PRIVATE HttpProxyClientSocketWrapper bool has_restarted_; const bool tunnel_; + ProxyDelegate* const proxy_delegate_; bool using_spdy_; bool is_trusted_proxy_; diff --git a/chromium/net/http/http_proxy_client_socket_wrapper_unittest.cc b/chromium/net/http/http_proxy_client_socket_wrapper_unittest.cc index 4ef82b30b9f..d5d3d563464 100644 --- a/chromium/net/http/http_proxy_client_socket_wrapper_unittest.cc +++ b/chromium/net/http/http_proxy_client_socket_wrapper_unittest.cc @@ -22,6 +22,7 @@ #include "net/quic/quic_test_packet_maker.h" #include "net/socket/socket_tag.h" #include "net/socket/socket_test_util.h" +#include "net/socket/transport_connect_job.h" #include "net/ssl/channel_id_service.h" #include "net/ssl/default_channel_id_store.h" #include "net/test/cert_test_util.h" @@ -85,20 +86,23 @@ class HttpProxyClientSocketWrapperTest random_generator_(0), quic_version_(std::get<0>(GetParam())), client_data_stream_id1_( - quic::QuicUtils::GetHeadersStreamId(quic_version_) + 2), + quic::QuicUtils::GetHeadersStreamId(quic_version_) + + quic::QuicUtils::StreamIdDelta(quic_version_)), client_headers_include_h2_stream_dependency_(std::get<1>(GetParam())), - client_maker_(quic_version_, - 0, - &clock_, - kProxyHost, - quic::Perspective::IS_CLIENT, - client_headers_include_h2_stream_dependency_), - server_maker_(quic_version_, - 0, - &clock_, - kProxyHost, - quic::Perspective::IS_SERVER, - false), + client_maker_( + quic_version_, + quic::QuicUtils::CreateRandomConnectionId(&random_generator_), + &clock_, + kProxyHost, + quic::Perspective::IS_CLIENT, + client_headers_include_h2_stream_dependency_), + server_maker_( + quic_version_, + quic::QuicUtils::CreateRandomConnectionId(&random_generator_), + &clock_, + kProxyHost, + quic::Perspective::IS_SERVER, + false), header_stream_offset_(0), response_offset_(0), store_server_configs_in_properties_(false), @@ -273,13 +277,12 @@ TEST_P(HttpProxyClientSocketWrapperTest, QuicProxy) { mock_quic_data_.AddSocketDataToFactory(&socket_factory_); scoped_refptr<TransportSocketParams> transport_params = - new TransportSocketParams( - proxy_host_port_, false, OnHostResolutionCallback(), - TransportSocketParams::COMBINE_CONNECT_AND_WRITE_DEFAULT); + new TransportSocketParams(proxy_host_port_, false, + OnHostResolutionCallback()); - scoped_refptr<SSLSocketParams> ssl_params = new SSLSocketParams( - transport_params, nullptr, nullptr, proxy_host_port_, SSLConfig(), - privacy_mode_, false /* ignore_certificate_errors */); + scoped_refptr<SSLSocketParams> ssl_params = + new SSLSocketParams(transport_params, nullptr, nullptr, proxy_host_port_, + SSLConfig(), privacy_mode_); transport_params = nullptr; client_socket_wrapper_.reset(new HttpProxyClientSocketWrapper( @@ -292,8 +295,8 @@ TEST_P(HttpProxyClientSocketWrapperTest, QuicProxy) { /*transport_params=*/nullptr, ssl_params, quic_version_, kUserAgent, endpoint_host_port_, &http_auth_cache_, http_auth_handler_factory_.get(), /*spdy_session_pool=*/nullptr, quic_stream_factory_.get(), - /*is_trusted_proxy=*/false, /*tunnel=*/true, TRAFFIC_ANNOTATION_FOR_TESTS, - net_log_)); + /*is_trusted_proxy=*/false, /*tunnel=*/true, /*proxy_delegate=*/nullptr, + TRAFFIC_ANNOTATION_FOR_TESTS, net_log_)); TestCompletionCallback callback; client_socket_wrapper_->Connect(callback.callback()); @@ -331,13 +334,12 @@ TEST_P(HttpProxyClientSocketWrapperTest, QuicProxySocketTag) { mock_quic_data_.AddSocketDataToFactory(&socket_factory_); scoped_refptr<TransportSocketParams> transport_params = - new TransportSocketParams( - proxy_host_port_, false, OnHostResolutionCallback(), - TransportSocketParams::COMBINE_CONNECT_AND_WRITE_DEFAULT); + new TransportSocketParams(proxy_host_port_, false, + OnHostResolutionCallback()); - scoped_refptr<SSLSocketParams> ssl_params = new SSLSocketParams( - transport_params, nullptr, nullptr, proxy_host_port_, SSLConfig(), - privacy_mode_, false /* ignore_certificate_errors */); + scoped_refptr<SSLSocketParams> ssl_params = + new SSLSocketParams(transport_params, nullptr, nullptr, proxy_host_port_, + SSLConfig(), privacy_mode_); transport_params = nullptr; SocketTag tag(getuid(), 0x87654321); @@ -351,8 +353,8 @@ TEST_P(HttpProxyClientSocketWrapperTest, QuicProxySocketTag) { /*transport_params=*/nullptr, ssl_params, quic_version_, kUserAgent, endpoint_host_port_, &http_auth_cache_, http_auth_handler_factory_.get(), /*spdy_session_pool=*/nullptr, quic_stream_factory_.get(), - /*is_trusted_proxy=*/false, /*tunnel=*/true, TRAFFIC_ANNOTATION_FOR_TESTS, - net_log_)); + /*is_trusted_proxy=*/false, /*tunnel=*/true, /*proxy_delegate=*/nullptr, + TRAFFIC_ANNOTATION_FOR_TESTS, net_log_)); TestCompletionCallback callback; client_socket_wrapper_->Connect(callback.callback()); diff --git a/chromium/net/http/http_request_headers.cc b/chromium/net/http/http_request_headers.cc index 080772ded2a..7ee9a401fa9 100644 --- a/chromium/net/http/http_request_headers.cc +++ b/chromium/net/http/http_request_headers.cc @@ -7,6 +7,7 @@ #include <utility> #include "base/logging.h" +#include "base/strings/strcat.h" #include "base/strings/string_split.h" #include "base/strings/string_util.h" #include "base/strings/stringprintf.h" @@ -14,6 +15,7 @@ #include "net/base/escape.h" #include "net/http/http_log_util.h" #include "net/http/http_util.h" +#include "net/log/net_log.h" #include "net/log/net_log_capture_mode.h" namespace net { @@ -186,15 +188,13 @@ std::unique_ptr<base::Value> HttpRequestHeaders::NetLogCallback( const std::string* request_line, NetLogCaptureMode capture_mode) const { auto dict = std::make_unique<base::DictionaryValue>(); - dict->SetString("line", EscapeNonASCII(*request_line)); + dict->SetKey("line", NetLogStringValue(*request_line)); auto headers = std::make_unique<base::ListValue>(); for (auto it = headers_.begin(); it != headers_.end(); ++it) { std::string log_value = ElideHeaderValueForNetLog(capture_mode, it->key, it->value); - std::string escaped_name = EscapeNonASCII(it->key); - std::string escaped_value = EscapeNonASCII(log_value); - headers->AppendString(base::StringPrintf("%s: %s", escaped_name.c_str(), - escaped_value.c_str())); + headers->GetList().push_back( + NetLogStringValue(base::StrCat({it->key, ": ", log_value}))); } dict->Set("headers", std::move(headers)); return std::move(dict); diff --git a/chromium/net/http/http_request_info.h b/chromium/net/http/http_request_info.h index ab26109dc28..3ebd61bbf72 100644 --- a/chromium/net/http/http_request_info.h +++ b/chromium/net/http/http_request_info.h @@ -7,12 +7,14 @@ #include <string> +#include "base/optional.h" #include "net/base/net_export.h" #include "net/base/privacy_mode.h" #include "net/http/http_request_headers.h" #include "net/socket/socket_tag.h" #include "net/traffic_annotation/network_traffic_annotation.h" #include "url/gurl.h" +#include "url/origin.h" namespace net { @@ -29,6 +31,9 @@ struct NET_EXPORT HttpRequestInfo { // The method to use (GET, POST, etc.). std::string method; + // The URL of the top frame of the request (if applicable) + base::Optional<url::Origin> top_frame_origin; + // Any extra request headers (including User-Agent). HttpRequestHeaders extra_headers; diff --git a/chromium/net/http/http_response_headers.cc b/chromium/net/http/http_response_headers.cc index def138fb06e..63f47c788a0 100644 --- a/chromium/net/http/http_response_headers.cc +++ b/chromium/net/http/http_response_headers.cc @@ -19,6 +19,8 @@ #include "base/logging.h" #include "base/metrics/histogram_macros.h" #include "base/pickle.h" +#include "base/stl_util.h" +#include "base/strings/strcat.h" #include "base/strings/string_number_conversions.h" #include "base/strings/string_piece.h" #include "base/strings/string_util.h" @@ -30,6 +32,7 @@ #include "net/http/http_byte_range.h" #include "net/http/http_log_util.h" #include "net/http/http_util.h" +#include "net/log/net_log.h" #include "net/log/net_log_capture_mode.h" using base::StringPiece; @@ -112,11 +115,11 @@ const char* const kNonUpdatedHeaderPrefixes[] = { }; bool ShouldUpdateHeader(base::StringPiece name) { - for (size_t i = 0; i < arraysize(kNonUpdatedHeaders); ++i) { + for (size_t i = 0; i < base::size(kNonUpdatedHeaders); ++i) { if (base::LowerCaseEqualsASCII(name, kNonUpdatedHeaders[i])) return false; } - for (size_t i = 0; i < arraysize(kNonUpdatedHeaderPrefixes); ++i) { + for (size_t i = 0; i < base::size(kNonUpdatedHeaderPrefixes); ++i) { if (base::StartsWith(name, kNonUpdatedHeaderPrefixes[i], base::CompareCase::INSENSITIVE_ASCII)) return false; @@ -851,17 +854,17 @@ void HttpResponseHeaders::AddNonCacheableHeaders(HeaderSet* result) const { } void HttpResponseHeaders::AddHopByHopHeaders(HeaderSet* result) { - for (size_t i = 0; i < arraysize(kHopByHopResponseHeaders); ++i) + for (size_t i = 0; i < base::size(kHopByHopResponseHeaders); ++i) result->insert(std::string(kHopByHopResponseHeaders[i])); } void HttpResponseHeaders::AddCookieHeaders(HeaderSet* result) { - for (size_t i = 0; i < arraysize(kCookieResponseHeaders); ++i) + for (size_t i = 0; i < base::size(kCookieResponseHeaders); ++i) result->insert(std::string(kCookieResponseHeaders[i])); } void HttpResponseHeaders::AddChallengeHeaders(HeaderSet* result) { - for (size_t i = 0; i < arraysize(kChallengeResponseHeaders); ++i) + for (size_t i = 0; i < base::size(kChallengeResponseHeaders); ++i) result->insert(std::string(kChallengeResponseHeaders[i])); } @@ -870,7 +873,7 @@ void HttpResponseHeaders::AddHopContentRangeHeaders(HeaderSet* result) { } void HttpResponseHeaders::AddSecurityStateHeaders(HeaderSet* result) { - for (size_t i = 0; i < arraysize(kSecurityStateHeaders); ++i) + for (size_t i = 0; i < base::size(kSecurityStateHeaders); ++i) result->insert(std::string(kSecurityStateHeaders[i])); } @@ -917,10 +920,13 @@ bool HttpResponseHeaders::IsRedirect(std::string* location) const { } while (parsed_[i].value_begin == parsed_[i].value_end); if (location) { + base::StringPiece location_strpiece(parsed_[i].value_begin, + parsed_[i].value_end); // Escape any non-ASCII characters to preserve them. The server should // only be returning ASCII here, but for compat we need to do this. - *location = EscapeNonASCII( - std::string(parsed_[i].value_begin, parsed_[i].value_end)); + *location = base::IsStringASCII(location_strpiece) + ? location_strpiece.as_string() + : EscapeNonASCIIAndPercent(location_strpiece); } return true; @@ -1327,17 +1333,15 @@ std::unique_ptr<base::Value> HttpResponseHeaders::NetLogCallback( NetLogCaptureMode capture_mode) const { auto dict = std::make_unique<base::DictionaryValue>(); auto headers = std::make_unique<base::ListValue>(); - headers->AppendString(EscapeNonASCII(GetStatusLine())); + headers->GetList().push_back(NetLogStringValue(GetStatusLine())); size_t iterator = 0; std::string name; std::string value; while (EnumerateHeaderLines(&iterator, &name, &value)) { std::string log_value = ElideHeaderValueForNetLog(capture_mode, name, value); - std::string escaped_name = EscapeNonASCII(name); - std::string escaped_value = EscapeNonASCII(log_value); - headers->AppendString(base::StringPrintf("%s: %s", escaped_name.c_str(), - escaped_value.c_str())); + headers->GetList().push_back( + NetLogStringValue(base::StrCat({name, ": ", log_value}))); } dict->Set("headers", std::move(headers)); return std::move(dict); diff --git a/chromium/net/http/http_server_properties.h b/chromium/net/http/http_server_properties.h index 2dc2332af12..fef350917e1 100644 --- a/chromium/net/http/http_server_properties.h +++ b/chromium/net/http/http_server_properties.h @@ -23,8 +23,8 @@ #include "net/third_party/quic/core/quic_bandwidth.h" #include "net/third_party/quic/core/quic_server_id.h" #include "net/third_party/quic/core/quic_versions.h" -#include "net/third_party/spdy/core/spdy_framer.h" // TODO(willchan): Reconsider this. -#include "net/third_party/spdy/core/spdy_protocol.h" +#include "net/third_party/quiche/src/spdy/core/spdy_framer.h" // TODO(willchan): Reconsider this. +#include "net/third_party/quiche/src/spdy/core/spdy_protocol.h" #include "url/scheme_host_port.h" namespace base { diff --git a/chromium/net/http/http_stream_factory.cc b/chromium/net/http/http_stream_factory.cc index aaa8f769e98..ce140ab1250 100644 --- a/chromium/net/http/http_stream_factory.cc +++ b/chromium/net/http/http_stream_factory.cc @@ -33,7 +33,7 @@ #include "net/spdy/spdy_http_stream.h" #include "net/third_party/quic/core/quic_packets.h" #include "net/third_party/quic/core/quic_server_id.h" -#include "net/third_party/spdy/core/spdy_alt_svc_wire_format.h" +#include "net/third_party/quiche/src/spdy/core/spdy_alt_svc_wire_format.h" #include "url/gurl.h" #include "url/scheme_host_port.h" #include "url/url_constants.h" diff --git a/chromium/net/http/http_stream_factory_job.cc b/chromium/net/http/http_stream_factory_job.cc index fa76b700723..5579cae972a 100644 --- a/chromium/net/http/http_stream_factory_job.cc +++ b/chromium/net/http/http_stream_factory_job.cc @@ -56,7 +56,7 @@ #include "net/spdy/spdy_session_pool.h" #include "net/ssl/channel_id_service.h" #include "net/ssl/ssl_cert_request_info.h" -#include "net/third_party/spdy/core/spdy_protocol.h" +#include "net/third_party/quiche/src/spdy/core/spdy_protocol.h" #include "url/url_constants.h" namespace net { @@ -135,8 +135,8 @@ std::unique_ptr<base::Value> NetLogHttpStreamJobCallback( source.AddToEventParameters(dict.get()); dict->SetString("original_url", original_url->GetOrigin().spec()); dict->SetString("url", url->GetOrigin().spec()); - dict->SetString("expect_spdy", expect_spdy ? "true" : "false"); - dict->SetString("using_quic", using_quic ? "true" : "false"); + dict->SetBoolean("expect_spdy", expect_spdy); + dict->SetBoolean("using_quic", using_quic); dict->SetString("priority", RequestPriorityToString(priority)); return std::move(dict); } @@ -195,7 +195,8 @@ HttpStreamFactory::Job::Job(Delegate* delegate, origin_url_.SchemeIs(url::kWssScheme)), using_quic_( alternative_protocol == kProtoQUIC || - ShouldForceQuic(session, destination, origin_url, proxy_info)), + (ShouldForceQuic(session, destination, origin_url, proxy_info) && + !(proxy_info.is_quic() && using_ssl_))), quic_version_(quic_version), expect_spdy_(alternative_protocol == kProtoHTTP2 && !using_quic_), using_spdy_(false), @@ -220,6 +221,10 @@ HttpStreamFactory::Job::Job(Delegate* delegate, stream_type_(HttpStreamRequest::BIDIRECTIONAL_STREAM), init_connection_already_resumed_(false), ptr_factory_(this) { + // QUIC can only be spoken to servers, never to proxies. + if (alternative_protocol == kProtoQUIC) + DCHECK(proxy_info_.is_direct()); + // The Job is forced to use QUIC without a designated version, try the // preferred QUIC version that is supported by default. if (quic_version_ == quic::QUIC_VERSION_UNSUPPORTED && @@ -412,15 +417,16 @@ SpdySessionKey HttpStreamFactory::Job::GetSpdySessionKey( const GURL& origin_url, PrivacyMode privacy_mode, const SocketTag& socket_tag) { - // In the case that we're using an HTTPS proxy for an HTTP url, - // we look for a SPDY session *to* the proxy, instead of to the - // origin server. + // In the case that we're using an HTTPS proxy for an HTTP url, look for a + // HTTP/2 proxy session *to* the proxy, instead of to the origin server. if (!spdy_session_direct) { return SpdySessionKey(proxy_server.host_port_pair(), ProxyServer::Direct(), - PRIVACY_MODE_DISABLED, socket_tag); + PRIVACY_MODE_DISABLED, + SpdySessionKey::IsProxySession::kTrue, socket_tag); } return SpdySessionKey(HostPortPair::FromURL(origin_url), proxy_server, - privacy_mode, socket_tag); + privacy_mode, SpdySessionKey::IsProxySession::kFalse, + socket_tag); } bool HttpStreamFactory::Job::CanUseExistingSpdySession() const { @@ -431,10 +437,10 @@ bool HttpStreamFactory::Job::CanUseExistingSpdySession() const { return false; } - // We need to make sure that if a spdy session was created for + // We need to make sure that if a HTTP/2 session was created for // https://somehost/ then we do not use that session for http://somehost:443/. // The only time we can use an existing session is if the request URL is - // https (the normal case) or if we are connecting to a SPDY proxy. + // https (the normal case) or if we are connecting to a HTTP/2 proxy. // https://crbug.com/133176 return origin_url_.SchemeIs(url::kHttpsScheme) || try_websocket_over_http2_ || proxy_info_.proxy_server().is_https(); @@ -768,6 +774,11 @@ int HttpStreamFactory::Job::DoStart() { return ERR_UNSAFE_PORT; } + if (!session_->params().enable_quic_proxies_for_https_urls && + proxy_info_.is_quic() && !request_info_.url.SchemeIs(url::kHttpScheme)) { + return ERR_NOT_IMPLEMENTED; + } + next_state_ = STATE_WAIT; return OK; } @@ -796,7 +807,7 @@ int HttpStreamFactory::Job::DoEvaluateThrottle() { return OK; if (using_quic_) return OK; - // Ask |delegate_delegate_| to update the spdy session key for the request + // Ask |delegate_delegate_| to update the HTTP/2 session key for the request // that launched this job. delegate_->SetSpdySessionKey(this, spdy_session_key_); @@ -871,12 +882,6 @@ int HttpStreamFactory::Job::DoInitConnectionImpl() { } if (using_quic_) { - if (proxy_info_.is_quic() && - !request_info_.url.SchemeIs(url::kHttpScheme)) { - NOTREACHED(); - // TODO(rch): support QUIC proxies for HTTPS urls. - return ERR_NOT_IMPLEMENTED; - } HostPortPair destination; SSLConfig* ssl_config; GURL url(request_info_.url); @@ -950,7 +955,7 @@ int HttpStreamFactory::Job::DoInitConnectionImpl() { } } - if (proxy_info_.is_http() || proxy_info_.is_https()) + if (proxy_info_.is_http() || proxy_info_.is_https() || proxy_info_.is_quic()) establishing_tunnel_ = using_ssl_; HttpServerProperties* http_server_properties = @@ -973,7 +978,7 @@ int HttpStreamFactory::Job::DoInitConnectionImpl() { net_log_, num_streams_); } - // If we can't use a SPDY session, don't bother checking for one after + // If we can't use a HTTP/2 session, don't bother checking for one after // the hostname is resolved. OnHostResolutionCallback resolution_callback = CanUseExistingSpdySession() @@ -1023,7 +1028,7 @@ int HttpStreamFactory::Job::DoInitConnectionComplete(int result) { } if (result == ERR_SPDY_SESSION_ALREADY_EXISTS) { - // We found a SPDY connection after resolving the host. This is + // We found a HTTP/2 connection after resolving the host. This is // probably an IP pooled connection. existing_spdy_session_ = session_->spdy_session_pool()->FindAvailableSession( @@ -1033,7 +1038,7 @@ int HttpStreamFactory::Job::DoInitConnectionComplete(int result) { using_spdy_ = true; next_state_ = STATE_CREATE_STREAM; } else { - // It is possible that the spdy session no longer exists. + // It is possible that the HTTP/2 session no longer exists. ReturnToStateInitConnection(true /* close connection */); } return OK; @@ -1142,10 +1147,6 @@ int HttpStreamFactory::Job::DoInitConnectionComplete(int result) { DCHECK(ssl_started); if (IsCertificateError(result)) { result = HandleCertificateError(result); - if (result == OK && !connection_->socket()->IsConnectedAndIdle()) { - ReturnToStateInitConnection(true /* close connection */); - return result; - } } if (result < 0) return result; @@ -1211,7 +1212,8 @@ int HttpStreamFactory::Job::DoCreateStream() { if (!using_spdy_) { DCHECK(!expect_spdy_); // We may get ftp scheme when fetching ftp resources through proxy. - bool using_proxy = (proxy_info_.is_http() || proxy_info_.is_https()) && + bool using_proxy = (proxy_info_.is_http() || proxy_info_.is_https() || + proxy_info_.is_quic()) && (request_info_.url.SchemeIs(url::kHttpScheme) || request_info_.url.SchemeIs(url::kFtpScheme)); if (is_websocket_) { @@ -1323,13 +1325,16 @@ int HttpStreamFactory::Job::DoRestartTunnelAuthComplete(int result) { if (result == ERR_PROXY_AUTH_REQUESTED) return result; - if (result == OK) { + if (result == OK || result == ERR_SPDY_SESSION_ALREADY_EXISTS) { // Now that we've got the HttpProxyClientSocket connected. We have // to release it as an idle socket into the pool and start the connection // process from the beginning. Trying to pass it in with the // SSLSocketParams might cause a deadlock since params are dispatched // interchangeably. This request won't necessarily get this http proxy // socket, but there will be forward progress. + // + // Alernatively, if there's an existing H2 session that can be reused, + // also go back to the init connection state to reuse it. establishing_tunnel_ = false; ReturnToStateInitConnection(false /* do not close connection */); return OK; @@ -1420,10 +1425,6 @@ int HttpStreamFactory::Job::HandleCertificateError(int error) { server_ssl_config_.allowed_bad_certs.emplace_back(ssl_info.cert, ssl_info.cert_status); - if (session_->params().ignore_certificate_errors && - IsCertificateError(error)) { - return OK; - } return error; } diff --git a/chromium/net/http/http_stream_factory_job.h b/chromium/net/http/http_stream_factory_job.h index 047c9727086..4d50b0c75f7 100644 --- a/chromium/net/http/http_stream_factory_job.h +++ b/chromium/net/http/http_stream_factory_job.h @@ -381,8 +381,7 @@ class HttpStreamFactory::Job { int ReconsiderProxyAfterError(int error); // Called to handle a certificate error. Stores the certificate in the - // allowed_bad_certs list, and checks if the error can be ignored. Returns - // OK if it can be ignored, or the error code otherwise. + // allowed_bad_certs list. Returns the error code. int HandleCertificateError(int error); // Called to handle a client certificate request. diff --git a/chromium/net/http/http_stream_factory_job_controller.cc b/chromium/net/http/http_stream_factory_job_controller.cc index 205edf85946..dd79f0a3be1 100644 --- a/chromium/net/http/http_stream_factory_job_controller.cc +++ b/chromium/net/http/http_stream_factory_job_controller.cc @@ -57,6 +57,16 @@ std::unique_ptr<base::Value> NetLogJobControllerCallback( return std::move(dict); } +std::unique_ptr<base::Value> NetLogAltSvcCallback( + const AlternativeServiceInfo* alt_svc_info, + bool is_broken, + NetLogCaptureMode /* capture_mode */) { + auto dict = std::make_unique<base::DictionaryValue>(); + dict->SetString("alt_svc", alt_svc_info->ToString()); + dict->SetBoolean("is_broken", is_broken); + return std::move(dict); +} + HttpStreamFactory::JobController::JobController( HttpStreamFactory* factory, HttpStreamRequest::Delegate* delegate, @@ -813,9 +823,13 @@ int HttpStreamFactory::JobController::DoCreateJobs() { HostPortPair destination(HostPortPair::FromURL(request_info_.url)); GURL origin_url = ApplyHostMappingRules(request_info_.url, &destination); - // Create an alternative job if alternative service is set up for this domain. - alternative_service_info_ = - GetAlternativeServiceInfoFor(request_info_, delegate_, stream_type_); + // Create an alternative job if alternative service is set up for this domain, + // but only if we'll be speaking directly to the server, since QUIC through + // proxies is not supported. + if (proxy_info_.is_direct()) { + alternative_service_info_ = + GetAlternativeServiceInfoFor(request_info_, delegate_, stream_type_); + } quic::QuicTransportVersion quic_version = quic::QUIC_VERSION_UNSUPPORTED; if (alternative_service_info_.protocol() == kProtoQUIC) { quic_version = @@ -1145,8 +1159,13 @@ HttpStreamFactory::JobController::GetAlternativeServiceInfoInternal( DCHECK(IsAlternateProtocolValid(alternative_service_info.protocol())); if (!quic_advertised && alternative_service_info.protocol() == kProtoQUIC) quic_advertised = true; - if (http_server_properties.IsAlternativeServiceBroken( - alternative_service_info.alternative_service())) { + const bool is_broken = http_server_properties.IsAlternativeServiceBroken( + alternative_service_info.alternative_service()); + net_log_.AddEvent( + NetLogEventType::HTTP_STREAM_JOB_CONTROLLER_ALT_SVC_FOUND, + base::BindRepeating(&NetLogAltSvcCallback, &alternative_service_info, + is_broken)); + if (is_broken) { HistogramAlternateProtocolUsage(ALTERNATE_PROTOCOL_USAGE_BROKEN, false); continue; } diff --git a/chromium/net/http/http_stream_factory_job_controller_unittest.cc b/chromium/net/http/http_stream_factory_job_controller_unittest.cc index 35a402f1cd0..26cb63ba12c 100644 --- a/chromium/net/http/http_stream_factory_job_controller_unittest.cc +++ b/chromium/net/http/http_stream_factory_job_controller_unittest.cc @@ -43,6 +43,7 @@ #include "net/socket/socket_test_util.h" #include "net/spdy/spdy_test_util_common.h" #include "net/test/test_with_scoped_task_environment.h" +#include "net/third_party/quic/core/quic_utils.h" #include "net/third_party/quic/test_tools/mock_random.h" #include "net/traffic_annotation/network_traffic_annotation_test_helper.h" #include "testing/gmock/include/gmock/gmock.h" @@ -349,7 +350,7 @@ class HttpStreamFactoryJobControllerTest quic::test::MockRandom random_generator_{0}; QuicTestPacketMaker client_maker_{ HttpNetworkSession::Params().quic_supported_versions[0], - 0, + quic::QuicUtils::CreateRandomConnectionId(&random_generator_), &clock_, kServerHostname, quic::Perspective::IS_CLIENT, diff --git a/chromium/net/http/http_stream_factory_unittest.cc b/chromium/net/http/http_stream_factory_unittest.cc index 73d76fba228..1166709885a 100644 --- a/chromium/net/http/http_stream_factory_unittest.cc +++ b/chromium/net/http/http_stream_factory_unittest.cc @@ -13,9 +13,9 @@ #include <vector> #include "base/compiler_specific.h" -#include "base/macros.h" #include "base/memory/ptr_util.h" #include "base/run_loop.h" +#include "base/stl_util.h" #include "base/test/metrics/histogram_tester.h" #include "build/build_config.h" #include "net/base/completion_once_callback.h" @@ -51,6 +51,7 @@ #include "net/socket/next_proto.h" #include "net/socket/socket_tag.h" #include "net/socket/socket_test_util.h" +#include "net/socket/transport_connect_job.h" #include "net/spdy/spdy_session.h" #include "net/spdy/spdy_session_pool.h" #include "net/spdy/spdy_test_util_common.h" @@ -61,6 +62,7 @@ #include "net/test/test_data_directory.h" #include "net/test/test_with_scoped_task_environment.h" #include "net/third_party/quic/core/quic_server_id.h" +#include "net/third_party/quic/core/quic_utils.h" #include "net/third_party/quic/test_tools/crypto_test_utils.h" #include "net/third_party/quic/test_tools/mock_random.h" #include "net/third_party/quic/test_tools/quic_test_utils.h" @@ -102,7 +104,8 @@ class MockWebSocketHandshakeStream : public WebSocketHandshakeStreamBase { kStreamTypeSpdy, }; - explicit MockWebSocketHandshakeStream(StreamType type) : type_(type) {} + explicit MockWebSocketHandshakeStream(StreamType type) + : type_(type), weak_ptr_factory_(this) {} ~MockWebSocketHandshakeStream() override = default; @@ -155,8 +158,13 @@ class MockWebSocketHandshakeStream : public WebSocketHandshakeStreamBase { return std::unique_ptr<WebSocketStream>(); } + base::WeakPtr<WebSocketHandshakeStreamBase> GetWeakPtr() override { + return weak_ptr_factory_.GetWeakPtr(); + } + private: const StreamType type_; + base::WeakPtrFactory<MockWebSocketHandshakeStream> weak_ptr_factory_; }; // HttpStreamFactory subclass that can wait until a preconnect is complete. @@ -430,9 +438,6 @@ class CapturePreconnectsSocketPool : public ParentPool { ADD_FAILURE(); return LOAD_STATE_IDLE; } - base::TimeDelta ConnectionTimeout() const override { - return base::TimeDelta(); - } private: int last_num_streams_; @@ -464,7 +469,13 @@ CapturePreconnectsHttpProxySocketPool::CapturePreconnectsSocketPool( TransportSecurityState*, CTVerifier*, CTPolicyEnforcer*) - : HttpProxyClientSocketPool(0, 0, nullptr, nullptr, nullptr, nullptr), + : HttpProxyClientSocketPool(0, + 0, + nullptr, + nullptr, + nullptr, + nullptr, + nullptr), last_num_streams_(-1) {} template <> @@ -484,16 +495,17 @@ CapturePreconnectsSSLSocketPool::CapturePreconnectsSocketPool( std::string(), // ssl_session_cache_shard nullptr, // deterministic_socket_factory nullptr, // transport_socket_pool - nullptr, - nullptr, - nullptr, // ssl_config_service - nullptr), // net_log + nullptr, // socks_pool + nullptr, // http_proxy_pool + nullptr, // ssl_config_service + nullptr, // network_quality_estimator + nullptr), // net_log last_num_streams_(-1) {} using HttpStreamFactoryTest = TestWithScopedTaskEnvironment; TEST_F(HttpStreamFactoryTest, PreconnectDirect) { - for (size_t i = 0; i < arraysize(kTests); ++i) { + for (size_t i = 0; i < base::size(kTests); ++i) { SpdySessionDependencies session_deps( ProxyResolutionService::CreateDirect()); std::unique_ptr<HttpNetworkSession> session( @@ -524,13 +536,14 @@ TEST_F(HttpStreamFactoryTest, PreconnectDirect) { } TEST_F(HttpStreamFactoryTest, PreconnectHttpProxy) { - for (size_t i = 0; i < arraysize(kTests); ++i) { + for (size_t i = 0; i < base::size(kTests); ++i) { SpdySessionDependencies session_deps(ProxyResolutionService::CreateFixed( "http_proxy", TRAFFIC_ANNOTATION_FOR_TESTS)); std::unique_ptr<HttpNetworkSession> session( SpdySessionDependencies::SpdyCreateSession(&session_deps)); HttpNetworkSessionPeer peer(session.get()); - HostPortPair proxy_host("http_proxy", 80); + ProxyServer proxy_server(ProxyServer::SCHEME_HTTP, + HostPortPair("http_proxy", 80)); CapturePreconnectsHttpProxySocketPool* http_proxy_pool = new CapturePreconnectsHttpProxySocketPool( session_deps.host_resolver.get(), session_deps.cert_verifier.get(), @@ -545,9 +558,9 @@ TEST_F(HttpStreamFactoryTest, PreconnectHttpProxy) { session_deps.ct_policy_enforcer.get()); auto mock_pool_manager = std::make_unique<MockClientSocketPoolManager>(); mock_pool_manager->SetSocketPoolForHTTPProxy( - proxy_host, base::WrapUnique(http_proxy_pool)); + proxy_server, base::WrapUnique(http_proxy_pool)); mock_pool_manager->SetSocketPoolForSSLWithProxy( - proxy_host, base::WrapUnique(ssl_conn_pool)); + proxy_server, base::WrapUnique(ssl_conn_pool)); peer.SetClientSocketPoolManager(std::move(mock_pool_manager)); PreconnectHelper(kTests[i], session.get()); if (kTests[i].ssl) @@ -558,13 +571,14 @@ TEST_F(HttpStreamFactoryTest, PreconnectHttpProxy) { } TEST_F(HttpStreamFactoryTest, PreconnectSocksProxy) { - for (size_t i = 0; i < arraysize(kTests); ++i) { + for (size_t i = 0; i < base::size(kTests); ++i) { SpdySessionDependencies session_deps(ProxyResolutionService::CreateFixed( "socks4://socks_proxy:1080", TRAFFIC_ANNOTATION_FOR_TESTS)); std::unique_ptr<HttpNetworkSession> session( SpdySessionDependencies::SpdyCreateSession(&session_deps)); HttpNetworkSessionPeer peer(session.get()); - HostPortPair proxy_host("socks_proxy", 1080); + ProxyServer proxy_server(ProxyServer::SCHEME_SOCKS4, + HostPortPair("socks_proxy", 1080)); CapturePreconnectsSOCKSSocketPool* socks_proxy_pool = new CapturePreconnectsSOCKSSocketPool( session_deps.host_resolver.get(), session_deps.cert_verifier.get(), @@ -579,9 +593,9 @@ TEST_F(HttpStreamFactoryTest, PreconnectSocksProxy) { session_deps.ct_policy_enforcer.get()); auto mock_pool_manager = std::make_unique<MockClientSocketPoolManager>(); mock_pool_manager->SetSocketPoolForSOCKSProxy( - proxy_host, base::WrapUnique(socks_proxy_pool)); + proxy_server, base::WrapUnique(socks_proxy_pool)); mock_pool_manager->SetSocketPoolForSSLWithProxy( - proxy_host, base::WrapUnique(ssl_conn_pool)); + proxy_server, base::WrapUnique(ssl_conn_pool)); peer.SetClientSocketPoolManager(std::move(mock_pool_manager)); PreconnectHelper(kTests[i], session.get()); if (kTests[i].ssl) @@ -592,7 +606,7 @@ TEST_F(HttpStreamFactoryTest, PreconnectSocksProxy) { } TEST_F(HttpStreamFactoryTest, PreconnectDirectWithExistingSpdySession) { - for (size_t i = 0; i < arraysize(kTests); ++i) { + for (size_t i = 0; i < base::size(kTests); ++i) { SpdySessionDependencies session_deps( ProxyResolutionService::CreateDirect()); std::unique_ptr<HttpNetworkSession> session( @@ -602,7 +616,8 @@ TEST_F(HttpStreamFactoryTest, PreconnectDirectWithExistingSpdySession) { // Put a SpdySession in the pool. HostPortPair host_port_pair("www.google.com", 443); SpdySessionKey key(host_port_pair, ProxyServer::Direct(), - PRIVACY_MODE_DISABLED, SocketTag()); + PRIVACY_MODE_DISABLED, + SpdySessionKey::IsProxySession::kFalse, SocketTag()); ignore_result(CreateFakeSpdySession(session->spdy_session_pool(), key)); CapturePreconnectsTransportSocketPool* transport_conn_pool = @@ -775,7 +790,7 @@ const int quic_proxy_test_mock_errors[] = { // Tests that a bad QUIC proxy is added to the list of bad proxies. TEST_F(HttpStreamFactoryTest, QuicProxyMarkedAsBad) { - for (size_t i = 0; i < arraysize(quic_proxy_test_mock_errors); ++i) { + for (size_t i = 0; i < base::size(quic_proxy_test_mock_errors); ++i) { std::unique_ptr<ProxyResolutionService> proxy_resolution_service; proxy_resolution_service = ProxyResolutionService::CreateFixedFromPacResult( "QUIC bad:99; DIRECT", TRAFFIC_ANNOTATION_FOR_TESTS); @@ -1191,7 +1206,8 @@ TEST_F(HttpStreamFactoryTest, UsePreConnectIfNoZeroRTT) { auto session = std::make_unique<HttpNetworkSession>(session_params, session_context); HttpNetworkSessionPeer peer(session.get()); - HostPortPair proxy_host("http_proxy", 80); + ProxyServer proxy_server(ProxyServer::SCHEME_HTTP, + HostPortPair("http_proxy", 80)); CapturePreconnectsHttpProxySocketPool* http_proxy_pool = new CapturePreconnectsHttpProxySocketPool( session_deps.host_resolver.get(), session_deps.cert_verifier.get(), @@ -1206,9 +1222,9 @@ TEST_F(HttpStreamFactoryTest, UsePreConnectIfNoZeroRTT) { session_deps.ct_policy_enforcer.get()); auto mock_pool_manager = std::make_unique<MockClientSocketPoolManager>(); mock_pool_manager->SetSocketPoolForHTTPProxy( - proxy_host, base::WrapUnique(http_proxy_pool)); + proxy_server, base::WrapUnique(http_proxy_pool)); mock_pool_manager->SetSocketPoolForSSLWithProxy( - proxy_host, base::WrapUnique(ssl_conn_pool)); + proxy_server, base::WrapUnique(ssl_conn_pool)); peer.SetClientSocketPoolManager(std::move(mock_pool_manager)); PreconnectHelperForURL(num_streams, url, session.get()); EXPECT_EQ(num_streams, ssl_conn_pool->last_num_streams()); @@ -1247,7 +1263,8 @@ TEST_F(HttpStreamFactoryTest, OnlyOnePreconnectToProxyServer) { std::make_unique<HttpNetworkSession>(session_params, session_context); HttpNetworkSessionPeer peer(session.get()); - HostPortPair proxy_host("myproxy.org", 443); + ProxyServer proxy_server(ProxyServer::SCHEME_HTTPS, + HostPortPair("myproxy.org", 443)); for (int preconnect_request = 0; preconnect_request < 2; ++preconnect_request) { @@ -1269,9 +1286,9 @@ TEST_F(HttpStreamFactoryTest, OnlyOnePreconnectToProxyServer) { auto mock_pool_manager = std::make_unique<MockClientSocketPoolManager>(); mock_pool_manager->SetSocketPoolForHTTPProxy( - proxy_host, base::WrapUnique(http_proxy_pool)); + proxy_server, base::WrapUnique(http_proxy_pool)); mock_pool_manager->SetSocketPoolForSSLWithProxy( - proxy_host, base::WrapUnique(ssl_conn_pool)); + proxy_server, base::WrapUnique(ssl_conn_pool)); peer.SetClientSocketPoolManager(std::move(mock_pool_manager)); HttpRequestInfo request; @@ -1342,7 +1359,8 @@ TEST_F(HttpStreamFactoryTest, ProxyServerPreconnectDifferentPrivacyModes) { std::make_unique<HttpNetworkSession>(session_params, session_context); HttpNetworkSessionPeer peer(session.get()); - HostPortPair proxy_host("myproxy.org", 443); + ProxyServer proxy_server(ProxyServer::SCHEME_HTTPS, + HostPortPair("myproxy.org", 443)); CapturePreconnectsHttpProxySocketPool* http_proxy_pool = new CapturePreconnectsHttpProxySocketPool( @@ -1359,9 +1377,9 @@ TEST_F(HttpStreamFactoryTest, ProxyServerPreconnectDifferentPrivacyModes) { auto mock_pool_manager = std::make_unique<MockClientSocketPoolManager>(); mock_pool_manager->SetSocketPoolForHTTPProxy( - proxy_host, base::WrapUnique(http_proxy_pool)); + proxy_server, base::WrapUnique(http_proxy_pool)); mock_pool_manager->SetSocketPoolForSSLWithProxy( - proxy_host, base::WrapUnique(ssl_conn_pool)); + proxy_server, base::WrapUnique(ssl_conn_pool)); peer.SetClientSocketPoolManager(std::move(mock_pool_manager)); HttpRequestInfo request_privacy_mode_disabled; @@ -1418,7 +1436,8 @@ TEST_F(HttpStreamFactoryTest, PrivacyModeDisablesChannelId) { // Set an existing SpdySession in the pool. HostPortPair host_port_pair("www.google.com", 443); SpdySessionKey key(host_port_pair, ProxyServer::Direct(), - PRIVACY_MODE_ENABLED, SocketTag()); + PRIVACY_MODE_ENABLED, + SpdySessionKey::IsProxySession::kFalse, SocketTag()); HttpRequestInfo request_info; request_info.method = "GET"; @@ -1770,18 +1789,30 @@ TEST_F(HttpStreamFactoryTest, RequestHttpStreamOverProxy) { HttpNetworkSession::NORMAL_SOCKET_POOL))); EXPECT_EQ(0, GetSocketPoolGroupCount(session->GetSSLSocketPool( HttpNetworkSession::NORMAL_SOCKET_POOL))); - EXPECT_EQ(1, GetSocketPoolGroupCount(session->GetSocketPoolForHTTPProxy( + EXPECT_EQ(1, GetSocketPoolGroupCount(session->GetSocketPoolForHTTPLikeProxy( + HttpNetworkSession::NORMAL_SOCKET_POOL, + ProxyServer(ProxyServer::SCHEME_HTTP, + HostPortPair("myproxy", 8888))))); + EXPECT_EQ(0, GetSocketPoolGroupCount(session->GetSocketPoolForHTTPLikeProxy( HttpNetworkSession::NORMAL_SOCKET_POOL, - HostPortPair("myproxy", 8888)))); + ProxyServer(ProxyServer::SCHEME_HTTPS, + HostPortPair("myproxy", 8888))))); EXPECT_EQ(0, GetSocketPoolGroupCount(session->GetSocketPoolForSSLWithProxy( HttpNetworkSession::NORMAL_SOCKET_POOL, - HostPortPair("myproxy", 8888)))); - EXPECT_EQ(0, GetSocketPoolGroupCount(session->GetSocketPoolForHTTPProxy( + ProxyServer(ProxyServer::SCHEME_HTTP, + HostPortPair("myproxy", 8888))))); + EXPECT_EQ(0, GetSocketPoolGroupCount(session->GetSocketPoolForSSLWithProxy( + HttpNetworkSession::NORMAL_SOCKET_POOL, + ProxyServer(ProxyServer::SCHEME_HTTPS, + HostPortPair("myproxy", 8888))))); + EXPECT_EQ(0, GetSocketPoolGroupCount(session->GetSocketPoolForHTTPLikeProxy( HttpNetworkSession::WEBSOCKET_SOCKET_POOL, - HostPortPair("myproxy", 8888)))); + ProxyServer(ProxyServer::SCHEME_HTTP, + HostPortPair("myproxy", 8888))))); EXPECT_EQ(0, GetSocketPoolGroupCount(session->GetSocketPoolForSSLWithProxy( HttpNetworkSession::WEBSOCKET_SOCKET_POOL, - HostPortPair("myproxy", 8888)))); + ProxyServer(ProxyServer::SCHEME_HTTP, + HostPortPair("myproxy", 8888))))); EXPECT_FALSE(waiter.used_proxy_info().is_direct()); } @@ -1824,9 +1855,10 @@ TEST_F(HttpStreamFactoryTest, RequestHttpStreamOverProxyWithPreconnects) { ++preconnect_request) { session->http_stream_factory()->PreconnectStreams(1, request_info); base::RunLoop().RunUntilIdle(); - while (GetSocketPoolGroupCount(session->GetSocketPoolForHTTPProxy( + while (GetSocketPoolGroupCount(session->GetSocketPoolForHTTPLikeProxy( HttpNetworkSession::NORMAL_SOCKET_POOL, - HostPortPair("myproxy.org", 443))) == 0) { + ProxyServer(ProxyServer::SCHEME_HTTPS, + HostPortPair("myproxy.org", 443)))) == 0) { base::RunLoop().RunUntilIdle(); } } @@ -1848,18 +1880,20 @@ TEST_F(HttpStreamFactoryTest, RequestHttpStreamOverProxyWithPreconnects) { ASSERT_TRUE(nullptr != waiter.stream()); EXPECT_TRUE(nullptr == waiter.websocket_stream()); - EXPECT_EQ(1, GetSocketPoolGroupCount(session->GetSocketPoolForHTTPProxy( + EXPECT_EQ(1, GetSocketPoolGroupCount(session->GetSocketPoolForHTTPLikeProxy( HttpNetworkSession::NORMAL_SOCKET_POOL, - HostPortPair("myproxy.org", 443)))); + ProxyServer(ProxyServer::SCHEME_HTTPS, + HostPortPair("myproxy.org", 443))))); EXPECT_FALSE(waiter.used_proxy_info().is_direct()); for (int preconnect_request = 1; preconnect_request <= num_preconnects; ++preconnect_request) { session->http_stream_factory()->PreconnectStreams(1, request_info); base::RunLoop().RunUntilIdle(); - EXPECT_EQ(1, GetSocketPoolGroupCount(session->GetSocketPoolForHTTPProxy( + EXPECT_EQ(1, GetSocketPoolGroupCount(session->GetSocketPoolForHTTPLikeProxy( HttpNetworkSession::NORMAL_SOCKET_POOL, - HostPortPair("myproxy.org", 443)))); + ProxyServer(ProxyServer::SCHEME_HTTPS, + HostPortPair("myproxy.org", 443))))); } // First preconnect would be successful since the stream to the proxy server @@ -1997,18 +2031,22 @@ TEST_F(HttpStreamFactoryTest, RequestWebSocketBasicHandshakeStreamOverProxy) { HttpNetworkSession::WEBSOCKET_SOCKET_POOL))); EXPECT_EQ(0, GetSocketPoolGroupCount(session->GetSSLSocketPool( HttpNetworkSession::WEBSOCKET_SOCKET_POOL))); - EXPECT_EQ(0, GetSocketPoolGroupCount(session->GetSocketPoolForHTTPProxy( + EXPECT_EQ(0, GetSocketPoolGroupCount(session->GetSocketPoolForHTTPLikeProxy( HttpNetworkSession::NORMAL_SOCKET_POOL, - HostPortPair("myproxy", 8888)))); + ProxyServer(ProxyServer::SCHEME_HTTP, + HostPortPair("myproxy", 8888))))); EXPECT_EQ(0, GetSocketPoolGroupCount(session->GetSocketPoolForSSLWithProxy( HttpNetworkSession::NORMAL_SOCKET_POOL, - HostPortPair("myproxy", 8888)))); - EXPECT_EQ(1, GetSocketPoolGroupCount(session->GetSocketPoolForHTTPProxy( + ProxyServer(ProxyServer::SCHEME_HTTP, + HostPortPair("myproxy", 8888))))); + EXPECT_EQ(1, GetSocketPoolGroupCount(session->GetSocketPoolForHTTPLikeProxy( HttpNetworkSession::WEBSOCKET_SOCKET_POOL, - HostPortPair("myproxy", 8888)))); + ProxyServer(ProxyServer::SCHEME_HTTP, + HostPortPair("myproxy", 8888))))); EXPECT_EQ(0, GetSocketPoolGroupCount(session->GetSocketPoolForSSLWithProxy( HttpNetworkSession::WEBSOCKET_SOCKET_POOL, - HostPortPair("myproxy", 8888)))); + ProxyServer(ProxyServer::SCHEME_HTTP, + HostPortPair("myproxy", 8888))))); EXPECT_FALSE(waiter.used_proxy_info().is_direct()); } @@ -2149,17 +2187,16 @@ TEST_F(HttpStreamFactoryTest, NewSpdySessionCloseIdleH2Sockets) { std::vector<std::unique_ptr<ClientSocketHandle>> handles; for (size_t i = 0; i < kNumIdleSockets; i++) { scoped_refptr<TransportSocketParams> transport_params( - new TransportSocketParams( - host_port_pair, false, OnHostResolutionCallback(), - TransportSocketParams::COMBINE_CONNECT_AND_WRITE_DEFAULT)); + new TransportSocketParams(host_port_pair, false, + OnHostResolutionCallback())); auto connection = std::make_unique<ClientSocketHandle>(); TestCompletionCallback callback; SSLConfig ssl_config; - scoped_refptr<SSLSocketParams> ssl_params(new SSLSocketParams( - transport_params, nullptr, nullptr, host_port_pair, ssl_config, - PRIVACY_MODE_DISABLED, false /* ignore_certificate_errors */)); + scoped_refptr<SSLSocketParams> ssl_params( + new SSLSocketParams(transport_params, nullptr, nullptr, host_port_pair, + ssl_config, PRIVACY_MODE_DISABLED)); std::string group_name = "ssl/" + host_port_pair.ToString(); int rv = connection->Init( group_name, ssl_params, MEDIUM, SocketTag(), @@ -2330,19 +2367,21 @@ class HttpStreamFactoryBidirectionalQuicTest : default_url_(kDefaultUrl), version_(std::get<0>(GetParam())), client_headers_include_h2_stream_dependency_(std::get<1>(GetParam())), - client_packet_maker_(version_, - 0, - &clock_, - "www.example.org", - quic::Perspective::IS_CLIENT, - client_headers_include_h2_stream_dependency_), - server_packet_maker_(version_, - 0, - &clock_, - "www.example.org", - quic::Perspective::IS_SERVER, - false), random_generator_(0), + client_packet_maker_( + version_, + quic::QuicUtils::CreateRandomConnectionId(&random_generator_), + &clock_, + "www.example.org", + quic::Perspective::IS_CLIENT, + client_headers_include_h2_stream_dependency_), + server_packet_maker_( + version_, + quic::QuicUtils::CreateRandomConnectionId(&random_generator_), + &clock_, + "www.example.org", + quic::Perspective::IS_SERVER, + false), proxy_resolution_service_(ProxyResolutionService::CreateDirect()), ssl_config_service_(new SSLConfigServiceDefaults) { clock_.AdvanceTime(quic::QuicTime::Delta::FromMilliseconds(20)); @@ -2413,19 +2452,19 @@ class HttpStreamFactoryBidirectionalQuicTest const GURL default_url_; - quic::QuicStreamId GetNthClientInitiatedStreamId(int n) { - return quic::test::GetNthClientInitiatedStreamId(version_, n); + quic::QuicStreamId GetNthClientInitiatedBidirectionalStreamId(int n) { + return quic::test::GetNthClientInitiatedBidirectionalStreamId(version_, n); } private: const quic::QuicTransportVersion version_; const bool client_headers_include_h2_stream_dependency_; quic::MockClock clock_; + quic::test::MockRandom random_generator_; test::QuicTestPacketMaker client_packet_maker_; test::QuicTestPacketMaker server_packet_maker_; MockTaggingClientSocketFactory socket_factory_; std::unique_ptr<HttpNetworkSession> session_; - quic::test::MockRandom random_generator_; MockCertVerifier cert_verifier_; ProofVerifyDetailsChromium verify_details_; MockCryptoClientStreamFactory crypto_client_stream_factory_; @@ -2456,14 +2495,16 @@ TEST_P(HttpStreamFactoryBidirectionalQuicTest, mock_quic_data.AddWrite(client_packet_maker().MakeInitialSettingsPacket( 1, &header_stream_offset)); mock_quic_data.AddWrite(client_packet_maker().MakeRequestHeadersPacket( - 2, GetNthClientInitiatedStreamId(0), /*should_include_version=*/true, + 2, GetNthClientInitiatedBidirectionalStreamId(0), + /*should_include_version=*/true, /*fin=*/true, priority, client_packet_maker().GetRequestHeaders("GET", "https", "/"), /*parent_stream_id=*/0, &spdy_headers_frame_length, &header_stream_offset)); size_t spdy_response_headers_frame_length; mock_quic_data.AddRead(server_packet_maker().MakeResponseHeadersPacket( - 1, GetNthClientInitiatedStreamId(0), /*should_include_version=*/false, + 1, GetNthClientInitiatedBidirectionalStreamId(0), + /*should_include_version=*/false, /*fin=*/true, server_packet_maker().GetResponseHeaders("200"), &spdy_response_headers_frame_length)); mock_quic_data.AddRead(SYNCHRONOUS, ERR_IO_PENDING); // No more read data. @@ -2587,14 +2628,16 @@ TEST_P(HttpStreamFactoryBidirectionalQuicTest, mock_quic_data.AddWrite(client_packet_maker().MakeInitialSettingsPacket( 1, &header_stream_offset)); mock_quic_data.AddWrite(client_packet_maker().MakeRequestHeadersPacket( - 2, GetNthClientInitiatedStreamId(0), /*should_include_version=*/true, + 2, GetNthClientInitiatedBidirectionalStreamId(0), + /*should_include_version=*/true, /*fin=*/true, priority, client_packet_maker().GetRequestHeaders("GET", "https", "/"), /*parent_stream_id=*/0, &spdy_headers_frame_length, &header_stream_offset)); size_t spdy_response_headers_frame_length; mock_quic_data.AddRead(server_packet_maker().MakeResponseHeadersPacket( - 1, GetNthClientInitiatedStreamId(0), /*should_include_version=*/false, + 1, GetNthClientInitiatedBidirectionalStreamId(0), + /*should_include_version=*/false, /*fin=*/true, server_packet_maker().GetResponseHeaders("200"), &spdy_response_headers_frame_length)); mock_quic_data.AddRead(SYNCHRONOUS, ERR_IO_PENDING); // No more read data. @@ -2867,14 +2910,16 @@ TEST_P(HttpStreamFactoryBidirectionalQuicTest, Tag) { mock_quic_data.AddWrite(client_packet_maker().MakeInitialSettingsPacket( 1, &header_stream_offset)); mock_quic_data.AddWrite(client_packet_maker().MakeRequestHeadersPacket( - 2, GetNthClientInitiatedStreamId(0), /*should_include_version=*/true, + 2, GetNthClientInitiatedBidirectionalStreamId(0), + /*should_include_version=*/true, /*fin=*/true, priority, client_packet_maker().GetRequestHeaders("GET", "https", "/"), /*parent_stream_id=*/0, &spdy_headers_frame_length, &header_stream_offset)); size_t spdy_response_headers_frame_length; mock_quic_data.AddRead(server_packet_maker().MakeResponseHeadersPacket( - 1, GetNthClientInitiatedStreamId(0), /*should_include_version=*/false, + 1, GetNthClientInitiatedBidirectionalStreamId(0), + /*should_include_version=*/false, /*fin=*/true, server_packet_maker().GetResponseHeaders("200"), &spdy_response_headers_frame_length)); mock_quic_data.AddRead(SYNCHRONOUS, ERR_IO_PENDING); // No more read data. @@ -2886,13 +2931,15 @@ TEST_P(HttpStreamFactoryBidirectionalQuicTest, Tag) { mock_quic_data2.AddWrite(client_packet_maker().MakeInitialSettingsPacket( 1, &header_stream_offset2)); mock_quic_data2.AddWrite(client_packet_maker().MakeRequestHeadersPacket( - 2, GetNthClientInitiatedStreamId(0), /*should_include_version=*/true, + 2, GetNthClientInitiatedBidirectionalStreamId(0), + /*should_include_version=*/true, /*fin=*/true, priority, client_packet_maker().GetRequestHeaders("GET", "https", "/"), /*parent_stream_id=*/0, &spdy_headers_frame_length, &header_stream_offset)); mock_quic_data2.AddRead(server_packet_maker().MakeResponseHeadersPacket( - 1, GetNthClientInitiatedStreamId(0), /*should_include_version=*/false, + 1, GetNthClientInitiatedBidirectionalStreamId(0), + /*should_include_version=*/false, /*fin=*/true, server_packet_maker().GetResponseHeaders("200"), &spdy_response_headers_frame_length)); mock_quic_data2.AddRead(SYNCHRONOUS, ERR_IO_PENDING); // No more read data. diff --git a/chromium/net/http/http_stream_parser.cc b/chromium/net/http/http_stream_parser.cc index 3f2e519a31d..30bba23be67 100644 --- a/chromium/net/http/http_stream_parser.cc +++ b/chromium/net/http/http_stream_parser.cc @@ -866,6 +866,13 @@ int HttpStreamParser::HandleReadHeaderResult(int result) { if (read_buf_->offset() == 0) response_->response_time = base::Time::Now(); + // For |response_start_time_|, use the time that we received the first byte of + // *any* response- including 1XX, as per the resource timing spec for + // responseStart (see note at + // https://www.w3.org/TR/resource-timing-2/#dom-performanceresourcetiming-responsestart). + if (response_start_time_.is_null()) + response_start_time_ = base::TimeTicks::Now(); + read_buf_->set_offset(read_buf_->offset() + result); DCHECK_LE(read_buf_->offset(), read_buf_->capacity()); DCHECK_GT(result, 0); diff --git a/chromium/net/http/http_stream_parser.h b/chromium/net/http/http_stream_parser.h index a70c2541013..ce587534fc2 100644 --- a/chromium/net/http/http_stream_parser.h +++ b/chromium/net/http/http_stream_parser.h @@ -99,6 +99,8 @@ class NET_EXPORT_PRIVATE HttpStreamParser { int64_t sent_bytes() const { return sent_bytes_; } + base::TimeTicks response_start_time() { return response_start_time_; } + void GetSSLInfo(SSLInfo* ssl_info); void GetSSLCertRequestInfo(SSLCertRequestInfo* cert_request_info); @@ -241,6 +243,10 @@ class NET_EXPORT_PRIVATE HttpStreamParser { // HttpResponseBodyDrainer is used. HttpResponseInfo* response_; + // Time at which the first bytes of the header response are about to be + // parsed. + base::TimeTicks response_start_time_; + // Indicates the content length. If this value is less than zero // (and chunked_decoder_ is null), then we must read until the server // closes the connection. diff --git a/chromium/net/http/http_stream_parser_unittest.cc b/chromium/net/http/http_stream_parser_unittest.cc index 193e9ad1303..658cda07a15 100644 --- a/chromium/net/http/http_stream_parser_unittest.cc +++ b/chromium/net/http/http_stream_parser_unittest.cc @@ -16,6 +16,7 @@ #include "base/files/scoped_temp_dir.h" #include "base/memory/ref_counted.h" #include "base/run_loop.h" +#include "base/stl_util.h" #include "base/strings/string_piece.h" #include "base/test/scoped_task_environment.h" #include "base/threading/thread_task_runner_handle.h" @@ -271,7 +272,7 @@ TEST(HttpStreamParser, InitAsynchronousUploadDataStream) { callback1.callback()); EXPECT_EQ(ERR_IO_PENDING, result1); base::RunLoop().RunUntilIdle(); - upload_data_stream.AppendData(kChunk, arraysize(kChunk) - 1, true); + upload_data_stream.AppendData(kChunk, base::size(kChunk) - 1, true); // Check progress after read completes. progress = upload_data_stream.GetUploadProgress(); @@ -648,11 +649,11 @@ TEST(HttpStreamParser, SentBytesChunkedPostError) { &response, callback.callback())); base::RunLoop().RunUntilIdle(); - upload_data_stream.AppendData(kChunk, arraysize(kChunk) - 1, false); + upload_data_stream.AppendData(kChunk, base::size(kChunk) - 1, false); base::RunLoop().RunUntilIdle(); // This write should fail. - upload_data_stream.AppendData(kChunk, arraysize(kChunk) - 1, false); + upload_data_stream.AppendData(kChunk, base::size(kChunk) - 1, false); EXPECT_THAT(callback.WaitForResult(), IsError(ERR_FAILED)); EXPECT_EQ(CountWriteBytes(writes), parser.sent_bytes()); @@ -725,7 +726,7 @@ TEST(HttpStreamParser, AsyncSingleChunkAndAsyncSocket) { ASSERT_FALSE(callback.have_result()); // Now append the only chunk and wait for the callback. - upload_stream.AppendData(kChunk, arraysize(kChunk) - 1, true); + upload_stream.AppendData(kChunk, base::size(kChunk) - 1, true); ASSERT_THAT(callback.WaitForResult(), IsOk()); // Attempt to read the response status and the response headers. @@ -777,7 +778,7 @@ TEST(HttpStreamParser, SyncSingleChunkAndAsyncSocket) { NetLogWithSource()), IsOk()); // Append the only chunk. - upload_stream.AppendData(kChunk, arraysize(kChunk) - 1, true); + upload_stream.AppendData(kChunk, base::size(kChunk) - 1, true); SequencedSocketData data(reads, writes); std::unique_ptr<ClientSocketHandle> socket_handle = @@ -859,7 +860,7 @@ TEST(HttpStreamParser, AsyncChunkAndAsyncSocketWithMultipleChunks) { }; ChunkedUploadDataStream upload_stream(0); - upload_stream.AppendData(kChunk1, arraysize(kChunk1) - 1, false); + upload_stream.AppendData(kChunk1, base::size(kChunk1) - 1, false); ASSERT_THAT(upload_stream.Init(TestCompletionCallback().callback(), NetLogWithSource()), IsOk()); @@ -896,12 +897,12 @@ TEST(HttpStreamParser, AsyncChunkAndAsyncSocketWithMultipleChunks) { ASSERT_FALSE(callback.have_result()); // Now append another chunk. - upload_stream.AppendData(kChunk2, arraysize(kChunk2) - 1, false); + upload_stream.AppendData(kChunk2, base::size(kChunk2) - 1, false); ASSERT_FALSE(callback.have_result()); // Add the final chunk, while the write for the second is still pending, // which should not confuse the state machine. - upload_stream.AppendData(kChunk3, arraysize(kChunk3) - 1, true); + upload_stream.AppendData(kChunk3, base::size(kChunk3) - 1, true); ASSERT_FALSE(callback.have_result()); // Wait for writes to complete. @@ -1132,7 +1133,7 @@ TEST(HttpStreamParser, TruncatedHeaders) { for (size_t protocol = 0; protocol < NUM_PROTOCOLS; protocol++) { SCOPED_TRACE(protocol); - for (size_t i = 0; i < arraysize(reads); i++) { + for (size_t i = 0; i < base::size(reads); i++) { SCOPED_TRACE(i); SequencedSocketData data(reads[i], writes); std::unique_ptr<ClientSocketHandle> socket_handle( @@ -1161,7 +1162,7 @@ TEST(HttpStreamParser, TruncatedHeaders) { int rv = parser.ReadResponseHeaders(callback.callback()); EXPECT_EQ(CountWriteBytes(writes), parser.sent_bytes()); - if (i == arraysize(reads) - 1) { + if (i == base::size(reads) - 1) { EXPECT_THAT(rv, IsOk()); EXPECT_TRUE(response_info.headers.get()); EXPECT_EQ(CountReadBytes(reads[i]), parser.received_bytes()); diff --git a/chromium/net/http/http_transaction_test_util.cc b/chromium/net/http/http_transaction_test_util.cc index c74e4af459d..bb000a78557 100644 --- a/chromium/net/http/http_transaction_test_util.cc +++ b/chromium/net/http/http_transaction_test_util.cc @@ -12,6 +12,7 @@ #include "base/location.h" #include "base/run_loop.h" #include "base/single_thread_task_runner.h" +#include "base/stl_util.h" #include "base/strings/stringprintf.h" #include "base/threading/thread_task_runner_handle.h" #include "base/time/clock.h" @@ -153,7 +154,7 @@ const MockTransaction* FindMockTransaction(const GURL& url) { return it->second; // look for builtins: - for (size_t i = 0; i < arraysize(kBuiltinMockTransactions); ++i) { + for (size_t i = 0; i < base::size(kBuiltinMockTransactions); ++i) { if (url == GURL(kBuiltinMockTransactions[i]->url)) return kBuiltinMockTransactions[i]; } diff --git a/chromium/net/http/http_util_unittest.cc b/chromium/net/http/http_util_unittest.cc index bf8818b5eb4..7883b3e4b4b 100644 --- a/chromium/net/http/http_util_unittest.cc +++ b/chromium/net/http/http_util_unittest.cc @@ -5,6 +5,7 @@ #include <algorithm> #include <limits> +#include "base/stl_util.h" #include "base/strings/string_util.h" #include "net/http/http_util.h" #include "testing/gtest/include/gtest/gtest.h" @@ -47,7 +48,7 @@ TEST(HttpUtilTest, IsSafeHeader) { "user-agent", "via", }; - for (size_t i = 0; i < arraysize(unsafe_headers); ++i) { + for (size_t i = 0; i < base::size(unsafe_headers); ++i) { EXPECT_FALSE(HttpUtil::IsSafeHeader(unsafe_headers[i])) << unsafe_headers[i]; EXPECT_FALSE(HttpUtil::IsSafeHeader(base::ToUpperASCII(unsafe_headers[i]))) @@ -93,7 +94,7 @@ TEST(HttpUtilTest, IsSafeHeader) { "user_agent", "viaa", }; - for (size_t i = 0; i < arraysize(safe_headers); ++i) { + for (size_t i = 0; i < base::size(safe_headers); ++i) { EXPECT_TRUE(HttpUtil::IsSafeHeader(safe_headers[i])) << safe_headers[i]; EXPECT_TRUE(HttpUtil::IsSafeHeader(base::ToUpperASCII(safe_headers[i]))) << safe_headers[i]; @@ -340,7 +341,7 @@ TEST(HttpUtilTest, LocateEndOfHeaders) { {"foo\nbar\n\r\njunk", 10}, {"foo\nbar\r\n\njunk", 10}, }; - for (size_t i = 0; i < arraysize(tests); ++i) { + for (size_t i = 0; i < base::size(tests); ++i) { int input_len = static_cast<int>(strlen(tests[i].input)); int eoh = HttpUtil::LocateEndOfHeaders(tests[i].input, input_len); EXPECT_EQ(tests[i].expected_result, eoh); @@ -364,7 +365,7 @@ TEST(HttpUtilTest, LocateEndOfAdditionalHeaders) { {"foo\nbar\n\r\njunk", 10}, {"foo\nbar\r\n\njunk", 10}, }; - for (size_t i = 0; i < arraysize(tests); ++i) { + for (size_t i = 0; i < base::size(tests); ++i) { int input_len = static_cast<int>(strlen(tests[i].input)); int eoh = HttpUtil::LocateEndOfAdditionalHeaders(tests[i].input, input_len); EXPECT_EQ(tests[i].expected_result, eoh); @@ -686,7 +687,7 @@ TEST(HttpUtilTest, AssembleRawHeaders) { }, }; // clang-format on - for (size_t i = 0; i < arraysize(tests); ++i) { + for (size_t i = 0; i < base::size(tests); ++i) { std::string input = tests[i].input; std::replace(input.begin(), input.end(), '|', '\0'); std::string raw = HttpUtil::AssembleRawHeaders(input.data(), input.size()); @@ -726,7 +727,7 @@ TEST(HttpUtilTest, RequestUrlSanitize) { "wss://www.google.com:78/foobar?query=1", } }; - for (size_t i = 0; i < arraysize(tests); ++i) { + for (size_t i = 0; i < base::size(tests); ++i) { SCOPED_TRACE(i); GURL url(GURL(tests[i].url)); @@ -986,7 +987,7 @@ TEST(HttpUtilTest, ParseContentType) { // TODO(abarth): Add more interesting test cases. }; // clang-format on - for (size_t i = 0; i < arraysize(tests); ++i) { + for (size_t i = 0; i < base::size(tests); ++i) { std::string mime_type; std::string charset; bool had_charset = false; @@ -1094,7 +1095,7 @@ TEST(HttpUtilTest, ParseRetryAfterHeader) { { "Mon, 1 Jan 1900 12:34:56 GMT", false, base::TimeDelta() } }; - for (size_t i = 0; i < arraysize(tests); ++i) { + for (size_t i = 0; i < base::size(tests); ++i) { base::TimeDelta retry_after; bool return_value = HttpUtil::ParseRetryAfterHeader( tests[i].retry_after_string, now, &retry_after); @@ -1572,7 +1573,7 @@ TEST(HttpUtilTest, ParseAcceptEncoding) { {"foo,\"bar\"", "INVALID"}, }; - for (size_t i = 0; i < arraysize(tests); ++i) { + for (size_t i = 0; i < base::size(tests); ++i) { std::string value(tests[i].value); std::string reformatted; std::set<std::string> allowed_encodings; @@ -1602,7 +1603,7 @@ TEST(HttpUtilTest, ParseContentEncoding) { {"foo,\"bar\"", "INVALID"}, }; - for (size_t i = 0; i < arraysize(tests); ++i) { + for (size_t i = 0; i < base::size(tests); ++i) { std::string value(tests[i].value); std::string reformatted; std::set<std::string> used_encodings; diff --git a/chromium/net/http/http_vary_data_unittest.cc b/chromium/net/http/http_vary_data_unittest.cc index bf1c873bc97..7442d0174a2 100644 --- a/chromium/net/http/http_vary_data_unittest.cc +++ b/chromium/net/http/http_vary_data_unittest.cc @@ -4,6 +4,7 @@ #include <algorithm> +#include "base/stl_util.h" #include "net/http/http_request_info.h" #include "net/http/http_response_headers.h" #include "net/http/http_vary_data.h" @@ -43,7 +44,7 @@ TEST(HttpVaryDataTest, IsInvalid) { const bool kExpectedValid[] = {false, true, true, true}; - for (size_t i = 0; i < arraysize(kTestResponses); ++i) { + for (size_t i = 0; i < base::size(kTestResponses); ++i) { TestTransaction t; t.Init(std::string(), kTestResponses[i]); diff --git a/chromium/net/http/mock_http_cache.cc b/chromium/net/http/mock_http_cache.cc index c9f416cfce4..3ae150b10fd 100644 --- a/chromium/net/http/mock_http_cache.cc +++ b/chromium/net/http/mock_http_cache.cc @@ -35,21 +35,28 @@ const int kMaxMockCacheEntrySize = 100 * 1000 * 1000; int g_test_mode = 0; int GetTestModeForEntry(const std::string& key) { + std::string url = key; + // 'key' is prefixed with an identifier if it corresponds to a cached POST. // Skip past that to locate the actual URL. // // TODO(darin): It breaks the abstraction a bit that we assume 'key' is an // URL corresponding to a registered MockTransaction. It would be good to // have another way to access the test_mode. - GURL url; if (isdigit(key[0])) { size_t slash = key.find('/'); DCHECK(slash != std::string::npos); - url = GURL(key.substr(slash + 1)); - } else { - url = GURL(key); + url = url.substr(slash + 1); + } + + // If we split the cache by top frame origin, then the origin is prepended to + // the key. Skip to the second url in the key. + if (base::StartsWith(url, "_dk_", base::CompareCase::SENSITIVE)) { + auto const pos = url.find("\nhttp"); + url = url.substr(pos + 1); } - const MockTransaction* t = FindMockTransaction(url); + + const MockTransaction* t = FindMockTransaction(GURL(url)); DCHECK(t); return t->test_mode; } @@ -568,6 +575,7 @@ void MockDiskCache::GetStats(base::StringPairs* stats) { } void MockDiskCache::OnExternalCacheHit(const std::string& key) { + external_cache_hits_.push_back(key); } size_t MockDiskCache::DumpMemoryStats( @@ -629,6 +637,10 @@ scoped_refptr<MockDiskEntry> MockDiskCache::GetDiskEntryRef( return it->second; } +const std::vector<std::string>& MockDiskCache::GetExternalCacheHits() const { + return external_cache_hits_; +} + //----------------------------------------------------------------------------- int MockBackendFactory::CreateBackend( diff --git a/chromium/net/http/mock_http_cache.h b/chromium/net/http/mock_http_cache.h index d7e09265d5f..887f45fffec 100644 --- a/chromium/net/http/mock_http_cache.h +++ b/chromium/net/http/mock_http_cache.h @@ -235,6 +235,9 @@ class MockDiskCache : public disk_cache::Backend { // Returns a reference to the disk entry with the given |key|. scoped_refptr<MockDiskEntry> GetDiskEntryRef(const std::string& key); + // Returns a reference to the vector storing all keys for external cache hits. + const std::vector<std::string>& GetExternalCacheHits() const; + private: using EntryMap = std::map<std::string, MockDiskEntry*>; class NotImplementedIterator; @@ -242,6 +245,7 @@ class MockDiskCache : public disk_cache::Backend { void CallbackLater(CompletionOnceCallback callback, int result); EntryMap entries_; + std::vector<std::string> external_cache_hits_; int open_count_; int create_count_; int doomed_count_; diff --git a/chromium/net/http/proxy_client_socket.cc b/chromium/net/http/proxy_client_socket.cc index e646fe1e9a4..6dde1d57f0a 100644 --- a/chromium/net/http/proxy_client_socket.cc +++ b/chromium/net/http/proxy_client_socket.cc @@ -24,7 +24,7 @@ void ProxyClientSocket::SetStreamPriority(RequestPriority priority) {} // static void ProxyClientSocket::BuildTunnelRequest( const HostPortPair& endpoint, - const HttpRequestHeaders& auth_headers, + const HttpRequestHeaders& extra_headers, const std::string& user_agent, std::string* request_line, HttpRequestHeaders* request_headers) { @@ -41,7 +41,7 @@ void ProxyClientSocket::BuildTunnelRequest( if (!user_agent.empty()) request_headers->SetHeader(HttpRequestHeaders::kUserAgent, user_agent); - request_headers->MergeFrom(auth_headers); + request_headers->MergeFrom(extra_headers); } // static diff --git a/chromium/net/http/proxy_client_socket.h b/chromium/net/http/proxy_client_socket.h index 639ac30fe4f..1d3f2a8fef7 100644 --- a/chromium/net/http/proxy_client_socket.h +++ b/chromium/net/http/proxy_client_socket.h @@ -67,7 +67,7 @@ class NET_EXPORT_PRIVATE ProxyClientSocket : public StreamSocket { // in draft-luotonen-web-proxy-tunneling-01.txt and RFC 2817, Sections 5.2 // and 5.3. static void BuildTunnelRequest(const HostPortPair& endpoint, - const HttpRequestHeaders& auth_headers, + const HttpRequestHeaders& extra_headers, const std::string& user_agent, std::string* request_line, HttpRequestHeaders* request_headers); diff --git a/chromium/net/http/transport_security_state_static.json b/chromium/net/http/transport_security_state_static.json index 4c4939e264d..8e37704a27d 100644 --- a/chromium/net/http/transport_security_state_static.json +++ b/chromium/net/http/transport_security_state_static.json @@ -1450,7 +1450,6 @@ { "name": "suite73.org", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "wubthecaptain.eu", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "1a-diamantscheiben.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "simplyfixit.co.uk", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "1a-vermessung.at", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "1a-werkstattgeraete.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "annahmeschluss.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -1705,7 +1704,6 @@ { "name": "slevomat.cz", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "sour.is", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "spongepowered.org", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "staticanime.net", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "sunjaydhama.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "thusoy.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "tls.li", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -3279,7 +3277,6 @@ { "name": "gamenected.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "gamenected.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "getsport.mobi", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "ghostblog.info", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "gmdu.net", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "grafitec.ru", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "greatfire.org", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -3756,7 +3753,6 @@ { "name": "gcs-ventures.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "gerencianet.com.br", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "gfournier.ca", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "gotech.com.eg", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "gyboche.science", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "hackenturet.dk", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "harmoney.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -3856,7 +3852,6 @@ { "name": "darknebula.space", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "datapun.ch", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "datsound.ru", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "devlux.ch", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "ellsinger.me", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "excessamerica.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "express-vpn.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -4046,7 +4041,6 @@ { "name": "nodetemple.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "noworrywp.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "o6asan.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "panthur.com.au", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "perfektesgewicht.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "perfektesgewicht.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "perplex.nl", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -4306,7 +4300,6 @@ { "name": "atolm.net", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "avastantivirus.ro", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "beeksnetwork.nl", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "bergstoneware.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "berst.cz", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "bigbluedoor.net", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "binaryevolved.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -4683,7 +4676,6 @@ { "name": "mpintaamalabanna.it", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "muabannhanh.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "mycieokien.info", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "myhostname.net", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "myiocc.org", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "n2x.in", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "nanogeneinc.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -5804,7 +5796,6 @@ { "name": "urphp.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "v0tti.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "vagrantup.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "vaultproject.io", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "wegner.no", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "wilddog.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "wlzhiyin.cn", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -9464,7 +9455,6 @@ { "name": "flawcheck.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "flexinvesting.fi", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "flipneus.net", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "floless.co.uk", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "florence.uk.net", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "florent-tatard.fr", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "florian-thie.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -9920,7 +9910,6 @@ { "name": "ksfh-mail.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "kstan.me", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "kucom.it", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "kuehnel.org", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "kueulangtahunanak.net", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "kulde.net", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "kupelne-ptacek.sk", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -10234,7 +10223,6 @@ { "name": "nightwinds.tk", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "nikklassen.ca", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "niklaslindblad.se", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "nikolasgrottendieck.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "ninespec.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "nippon-oku.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "nirada.info", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -10410,7 +10398,6 @@ { "name": "plhdb.org", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "pliosoft.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "plixer.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "ploader.ru", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "pluff.nl", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "plumlocosoft.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "pmt-documenten.nl", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -10451,7 +10438,6 @@ { "name": "promoscuola.net", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "propipesystem.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "prosocialmachines.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "protoyou.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "proxybay.top", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "proxyweb.us", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "prtpe.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -10460,8 +10446,6 @@ { "name": "psb1911.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "psicologia.co.ve", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "pste.pw", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "pterodactylus.cz", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "puddis.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "pugliese.fr", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "pvtschlag.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "pxx.io", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -10524,7 +10508,6 @@ { "name": "rede-reim.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "rede.ca", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "redigest.it", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "redzurl.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "regaloaks.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "regalosymuestrasgratis.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "regendevices.eu", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -10570,7 +10553,6 @@ { "name": "rouvray.org", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "rowancasting.ie", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "royalmarinesassociation.org.uk", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "royalpub.net", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "rring.me", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "rsampaio.info", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "rsync.eu", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -10578,7 +10560,6 @@ { "name": "runreport.fr", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "ruobiyi.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "rusempire.ru", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "ryankearney.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "s-cubed.net", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "saccani.net", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "salmo23.com.br", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -10955,7 +10936,6 @@ { "name": "tsrstore.gq", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "tubepro.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "tunai.id", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "turbobit.ch", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "turnik-67.ru", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "turtle.ai", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "turtlementors.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -11481,7 +11461,6 @@ { "name": "doggieholic.net", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "dmz.ninja", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "dmfd.net", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "dfektlan.no", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "dne.lu", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "drishti.guru", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "drew.red", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -11606,7 +11585,6 @@ { "name": "gold24.ru", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "gratisonlinesex.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "grassenberg.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "graasp.net", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "groupebaillargeon.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "grokker.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "gtchipsi.org", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -11644,12 +11622,10 @@ { "name": "holzheizer-forum.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "holzheizerforum.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "holzvergaser-forum.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "hotel-tongruben.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "hotelvictoriaoax-mailing.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "hostisan.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "hotelvillahermosa-mailing.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "horstmanshof.eu", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "hypemgmt.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "hwag-pb.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "htmue.org", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "huang.nu", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -11723,7 +11699,6 @@ { "name": "jschumacher.info", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "kandalife.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "kaliaa.fi", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "kabat-fans.cz", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "kajak.land", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "karmabaker.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "karatorian.org", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -11743,13 +11718,11 @@ { "name": "kinkenonline.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "knowledgesnap.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "klares-licht.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "khmb.ru", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "kjchernov.info", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "kletterkater.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "koebbes.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "koniecfica.sk", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "korsanparti.org", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "kontorhaus-schlachte.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "kopular.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "kolmann.at", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "korrelzout.nl", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -11767,7 +11740,6 @@ { "name": "l4n-clan.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "lak-berlin.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "lagarderob.ru", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "lamaland.ru", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "lancork.net", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "laozhu.me", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "lars-ewald.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -12761,7 +12733,6 @@ { "name": "linley.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "linuxandstuff.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "livingworduk.org", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "lmerza.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "lonasdigital.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "look.co.il", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "lookastic.co.uk", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -13104,7 +13075,6 @@ { "name": "yarcom.ru", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "yinfor.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "yoga-prive.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "yogeshbeniwal.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "yooooex.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "youngandunited.nl", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "youran.me", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -13641,7 +13611,6 @@ { "name": "fotografiadellalucerossa.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "fran.cr", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "francoz.me", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "frankl.in", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "frankwei.xyz", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "frappant.cc", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "frbracch.it", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -14517,7 +14486,6 @@ { "name": "sproutconnections.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "sptk.org", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "stalschermer.nl", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "standoutbooks.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "starfm.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "starina.ru", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "starkbim.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -15148,7 +15116,6 @@ { "name": "burtrum.top", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "cuvva.co.uk", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "designed-cybersecurity.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "coredump.gr", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "cookingreporter.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "dejandayoff.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "cormactagging.ie", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -15501,7 +15468,6 @@ { "name": "hexagon-e.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "hiqhub.co.uk", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "hacktivis.me", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "iamusingtheinter.net", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "happix.nl", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "hiqonline.co.uk", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "home-v.ind.in", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -15574,7 +15540,6 @@ { "name": "jayxon.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "jamesrussellward.co.uk", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "gulenet.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "janik.xyz", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "hispanic.dating", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "handenafvanhetmedischdossier.nl", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "jackalworks.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -16691,7 +16656,6 @@ { "name": "99599.net", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "90smthng.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "99599.fi", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "365skulls.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "asmui.ga", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "baka.network", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "actualite-videos.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -18634,7 +18598,6 @@ { "name": "droomhuis-in-rijnwaarden-kopen.nl", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "elementalsoftware.org", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "droomhuis-in-zuid-holland-kopen.nl", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "eboyer.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "droomhuis-in-zeeland-kopen.nl", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "droomhuisindestadverkopen.nl", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "echo-security.co", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -19019,7 +18982,6 @@ { "name": "infopier.sg", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "ihrhost.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "inme.ga", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "independent-operators.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "interhosts.co.za", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "interessiert-uns.net", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "itsgoingdown.org", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -19264,21 +19226,18 @@ { "name": "liquid.solutions", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "klugemedia.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "lifebetweenlives.com.au", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "lukasoppermann.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "lunarsoft.net", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "malamutedoalasca.com.br", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "kofler.info", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "linden.me", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "losless.fr", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "loongsg.xyz", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "majemedia.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "lebal.se", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "limawi.io", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "lidlovajogurteka.si", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "lostserver.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "lukas-schauer.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "lsc-dillingen.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "lukas-oppermann.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "lukas2511.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "lolpatrol.wtf", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "marksill.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -19293,7 +19252,6 @@ { "name": "luzfaltex.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "lizhi.io", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "mastiffingles.com.br", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "lesquerda.cat", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "maskt.pw", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "ltecode.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "lucysan.net", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -20116,7 +20074,6 @@ { "name": "twitter.ax", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "thejacksoninstitute.com.au", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "truetrophies.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "tomjonsson.se", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "simccorp.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "togech.jp", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "torproject.org.uk", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -20190,7 +20147,6 @@ { "name": "vid.me", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "tanto259.name", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "vega.dyndns.info", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "vea.re", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "vintagetrailerbuyers.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "v-u-z.ru", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "vaccines.gov", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -20241,7 +20197,6 @@ { "name": "villa-romantica-zillertal.at", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "voidserv.net", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "vinagro.sk", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "vanderrijt.nl", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "watersportmarkt.net", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "websecurity.is", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "webproject.rocks", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -20364,7 +20319,6 @@ { "name": "youcruit.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "youon.tokyo", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "zer0.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "ziptie.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "wpcarer.pro", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "uygindir.ml", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "zen-ume.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -20505,7 +20459,6 @@ { "name": "acgaudio.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "animorphsfanforum.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "4decor.org", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "ahlz.sk", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "anantshri.info", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "anshumanbiswas.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "andrehansen.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -21056,7 +21009,6 @@ { "name": "dohanews.co", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "dorfbaeck.at", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "dreamaholic.club", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "docplexus.in", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "domaine-aigoual-cevennes.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "dopravni-modely.cz", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "drabbin.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -21236,7 +21188,6 @@ { "name": "fight215.org", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "fight215.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "fiuxy.co", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "einar.io", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "florafiora.com.br", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "florinapp.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "fkcovering.be", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -22798,7 +22749,6 @@ { "name": "top10mountainbikes.info", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "thedailyupvote.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "tretail.net", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "totaku.ru", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "tlsbv.nl", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "toyotamotala.se", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "treatprostatewithhifu.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -27846,7 +27796,6 @@ { "name": "upbeatrobot.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "uporoops.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "urbannewsservice.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "urbanwildlifealliance.org", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "urcentral.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "urist1011.ru", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "url.fi", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -28020,7 +27969,6 @@ { "name": "wkennington.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "wmustore.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "wodboss.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "wolfgang-braun.info", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "wolfgang-ziegler.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "wolfy1339.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "wolkenspeicher.org", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -28306,7 +28254,6 @@ { "name": "algebraaec.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "abobuch.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "allsearch.io", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "alanhuang.name", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "aip-marine.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "akul.co.in", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "alexander-beck.eu", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -30786,7 +30733,6 @@ { "name": "piraten-basel.ch", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "playmaza.live", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "persoform.ch", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "ownmay.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "pmbc.org", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "pirata.ga", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "phuong.faith", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -31056,7 +31002,6 @@ { "name": "rockenfuerlachenhelfen.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "said.my.id", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "s3n.se", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "rackerlab.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "runklesecurity.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "rpadovani.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "rrg-partner.ch", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -31687,7 +31632,6 @@ { "name": "vadennissanofhinesvilleparts.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "thismumdoesntknowbest.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "towywebdesigns.uk", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "tondles.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "vcmi.download", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "upbad.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "vernonchan.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -32815,7 +32759,6 @@ { "name": "gatewaybronco.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "followerrocket.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "gemquery.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "gforce.ninja", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "fribourgviking.net", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "footballforum.de", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "fxislamic.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -34446,7 +34389,6 @@ { "name": "pascalmathis.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "seattleprivacy.org", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "tokobungadijambi.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "555fl.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "okeeferanch.ca", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "sundaycooks.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "uptodateinteriors.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -35776,7 +35718,6 @@ { "name": "ahughes03.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "aijsk.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "air-craftglass.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "airductclean.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "airtimefranchise.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "ais.fashion", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "ajibot.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -37607,10 +37548,6 @@ { "name": "cloud42.ch", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "cloudnote.cc", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "clownindeklas.nl", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "clueful.ca", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "cluefulca.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "cluefulca.net", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "cluefulca.org", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "codxg.org", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "coinloan.io", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "compliancerisksoftware.co.uk", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -37930,7 +37867,6 @@ { "name": "posbank.co.uk", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "pozemedicale.org", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "prajwalkoirala.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, - { "name": "prc-newmedia.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "present-m.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "primecaplending.com", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, { "name": "princovi.cz", "policy": "bulk-18-weeks", "mode": "force-https", "include_subdomains": true }, @@ -39358,7 +39294,6 @@ { "name": "russellupevents.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "rzentarzewski.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "s404.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, - { "name": "sa-blog.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "said.id", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "samappleton.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "sandhaufen.tk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, @@ -42745,7 +42680,6 @@ { "name": "judge2020.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "judge2020.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "juliohernandezgt.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, - { "name": "jungundwild-design.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "juridiqueo.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "justiceo.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "justinrudio.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, @@ -42767,7 +42701,6 @@ { "name": "kaotik4266.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "kargl.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "keematdekho.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, - { "name": "kescher.site", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "kfirba.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "kidsareatrip.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "kin.life", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, @@ -45673,7 +45606,6 @@ { "name": "despachomartinyasociados.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "deutsche-seniorenbetreuung.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "dharamkot.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, - { "name": "dictionaryofnumbers.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "dietaanticelulitica.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "dietaanticelulitis.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "dietacelulitis.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, @@ -47408,7 +47340,6 @@ { "name": "it-faul.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "italieflydrive.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "itforcc.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, - { "name": "izhaojie.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "jackops.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "jakubarbet.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "james-digital.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, @@ -48951,7 +48882,6 @@ { "name": "evemarketer.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "evilmartians.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "exexcarriers.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, - { "name": "expertohomestaging.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "f13cybertech.cz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "fallenmystic.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "fastforwardsociety.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, @@ -49959,7 +49889,6 @@ { "name": "298da.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "3amtoolbox.se", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "3typen.tv", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, - { "name": "40-grad.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "448da.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "47essays.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "4thdc.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, @@ -50978,7 +50907,6 @@ { "name": "draghive.co", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "draghive.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "draghive.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, - { "name": "dreamof.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "dshield.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "dte.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "dumbdemo.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, @@ -52883,7 +52811,6 @@ { "name": "st-shakyo.jp", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "stareplanymiast.pl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "stegmaier-immobilien.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, - { "name": "stogiesandmash.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "strming.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "studiocn.cn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "sunoikisis.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, @@ -53809,7 +53736,6 @@ { "name": "wundernas.ch", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "wuppertal-2018.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "wuppertaler-kurrende.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, - { "name": "wuppertaler-kurrende.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "www.org.gg", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "xants.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "xdawn.cn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, @@ -54066,7 +53992,6 @@ { "name": "nylevemusic.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "nyuusannkinn.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "omar.yt", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, - { "name": "omlmetal.co.jp", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "openre.site", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "orientravelmacas.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "parav.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, @@ -54712,7 +54637,6 @@ { "name": "goldcoastphotographycourses.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "goldfmromania.ro", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "gosu.pro", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, - { "name": "gradecam.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "gradingcontractornc.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "grahamcarruthers.co.za", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "graphified.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, @@ -55487,7 +55411,6 @@ { "name": "www-9649.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "www-pj009.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "wxforums.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, - { "name": "wycrow.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "wylog.ph", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "xdos.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "xeiropraktiki.gr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, @@ -55860,7 +55783,6 @@ { "name": "manuall.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "manuall.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "manuall.se", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, - { "name": "maps.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "marcceleiro.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "marcelkooiman.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "marchukov.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, @@ -56019,7 +55941,6 @@ { "name": "ricoydesign.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "rimediogiusto.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "rimorrecherche.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, - { "name": "rit.space", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "ronzertnert.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "rootonline.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "rttvvip.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, @@ -56259,7 +56180,6 @@ { "name": "bdbxml.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "behamepresrdce.sk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "bernat.ch", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, - { "name": "bestinver.es", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "bigwiseguide.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "biso.ga", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "bitaccelerate.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, @@ -56407,7 +56327,6 @@ { "name": "kssk.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "kuroha.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "l3j.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, - { "name": "lamanwebinfo.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "ldsun.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "lfklzw.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "liamelliott.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, @@ -56887,7 +56806,6 @@ { "name": "duncanmoffat.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "duncm.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "easy2bathe.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, - { "name": "eat-mine.ml", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "ebooklaunchers.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "eduxpert.in", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "eelcapone.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, @@ -56899,7 +56817,6 @@ { "name": "emploi-collectivites.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "enalean.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "encycarpedia.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, - { "name": "enlighten10x.ga", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "equallyy.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "esrhd.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "esrinfo.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, @@ -57977,7 +57894,6 @@ { "name": "esgen.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "eslint.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "essayace.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, - { "name": "essca.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "estherlew.is", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "esuretynew.azurewebsites.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "euroconthr.ro", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, @@ -58521,7 +58437,6 @@ { "name": "tatuantes.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "teamtravel.co", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "technologyhound.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, - { "name": "telefonsinyalguclendirici.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "terrorbilly.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "test-aankoop.be", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "test-achats.be", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, @@ -58874,7 +58789,6 @@ { "name": "ipid.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "iszy.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "itap.gov", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, - { "name": "itsv.at", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "iwyc.cn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "jack2celebrities.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "jacksorrell.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, @@ -58923,7 +58837,6 @@ { "name": "livres-et-stickers.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "lizmooredestinationweddings.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "llemoz.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, - { "name": "llnl.gov", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "loanreadycredit.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "locomocosec.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "loli.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, @@ -59285,8 +59198,6 @@ { "name": "curtislaw-pllc.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "cuxpool.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "danieljstevens.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, - { "name": "danielnaaman.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, - { "name": "danielnaaman.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "data3w.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "davisdieselandautorepair.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "ddosolitary.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, @@ -60057,7 +59968,6 @@ { "name": "fdaregs.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "feandc.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "ferienwohnung-hafeninsel-stralsund.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, - { "name": "festx.co.za", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "fewo-hafeninsel-stralsund.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "fibra.click", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "fifautstore.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, @@ -61092,7 +61002,6 @@ { "name": "carlocksmithkey.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "carshippingcarriers.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "casaessencias.com.br", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, - { "name": "caseof.tk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "cashfazz.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "casirus.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "catcoxx.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, @@ -61669,7 +61578,6 @@ { "name": "landingear.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "langsam-dator.se", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "larabergmann.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, - { "name": "larotayogaming.stream", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "lasowy.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "lastbutnotyeast.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "latabaccheria.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, @@ -62705,9 +62613,6 @@ { "name": "lammersmarketing.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "laupv.online", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "laurensvanderblom.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, - { "name": "lbsi-fioport.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, - { "name": "lbsi-nordwest.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, - { "name": "lbsi-support.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "letertrefleuri.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "leviathan-studio.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "lewdgamer.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, @@ -62935,6 +62840,3043 @@ { "name": "zhangshuqiao.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "zhih.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, { "name": "zsq.im", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "04911701.cn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "123nutricion.es", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "162jonesrd.ca", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "192.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "2001y.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "2tuu.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "3dcollective.es", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "3niu168.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "3niu178.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "3niu6.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "3niu66.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "3niu666.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "3niu8.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "3niu88.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "3niu8888.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "3niuurl.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "4lock.com.br", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "5219.ml", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "618media.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "758global.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "8xxxxxxx.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "9jaxtreme.com.ng", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "a-players.team", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "aacs-design.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "aadw.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "acgmoon.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "acousticsoundrecords.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "adappt.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "adapptlabs.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "adativos.com.br", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "adelianz.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "adiehard.party", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "administrator.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "adnolesh.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "adresults.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "adresults.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "afgn.com.ua", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "alecel.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "alexfabian.myftp.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "alkacoin.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "alphanodes.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "alternative.hosting", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "alternativetomeds.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "altmann-systems.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "amaliagamis.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "amandaworldstudies.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "amazingraymond.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "aminullrouted.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ampleroads.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ance.lv", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "anlovegeek.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "anopan.tk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "antiaz.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "antilaserpriority.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "antonuotila.fi", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "apimon.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "apps-perso.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "arcaea.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "archivosstl.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "arogyadhamhealth.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "around-cms.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "art-pix.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "art-pix.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "art-pix.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "articu.no", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "arturopinto.com.mx", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ashleythouret.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "asprion.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "at7s.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "atc.cuneo.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "atheistfrontier.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "audreyhossepian.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "australiantemporarytattoos.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "avaemr-development-environment.ca", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "aviationstrategies.aero", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "avonture.be", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "avtobania.pro", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "avtoveles.by", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "awic.ca", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "azmusica.biz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "azmusica.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "azsgeniedev.azurewebsites.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "azukie.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "badanka.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bantaihost.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bearlakelife.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bedrijfshulpverleningfriesland.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "behead.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "belezashopping.com.br", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "belfor-probleme.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "benandsarah.life", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "benjaminbedard.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bensokol.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bepsvpt.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "beringsoegaard.dk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bestdoc.com.br", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "besti.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bestpractice.domains", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bet.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "betonmarkets.info", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bgp.ee", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bibica.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "biblethoughts.blog", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bigshopper.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bigshopper.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "biomin.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bishopscourt-hawarden.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "biznesonline.info", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bizzdesign.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bloom.sh", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bomhard.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bonniekitchen.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "booksouthafrica.travel", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "boomvm.pw", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bottledstories.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "brachotelborak.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "brazoriabar.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "brelahotelberulia.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bridzius.lt", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "brioukraine.store", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "broadbandnd.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "brubankv1-staging.azurewebsites.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "brudkista.nu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "brueser-gmbh.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bsapack564.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "buildfaith.ca", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bulgarianwine.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "butlerfm.dk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bye-bye.us", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cacn.pw", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cacr.pw", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cafled.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cakearific.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "calminteractive.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cambreaconsulting.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cambridge-examen.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "canadianatheists.ca", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "canadianatheists.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "canopycleaningmelbourne.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cantonroadjewelry.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "capsule.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "captainsfarm.in", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "carmelrise.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cars4salecy.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "casalborgo.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "casinorewards.info", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cbdcontact.pl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cbdoilcures.co", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ccattestprep.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cdmlb.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ceanimalhealth.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "centrallotus.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cgminc.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "chatforskning.no", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "chetwood.se", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "chicagoemergencyclosings.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "choootto.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "chrisahrweileryoga.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "chrystajewelry.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cimbalino.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cirurgicavirtual.com.br", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "citfin.cz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "citizenscience.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "citycreek.studio", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "clamofon.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cloudalice.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cloudalice.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cloudwellmarketing.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "coatsandcocktails.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "codersatlas.co", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "codersatlas.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "codersbase.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "colpatriaws.azurewebsites.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "comame.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "comicspornow.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "compraporinternet.online", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "comprarimpresoras-3d.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "computer-menschen.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "consultanta-in-afaceri.ro", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cooltang.ooo", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "correct.cf", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "correcthorse.cf", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "country-creativ.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ctr.id", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cybergates.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cyberlegal.co", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dailyroverr.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "danieln.tech", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "danielparker.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "darkestproductions.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dashcloud.co", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "datahive360.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "david-hinschberger.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dbmxpca.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "decfun.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "decrypto.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "define-atheism.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "define-atheist.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "defineatheism.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "defineatheist.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dentechnica.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "derbyware.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "derivedata.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "desertmedaesthetics.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "devswag.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dexonrest.azurewebsites.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dexonsoftware.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dhbr.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dia.com.br", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "diccionarqui.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dietergreven.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "diplomatiq.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "disinfestazioni.napoli.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "diversifiedproduct.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dnsaio.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dnskeep.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dnskeeper.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "doanhnhanplus.vn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "docudanang.com.vn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dodds.cc", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dodomu.ddns.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "donnajeanbooks.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "doorswest.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dophys.top", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dox-box.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dragon.nu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "drainagedirect.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "draintechnorthwest.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "driftingruby.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "droidandy.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dsmstainlessproducts.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "duckblade.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dum.moe", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ecfunstalls.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "echorecovery.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ecotaxi2airport.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "eden-institut-carita-valdisere.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "edshogg.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "eglisedenantes.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "eiao.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "emailmeform.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "emanol.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "emilio.media", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "emprechtinger.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "encyclopedia-titanica.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "engl-systems.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "enjinx.cn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "entwickler.land", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "estoppels.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "eturist.si", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "euterpiaradio.ch", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "eveadmin.azurewebsites.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "event-blick.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ewok.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "excella.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "exmart.ng", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "eye-encounters.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "eyrelles-tissus.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "faeservice.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fafarishoptrading.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "falce.in", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "falcema.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "familie-mischak.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fantasy-judo.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fapplepie.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "feldmann-stachelscheid.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "feminism.lgbt", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ffrev.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fiestagenial.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "finecraft.cc", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "finzy.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "firexfly.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fisiobox.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fiskalnepretor.pl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "flieger-funk-runde.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "foerster.gmbh", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "foodloader.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fpasca.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fragrances.bg", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "freelancejobs.org.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "freewoodfactory.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "freshpounds.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "frnco.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fullfilez.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fun88city.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "furgetmeknot.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fuszara.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "futuressm.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gabiocs.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "game-topic.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gekosoft.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "georgiatransport.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gettodoing.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "giftya.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "glamouria.com.br", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "goldenmonrepos.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gomel.chat", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "googlehosts.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gophoto.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "goplex.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gosolockpicks.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gowancommunications.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "grapevine.is", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "graz2020.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "greekmusic.academy", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "greenpaws.ee", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gridsmartercities.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "groomscroft.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "groomscroft.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gumeyamall.jp", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "guolaw.ca", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gvoetbaldagenalcides.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hady.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hajekj.cz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hamburg40grad.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hanakatova.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hansashop.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "haocq3.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hashcashconsultants.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hawaiianchoice.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "heldtech.services", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "helgaschultz.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hems.si", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "heroco.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hervespanneut.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "himiku.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "history.gov", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hnrk.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hochdorf-tennis.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hoge.se", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "holzed.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "homunyan.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hostingsams.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hotel-alan.hr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hotelbonacabol.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hotelelaphusabrac.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hotelkaj.hr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hotelmarinaadria.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hotelneptundalmatien.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hotelsolinebrela.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "houselocal.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "howesky.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "howtomovetheneedle.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hro.to", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hsts.ovh", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ht.mk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hualao.co", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hubchain.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hubchain.com.br", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hubchain.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hubchain.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hubchain.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hundhausen.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hy1.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hyvanolonterapia.fi", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "i-0v0.in", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "i9s.in", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ia.cafe", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ibps-recruitment.in", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "iktisatbank.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "iltuogiardino.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "immobiliengutachter-holland.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "indianamoldrepairpros.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "indianawaterdamagerepairpros.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "indio.co.jp", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "infobrain.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "inforaga.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ingolonde.pw", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "instantphotoprinter.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "integrityfortcollins.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "intelligenetics.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "intellitonic.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "interabbit.co", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "intern.tax", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "intr0.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "intrigue3d.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ionspin.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "iprcenter.gov", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "irisdesideratum.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "itinthebubble.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "iwatchcops.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "iwatchcops.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jan-reiss.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jasonadam.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jasonsplecoscichlids.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jiosongs.biz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jiyue.moe", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jodbush.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jonathanscott.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jongpay.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jorexenterprise.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jpbe-network.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "justin-tech.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kabos.art", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kalyanmatka.guru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kamata-shinkyu-seikotsu.jp", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kameari-za.space", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kamilki.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kaplatzis.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "katarsisuib.no", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "katjavoneysmondt.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "keepsight.org.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "keponews.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kernelprogrammer.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "keys247.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kg7.pl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kidaptive.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "klemkow.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "klemkow.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "klinik-fuer-aesthetische-zahnheilkunde.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "knowyourday.ai", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kongsecuritydata.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kos4all.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kosherjava.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kramer-edelstahl.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kristall-energie.at", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kvestmaster.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kxnrl.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "l-atelier-c.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "l3.ee", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lacaey.se", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lalingua.ir", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lamconnect.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lampsh.ml", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lancelhoff.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lancemanion.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "larotayogaming.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "latinmusicrecords.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "leaf-consulting.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lehmitz-weinstuben.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "leibniz-gymnasium-altdorf.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lequest.dk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "level-10.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "liberation2020.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "life-like.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lifefoto.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lifeupgame.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lift-wise.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "line-wise.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "linhua.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "linkopia.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "littledev.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "livaniaccesorios.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "livehomecams.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lmtravis.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "loansharkpro.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "localea.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "locklock.com.br", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "locklockbrasil.com.br", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "locknlock.com.br", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "locknlockbrasil.com.br", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "loker.id", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lolly.cc", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lty.space", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lumbercartel.ca", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lupa.cz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mac-support.se", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "magepro.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mailtelligent.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "maitemerino.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "makedonija.net.mk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "maplegate.info", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "margays.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "matrieux.dk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mauiticketsforless.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "maxlaumeister.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "maxmobiles.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "meangirl.club", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "meine-cloud-online.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mellitus.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "merchcity.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mesec.cz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mevanshop.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "michalpodraza.pl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "microfonejts.com.br", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "micromind.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mikewrites.online", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "milakirschner.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "milkameglepetes.hu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "minisoft4u.ir", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mischak.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mixmister.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mizuhobank.co.id", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mneerup.dk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "moabpapier.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "moabygg.se", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "modnitsa.info", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mofidmed.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mogooin.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "monobunt.at", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "moplx.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "motionvideos.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mounp.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "muunnin.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mwamitours.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mycoupons.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "myfae.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "myndcoin.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mypay.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nanogramme.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nayr.us", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nca.ink", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ncgt.se", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "netd.at", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "newsgroups.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "newsletteralerts.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nexd.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nguyenminhhung.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nikolainevalainen.fi", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "niktok.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "noah-witt.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "noahwitt.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nodist.club", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "noellimpag.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nooranevalainen.fi", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "northernpowertrain.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nphrm.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nwitt.us", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nysteak5.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "oaktree-realtors.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "odense3dprint.dk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "offgridauto.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ohartl.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "oil-ecn.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "olecoin.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "om.yoga", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "onetouchrevealplus.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "onionyst.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "openjur.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "opensourcesurvey.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "oranjee.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "orlandobalbas.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "oxia.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "oxiame.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "paintsealdirect.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "paperworld.online", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "parasosto.fi", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "parcoursup.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "parkingparisnord.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "peliculator.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pellet.pordenone.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "perfect-carstyle.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "perfectgift.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "perfmatters.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pets4life.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pewat.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "philipkobelt.ch", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "phoxden.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "php.watch", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "phyley.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "piepermail.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pijusmagnificus.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pinot.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pitaiabank.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pitaiatrade.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pkeus.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "plentybetter.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "plentybetter.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "poptimize.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "prateep.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "preme.name", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pretor.com.pl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pretor.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pretor.pl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pretorcup.pl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "primananda.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "proformer.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "propertysales-almeria.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "proxybay.bet", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pulsarsecurity.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pulsnitzer-lebkuchen.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pumpandcash.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pvamg.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pwt.pw", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pxgamer.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "qarea.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "qiukong.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "quickrelations.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "quietboy.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rabbitinternet.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "radarbanyumas.co.id", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "randolf.ca", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ravada-vdi.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ravanalk.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rbmland.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rca.ink", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "reactions.ai", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "reactions.studio", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "reades.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "reath.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "recard.vn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "redscan.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "redshell.pw", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "redwhey.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rentandgo.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "replace.ninja", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "reticket.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "retroride.cz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "returnonerror.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "richardson.tw", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ridhaan.co", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ritirocalcinacci.viterbo.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rmi.com.ar", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rodykossen.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ronem.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "roomguide.info", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "roomsatevents.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rotapalor.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rpadonline.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rynkebo.dk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "s2t.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "saas.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sablyrics.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "safeitup.se", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "salon-hinata.biz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "saultdefencelaw.ca", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "schaffensdrang.at", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "scholieren.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "scrapdealers.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "scrivito.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "seamester.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "seasons-vintage.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sebjacobs.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "securemailbox.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "securemessage.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "seekfirstthekingdom.ca", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "seguridadysaludeneltrabajo.com.co", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "seloc.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sense.hamburg", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sentiments.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sentirmebien.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "servidoresweb.online", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "seven-shadows.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sharing-kyoto.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "shimi.blog", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "shimi.guru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "shiqi.se", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "shrimpcam.pw", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "siava.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sim-usa.mobi", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sincemydivorce.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sitiweb.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "six-o-one.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "skolnieks.lv", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "skulblaka.ch", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "skyeeverest.tk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "slt24.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "slunecnice.cz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "smaltimento.milano.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "smaltimentorifiuti.prato.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "smart.vet", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "smartpti.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "smilenwa.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "smtparish.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "snroth.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sot.blue", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sot.red", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "southbendflooring.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "spieltexte.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "spilled.ink", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "spira-group.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sptr.blog", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "stal-rulon.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "star.watch", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "startliste.info", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "stdev.top", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "steelbeasts.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "stmarysnutley.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "stnevis.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "stoneedgeconcrete.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "strandedinotter.space", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "strangeways.ca", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "studentklinikk.no", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "summermc.cc", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sunny.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sunnysidechurchofchrist.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "svsb-live.azurewebsites.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "swarovski-lov.cz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "syakonavi.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "symdevinc.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "szeretekvajpolni.hu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "taalcursusvolgen.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "taishokudaiko.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tallinnsec.ee", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tallinnsex.ee", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tarot-cartas.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tcit.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tea.in.th", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "techforthepeople.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "technicalramblings.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "teganlaw.ca", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "teganlaw.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tekniksnack.se", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "telco.at", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "telegram.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tenkdigitalt.no", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tepautotuning.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "terranova.fi", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "thambaru.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "theazoorsociety.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "theeverycompany.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "thehub.ai", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "theissue.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "thevyra.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "theworldbattle.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "thietbithoathiem.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "thomas.computer", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "thomien.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tilde.institute", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "timelockstash.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tm80plus.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tobiaswiese.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tobiaswiese.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tobiaswiese.work", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "toihoctiengtrung.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tophat.studio", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "toplist.sk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "touchsupport.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tracking.best", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "trafficmanager.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "trebek.club", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "trilex.be", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tronmeo.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tucepihotelalga.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "turkiyen.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "u5eu.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ufocentre.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "unikrn.space", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "upcambio.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "upengo.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "uprospr.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "uriport.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "uriports.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "urnes.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "utahblackplate.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "utahblackplates.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "utahcanyons.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "uwat.cf", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "uzayliyiz.biz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "va1der.ca", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "valtool.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "valuemyhome.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "valuemyhome.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "valuuttamuunnin.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "vapex.pl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "varaeventos.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "vctor.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "veggie-einhorn.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "verschurendegroot.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "victorblomberg.se", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "vietplan.vn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "vincentiliano.tk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "violauotila.fi", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "vionicshoes.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "vitalia.cz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "viva2000.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "voss-klinik.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "vpsao.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "vrcprofile.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "vroyaltours.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wangejiba.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wangriwu.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "waylandss.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "whollyskincare.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "whqqq.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wicharypawel.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wick-machinery.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wildcatdiesel.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wildercerron.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "woblex.cz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wooc.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "worknrby.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wotsunduk.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wscore.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wunschpreisauto.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wuyang.ws", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xdtag.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xhotlips.date", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xinsane.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xmflyrk.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xn--1yst51avkr.ga", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xn--1yst51avkr.xn--6qq986b3xl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xn--2sxs9ol7o.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xn--6qq52xuogcjfw8pwqp.ga", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xn--6qq62xsogfjfs8p1qp.ga", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xn--b3c4f.xn--o3cw4h", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xn--bckerei-trster-5hb11a.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xn--xft85up3jca.ga", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xn--z1tq4ldt4b.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xp.nsupdate.info", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "yannis.codes", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "yogamea.school", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "yoplate.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "your-idc.tk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ypse.com.br", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zakelijketaalcursus.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zakelijkgoedengelsleren.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zhangwendao.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zhdd.pl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zhost.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zhouba.cz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zirrka.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zjateaucafe.be", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zubr.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "000books.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "003971.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "008207.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "008251.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "008253.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "008271.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "009p.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "050869.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "056657.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "056675.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "056679.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "056687.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "056690.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "056697.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "056867.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "056869.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "056875.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "056879.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "056950.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "056976.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "056985.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "057587.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "057596.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "058509.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "058596.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "058679.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "059957.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "060757.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "060795.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "060796.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "060798.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "0607p.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "060870.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "060875.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "065679.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "065706.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "065790.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "065970.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "065976.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "066570.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "066579.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "066590.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "066705.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "066709.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "066790.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "068697.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "068756.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "068957.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "069657.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "069676.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "0708p.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "070968.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "070986.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "0720p.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "0798rcw.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "085806.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "085905.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "085950.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "086807.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "086907.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "087059.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "087065.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "087540.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "087569.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "087580.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "0vo.moe", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "0xaf.tk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "110692.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "11221jz.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "1126p.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "112it.ro", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "1130p.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "120323.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "126772.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "127661.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "127662.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "127663.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "127665.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "12autoankauf-berlin.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "130212.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "131934.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "131954.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "133294.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "133492.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "136774.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "136814.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "137724.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "141145.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "1889p.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "2083236893.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "2206p.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "232192.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "249722.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "24items.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "2586p.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "3351p.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "336yh.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "3880p.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "3rsee.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "3xbit.com.br", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "4111pk.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "4138hd.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "441jz.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "442jz.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "443jz.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "46fa.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "5002888.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "5007999.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "5287.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "532441.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "532445.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "545755.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "555wfcp.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "58nav.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "5beanskit.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "5stars.tv", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "5yeb.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "620881.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "6556hd.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "6556pk.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "6602p.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "6603p.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "69759.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "7080997.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "7770b.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "77dostavkaroz.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "8080883.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "80883.cc", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "80887.cc", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "815jz.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "816jz.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "8211p.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "8213p.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "8214p.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "8215p.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "8216p.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "848jz.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "8802p.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "885287.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "88851333.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "88851777.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "888666pj.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "8yun.cf", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "8yun.ga", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "9090819.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "967606.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "9950p.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "9box.jp", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "9jatrust.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "a-care.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "abaev.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "abasalehngo.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "abhibhat.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "abitidasposa.roma.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "abogadosescobarysanchez.es", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "aborla.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "acl.ink", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "acorncredentialing.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "adaptergonomics.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "adcnvs.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "adminless.ovh", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "adohanyzasjovoje.hu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "adomani-italia.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "adtelligent.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "advaithbot.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "advenacs.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "aegis.moe", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "aenterprise.info", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "aeonct.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "aff.moe", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "aflam4you.tv", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "african-bay.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "agenciamdg.com.br", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "aimonline.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "aipi.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "alcouponest.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "alex4386.us", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "alexandrefa.ovh", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "alexpnixon.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "allamericanpaintingplus.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "allram.one", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "allsun.online", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "almenrausch-pirkhof.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "alpencams.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "alpstarentaisetaxi.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "alpstarentaisetaxi.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "alternativehosting.ca", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "alternativehosting.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "aluminium-giesserei.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "alxu.ca", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "amendine.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "americasdirector.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "amiciperlatesta.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "amielle.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "amokinio.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "amstelland.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "amzanalyzer.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "anatoray.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ancel.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "andrewletson.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "angrido.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "anoboy.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "anodas.lt", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "antonok.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "anythingautowebster.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "aobeauty.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "aod-tech.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "aori.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "aostacarnavals.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "apiu.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "apocalypsemud.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "aqua-bucht.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "archeologicatoscana.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "archit.in", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "archiweb.pl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "arrowit.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "arunjoshua.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "aryabusines.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ashessin.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "asirigbakaute.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "askeustache.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "asksatya.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "astroalloys.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "aterlectric.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "athekiu.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "atlascoffeeclub.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "atmalta.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "aucarresainteloi.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "aulasvirtualesperu.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "authenticationhub.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "autoreinigung-noack.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "autoskolaplzen.cz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "avestawebbtjanst.se", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "awplasticsurgery.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "awscloudrecipes.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "aying.love", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "b767.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "baitaplamvan.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "baitcon.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "balter.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bananice.moe", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bani99.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bankanswers.gov", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bariumoxide.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "batkave.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "baumkuchen-aus-dresden.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "baza-gai.com.ua", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bbsec.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "beavertales.ca", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bee-social.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "belos.at", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "belyoung.com.br", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "benbalter.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "benefitshub.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "benefitshub.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "berati.tv", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "berg-freunde.at", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "berg-freunde.ch", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bewegigsruum.ch", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bfcgermania88.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bfob.gg", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bgmn.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bibles.com.tw", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bie08.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bie35.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bie79.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "billfazz.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bitrefill.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bixbydevelopers.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bizzdesign.cloud", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bkt.to", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "black1ce.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "blaindalefarms.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "blicy.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "blingwang.cn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bloogle.top", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bluepromocode.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "blueswandaily.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bookzaga.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "booplab.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "boothlabs.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bootsschule-weiss.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "boreo.si", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "boysontech.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bps.vc", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "breakwall.ml", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "brightside.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "britanniacateringyeovil.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bryantzheng.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "btshe.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "builditfl.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bukiskola.hu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bukivallalkozasok.hu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bukpcszerviz.hu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bulwarkcrypto.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bunny.tk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bunq.love", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "buscandolosmejores.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "busiteyiengelle.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "butzies.ddnss.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "byjuschennai.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bypetula.cz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "c376.site", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cafesdomundo.pt", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "camshowdir.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "canberraoutletcentre.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "care-spot.biz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "care-spot.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "care-spot.info", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "care-spot.mobi", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "care-spot.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "care-spot.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "care-spot.us", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "carespot.biz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "carespot.co", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "carespot.mobi", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "carespot.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "carespot.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "carespot.us", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "carespotexpress.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "carespotexpresshealthcare.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "carespottravelmedicine.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "carespottravelmedicine.mobi", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "carespoturgentcare.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "carespoturgentcare.info", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "carespoturgentcare.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "carespoturgentcare.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "carespoturgentcare.us", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "casa-laguna.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "casadopulpo.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "caseof.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cat93.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "catchkol.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "catram.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "caudo.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "caudohay.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "celebphotos.club", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "centerperson.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "centos.cz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "centsi.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cgf-charcuterie.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "chapstick.life", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "checkandreportlive.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "checkblau.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "checookies.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "chiangmaimontessori.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "chicurrichi.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "christielepage.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "chromeworld.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "chromopho.be", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "chtsi.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cihar.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cinkciarz.pl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "citas-adultas.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "claraism.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cldinc.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cloudsecurityalliance-europe.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cloudsecurityalliance.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cloudsecurityalliance.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cloudsecuritycongress.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cloudsecuritycongress.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cloze.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "club-dieta.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cmov-plongeurs.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cockfile.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "coindesfilles.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "collab.ddnss.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "collaborativehealthpsychology.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "collegereligionandphilosophy.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "comedyhuis.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "comercialdragon.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "commercezen.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "commissaris-vraagbaak.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "componentshop.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "comprarefiereygana.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "computerwerk.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "concreterepairconcreteraising.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "congafasdesol.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "conotoxia.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "consideryourways.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "constituenttracker.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "containerspace.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "corpoepele.com.br", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "corso-antincendio.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cosmetic-surgery-prices.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cote-chasse.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cpe-registry.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cpe-registry.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cpe-registry.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cperegistry.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cperegistry.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cperegistry.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "crazybulksteroids.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "creaticworld.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "creativeangles.in", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "creatorswave.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cronenberg.cc", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cryptomail.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "csa-library.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "csaapac.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "csaapac.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "csacongress.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "csacongress.us", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "csadc.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "csasummit.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "csasummit.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "csosa.gov", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cube.la", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "curlify.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cvtemplatemaster.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cwc.gov", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cyberbot.info", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cyberdyne.llc", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "d7211.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "d7215.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "d7216.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "daddybio.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dafyddcrosby.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dai94.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dair.se", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "daitouryu-jujutsu.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "damjanovic.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "danfromit.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "danfromit.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dara-berlin.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "datingsite-vergelijken.website", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "daveops.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "davidandrewcoaching.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "davidkeane.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dazz.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dazzit.ca", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dazzit.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dazzit.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dazzit.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dazzit.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dbjl.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dbrand.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dd7211.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "deadbyhost.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dealspotr.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dealszone.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "debatereport.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "decimatechnologies.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "decor-live.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "deep-labs.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "deepinnov.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "degrasboom.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dein-trueffel.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dejting-sidor.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "deleenheir.be", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "deli-tochigi.jp", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "deltawolf.tk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "depedtambayan.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "desenfans.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "deskguide.info", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dev-greavesindia.pantheonsite.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "devils-point.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "diag.com.ua", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dicionarios.cc", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "die-bobbeloase.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "diendorfer.space", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "digital-sculpture.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "digitalblood.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "directoryhub.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "disciplesmakingdisciples.ca", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "discus-communications.dk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dividendz.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "divisuite.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dleger.space", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dmk-realestate.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dnalounge.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dnapizza.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "docassure.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "doctorxdentist.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dogodki.today", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dominik-bergmann.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dongthucvat.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "doxal.ro", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dracoon.cloud", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dracoon.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dracoon.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dracoon.team", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "drgn.li", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "drgrace.ca", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "droneland.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dsble.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dsbutler.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "du-alex.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "duckcorp.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dustyro.se", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dustywilson.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dutchfoodie.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dynocc.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "e-sushi.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "eac.gov", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "easypayments.pro", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "echarity.ae", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ecp.ae", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "eggqvq.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "egicloud.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ehdud8451.tk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ekranos.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "eladlak-ingatlan.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "eletrochape.com.br", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "elitel.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "elodrias.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "emilstahl.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "emma.ly", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "encodecloud.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "enganches.es", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "engl-server.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "enotefile.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "envide.no", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "enviro-umweltservice.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "epinesdeparadis.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "erlebnisarchaeologie-bayern.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ernsteisprung.ch", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "estefan.dyndns.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "estonia.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "eternalflame.info", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ethanchin.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "eurorecambios24.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "exadime.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "explorebigideas.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "expmind.co.in", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "express1040.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "eyejobs.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "facai666.cc", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "facai888.cc", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "facarospauls.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fachmann-umzuege.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fakeduckpond.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "familiereimann.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fantraxhq.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fastinviter.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fbrief.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "federicoparty.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "feedermarket.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "feixiang.eu.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "felix-hirner.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fidufinance.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "film-op-tv.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "financewithcromulent.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "findelahistoria.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "findingtheuniverse.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "finefriends.social", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "finefriendsapp.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "finlandcook.online", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "finlandcook.top", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fiveyearsahead.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "flamingogroup.vn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "flibusta.appspot.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fmstr.ml", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "followmystaff.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fono.jp", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "forbidden-mods.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ford.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ford.com.br", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ford.com.cn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ford.mx", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fordsync.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fosterpark.ca", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fournarisopenday.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "frasch-umzuege.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "frau-pusteblu.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "frc.gov", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "freeministryresources.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "freetaxusa.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "friplay.host", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fruityten.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fsgeek.ca", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ftdev.in", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "furries-united.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "furry.bot", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "g3circuit.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gabrielkoo.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gadget-tips.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gadgetadvisor.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gailbartist.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gallmeyer-consulting.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "galoserver.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gangnamavenue.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gangnamcool.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "garagedoorrepairingsanjose.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "garagelink.jp", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gaw.sh", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gd88.cc", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gearbot.rocks", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "geekeffect.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gehrke.cloud", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "general-plast.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "geniofinanciero.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gesnex.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gfedating.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ghost-legion.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "givingtools.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "glass-mag.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "globalno.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gn00.ink", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "go2archive.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gomel.city", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gomelphoto.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "good588.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "goru.travel", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gosnipe.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gostargazing.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "goufaan.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "graandco.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "grasboomamersfoort.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "grasboombinnendoor.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "grasboomclophaemer.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "grasboomderoos.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "grasboomleusden.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "grasboommax.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "grasboommeerbalans.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "grasboomveenendaal.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "grasboomvondellaan.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "grenlandkiropraktor.no", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "grupodatco.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gtn-pravda.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "guchengf.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gx3.cn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gyakori.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gzriedstadt.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "haancommunity.cf", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hackerone.blog", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hackingondemand.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "haibara.top", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hajekj.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hambassadors.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "handy-reparatur-berlin.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "handynummer-info.ch", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hansashop.fi", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hatter.ink", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "haustechnik-schulte-sanitaer-heizung-klima.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hd4138.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hd6556.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "heitepriem.info", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hellomookie.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "helprocleaningservices.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "helptasker.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "helserbrothers.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hendrickx.be", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "henrik-bondtofte.dk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "herbertjanvandinther.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "heribro.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "heroku.ga", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hideo54.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hillcrestswimclub.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "himalaya-cross.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "himalaya.video", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hitchpin.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hkas.org.hk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hoathienthao.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hoathienthao.vn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hoctap.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "holidayacademy.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "homelabquotes.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "honoka-seitai.jp", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "horizzon.cloud", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "horsegateway.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hostingalternative.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hotel1926.com.mt", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hrafnkellbaldurs.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hsuan.pw", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "huangqifu.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hytale.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "idealcontabilidade.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ideatarmac.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "idyl.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "igdn.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "igrarium.com.ua", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ijsclubdwarsgracht.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ikkakujuku.work", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ikmx.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "iliasdeli.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ima.re", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "imcsi.cn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "imperialinfosys.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "imtikaib.ml", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "inc.wf", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "independenttravelcats.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "infobalkans.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "infosectekniques.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "infraball.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "infrabeta.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "infrabold.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "infraboom.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "infraclip.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "infracron.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "infradart.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "infradisk.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "infrafuse.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "infralira.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "infraloon.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "inframake.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "inframeet.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "inframenu.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "infraname.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "infranest.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "infratask.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "infratrip.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "infravibe.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "inoxandco.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "inoxdesign.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "inoxdesign.pro", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "inspiratienodig.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "integrata.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "internetgardener.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "intropickup.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "investinturkey.com.tr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ipripojeni.cz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ipso.paris", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "irismq.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "irlfp.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "isitef.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "itcs.services", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "itfly.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "its420somewhere.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "itseeze.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ivotemahdi.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "iwascoding.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "iyn.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "iyoumu.top", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "izanah.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "j-robertson.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "j5lx.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "j5lx.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "j5lx.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jackwozny.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jackyliao.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jacobs-implantate.at", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jarrah-alsilawi.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "javi.pro", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jaybrokers.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jcus.co", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jdm.pl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jemigjordy.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jennethaarfotografie.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jianwei.wang", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jime-hlavou.cz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "joesniderman.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "johngadenne.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jordiescudero.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jorsev.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "joshhoffer.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "julm.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jusos-goettingen.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "just-webdesign-berlin.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jwpoore.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jwybk.ml", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jwz.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jzgj088.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kamen-master.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kayo.digital", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "keepitsecure24.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kennedyinsurancesolutions.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kevindienst.blog", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kiarayoga.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kieran.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kii91.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kinecle.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kipsu.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kirchhoff-getraenke.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kiropraktorvard.se", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kizomba.info", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kizzycode.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kjnotes.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kk.in.th", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kl008888.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "klapib.ee", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kleine-viecherei.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "knoji.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kobar.id", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "koeeusa.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kohparadise.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kojip.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kokoushuvila.fi", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "komodolabs.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kritikawebu.cz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kroell.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ksopp.si", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kt-events.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kuanta.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kuechenserver.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kuechenserver.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kunaldesai.blog", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kurszielnull.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kuunlamaailm.ee", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kybqp.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kybqp.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lagsoftware.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lalunaonlinebr.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lambangcapgiare.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lannamontessori.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lannatefl.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lansewu.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "laserhealthsolutions.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "layazc.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "layordesign.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lbsistemas.com.mx", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "legalforms.ng", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "legionminecraft.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "legnami24.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lehrermarktplatz.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lequateur.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lesummeira.is", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "letson.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "level6.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "leventismotors.com.ng", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lexic.co", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lgbtq.cool", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "liangyichen.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "liberationschool.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ligmadrive.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "likeometer.co", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "limx.win", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "linaklein.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "linan.info", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "linan.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "linan.site", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lincoln.com.cn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lincoln.mx", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "linuxbg.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lipighor.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lipighor.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "list-gymnasium.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "littlecrittersbrewery.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "littleduck.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "liu0hy.cn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lizhuogui.ga", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lkellar.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lock23.ca", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "locksmithcarrolltontx.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "locksmithdrippingspringstx.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "locksmithlakewaytx.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "locksmithmesquitetexas.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "locksmithsbuda.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lockwoodchristmastreefarm.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "locus-dashboard.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "locusmap.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lonay.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lostsandal.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lostsandal.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "louisapolicefoundation.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "louisapolicefoundation.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ls-modcompany.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lundberghealthadvocates.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "m0v0.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "maduradas.info", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "maduradas.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "magicjudges.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mailjunky.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "makogaming.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "malvertise.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mamabepo.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "manantialdevida1450.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "maniacoland.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "marietrap.ch", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "maroismasso.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "martian.tk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "massageishealthy.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "massagetherapyschoolsinformation.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "math-coaching.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "matocmedia.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mauerwerk.online", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mcconciergerie.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mcdsg.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "med-post.biz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "med-post.co", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "med-post.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "med-post.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "med-post.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "med-postclinic.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "med-postdoctor.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "med-postdoctors.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "med-postemergency.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "med-posthealth.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "med-postmedical.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "med-postphysicians.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "med-postwellness.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mediacloud.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "medpost.biz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "medpost.co", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "medpost.info", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "medpost.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "medpost.mobi", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "medpost.tv", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "medpost.us", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "medpostcare.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "medpostclinic.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "medpostdoctor.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "medpostdoctors.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "medpostemergency.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "medpostexpresscare.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "medposthealth.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "medposthealthcare.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "medpostimmediatecare.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "medpostmedical.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "medpostphysicians.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "medposturgentcare.biz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "medposturgentcare.co", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "medposturgentcare.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "medposturgentcare.info", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "medposturgentcare.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "medposturgentcare.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "medpostwalkincare.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "medpostwellness.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mekongmontessori.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "memo2ch.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "metrodetroitmommy.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "meuble-house.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mexicodental.co", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mgiljum.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mi92.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mibh.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "micelius.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "michaell.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "michaell.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "michaelloveys.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "micromookie.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "micsell.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mihgroup.eu.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mihgroup.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mijntelefoonboek.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mikusa.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "milkypond.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "minican.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "miraste.com.br", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mirazperu.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mircarfinder.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mirete.info", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mnconsulting.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mnienamel.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "modonor.dk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mods-community.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mods-pic.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "moepass.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "moleskinestudio.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "monelephantapois.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "monplay.host", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "motor-forum.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "movfun.ga", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mrmad.com.tw", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mrstuudio.ee", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mstdn.vodka", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mudit.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mueller-gaestehaus.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "muilties.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "muoivancauhoivisao.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "musiikkiohjelmapalvelu.fi", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "muy.ooo", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mvwoensel.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "my-co.ir", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mycamshowhub.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "myclgnotes.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "myibidder.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "myloneworkers.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mymonture.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "myopd.in", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "myphamaplus.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "myrepublic.net.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mysad.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "myservice.store", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mytime.gl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mzlive.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "naarakah.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nabbar.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "naganithin.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nagata.info", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "naijaxnet.com.ng", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nais0ne.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nakayama.industries", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nakayamaresearch.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nameproscdn.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "namus.gov", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "naseehah.ga", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nasr.mobi", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nathan.ovh", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ncjrs.gov", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nerdpol.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nereustech.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nethack.ninja", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "netube.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "netzona.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "newhoperailroad.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nexter.cloud", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nguyencucthanh.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nice.im", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nickmorris.name", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nicolaiteglskov.dk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nikpool.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ningbo.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nizhaoheng.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nob.ro", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nojobook.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "noleggiolimousine.roma.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "noonan.family", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "northcoastlabs.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nosuch.blog", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nosuch.site", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nosuch.website", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "noteshare.online", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nourishandnestle.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nowitzki.network", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "npbeta.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nrsmart.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ntut.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nysis.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nysis.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "o-s.no", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "octa.store", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "okqubit.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "okviz.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "oldonyosafaris.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "olivier-rochet.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "omegarazer.ca", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "onehost.blue", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "online-biblio.tk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "onlinecasinoselite.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "opcionpublicitaria.pe", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "open-ctp.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "open-ctp.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "open-ctp.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "openbsd.rocks", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "opencaves.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "openctp.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "openctp.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "openctp.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "openshippers.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "openstandia.jp", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "opportunityliu.top", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "optimaner.pl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ordoh.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ore.cool", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "origin8delicafes.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "osolutionscorp.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ostachstore.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "otisko.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ots.gov", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "outfit-weimar.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "outincanberra.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "overlandireland.ie", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ownagepranks.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "paced.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "packs-de-mujeres.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pagamentosonline.pt", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pagerduty.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pahub.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "paigejulianne.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "palavalbasket.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "palermopride.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "panamatrippin.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "paniodpolskiego.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "paragontasarim.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "parturi-manner.fi", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "partyshop.ge", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "parys.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "patrykwegrzynek.pl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pause-canap.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pawspuppy.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "paxchecker.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pbren.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pcs.org.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pearlsonly.ca", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pearlsonly.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pearlsonly.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "peatsbeast.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "peckcloths.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "peepsfoundation.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pencil2d.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "penzionvzahrade.cz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pepfar.gov", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "peppelmedi.fi", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "performancegate.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "perge.com.br", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "permaseal.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "peruvianphotography.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "peterboweycomputerservices.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "petervaldesii.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "petto.com.co", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "phonenumber-info.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pianos.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pickupenc.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pimusiccloud.hopto.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "piu.moe", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pixshop.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pixulutinho.com.br", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pjp.com.mt", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "plantron.gr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "plastic-id.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "plumbercincoranch.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "plusminus30.si", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "plutonx.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ponio.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ponxel.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "porncompanions.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "portesmagistral.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "premieravenue.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "princepessa.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "probano.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "productionscime.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "promobo.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "propertycrawl.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "proservices.vip", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "prove.no", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "proxirealtime.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "psauxit.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pseric.site", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "psicometricas.mx", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pubkit.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "publi-all.be", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "punchlinetheatre.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "puntcunts.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "puppo.space", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "purejewels.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "purityclothing.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "qaq.cloud", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "qq885.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "qrpatrol.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "quallo.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "qunzi.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "qvq.cloud", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "qxzg.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "radiolla.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "radiopleer.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "radiumcode.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "raid-runners.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "raiffeisenzeitung.at", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "railduction.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rallypodium.be", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "randewoo.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "random.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "razrsec.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "reach-on.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "readabilitychecker.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "recebersms.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "recettecookeo.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "reddingsbrigadeveghel.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "regensburg-repariert.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "remembermidi.sytes.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rena.cloud", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "resdon.cn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "respons.je", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "respons.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "respons.mobi", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "respons.us", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "respons.ws", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "responscode.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "responscode.info", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "responscode.mobi", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "responscode.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "responsecode.info", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "responsecode.mobi", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "responsecode.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "reviderm-skinmedics-rheinbach.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "revuestarlight.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "riechsteiner.tech", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rileyskains.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rincondenoticas.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ristorantelittleitaly.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "riverbendessentialoil.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rle.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "robertkotlermd.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "roboex.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rockerchyc.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rolfsbuss.se", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "romtex.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rootetsy.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rootkit.es", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rowancasting.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rtsak.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rudel-wot.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ruequincampoix.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ruzzll.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rvc-france.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rvfit.dk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rxguide.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ryuanerin.kr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "saga-umzuege.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sajtoskal.hu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "samdrewtakeson.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "samorazvitie.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sangyoui.health", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sanovnik.at", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sanych-msk.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "saorview.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sarahcheyette.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sarkoziadam.hu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "satplay.host", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "savbus.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "savbus.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "schluesseldienst-berlin.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "schmatloch.cloud", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "schmidtlohwasser.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "schonstedt.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "science.gov", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "secondnature.bio", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sehablazolano.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sek.ai", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sektor.tech", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "selectionengine.ca", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "selectionengine.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "selectionengine.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "selectionengine.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "send4x.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "seomik.dk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "seotools.asia", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "seowebexpert.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "seriousaboutsecurity.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "servicerequesthub.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "servidoresadmin.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "shahar.cc", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sharefox.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sharefox.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "shopcord.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "shopperexpertss.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "shotly.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "shrt.tv", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sigma957.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sigmaweb.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "silicanetworks.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "silvershadow.cc", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "silvester-mitterschida.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "simonpayne.cz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sinsastudio.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "site.pictures", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sklep-majster.pl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "skoilly.cn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "skyingo.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sluhockey.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sluo.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "slushpool.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "smartgridsecurity.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "smartgridsecurity.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "smartime.com.ar", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "smartminibushire.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "snh48live.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "soblaznenie.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "soblaznenie2.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "softcreatr.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "software-search.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "solemare-hotel.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sotayhoctap.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sovereignpcs.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "spaceunique.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sparumzuege.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "spewingmews.moe", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "spiegel21.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sportmundschutz-info.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "spotfake.news", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "spotypal.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "springtxcarpetcleaning.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sqlbi.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sqprod.co", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ssab.gov", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "st-tir-pln.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "stahlfeuer-ofenwerkstatt.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "star.garden", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "starease.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "starfriend.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "stevezheng.cf", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "stevezheng.tk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "stickerparadise.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "stiebel.co.nz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "stiebel.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "stiebelmedia.co.nz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "stiebelmedia.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "stockportpyramid.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "stringbeanstudio.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "subtitry.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sudanindependent.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "summerbo.at", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sunbury.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sunhaoxiang.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sunplay.host", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "supplementswatch.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sustc.ac.cn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sv-schody.cz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sweepy.pw", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "swifteh.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "swingerclub.in", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "swrpgitems.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "systemisbusy.info", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "szasz.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "szeptylasu.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tagnull.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tako-miyabi.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "talichi.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tallship.cz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tamada.expert", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tamarimolhem.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tambayology.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tanchynski.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tangledmeditations.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "taowa.ca", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tatler.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "taxhawk.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "taxisantapolagranalacant.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tcl.sh", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "teambim.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "techni-grav.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "techusers.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tecnosa.es", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "teektalk.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "test-greavesindia.pantheonsite.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "testingbot.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tetragir.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "th-music-finder.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "thcdev.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "the-jeuxflash.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "the-train.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "theagencywithoutaname.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "theasianshooter.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "theasianshooters.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "theboats.agency", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "theboats.club", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "theboats.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "theboats.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "theboats.online", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "theboats.pro", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "theboats.site", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "thechavs.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "thedailyprosper.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "thedoctorsorders.pub", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "theghostlytavern.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "thegioidulich.com.vn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "thegreatcommissionpodcast.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "thelounge.chat", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "thenetw.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "thermo-recetas.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "thesage.cf", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "thesanta.biz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "thetechbasket.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "thurn.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "thymiaturtle.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tib1.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tieronegraphics.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tigerscu.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "timecd.cn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tinhchattrangda.vn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "titli.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tm-t.ca", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tmd.cool", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "to-riktari.gr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tobiaalberti.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "todo-anime.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "top6casinos.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "topwoodltd.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "toulineprestige.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tradingview.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "traducir.win", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "treehouse.pub", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "treestarmarketing.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "trichdanhay.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "trico-pigmentazione.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "triri.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "try2services.vc", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ttfin.ch", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ttlet.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tuanhstore.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tueplay.host", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "twatspot.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tzsec.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "uberpromocodes.us", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ubntleaks.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "uddhabhaldar.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ufo-blogger.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ultramookie.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "umzuege-berlin.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "umzug-berlin24.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "unik.bg", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "united-german-commander.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "uoone.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "urbangymfirenze.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "urbexing.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "valuemywebsite.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "vasastansbygg.se", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "veilofsecurity.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "velocom.com.ar", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "verkkopalvelin.fi", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "verschoren.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "verticesedge.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "vervewellness.co.nz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "viacation.co", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "vicugna.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "villaella.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "vindipoker.dk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "virtuebags.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "visionviral.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "vitamina.cl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "vitamina.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "vive.link", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "voolik.pw", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "voxpopuli.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "vragenvanproust.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "vuatruyen.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "vytea.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "waggs.link", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wammu.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wangwenbo.cn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "warmtepomp.express", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "waschmaschinen-dienst.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wasd.ms", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wasgehtheute.in", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wattmaedchen.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wav-productions.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wcosmeticsurgery.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "webhotelli.website", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "webionite.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "weblate.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "weblate.cz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "webperformance.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "webplatform.fi", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wedestock.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wedplay.host", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wegerecht.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wegrzynek.pl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "westcommunitycu.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wfcp1010.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wgtrm.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "whocalledme.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wikilivres.ca", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "winfographics.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "withdewhua.space", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wmcns.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wolfcrow.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "woshiluo.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wpboot.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wpcs.pro", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wpherc.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wug.fun", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "www-5287.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wyomingexiles.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xb83studio.ch", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xentho.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xf5888.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xiaohui.love", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xie38.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xie91.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xiwu.li", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xn--13-6kc0bufl.xn--p1ai", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xn--90aroj.xn--p1ai", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xn--gi8hwa.tk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xn--mgi-qla.life", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xn--registriertesexualstraftter-ykc.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xpressable.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xpresswifi.network", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xstreamable.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xueanquan.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "yangjingwen.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "yangshangzhen.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "yayoba.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ycbmdevelopment.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ycbmstaging.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "yes35.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "yh64678.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "yh66656.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "yh66689.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "yh88890.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "yiffed.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "yogaprague.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "yooguo123.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "yooomu.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "yosakoinight.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "youhs.top", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "yourbodyknows.dk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "yourbodyknows.is", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "yourscotlandtour.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "youshouldbealiberal.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "yunloc.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "yxzero.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "yycbike.info", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "yyy116.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "yyy608.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zaffit.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zalzalac.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zap-mag.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zeyi.fan", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zf1898.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zh-yds.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zhanghao.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zhiyuan.cloud", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zipfworks.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zjc3.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zohair.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zooneshop.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zwierslanguagetraining.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zxxcq.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "110320.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "130032.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "136924.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "1stchoicelandscapingwa.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "301.technology", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "303112.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "376208.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "51guaq.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "581018.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "588l.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "7770t.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "7ferfer.com.br", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "8080889.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "abg.ninja", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "acfun.eu.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "actioncoachignite.co.za", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "aeronote.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "af-tech.cz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "affpass.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "aianipid.ee", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "aidarikako.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "aiinsurance.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "aiinsurance.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "airconsrandburg.co.za", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "alexhalderman.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "alltherooms.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "amica.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ams-web-qa.azurewebsites.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "anciennes-automobiles.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "andrisilberschmidt.ch", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "andromeda.se", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "animeone.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "apimo.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "arweth.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "aspectuw.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "astaxanthin-sport.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "astaxanthin.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "atlas-multimedia.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "autoi.ch", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "badkamermarkt.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bagni-chimici.roma.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bara1.se", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "baswag.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bbs8080.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "beltar.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "benjijaldoner.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bezposrednio.net.pl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bicycleuniverse.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bioastin.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "biopronut.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "blackbyte.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "blatnice.cf", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "blatnice.ga", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "blatnice.gq", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "blatnice.ml", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "blatnice.tk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "blend.guru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "blocher.ch", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bloganchoi.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bokadoktorn.se", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "boxspringbett-160x200.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "brewvo.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "britishsfaward.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "brokernet.ie", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "brubank.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bryantzheng.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bsmomo-api.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "buqi.cc", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "buy2dollars.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bvisible.be", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "byteflies.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "caerus.ws", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "carcloud.ch", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "carterdan.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "carwellness-hinkelmann.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "casacazoleiro.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "certificazioni-energetiche.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cglib.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "chairsgb.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "chrisspencercreative.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cienciasempresariais.pt", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "citydance.ee", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "civicamente.cl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cleanplanet.co.jp", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "climaticarus.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cloudsec.tk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cognixia.us", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "collage.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "compitak.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "conraid.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cookingperfected.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "courseconfidence.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cricklewood.condos", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ctknight.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cupoane-reducere.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cursosypostgrados.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cvutdecin.cz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cyberonesol.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "d-imitacion.top", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "d2qa61rbluifiq.cloudfront.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "danielfeau.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "danskoya.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dax.guide", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "daxpatterns.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "degroupage.info", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "delam.site", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "depedclub.ph", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dev-dot-naga-226708.appspot.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "devonvintagechina.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dezzoroofing.co.za", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "digital-insurance-engine.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "digital-insurance-engine.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "digital-insurance-platform.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "digital-insurance-platform.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dimanet.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "divewithfrank.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dizalty.tv", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "djiconsulting.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "downthe.pub", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "drei01.technology", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "driveexport.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "durgatopos.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dylangattey.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "earn.wiki", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "econsorzio.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "emergencyshutoff.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "emil.one", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "encens.boutique", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "epasar.my", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "escalesensorielle.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "esovita.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "europalettenkaufen.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "evernaut.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fabiocicerchia.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fakeemergency.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "familienportal.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "faradrive.ir", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "farizizhan.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "farleymetals.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "farmaciacorvi.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fishlanestudios.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "foodcare.ml", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "formforger.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "francinebelanger.network", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fullnitrous.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gametowndev.tk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gamishijabsyari.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gaodebo.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "geekthis.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gelukkigehonden.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gemails.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "genemon.at", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "geometra24.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gidari.shop", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gilme.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "goodiesoftware.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gow220.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "graphobyte.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "grillhutsunderland.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "guidedsteps.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "happy-life-food.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hardhat.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "harnov.dk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "harrygerritstransport.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "haushaltsaufloesunghannover.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "helifreak.club", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "helptasker.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "helptasker.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "helptasker.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hgpowerglue.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "huabianwa.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hyperd.sh", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ibsociety.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ictoniolopisa.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "idroserviceweb.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ifan.ws", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "igva.or.kr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "imjustcreative.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "improvision.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "indiansmartpanel.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "inflated.cloud", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "inoxmavang.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "isaropiping.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jabba.homelinux.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jdieselmusic.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "joeseago.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jonas.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jss.moe", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jxkangyifu.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jz585.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "k1yoshi.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kalugadeti.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kelantanmudah.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kinderarzt-berlin-zia.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kiwihub.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "klautshop.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kongress-hostessen.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kupiclub.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kupleno.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lado.ltd", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ladotech.cn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ladotech.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lagunakitchenandbath.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lapshore.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lavka-konditera.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lazau.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "liftoff.rocks", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lightweighthr.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "liuxiangling.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "livadm.ml", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "livogeva.dk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ljoonal.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ljw.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lockaby.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lokal-speisen.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lotsofbargains.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lsmentor.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ltlec.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "maggie-shaw.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mankomarketing.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mantuo.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "map-patho.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "maquena.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "massar.family", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mastersadistancia.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mateiko.by", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "maxmoda.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "melbyjuliapak.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "meteorites-for-sale.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "miamaibaum.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mifibra.cl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mindsetatx.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "misakatang.cn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mistaken.pl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mjpak.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "modafinil.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "moecraft.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mora.pl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "morris.computer", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mototax.ch", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mountainbatchers.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "movestub.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "multimediapc.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "museclef.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mybakkupakku.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ncarmine.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ndime.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nerdrockshop.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "netchameleon.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nwshell.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nyoliveoil.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "oaktonhouseandgardens.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "omenprinting.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "orangesquash.org.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ordekho.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "organicskincare.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "oximo.lviv.ua", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "p0l.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "paullockaby.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "paulw.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "payjunctionlabs.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pefricea.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "petervaldesii.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pharmacyglobalrx.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pikafederation.ca", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "poochingaround.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pornofilme.top", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "powersaleskc.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "psabrowse.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pxetech.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "q-tr.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rafas.com.tr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "raffleshospital.co.id", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rafgrup.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rafsis.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rainway.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rauschenbach.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "reddepsicologosdecr.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rfitness.dk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rise.global", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ristrutturazioniappartamentinapoli.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "robert-foster.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "robertses.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rottipowah.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rrbts.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rubyist.im", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sagaenterprizes.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "saluels.servemp3.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "saputra.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sarbash.ee", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "schluesseldienst-hannover24.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "schwarzer.wang", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "scottmay.id.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "secure-computing.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "securefiletransfer.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "securemy.website", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "securityrussia.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "seminariruumid.ee", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "server92.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sexar.info", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sexara.co", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sheerchain.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sicilyalacarte.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "siusto.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sjnp.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "skid-berlin.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "skyautorental.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "snus123.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sochic.in", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "speeder.im", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sport-decouverte.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sqills.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sshx.top", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "str92.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sugarhillsfarm.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "suourl.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "svetila.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sweetydecor.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tahmintr.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tddos.pw", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "technorely.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "teknoroit.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tende.roma.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "thisistechtoday.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "thorshammare.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "thorshammare.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "thorshammare.se", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tongli.eu.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tpro.co.id", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "trinitasgyor.hu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tristanberger.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tryhexadecimal.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "u-page.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "uma.vn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "umzuege-hannover.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "umzuege-wolfsburg.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "umzug-braunschweig24.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "umzugsunternehmenberlin.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "universalcarpetinc.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "unpluggedjuice.dk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "upropay.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "utrace.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "uuid.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "v5ray.top", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "vdzn.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "vertigo.com.br", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "vitalastin-sport.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "warfield.org.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wasabiwallet.co", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wasabiwallet.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "webia.in.th", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "webmediaprint.at", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wickerliving.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wojak.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wolfdev.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "woodlandboys.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wopplan.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wuav.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wyldfiresignage.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xanderbron.tech", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xenum.ua", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xn--solidaritt-am-ort-yqb.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "yuyiyang.eu.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zhy.us", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zundapp.one", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "079606.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "079607.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "130232.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "132302.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "17xile.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "1f412.space", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "1in9.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "24.ie", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "360-staffing.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "494k.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "7898666.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "7plus.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "9867666.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ab-photography.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "acchikocchi.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "act-safety.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ae8601.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "agibank.com.br", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "allmousepads.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "allroundtechnology.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "allroundtechnology.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "alonas.ovh", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "amiserver.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "angiejones.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "anglersconservation.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "apiplus.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "aporter.ddns.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "atzzz.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "avm-multimedia.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "avmup.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "axispara-bg.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "barwave.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "belanja.express", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "benvds.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bermos.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bettersecurity.co", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "blochoestergaard.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "blockchainevents.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bloglyric.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "blubop.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "boleyn.su", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "brewspark.co", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "brushcreekyachts.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "bunix.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "caferestor.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "callfunc.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cashbackcow.us", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cbdcontact.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "centision.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "centroecuestrecastellar.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cfigura.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "charlie4change.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "chesterfieldplaceapartmentsstl.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "chinookwebdesign.ca", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "chshealthcare.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "citadelnet.works", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cjbeckert.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ckrubble.co.za", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cloud9vets.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cncs.gov.pt", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "condominiosi.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "cooksplanet.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "coya.tw", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "crabfactory.com.my", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "crashboy.ws", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "crossway.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "danielgray.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "datecougarslocal.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "davewood.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "deerfieldapartmentsstl.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "denkmalagentur.ch", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "desafiomovilidadsustentable.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "design-production.jp", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "deskaservices.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "devcoins.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "develope.cz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "diadiemdangsong.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "diconnex.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dietervandenbroeck.be", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dmzlab.se", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dollarrp.pl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dponetwork.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dr-peter-jahn.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "dstvrandburg.co.za", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "efreet.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "electricfencinggillitts.co.za", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "electricfencinghillcrest.co.za", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "electricfencingkloof.co.za", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "electricfencingpinetown.co.za", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "eneamarcantoni.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "enuygun.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "eola.co", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "eromond.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "espacelanguetokyo.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "event-fullyyours.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "everify.gov", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "expii.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "exposurecompensation.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "extradiely.sk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "face-fashion.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "famion.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fbwgynplus.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fbwgynplus.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fenichelar.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fetchease.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fhbnutrition.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "filaretihairlove.gr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fishoilsafety.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fkosquad.moe", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "flasaki.gr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fozzie.space", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "freedgb.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "freelanceunited.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "frenchguy.ch", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fuszara.pl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fuvelis.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "fuvelis.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gakki.photos", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gamcore.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "game-club.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gameharbor.duckdns.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gameharbor.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gameshogun.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "garagefox.ch", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "gathu.co.ke", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "geoffsec.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "getlawyered.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "glixee.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "godattributes.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "goldeneggs.club", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "graph.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "groundthumpingmotors.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "groundthumpingmotors.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "groundthumpinmotors.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "groundthumpinmotors.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "guadagnare.info", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "h3x.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hakans.science", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hanying6.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "harveyplum.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "heighton.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hellovillam.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "helloyemek.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hhh1080.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hirevue.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hookupndate.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hopecbd.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hydronicheatingaustralia.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "hyyen.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ifreetion.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ingridbai.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "injurylawyer.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "inspiredlife.fun", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "instant-clearance-sale.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "interessengemeinschaft-pregelstrasse.tk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ionicisere.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "iservicio.com.mx", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jackgreenrealty.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jacksanalytics.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jamesedition.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "jcit.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ji0vwl.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "joona.pw", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "justinfreid.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kairostecnologia.com.br", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "katyusha.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "keian.tk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kiknudes.co", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kinkyhookup.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kirkwoodfence.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kooxdiving.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kopplin.family", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kosinc.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kozawa.tokyo", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "krant.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "kscarlett.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lafermegourmande.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lavril.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "learnthetruth.tk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "learntotradethemarket.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "legendagroup.ch", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "letkidsbekids.co.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "letsdocode.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "liqueur.wiki", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "littleblackfish.se", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "livecchi.cloud", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "lolitalechat.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "luclu7.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "m-gaming.tk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "magbt.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "managedhosting.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mayorcahill.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mb-server.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mbsr-barmstedt.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "med.tips", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "menhadendefenders.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "metallomania.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "meubanco7.com.br", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mindhunter.info", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "minttang.cn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "moneseglobal.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "myownconference.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mysticrs.tk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "myte.ch", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "mzcsgo.top", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nac-6.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nagrad.tk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "naivetube.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "netfeeds.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "networkmas.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nevalogic.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nevivur.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "newbernpost539.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "newbrunswick.today", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "newbrunswicktoday.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nihilistan.tk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ninjasquad.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nomaster.cc", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nomik.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "nowzuwan.org", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "o0o.st", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "onesearay.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "oolsa.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "oroscopodelmese.it", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "oskrba.online", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "oxdl.cn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "palace-bayreuth.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "paolotagliaferri.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pareachat.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "payjunction.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pebblepointapartmentsstl.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "persiart.shop", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "phibureza.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "photosafari.com.my", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "picr.ws", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pimylifeup.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pintoselectricfencing.co.za", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pirateproxy.bet", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "platnicyvat.pl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pointcab.vn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pokerslab.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pooltechthailand.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "potato.im", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "povmacrostabiliteit.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "privacyweek.wien", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "prostecheat.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "pt.im", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "puntonium.hu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "qingly.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "quirkytravelguy.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "raimondos.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "raito.ooo", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rbx.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "readitify.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "reaksi.id", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "realtoraidan.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "reavaninc.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "red-button.hu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "redecsirt.pt", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "refer.codes", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "refrigeracionpeinado.com.mx", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "renesauerwein.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "renesauerwein.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "retailcybersolutions.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "retrotown.ws", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rhondanp.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "robsutter.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "roko-foto.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rs-cloud.ddns.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "rubixstudios.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ruha.co.in", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "runfitcoaching.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "samariafar.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sarahwellington.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sattamatka.market", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "savbus.ws", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "schoenstatt.link", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "securedns.zone", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "securenets.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sektor41.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sentencing.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "seolotsen.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "seowordpress.pl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "serverping.io", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sextfriend.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "shapediver.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "shareeri.xyz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "shareworks.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sheenveininstitutestl.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "shopfinale.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "simplegoodhealth.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "siseministeerium.ee", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sitz.ch", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sixnines.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "slowcookingperfected.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "smaaker.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "smarntrading.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "smokingblendoils.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "snapnudes.co", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sneakycode.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "socialz.nl", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "spotterpix.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "sql.bi", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "stargate365.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "steffenmeister.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "stiebelservice.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "stiebelstore.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "stlouisinsuranceco.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "stonegateapartmentsstl.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "strengthinyoufitness.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "swey.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "syskit.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tacticalavocado.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "telegra.ph", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "thebirchwoods.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "thermia.co.nz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "thermia.com.au", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "thing.vn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tio.run", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tipsport.cz", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tokoplugin.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "treml-sturm.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "trentonmakesnews.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "truthsayer.tk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tryitonline.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tts-assessments.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tujunfang.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "txpi.nsupdate.info", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "ty5998.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "tylermade.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "uhasseltctf.be", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "universrumbacongolaise.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "urbane-london.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "usa-10.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "uze-mobility.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "valdicass.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "vegoresto.fr", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "veracix.ca", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "veteransonline.us", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "vipllcnj.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "virtus-group.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "virus.pm", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "visadaifu.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "waffenversand-klausing.de", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wc1234.cn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wealthings.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "web-fox23.ru", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "webdev-cw.me", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "werkinholland.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wfsystem.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "windictus.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "woodsmillparkapartmentsstl.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "wpbook-pacificmall.work", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "x6r3p2yjg1g6x7iu.myfritz.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xbyl15.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xbyl16.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xbyl21.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xbyl23.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xbyl26.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xbyl39.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xbyl63.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xbyl71.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xbyl78.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xbyl82.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xbyl91.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xcmfu.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "xssi.uk", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "yh56787.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "yh811.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "yh98768.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "yourtime.tv", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "yumikori.net", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zehrailkeakyildiz.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zenus-biometrics.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zhang.fm", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zhangxuhu.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zstu.eu", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zumub.com", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, + { "name": "zzbnet.cn", "policy": "bulk-1-year", "mode": "force-https", "include_subdomains": true }, // END OF 1-YEAR BULK HSTS ENTRIES // Only eTLD+1 domains can be submitted automatically to hstspreload.org, @@ -63010,6 +65952,9 @@ { "name": "typewritten.net", "policy": "custom", "mode": "force-https", "include_subdomains": true }, { "name": "airbnb.com", "policy": "custom", "mode": "force-https", "include_subdomains": true }, { "name": "airbnb.tools", "policy": "custom", "mode": "force-https", "include_subdomains": true }, + { "name": "account.bbc.com", "policy": "custom", "mode": "force-https", "include_subdomains": true }, + { "name": "session.bbc.com", "policy": "custom", "mode": "force-https", "include_subdomains": true }, + { "name": "session.bbc.co.uk", "policy": "custom", "mode": "force-https", "include_subdomains": true }, // IP Address { "name": "1.0.0.1", "policy": "custom", "mode": "force-https", "include_subdomains": false }, // No subdomains @@ -63031,6 +65976,8 @@ { "name": "trinity.fr.eu.org", "policy": "custom", "mode": "force-https", "include_subdomains": true }, { "name": "mysa.is", "policy": "custom", "mode": "force-https", "include_subdomains": true }, { "name": "vensl.org", "policy": "custom", "mode": "force-https", "include_subdomains": true }, + // TLS 1.3 + { "name": "glassrom.pw", "policy": "custom", "mode": "force-https", "include_subdomains": true }, // Expect-CT { "name": "crt.sh", "policy": "custom", @@ -63246,6 +66193,28 @@ { "name": "nvcogct.gov", "policy": "public-suffix-requested", "mode": "force-https", "include_subdomains": true }, { "name": "obioncountytn.gov", "policy": "public-suffix-requested", "mode": "force-https", "include_subdomains": true }, { "name": "wilsonvilleoregon.gov", "policy": "public-suffix-requested", "mode": "force-https", "include_subdomains": true }, + { "name": "algercounty.gov", "policy": "public-suffix-requested", "mode": "force-https", "include_subdomains": true }, + { "name": "bountiful.gov", "policy": "public-suffix-requested", "mode": "force-https", "include_subdomains": true }, + { "name": "canfield.gov", "policy": "public-suffix-requested", "mode": "force-https", "include_subdomains": true }, + { "name": "cisa.gov", "policy": "public-suffix-requested", "mode": "force-https", "include_subdomains": true }, + { "name": "dallas.gov", "policy": "public-suffix-requested", "mode": "force-https", "include_subdomains": true }, + { "name": "douglas-ma.gov", "policy": "public-suffix-requested", "mode": "force-https", "include_subdomains": true }, + { "name": "getleanflorida.gov", "policy": "public-suffix-requested", "mode": "force-https", "include_subdomains": true }, + { "name": "junctioncitywisconsin.gov", "policy": "public-suffix-requested", "mode": "force-https", "include_subdomains": true }, + { "name": "lincolncountytn.gov", "policy": "public-suffix-requested", "mode": "force-https", "include_subdomains": true }, + { "name": "metropolisil.gov", "policy": "public-suffix-requested", "mode": "force-https", "include_subdomains": true }, + { "name": "mooretownrancheria-nsn.gov", "policy": "public-suffix-requested", "mode": "force-https", "include_subdomains": true }, + { "name": "mountairymd.gov", "policy": "public-suffix-requested", "mode": "force-https", "include_subdomains": true }, + { "name": "ngla.gov", "policy": "public-suffix-requested", "mode": "force-https", "include_subdomains": true }, + { "name": "pakeystonescholars.gov", "policy": "public-suffix-requested", "mode": "force-https", "include_subdomains": true }, + { "name": "saccounty.gov", "policy": "public-suffix-requested", "mode": "force-https", "include_subdomains": true }, + { "name": "sciototownship-oh.gov", "policy": "public-suffix-requested", "mode": "force-https", "include_subdomains": true }, + { "name": "southwindsor-ct.gov", "policy": "public-suffix-requested", "mode": "force-https", "include_subdomains": true }, + { "name": "stutsmancounty.gov", "policy": "public-suffix-requested", "mode": "force-https", "include_subdomains": true }, + { "name": "syracuseut.gov", "policy": "public-suffix-requested", "mode": "force-https", "include_subdomains": true }, + { "name": "tnwioa.gov", "policy": "public-suffix-requested", "mode": "force-https", "include_subdomains": true }, + { "name": "toddmissiontx.gov", "policy": "public-suffix-requested", "mode": "force-https", "include_subdomains": true }, + { "name": "townofruthnc.gov", "policy": "public-suffix-requested", "mode": "force-https", "include_subdomains": true }, { "name": "bmoattachments.org", "policy": "public-suffix-requested", "mode": "force-https", "include_subdomains": true }, // END OF ETLD-OWNER REQUESTED ENTRIES diff --git a/chromium/net/http/transport_security_state_static.template b/chromium/net/http/transport_security_state_static.template index fc5d6673dac..ceb400a0834 100644 --- a/chromium/net/http/transport_security_state_static.template +++ b/chromium/net/http/transport_security_state_static.template @@ -9,6 +9,7 @@ #include <stdint.h> +#include "base/stl_util.h" #include "net/http/transport_security_state_source.h" // These are SubjectPublicKeyInfo hashes for public key pinning. The @@ -46,7 +47,7 @@ static const net::TransportSecurityStateSource kHSTSSource = { kHSTSRootPosition, kExpectCTReportURIs, kPinsets, - arraysize(kPinsets) + base::size(kPinsets) }; #endif // NET_HTTP_TRANSPORT_SECURITY_STATE_STATIC_H_ diff --git a/chromium/net/http/transport_security_state_static_unittest.template b/chromium/net/http/transport_security_state_static_unittest.template index 6978227ce2a..08b21164872 100644 --- a/chromium/net/http/transport_security_state_static_unittest.template +++ b/chromium/net/http/transport_security_state_static_unittest.template @@ -8,6 +8,7 @@ #include <stdint.h> +#include "base/stl_util.h" #include "net/http/transport_security_state_source.h" [[SPKI_HASHES]] @@ -37,5 +38,5 @@ static const net::TransportSecurityStateSource kHSTSSource = { kHSTSRootPosition, kExpectCTReportURIs, kPinsets, - arraysize(kPinsets) + base::size(kPinsets) }; diff --git a/chromium/net/http/url_security_manager_unittest.cc b/chromium/net/http/url_security_manager_unittest.cc index ac0b87c156c..97dda33273d 100644 --- a/chromium/net/http/url_security_manager_unittest.cc +++ b/chromium/net/http/url_security_manager_unittest.cc @@ -6,6 +6,7 @@ #include <utility> +#include "base/stl_util.h" #include "net/base/net_errors.h" #include "net/http/http_auth_filter.h" #include "testing/gtest/include/gtest/gtest.h" @@ -54,7 +55,7 @@ TEST(URLSecurityManager, UseDefaultCredentials) { url_security_manager->SetDefaultWhitelist(std::move(auth_filter)); ASSERT_TRUE(url_security_manager.get()); - for (size_t i = 0; i < arraysize(kTestDataList); ++i) { + for (size_t i = 0; i < base::size(kTestDataList); ++i) { GURL gurl(kTestDataList[i].url); bool can_use_default = url_security_manager->CanUseDefaultCredentials(gurl); @@ -74,7 +75,7 @@ TEST(URLSecurityManager, CanDelegate) { url_security_manager->SetDelegateWhitelist(std::move(auth_filter)); ASSERT_TRUE(url_security_manager.get()); - for (size_t i = 0; i < arraysize(kTestDataList); ++i) { + for (size_t i = 0; i < base::size(kTestDataList); ++i) { GURL gurl(kTestDataList[i].url); bool can_delegate = url_security_manager->CanDelegate(gurl); EXPECT_EQ(kTestDataList[i].succeeds_in_whitelist, can_delegate) @@ -88,7 +89,7 @@ TEST(URLSecurityManager, CanDelegate_NoWhitelist) { URLSecurityManager::Create()); ASSERT_TRUE(url_security_manager.get()); - for (size_t i = 0; i < arraysize(kTestDataList); ++i) { + for (size_t i = 0; i < base::size(kTestDataList); ++i) { GURL gurl(kTestDataList[i].url); bool can_delegate = url_security_manager->CanDelegate(gurl); EXPECT_FALSE(can_delegate); |