wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 1004351: Enable production mode for twitter pins (r=keeler)

Browse Source
This commit is contained in:
Monica Chew 2014-05-22 15:11:07 -07:00
parent 278d0a41b3
commit b7b4c09739
2 changed files with 38 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
security/manager/boot/src/StaticHPKPins.h
View File

@ -665,13 +665,13 @@ static const TransportSecurityPreload kPublicKeyPinningPreloadList[] = {
{ "addons.mozilla.org", true, true, true, 1, &kPinset_mozilla }, { "addons.mozilla.org", true, true, true, 1, &kPinset_mozilla },
{ "admin.google.com", true, true, false, -1, &kPinset_google_root_pems }, { "admin.google.com", true, true, false, -1, &kPinset_google_root_pems },
{ "android.com", true, true, false, -1, &kPinset_google_root_pems }, { "android.com", true, true, false, -1, &kPinset_google_root_pems },
{ "api.twitter.com", true, true, false, -1, &kPinset_twitterCDN }, { "api.twitter.com", true, false, false, -1, &kPinset_twitterCDN },
{ "apis.google.com", true, true, false, -1, &kPinset_google_root_pems }, { "apis.google.com", true, true, false, -1, &kPinset_google_root_pems },
{ "appengine.google.com", true, true, false, -1, &kPinset_google_root_pems }, { "appengine.google.com", true, true, false, -1, &kPinset_google_root_pems },
{ "appspot.com", true, true, false, -1, &kPinset_google_root_pems }, { "appspot.com", true, true, false, -1, &kPinset_google_root_pems },
{ "aus4.mozilla.org", true, true, true, 3, &kPinset_mozilla }, { "aus4.mozilla.org", true, true, true, 3, &kPinset_mozilla },
{ "blog.torproject.org", true, true, false, -1, &kPinset_tor }, { "blog.torproject.org", true, true, false, -1, &kPinset_tor },
{ "business.twitter.com", true, true, false, -1, &kPinset_twitterCom }, { "business.twitter.com", true, false, false, -1, &kPinset_twitterCom },
{ "cdn.mozilla.net", true, true, true, -1, &kPinset_mozilla }, { "cdn.mozilla.net", true, true, true, -1, &kPinset_mozilla },
{ "cdn.mozilla.org", true, true, true, -1, &kPinset_mozilla }, { "cdn.mozilla.org", true, true, true, -1, &kPinset_mozilla },
{ "chart.apis.google.com", true, true, false, -1, &kPinset_google_root_pems }, { "chart.apis.google.com", true, true, false, -1, &kPinset_google_root_pems },
@ -685,7 +685,7 @@ static const TransportSecurityPreload kPublicKeyPinningPreloadList[] = {
{ "codereview.appspot.com", true, true, false, -1, &kPinset_google_root_pems }, { "codereview.appspot.com", true, true, false, -1, &kPinset_google_root_pems },
{ "codereview.chromium.org", true, true, false, -1, &kPinset_google_root_pems }, { "codereview.chromium.org", true, true, false, -1, &kPinset_google_root_pems },
{ "crypto.cat", false, true, false, -1, &kPinset_cryptoCat }, { "crypto.cat", false, true, false, -1, &kPinset_cryptoCat },
{ "dev.twitter.com", true, true, false, -1, &kPinset_twitterCom }, { "dev.twitter.com", true, false, false, -1, &kPinset_twitterCom },
{ "dist.torproject.org", true, true, false, -1, &kPinset_tor }, { "dist.torproject.org", true, true, false, -1, &kPinset_tor },
{ "dl.google.com", true, true, false, -1, &kPinset_google_root_pems }, { "dl.google.com", true, true, false, -1, &kPinset_google_root_pems },
{ "docs.google.com", true, true, false, -1, &kPinset_google_root_pems }, { "docs.google.com", true, true, false, -1, &kPinset_google_root_pems },
@ -937,10 +937,10 @@ static const TransportSecurityPreload kPublicKeyPinningPreloadList[] = {
{ "mail.google.com", true, true, false, -1, &kPinset_google_root_pems }, { "mail.google.com", true, true, false, -1, &kPinset_google_root_pems },
{ "market.android.com", true, true, false, -1, &kPinset_google_root_pems }, { "market.android.com", true, true, false, -1, &kPinset_google_root_pems },
{ "media.mozilla.com", true, true, true, -1, &kPinset_mozilla }, { "media.mozilla.com", true, true, true, -1, &kPinset_mozilla },
{ "mobile.twitter.com", true, true, false, -1, &kPinset_twitterCom }, { "mobile.twitter.com", true, false, false, -1, &kPinset_twitterCom },
{ "oauth.twitter.com", true, true, false, -1, &kPinset_twitterCom }, { "oauth.twitter.com", true, false, false, -1, &kPinset_twitterCom },
{ "pinningtest.appspot.com", true, false, false, -1, &kPinset_test }, { "pinningtest.appspot.com", true, false, false, -1, &kPinset_test },
{ "platform.twitter.com", true, true, false, -1, &kPinset_twitterCDN }, { "platform.twitter.com", true, false, false, -1, &kPinset_twitterCDN },
{ "play.google.com", false, true, false, -1, &kPinset_google_root_pems }, { "play.google.com", false, true, false, -1, &kPinset_google_root_pems },
{ "plus.google.com", true, true, false, -1, &kPinset_google_root_pems }, { "plus.google.com", true, true, false, -1, &kPinset_google_root_pems },
{ "plus.sandbox.google.com", true, true, false, -1, &kPinset_google_root_pems }, { "plus.sandbox.google.com", true, true, false, -1, &kPinset_google_root_pems },
@ -956,21 +956,36 @@ static const TransportSecurityPreload kPublicKeyPinningPreloadList[] = {
{ "tor2web.org", true, true, false, -1, &kPinset_tor2web }, { "tor2web.org", true, true, false, -1, &kPinset_tor2web },
{ "torproject.org", false, true, false, -1, &kPinset_tor }, { "torproject.org", false, true, false, -1, &kPinset_tor },
{ "translate.googleapis.com", true, true, false, -1, &kPinset_google_root_pems }, { "translate.googleapis.com", true, true, false, -1, &kPinset_google_root_pems },
{ "twimg.com", true, true, false, -1, &kPinset_twitterCDN }, { "twimg.com", true, false, false, -1, &kPinset_twitterCDN },
{ "twitter.com", false, true, false, -1, &kPinset_twitterCom }, { "twitter.com", false, false, false, -1, &kPinset_twitterCom },
{ "urchin.com", true, true, false, -1, &kPinset_google_root_pems }, { "urchin.com", true, true, false, -1, &kPinset_google_root_pems },
{ "w-spotlight.appspot.com", true, true, false, -1, &kPinset_google_root_pems },
{ "wallet.google.com", true, true, false, -1, &kPinset_google_root_pems }, { "wallet.google.com", true, true, false, -1, &kPinset_google_root_pems },
{ "webfilings-eu-mirror.appspot.com", true, true, false, -1, &kPinset_google_root_pems },
{ "webfilings-eu.appspot.com", true, true, false, -1, &kPinset_google_root_pems },
{ "webfilings-mirror-hrd.appspot.com", true, true, false, -1, &kPinset_google_root_pems },
{ "webfilings.appspot.com", true, true, false, -1, &kPinset_google_root_pems },
{ "wf-bigsky-master.appspot.com", true, true, false, -1, &kPinset_google_root_pems },
{ "wf-demo-eu.appspot.com", true, true, false, -1, &kPinset_google_root_pems },
{ "wf-demo-hrd.appspot.com", true, true, false, -1, &kPinset_google_root_pems },
{ "wf-dogfood-hrd.appspot.com", true, true, false, -1, &kPinset_google_root_pems },
{ "wf-pentest.appspot.com", true, true, false, -1, &kPinset_google_root_pems },
{ "wf-staging-hr.appspot.com", true, true, false, -1, &kPinset_google_root_pems },
{ "wf-training-hrd.appspot.com", true, true, false, -1, &kPinset_google_root_pems },
{ "wf-training-master.appspot.com", true, true, false, -1, &kPinset_google_root_pems },
{ "wf-trial-hrd.appspot.com", true, true, false, -1, &kPinset_google_root_pems },
{ "www.gmail.com", false, true, false, -1, &kPinset_google_root_pems }, { "www.gmail.com", false, true, false, -1, &kPinset_google_root_pems },
{ "www.googlemail.com", false, true, false, -1, &kPinset_google_root_pems }, { "www.googlemail.com", false, true, false, -1, &kPinset_google_root_pems },
{ "www.torproject.org", true, true, false, -1, &kPinset_tor }, { "www.torproject.org", true, true, false, -1, &kPinset_tor },
{ "www.twitter.com", true, true, false, -1, &kPinset_twitterCom }, { "www.twitter.com", true, false, false, -1, &kPinset_twitterCom },
{ "xbrlsuccess.appspot.com", true, true, false, -1, &kPinset_google_root_pems },
{ "youtu.be", true, true, false, -1, &kPinset_google_root_pems }, { "youtu.be", true, true, false, -1, &kPinset_google_root_pems },
{ "youtube.com", true, true, false, -1, &kPinset_google_root_pems }, { "youtube.com", true, true, false, -1, &kPinset_google_root_pems },
{ "ytimg.com", true, true, false, -1, &kPinset_google_root_pems }, { "ytimg.com", true, true, false, -1, &kPinset_google_root_pems },
}; };
static const int kPublicKeyPinningPreloadListLength = 307; static const int kPublicKeyPinningPreloadListLength = 322;
static const int32_t kUnknownId = -1; static const int32_t kUnknownId = -1;
static const PRTime kPreloadPKPinsExpirationTime = INT64_C(1411678312370000); static const PRTime kPreloadPKPinsExpirationTime = INT64_C(1411681083658000);

13
security/manager/tools/PreloadedHPKPins.json
View File

@ -33,7 +33,18 @@
"google": "google_root_pems" "google": "google_root_pems"
}, },
"production_domains": [ "production_domains": [
"pinningtest.appspot.com" // Chrome's test domain.
"pinningtest.appspot.com",
// Twitter
"api.twitter.com",
"business.twitter.com",
"dev.twitter.com",
"mobile.twitter.com",
"oauth.twitter.com",
"platform.twitter.com",
"twimg.com",
"twitter.com",
"www.twitter.com"
] ]
}, },
"pinsets": [ "pinsets": [