Add verifiers for known certificate transparency logs #249
Conversation
| cert_transparency_verifier_.reset(new net::MultiLogCTVerifier()); | ||
| auto multi_log_ct_verifier = new net::MultiLogCTVerifier(); | ||
| multi_log_ct_verifier->AddLogs(net::ct::CreateLogVerifiersForKnownLogs()); | ||
| cert_transparency_verifier_.reset(multi_log_ct_verifier); |
There was a problem hiding this comment.
C++ Style wise, I'd encourage a pattern more like
cert_transparency_verifier_.reset(new net::MultiLogCTVerifier());
cert_transparency_verifier_->AddLogs(net::ct::CreateLogVerifiersForKnownLogs());
This is preferred in general because should AddLogs throw an exception (which, admittedly, Chromium disables, but I'm speaking to the general C++ rule), then you'd end up with a memory leak, but if you assign to the unique_ptr<> first, then if AddLogs were to throw, you'd still end up with a graceful cleanup of memory.
But this is totally the Right Thing to do until you use a URLRequestContextBuilder, so looks good to me.
There was a problem hiding this comment.
@sleevi thanks for the feedback, I've pushed up a new commit that incorporates it 👍
kevinsawicki
changed the title
|
👍 |
This pull request implements option 3 from #248 to fix the
net::ERR_INSECURE_RESPONSEerror that are happening in Electron 1.4.0 for certain requests./cc @deepak1556 @sleevi do you think this is right approach until Brightray can use
URLRequestContextBuilderdirectly?Closes #248
Refs electron/electron#7221
Upstream pull request electron/electron#7292