all: db.sqlite3
-chromium_hsts_list.dat:
+transport_security_state_static:
bash get_list.sh
-db.sqlite3: chromium_hsts_list.dat
+db.sqlite3: transport_security_state_static
python makedb.py
clean:
- rm -i chromium_hsts_list.dat db.sqlite3
+ rm -i transport_security_state_static db.sqlite3
URL="https://chromium.googlesource.com/chromium/src/net/+/master/http/transport_security_state_static.json?format=TEXT"
curl -L "${URL}" | base64 --decode |
- egrep -v "^([ ]*\/\/|$)" > "chromium_hsts_list.dat";
+ egrep -v "^([ ]*\/\/|$)" > "transport_security_state_static";
def __init__(self, dbPath):
conn = sqlite3.connect(dbpath)
+ conn.row_factory = sqlite3.Row
conn.text_factory = str
self._dbConnCursor = conn.cursor()
for hostname in entries:
self.verbose and print("hsts '%s' : " % hostname, end="")
- self._dbConnCursor.execute('SELECT domain from hsts where domain=?',
+ self._dbConnCursor.execute('SELECT name,mode from entries where name=?',
(hostname,))
match = self._dbConnCursor.fetchone()
if match:
+ self.verbose and print("HIT")
+ if match["mode"] != "force-https":
+ continue
hits.append(hostname)
- self.verbose and print("TRUE")
continue
# Lookup was a miss.
- self.verbose and print("FALSE")
+ self.verbose and print("MISS")
# Look for ever shorter wildcards.
labels = hostname.strip(".").split(".")
self.verbose and print("hsts '%s' : " % hsts_wild, end="")
- self._dbConnCursor.execute('SELECT domain from hsts where domain=?',
+ self._dbConnCursor.execute('SELECT name,mode from entries where name=?',
(hsts_wild,))
match = self._dbConnCursor.fetchone()
if match:
+ self.verbose and print("HIT")
+ if match["mode"] != "force-https":
+ break
hits.append(hostname)
- self.verbose and print("TRUE")
break
# Wildcard lookup was a miss.
- self.verbose and print("FALSE")
+ self.verbose and print("MISS")
return hits
dirname = os.path.dirname(sys.argv[0])
-# Populate hsts records array
-hsts = []
+# Populate entries array
+entries = []
-f = file(os.path.join(dirname, "chromium_hsts_list.dat"), "r")
+f = file(os.path.join(dirname, "transport_security_state_static"), "r")
j = json.loads(f.read())
f.close()
for entry in j["entries"]:
- if not "mode" in entry or entry["mode"] != "force-https":
- continue
# We expect a name.
if not "name" in entry:
continue
- hsts.append((entry["name"],))
+ mode = ""
+ if "mode" in entry:
+ mode = entry["mode"]
+ entries.append((entry["name"],mode))
if not "include_subdomains" in entry or entry["include_subdomains"] != True:
continue
- hsts.append(("*.%s" % entry["name"],))
+ entries.append(("*.%s" % entry["name"],mode))
# Make it happen
conn = sqlite3.connect("db.sqlite3")
match = c.fetchone()
if not match:
c.execute("CREATE TABLE last_generated (epoch integer);")
- c.execute("CREATE TABLE hsts (domain text);")
- c.execute("CREATE INDEX hsts_domain on hsts (domain);")
+ c.execute("CREATE TABLE entries (name text, mode text);")
+ c.execute("CREATE INDEX name on entries (name);")
c.execute('DELETE FROM last_generated');
c.execute('INSERT INTO last_generated VALUES(?)',
(str(int(time.time())),))
-c.execute('DELETE FROM hsts');
-c.executemany('INSERT INTO hsts VALUES (?)', hsts)
+c.execute('DELETE FROM entries');
+c.executemany('INSERT INTO entries VALUES (?,?)', entries)
conn.commit()
conn.close()
git.99rst.org / hstsPreloadChromium.git / commitdiff