proxy.html

<!DOCTYPE HTML>
<html>
<!--
Copyright (c) 2012 The Chromium Authors. All rights reserved.
Use of this source code is governed by a BSD-style license that can be
found in the LICENSE file.
-->
  <head>
    <meta charset="utf-8">
    <meta name="color-scheme" content="light dark">
    <!-- Don't use automatic scaling on mobile -->
    <meta name="viewport" content="width=device-width, initial-scale=1.0,
                                   maximum-scale=1.0, user-scalable=no">
    <link rel="stylesheet" href="chrome://resources/css/text_defaults.css">
    <link rel="stylesheet" href="main.css">
  </head>
  <body id=events-view-drop-target>
    <div id="tab-list">
    </div>

    <div id=main-tab-contents>
      <div id=events-view-tab-content class=content-box>
        The net-internals events viewer and related functionality has been removed.
        Please use <a href="chrome://net-export">chrome://net-export</a> to save netlogs and the external <a href="https://netlog-viewer.appspot.com/">netlog_viewer</a> to view them.
      </div>

      <div id=proxy-view-tab-content class=content-box>
       <input type=button value="Re-apply settings"
           id=proxy-view-reload-settings>
       <input type=button value="Clear bad proxies"
           id=proxy-view-clear-bad-proxies>
      </div>

      <div id=dns-view-tab-content class=content-box>
        <h4>
          Host resolver cache
          <input type=button value="Clear host cache" id=dns-view-clear-cache>
        </h4>
      </div>

      <div id=sockets-view-tab-content class=content-box>
        <ul style='margin-top:0'>
          <li>
            <input type=button value="Close idle sockets"
                id=sockets-view-close-idle-button>
          </li>
          <li>
            <input type=button value="Flush socket pools"
                id=sockets-view-flush-button>
            <span class=warning-text>
              May break pages with active connections
            </span>
          </li>
        </ul>
      </div>

      <div id=domain-security-policy-view-tab-content class=content-box>
        <!-- This UI allows a user to query and update the browser's list of
             HSTS/PKP/Expect-CT domains. -->

        <h3>HSTS/PKP</h3>

        <div class=deindent-header>
          HSTS is HTTP Strict Transport Security: a way for sites to elect to
          always use HTTPS. See
          <a href="https://www.chromium.org/hsts" target=_blank>
          https://www.chromium.org/hsts</a>. PKP is Public Key Pinning: Chrome
          "pins" certain public keys for certain sites in official builds.</div>

        <h4>Add HSTS domain</h4>

        <p>Input a domain name to add it to the HSTS set:</p>
        <form id=hsts-view-add-form>
          Domain: <input type=text id=hsts-view-add-input type="url"
                   placeholder="example.com">
          <label>Include subdomains for STS: <input type="checkbox"
                                              id=hsts-view-check-sts-input>
          </label>
          <input type=submit value="Add" id=hsts-view-add-submit>
        </form>

        <h4>Query HSTS/PKP domain</h4>

        <p>Input a domain name to query the current HSTS/PKP set:</p>
        <form id=hsts-view-query-form>
          Domain: <input type=text id=hsts-view-query-input type="url"
                   placeholder="example.com">
          <input type=submit value="Query" id=hsts-view-query-submit>
        </form>
        <div style="margin-top: 1em; margin-left: 2em;"
            id=hsts-view-query-output>
        </div>


        <h3>Expect-CT</h3>

        <div class=deindent-header>
          Expect-CT allows sites to elect to always require valid Certificate
          Transparency information. See
          <a href="https://tools.ietf.org/html/draft-ietf-httpbis-expect-ct"
              target=_blank>
            https://tools.ietf.org/html/draft-ietf-httpbis-expect-ct</a>.
        </div>

        <p>To protect against cross-site tracking, Expect-CT data will soon be
           keyed on the site of the main frame and innermost frame when an
           Expect-CT header is encountered. When that behavior is enabled,
           both adding and querying an Expect-CT domain use the eTLD+1 of the
           provided domain as the site for both frames. Deleting policies
           affects information stored for that domain in the context of all
           sites, however.</p>

        <h4>Add Expect-CT domain</h4>

        <p>Input a domain name to add it to the Expect-CT set. Leave Enforce
           unchecked to configure Expect-CT in report-only mode.</p>
        <form id=expect-ct-view-add-form>
          <div><label>Domain: <input type=text
                   id=expect-ct-view-add-input type="url"
                   placeholder="example.com"></label></div>
          <div>
            <label>Report URI (optional):
              <input type=text id=expect-ct-view-add-report-uri-input type="url"
                     placeholder="https://reporting.example.com/expect-ct">
            </label>
          </div>
          <div>
            <label>Enforce:
              <input type="checkbox" id=expect-ct-view-check-enforce-input>
            </label>
          </div>
          <input type=submit value="Add" id=expect-ct-view-add-submit>
        </form>

        <h4>Query Expect-CT domain</h4>

        <p>Input a domain name to query the current Expect-CT set:</p>
        <form id=expect-ct-view-query-form>
          <label>Domain: <input type=text id=expect-ct-view-query-input
                                type="url" placeholder="example.com"></label>
          <input type=submit value="Query" id=expect-ct-view-query-submit>
        </form>
        <div style="margin-top: 1em; margin-left: 2em;"
          id=expect-ct-view-query-output>
        </div>

        <h4>Send test Expect-CT report</h4>

        <p>Trigger a test report to the given report URI. The report will
           contain a hostname of "expect-ct-report.test" and dummy data in
           other fields.</p>
        <form id=expect-ct-view-test-report-form>
          <label>Report URI: <input type=text id=expect-ct-view-test-report-uri
                                    type="url"></label>
          <input type=submit value="Send" id=expect-ct-view-test-report-submit>
        </form>
        <div style="margin-top: 1em; margin-left: 2em;"
          id=expect-ct-view-test-report-output>
        </div>

        <h3>Delete domain security policies</h3>

        <p>
          Input a domain name to delete its dynamic domain security policies
          (HSTS and Expect-CT). (<i>You cannot delete preloaded entries.</i>):
        </p>
        <form id=domain-security-policy-view-delete-form>
          <label>Domain: <input type=text
                   id=domain-security-policy-view-delete-input
                   type="url"
                   placeholder="example.com"></label>
          <input type=submit value="Delete"
            id=domain-security-policy-view-delete-submit>
        </form>

      </div>


    </div>

  </body>
  <script type="module" src="index.js"></script>
</html>