Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(438)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome_frame/html_utils_unittest.cc

Issue 523040: Some Chrome Frame cleanup:... (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: '' Created 10 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome_frame/chrome_tab_version.rc.version ('k') | chrome_frame/test/chrome_frame_unittests.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright (c) 2009 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "base/logging.h"
6 #include "chrome_frame/html_utils.h"
7 #include "testing/gtest/include/gtest/gtest.h"
8
9 namespace {
10
11 TEST(HttpUtils, HasFrameBustingHeader) {
12 // Simple negative cases.
13 ASSERT_FALSE(http_utils::HasFrameBustingHeader(""));
14 ASSERT_FALSE(http_utils::HasFrameBustingHeader("Content-Type: text/plain"));
15 // Explicit negative cases, test that we ignore case.
16 ASSERT_FALSE(http_utils::HasFrameBustingHeader("X-Frame-Options: ALLOWALL"));
17 ASSERT_FALSE(http_utils::HasFrameBustingHeader("X-Frame-Options: allowall"));
18 ASSERT_FALSE(http_utils::HasFrameBustingHeader("X-Frame-Options: ALLowalL"));
19 // Added space, ensure stripped out
20 ASSERT_FALSE(http_utils::HasFrameBustingHeader(
21 "X-Frame-Options: ALLOWALL "));
22 // Added space with linefeed, ensure still stripped out
23 ASSERT_FALSE(http_utils::HasFrameBustingHeader(
24 "X-Frame-Options: ALLOWALL \r\n"));
25 // Multiple identical headers, all of them allowing framing.
26 ASSERT_FALSE(http_utils::HasFrameBustingHeader(
27 "X-Frame-Options: ALLOWALL\r\n"
28 "X-Frame-Options: ALLOWALL\r\n"
29 "X-Frame-Options: ALLOWALL"));
30 // Interleave with other headers.
31 ASSERT_FALSE(http_utils::HasFrameBustingHeader(
32 "Content-Type: text/plain\r\n"
33 "X-Frame-Options: ALLOWALL\r\n"
34 "Content-Length: 42"));
35
36 // Simple positive cases.
37 ASSERT_TRUE(http_utils::HasFrameBustingHeader("X-Frame-Options: deny"));
38 ASSERT_TRUE(http_utils::HasFrameBustingHeader(
39 "X-Frame-Options: SAMEorigin"));
40
41 // Allowall entries do not override the denying entries, are
42 // order-independent, and the deny entries can interleave with
43 // other headers.
44 ASSERT_TRUE(http_utils::HasFrameBustingHeader(
45 "Content-Length: 42\r\n"
46 "X-Frame-Options: ALLOWall\r\n"
47 "X-Frame-Options: deny\r\n"));
48 ASSERT_TRUE(http_utils::HasFrameBustingHeader(
49 "X-Frame-Options: ALLOWall\r\n"
50 "Content-Length: 42\r\n"
51 "X-Frame-Options: SAMEORIGIN\r\n"));
52 ASSERT_TRUE(http_utils::HasFrameBustingHeader(
53 "X-Frame-Options: deny\r\n"
54 "X-Frame-Options: ALLOWall\r\n"
55 "Content-Length: 42\r\n"));
56 ASSERT_TRUE(http_utils::HasFrameBustingHeader(
57 "X-Frame-Options: SAMEORIGIN\r\n"
58 "X-Frame-Options: ALLOWall\r\n"));
59 }
60
61 } // namespace
OLDNEW
« no previous file with comments | « chrome_frame/chrome_tab_version.rc.version ('k') | chrome_frame/test/chrome_frame_unittests.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698