| OLD | NEW |
|---|
| 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <windows.h> | 5 #include <windows.h> |
| 6 #include <atlsecurity.h> | 6 #include <atlsecurity.h> |
| 7 #include <shellapi.h> | 7 #include <shellapi.h> |
| 8 | 8 |
| 9 #include "base/basictypes.h" | 9 #include "base/basictypes.h" |
| 10 #include "base/file_util.h" | 10 #include "base/file_util.h" |
| (...skipping 291 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 302 } | 302 } |
| 303 | 303 |
| 304 TEST_F(HtmlUtilUnittest, GetChromeFrameUserAgent) { | 304 TEST_F(HtmlUtilUnittest, GetChromeFrameUserAgent) { |
| 305 const char* call1 = http_utils::GetChromeFrameUserAgent(); | 305 const char* call1 = http_utils::GetChromeFrameUserAgent(); |
| 306 const char* call2 = http_utils::GetChromeFrameUserAgent(); | 306 const char* call2 = http_utils::GetChromeFrameUserAgent(); |
| 307 // Expect static buffer since caller does no cleanup. | 307 // Expect static buffer since caller does no cleanup. |
| 308 EXPECT_EQ(call1, call2); | 308 EXPECT_EQ(call1, call2); |
| 309 std::string ua(call1); | 309 std::string ua(call1); |
| 310 EXPECT_EQ("chromeframe/0.0", ua); | 310 EXPECT_EQ("chromeframe/0.0", ua); |
| 311 } | 311 } |
| 312 |
| 313 TEST(HttpUtils, HasFrameBustingHeader) { |
| 314 // Simple negative cases. |
| 315 EXPECT_FALSE(http_utils::HasFrameBustingHeader("")); |
| 316 EXPECT_FALSE(http_utils::HasFrameBustingHeader("Content-Type: text/plain")); |
| 317 // Explicit negative cases, test that we ignore case. |
| 318 EXPECT_FALSE(http_utils::HasFrameBustingHeader("X-Frame-Options: ALLOWALL")); |
| 319 EXPECT_FALSE(http_utils::HasFrameBustingHeader("X-Frame-Options: allowall")); |
| 320 EXPECT_FALSE(http_utils::HasFrameBustingHeader("X-Frame-Options: ALLowalL")); |
| 321 // Added space, ensure stripped out |
| 322 EXPECT_FALSE(http_utils::HasFrameBustingHeader( |
| 323 "X-Frame-Options: ALLOWALL ")); |
| 324 // Added space with linefeed, ensure still stripped out |
| 325 EXPECT_FALSE(http_utils::HasFrameBustingHeader( |
| 326 "X-Frame-Options: ALLOWALL \r\n")); |
| 327 // Multiple identical headers, all of them allowing framing. |
| 328 EXPECT_FALSE(http_utils::HasFrameBustingHeader( |
| 329 "X-Frame-Options: ALLOWALL\r\n" |
| 330 "X-Frame-Options: ALLOWALL\r\n" |
| 331 "X-Frame-Options: ALLOWALL")); |
| 332 // Interleave with other headers. |
| 333 EXPECT_FALSE(http_utils::HasFrameBustingHeader( |
| 334 "Content-Type: text/plain\r\n" |
| 335 "X-Frame-Options: ALLOWALL\r\n" |
| 336 "Content-Length: 42")); |
| 337 |
| 338 // Simple positive cases. |
| 339 EXPECT_TRUE(http_utils::HasFrameBustingHeader("X-Frame-Options: deny")); |
| 340 EXPECT_TRUE(http_utils::HasFrameBustingHeader( |
| 341 "X-Frame-Options: SAMEorigin")); |
| 342 |
| 343 // Allowall entries do not override the denying entries, are |
| 344 // order-independent, and the deny entries can interleave with |
| 345 // other headers. |
| 346 EXPECT_TRUE(http_utils::HasFrameBustingHeader( |
| 347 "Content-Length: 42\r\n" |
| 348 "X-Frame-Options: ALLOWall\r\n" |
| 349 "X-Frame-Options: deny\r\n")); |
| 350 EXPECT_TRUE(http_utils::HasFrameBustingHeader( |
| 351 "X-Frame-Options: ALLOWall\r\n" |
| 352 "Content-Length: 42\r\n" |
| 353 "X-Frame-Options: SAMEORIGIN\r\n")); |
| 354 EXPECT_TRUE(http_utils::HasFrameBustingHeader( |
| 355 "X-Frame-Options: deny\r\n" |
| 356 "X-Frame-Options: ALLOWall\r\n" |
| 357 "Content-Length: 42\r\n")); |
| 358 EXPECT_TRUE(http_utils::HasFrameBustingHeader( |
| 359 "X-Frame-Options: SAMEORIGIN\r\n" |
| 360 "X-Frame-Options: ALLOWall\r\n")); |
| 361 } |
| 362 |
| 363 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 523040:
Some Chrome Frame cleanup:... (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/