| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <string> | 5 #include <string> |
| 6 | 6 |
| 7 #include "base/basictypes.h" | 7 #include "base/basictypes.h" |
| 8 #include "base/file_path.h" | 8 #include "base/file_path.h" |
| 9 #include "base/platform_file.h" | 9 #include "base/platform_file.h" |
| 10 #include "chrome/browser/child_process_security_policy.h" | 10 #include "chrome/browser/child_process_security_policy.h" |
| (...skipping 15 matching lines...) Expand all Loading... |
| 26 } | 26 } |
| 27 }; | 27 }; |
| 28 | 28 |
| 29 static int kRendererID = 42; | 29 static int kRendererID = 42; |
| 30 | 30 |
| 31 TEST_F(ChildProcessSecurityPolicyTest, IsWebSafeSchemeTest) { | 31 TEST_F(ChildProcessSecurityPolicyTest, IsWebSafeSchemeTest) { |
| 32 ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance(); | 32 ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance(); |
| 33 | 33 |
| 34 EXPECT_TRUE(p->IsWebSafeScheme(chrome::kHttpScheme)); | 34 EXPECT_TRUE(p->IsWebSafeScheme(chrome::kHttpScheme)); |
| 35 EXPECT_TRUE(p->IsWebSafeScheme(chrome::kHttpsScheme)); | 35 EXPECT_TRUE(p->IsWebSafeScheme(chrome::kHttpsScheme)); |
| 36 EXPECT_TRUE(p->IsWebSafeScheme(chrome::kHttpsvScheme)); |
| 36 EXPECT_TRUE(p->IsWebSafeScheme(chrome::kFtpScheme)); | 37 EXPECT_TRUE(p->IsWebSafeScheme(chrome::kFtpScheme)); |
| 37 EXPECT_TRUE(p->IsWebSafeScheme(chrome::kDataScheme)); | 38 EXPECT_TRUE(p->IsWebSafeScheme(chrome::kDataScheme)); |
| 38 EXPECT_TRUE(p->IsWebSafeScheme("feed")); | 39 EXPECT_TRUE(p->IsWebSafeScheme("feed")); |
| 39 EXPECT_TRUE(p->IsWebSafeScheme(chrome::kExtensionScheme)); | 40 EXPECT_TRUE(p->IsWebSafeScheme(chrome::kExtensionScheme)); |
| 40 | 41 |
| 41 EXPECT_FALSE(p->IsWebSafeScheme("registered-web-safe-scheme")); | 42 EXPECT_FALSE(p->IsWebSafeScheme("registered-web-safe-scheme")); |
| 42 p->RegisterWebSafeScheme("registered-web-safe-scheme"); | 43 p->RegisterWebSafeScheme("registered-web-safe-scheme"); |
| 43 EXPECT_TRUE(p->IsWebSafeScheme("registered-web-safe-scheme")); | 44 EXPECT_TRUE(p->IsWebSafeScheme("registered-web-safe-scheme")); |
| 44 } | 45 } |
| 45 | 46 |
| (...skipping 10 matching lines...) Expand all Loading... |
| 56 } | 57 } |
| 57 | 58 |
| 58 TEST_F(ChildProcessSecurityPolicyTest, StandardSchemesTest) { | 59 TEST_F(ChildProcessSecurityPolicyTest, StandardSchemesTest) { |
| 59 ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance(); | 60 ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance(); |
| 60 | 61 |
| 61 p->Add(kRendererID); | 62 p->Add(kRendererID); |
| 62 | 63 |
| 63 // Safe | 64 // Safe |
| 64 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("http://www.google.com/"))); | 65 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("http://www.google.com/"))); |
| 65 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("https://www.paypal.com/"))); | 66 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("https://www.paypal.com/"))); |
| 67 EXPECT_TRUE(p->CanRequestURL(kRendererID, |
| 68 GURL("httpsv://scs.stanford.edu/"))); |
| 66 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("ftp://ftp.gnu.org/"))); | 69 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("ftp://ftp.gnu.org/"))); |
| 67 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("data:text/html,<b>Hi</b>"))); | 70 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("data:text/html,<b>Hi</b>"))); |
| 68 EXPECT_TRUE(p->CanRequestURL(kRendererID, | 71 EXPECT_TRUE(p->CanRequestURL(kRendererID, |
| 69 GURL("view-source:http://www.google.com/"))); | 72 GURL("view-source:http://www.google.com/"))); |
| 70 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("chrome-extension://xy/z"))); | 73 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("chrome-extension://xy/z"))); |
| 71 | 74 |
| 72 // Dangerous | 75 // Dangerous |
| 73 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 76 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
| 74 GURL("file:///etc/passwd"))); | 77 GURL("file:///etc/passwd"))); |
| 75 EXPECT_FALSE(p->CanRequestURL(kRendererID, | 78 EXPECT_FALSE(p->CanRequestURL(kRendererID, |
| (...skipping 248 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 324 | 327 |
| 325 // Renderers are added and removed on the UI thread, but the policy can be | 328 // Renderers are added and removed on the UI thread, but the policy can be |
| 326 // queried on the IO thread. The ChildProcessSecurityPolicy needs to be | 329 // queried on the IO thread. The ChildProcessSecurityPolicy needs to be |
| 327 // prepared to answer policy questions about renderers who no longer exist. | 330 // prepared to answer policy questions about renderers who no longer exist. |
| 328 | 331 |
| 329 // In this case, we default to secure behavior. | 332 // In this case, we default to secure behavior. |
| 330 EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); | 333 EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); |
| 331 EXPECT_FALSE(p->CanReadFile(kRendererID, file)); | 334 EXPECT_FALSE(p->CanReadFile(kRendererID, file)); |
| 332 EXPECT_FALSE(p->HasWebUIBindings(kRendererID)); | 335 EXPECT_FALSE(p->HasWebUIBindings(kRendererID)); |
| 333 } | 336 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 6804032:
Add TLS-SRP (RFC 5054) support
Base URL: http://git.chromium.org/git/chromium.git@trunk