Add unit test for javascript: URL stripping

chrome/browser/ui/omnibox/omnibox_view_unittest.cc

+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/ui/omnibox/omnibox_view.h"
+#include "base/string16.h"
+#include "base/string_util.h"
+#include "base/utf_string_conversions.h"
+#include "testing/gtest/include/gtest/gtest.h"
+
+TEST(OmniboxView, TestStripSchemasUnsafeForPaste) {
+

[Peter Kasting, 2011/08/05 20:10:22]

Nit: Extra newline

[Tom Sepez, 2011/08/05 20:26:09]

Done.

+  const char* urls[] = {
+    "http://www.google.com?q=javascript:alert(0)",  // Safe URL.
+    "javAscript:alert(0)",                          // Unsafe JS URL.

[Peter Kasting, 2011/08/05 20:10:22]

Can you also add one more like:

"   jav\nascript:alert(0)"

To test leading whitespace and newlines interrupting "javascript"?

[Tom Sepez, 2011/08/05 20:26:09]

Flunks.  The compaction occurs above this method.  Should it move down here (eg.
there's a strip call in the mac / win code before the calls to this).

[Peter Kasting, 2011/08/05 20:28:18]

Ah, I see.  Nah, just leave this testcase out.

+    "jaVascript:\njavaScript: alert(0)",            // Single strip unsafe.
+  };
+
+  const char* expecteds[] = {
+    "http://www.google.com?q=javascript:alert(0)",  // Safe URL.
+    "alert(0)",                                     // Unsafe JS URL.
+    "alert(0)",                                     // Single strip unsafe.
+  };
+
+  for (size_t i = 0; i < arraysize(urls); i++) {
+    string16 url = ASCIIToUTF16(urls[i]);

[Peter Kasting, 2011/08/05 20:10:22]

Nit: I'd probably roll at least these first two directly into the statements
below.

[Tom Sepez, 2011/08/05 20:26:09]

Done.

+    string16 expected = ASCIIToUTF16(expecteds[i]);
+    string16 result = OmniboxView::StripJavascriptSchemas(url);
+    EXPECT_EQ(expected, result);
+  }
+}