OLD | NEW |
1 /* | 1 /* |
2 * Copyright (c) 2015, Google Inc. All rights reserved. | 2 * Copyright (c) 2015, Google Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
6 * met: | 6 * met: |
7 * | 7 * |
8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
(...skipping 122 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
133 { "https://example.test:1212/image.png", "https://example.test:1212/imag
e.png" }, | 133 { "https://example.test:1212/image.png", "https://example.test:1212/imag
e.png" }, |
134 | 134 |
135 { "ftp://example.test/image.png", "ftp://example.test/image.png" }, | 135 { "ftp://example.test/image.png", "ftp://example.test/image.png" }, |
136 { "ftp://example.test:21/image.png", "ftp://example.test:21/image.png" }
, | 136 { "ftp://example.test:21/image.png", "ftp://example.test:21/image.png" }
, |
137 { "ftp://example.test:1212/image.png", "ftp://example.test:1212/image.pn
g" }, | 137 { "ftp://example.test:1212/image.png", "ftp://example.test:1212/image.pn
g" }, |
138 }; | 138 }; |
139 | 139 |
140 document->setInsecureRequestsPolicy(SecurityContext::InsecureRequestsUpgrade
); | 140 document->setInsecureRequestsPolicy(SecurityContext::InsecureRequestsUpgrade
); |
141 | 141 |
142 for (auto test : tests) { | 142 for (auto test : tests) { |
143 // secureOrigin's host is 'secureorigin.test', not 'example.test' | 143 document->insecureNavigationsToUpgrade()->clear(); |
144 document->setSecurityOrigin(secureOrigin); | |
145 | 144 |
146 // We always upgrade for FrameTypeNone and FrameTypeNested. | 145 // We always upgrade for FrameTypeNone and FrameTypeNested. |
147 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeNone, test.upgraded); | 146 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeNone, test.upgraded); |
148 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeNested, test.upgraded); | 147 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeNested, test.upgraded); |
149 | 148 |
150 // We do not upgrade for FrameTypeTopLevel or FrameTypeAuxiliary... | 149 // We do not upgrade for FrameTypeTopLevel or FrameTypeAuxiliary... |
151 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeTopLevel, test.original); | 150 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeTopLevel, test.original); |
152 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeAuxiliary, test.original); | 151 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeAuxiliary, test.original); |
153 | 152 |
154 // unless the request context is RequestContextForm. | 153 // unless the request context is RequestContextForm. |
155 expectUpgrade(test.original, WebURLRequest::RequestContextForm, WebURLRe
quest::FrameTypeTopLevel, test.upgraded); | 154 expectUpgrade(test.original, WebURLRequest::RequestContextForm, WebURLRe
quest::FrameTypeTopLevel, test.upgraded); |
156 expectUpgrade(test.original, WebURLRequest::RequestContextForm, WebURLRe
quest::FrameTypeAuxiliary, test.upgraded); | 155 expectUpgrade(test.original, WebURLRequest::RequestContextForm, WebURLRe
quest::FrameTypeAuxiliary, test.upgraded); |
157 | 156 |
158 // Or unless the host of the document matches the host of the resource: | 157 // Or unless the host of the resource is in the document's InsecureNavig
ationsSet: |
159 document->setSecurityOrigin(exampleOrigin); | 158 document->addInsecureNavigationUpgrade(exampleOrigin->host().impl()->has
h()); |
160 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeTopLevel, test.upgraded); | 159 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeTopLevel, test.upgraded); |
161 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeAuxiliary, test.upgraded); | 160 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeAuxiliary, test.upgraded); |
162 } | 161 } |
163 } | 162 } |
164 | 163 |
165 TEST_F(FrameFetchContextUpgradeTest, DoNotUpgradeInsecureResourceRequests) | 164 TEST_F(FrameFetchContextUpgradeTest, DoNotUpgradeInsecureResourceRequests) |
166 { | 165 { |
167 document->setSecurityOrigin(secureOrigin); | 166 document->setSecurityOrigin(secureOrigin); |
168 document->setInsecureRequestsPolicy(SecurityContext::InsecureRequestsDoNotUp
grade); | 167 document->setInsecureRequestsPolicy(SecurityContext::InsecureRequestsDoNotUp
grade); |
169 | 168 |
(...skipping 96 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
266 expectHeader("http://www.example.com/1.gif", "RW", false, ""); | 265 expectHeader("http://www.example.com/1.gif", "RW", false, ""); |
267 | 266 |
268 dummyPageHolder->frame().setShouldSendDPRHint(); | 267 dummyPageHolder->frame().setShouldSendDPRHint(); |
269 dummyPageHolder->frame().setShouldSendRWHint(); | 268 dummyPageHolder->frame().setShouldSendRWHint(); |
270 expectHeader("http://www.example.com/1.gif", "DPR", true, "1"); | 269 expectHeader("http://www.example.com/1.gif", "DPR", true, "1"); |
271 expectHeader("http://www.example.com/1.gif", "RW", true, "500"); | 270 expectHeader("http://www.example.com/1.gif", "RW", true, "500"); |
272 } | 271 } |
273 | 272 |
274 } // namespace | 273 } // namespace |
275 | 274 |
OLD | NEW |