| Index: net/http/transport_security_state_unittest.cc
|
| diff --git a/net/http/transport_security_state_unittest.cc b/net/http/transport_security_state_unittest.cc
|
| index c3d15da29f90759781ffd31b9b039169487e5e70..82fa5bf46d7cb4153f94b47879a70c9db2b4e762 100644
|
| --- a/net/http/transport_security_state_unittest.cc
|
| +++ b/net/http/transport_security_state_unittest.cc
|
| @@ -143,8 +143,12 @@ TEST_F(TransportSecurityStateTest, DeleteAllDynamicDataSince) {
|
|
|
| state.DeleteAllDynamicDataSince(expiry);
|
| EXPECT_TRUE(state.GetDomainState("yahoo.com", true, &domain_state));
|
| + EXPECT_EQ(TransportSecurityState::DomainState::MODE_FORCE_HTTPS,
|
| + domain_state.dynamic_sts.upgrade_mode);
|
| state.DeleteAllDynamicDataSince(older);
|
| - EXPECT_FALSE(state.GetDomainState("yahoo.com", true, &domain_state));
|
| + EXPECT_TRUE(state.GetDomainState("yahoo.com", true, &domain_state));
|
| + EXPECT_EQ(TransportSecurityState::DomainState::MODE_DEFAULT,
|
| + domain_state.dynamic_sts.upgrade_mode);
|
| }
|
|
|
| TEST_F(TransportSecurityStateTest, DeleteDynamicDataForHost) {
|
| @@ -175,8 +179,8 @@ TEST_F(TransportSecurityStateTest, IsPreloaded) {
|
|
|
| EXPECT_TRUE(GetStaticDomainState(&state, paypal, true, &domain_state));
|
| EXPECT_TRUE(GetStaticDomainState(&state, www_paypal, true, &domain_state));
|
| - EXPECT_FALSE(domain_state.sts_include_subdomains);
|
| - EXPECT_FALSE(domain_state.pkp_include_subdomains);
|
| + EXPECT_FALSE(domain_state.static_sts.include_subdomains);
|
| + EXPECT_FALSE(domain_state.static_pkp.include_subdomains);
|
| EXPECT_FALSE(GetStaticDomainState(&state, a_www_paypal, true, &domain_state));
|
| EXPECT_FALSE(GetStaticDomainState(&state, abc_paypal, true, &domain_state));
|
| EXPECT_FALSE(GetStaticDomainState(&state, example, true, &domain_state));
|
| @@ -228,9 +232,9 @@ static bool OnlyPinning(const char *hostname) {
|
| if (!state.GetDomainState(hostname, true /* SNI ok */, &domain_state))
|
| return false;
|
|
|
| - return (domain_state.static_spki_hashes.size() > 0 ||
|
| - domain_state.bad_static_spki_hashes.size() > 0 ||
|
| - domain_state.dynamic_spki_hashes.size() > 0) &&
|
| + return (domain_state.static_pkp.spki_hashes.size() > 0 ||
|
| + domain_state.static_pkp.bad_spki_hashes.size() > 0 ||
|
| + domain_state.dynamic_pkp.spki_hashes.size() > 0) &&
|
| !domain_state.ShouldUpgradeToSSL();
|
| }
|
|
|
| @@ -240,10 +244,10 @@ TEST_F(TransportSecurityStateTest, Preloaded) {
|
|
|
| // We do more extensive checks for the first domain.
|
| EXPECT_TRUE(state.GetDomainState("www.paypal.com", true, &domain_state));
|
| - EXPECT_EQ(domain_state.upgrade_mode,
|
| + EXPECT_EQ(domain_state.static_sts.upgrade_mode,
|
| TransportSecurityState::DomainState::MODE_FORCE_HTTPS);
|
| - EXPECT_FALSE(domain_state.sts_include_subdomains);
|
| - EXPECT_FALSE(domain_state.pkp_include_subdomains);
|
| + EXPECT_FALSE(domain_state.static_sts.include_subdomains);
|
| + EXPECT_FALSE(domain_state.static_pkp.include_subdomains);
|
|
|
| EXPECT_TRUE(HasState("paypal.com"));
|
| EXPECT_FALSE(HasState("www2.paypal.com"));
|
| @@ -402,16 +406,16 @@ TEST_F(TransportSecurityStateTest, Preloaded) {
|
| EXPECT_FALSE(HasState("foo.dropcam.com"));
|
|
|
| EXPECT_TRUE(state.GetDomainState("torproject.org", false, &domain_state));
|
| - EXPECT_FALSE(domain_state.static_spki_hashes.empty());
|
| + EXPECT_FALSE(domain_state.static_pkp.spki_hashes.empty());
|
| EXPECT_TRUE(state.GetDomainState("www.torproject.org", false,
|
| &domain_state));
|
| - EXPECT_FALSE(domain_state.static_spki_hashes.empty());
|
| + EXPECT_FALSE(domain_state.static_pkp.spki_hashes.empty());
|
| EXPECT_TRUE(state.GetDomainState("check.torproject.org", false,
|
| &domain_state));
|
| - EXPECT_FALSE(domain_state.static_spki_hashes.empty());
|
| + EXPECT_FALSE(domain_state.static_pkp.spki_hashes.empty());
|
| EXPECT_TRUE(state.GetDomainState("blog.torproject.org", false,
|
| &domain_state));
|
| - EXPECT_FALSE(domain_state.static_spki_hashes.empty());
|
| + EXPECT_FALSE(domain_state.static_pkp.spki_hashes.empty());
|
| EXPECT_TRUE(ShouldRedirect("ebanking.indovinabank.com.vn"));
|
| EXPECT_TRUE(ShouldRedirect("foo.ebanking.indovinabank.com.vn"));
|
|
|
| @@ -620,7 +624,7 @@ TEST_F(TransportSecurityStateTest, OverrideBuiltins) {
|
| TransportSecurityState::DomainState domain_state;
|
| const base::Time current_time(base::Time::Now());
|
| const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000);
|
| - domain_state.upgrade_expiry = expiry;
|
| + domain_state.dynamic_sts.expiry = expiry;
|
| EnableHost(&state, "www.google.com", domain_state);
|
|
|
| EXPECT_TRUE(state.GetDomainState("www.google.com", true, &domain_state));
|
|
|
Chromium Code Reviews
Issue 103803012:
Make HSTS headers not clobber preloaded pins. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src