| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <string> | 5 #include <string> |
| 6 | 6 |
| 7 #include "base/strings/string_util.h" | 7 #include "base/strings/string_util.h" |
| 8 #include "base/strings/utf_string_conversions.h" | 8 #include "base/strings/utf_string_conversions.h" |
| 9 #include "chrome/browser/chrome_notification_types.h" | 9 #include "chrome/browser/chrome_notification_types.h" |
| 10 #include "chrome/browser/ui/browser.h" | 10 #include "chrome/browser/ui/browser.h" |
| (...skipping 282 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 293 | 293 |
| 294 NavigateToHTTPS("multiple-connections.html"); | 294 NavigateToHTTPS("multiple-connections.html"); |
| 295 | 295 |
| 296 EXPECT_EQ("PASS", WaitAndGetTitle()); | 296 EXPECT_EQ("PASS", WaitAndGetTitle()); |
| 297 } | 297 } |
| 298 | 298 |
| 299 // Regression test for crbug.com/903553005 | 299 // Regression test for crbug.com/903553005 |
| 300 IN_PROC_BROWSER_TEST_F(WebSocketBrowserTest, WebSocketAppliesHSTS) { | 300 IN_PROC_BROWSER_TEST_F(WebSocketBrowserTest, WebSocketAppliesHSTS) { |
| 301 net::SpawnedTestServer https_server( | 301 net::SpawnedTestServer https_server( |
| 302 net::SpawnedTestServer::TYPE_HTTPS, | 302 net::SpawnedTestServer::TYPE_HTTPS, |
| 303 net::SpawnedTestServer::SSLOptions(), | 303 net::SpawnedTestServer::SSLOptions( |
| 304 net::SpawnedTestServer::SSLOptions::CERT_COMMON_NAME_IS_DOMAIN), |
| 304 base::FilePath(FILE_PATH_LITERAL("chrome/test/data"))); | 305 base::FilePath(FILE_PATH_LITERAL("chrome/test/data"))); |
| 305 // This test sets HSTS on 127.0.0.1. To avoid being redirected to https, start | 306 net::SpawnedTestServer wss_server( |
| 306 // the http server on "localhost" instead. | 307 net::SpawnedTestServer::TYPE_WSS, |
| 308 net::SpawnedTestServer::SSLOptions( |
| 309 net::SpawnedTestServer::SSLOptions::CERT_COMMON_NAME_IS_DOMAIN), |
| 310 net::GetWebSocketTestDataDirectory()); |
| 311 // This test sets HSTS on localhost. To avoid being redirected to https, start |
| 312 // the http server on 127.0.0.1 instead. |
| 307 net::SpawnedTestServer http_server( | 313 net::SpawnedTestServer http_server( |
| 308 net::SpawnedTestServer::TYPE_HTTP, | 314 net::SpawnedTestServer::TYPE_HTTP, net::SpawnedTestServer::kLocalhost, |
| 309 "localhost", | |
| 310 base::FilePath(FILE_PATH_LITERAL("chrome/test/data"))); | 315 base::FilePath(FILE_PATH_LITERAL("chrome/test/data"))); |
| 311 ASSERT_TRUE(https_server.StartInBackground()); | 316 ASSERT_TRUE(https_server.StartInBackground()); |
| 312 ASSERT_TRUE(http_server.StartInBackground()); | 317 ASSERT_TRUE(http_server.StartInBackground()); |
| 313 ASSERT_TRUE(wss_server_.StartInBackground()); | 318 ASSERT_TRUE(wss_server.StartInBackground()); |
| 314 ASSERT_TRUE(https_server.BlockUntilStarted()); | 319 ASSERT_TRUE(https_server.BlockUntilStarted()); |
| 315 | 320 |
| 316 // Set HSTS on 127.0.0.1. | 321 // Set HSTS on localhost. |
| 317 content::TitleWatcher title_watcher( | 322 content::TitleWatcher title_watcher( |
| 318 browser()->tab_strip_model()->GetActiveWebContents(), | 323 browser()->tab_strip_model()->GetActiveWebContents(), |
| 319 base::ASCIIToUTF16("SET")); | 324 base::ASCIIToUTF16("SET")); |
| 320 ui_test_utils::NavigateToURL( | 325 ui_test_utils::NavigateToURL( |
| 321 browser(), https_server.GetURL("files/websocket/set-hsts.html")); | 326 browser(), https_server.GetURL("files/websocket/set-hsts.html")); |
| 322 const base::string16 result = title_watcher.WaitAndGetTitle(); | 327 const base::string16 result = title_watcher.WaitAndGetTitle(); |
| 323 EXPECT_TRUE(EqualsASCII(result, "SET")); | 328 EXPECT_TRUE(EqualsASCII(result, "SET")); |
| 324 | 329 |
| 325 // Verify that it applies to WebSockets. | 330 // Verify that it applies to WebSockets. |
| 326 ASSERT_TRUE(wss_server_.BlockUntilStarted()); | 331 ASSERT_TRUE(wss_server.BlockUntilStarted()); |
| 327 GURL wss_url = wss_server_.GetURL("echo-with-no-extension"); | 332 GURL wss_url = wss_server.GetURL("echo-with-no-extension"); |
| 328 std::string scheme("ws"); | 333 std::string scheme("ws"); |
| 329 GURL::Replacements scheme_replacement; | 334 GURL::Replacements scheme_replacement; |
| 330 scheme_replacement.SetSchemeStr(scheme); | 335 scheme_replacement.SetSchemeStr(scheme); |
| 331 GURL ws_url = wss_url.ReplaceComponents(scheme_replacement); | 336 GURL ws_url = wss_url.ReplaceComponents(scheme_replacement); |
| 332 | 337 |
| 333 // An https: URL won't work here here because the mixed content policy | 338 // An https: URL won't work here here because the mixed content policy |
| 334 // disallows connections to unencrypted WebSockets from encrypted pages. | 339 // disallows connections to unencrypted WebSockets from encrypted pages. |
| 335 ASSERT_TRUE(http_server.BlockUntilStarted()); | 340 ASSERT_TRUE(http_server.BlockUntilStarted()); |
| 336 GURL http_url = | 341 GURL http_url = |
| 337 http_server.GetURL("files/websocket/check-hsts.html#" + ws_url.spec()); | 342 http_server.GetURL("files/websocket/check-hsts.html#" + ws_url.spec()); |
| 338 | 343 |
| 339 ui_test_utils::NavigateToURL(browser(), http_url); | 344 ui_test_utils::NavigateToURL(browser(), http_url); |
| 340 | 345 |
| 341 EXPECT_EQ("PASS", WaitAndGetTitle()); | 346 EXPECT_EQ("PASS", WaitAndGetTitle()); |
| 342 } | 347 } |
| 343 | 348 |
| 344 } // namespace | 349 } // namespace |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1059303002:
Don't process HSTS/HPKP headers when host is an IP address (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master