| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "build/build_config.h" | 5 #include "build/build_config.h" |
| 6 | 6 |
| 7 #if defined(OS_WIN) | 7 #if defined(OS_WIN) |
| 8 #include <windows.h> | 8 #include <windows.h> |
| 9 #include <shlobj.h> | 9 #include <shlobj.h> |
| 10 #endif | 10 #endif |
| (...skipping 2556 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2567 } | 2567 } |
| 2568 | 2568 |
| 2569 // Verify that the cookie is sent for first-party requests. | 2569 // Verify that the cookie is sent for first-party requests. |
| 2570 { | 2570 { |
| 2571 TestNetworkDelegate network_delegate; | 2571 TestNetworkDelegate network_delegate; |
| 2572 network_delegate.set_first_party_only_cookies_enabled(true); | 2572 network_delegate.set_first_party_only_cookies_enabled(true); |
| 2573 default_context_.set_network_delegate(&network_delegate); | 2573 default_context_.set_network_delegate(&network_delegate); |
| 2574 TestDelegate d; | 2574 TestDelegate d; |
| 2575 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | 2575 scoped_ptr<URLRequest> req(default_context_.CreateRequest( |
| 2576 test_server.GetURL("echoheader?Cookie"), DEFAULT_PRIORITY, &d)); | 2576 test_server.GetURL("echoheader?Cookie"), DEFAULT_PRIORITY, &d)); |
| 2577 req->set_first_party_for_cookies(test_server.GetURL(std::string())); | 2577 req->set_first_party_for_cookies(test_server.GetURL("")); |
| 2578 req->Start(); | 2578 req->Start(); |
| 2579 base::RunLoop().Run(); | 2579 base::RunLoop().Run(); |
| 2580 | 2580 |
| 2581 EXPECT_TRUE(d.data_received().find("FirstPartyCookieToSet=1") != | 2581 EXPECT_TRUE(d.data_received().find("FirstPartyCookieToSet=1") != |
| 2582 std::string::npos); | 2582 std::string::npos); |
| 2583 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | 2583 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); |
| 2584 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | 2584 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); |
| 2585 } | 2585 } |
| 2586 | 2586 |
| 2587 // Verify that the cookie is not-sent for non-first-party requests. | 2587 // Verify that the cookie is not-sent for non-first-party requests. |
| (...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2627 } | 2627 } |
| 2628 | 2628 |
| 2629 // Verify that the cookie is sent for first-party requests. | 2629 // Verify that the cookie is sent for first-party requests. |
| 2630 { | 2630 { |
| 2631 TestNetworkDelegate network_delegate; | 2631 TestNetworkDelegate network_delegate; |
| 2632 network_delegate.set_first_party_only_cookies_enabled(false); | 2632 network_delegate.set_first_party_only_cookies_enabled(false); |
| 2633 default_context_.set_network_delegate(&network_delegate); | 2633 default_context_.set_network_delegate(&network_delegate); |
| 2634 TestDelegate d; | 2634 TestDelegate d; |
| 2635 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | 2635 scoped_ptr<URLRequest> req(default_context_.CreateRequest( |
| 2636 test_server.GetURL("echoheader?Cookie"), DEFAULT_PRIORITY, &d)); | 2636 test_server.GetURL("echoheader?Cookie"), DEFAULT_PRIORITY, &d)); |
| 2637 req->set_first_party_for_cookies(test_server.GetURL(std::string())); | 2637 req->set_first_party_for_cookies(test_server.GetURL("")); |
| 2638 req->Start(); | 2638 req->Start(); |
| 2639 base::RunLoop().Run(); | 2639 base::RunLoop().Run(); |
| 2640 | 2640 |
| 2641 EXPECT_TRUE(d.data_received().find("FirstPartyCookieToSet=1") != | 2641 EXPECT_TRUE(d.data_received().find("FirstPartyCookieToSet=1") != |
| 2642 std::string::npos); | 2642 std::string::npos); |
| 2643 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | 2643 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); |
| 2644 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | 2644 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); |
| 2645 } | 2645 } |
| 2646 | 2646 |
| 2647 // Verify that the cookie is also sent for non-first-party requests. | 2647 // Verify that the cookie is also sent for non-first-party requests. |
| (...skipping 2603 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 5251 EXPECT_EQ("text/html; charset=ISO-8859-1", header); | 5251 EXPECT_EQ("text/html; charset=ISO-8859-1", header); |
| 5252 | 5252 |
| 5253 // The response has two "X-Multiple-Entries" headers. | 5253 // The response has two "X-Multiple-Entries" headers. |
| 5254 // This verfies our output has them concatenated together. | 5254 // This verfies our output has them concatenated together. |
| 5255 header.clear(); | 5255 header.clear(); |
| 5256 EXPECT_TRUE(headers->GetNormalizedHeader("x-multiple-entries", &header)); | 5256 EXPECT_TRUE(headers->GetNormalizedHeader("x-multiple-entries", &header)); |
| 5257 EXPECT_EQ("a, b", header); | 5257 EXPECT_EQ("a, b", header); |
| 5258 } | 5258 } |
| 5259 | 5259 |
| 5260 TEST_F(URLRequestTestHTTP, ProcessSTS) { | 5260 TEST_F(URLRequestTestHTTP, ProcessSTS) { |
| 5261 SpawnedTestServer::SSLOptions ssl_options( | 5261 SpawnedTestServer::SSLOptions ssl_options; |
| 5262 SpawnedTestServer::SSLOptions::CERT_OK_FOR_LOCALHOST); | |
| 5263 SpawnedTestServer https_test_server( | 5262 SpawnedTestServer https_test_server( |
| 5264 SpawnedTestServer::TYPE_HTTPS, | 5263 SpawnedTestServer::TYPE_HTTPS, |
| 5265 ssl_options, | 5264 ssl_options, |
| 5266 base::FilePath(FILE_PATH_LITERAL("net/data/url_request_unittest"))); | 5265 base::FilePath(FILE_PATH_LITERAL("net/data/url_request_unittest"))); |
| 5267 ASSERT_TRUE(https_test_server.Start()); | 5266 ASSERT_TRUE(https_test_server.Start()); |
| 5268 | 5267 |
| 5269 std::string test_server_hostname = | |
| 5270 https_test_server.GetURL(std::string()).host(); | |
| 5271 | |
| 5272 TestDelegate d; | 5268 TestDelegate d; |
| 5273 scoped_ptr<URLRequest> request(default_context_.CreateRequest( | 5269 scoped_ptr<URLRequest> request(default_context_.CreateRequest( |
| 5274 https_test_server.GetURL("files/hsts-headers.html"), DEFAULT_PRIORITY, | 5270 https_test_server.GetURL("files/hsts-headers.html"), DEFAULT_PRIORITY, |
| 5275 &d)); | 5271 &d)); |
| 5276 request->Start(); | 5272 request->Start(); |
| 5277 base::RunLoop().Run(); | 5273 base::RunLoop().Run(); |
| 5278 | 5274 |
| 5279 TransportSecurityState* security_state = | 5275 TransportSecurityState* security_state = |
| 5280 default_context_.transport_security_state(); | 5276 default_context_.transport_security_state(); |
| 5281 TransportSecurityState::DomainState domain_state; | 5277 TransportSecurityState::DomainState domain_state; |
| 5282 EXPECT_TRUE(security_state->GetDynamicDomainState(test_server_hostname, | 5278 EXPECT_TRUE(security_state->GetDynamicDomainState( |
| 5283 &domain_state)); | 5279 SpawnedTestServer::kLocalhost, &domain_state)); |
| 5284 EXPECT_EQ(TransportSecurityState::DomainState::MODE_FORCE_HTTPS, | 5280 EXPECT_EQ(TransportSecurityState::DomainState::MODE_FORCE_HTTPS, |
| 5285 domain_state.sts.upgrade_mode); | 5281 domain_state.sts.upgrade_mode); |
| 5286 EXPECT_TRUE(domain_state.sts.include_subdomains); | 5282 EXPECT_TRUE(domain_state.sts.include_subdomains); |
| 5287 EXPECT_FALSE(domain_state.pkp.include_subdomains); | 5283 EXPECT_FALSE(domain_state.pkp.include_subdomains); |
| 5288 #if defined(OS_ANDROID) | 5284 #if defined(OS_ANDROID) |
| 5289 // Android's CertVerifyProc does not (yet) handle pins. | 5285 // Android's CertVerifyProc does not (yet) handle pins. |
| 5290 #else | 5286 #else |
| 5291 EXPECT_FALSE(domain_state.HasPublicKeyPins()); | 5287 EXPECT_FALSE(domain_state.HasPublicKeyPins()); |
| 5292 #endif | 5288 #endif |
| 5293 } | 5289 } |
| 5294 | 5290 |
| 5295 TEST_F(URLRequestTestHTTP, STSNotProcessedOnIP) { | |
| 5296 SpawnedTestServer https_test_server( | |
| 5297 SpawnedTestServer::TYPE_HTTPS, SpawnedTestServer::SSLOptions(), | |
| 5298 base::FilePath(FILE_PATH_LITERAL("net/data/url_request_unittest"))); | |
| 5299 ASSERT_TRUE(https_test_server.Start()); | |
| 5300 | |
| 5301 // Make sure this test fails if the test server is changed to not | |
| 5302 // listen on an IP by default. | |
| 5303 ASSERT_TRUE(https_test_server.GetURL(std::string()).HostIsIPAddress()); | |
| 5304 std::string test_server_hostname = | |
| 5305 https_test_server.GetURL(std::string()).host(); | |
| 5306 | |
| 5307 TestDelegate d; | |
| 5308 scoped_ptr<URLRequest> request(default_context_.CreateRequest( | |
| 5309 https_test_server.GetURL("files/hsts-headers.html"), DEFAULT_PRIORITY, | |
| 5310 &d)); | |
| 5311 request->Start(); | |
| 5312 base::RunLoop().Run(); | |
| 5313 | |
| 5314 TransportSecurityState* security_state = | |
| 5315 default_context_.transport_security_state(); | |
| 5316 TransportSecurityState::DomainState domain_state; | |
| 5317 EXPECT_FALSE(security_state->GetDynamicDomainState(test_server_hostname, | |
| 5318 &domain_state)); | |
| 5319 } | |
| 5320 | |
| 5321 // Android's CertVerifyProc does not (yet) handle pins. Therefore, it will | 5291 // Android's CertVerifyProc does not (yet) handle pins. Therefore, it will |
| 5322 // reject HPKP headers, and a test setting only HPKP headers will fail (no | 5292 // reject HPKP headers, and a test setting only HPKP headers will fail (no |
| 5323 // DomainState present because header rejected). | 5293 // DomainState present because header rejected). |
| 5324 #if defined(OS_ANDROID) | 5294 #if defined(OS_ANDROID) |
| 5325 #define MAYBE_ProcessPKP DISABLED_ProcessPKP | 5295 #define MAYBE_ProcessPKP DISABLED_ProcessPKP |
| 5326 #else | 5296 #else |
| 5327 #define MAYBE_ProcessPKP ProcessPKP | 5297 #define MAYBE_ProcessPKP ProcessPKP |
| 5328 #endif | 5298 #endif |
| 5329 | 5299 |
| 5330 // Tests that enabling HPKP on a domain does not affect the HSTS | 5300 // Tests that enabling HPKP on a domain does not affect the HSTS |
| 5331 // validity/expiration. | 5301 // validity/expiration. |
| 5332 TEST_F(URLRequestTestHTTP, MAYBE_ProcessPKP) { | 5302 TEST_F(URLRequestTestHTTP, MAYBE_ProcessPKP) { |
| 5333 SpawnedTestServer::SSLOptions ssl_options( | 5303 SpawnedTestServer::SSLOptions ssl_options; |
| 5334 SpawnedTestServer::SSLOptions::CERT_OK_FOR_LOCALHOST); | |
| 5335 SpawnedTestServer https_test_server( | 5304 SpawnedTestServer https_test_server( |
| 5336 SpawnedTestServer::TYPE_HTTPS, | 5305 SpawnedTestServer::TYPE_HTTPS, |
| 5337 ssl_options, | 5306 ssl_options, |
| 5338 base::FilePath(FILE_PATH_LITERAL("net/data/url_request_unittest"))); | 5307 base::FilePath(FILE_PATH_LITERAL("net/data/url_request_unittest"))); |
| 5339 ASSERT_TRUE(https_test_server.Start()); | 5308 ASSERT_TRUE(https_test_server.Start()); |
| 5340 | 5309 |
| 5341 std::string test_server_hostname = | |
| 5342 https_test_server.GetURL(std::string()).host(); | |
| 5343 | |
| 5344 TestDelegate d; | 5310 TestDelegate d; |
| 5345 scoped_ptr<URLRequest> request(default_context_.CreateRequest( | 5311 scoped_ptr<URLRequest> request(default_context_.CreateRequest( |
| 5346 https_test_server.GetURL("files/hpkp-headers.html"), DEFAULT_PRIORITY, | 5312 https_test_server.GetURL("files/hpkp-headers.html"), DEFAULT_PRIORITY, |
| 5347 &d)); | 5313 &d)); |
| 5348 request->Start(); | 5314 request->Start(); |
| 5349 base::RunLoop().Run(); | 5315 base::RunLoop().Run(); |
| 5350 | 5316 |
| 5351 TransportSecurityState* security_state = | 5317 TransportSecurityState* security_state = |
| 5352 default_context_.transport_security_state(); | 5318 default_context_.transport_security_state(); |
| 5353 TransportSecurityState::DomainState domain_state; | 5319 TransportSecurityState::DomainState domain_state; |
| 5354 EXPECT_TRUE(security_state->GetDynamicDomainState(test_server_hostname, | 5320 EXPECT_TRUE(security_state->GetDynamicDomainState( |
| 5355 &domain_state)); | 5321 SpawnedTestServer::kLocalhost, &domain_state)); |
| 5356 EXPECT_EQ(TransportSecurityState::DomainState::MODE_DEFAULT, | 5322 EXPECT_EQ(TransportSecurityState::DomainState::MODE_DEFAULT, |
| 5357 domain_state.sts.upgrade_mode); | 5323 domain_state.sts.upgrade_mode); |
| 5358 EXPECT_FALSE(domain_state.sts.include_subdomains); | 5324 EXPECT_FALSE(domain_state.sts.include_subdomains); |
| 5359 EXPECT_FALSE(domain_state.pkp.include_subdomains); | 5325 EXPECT_FALSE(domain_state.pkp.include_subdomains); |
| 5360 EXPECT_TRUE(domain_state.HasPublicKeyPins()); | 5326 EXPECT_TRUE(domain_state.HasPublicKeyPins()); |
| 5361 EXPECT_NE(domain_state.sts.expiry, domain_state.pkp.expiry); | 5327 EXPECT_NE(domain_state.sts.expiry, domain_state.pkp.expiry); |
| 5362 } | 5328 } |
| 5363 | 5329 |
| 5364 TEST_F(URLRequestTestHTTP, PKPNotProcessedOnIP) { | |
| 5365 SpawnedTestServer https_test_server( | |
| 5366 SpawnedTestServer::TYPE_HTTPS, SpawnedTestServer::SSLOptions(), | |
| 5367 base::FilePath(FILE_PATH_LITERAL("net/data/url_request_unittest"))); | |
| 5368 ASSERT_TRUE(https_test_server.Start()); | |
| 5369 // Make sure this test fails if the test server is changed to not | |
| 5370 // listen on an IP by default. | |
| 5371 ASSERT_TRUE(https_test_server.GetURL(std::string()).HostIsIPAddress()); | |
| 5372 std::string test_server_hostname = | |
| 5373 https_test_server.GetURL(std::string()).host(); | |
| 5374 | |
| 5375 TestDelegate d; | |
| 5376 scoped_ptr<URLRequest> request(default_context_.CreateRequest( | |
| 5377 https_test_server.GetURL("files/hpkp-headers.html"), DEFAULT_PRIORITY, | |
| 5378 &d)); | |
| 5379 request->Start(); | |
| 5380 base::RunLoop().Run(); | |
| 5381 | |
| 5382 TransportSecurityState* security_state = | |
| 5383 default_context_.transport_security_state(); | |
| 5384 TransportSecurityState::DomainState domain_state; | |
| 5385 EXPECT_FALSE(security_state->GetDynamicDomainState(test_server_hostname, | |
| 5386 &domain_state)); | |
| 5387 } | |
| 5388 | |
| 5389 TEST_F(URLRequestTestHTTP, ProcessSTSOnce) { | 5330 TEST_F(URLRequestTestHTTP, ProcessSTSOnce) { |
| 5390 SpawnedTestServer::SSLOptions ssl_options( | 5331 SpawnedTestServer::SSLOptions ssl_options; |
| 5391 SpawnedTestServer::SSLOptions::CERT_OK_FOR_LOCALHOST); | |
| 5392 SpawnedTestServer https_test_server( | 5332 SpawnedTestServer https_test_server( |
| 5393 SpawnedTestServer::TYPE_HTTPS, | 5333 SpawnedTestServer::TYPE_HTTPS, |
| 5394 ssl_options, | 5334 ssl_options, |
| 5395 base::FilePath(FILE_PATH_LITERAL("net/data/url_request_unittest"))); | 5335 base::FilePath(FILE_PATH_LITERAL("net/data/url_request_unittest"))); |
| 5396 ASSERT_TRUE(https_test_server.Start()); | 5336 ASSERT_TRUE(https_test_server.Start()); |
| 5397 | 5337 |
| 5398 std::string test_server_hostname = | |
| 5399 https_test_server.GetURL(std::string()).host(); | |
| 5400 | |
| 5401 TestDelegate d; | 5338 TestDelegate d; |
| 5402 scoped_ptr<URLRequest> request(default_context_.CreateRequest( | 5339 scoped_ptr<URLRequest> request(default_context_.CreateRequest( |
| 5403 https_test_server.GetURL("files/hsts-multiple-headers.html"), | 5340 https_test_server.GetURL("files/hsts-multiple-headers.html"), |
| 5404 DEFAULT_PRIORITY, &d)); | 5341 DEFAULT_PRIORITY, &d)); |
| 5405 request->Start(); | 5342 request->Start(); |
| 5406 base::RunLoop().Run(); | 5343 base::RunLoop().Run(); |
| 5407 | 5344 |
| 5408 // We should have set parameters from the first header, not the second. | 5345 // We should have set parameters from the first header, not the second. |
| 5409 TransportSecurityState* security_state = | 5346 TransportSecurityState* security_state = |
| 5410 default_context_.transport_security_state(); | 5347 default_context_.transport_security_state(); |
| 5411 TransportSecurityState::DomainState domain_state; | 5348 TransportSecurityState::DomainState domain_state; |
| 5412 EXPECT_TRUE(security_state->GetDynamicDomainState(test_server_hostname, | 5349 EXPECT_TRUE(security_state->GetDynamicDomainState( |
| 5413 &domain_state)); | 5350 SpawnedTestServer::kLocalhost, &domain_state)); |
| 5414 EXPECT_EQ(TransportSecurityState::DomainState::MODE_FORCE_HTTPS, | 5351 EXPECT_EQ(TransportSecurityState::DomainState::MODE_FORCE_HTTPS, |
| 5415 domain_state.sts.upgrade_mode); | 5352 domain_state.sts.upgrade_mode); |
| 5416 EXPECT_FALSE(domain_state.sts.include_subdomains); | 5353 EXPECT_FALSE(domain_state.sts.include_subdomains); |
| 5417 EXPECT_FALSE(domain_state.pkp.include_subdomains); | 5354 EXPECT_FALSE(domain_state.pkp.include_subdomains); |
| 5418 } | 5355 } |
| 5419 | 5356 |
| 5420 TEST_F(URLRequestTestHTTP, ProcessSTSAndPKP) { | 5357 TEST_F(URLRequestTestHTTP, ProcessSTSAndPKP) { |
| 5421 SpawnedTestServer::SSLOptions ssl_options( | 5358 SpawnedTestServer::SSLOptions ssl_options; |
| 5422 SpawnedTestServer::SSLOptions::CERT_OK_FOR_LOCALHOST); | |
| 5423 SpawnedTestServer https_test_server( | 5359 SpawnedTestServer https_test_server( |
| 5424 SpawnedTestServer::TYPE_HTTPS, | 5360 SpawnedTestServer::TYPE_HTTPS, |
| 5425 ssl_options, | 5361 ssl_options, |
| 5426 base::FilePath(FILE_PATH_LITERAL("net/data/url_request_unittest"))); | 5362 base::FilePath(FILE_PATH_LITERAL("net/data/url_request_unittest"))); |
| 5427 ASSERT_TRUE(https_test_server.Start()); | 5363 ASSERT_TRUE(https_test_server.Start()); |
| 5428 | 5364 |
| 5429 std::string test_server_hostname = | |
| 5430 https_test_server.GetURL(std::string()).host(); | |
| 5431 | |
| 5432 TestDelegate d; | 5365 TestDelegate d; |
| 5433 scoped_ptr<URLRequest> request(default_context_.CreateRequest( | 5366 scoped_ptr<URLRequest> request(default_context_.CreateRequest( |
| 5434 https_test_server.GetURL("files/hsts-and-hpkp-headers.html"), | 5367 https_test_server.GetURL("files/hsts-and-hpkp-headers.html"), |
| 5435 DEFAULT_PRIORITY, &d)); | 5368 DEFAULT_PRIORITY, &d)); |
| 5436 request->Start(); | 5369 request->Start(); |
| 5437 base::RunLoop().Run(); | 5370 base::RunLoop().Run(); |
| 5438 | 5371 |
| 5439 // We should have set parameters from the first header, not the second. | 5372 // We should have set parameters from the first header, not the second. |
| 5440 TransportSecurityState* security_state = | 5373 TransportSecurityState* security_state = |
| 5441 default_context_.transport_security_state(); | 5374 default_context_.transport_security_state(); |
| 5442 TransportSecurityState::DomainState domain_state; | 5375 TransportSecurityState::DomainState domain_state; |
| 5443 EXPECT_TRUE(security_state->GetDynamicDomainState(test_server_hostname, | 5376 EXPECT_TRUE(security_state->GetDynamicDomainState( |
| 5444 &domain_state)); | 5377 SpawnedTestServer::kLocalhost, &domain_state)); |
| 5445 EXPECT_EQ(TransportSecurityState::DomainState::MODE_FORCE_HTTPS, | 5378 EXPECT_EQ(TransportSecurityState::DomainState::MODE_FORCE_HTTPS, |
| 5446 domain_state.sts.upgrade_mode); | 5379 domain_state.sts.upgrade_mode); |
| 5447 #if defined(OS_ANDROID) | 5380 #if defined(OS_ANDROID) |
| 5448 // Android's CertVerifyProc does not (yet) handle pins. | 5381 // Android's CertVerifyProc does not (yet) handle pins. |
| 5449 #else | 5382 #else |
| 5450 EXPECT_TRUE(domain_state.HasPublicKeyPins()); | 5383 EXPECT_TRUE(domain_state.HasPublicKeyPins()); |
| 5451 #endif | 5384 #endif |
| 5452 EXPECT_NE(domain_state.sts.expiry, domain_state.pkp.expiry); | 5385 EXPECT_NE(domain_state.sts.expiry, domain_state.pkp.expiry); |
| 5453 | 5386 |
| 5454 // Even though there is an HSTS header asserting includeSubdomains, it is | 5387 // Even though there is an HSTS header asserting includeSubdomains, it is |
| 5455 // the *second* such header, and we MUST process only the first. | 5388 // the *second* such header, and we MUST process only the first. |
| 5456 EXPECT_FALSE(domain_state.sts.include_subdomains); | 5389 EXPECT_FALSE(domain_state.sts.include_subdomains); |
| 5457 // includeSubdomains does not occur in the test HPKP header. | 5390 // includeSubdomains does not occur in the test HPKP header. |
| 5458 EXPECT_FALSE(domain_state.pkp.include_subdomains); | 5391 EXPECT_FALSE(domain_state.pkp.include_subdomains); |
| 5459 } | 5392 } |
| 5460 | 5393 |
| 5461 // Tests that when multiple HPKP headers are present, asserting different | 5394 // Tests that when multiple HPKP headers are present, asserting different |
| 5462 // policies, that only the first such policy is processed. | 5395 // policies, that only the first such policy is processed. |
| 5463 TEST_F(URLRequestTestHTTP, ProcessSTSAndPKP2) { | 5396 TEST_F(URLRequestTestHTTP, ProcessSTSAndPKP2) { |
| 5464 SpawnedTestServer::SSLOptions ssl_options( | 5397 SpawnedTestServer::SSLOptions ssl_options; |
| 5465 SpawnedTestServer::SSLOptions::CERT_OK_FOR_LOCALHOST); | |
| 5466 SpawnedTestServer https_test_server( | 5398 SpawnedTestServer https_test_server( |
| 5467 SpawnedTestServer::TYPE_HTTPS, | 5399 SpawnedTestServer::TYPE_HTTPS, |
| 5468 ssl_options, | 5400 ssl_options, |
| 5469 base::FilePath(FILE_PATH_LITERAL("net/data/url_request_unittest"))); | 5401 base::FilePath(FILE_PATH_LITERAL("net/data/url_request_unittest"))); |
| 5470 ASSERT_TRUE(https_test_server.Start()); | 5402 ASSERT_TRUE(https_test_server.Start()); |
| 5471 | 5403 |
| 5472 std::string test_server_hostname = | |
| 5473 https_test_server.GetURL(std::string()).host(); | |
| 5474 | |
| 5475 TestDelegate d; | 5404 TestDelegate d; |
| 5476 scoped_ptr<URLRequest> request(default_context_.CreateRequest( | 5405 scoped_ptr<URLRequest> request(default_context_.CreateRequest( |
| 5477 https_test_server.GetURL("files/hsts-and-hpkp-headers2.html"), | 5406 https_test_server.GetURL("files/hsts-and-hpkp-headers2.html"), |
| 5478 DEFAULT_PRIORITY, &d)); | 5407 DEFAULT_PRIORITY, &d)); |
| 5479 request->Start(); | 5408 request->Start(); |
| 5480 base::RunLoop().Run(); | 5409 base::RunLoop().Run(); |
| 5481 | 5410 |
| 5482 TransportSecurityState* security_state = | 5411 TransportSecurityState* security_state = |
| 5483 default_context_.transport_security_state(); | 5412 default_context_.transport_security_state(); |
| 5484 TransportSecurityState::DomainState domain_state; | 5413 TransportSecurityState::DomainState domain_state; |
| 5485 EXPECT_TRUE(security_state->GetDynamicDomainState(test_server_hostname, | 5414 EXPECT_TRUE(security_state->GetDynamicDomainState( |
| 5486 &domain_state)); | 5415 SpawnedTestServer::kLocalhost, &domain_state)); |
| 5487 EXPECT_EQ(TransportSecurityState::DomainState::MODE_FORCE_HTTPS, | 5416 EXPECT_EQ(TransportSecurityState::DomainState::MODE_FORCE_HTTPS, |
| 5488 domain_state.sts.upgrade_mode); | 5417 domain_state.sts.upgrade_mode); |
| 5489 #if defined(OS_ANDROID) | 5418 #if defined(OS_ANDROID) |
| 5490 // Android's CertVerifyProc does not (yet) handle pins. | 5419 // Android's CertVerifyProc does not (yet) handle pins. |
| 5491 #else | 5420 #else |
| 5492 EXPECT_TRUE(domain_state.HasPublicKeyPins()); | 5421 EXPECT_TRUE(domain_state.HasPublicKeyPins()); |
| 5493 #endif | 5422 #endif |
| 5494 EXPECT_NE(domain_state.sts.expiry, domain_state.pkp.expiry); | 5423 EXPECT_NE(domain_state.sts.expiry, domain_state.pkp.expiry); |
| 5495 | 5424 |
| 5496 EXPECT_TRUE(domain_state.sts.include_subdomains); | 5425 EXPECT_TRUE(domain_state.sts.include_subdomains); |
| (...skipping 3576 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 9073 | 9002 |
| 9074 EXPECT_FALSE(r->is_pending()); | 9003 EXPECT_FALSE(r->is_pending()); |
| 9075 EXPECT_EQ(1, d->response_started_count()); | 9004 EXPECT_EQ(1, d->response_started_count()); |
| 9076 EXPECT_FALSE(d->received_data_before_response()); | 9005 EXPECT_FALSE(d->received_data_before_response()); |
| 9077 EXPECT_EQ(d->bytes_received(), static_cast<int>(file_size)); | 9006 EXPECT_EQ(d->bytes_received(), static_cast<int>(file_size)); |
| 9078 } | 9007 } |
| 9079 } | 9008 } |
| 9080 #endif // !defined(DISABLE_FTP_SUPPORT) | 9009 #endif // !defined(DISABLE_FTP_SUPPORT) |
| 9081 | 9010 |
| 9082 } // namespace net | 9011 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1066613002:
Revert of Don't process HSTS/HPKP headers when host is an IP address (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master