chrome/common/secure_origin_whitelist_unittest.cc - Issue 1072933006: Support whitelisting to handle insecure origins as trustworthy origins (chromium)

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: chrome/common/secure_origin_whitelist_unittest.cc

Issue 1072933006: Support whitelisting to handle insecure origins as trustworthy origins (chromium) (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 5 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
(Empty)
	1 // Copyright 2015 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #include "base/basictypes.h"
	jww 2015/04/30 18:26:42 remove? remove? kinuko 2015/05/01 03:10:56 Done. Show quoted text On 2015/04/30 18:26:42, jww wrote: > remove? Done.
	6 #include "base/command_line.h"

	7 #include "chrome/common/chrome_switches.h"

	8 #include "content/public/common/origin_util.h"

	9 #include "testing/gtest/include/gtest/gtest.h"

	10 #include "url/gurl.h"

	11

	12 using content::IsOriginSecure;

	13

	14 namespace chrome {

	15

	16 TEST(SecureOriginWhiteList, UnsafetyTreatInsecureOriginAsSecure) {

	17 EXPECT_FALSE(content::IsOriginSecure(GURL("http://example.com/fun.html")));

	18 EXPECT_FALSE(

	19 content::IsOriginSecure(GURL("http://127.example.com/fun.html")));

	20

	21 // Add http://example.com and http://127.example.com to whitelist by

	22 // command-line and see if they are now considered secure origins.

	23 // (The command line is applied via

	24 // ChromeContentClient::AddSecureSchemesAndOrigins)

	25 base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();

	26 command_line->AppendSwitchASCII(

	27 switches::kUnsafetyTreatInsecureOriginAsSecure,

	28 "http://example.com,http://127.example.com");

	29 command_line->AppendSwitch(switches::kUserDataDir);

	30 content::ResetSecureSchemesAndOriginsForTesting();

	31

	32 EXPECT_TRUE(content::IsOriginSecure(GURL("http://example.com/fun.html")));

	33 EXPECT_TRUE(content::IsOriginSecure(GURL("http://127.example.com/fun.html")));
	jww 2015/04/30 18:26:42 Would you mind adding a few other sanity checks, s Would you mind adding a few other sanity checks, such as verifing that http://128.example.com is not considered secure, or similarly that http://foobar.127.example.com is also not secure? kinuko 2015/05/01 03:10:56 Done. Show quoted text On 2015/04/30 18:26:42, jww wrote: > Would you mind adding a few other sanity checks, such as verifing that > http://128.example.com is not considered secure, or similarly that > http://foobar.127.example.com is also not secure? Done.
	34 }

	35

	36 } // namespace chrome

OLD	NEW

« no previous file with comments | « chrome/common/secure_origin_whitelist.cc ('k') | chrome/renderer/chrome_content_renderer_client.cc » ('j') | no next file with comments »