OLD | NEW |
(Empty) | |
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "base/command_line.h" |
| 6 #include "chrome/common/chrome_switches.h" |
| 7 #include "content/public/common/origin_util.h" |
| 8 #include "testing/gtest/include/gtest/gtest.h" |
| 9 #include "url/gurl.h" |
| 10 |
| 11 using content::IsOriginSecure; |
| 12 |
| 13 namespace chrome { |
| 14 |
| 15 TEST(SecureOriginWhiteList, UnsafetyTreatInsecureOriginAsSecure) { |
| 16 EXPECT_FALSE(content::IsOriginSecure(GURL("http://example.com/a.html"))); |
| 17 EXPECT_FALSE( |
| 18 content::IsOriginSecure(GURL("http://127.example.com/a.html"))); |
| 19 |
| 20 // Add http://example.com and http://127.example.com to whitelist by |
| 21 // command-line and see if they are now considered secure origins. |
| 22 // (The command line is applied via |
| 23 // ChromeContentClient::AddSecureSchemesAndOrigins) |
| 24 base::CommandLine* command_line = base::CommandLine::ForCurrentProcess(); |
| 25 command_line->AppendSwitchASCII( |
| 26 switches::kUnsafetyTreatInsecureOriginAsSecure, |
| 27 "http://example.com,http://127.example.com"); |
| 28 command_line->AppendSwitch(switches::kUserDataDir); |
| 29 content::ResetSecureSchemesAndOriginsForTesting(); |
| 30 |
| 31 // They should be now white-listed. |
| 32 EXPECT_TRUE(content::IsOriginSecure(GURL("http://example.com/a.html"))); |
| 33 EXPECT_TRUE(content::IsOriginSecure(GURL("http://127.example.com/a.html"))); |
| 34 |
| 35 // Check that similarly named sites are not considered secure. |
| 36 EXPECT_FALSE(content::IsOriginSecure(GURL("http://128.example.com/a.html"))); |
| 37 EXPECT_FALSE(content::IsOriginSecure( |
| 38 GURL("http://foobar.127.example.com/a.html"))); |
| 39 } |
| 40 |
| 41 } // namespace chrome |
OLD | NEW |