Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(44)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/common/secure_origin_whitelist_unittest.cc

Issue 1072933006: Support whitelisting to handle insecure origins as trustworthy origins (chromium) (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: added more tests Created 5 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/common/secure_origin_whitelist.cc ('k') | chrome/renderer/chrome_content_renderer_client.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/common/secure_origin_whitelist_unittest.cc
diff --git a/chrome/common/secure_origin_whitelist_unittest.cc b/chrome/common/secure_origin_whitelist_unittest.cc
new file mode 100644
index 0000000000000000000000000000000000000000..b685711550048202263efb5bd4c535428daa2d6c
--- /dev/null
+++ b/chrome/common/secure_origin_whitelist_unittest.cc
@@ -0,0 +1,41 @@
+// Copyright 2015 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "base/command_line.h"
+#include "chrome/common/chrome_switches.h"
+#include "content/public/common/origin_util.h"
+#include "testing/gtest/include/gtest/gtest.h"
+#include "url/gurl.h"
+
+using content::IsOriginSecure;
+
+namespace chrome {
+
+TEST(SecureOriginWhiteList, UnsafetyTreatInsecureOriginAsSecure) {
+ EXPECT_FALSE(content::IsOriginSecure(GURL("http://example.com/a.html")));
+ EXPECT_FALSE(
+ content::IsOriginSecure(GURL("http://127.example.com/a.html")));
+
+ // Add http://example.com and http://127.example.com to whitelist by
+ // command-line and see if they are now considered secure origins.
+ // (The command line is applied via
+ // ChromeContentClient::AddSecureSchemesAndOrigins)
+ base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
+ command_line->AppendSwitchASCII(
+ switches::kUnsafetyTreatInsecureOriginAsSecure,
+ "http://example.com,http://127.example.com");
+ command_line->AppendSwitch(switches::kUserDataDir);
+ content::ResetSecureSchemesAndOriginsForTesting();
+
+ // They should be now white-listed.
+ EXPECT_TRUE(content::IsOriginSecure(GURL("http://example.com/a.html")));
+ EXPECT_TRUE(content::IsOriginSecure(GURL("http://127.example.com/a.html")));
+
+ // Check that similarly named sites are not considered secure.
+ EXPECT_FALSE(content::IsOriginSecure(GURL("http://128.example.com/a.html")));
+ EXPECT_FALSE(content::IsOriginSecure(
+ GURL("http://foobar.127.example.com/a.html")));
+}
+
+} // namespace chrome
« no previous file with comments | « chrome/common/secure_origin_whitelist.cc ('k') | chrome/renderer/chrome_content_renderer_client.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698