OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "base/command_line.h" | 5 #include "base/command_line.h" |
6 #include "chrome/common/chrome_switches.h" | 6 #include "chrome/common/chrome_switches.h" |
7 #include "content/public/common/origin_util.h" | 7 #include "content/public/common/origin_util.h" |
8 #include "testing/gtest/include/gtest/gtest.h" | 8 #include "testing/gtest/include/gtest/gtest.h" |
9 #include "url/gurl.h" | 9 #include "url/gurl.h" |
10 | 10 |
11 using content::IsOriginSecure; | 11 using content::IsOriginSecure; |
12 | 12 |
13 namespace chrome { | 13 namespace chrome { |
14 | 14 |
15 TEST(SecureOriginWhiteList, UnsafetyTreatInsecureOriginAsSecure) { | 15 TEST(SecureOriginWhiteList, UnsafelyTreatInsecureOriginAsSecure) { |
16 EXPECT_FALSE(content::IsOriginSecure(GURL("http://example.com/a.html"))); | 16 EXPECT_FALSE(content::IsOriginSecure(GURL("http://example.com/a.html"))); |
17 EXPECT_FALSE( | 17 EXPECT_FALSE( |
18 content::IsOriginSecure(GURL("http://127.example.com/a.html"))); | 18 content::IsOriginSecure(GURL("http://127.example.com/a.html"))); |
19 | 19 |
20 // Add http://example.com and http://127.example.com to whitelist by | 20 // Add http://example.com and http://127.example.com to whitelist by |
21 // command-line and see if they are now considered secure origins. | 21 // command-line and see if they are now considered secure origins. |
22 // (The command line is applied via | 22 // (The command line is applied via |
23 // ChromeContentClient::AddSecureSchemesAndOrigins) | 23 // ChromeContentClient::AddSecureSchemesAndOrigins) |
24 base::CommandLine* command_line = base::CommandLine::ForCurrentProcess(); | 24 base::CommandLine* command_line = base::CommandLine::ForCurrentProcess(); |
25 command_line->AppendSwitchASCII( | 25 command_line->AppendSwitchASCII( |
26 switches::kUnsafetyTreatInsecureOriginAsSecure, | 26 switches::kUnsafelyTreatInsecureOriginAsSecure, |
27 "http://example.com,http://127.example.com"); | 27 "http://example.com,http://127.example.com"); |
28 command_line->AppendSwitch(switches::kUserDataDir); | 28 command_line->AppendSwitch(switches::kUserDataDir); |
29 content::ResetSecureSchemesAndOriginsForTesting(); | 29 content::ResetSecureSchemesAndOriginsForTesting(); |
30 | 30 |
31 // They should be now white-listed. | 31 // They should be now white-listed. |
32 EXPECT_TRUE(content::IsOriginSecure(GURL("http://example.com/a.html"))); | 32 EXPECT_TRUE(content::IsOriginSecure(GURL("http://example.com/a.html"))); |
33 EXPECT_TRUE(content::IsOriginSecure(GURL("http://127.example.com/a.html"))); | 33 EXPECT_TRUE(content::IsOriginSecure(GURL("http://127.example.com/a.html"))); |
34 | 34 |
35 // Check that similarly named sites are not considered secure. | 35 // Check that similarly named sites are not considered secure. |
36 EXPECT_FALSE(content::IsOriginSecure(GURL("http://128.example.com/a.html"))); | 36 EXPECT_FALSE(content::IsOriginSecure(GURL("http://128.example.com/a.html"))); |
37 EXPECT_FALSE(content::IsOriginSecure( | 37 EXPECT_FALSE(content::IsOriginSecure( |
38 GURL("http://foobar.127.example.com/a.html"))); | 38 GURL("http://foobar.127.example.com/a.html"))); |
39 } | 39 } |
40 | 40 |
41 } // namespace chrome | 41 } // namespace chrome |
OLD | NEW |