Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(132)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/platform/weborigin/OriginAccessEntryTest.cpp

Issue 1128913004: Improve OriginAccessEntry support for IP addresses. (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: Feedback. Created 5 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « Source/platform/weborigin/OriginAccessEntry.cpp ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2013 Google Inc. All rights reserved. 2 * Copyright (C) 2013 Google Inc. All rights reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions are 5 * modification, are permitted provided that the following conditions are
6 * met: 6 * met:
7 * 7 *
8 * * Redistributions of source code must retain the above copyright 8 * * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer. 9 * notice, this list of conditions and the following disclaimer.
10 * * Redistributions in binary form must reproduce the above 10 * * Redistributions in binary form must reproduce the above
(...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after
73 OriginAccessEntry entry1("http", "google.com", OriginAccessEntry::AllowSubdo mains, OriginAccessEntry::TreatIPAddressAsIPAddress); 73 OriginAccessEntry entry1("http", "google.com", OriginAccessEntry::AllowSubdo mains, OriginAccessEntry::TreatIPAddressAsIPAddress);
74 OriginAccessEntry entry2("http", "hamster.com", OriginAccessEntry::AllowSubd omains, OriginAccessEntry::TreatIPAddressAsIPAddress); 74 OriginAccessEntry entry2("http", "hamster.com", OriginAccessEntry::AllowSubd omains, OriginAccessEntry::TreatIPAddressAsIPAddress);
75 OriginAccessEntry entry3("http", "com", OriginAccessEntry::AllowSubdomains, OriginAccessEntry::TreatIPAddressAsIPAddress); 75 OriginAccessEntry entry3("http", "com", OriginAccessEntry::AllowSubdomains, OriginAccessEntry::TreatIPAddressAsIPAddress);
76 EXPECT_EQ(OriginAccessEntry::MatchesOrigin, entry1.matchesOrigin(*origin)); 76 EXPECT_EQ(OriginAccessEntry::MatchesOrigin, entry1.matchesOrigin(*origin));
77 EXPECT_EQ(OriginAccessEntry::DoesNotMatchOrigin, entry2.matchesOrigin(*origi n)); 77 EXPECT_EQ(OriginAccessEntry::DoesNotMatchOrigin, entry2.matchesOrigin(*origi n));
78 EXPECT_EQ(OriginAccessEntry::MatchesOriginButIsPublicSuffix, entry3.matchesO rigin(*origin)); 78 EXPECT_EQ(OriginAccessEntry::MatchesOriginButIsPublicSuffix, entry3.matchesO rigin(*origin));
79 79
80 blink::Platform::shutdown(); 80 blink::Platform::shutdown();
81 } 81 }
82 82
83 TEST(OriginAccessEntryTest, AllowSubdomainsTest)
84 {
85 struct TestCase {
86 const char* protocol;
87 const char* host;
88 const char* origin;
89 OriginAccessEntry::MatchResult expected;
90 } inputs[] = {
91 { "http", "example.com", "http://example.com/", OriginAccessEntry::Match esOrigin },
92 { "http", "example.com", "http://www.example.com/", OriginAccessEntry::M atchesOrigin },
93 { "http", "example.com", "http://www.www.example.com/", OriginAccessEntr y::MatchesOrigin },
94 { "http", "com", "http://example.com/", OriginAccessEntry::MatchesOrigin ButIsPublicSuffix },
95 { "http", "com", "http://www.example.com/", OriginAccessEntry::MatchesOr iginButIsPublicSuffix },
96 { "http", "com", "http://www.www.example.com/", OriginAccessEntry::Match esOriginButIsPublicSuffix },
97 { "https", "example.com", "http://example.com/", OriginAccessEntry::Does NotMatchOrigin },
98 { "https", "example.com", "http://www.example.com/", OriginAccessEntry:: DoesNotMatchOrigin },
99 { "https", "example.com", "http://www.www.example.com/", OriginAccessEnt ry::DoesNotMatchOrigin },
100 { "http", "example.com", "http://beispiel.de/", OriginAccessEntry::DoesN otMatchOrigin },
101 { "http", "", "http://example.com/", OriginAccessEntry::MatchesOrigin },
102 { "http", "", "http://beispiel.de/", OriginAccessEntry::MatchesOrigin },
103 { "https", "", "http://beispiel.de/", OriginAccessEntry::DoesNotMatchOri gin },
104 };
105
106 // Initialize a PSL mock that whitelists any three-letter label as a TLD ('c om', 'org', 'net', etc).
107 OriginAccessEntryTestPlatform platform;
108 blink::Platform::initialize(&platform);
109
110 for (const auto& test : inputs) {
111 SCOPED_TRACE(testing::Message() << "Host: " << test.host << ", Origin: " << test.origin);
112 RefPtr<SecurityOrigin> originToTest = SecurityOrigin::createFromString(t est.origin);
113 OriginAccessEntry entry1(test.protocol, test.host, OriginAccessEntry::Al lowSubdomains, OriginAccessEntry::TreatIPAddressAsIPAddress);
114 EXPECT_EQ(test.expected, entry1.matchesOrigin(*originToTest));
115
116 OriginAccessEntry entry2(test.protocol, test.host, OriginAccessEntry::Al lowSubdomains, OriginAccessEntry::TreatIPAddressAsDomain);
117 EXPECT_EQ(test.expected, entry2.matchesOrigin(*originToTest));
118 }
119
120 blink::Platform::shutdown();
121 }
122
123 TEST(OriginAccessEntryTest, DisallowSubdomainsTest)
124 {
125 struct TestCase {
126 const char* protocol;
127 const char* host;
128 const char* origin;
129 OriginAccessEntry::MatchResult expected;
130 } inputs[] = {
131 { "http", "example.com", "http://example.com/", OriginAccessEntry::Match esOrigin },
132 { "http", "example.com", "http://www.example.com/", OriginAccessEntry::D oesNotMatchOrigin },
133 { "http", "example.com", "http://www.www.example.com/", OriginAccessEntr y::DoesNotMatchOrigin },
134 { "http", "com", "http://example.com/", OriginAccessEntry::DoesNotMatchO rigin },
135 { "http", "com", "http://www.example.com/", OriginAccessEntry::DoesNotMa tchOrigin },
136 { "http", "com", "http://www.www.example.com/", OriginAccessEntry::DoesN otMatchOrigin },
137 { "https", "example.com", "http://example.com/", OriginAccessEntry::Does NotMatchOrigin },
138 { "https", "example.com", "http://www.example.com/", OriginAccessEntry:: DoesNotMatchOrigin },
139 { "https", "example.com", "http://www.www.example.com/", OriginAccessEnt ry::DoesNotMatchOrigin },
140 { "http", "example.com", "http://beispiel.de/", OriginAccessEntry::DoesN otMatchOrigin },
141 { "http", "", "http://example.com/", OriginAccessEntry::DoesNotMatchOrig in },
142 { "http", "", "http://beispiel.de/", OriginAccessEntry::DoesNotMatchOrig in },
143 { "https", "", "http://beispiel.de/", OriginAccessEntry::DoesNotMatchOri gin },
144 };
145
146 // Initialize a PSL mock that whitelists any three-letter label as a TLD ('c om', 'org', 'net', etc).
147 OriginAccessEntryTestPlatform platform;
148 blink::Platform::initialize(&platform);
149
150 for (const auto& test : inputs) {
151 SCOPED_TRACE(testing::Message() << "Host: " << test.host << ", Origin: " << test.origin);
152 RefPtr<SecurityOrigin> originToTest = SecurityOrigin::createFromString(t est.origin);
153 OriginAccessEntry entry1(test.protocol, test.host, OriginAccessEntry::Di sallowSubdomains, OriginAccessEntry::TreatIPAddressAsIPAddress);
154 EXPECT_EQ(test.expected, entry1.matchesOrigin(*originToTest));
155
156 OriginAccessEntry entry2(test.protocol, test.host, OriginAccessEntry::Di sallowSubdomains, OriginAccessEntry::TreatIPAddressAsDomain);
157 EXPECT_EQ(test.expected, entry2.matchesOrigin(*originToTest));
158 }
159
160 blink::Platform::shutdown();
161 }
162
163 TEST(OriginAccessEntryTest, IPAddressTest)
164 {
165 struct TestCase {
166 const char* protocol;
167 const char* host;
168 bool isIPAddress;
169 } inputs[] = {
170 { "http", "1.1.1.1", true },
171 { "http", "1.1.1.1.1", false },
172 { "http", "example.com", false },
173 { "http", "hostname.that.ends.with.a.number1", false },
174 { "http", "2001:db8::1", false },
175 { "http", "[2001:db8::1]", true },
176 { "http", "2001:db8::a", false },
177 { "http", "[2001:db8::a]", true },
178 { "http", "", false },
179 };
180
181 // Initialize a PSL mock that whitelists any three-letter label as a TLD ('c om', 'org', 'net', etc).
182 OriginAccessEntryTestPlatform platform;
183 blink::Platform::initialize(&platform);
184
185 for (const auto& test : inputs) {
186 SCOPED_TRACE(testing::Message() << "Host: " << test.host);
187 OriginAccessEntry entry(test.protocol, test.host, OriginAccessEntry::Dis allowSubdomains, OriginAccessEntry::TreatIPAddressAsDomain);
188 EXPECT_EQ(test.isIPAddress, entry.hostIsIPAddress()) << test.host;
189 }
190
191 blink::Platform::shutdown();
192 }
193
194 TEST(OriginAccessEntryTest, IPAddressAsDomainTest)
195 {
196 struct TestCase {
197 const char* protocol;
198 const char* host;
199 const char* origin;
200 OriginAccessEntry::MatchResult expected;
201 } inputs[] = {
202 { "http", "192.0.0.123", "http://192.0.0.123/", OriginAccessEntry::Match esOrigin },
203 { "http", "0.0.123", "http://192.0.0.123/", OriginAccessEntry::MatchesOr igin },
204 { "http", "0.123", "http://192.0.0.123/", OriginAccessEntry::MatchesOrig in },
205 { "http", "1.123", "http://192.0.0.123/", OriginAccessEntry::DoesNotMatc hOrigin },
206 };
207
208 // Initialize a PSL mock that whitelists any three-letter label as a TLD ('. 123', etc).
209 OriginAccessEntryTestPlatform platform;
210 blink::Platform::initialize(&platform);
211
212 for (const auto& test : inputs) {
213 SCOPED_TRACE(testing::Message() << "Host: " << test.host << ", Origin: " << test.origin);
214 RefPtr<SecurityOrigin> originToTest = SecurityOrigin::createFromString(t est.origin);
215 OriginAccessEntry entry(test.protocol, test.host, OriginAccessEntry::All owSubdomains, OriginAccessEntry::TreatIPAddressAsDomain);
216 EXPECT_EQ(test.expected, entry.matchesOrigin(*originToTest));
217 }
218
219 blink::Platform::shutdown();
220 }
221
222 TEST(OriginAccessEntryTest, IPAddressAsIPAddressTest)
223 {
224 struct TestCase {
225 const char* protocol;
226 const char* host;
227 const char* origin;
228 OriginAccessEntry::MatchResult expected;
229 } inputs[] = {
230 { "http", "192.0.0.123", "http://192.0.0.123/", OriginAccessEntry::Match esOrigin },
231 { "http", "0.0.123", "http://192.0.0.123/", OriginAccessEntry::DoesNotMa tchOrigin },
232 { "http", "0.123", "http://192.0.0.123/", OriginAccessEntry::DoesNotMatc hOrigin },
233 { "http", "1.123", "http://192.0.0.123/", OriginAccessEntry::DoesNotMatc hOrigin },
234 };
235
236 // Initialize a PSL mock that whitelists any three-letter label as a TLD ('. 123', etc).
237 OriginAccessEntryTestPlatform platform;
238 blink::Platform::initialize(&platform);
239
240 for (const auto& test : inputs) {
241 SCOPED_TRACE(testing::Message() << "Host: " << test.host << ", Origin: " << test.origin);
242 RefPtr<SecurityOrigin> originToTest = SecurityOrigin::createFromString(t est.origin);
243 OriginAccessEntry entry(test.protocol, test.host, OriginAccessEntry::All owSubdomains, OriginAccessEntry::TreatIPAddressAsIPAddress);
244 EXPECT_EQ(test.expected, entry.matchesOrigin(*originToTest));
245 }
246
247 blink::Platform::shutdown();
248 }
83 } // namespace 249 } // namespace
84 250
OLDNEW
« no previous file with comments | « Source/platform/weborigin/OriginAccessEntry.cpp ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698