Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1602)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: Source/platform/weborigin/OriginAccessEntryTest.cpp

Issue 1128913004: Improve OriginAccessEntry support for IP addresses. (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: Created 5 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« Source/platform/weborigin/OriginAccessEntry.cpp ('K') | « Source/platform/weborigin/OriginAccessEntry.cpp ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: Source/platform/weborigin/OriginAccessEntryTest.cpp
diff --git a/Source/platform/weborigin/OriginAccessEntryTest.cpp b/Source/platform/weborigin/OriginAccessEntryTest.cpp
index d4f6372f62b71b44cff0b47a6c1d934a1d608748..74dbc8dd6c1d48d416a6067d1f5ae9314b05a6e0 100644
--- a/Source/platform/weborigin/OriginAccessEntryTest.cpp
+++ b/Source/platform/weborigin/OriginAccessEntryTest.cpp
@@ -80,5 +80,166 @@ TEST(OriginAccessEntryTest, PublicSuffixListTest)
blink::Platform::shutdown();
}
+TEST(OriginAccessEntryTest, AllowSubdomainsTest)
+{
+ struct TestCase {
+ const char* protocol;
+ const char* host;
+ const char* origin;
+ OriginAccessEntry::MatchResult expected;
+ } inputs[] = {
+ { "http", "example.com", "http://example.com/", OriginAccessEntry::MatchesOrigin },
+ { "http", "example.com", "http://www.example.com/", OriginAccessEntry::MatchesOrigin },
+ { "http", "example.com", "http://www.www.example.com/", OriginAccessEntry::MatchesOrigin },
+ { "http", "com", "http://example.com/", OriginAccessEntry::MatchesOriginButIsPublicSuffix },
+ { "http", "com", "http://www.example.com/", OriginAccessEntry::MatchesOriginButIsPublicSuffix },
+ { "http", "com", "http://www.www.example.com/", OriginAccessEntry::MatchesOriginButIsPublicSuffix },
+ { "https", "example.com", "http://example.com/", OriginAccessEntry::DoesNotMatchOrigin },
+ { "https", "example.com", "http://www.example.com/", OriginAccessEntry::DoesNotMatchOrigin },
+ { "https", "example.com", "http://www.www.example.com/", OriginAccessEntry::DoesNotMatchOrigin },
+ { "http", "example.com", "http://beispiel.de/", OriginAccessEntry::DoesNotMatchOrigin },
+ { "http", "", "http://example.com/", OriginAccessEntry::MatchesOrigin },
+ { "http", "", "http://beispiel.de/", OriginAccessEntry::MatchesOrigin },
+ { "https", "", "http://beispiel.de/", OriginAccessEntry::DoesNotMatchOrigin },
+ };
+
+ // Initialize a PSL mock that whitelists any three-letter label as a TLD ('com', 'org', 'net', etc).
+ OriginAccessEntryTestPlatform platform;
+ blink::Platform::initialize(&platform);
+
+ for (auto test : inputs) {
Ryan Sleevi 2015/05/13 23:23:34 SCOPED_TRACE(test) ? (assuming Test had a PrintTo,
Ryan Sleevi 2015/05/13 23:23:34 s/auto/const auto&/
+ RefPtr<SecurityOrigin> originToTest = SecurityOrigin::createFromString(test.origin);
+ OriginAccessEntry entry1(test.protocol, test.host, OriginAccessEntry::AllowSubdomains, OriginAccessEntry::TreatIPAddressAsIPAddress);
+ EXPECT_EQ(test.expected, entry1.matchesOrigin(*originToTest));
+
+ OriginAccessEntry entry2(test.protocol, test.host, OriginAccessEntry::AllowSubdomains, OriginAccessEntry::TreatIPAddressAsDomain);
+ EXPECT_EQ(test.expected, entry2.matchesOrigin(*originToTest));
+ }
+
+ blink::Platform::shutdown();
+}
+
+TEST(OriginAccessEntryTest, DisallowSubdomainsTest)
+{
+ struct TestCase {
+ const char* protocol;
+ const char* host;
+ const char* origin;
+ OriginAccessEntry::MatchResult expected;
+ } inputs[] = {
+ { "http", "example.com", "http://example.com/", OriginAccessEntry::MatchesOrigin },
+ { "http", "example.com", "http://www.example.com/", OriginAccessEntry::DoesNotMatchOrigin },
+ { "http", "example.com", "http://www.www.example.com/", OriginAccessEntry::DoesNotMatchOrigin },
+ { "http", "com", "http://example.com/", OriginAccessEntry::DoesNotMatchOrigin },
+ { "http", "com", "http://www.example.com/", OriginAccessEntry::DoesNotMatchOrigin },
+ { "http", "com", "http://www.www.example.com/", OriginAccessEntry::DoesNotMatchOrigin },
+ { "https", "example.com", "http://example.com/", OriginAccessEntry::DoesNotMatchOrigin },
+ { "https", "example.com", "http://www.example.com/", OriginAccessEntry::DoesNotMatchOrigin },
+ { "https", "example.com", "http://www.www.example.com/", OriginAccessEntry::DoesNotMatchOrigin },
+ { "http", "example.com", "http://beispiel.de/", OriginAccessEntry::DoesNotMatchOrigin },
+ { "http", "", "http://example.com/", OriginAccessEntry::DoesNotMatchOrigin },
+ { "http", "", "http://beispiel.de/", OriginAccessEntry::DoesNotMatchOrigin },
+ { "https", "", "http://beispiel.de/", OriginAccessEntry::DoesNotMatchOrigin },
+ };
+
+ // Initialize a PSL mock that whitelists any three-letter label as a TLD ('com', 'org', 'net', etc).
+ OriginAccessEntryTestPlatform platform;
+ blink::Platform::initialize(&platform);
+
+ for (auto test : inputs) {
Ryan Sleevi 2015/05/13 23:23:34 const auto&
+ RefPtr<SecurityOrigin> originToTest = SecurityOrigin::createFromString(test.origin);
+ OriginAccessEntry entry1(test.protocol, test.host, OriginAccessEntry::DisallowSubdomains, OriginAccessEntry::TreatIPAddressAsIPAddress);
+ EXPECT_EQ(test.expected, entry1.matchesOrigin(*originToTest));
+
+ OriginAccessEntry entry2(test.protocol, test.host, OriginAccessEntry::DisallowSubdomains, OriginAccessEntry::TreatIPAddressAsDomain);
+ EXPECT_EQ(test.expected, entry2.matchesOrigin(*originToTest));
+ }
+
+ blink::Platform::shutdown();
+}
+
+TEST(OriginAccessEntryTest, IPAddressTest)
+{
+ struct TestCase {
+ const char* protocol;
+ const char* host;
+ bool isIPAddress;
+ } inputs[] = {
+ { "http", "1.1.1.1", true },
+ { "http", "1.1.1.1.1", false },
+ { "http", "example.com", false },
+ { "http", "hostname.that.ends.with.a.number1", false },
+ { "http", "2001:db8::1", false },
+ { "http", "[2001:db8::1]", true },
+ { "http", "2001:db8::a", false },
+ { "http", "[2001:db8::a]", true },
+ { "http", "", false },
+ };
+
+ // Initialize a PSL mock that whitelists any three-letter label as a TLD ('com', 'org', 'net', etc).
+ OriginAccessEntryTestPlatform platform;
+ blink::Platform::initialize(&platform);
+
+ for (auto test : inputs) {
Ryan Sleevi 2015/05/13 23:23:34 const auto&
+ OriginAccessEntry entry(test.protocol, test.host, OriginAccessEntry::DisallowSubdomains, OriginAccessEntry::TreatIPAddressAsDomain);
+ EXPECT_EQ(test.isIPAddress, entry.hostIsIPAddress()) << test.host;
+ }
+
+ blink::Platform::shutdown();
+}
+
+TEST(OriginAccessEntryTest, IPAddressAsDomainTest)
+{
+ struct TestCase {
+ const char* protocol;
+ const char* host;
+ const char* origin;
+ OriginAccessEntry::MatchResult expected;
+ } inputs[] = {
+ { "http", "192.0.0.123", "http://192.0.0.123/", OriginAccessEntry::MatchesOrigin },
+ { "http", "0.0.123", "http://192.0.0.123/", OriginAccessEntry::MatchesOrigin },
+ { "http", "0.123", "http://192.0.0.123/", OriginAccessEntry::MatchesOrigin },
+ { "http", "1.123", "http://192.0.0.123/", OriginAccessEntry::DoesNotMatchOrigin },
+ };
+
+ // Initialize a PSL mock that whitelists any three-letter label as a TLD ('.123', etc).
+ OriginAccessEntryTestPlatform platform;
+ blink::Platform::initialize(&platform);
+
+ for (auto test : inputs) {
+ RefPtr<SecurityOrigin> originToTest = SecurityOrigin::createFromString(test.origin);
+ OriginAccessEntry entry(test.protocol, test.host, OriginAccessEntry::AllowSubdomains, OriginAccessEntry::TreatIPAddressAsDomain);
+ EXPECT_EQ(test.expected, entry.matchesOrigin(*originToTest));
+ }
+
+ blink::Platform::shutdown();
+}
+
+TEST(OriginAccessEntryTest, IPAddressAsIPAddressTest)
+{
+ struct TestCase {
+ const char* protocol;
+ const char* host;
+ const char* origin;
+ OriginAccessEntry::MatchResult expected;
+ } inputs[] = {
+ { "http", "192.0.0.123", "http://192.0.0.123/", OriginAccessEntry::MatchesOrigin },
+ { "http", "0.0.123", "http://192.0.0.123/", OriginAccessEntry::DoesNotMatchOrigin },
+ { "http", "0.123", "http://192.0.0.123/", OriginAccessEntry::DoesNotMatchOrigin },
+ { "http", "1.123", "http://192.0.0.123/", OriginAccessEntry::DoesNotMatchOrigin },
+ };
+
+ // Initialize a PSL mock that whitelists any three-letter label as a TLD ('.123', etc).
+ OriginAccessEntryTestPlatform platform;
+ blink::Platform::initialize(&platform);
+
+ for (auto test : inputs) {
+ RefPtr<SecurityOrigin> originToTest = SecurityOrigin::createFromString(test.origin);
+ OriginAccessEntry entry(test.protocol, test.host, OriginAccessEntry::AllowSubdomains, OriginAccessEntry::TreatIPAddressAsIPAddress);
+ EXPECT_EQ(test.expected, entry.matchesOrigin(*originToTest));
+ }
+
+ blink::Platform::shutdown();
+}
} // namespace
« Source/platform/weborigin/OriginAccessEntry.cpp ('K') | « Source/platform/weborigin/OriginAccessEntry.cpp ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698