| Index: components/proximity_auth/cryptauth/base64url_unittest.cc
|
| diff --git a/components/proximity_auth/cryptauth/base64url_unittest.cc b/components/proximity_auth/cryptauth/base64url_unittest.cc
|
| index 88fd16c6283f436817dbb0bd14ef9289c115bc9a..487ea4449ab9c7d97363b1d0630e4c701d53c6a7 100644
|
| --- a/components/proximity_auth/cryptauth/base64url_unittest.cc
|
| +++ b/components/proximity_auth/cryptauth/base64url_unittest.cc
|
| @@ -64,4 +64,22 @@ TEST(ProximityAuthBase64UrlTest, DecodeSpecialCharacters) {
|
| EXPECT_EQ("/+Y=", non_web_safe_encoded);
|
| }
|
|
|
| +TEST(ProximityAuthBase64UrlTest, DecodeBailsOnPlus) {
|
| + // Note that "_-Y=" is a valid encoded string, as tested above. This test
|
| + // simply verifies that an otherwise correctly encoded string cannot use '+'
|
| + // in place of '-', since the proximity auth code expects websafe encodings.
|
| + const std::string encoded = "_+Y=";
|
| + std::string decoded;
|
| + EXPECT_FALSE(Base64UrlDecode(encoded, &decoded));
|
| +}
|
| +
|
| +TEST(ProximityAuthBase64UrlTest, DecodeBailsOnSlash) {
|
| + // Note that "_-Y=" is a valid encoded string, as tested above. This test
|
| + // simply verifies that an otherwise correctly encoded string cannot use '/'
|
| + // in place of '_', since the proximity auth code expects websafe encodings.
|
| + const std::string encoded = "/-Y=";
|
| + std::string decoded;
|
| + EXPECT_FALSE(Base64UrlDecode(encoded, &decoded));
|
| +}
|
| +
|
| } // namespace proximity_auth
|
|
|
Chromium Code Reviews
Issue 1170363002:
[Proximity auth] Disallow '+' and '/' in incoming base64-encoded strings. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master