OLD | NEW |
1 /* | 1 /* |
2 * Copyright (c) 2015, Google Inc. All rights reserved. | 2 * Copyright (c) 2015, Google Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
6 * met: | 6 * met: |
7 * | 7 * |
8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
(...skipping 114 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
125 | 125 |
126 { "https://example.test/image.png", "https://example.test/image.png" }, | 126 { "https://example.test/image.png", "https://example.test/image.png" }, |
127 { "https://example.test:80/image.png", "https://example.test:80/image.pn
g" }, | 127 { "https://example.test:80/image.png", "https://example.test:80/image.pn
g" }, |
128 { "https://example.test:1212/image.png", "https://example.test:1212/imag
e.png" }, | 128 { "https://example.test:1212/image.png", "https://example.test:1212/imag
e.png" }, |
129 | 129 |
130 { "ftp://example.test/image.png", "ftp://example.test/image.png" }, | 130 { "ftp://example.test/image.png", "ftp://example.test/image.png" }, |
131 { "ftp://example.test:21/image.png", "ftp://example.test:21/image.png" }
, | 131 { "ftp://example.test:21/image.png", "ftp://example.test:21/image.png" }
, |
132 { "ftp://example.test:1212/image.png", "ftp://example.test:1212/image.pn
g" }, | 132 { "ftp://example.test:1212/image.png", "ftp://example.test:1212/image.pn
g" }, |
133 }; | 133 }; |
134 | 134 |
| 135 FrameFetchContext::provideDocumentToContext(*fetchContext, document.get()); |
135 document->setInsecureRequestsPolicy(SecurityContext::InsecureRequestsUpgrade
); | 136 document->setInsecureRequestsPolicy(SecurityContext::InsecureRequestsUpgrade
); |
136 | 137 |
137 for (auto test : tests) { | 138 for (const auto& test : tests) { |
138 document->insecureNavigationsToUpgrade()->clear(); | 139 document->insecureNavigationsToUpgrade()->clear(); |
139 | 140 |
140 // We always upgrade for FrameTypeNone and FrameTypeNested. | 141 // We always upgrade for FrameTypeNone and FrameTypeNested. |
141 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeNone, test.upgraded); | 142 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeNone, test.upgraded); |
142 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeNested, test.upgraded); | 143 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeNested, test.upgraded); |
143 | 144 |
144 // We do not upgrade for FrameTypeTopLevel or FrameTypeAuxiliary... | 145 // We do not upgrade for FrameTypeTopLevel or FrameTypeAuxiliary... |
145 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeTopLevel, test.original); | 146 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeTopLevel, test.original); |
146 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeAuxiliary, test.original); | 147 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeAuxiliary, test.original); |
147 | 148 |
148 // unless the request context is RequestContextForm. | 149 // unless the request context is RequestContextForm. |
149 expectUpgrade(test.original, WebURLRequest::RequestContextForm, WebURLRe
quest::FrameTypeTopLevel, test.upgraded); | 150 expectUpgrade(test.original, WebURLRequest::RequestContextForm, WebURLRe
quest::FrameTypeTopLevel, test.upgraded); |
150 expectUpgrade(test.original, WebURLRequest::RequestContextForm, WebURLRe
quest::FrameTypeAuxiliary, test.upgraded); | 151 expectUpgrade(test.original, WebURLRequest::RequestContextForm, WebURLRe
quest::FrameTypeAuxiliary, test.upgraded); |
151 | 152 |
152 // Or unless the host of the resource is in the document's InsecureNavig
ationsSet: | 153 // Or unless the host of the resource is in the document's InsecureNavig
ationsSet: |
153 document->addInsecureNavigationUpgrade(exampleOrigin->host().impl()->has
h()); | 154 document->addInsecureNavigationUpgrade(exampleOrigin->host().impl()->has
h()); |
154 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeTopLevel, test.upgraded); | 155 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeTopLevel, test.upgraded); |
155 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeAuxiliary, test.upgraded); | 156 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeAuxiliary, test.upgraded); |
156 } | 157 } |
157 } | 158 } |
158 | 159 |
159 TEST_F(FrameFetchContextUpgradeTest, DoNotUpgradeInsecureResourceRequests) | 160 TEST_F(FrameFetchContextUpgradeTest, DoNotUpgradeInsecureResourceRequests) |
160 { | 161 { |
| 162 FrameFetchContext::provideDocumentToContext(*fetchContext, document.get()); |
161 document->setSecurityOrigin(secureOrigin); | 163 document->setSecurityOrigin(secureOrigin); |
162 document->setInsecureRequestsPolicy(SecurityContext::InsecureRequestsDoNotUp
grade); | 164 document->setInsecureRequestsPolicy(SecurityContext::InsecureRequestsDoNotUp
grade); |
163 | 165 |
164 expectUpgrade("http://example.test/image.png", "http://example.test/image.pn
g"); | 166 expectUpgrade("http://example.test/image.png", "http://example.test/image.pn
g"); |
165 expectUpgrade("http://example.test:80/image.png", "http://example.test:80/im
age.png"); | 167 expectUpgrade("http://example.test:80/image.png", "http://example.test:80/im
age.png"); |
166 expectUpgrade("http://example.test:1212/image.png", "http://example.test:121
2/image.png"); | 168 expectUpgrade("http://example.test:1212/image.png", "http://example.test:121
2/image.png"); |
167 | 169 |
168 expectUpgrade("https://example.test/image.png", "https://example.test/image.
png"); | 170 expectUpgrade("https://example.test/image.png", "https://example.test/image.
png"); |
169 expectUpgrade("https://example.test:80/image.png", "https://example.test:80/
image.png"); | 171 expectUpgrade("https://example.test:80/image.png", "https://example.test:80/
image.png"); |
170 expectUpgrade("https://example.test:1212/image.png", "https://example.test:1
212/image.png"); | 172 expectUpgrade("https://example.test:1212/image.png", "https://example.test:1
212/image.png"); |
171 | 173 |
172 expectUpgrade("ftp://example.test/image.png", "ftp://example.test/image.png"
); | 174 expectUpgrade("ftp://example.test/image.png", "ftp://example.test/image.png"
); |
173 expectUpgrade("ftp://example.test:21/image.png", "ftp://example.test:21/imag
e.png"); | 175 expectUpgrade("ftp://example.test:21/image.png", "ftp://example.test:21/imag
e.png"); |
174 expectUpgrade("ftp://example.test:1212/image.png", "ftp://example.test:1212/
image.png"); | 176 expectUpgrade("ftp://example.test:1212/image.png", "ftp://example.test:1212/
image.png"); |
175 } | 177 } |
176 | 178 |
177 TEST_F(FrameFetchContextUpgradeTest, SendPreferHeader) | 179 TEST_F(FrameFetchContextUpgradeTest, SendHTTPSHeader) |
178 { | 180 { |
179 struct TestCase { | 181 struct TestCase { |
180 const char* toRequest; | 182 const char* toRequest; |
181 WebURLRequest::FrameType frameType; | 183 WebURLRequest::FrameType frameType; |
182 bool shouldPrefer; | 184 bool shouldPrefer; |
183 } tests[] = { | 185 } tests[] = { |
184 { "http://example.test/page.html", WebURLRequest::FrameTypeAuxiliary, tr
ue }, | 186 { "http://example.test/page.html", WebURLRequest::FrameTypeAuxiliary, tr
ue }, |
185 { "http://example.test/page.html", WebURLRequest::FrameTypeNested, true
}, | 187 { "http://example.test/page.html", WebURLRequest::FrameTypeNested, true
}, |
186 { "http://example.test/page.html", WebURLRequest::FrameTypeNone, false }
, | 188 { "http://example.test/page.html", WebURLRequest::FrameTypeNone, false }
, |
187 { "http://example.test/page.html", WebURLRequest::FrameTypeTopLevel, tru
e }, | 189 { "http://example.test/page.html", WebURLRequest::FrameTypeTopLevel, tru
e }, |
188 { "https://example.test/page.html", WebURLRequest::FrameTypeAuxiliary, t
rue }, | 190 { "https://example.test/page.html", WebURLRequest::FrameTypeAuxiliary, t
rue }, |
189 { "https://example.test/page.html", WebURLRequest::FrameTypeNested, true
}, | 191 { "https://example.test/page.html", WebURLRequest::FrameTypeNested, true
}, |
190 { "https://example.test/page.html", WebURLRequest::FrameTypeNone, false
}, | 192 { "https://example.test/page.html", WebURLRequest::FrameTypeNone, false
}, |
191 { "https://example.test/page.html", WebURLRequest::FrameTypeTopLevel, tr
ue } | 193 { "https://example.test/page.html", WebURLRequest::FrameTypeTopLevel, tr
ue } |
192 }; | 194 }; |
193 | 195 |
194 for (auto test : tests) { | 196 // This should work correctly both when the FrameFetchContext has a Document
, and |
| 197 // when it doesn't (e.g. during main frame navigations), so run through the
tests |
| 198 // both before and after providing a document to the context. |
| 199 for (const auto& test : tests) { |
195 document->setInsecureRequestsPolicy(SecurityContext::InsecureRequestsDoN
otUpgrade); | 200 document->setInsecureRequestsPolicy(SecurityContext::InsecureRequestsDoN
otUpgrade); |
196 expectHTTPSHeader(test.toRequest, test.frameType, test.shouldPrefer); | 201 expectHTTPSHeader(test.toRequest, test.frameType, test.shouldPrefer); |
197 | 202 |
| 203 document->setInsecureRequestsPolicy(SecurityContext::InsecureRequestsUpg
rade); |
| 204 expectHTTPSHeader(test.toRequest, test.frameType, test.shouldPrefer); |
| 205 } |
| 206 |
| 207 FrameFetchContext::provideDocumentToContext(*fetchContext, document.get()); |
| 208 |
| 209 for (const auto& test : tests) { |
| 210 document->setInsecureRequestsPolicy(SecurityContext::InsecureRequestsDoN
otUpgrade); |
| 211 expectHTTPSHeader(test.toRequest, test.frameType, test.shouldPrefer); |
| 212 |
198 document->setInsecureRequestsPolicy(SecurityContext::InsecureRequestsUpg
rade); | 213 document->setInsecureRequestsPolicy(SecurityContext::InsecureRequestsUpg
rade); |
199 expectHTTPSHeader(test.toRequest, test.frameType, test.shouldPrefer); | 214 expectHTTPSHeader(test.toRequest, test.frameType, test.shouldPrefer); |
200 } | 215 } |
201 } | 216 } |
202 | 217 |
203 class FrameFetchContextHintsTest : public ::testing::Test { | 218 class FrameFetchContextHintsTest : public ::testing::Test { |
204 public: | 219 public: |
205 FrameFetchContextHintsTest() { } | 220 FrameFetchContextHintsTest() { } |
206 | 221 |
207 protected: | 222 protected: |
(...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
273 ClientHintsPreferences preferences; | 288 ClientHintsPreferences preferences; |
274 preferences.setShouldSendDPR(true); | 289 preferences.setShouldSendDPR(true); |
275 preferences.setShouldSendRW(true); | 290 preferences.setShouldSendRW(true); |
276 document->setClientHintsPreferences(preferences); | 291 document->setClientHintsPreferences(preferences); |
277 expectHeader("http://www.example.com/1.gif", "DPR", true, "1"); | 292 expectHeader("http://www.example.com/1.gif", "DPR", true, "1"); |
278 expectHeader("http://www.example.com/1.gif", "RW", true, "500"); | 293 expectHeader("http://www.example.com/1.gif", "RW", true, "500"); |
279 } | 294 } |
280 | 295 |
281 } // namespace | 296 } // namespace |
282 | 297 |
OLD | NEW |