Index: net/http/transport_security_state_unittest.cc |
diff --git a/net/http/transport_security_state_unittest.cc b/net/http/transport_security_state_unittest.cc |
index dfe1b6722bb6bbc7c69d8e97b072db1a00b3fa89..3b9bf7b96a841695cf640b3a0fa71fe91c60a68a 100644 |
--- a/net/http/transport_security_state_unittest.cc |
+++ b/net/http/transport_security_state_unittest.cc |
@@ -35,12 +35,6 @@ |
#include "crypto/nss_util.h" |
#endif |
-namespace { |
- |
-const char kReportUri[] = "http://example.test/test"; |
- |
-} // namespace |
- |
namespace net { |
class TransportSecurityStateTest : public testing::Test { |
@@ -220,7 +214,6 @@ |
// with it, regardless of the includeSubDomains bit. This is a regression test |
// for https://crbug.com/469957. |
TEST_F(TransportSecurityStateTest, SubdomainCarveout) { |
- const GURL report_uri(kReportUri); |
TransportSecurityState state; |
const base::Time current_time(base::Time::Now()); |
const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000); |
@@ -229,10 +222,8 @@ |
state.AddHSTS("example1.test", expiry, true); |
state.AddHSTS("foo.example1.test", expiry, false); |
- state.AddHPKP("example2.test", expiry, true, GetSampleSPKIHashes(), |
- report_uri); |
- state.AddHPKP("foo.example2.test", expiry, false, GetSampleSPKIHashes(), |
- report_uri); |
+ state.AddHPKP("example2.test", expiry, true, GetSampleSPKIHashes()); |
+ state.AddHPKP("foo.example2.test", expiry, false, GetSampleSPKIHashes()); |
EXPECT_TRUE(state.ShouldUpgradeToSSL("example1.test")); |
EXPECT_TRUE(state.ShouldUpgradeToSSL("foo.example1.test")); |
@@ -252,8 +243,7 @@ |
// Expire the foo.example*.test rules. |
state.AddHSTS("foo.example1.test", older, false); |
- state.AddHPKP("foo.example2.test", older, false, GetSampleSPKIHashes(), |
- report_uri); |
+ state.AddHPKP("foo.example2.test", older, false, GetSampleSPKIHashes()); |
// Now the base example*.test rules apply to bar.foo.example*.test. |
EXPECT_TRUE(state.ShouldUpgradeToSSL("bar.foo.example1.test")); |
@@ -263,14 +253,12 @@ |
} |
TEST_F(TransportSecurityStateTest, FatalSSLErrors) { |
- const GURL report_uri(kReportUri); |
TransportSecurityState state; |
const base::Time current_time(base::Time::Now()); |
const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000); |
state.AddHSTS("example1.test", expiry, false); |
- state.AddHPKP("example2.test", expiry, false, GetSampleSPKIHashes(), |
- report_uri); |
+ state.AddHPKP("example2.test", expiry, false, GetSampleSPKIHashes()); |
// The presense of either HSTS or HPKP is enough to make SSL errors fatal. |
EXPECT_TRUE(state.ShouldSSLErrorsBeFatal("example1.test")); |
@@ -280,7 +268,6 @@ |
// Tests that HPKP and HSTS state both expire. Also tests that expired entries |
// are pruned. |
TEST_F(TransportSecurityStateTest, Expiration) { |
- const GURL report_uri(kReportUri); |
TransportSecurityState state; |
const base::Time current_time(base::Time::Now()); |
const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000); |
@@ -294,16 +281,14 @@ |
// Querying |state| for a domain should flush out expired entries. |
EXPECT_FALSE(TransportSecurityState::STSStateIterator(state).HasNext()); |
- state.AddHPKP("example1.test", older, false, GetSampleSPKIHashes(), |
- report_uri); |
+ state.AddHPKP("example1.test", older, false, GetSampleSPKIHashes()); |
EXPECT_TRUE(TransportSecurityState::PKPStateIterator(state).HasNext()); |
EXPECT_FALSE(state.HasPublicKeyPins("example1.test")); |
// Querying |state| for a domain should flush out expired entries. |
EXPECT_FALSE(TransportSecurityState::PKPStateIterator(state).HasNext()); |
state.AddHSTS("example1.test", older, false); |
- state.AddHPKP("example1.test", older, false, GetSampleSPKIHashes(), |
- report_uri); |
+ state.AddHPKP("example1.test", older, false, GetSampleSPKIHashes()); |
EXPECT_TRUE(TransportSecurityState::STSStateIterator(state).HasNext()); |
EXPECT_TRUE(TransportSecurityState::PKPStateIterator(state).HasNext()); |
EXPECT_FALSE(state.ShouldSSLErrorsBeFatal("example1.test")); |
@@ -313,15 +298,13 @@ |
// Test that HSTS can outlive HPKP. |
state.AddHSTS("example1.test", expiry, false); |
- state.AddHPKP("example1.test", older, false, GetSampleSPKIHashes(), |
- report_uri); |
+ state.AddHPKP("example1.test", older, false, GetSampleSPKIHashes()); |
EXPECT_TRUE(state.ShouldUpgradeToSSL("example1.test")); |
EXPECT_FALSE(state.HasPublicKeyPins("example1.test")); |
// Test that HPKP can outlive HSTS. |
state.AddHSTS("example2.test", older, false); |
- state.AddHPKP("example2.test", expiry, false, GetSampleSPKIHashes(), |
- report_uri); |
+ state.AddHPKP("example2.test", expiry, false, GetSampleSPKIHashes()); |
EXPECT_FALSE(state.ShouldUpgradeToSSL("example2.test")); |
EXPECT_TRUE(state.HasPublicKeyPins("example2.test")); |
} |
@@ -341,18 +324,15 @@ |
// Tests that HPKP and HSTS state are queried independently for subdomain |
// matches. |
TEST_F(TransportSecurityStateTest, IndependentSubdomain) { |
- const GURL report_uri(kReportUri); |
TransportSecurityState state; |
const base::Time current_time(base::Time::Now()); |
const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000); |
state.AddHSTS("example1.test", expiry, true); |
- state.AddHPKP("example1.test", expiry, false, GetSampleSPKIHashes(), |
- report_uri); |
+ state.AddHPKP("example1.test", expiry, false, GetSampleSPKIHashes()); |
state.AddHSTS("example2.test", expiry, false); |
- state.AddHPKP("example2.test", expiry, true, GetSampleSPKIHashes(), |
- report_uri); |
+ state.AddHPKP("example2.test", expiry, true, GetSampleSPKIHashes()); |
EXPECT_TRUE(state.ShouldUpgradeToSSL("foo.example1.test")); |
EXPECT_FALSE(state.HasPublicKeyPins("foo.example1.test")); |
@@ -362,15 +342,13 @@ |
// Tests that HPKP and HSTS state are inserted and overridden independently. |
TEST_F(TransportSecurityStateTest, IndependentInsertion) { |
- const GURL report_uri(kReportUri); |
TransportSecurityState state; |
const base::Time current_time(base::Time::Now()); |
const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000); |
// Place an includeSubdomains HSTS entry below a normal HPKP entry. |
state.AddHSTS("example1.test", expiry, true); |
- state.AddHPKP("foo.example1.test", expiry, false, GetSampleSPKIHashes(), |
- report_uri); |
+ state.AddHPKP("foo.example1.test", expiry, false, GetSampleSPKIHashes()); |
EXPECT_TRUE(state.ShouldUpgradeToSSL("foo.example1.test")); |
EXPECT_TRUE(state.HasPublicKeyPins("foo.example1.test")); |
@@ -385,15 +363,13 @@ |
// Place an includeSubdomains HPKP entry below a normal HSTS entry. |
state.AddHSTS("foo.example2.test", expiry, false); |
- state.AddHPKP("example2.test", expiry, true, GetSampleSPKIHashes(), |
- report_uri); |
+ state.AddHPKP("example2.test", expiry, true, GetSampleSPKIHashes()); |
EXPECT_TRUE(state.ShouldUpgradeToSSL("foo.example2.test")); |
EXPECT_TRUE(state.HasPublicKeyPins("foo.example2.test")); |
// Drop the includeSubdomains from the HSTS entry. |
- state.AddHPKP("example2.test", expiry, false, GetSampleSPKIHashes(), |
- report_uri); |
+ state.AddHPKP("example2.test", expiry, false, GetSampleSPKIHashes()); |
EXPECT_TRUE(state.ShouldUpgradeToSSL("foo.example2.test")); |
EXPECT_FALSE(state.HasPublicKeyPins("foo.example2.test")); |
@@ -402,15 +378,13 @@ |
// Tests that GetDynamic[PKP|STS]State returns the correct data and that the |
// states are not mixed together. |
TEST_F(TransportSecurityStateTest, DynamicDomainState) { |
- const GURL report_uri(kReportUri); |
TransportSecurityState state; |
const base::Time current_time(base::Time::Now()); |
const base::Time expiry1 = current_time + base::TimeDelta::FromSeconds(1000); |
const base::Time expiry2 = current_time + base::TimeDelta::FromSeconds(2000); |
state.AddHSTS("example.com", expiry1, true); |
- state.AddHPKP("foo.example.com", expiry2, false, GetSampleSPKIHashes(), |
- report_uri); |
+ state.AddHPKP("foo.example.com", expiry2, false, GetSampleSPKIHashes()); |
TransportSecurityState::STSState sts_state; |
TransportSecurityState::PKPState pkp_state; |
@@ -429,7 +403,6 @@ |
// Tests that new pins always override previous pins. This should be true for |
// both pins at the same domain or includeSubdomains pins at a parent domain. |
TEST_F(TransportSecurityStateTest, NewPinsOverride) { |
- const GURL report_uri(kReportUri); |
TransportSecurityState state; |
TransportSecurityState::PKPState pkp_state; |
const base::Time current_time(base::Time::Now()); |
@@ -441,22 +414,19 @@ |
HashValue hash3(HASH_VALUE_SHA1); |
memset(hash3.data(), 0x03, hash1.size()); |
- state.AddHPKP("example.com", expiry, true, HashValueVector(1, hash1), |
- report_uri); |
+ state.AddHPKP("example.com", expiry, true, HashValueVector(1, hash1)); |
ASSERT_TRUE(state.GetDynamicPKPState("foo.example.com", &pkp_state)); |
ASSERT_EQ(1u, pkp_state.spki_hashes.size()); |
EXPECT_TRUE(pkp_state.spki_hashes[0].Equals(hash1)); |
- state.AddHPKP("foo.example.com", expiry, false, HashValueVector(1, hash2), |
- report_uri); |
+ state.AddHPKP("foo.example.com", expiry, false, HashValueVector(1, hash2)); |
ASSERT_TRUE(state.GetDynamicPKPState("foo.example.com", &pkp_state)); |
ASSERT_EQ(1u, pkp_state.spki_hashes.size()); |
EXPECT_TRUE(pkp_state.spki_hashes[0].Equals(hash2)); |
- state.AddHPKP("foo.example.com", expiry, false, HashValueVector(1, hash3), |
- report_uri); |
+ state.AddHPKP("foo.example.com", expiry, false, HashValueVector(1, hash3)); |
ASSERT_TRUE(state.GetDynamicPKPState("foo.example.com", &pkp_state)); |
ASSERT_EQ(1u, pkp_state.spki_hashes.size()); |
@@ -474,7 +444,7 @@ |
bool include_subdomains = false; |
state.AddHSTS("example.com", expiry, include_subdomains); |
state.AddHPKP("example.com", expiry, include_subdomains, |
- GetSampleSPKIHashes(), GURL()); |
+ GetSampleSPKIHashes()); |
state.DeleteAllDynamicDataSince(expiry); |
EXPECT_TRUE(state.ShouldUpgradeToSSL("example.com")); |
@@ -496,7 +466,7 @@ |
state.AddHSTS("example1.test", expiry, include_subdomains); |
state.AddHPKP("example1.test", expiry, include_subdomains, |
- GetSampleSPKIHashes(), GURL()); |
+ GetSampleSPKIHashes()); |
EXPECT_TRUE(state.ShouldUpgradeToSSL("example1.test")); |
EXPECT_FALSE(state.ShouldUpgradeToSSL("example2.test")); |