Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(258)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: url/url_canon_unittest.cc

Issue 1358433004: Correctly handle problematic nested escapes in URL paths. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « url/url_canon_path.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <errno.h> 5 #include <errno.h>
6 6
7 #include "base/macros.h" 7 #include "base/macros.h"
8 #include "testing/gtest/include/gtest/gtest.h" 8 #include "testing/gtest/include/gtest/gtest.h"
9 #include "url/third_party/mozilla/url_parse.h" 9 #include "url/third_party/mozilla/url_parse.h"
10 #include "url/url_canon.h" 10 #include "url/url_canon.h"
(...skipping 1042 matching lines...) Expand 10 before | Expand all | Expand 10 after
1053 // Backslashes should get converted to forward slashes 1053 // Backslashes should get converted to forward slashes
1054 {"\\foo\\bar", L"\\foo\\bar", "/foo/bar", Component(0, 8), true}, 1054 {"\\foo\\bar", L"\\foo\\bar", "/foo/bar", Component(0, 8), true},
1055 // Hashes found in paths (possibly only when the caller explicitly sets 1055 // Hashes found in paths (possibly only when the caller explicitly sets
1056 // the path on an already-parsed URL) should be escaped. 1056 // the path on an already-parsed URL) should be escaped.
1057 {"/foo#bar", L"/foo#bar", "/foo%23bar", Component(0, 10), true}, 1057 {"/foo#bar", L"/foo#bar", "/foo%23bar", Component(0, 10), true},
1058 // %7f should be allowed and %3D should not be unescaped (these were wrong 1058 // %7f should be allowed and %3D should not be unescaped (these were wrong
1059 // in a previous version). 1059 // in a previous version).
1060 {"/%7Ffp3%3Eju%3Dduvgw%3Dd", L"/%7Ffp3%3Eju%3Dduvgw%3Dd", "/%7Ffp3%3Eju%3Ddu vgw%3Dd", Component(0, 24), true}, 1060 {"/%7Ffp3%3Eju%3Dduvgw%3Dd", L"/%7Ffp3%3Eju%3Dduvgw%3Dd", "/%7Ffp3%3Eju%3Ddu vgw%3Dd", Component(0, 24), true},
1061 // @ should be passed through unchanged (escaped or unescaped). 1061 // @ should be passed through unchanged (escaped or unescaped).
1062 {"/@asdf%40", L"/@asdf%40", "/@asdf%40", Component(0, 9), true}, 1062 {"/@asdf%40", L"/@asdf%40", "/@asdf%40", Component(0, 9), true},
1063 // Nested escape sequences should not be unescaped.
1064 {"/%0%30", L"/%0%30", "/%0%30", Component(0, 6), true},
1065 {"/%%300", L"/%%300", "/%%300", Component(0, 6), true},
1066 // If there are multiple nested escaped values, we'll unescape the first
1067 // and only detect the potential problem when we reach the second.
1068 {"/%%30%30", L"/%%30%30", "/%0%30", Component(0, 6), true},
1069 // Make sure truncated "nested" escapes don't result in reading off the
1070 // string end.
1071 {"/%%30", L"/%%30", "/%0", Component(0, 3), true},
1063 1072
1064 // ----- encoding tests ----- 1073 // ----- encoding tests -----
1065 // Basic conversions 1074 // Basic conversions
1066 {"/\xe4\xbd\xa0\xe5\xa5\xbd\xe4\xbd\xa0\xe5\xa5\xbd", L"/\x4f60\x597d\x4f60\ x597d", "/%E4%BD%A0%E5%A5%BD%E4%BD%A0%E5%A5%BD", Component(0, 37), true}, 1075 {"/\xe4\xbd\xa0\xe5\xa5\xbd\xe4\xbd\xa0\xe5\xa5\xbd", L"/\x4f60\x597d\x4f60\ x597d", "/%E4%BD%A0%E5%A5%BD%E4%BD%A0%E5%A5%BD", Component(0, 37), true},
1067 // Invalid unicode characters should fail. We only do validation on 1076 // Invalid unicode characters should fail. We only do validation on
1068 // UTF-16 input, so this doesn't happen on 8-bit. 1077 // UTF-16 input, so this doesn't happen on 8-bit.
1069 {"/\xef\xb7\x90zyx", NULL, "/%EF%B7%90zyx", Component(0, 13), true}, 1078 {"/\xef\xb7\x90zyx", NULL, "/%EF%B7%90zyx", Component(0, 13), true},
1070 {NULL, L"/\xfdd0zyx", "/%EF%BF%BDzyx", Component(0, 13), false}, 1079 {NULL, L"/\xfdd0zyx", "/%EF%BF%BDzyx", Component(0, 13), false},
1071 }; 1080 };
1072 1081
(...skipping 1050 matching lines...) Expand 10 before | Expand all | Expand 10 after
2123 repl_output.Complete(); 2132 repl_output.Complete();
2124 2133
2125 // Generate the expected string and check. 2134 // Generate the expected string and check.
2126 std::string expected("file:///foo?"); 2135 std::string expected("file:///foo?");
2127 for (size_t i = 0; i < new_query.length(); i++) 2136 for (size_t i = 0; i < new_query.length(); i++)
2128 expected.push_back('a'); 2137 expected.push_back('a');
2129 EXPECT_TRUE(expected == repl_str); 2138 EXPECT_TRUE(expected == repl_str);
2130 } 2139 }
2131 2140
2132 } // namespace url 2141 } // namespace url
OLDNEW
« no previous file with comments | « url/url_canon_path.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698