OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "config.h" | 5 #include "config.h" |
6 #include "core/frame/csp/CSPSourceList.h" | 6 #include "core/frame/csp/CSPSourceList.h" |
7 | 7 |
8 #include "core/dom/Document.h" | 8 #include "core/dom/Document.h" |
9 #include "core/frame/csp/CSPSource.h" | 9 #include "core/frame/csp/CSPSource.h" |
10 #include "core/frame/csp/ContentSecurityPolicy.h" | 10 #include "core/frame/csp/ContentSecurityPolicy.h" |
(...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
47 { | 47 { |
48 KURL base; | 48 KURL base; |
49 String sources = "'none'"; | 49 String sources = "'none'"; |
50 CSPSourceList sourceList(csp.get(), "script-src"); | 50 CSPSourceList sourceList(csp.get(), "script-src"); |
51 parseSourceList(sourceList, sources); | 51 parseSourceList(sourceList, sources); |
52 | 52 |
53 EXPECT_FALSE(sourceList.matches(KURL(base, "http://example.com/"))); | 53 EXPECT_FALSE(sourceList.matches(KURL(base, "http://example.com/"))); |
54 EXPECT_FALSE(sourceList.matches(KURL(base, "https://example.test/"))); | 54 EXPECT_FALSE(sourceList.matches(KURL(base, "https://example.test/"))); |
55 } | 55 } |
56 | 56 |
| 57 TEST_F(CSPSourceListTest, BasicMatchingStar) |
| 58 { |
| 59 KURL base; |
| 60 String sources = "*"; |
| 61 CSPSourceList sourceList(csp.get(), "script-src"); |
| 62 parseSourceList(sourceList, sources); |
| 63 |
| 64 EXPECT_TRUE(sourceList.matches(KURL(base, "http://example.com/"))); |
| 65 EXPECT_TRUE(sourceList.matches(KURL(base, "https://example.com/"))); |
| 66 EXPECT_TRUE(sourceList.matches(KURL(base, "http://example.com/bar"))); |
| 67 EXPECT_TRUE(sourceList.matches(KURL(base, "http://foo.example.com/"))); |
| 68 EXPECT_TRUE(sourceList.matches(KURL(base, "http://foo.example.com/bar"))); |
| 69 |
| 70 EXPECT_FALSE(sourceList.matches(KURL(base, "data:https://example.test/"))); |
| 71 EXPECT_FALSE(sourceList.matches(KURL(base, "blob:https://example.test/"))); |
| 72 EXPECT_FALSE(sourceList.matches(KURL(base, "filesystem:https://example.test/
"))); |
| 73 } |
| 74 |
57 TEST_F(CSPSourceListTest, BasicMatchingSelf) | 75 TEST_F(CSPSourceListTest, BasicMatchingSelf) |
58 { | 76 { |
59 KURL base; | 77 KURL base; |
60 String sources = "'self'"; | 78 String sources = "'self'"; |
61 CSPSourceList sourceList(csp.get(), "script-src"); | 79 CSPSourceList sourceList(csp.get(), "script-src"); |
62 parseSourceList(sourceList, sources); | 80 parseSourceList(sourceList, sources); |
63 | 81 |
64 EXPECT_FALSE(sourceList.matches(KURL(base, "http://example.com/"))); | 82 EXPECT_FALSE(sourceList.matches(KURL(base, "http://example.com/"))); |
65 EXPECT_FALSE(sourceList.matches(KURL(base, "https://not-example.com/"))); | 83 EXPECT_FALSE(sourceList.matches(KURL(base, "https://not-example.com/"))); |
66 EXPECT_TRUE(sourceList.matches(KURL(base, "https://example.test/"))); | 84 EXPECT_TRUE(sourceList.matches(KURL(base, "https://example.test/"))); |
(...skipping 81 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
148 EXPECT_TRUE(sourceList.matches(KURL(base, "http://example1.com/foo/"), Conte
ntSecurityPolicy::DidRedirect)); | 166 EXPECT_TRUE(sourceList.matches(KURL(base, "http://example1.com/foo/"), Conte
ntSecurityPolicy::DidRedirect)); |
149 EXPECT_TRUE(sourceList.matches(KURL(base, "http://example1.com/bar/"), Conte
ntSecurityPolicy::DidRedirect)); | 167 EXPECT_TRUE(sourceList.matches(KURL(base, "http://example1.com/bar/"), Conte
ntSecurityPolicy::DidRedirect)); |
150 EXPECT_TRUE(sourceList.matches(KURL(base, "http://example2.com/bar/"), Conte
ntSecurityPolicy::DidRedirect)); | 168 EXPECT_TRUE(sourceList.matches(KURL(base, "http://example2.com/bar/"), Conte
ntSecurityPolicy::DidRedirect)); |
151 EXPECT_TRUE(sourceList.matches(KURL(base, "http://example2.com/foo/"), Conte
ntSecurityPolicy::DidRedirect)); | 169 EXPECT_TRUE(sourceList.matches(KURL(base, "http://example2.com/foo/"), Conte
ntSecurityPolicy::DidRedirect)); |
152 | 170 |
153 EXPECT_FALSE(sourceList.matches(KURL(base, "http://example3.com/foo/"), Cont
entSecurityPolicy::DidRedirect)); | 171 EXPECT_FALSE(sourceList.matches(KURL(base, "http://example3.com/foo/"), Cont
entSecurityPolicy::DidRedirect)); |
154 EXPECT_FALSE(sourceList.matches(KURL(base, "https://example1.com/foo/"), Con
tentSecurityPolicy::DidRedirect)); | 172 EXPECT_FALSE(sourceList.matches(KURL(base, "https://example1.com/foo/"), Con
tentSecurityPolicy::DidRedirect)); |
155 } | 173 } |
156 | 174 |
157 } // namespace | 175 } // namespace |
OLD | NEW |