third_party/WebKit/Source/platform/weborigin/SecurityPolicyTest.cpp - Issue 1383483007: Add scheme exceptions for isSecureContext

Side by Side Diff: third_party/WebKit/Source/platform/weborigin/SecurityPolicyTest.cpp

Issue 1383483007: Add scheme exceptions for isSecureContext (Closed) Base URL: https://chromium.googlesource.com/chromium/src@master

Patch Set: Update check for sandbox Created 5 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« third_party/WebKit/Source/platform/weborigin/SecurityPolicy.cpp ('K') | « third_party/WebKit/Source/platform/weborigin/SecurityPolicy.cpp ('k') | third_party/WebKit/Source/web/WebSecurityPolicy.cpp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 /*	1 /*

2 * Copyright (C) 2014 Google Inc. All rights reserved.	2 * Copyright (C) 2014 Google Inc. All rights reserved.

3 *	3 *

4 * Redistribution and use in source and binary forms, with or without	4 * Redistribution and use in source and binary forms, with or without

5 * modification, are permitted provided that the following conditions are	5 * modification, are permitted provided that the following conditions are

6 * met:	6 * met:

7 *	7 *

8 * * Redistributions of source code must retain the above copyright	8 * * Redistributions of source code must retain the above copyright

9 * notice, this list of conditions and the following disclaimer.	9 * notice, this list of conditions and the following disclaimer.

10 * * Redistributions in binary form must reproduce the above	10 * * Redistributions in binary form must reproduce the above

(...skipping 170 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
181 RefPtr<SecurityOrigin> origin2 = SecurityOrigin::createFromString(test.a notherUrlInOrigin);	181 RefPtr<SecurityOrigin> origin2 = SecurityOrigin::createFromString(test.a notherUrlInOrigin);

182	182

183 EXPECT_FALSE(origin1->isPotentiallyTrustworthy(errorMessage));	183 EXPECT_FALSE(origin1->isPotentiallyTrustworthy(errorMessage));

184 EXPECT_FALSE(origin2->isPotentiallyTrustworthy(errorMessage));	184 EXPECT_FALSE(origin2->isPotentiallyTrustworthy(errorMessage));

185 SecurityPolicy::addOriginTrustworthyWhiteList(origin1);	185 SecurityPolicy::addOriginTrustworthyWhiteList(origin1);

186 EXPECT_TRUE(origin1->isPotentiallyTrustworthy(errorMessage));	186 EXPECT_TRUE(origin1->isPotentiallyTrustworthy(errorMessage));

187 EXPECT_TRUE(origin2->isPotentiallyTrustworthy(errorMessage));	187 EXPECT_TRUE(origin2->isPotentiallyTrustworthy(errorMessage));

188 }	188 }

189 }	189 }

190	190

	191 TEST(SecurityPolicyTest, BypassSecureContextCheck)

	192 {

	193 RefPtr<SecurityOrigin> origin1 = SecurityOrigin::createFromString("http://a. test/path/to/file.html");

	194 RefPtr<SecurityOrigin> origin2 = SecurityOrigin::createFromString("https://a .test/path/to/file.html");

	195 RefPtr<SecurityOrigin> origin3 = SecurityOrigin::createFromString("random-sc heme://a.b/c");

	196

	197 EXPECT_FALSE(SecurityPolicy::shouldOriginBypassSecureContextCheck(*origin1)) ;

	198 EXPECT_FALSE(SecurityPolicy::shouldOriginBypassSecureContextCheck(*origin2)) ;

	199 EXPECT_FALSE(SecurityPolicy::shouldOriginBypassSecureContextCheck(*origin3)) ;

	200

	201 SecurityPolicy::addSchemeToBypassSecureContextWhitelist("random-scheme");

	202

	203 EXPECT_FALSE(SecurityPolicy::shouldOriginBypassSecureContextCheck(*origin1)) ;

	204 EXPECT_FALSE(SecurityPolicy::shouldOriginBypassSecureContextCheck(*origin2)) ;

	205 EXPECT_TRUE(SecurityPolicy::shouldOriginBypassSecureContextCheck(*origin3));
	Mike West 2015/10/06 07:22:34 I'd like to see some tests verifying the nesting b I'd like to see some tests verifying the nesting behavior. You can take a look at `Source/web/tests/WebDocumentTest.cpp` (the firstPartyForCookies tests) for some examples. jww 2015/10/06 21:53:56 Can you clarify what test you'd like to see for th Show quoted text On 2015/10/06 07:22:34, Mike West (slow) wrote: > I'd like to see some tests verifying the nesting behavior. You can take a look > at `Source/web/tests/WebDocumentTest.cpp` (the firstPartyForCookies tests) for > some examples. Can you clarify what test you'd like to see for the nested behavior? Do you mean you want tests for isSecureContext() explicitly? Or are you talking more specifically about for extensions (which I've added)?
	206 }

	207

191 } // namespace blink	208 } // namespace blink

OLD	NEW