Chromium Code Reviews Chromium Code Reviews
Issue 1393193005:
Implement $Secure- cookie prefix (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "build/build_config.h" | 5 #include "build/build_config.h" |
| 6 | 6 |
| 7 #if defined(OS_WIN) | 7 #if defined(OS_WIN) |
| 8 #include <windows.h> | 8 #include <windows.h> |
| 9 #include <shlobj.h> | 9 #include <shlobj.h> |
| 10 #endif | 10 #endif |
| (...skipping 644 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 655 } | 655 } |
| 656 | 656 |
| 657 const GURL& latest_report_uri() { return latest_report_uri_; } | 657 const GURL& latest_report_uri() { return latest_report_uri_; } |
| 658 const std::string& latest_report() { return latest_report_; } | 658 const std::string& latest_report() { return latest_report_; } |
| 659 | 659 |
| 660 private: | 660 private: |
| 661 GURL latest_report_uri_; | 661 GURL latest_report_uri_; |
| 662 std::string latest_report_; | 662 std::string latest_report_; |
| 663 }; | 663 }; |
| 664 | 664 |
| 665 class TestExperimentalFeaturesNetworkDelegate : public TestNetworkDelegate { | |
| 666 public: | |
| 667 bool OnExperimentalCookieFeaturesEnabled() const override { return true; } | |
| 668 }; | |
| 669 | |
| 665 } // namespace | 670 } // namespace |
| 666 | 671 |
| 667 // Inherit PlatformTest since we require the autorelease pool on Mac OS X. | 672 // Inherit PlatformTest since we require the autorelease pool on Mac OS X. |
| 668 class URLRequestTest : public PlatformTest { | 673 class URLRequestTest : public PlatformTest { |
| 669 public: | 674 public: |
| 670 URLRequestTest() : default_context_(true) { | 675 URLRequestTest() : default_context_(true) { |
| 671 default_context_.set_network_delegate(&default_network_delegate_); | 676 default_context_.set_network_delegate(&default_network_delegate_); |
| 672 default_context_.set_net_log(&net_log_); | 677 default_context_.set_net_log(&net_log_); |
| 673 job_factory_impl_ = new URLRequestJobFactoryImpl(); | 678 job_factory_impl_ = new URLRequestJobFactoryImpl(); |
| 674 job_factory_.reset(job_factory_impl_); | 679 job_factory_.reset(job_factory_impl_); |
| (...skipping 8827 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 9502 AddTestInterceptor()->set_main_intercept_job(job); | 9507 AddTestInterceptor()->set_main_intercept_job(job); |
| 9503 | 9508 |
| 9504 req->Start(); | 9509 req->Start(); |
| 9505 req->Cancel(); | 9510 req->Cancel(); |
| 9506 job->DetachRequest(); | 9511 job->DetachRequest(); |
| 9507 base::RunLoop().RunUntilIdle(); | 9512 base::RunLoop().RunUntilIdle(); |
| 9508 EXPECT_EQ(URLRequestStatus::CANCELED, req->status().status()); | 9513 EXPECT_EQ(URLRequestStatus::CANCELED, req->status().status()); |
| 9509 EXPECT_EQ(0, d.received_redirect_count()); | 9514 EXPECT_EQ(0, d.received_redirect_count()); |
| 9510 } | 9515 } |
| 9511 | 9516 |
| 9517 TEST_F(URLRequestTest, SecureCookiePrefixNonexperimental) { | |
| 9518 SpawnedTestServer test_server( | |
| 9519 SpawnedTestServer::TYPE_HTTPS, SpawnedTestServer::kLocalhost, | |
| 9520 base::FilePath(FILE_PATH_LITERAL("net/data/ssl"))); | |
| 9521 ASSERT_TRUE(test_server.Start()); | |
| 9522 | |
| 9523 // Without experimental features, there should be no restrictions on | |
| 9524 // $Secure- cookies. | |
| 9525 { | |
| 9526 TestNetworkDelegate network_delegate; | |
| 9527 default_context_.set_network_delegate(&network_delegate); | |
|
mmenke
2015/10/12 14:21:56
It's not a good idea to modify a context after ini
estark
2015/10/12 14:36:32
Will fix for these tests, but it looks to me like
| |
| 9528 TestDelegate d; | |
| 9529 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | |
| 9530 test_server.GetURL("set-cookie?$Secure-nonsecure-not-experimental=1"), | |
| 9531 DEFAULT_PRIORITY, &d)); | |
| 9532 req->Start(); | |
| 9533 base::RunLoop().Run(); | |
| 9534 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | |
| 9535 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | |
| 9536 } | |
| 9537 | |
| 9538 { | |
| 9539 TestNetworkDelegate network_delegate; | |
| 9540 default_context_.set_network_delegate(&network_delegate); | |
| 9541 TestDelegate d; | |
| 9542 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | |
| 9543 test_server.GetURL( | |
| 9544 "set-cookie?$Secure-secure-not-experimental=1;Secure"), | |
| 9545 DEFAULT_PRIORITY, &d)); | |
| 9546 req->Start(); | |
| 9547 base::RunLoop().Run(); | |
| 9548 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | |
| 9549 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | |
| 9550 } | |
| 9551 | |
| 9552 // Verify that the cookies are set. | |
| 9553 { | |
| 9554 TestNetworkDelegate network_delegate; | |
| 9555 default_context_.set_network_delegate(&network_delegate); | |
| 9556 TestDelegate d; | |
| 9557 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | |
| 9558 test_server.GetURL("echoheader?Cookie"), DEFAULT_PRIORITY, &d)); | |
| 9559 req->Start(); | |
| 9560 base::RunLoop().Run(); | |
| 9561 | |
| 9562 EXPECT_TRUE(d.data_received().find("$Secure-secure-not-experimental=1") != | |
| 9563 std::string::npos); | |
| 9564 EXPECT_TRUE( | |
| 9565 d.data_received().find("$Secure-nonsecure-not-experimental=1") != | |
| 9566 std::string::npos); | |
| 9567 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | |
| 9568 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | |
| 9569 } | |
| 9570 } | |
| 9571 | |
| 9572 TEST_F(URLRequestTest, SecureCookiePrefixExperimentalNonSecure) { | |
| 9573 SpawnedTestServer test_server( | |
| 9574 SpawnedTestServer::TYPE_HTTPS, SpawnedTestServer::kLocalhost, | |
| 9575 base::FilePath(FILE_PATH_LITERAL("net/data/ssl"))); | |
| 9576 ASSERT_TRUE(test_server.Start()); | |
| 9577 | |
| 9578 // Try to set a non-Secure $Secure- cookie, with experimental features | |
| 9579 // enabled. | |
| 9580 { | |
| 9581 TestExperimentalFeaturesNetworkDelegate network_delegate; | |
| 9582 default_context_.set_network_delegate(&network_delegate); | |
| 9583 TestDelegate d; | |
| 9584 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | |
| 9585 test_server.GetURL("set-cookie?$Secure-foo=1"), DEFAULT_PRIORITY, &d)); | |
| 9586 req->Start(); | |
| 9587 base::RunLoop().Run(); | |
| 9588 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | |
| 9589 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | |
| 9590 } | |
| 9591 | |
| 9592 // Verify that the cookie is not set. | |
| 9593 { | |
| 9594 TestExperimentalFeaturesNetworkDelegate network_delegate; | |
| 9595 default_context_.set_network_delegate(&network_delegate); | |
| 9596 TestDelegate d; | |
| 9597 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | |
| 9598 test_server.GetURL("echoheader?Cookie"), DEFAULT_PRIORITY, &d)); | |
| 9599 req->Start(); | |
| 9600 base::RunLoop().Run(); | |
| 9601 | |
| 9602 EXPECT_TRUE(d.data_received().find("$Secure-foo=1") == std::string::npos); | |
| 9603 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | |
| 9604 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | |
| 9605 } | |
| 9606 } | |
| 9607 | |
| 9608 TEST_F(URLRequestTest, SecureCookiePrefixExperimentalSecure) { | |
| 9609 SpawnedTestServer test_server( | |
| 9610 SpawnedTestServer::TYPE_HTTPS, SpawnedTestServer::kLocalhost, | |
| 9611 base::FilePath(FILE_PATH_LITERAL("net/data/ssl"))); | |
| 9612 ASSERT_TRUE(test_server.Start()); | |
| 9613 | |
| 9614 // Try to set a Secure $Secure- cookie, with experimental features | |
| 9615 // enabled. | |
| 9616 { | |
| 9617 TestExperimentalFeaturesNetworkDelegate network_delegate; | |
| 9618 default_context_.set_network_delegate(&network_delegate); | |
| 9619 TestDelegate d; | |
| 9620 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | |
| 9621 test_server.GetURL("set-cookie?$Secure-bar=1;Secure"), DEFAULT_PRIORITY, | |
| 9622 &d)); | |
| 9623 req->Start(); | |
| 9624 base::RunLoop().Run(); | |
| 9625 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | |
| 9626 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | |
| 9627 } | |
| 9628 | |
| 9629 // Verify that the cookie is set. | |
| 9630 { | |
| 9631 TestExperimentalFeaturesNetworkDelegate network_delegate; | |
| 9632 default_context_.set_network_delegate(&network_delegate); | |
| 9633 TestDelegate d; | |
| 9634 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | |
| 9635 test_server.GetURL("echoheader?Cookie"), DEFAULT_PRIORITY, &d)); | |
| 9636 req->Start(); | |
| 9637 base::RunLoop().Run(); | |
| 9638 | |
| 9639 EXPECT_TRUE(d.data_received().find("$Secure-bar=1") != std::string::npos); | |
| 9640 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | |
| 9641 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | |
| 9642 } | |
| 9643 } | |
| 9644 | |
| 9645 // Tests that $Secure- cookies can't be set on non-secure origins. | |
| 9646 TEST_F(URLRequestTest, SecureCookiePrefixOnNonsecureOrigin) { | |
| 9647 LocalHttpTestServer test_server; | |
| 9648 ASSERT_TRUE(test_server.Start()); | |
| 9649 SpawnedTestServer test_server_https( | |
| 9650 SpawnedTestServer::TYPE_HTTPS, SpawnedTestServer::kLocalhost, | |
| 9651 base::FilePath(FILE_PATH_LITERAL("net/data/ssl"))); | |
| 9652 ASSERT_TRUE(test_server_https.Start()); | |
| 9653 | |
| 9654 // Try to set a Secure $Secure- cookie, with experimental features | |
| 9655 // enabled. | |
| 9656 { | |
| 9657 TestExperimentalFeaturesNetworkDelegate network_delegate; | |
| 9658 default_context_.set_network_delegate(&network_delegate); | |
| 9659 TestDelegate d; | |
| 9660 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | |
| 9661 test_server.GetURL("set-cookie?$Secure-nonsecure-origin=1;Secure"), | |
| 9662 DEFAULT_PRIORITY, &d)); | |
| 9663 req->Start(); | |
| 9664 base::RunLoop().Run(); | |
| 9665 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | |
| 9666 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | |
| 9667 } | |
| 9668 | |
| 9669 // Verify that the cookie is not set. | |
| 9670 { | |
| 9671 TestExperimentalFeaturesNetworkDelegate network_delegate; | |
| 9672 default_context_.set_network_delegate(&network_delegate); | |
| 9673 TestDelegate d; | |
| 9674 scoped_ptr<URLRequest> req(default_context_.CreateRequest( | |
| 9675 test_server_https.GetURL("echoheader?Cookie"), DEFAULT_PRIORITY, &d)); | |
| 9676 req->Start(); | |
| 9677 base::RunLoop().Run(); | |
| 9678 | |
| 9679 EXPECT_TRUE(d.data_received().find("$Secure-nonsecure-origin=1") == | |
| 9680 std::string::npos); | |
| 9681 EXPECT_EQ(0, network_delegate.blocked_get_cookies_count()); | |
| 9682 EXPECT_EQ(0, network_delegate.blocked_set_cookie_count()); | |
| 9683 } | |
| 9684 } | |
| 9685 | |
| 9512 } // namespace net | 9686 } // namespace net |
| OLD | NEW |
