OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "config.h" | 5 #include "config.h" |
6 #include "core/frame/csp/CSPSourceList.h" | 6 #include "core/frame/csp/CSPSourceList.h" |
7 | 7 |
8 #include "core/dom/Document.h" | 8 #include "core/dom/Document.h" |
9 #include "core/frame/csp/CSPSource.h" | 9 #include "core/frame/csp/CSPSource.h" |
10 #include "core/frame/csp/ContentSecurityPolicy.h" | 10 #include "core/frame/csp/ContentSecurityPolicy.h" |
(...skipping 128 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
139 String sources = "http://example1.com:*/foo/ https://*.example2.com/bar/ htt
p://*.test/"; | 139 String sources = "http://example1.com:*/foo/ https://*.example2.com/bar/ htt
p://*.test/"; |
140 CSPSourceList sourceList(csp.get(), "script-src"); | 140 CSPSourceList sourceList(csp.get(), "script-src"); |
141 parseSourceList(sourceList, sources); | 141 parseSourceList(sourceList, sources); |
142 | 142 |
143 EXPECT_TRUE(sourceList.matches(KURL(base, "http://example1.com/foo/"))); | 143 EXPECT_TRUE(sourceList.matches(KURL(base, "http://example1.com/foo/"))); |
144 EXPECT_TRUE(sourceList.matches(KURL(base, "http://example1.com:8000/foo/")))
; | 144 EXPECT_TRUE(sourceList.matches(KURL(base, "http://example1.com:8000/foo/")))
; |
145 EXPECT_TRUE(sourceList.matches(KURL(base, "http://example1.com:9000/foo/")))
; | 145 EXPECT_TRUE(sourceList.matches(KURL(base, "http://example1.com:9000/foo/")))
; |
146 EXPECT_TRUE(sourceList.matches(KURL(base, "https://foo.example2.com/bar/")))
; | 146 EXPECT_TRUE(sourceList.matches(KURL(base, "https://foo.example2.com/bar/")))
; |
147 EXPECT_TRUE(sourceList.matches(KURL(base, "http://foo.test/"))); | 147 EXPECT_TRUE(sourceList.matches(KURL(base, "http://foo.test/"))); |
148 EXPECT_TRUE(sourceList.matches(KURL(base, "http://foo.bar.test/"))); | 148 EXPECT_TRUE(sourceList.matches(KURL(base, "http://foo.bar.test/"))); |
| 149 EXPECT_TRUE(sourceList.matches(KURL(base, "https://example1.com/foo/"))); |
| 150 EXPECT_TRUE(sourceList.matches(KURL(base, "https://example1.com:8000/foo/"))
); |
| 151 EXPECT_TRUE(sourceList.matches(KURL(base, "https://example1.com:9000/foo/"))
); |
| 152 EXPECT_TRUE(sourceList.matches(KURL(base, "https://foo.test/"))); |
| 153 EXPECT_TRUE(sourceList.matches(KURL(base, "https://foo.bar.test/"))); |
149 | 154 |
150 EXPECT_FALSE(sourceList.matches(KURL(base, "https://example1.com:8000/foo"))
); | 155 EXPECT_FALSE(sourceList.matches(KURL(base, "https://example1.com:8000/foo"))
); |
151 EXPECT_FALSE(sourceList.matches(KURL(base, "https://example2.com:8000/bar"))
); | 156 EXPECT_FALSE(sourceList.matches(KURL(base, "https://example2.com:8000/bar"))
); |
152 EXPECT_FALSE(sourceList.matches(KURL(base, "https://foo.example2.com:8000/ba
r"))); | 157 EXPECT_FALSE(sourceList.matches(KURL(base, "https://foo.example2.com:8000/ba
r"))); |
153 EXPECT_FALSE(sourceList.matches(KURL(base, "https://example2.foo.com/bar")))
; | 158 EXPECT_FALSE(sourceList.matches(KURL(base, "https://example2.foo.com/bar")))
; |
154 EXPECT_FALSE(sourceList.matches(KURL(base, "https://foo.test/"))); | |
155 EXPECT_FALSE(sourceList.matches(KURL(base, "http://foo.test.bar/"))); | 159 EXPECT_FALSE(sourceList.matches(KURL(base, "http://foo.test.bar/"))); |
156 EXPECT_FALSE(sourceList.matches(KURL(base, "https://example2.com/bar/"))); | 160 EXPECT_FALSE(sourceList.matches(KURL(base, "https://example2.com/bar/"))); |
157 EXPECT_FALSE(sourceList.matches(KURL(base, "http://test/"))); | 161 EXPECT_FALSE(sourceList.matches(KURL(base, "http://test/"))); |
158 } | 162 } |
159 | 163 |
160 TEST_F(CSPSourceListTest, RedirectMatching) | 164 TEST_F(CSPSourceListTest, RedirectMatching) |
161 { | 165 { |
162 KURL base; | 166 KURL base; |
163 String sources = "http://example1.com/foo/ http://example2.com/bar/"; | 167 String sources = "http://example1.com/foo/ http://example2.com/bar/"; |
164 CSPSourceList sourceList(csp.get(), "script-src"); | 168 CSPSourceList sourceList(csp.get(), "script-src"); |
165 parseSourceList(sourceList, sources); | 169 parseSourceList(sourceList, sources); |
166 | 170 |
167 EXPECT_TRUE(sourceList.matches(KURL(base, "http://example1.com/foo/"), Conte
ntSecurityPolicy::DidRedirect)); | 171 EXPECT_TRUE(sourceList.matches(KURL(base, "http://example1.com/foo/"), Conte
ntSecurityPolicy::DidRedirect)); |
168 EXPECT_TRUE(sourceList.matches(KURL(base, "http://example1.com/bar/"), Conte
ntSecurityPolicy::DidRedirect)); | 172 EXPECT_TRUE(sourceList.matches(KURL(base, "http://example1.com/bar/"), Conte
ntSecurityPolicy::DidRedirect)); |
169 EXPECT_TRUE(sourceList.matches(KURL(base, "http://example2.com/bar/"), Conte
ntSecurityPolicy::DidRedirect)); | 173 EXPECT_TRUE(sourceList.matches(KURL(base, "http://example2.com/bar/"), Conte
ntSecurityPolicy::DidRedirect)); |
170 EXPECT_TRUE(sourceList.matches(KURL(base, "http://example2.com/foo/"), Conte
ntSecurityPolicy::DidRedirect)); | 174 EXPECT_TRUE(sourceList.matches(KURL(base, "http://example2.com/foo/"), Conte
ntSecurityPolicy::DidRedirect)); |
| 175 EXPECT_TRUE(sourceList.matches(KURL(base, "https://example1.com/foo/"), Cont
entSecurityPolicy::DidRedirect)); |
| 176 EXPECT_TRUE(sourceList.matches(KURL(base, "https://example1.com/bar/"), Cont
entSecurityPolicy::DidRedirect)); |
171 | 177 |
172 EXPECT_FALSE(sourceList.matches(KURL(base, "http://example3.com/foo/"), Cont
entSecurityPolicy::DidRedirect)); | 178 EXPECT_FALSE(sourceList.matches(KURL(base, "http://example3.com/foo/"), Cont
entSecurityPolicy::DidRedirect)); |
173 EXPECT_FALSE(sourceList.matches(KURL(base, "https://example1.com/foo/"), Con
tentSecurityPolicy::DidRedirect)); | |
174 } | 179 } |
175 | 180 |
176 } // namespace | 181 } // namespace |
OLD | NEW |