OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "config.h" | 5 #include "config.h" |
6 #include "core/frame/csp/CSPSource.h" | 6 #include "core/frame/csp/CSPSource.h" |
7 | 7 |
8 #include "core/dom/Document.h" | 8 #include "core/dom/Document.h" |
9 #include "core/frame/csp/ContentSecurityPolicy.h" | 9 #include "core/frame/csp/ContentSecurityPolicy.h" |
10 #include "platform/weborigin/KURL.h" | 10 #include "platform/weborigin/KURL.h" |
(...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
56 EXPECT_FALSE(source.matches(KURL(base, "https://example.com:8000/bar/"))); | 56 EXPECT_FALSE(source.matches(KURL(base, "https://example.com:8000/bar/"))); |
57 } | 57 } |
58 | 58 |
59 TEST_F(CSPSourceTest, RedirectMatching) | 59 TEST_F(CSPSourceTest, RedirectMatching) |
60 { | 60 { |
61 KURL base; | 61 KURL base; |
62 CSPSource source(csp.get(), "http", "example.com", 8000, "/bar/", CSPSource:
:NoWildcard, CSPSource::NoWildcard); | 62 CSPSource source(csp.get(), "http", "example.com", 8000, "/bar/", CSPSource:
:NoWildcard, CSPSource::NoWildcard); |
63 | 63 |
64 EXPECT_TRUE(source.matches(KURL(base, "http://example.com:8000/"), ContentSe
curityPolicy::DidRedirect)); | 64 EXPECT_TRUE(source.matches(KURL(base, "http://example.com:8000/"), ContentSe
curityPolicy::DidRedirect)); |
65 EXPECT_TRUE(source.matches(KURL(base, "http://example.com:8000/foo"), Conten
tSecurityPolicy::DidRedirect)); | 65 EXPECT_TRUE(source.matches(KURL(base, "http://example.com:8000/foo"), Conten
tSecurityPolicy::DidRedirect)); |
| 66 EXPECT_TRUE(source.matches(KURL(base, "https://example.com:8000/foo"), Conte
ntSecurityPolicy::DidRedirect)); |
66 | 67 |
67 EXPECT_FALSE(source.matches(KURL(base, "https://example.com:8000/foo"), Cont
entSecurityPolicy::DidRedirect)); | |
68 EXPECT_FALSE(source.matches(KURL(base, "http://not-example.com:8000/foo"), C
ontentSecurityPolicy::DidRedirect)); | 68 EXPECT_FALSE(source.matches(KURL(base, "http://not-example.com:8000/foo"), C
ontentSecurityPolicy::DidRedirect)); |
69 EXPECT_FALSE(source.matches(KURL(base, "http://example.com:9000/foo/"), Cont
entSecurityPolicy::DidNotRedirect)); | 69 EXPECT_FALSE(source.matches(KURL(base, "http://example.com:9000/foo/"), Cont
entSecurityPolicy::DidNotRedirect)); |
70 } | 70 } |
71 | 71 |
| 72 TEST_F(CSPSourceTest, InsecureSourceMatchesSecure) |
| 73 { |
| 74 KURL base; |
| 75 CSPSource source(csp.get(), "http", "", 0, "/", CSPSource::NoWildcard, CSPSo
urce::HasWildcard); |
| 76 |
| 77 EXPECT_TRUE(source.matches(KURL(base, "http://example.com:8000/"))); |
| 78 EXPECT_TRUE(source.matches(KURL(base, "https://example.com:8000/"))); |
| 79 EXPECT_TRUE(source.matches(KURL(base, "http://not-example.com:8000/"))); |
| 80 EXPECT_TRUE(source.matches(KURL(base, "https://not-example.com:8000/"))); |
| 81 EXPECT_FALSE(source.matches(KURL(base, "ftp://example.com:8000/"))); |
| 82 } |
| 83 |
| 84 TEST_F(CSPSourceTest, InsecureHostMatchesSecure) |
| 85 { |
| 86 KURL base; |
| 87 CSPSource source(csp.get(), "http", "example.com", 0, "/", CSPSource::NoWild
card, CSPSource::HasWildcard); |
| 88 |
| 89 EXPECT_TRUE(source.matches(KURL(base, "http://example.com:8000/"))); |
| 90 EXPECT_FALSE(source.matches(KURL(base, "http://not-example.com:8000/"))); |
| 91 EXPECT_TRUE(source.matches(KURL(base, "https://example.com:8000/"))); |
| 92 EXPECT_FALSE(source.matches(KURL(base, "https://not-example.com:8000/"))); |
| 93 } |
| 94 |
72 } // namespace | 95 } // namespace |
OLD | NEW |