content/browser/frame_host/xfo_throttle_unittest.cc - Issue 1530393003: WIP: Move 'X-Frame-Options' checking to the browser.

Side by Side Diff: content/browser/frame_host/xfo_throttle_unittest.cc

Issue 1530393003: WIP: Move 'X-Frame-Options' checking to the browser. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Better. Created 4 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« content/browser/frame_host/navigation_handle_impl.cc ('K') | « content/browser/frame_host/xfo_throttle.cc ('k') | content/browser/loader/navigation_resource_throttle.cc » ('j') | content/browser/loader/navigation_resource_throttle.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
(Empty)
	1 // Copyright 2015 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #include "base/bind.h"

	6 #include "base/bind_helpers.h"

	7 #include "base/memory/scoped_ptr.h"

	8 #include "base/strings/stringprintf.h"

	9 #include "content/browser/frame_host/xfo_throttle.h"

	10 #include "content/public/browser/navigation_handle.h"

	11 #include "content/public/browser/navigation_throttle.h"

	12 #include "content/public/browser/web_contents.h"

	13 #include "content/public/test/test_renderer_host.h"

	14 #include "net/http/http_response_headers.h"

	15 #include "testing/gmock/include/gmock/gmock.h"

	16 #include "testing/gtest/include/gtest/gtest.h"

	17

	18 namespace content {

	19

	20 namespace {

	21

	22 net::HttpResponseHeaders* GetXFOHeader(const char* test) {

	23 std::string header_string("HTTP/1.1 200 OK\nX-Frame-Options: ");

	24 header_string += test;

	25 header_string += "\n\n";

	26 std::replace(header_string.begin(), header_string.end(), '\n', '\0');

	27 net::HttpResponseHeaders* headers =

	28 new net::HttpResponseHeaders(header_string);

	29 EXPECT_TRUE(headers->HasHeader("X-Frame-Options"));

	30 return headers;

	31 }

	32 };

	33

	34 // XFOThrottleTest -------------------------------------------------------------

	35

	36 using XFOThrottleTest = testing::Test;

	37

	38 TEST_F(XFOThrottleTest, Parsing) {

	39 struct TestCase {

	40 const char* header;

	41 XFOThrottle::HeaderDisposition expected;

	42 } cases[] = {

	43 // Basic keywords

	44 {"DENY", XFOThrottle::DENY},

	45 {"SAMEORIGIN", XFOThrottle::SAMEORIGIN},

	46 {"ALLOWALL", XFOThrottle::ALLOWALL},

	47

	48 // Repeated keywords

	49 {"DENY,DENY", XFOThrottle::DENY},

	50 {"SAMEORIGIN,SAMEORIGIN", XFOThrottle::SAMEORIGIN},

	51 {"ALLOWALL,ALLOWALL", XFOThrottle::ALLOWALL},

	52

	53 // Case-insensitive

	54 {"deNy", XFOThrottle::DENY},

	55 {"sAmEorIgIn", XFOThrottle::SAMEORIGIN},

	56 {"AlLOWaLL", XFOThrottle::ALLOWALL},

	57

	58 // Trim whitespace

	59 {" DENY", XFOThrottle::DENY},

	60 {"SAMEORIGIN ", XFOThrottle::SAMEORIGIN},

	61 {" ALLOWALL ", XFOThrottle::ALLOWALL},

	62 {" DENY", XFOThrottle::DENY},

	63 {"SAMEORIGIN ", XFOThrottle::SAMEORIGIN},

	64 {" ALLOWALL ", XFOThrottle::ALLOWALL},

	65 {" DENY , DENY ", XFOThrottle::DENY},

	66 {"SAMEORIGIN, SAMEORIGIN", XFOThrottle::SAMEORIGIN},

	67 {"ALLOWALL ,ALLOWALL", XFOThrottle::ALLOWALL},

	68 };

	69

	70 for (const auto& test : cases) {

	71 SCOPED_TRACE(test.header);

	72 scoped_refptr<net::HttpResponseHeaders> headers = GetXFOHeader(test.header);

	73 std::string failed_parse;

	74 EXPECT_EQ(test.expected,

	75 XFOThrottle::ParseHeader(headers.get(), &failed_parse));

	76 EXPECT_TRUE(failed_parse.empty());

	77 }

	78 }

	79

	80 TEST_F(XFOThrottleTest, ParseErrors) {

	81 struct TestCase {

	82 const char* header;

	83 XFOThrottle::HeaderDisposition expected;

	84 const char* failure;

	85 } cases[] = {// Empty == Invalid.

	86 {"", XFOThrottle::INVALID, ""},

	87

	88 // Invalid

	89 {"INVALID", XFOThrottle::INVALID, "INVALID"},

	90 {"INVALID DENY", XFOThrottle::INVALID, "INVALID DENY"},

	91 {"DENY DENY", XFOThrottle::INVALID, "DENY DENY"},

	92 {"DE NY", XFOThrottle::INVALID, "DE NY"},

	93 {"INVALID,DENY", XFOThrottle::INVALID, "INVALID"},

	94

	95 // Conflicts

	96 {"DENY,ALLOWALL", XFOThrottle::CONFLICT, "ALLOWALL"},

	97 {"SAMEORIGIN,DENY", XFOThrottle::CONFLICT, "DENY"},

	98 {"ALLOWALL,SAMEORIGIN", XFOThrottle::CONFLICT, "SAMEORIGIN"},

	99 {"DENY, SAMEORIGIN", XFOThrottle::CONFLICT, "SAMEORIGIN"}};

	100

	101 for (const auto& test : cases) {

	102 SCOPED_TRACE(test.header);

	103 scoped_refptr<net::HttpResponseHeaders> headers = GetXFOHeader(test.header);

	104 std::string failed_parse;

	105 EXPECT_EQ(test.expected,

	106 XFOThrottle::ParseHeader(headers.get(), &failed_parse));

	107 EXPECT_EQ(test.failure, failed_parse);

	108 }

	109 }

	110

	111 } // namespace content

OLD	NEW