OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2013 Google Inc. All rights reserved. | 2 * Copyright (C) 2013 Google Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
6 * met: | 6 * met: |
7 * | 7 * |
8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
(...skipping 30 matching lines...) Expand all Loading... |
41 namespace blink { | 41 namespace blink { |
42 | 42 |
43 const int MaxAllowedPort = 65535; | 43 const int MaxAllowedPort = 65535; |
44 | 44 |
45 class SecurityOriginTest : public ::testing::Test { }; | 45 class SecurityOriginTest : public ::testing::Test { }; |
46 | 46 |
47 TEST_F(SecurityOriginTest, InvalidPortsCreateUniqueOrigins) | 47 TEST_F(SecurityOriginTest, InvalidPortsCreateUniqueOrigins) |
48 { | 48 { |
49 int ports[] = { -100, -1, MaxAllowedPort + 1, 1000000 }; | 49 int ports[] = { -100, -1, MaxAllowedPort + 1, 1000000 }; |
50 | 50 |
51 for (size_t i = 0; i < arraysize(ports); ++i) { | 51 for (size_t i = 0; i < WTF_ARRAY_LENGTH(ports); ++i) { |
52 RefPtr<SecurityOrigin> origin = SecurityOrigin::create("http", "example.
com", ports[i]); | 52 RefPtr<SecurityOrigin> origin = SecurityOrigin::create("http", "example.
com", ports[i]); |
53 EXPECT_TRUE(origin->isUnique()) << "Port " << ports[i] << " should have
generated a unique origin."; | 53 EXPECT_TRUE(origin->isUnique()) << "Port " << ports[i] << " should have
generated a unique origin."; |
54 } | 54 } |
55 } | 55 } |
56 | 56 |
57 TEST_F(SecurityOriginTest, ValidPortsCreateNonUniqueOrigins) | 57 TEST_F(SecurityOriginTest, ValidPortsCreateNonUniqueOrigins) |
58 { | 58 { |
59 int ports[] = { 0, 80, 443, 5000, MaxAllowedPort }; | 59 int ports[] = { 0, 80, 443, 5000, MaxAllowedPort }; |
60 | 60 |
61 for (size_t i = 0; i < arraysize(ports); ++i) { | 61 for (size_t i = 0; i < WTF_ARRAY_LENGTH(ports); ++i) { |
62 RefPtr<SecurityOrigin> origin = SecurityOrigin::create("http", "example.
com", ports[i]); | 62 RefPtr<SecurityOrigin> origin = SecurityOrigin::create("http", "example.
com", ports[i]); |
63 EXPECT_FALSE(origin->isUnique()) << "Port " << ports[i] << " should not
have generated a unique origin."; | 63 EXPECT_FALSE(origin->isUnique()) << "Port " << ports[i] << " should not
have generated a unique origin."; |
64 } | 64 } |
65 } | 65 } |
66 | 66 |
67 TEST_F(SecurityOriginTest, LocalAccess) | 67 TEST_F(SecurityOriginTest, LocalAccess) |
68 { | 68 { |
69 RefPtr<SecurityOrigin> file1 = SecurityOrigin::createFromString("file:///etc
/passwd"); | 69 RefPtr<SecurityOrigin> file1 = SecurityOrigin::createFromString("file:///etc
/passwd"); |
70 RefPtr<SecurityOrigin> file2 = SecurityOrigin::createFromString("file:///etc
/shadow"); | 70 RefPtr<SecurityOrigin> file2 = SecurityOrigin::createFromString("file:///etc
/shadow"); |
71 | 71 |
(...skipping 74 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
146 { false, "blob:ftp://evil:99/578223a1-8c13-17b3-84d5-eca045ae384a" }, | 146 { false, "blob:ftp://evil:99/578223a1-8c13-17b3-84d5-eca045ae384a" }, |
147 | 147 |
148 // filesystem: URLs work the same as blob: URLs, and look to the inner | 148 // filesystem: URLs work the same as blob: URLs, and look to the inner |
149 // URL for security origin. | 149 // URL for security origin. |
150 { true, "filesystem:http://localhost:1000/foo" }, | 150 { true, "filesystem:http://localhost:1000/foo" }, |
151 { true, "filesystem:https://foopy:99/foo" }, | 151 { true, "filesystem:https://foopy:99/foo" }, |
152 { false, "filesystem:http://baz:99/foo" }, | 152 { false, "filesystem:http://baz:99/foo" }, |
153 { false, "filesystem:ftp://evil:99/foo" }, | 153 { false, "filesystem:ftp://evil:99/foo" }, |
154 }; | 154 }; |
155 | 155 |
156 for (size_t i = 0; i < arraysize(inputs); ++i) { | 156 for (size_t i = 0; i < WTF_ARRAY_LENGTH(inputs); ++i) { |
157 SCOPED_TRACE(i); | 157 SCOPED_TRACE(i); |
158 RefPtr<SecurityOrigin> origin = SecurityOrigin::createFromString(inputs[
i].url); | 158 RefPtr<SecurityOrigin> origin = SecurityOrigin::createFromString(inputs[
i].url); |
159 String errorMessage; | 159 String errorMessage; |
160 EXPECT_EQ(inputs[i].accessGranted, origin->isPotentiallyTrustworthy(erro
rMessage)); | 160 EXPECT_EQ(inputs[i].accessGranted, origin->isPotentiallyTrustworthy(erro
rMessage)); |
161 EXPECT_EQ(inputs[i].accessGranted, errorMessage.isEmpty()); | 161 EXPECT_EQ(inputs[i].accessGranted, errorMessage.isEmpty()); |
162 } | 162 } |
163 | 163 |
164 // Unique origins are not considered secure. | 164 // Unique origins are not considered secure. |
165 RefPtr<SecurityOrigin> uniqueOrigin = SecurityOrigin::createUnique(); | 165 RefPtr<SecurityOrigin> uniqueOrigin = SecurityOrigin::createUnique(); |
166 String errorMessage; | 166 String errorMessage; |
(...skipping 132 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
299 }; | 299 }; |
300 | 300 |
301 TestCase tests[] = { | 301 TestCase tests[] = { |
302 { true, true, "https://foobar.com", "https://foobar.com" }, | 302 { true, true, "https://foobar.com", "https://foobar.com" }, |
303 { false, false, "https://foobar.com", "https://bazbar.com" }, | 303 { false, false, "https://foobar.com", "https://bazbar.com" }, |
304 { true, false, "https://foobar.com", "https://name_foobar.com" }, | 304 { true, false, "https://foobar.com", "https://name_foobar.com" }, |
305 { true, false, "https://name_foobar.com", "https://foobar.com" }, | 305 { true, false, "https://name_foobar.com", "https://foobar.com" }, |
306 { true, true, "https://name_foobar.com", "https://name_foobar.com" }, | 306 { true, true, "https://name_foobar.com", "https://name_foobar.com" }, |
307 }; | 307 }; |
308 | 308 |
309 for (size_t i = 0; i < arraysize(tests); ++i) { | 309 for (size_t i = 0; i < WTF_ARRAY_LENGTH(tests); ++i) { |
310 RefPtr<SecurityOrigin> origin1 = SecurityOrigin::createFromString(tests[
i].origin1); | 310 RefPtr<SecurityOrigin> origin1 = SecurityOrigin::createFromString(tests[
i].origin1); |
311 RefPtr<SecurityOrigin> origin2 = SecurityOrigin::createFromString(tests[
i].origin2); | 311 RefPtr<SecurityOrigin> origin2 = SecurityOrigin::createFromString(tests[
i].origin2); |
312 EXPECT_EQ(tests[i].canAccess, origin1->canAccess(origin2.get())); | 312 EXPECT_EQ(tests[i].canAccess, origin1->canAccess(origin2.get())); |
313 EXPECT_EQ(tests[i].canAccessCheckSuborigins, origin1->canAccessCheckSubo
rigins(origin2.get())); | 313 EXPECT_EQ(tests[i].canAccessCheckSuborigins, origin1->canAccessCheckSubo
rigins(origin2.get())); |
314 } | 314 } |
315 } | 315 } |
316 | 316 |
317 TEST_F(SecurityOriginTest, CanRequest) | 317 TEST_F(SecurityOriginTest, CanRequest) |
318 { | 318 { |
319 RuntimeEnabledFeatures::setSuboriginsEnabled(true); | 319 RuntimeEnabledFeatures::setSuboriginsEnabled(true); |
320 | 320 |
321 struct TestCase { | 321 struct TestCase { |
322 bool canRequest; | 322 bool canRequest; |
323 bool canRequestNoSuborigin; | 323 bool canRequestNoSuborigin; |
324 const char* origin; | 324 const char* origin; |
325 const char* url; | 325 const char* url; |
326 }; | 326 }; |
327 | 327 |
328 TestCase tests[] = { | 328 TestCase tests[] = { |
329 { true, true, "https://foobar.com", "https://foobar.com" }, | 329 { true, true, "https://foobar.com", "https://foobar.com" }, |
330 { false, false, "https://foobar.com", "https://bazbar.com" }, | 330 { false, false, "https://foobar.com", "https://bazbar.com" }, |
331 { true, false, "https://name_foobar.com", "https://foobar.com" }, | 331 { true, false, "https://name_foobar.com", "https://foobar.com" }, |
332 { false, false, "https://name_foobar.com", "https://bazbar.com" }, | 332 { false, false, "https://name_foobar.com", "https://bazbar.com" }, |
333 }; | 333 }; |
334 | 334 |
335 for (size_t i = 0; i < arraysize(tests); ++i) { | 335 for (size_t i = 0; i < WTF_ARRAY_LENGTH(tests); ++i) { |
336 RefPtr<SecurityOrigin> origin = SecurityOrigin::createFromString(tests[i
].origin); | 336 RefPtr<SecurityOrigin> origin = SecurityOrigin::createFromString(tests[i
].origin); |
337 blink::KURL url(blink::ParsedURLString, tests[i].url); | 337 blink::KURL url(blink::ParsedURLString, tests[i].url); |
338 EXPECT_EQ(tests[i].canRequest, origin->canRequest(url)); | 338 EXPECT_EQ(tests[i].canRequest, origin->canRequest(url)); |
339 EXPECT_EQ(tests[i].canRequestNoSuborigin, origin->canRequestNoSuborigin(
url)); | 339 EXPECT_EQ(tests[i].canRequestNoSuborigin, origin->canRequestNoSuborigin(
url)); |
340 } | 340 } |
341 } | 341 } |
342 | 342 |
343 TEST_F(SecurityOriginTest, EffectivePort) | 343 TEST_F(SecurityOriginTest, EffectivePort) |
344 { | 344 { |
345 struct TestCase { | 345 struct TestCase { |
(...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
411 | 411 |
412 KURL blobUrl = BlobURL::createPublicURL(origin.get()); | 412 KURL blobUrl = BlobURL::createPublicURL(origin.get()); |
413 RefPtr<SecurityOrigin> blobUrlOrigin = SecurityOrigin::create(blobUrl); | 413 RefPtr<SecurityOrigin> blobUrlOrigin = SecurityOrigin::create(blobUrl); |
414 EXPECT_EQ(blobUrlOrigin->isUnique(), origin->isUnique()); | 414 EXPECT_EQ(blobUrlOrigin->isUnique(), origin->isUnique()); |
415 EXPECT_EQ(blobUrlOrigin->toString(), origin->toString()); | 415 EXPECT_EQ(blobUrlOrigin->toString(), origin->toString()); |
416 EXPECT_EQ(blobUrlOrigin->toRawString(), origin->toRawString()); | 416 EXPECT_EQ(blobUrlOrigin->toRawString(), origin->toRawString()); |
417 } | 417 } |
418 } | 418 } |
419 | 419 |
420 } // namespace blink | 420 } // namespace blink |
OLD | NEW |