| OLD | NEW |
|---|
| 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <math.h> // ceil | 5 #include <math.h> // ceil |
| 6 | 6 |
| 7 #include "base/compiler_specific.h" | 7 #include "base/compiler_specific.h" |
| 8 #include "net/base/completion_callback.h" | 8 #include "net/base/completion_callback.h" |
| 9 #include "net/base/mock_host_resolver.h" | 9 #include "net/base/mock_host_resolver.h" |
| 10 #include "net/base/ssl_info.h" | 10 #include "net/base/ssl_info.h" |
| (...skipping 2074 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2085 TEST_F(HttpNetworkTransactionTest, AuthIdentityInUrl) { | 2085 TEST_F(HttpNetworkTransactionTest, AuthIdentityInUrl) { |
| 2086 SessionDependencies session_deps; | 2086 SessionDependencies session_deps; |
| 2087 scoped_ptr<HttpTransaction> trans( | 2087 scoped_ptr<HttpTransaction> trans( |
| 2088 new HttpNetworkTransaction( | 2088 new HttpNetworkTransaction( |
| 2089 CreateSession(&session_deps), | 2089 CreateSession(&session_deps), |
| 2090 &session_deps.socket_factory)); | 2090 &session_deps.socket_factory)); |
| 2091 | 2091 |
| 2092 HttpRequestInfo request; | 2092 HttpRequestInfo request; |
| 2093 request.method = "GET"; | 2093 request.method = "GET"; |
| 2094 // Note: the URL has a username:password in it. | 2094 // Note: the URL has a username:password in it. |
| 2095 request.url = GURL("http://foo:bar@www.google.com/"); | 2095 request.url = GURL("http://foo:b@r@www.google.com/"); |
| 2096 |
| 2097 // The password contains an escaped character -- for this test to pass it |
| 2098 // will need to be unescaped by HttpNetworkTransaction. |
| 2099 EXPECT_EQ("b%40r", request.url.password()); |
| 2100 |
| 2096 request.load_flags = 0; | 2101 request.load_flags = 0; |
| 2097 | 2102 |
| 2098 MockWrite data_writes1[] = { | 2103 MockWrite data_writes1[] = { |
| 2099 MockWrite("GET / HTTP/1.1\r\n" | 2104 MockWrite("GET / HTTP/1.1\r\n" |
| 2100 "Host: www.google.com\r\n" | 2105 "Host: www.google.com\r\n" |
| 2101 "Connection: keep-alive\r\n\r\n"), | 2106 "Connection: keep-alive\r\n\r\n"), |
| 2102 }; | 2107 }; |
| 2103 | 2108 |
| 2104 MockRead data_reads1[] = { | 2109 MockRead data_reads1[] = { |
| 2105 MockRead("HTTP/1.0 401 Unauthorized\r\n"), | 2110 MockRead("HTTP/1.0 401 Unauthorized\r\n"), |
| 2106 MockRead("WWW-Authenticate: Basic realm=\"MyRealm1\"\r\n"), | 2111 MockRead("WWW-Authenticate: Basic realm=\"MyRealm1\"\r\n"), |
| 2107 MockRead("Content-Length: 10\r\n\r\n"), | 2112 MockRead("Content-Length: 10\r\n\r\n"), |
| 2108 MockRead(false, ERR_FAILED), | 2113 MockRead(false, ERR_FAILED), |
| 2109 }; | 2114 }; |
| 2110 | 2115 |
| 2111 // After the challenge above, the transaction will be restarted using the | 2116 // After the challenge above, the transaction will be restarted using the |
| 2112 // identity from the url (foo, bar) to answer the challenge. | 2117 // identity from the url (foo, bar) to answer the challenge. |
| 2113 MockWrite data_writes2[] = { | 2118 MockWrite data_writes2[] = { |
| 2114 MockWrite("GET / HTTP/1.1\r\n" | 2119 MockWrite("GET / HTTP/1.1\r\n" |
| 2115 "Host: www.google.com\r\n" | 2120 "Host: www.google.com\r\n" |
| 2116 "Connection: keep-alive\r\n" | 2121 "Connection: keep-alive\r\n" |
| 2117 "Authorization: Basic Zm9vOmJhcg==\r\n\r\n"), | 2122 "Authorization: Basic Zm9vOmJAcg==\r\n\r\n"), |
| 2118 }; | 2123 }; |
| 2119 | 2124 |
| 2120 MockRead data_reads2[] = { | 2125 MockRead data_reads2[] = { |
| 2121 MockRead("HTTP/1.0 200 OK\r\n"), | 2126 MockRead("HTTP/1.0 200 OK\r\n"), |
| 2122 MockRead("Content-Length: 100\r\n\r\n"), | 2127 MockRead("Content-Length: 100\r\n\r\n"), |
| 2123 MockRead(false, OK), | 2128 MockRead(false, OK), |
| 2124 }; | 2129 }; |
| 2125 | 2130 |
| 2126 StaticMockSocket data1(data_reads1, data_writes1); | 2131 StaticMockSocket data1(data_reads1, data_writes1); |
| 2127 StaticMockSocket data2(data_reads2, data_writes2); | 2132 StaticMockSocket data2(data_reads2, data_writes2); |
| (...skipping 1373 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3501 TestCompletionCallback callback; | 3506 TestCompletionCallback callback; |
| 3502 rv = trans->Start(NULL, &request, &callback); | 3507 rv = trans->Start(NULL, &request, &callback); |
| 3503 ASSERT_EQ(ERR_IO_PENDING, rv); | 3508 ASSERT_EQ(ERR_IO_PENDING, rv); |
| 3504 rv = callback.WaitForResult(); | 3509 rv = callback.WaitForResult(); |
| 3505 | 3510 |
| 3506 // If we bypassed the cache, we would have gotten a failure while resolving | 3511 // If we bypassed the cache, we would have gotten a failure while resolving |
| 3507 // "www.google.com". | 3512 // "www.google.com". |
| 3508 EXPECT_EQ(ERR_NAME_NOT_RESOLVED, rv); | 3513 EXPECT_EQ(ERR_NAME_NOT_RESOLVED, rv); |
| 3509 } | 3514 } |
| 3510 | 3515 |
| 3516 TEST_F(HttpNetworkTransactionTest, GetIdentifyFromUrl) { |
| 3517 struct { |
| 3518 const char* input_url; |
| 3519 const wchar_t* expected_username; |
| 3520 const wchar_t* expected_password; |
| 3521 } tests[] = { |
| 3522 { |
| 3523 "http://username:password@google.com", |
| 3524 L"username", |
| 3525 L"password", |
| 3526 }, |
| 3527 { // Test for http://crbug.com/19200 |
| 3528 "http://username:p@ssword@google.com", |
| 3529 L"username", |
| 3530 L"p@ssword", |
| 3531 }, |
| 3532 { // Username contains %20. |
| 3533 "http://use rname:password@google.com", |
| 3534 L"use rname", |
| 3535 L"password", |
| 3536 }, |
| 3537 { // The URL canonicalizer for userinfo does not recognize non-ascii |
| 3538 // escapes it seems... So things like %00 will NOT be unescapable, |
| 3539 // since they are canonicalized by escaping the %... |
| 3540 "http://use%00rname:password@google.com", |
| 3541 L"use%2500rname", |
| 3542 L"password", |
| 3543 }, |
| 3544 { // Use a '+' in the username. |
| 3545 "http://use+rname:password@google.com", |
| 3546 L"use+rname", |
| 3547 L"password", |
| 3548 }, |
| 3549 { // Use a '&' in the password. |
| 3550 "http://username:p&ssword@google.com", |
| 3551 L"username", |
| 3552 L"p&ssword", |
| 3553 }, |
| 3554 }; |
| 3555 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(tests); ++i) { |
| 3556 SCOPED_TRACE(StringPrintf("Test[%d]: %s", i, tests[i].input_url)); |
| 3557 GURL url(tests[i].input_url); |
| 3558 |
| 3559 std::wstring username, password; |
| 3560 HttpNetworkTransaction::GetIdentifyFromUrl(url, &username, &password); |
| 3561 |
| 3562 EXPECT_EQ(tests[i].expected_username, username); |
| 3563 EXPECT_EQ(tests[i].expected_password, password); |
| 3564 } |
| 3565 } |
| 3566 |
| 3567 // Try extracting a username which was encoded with UTF8. |
| 3568 TEST_F(HttpNetworkTransactionTest, GetIdentifyFromUrl_UTF8) { |
| 3569 GURL url(WideToUTF16(L"http://foo:\x4f60\x597d@blah.com")); |
| 3570 |
| 3571 EXPECT_EQ("foo", url.username()); |
| 3572 EXPECT_EQ("%E4%BD%A0%E5%A5%BD", url.password()); |
| 3573 |
| 3574 // Extract the unescaped identity. |
| 3575 std::wstring username, password; |
| 3576 HttpNetworkTransaction::GetIdentifyFromUrl(url, &username, &password); |
| 3577 |
| 3578 // Verify that it was decoded as UTF8. |
| 3579 EXPECT_EQ(L"foo", username); |
| 3580 EXPECT_EQ(L"\x4f60\x597d", password); |
| 3581 } |
| 3582 |
| 3511 } // namespace net | 3583 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 164504:
Unescape username/passwords obtained from URLs before using them for HTTP aut... (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/