Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(411)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: components/policy/core/browser/url_blacklist_manager_unittest.cc

Issue 1692503002: Functionality to allow blacklist and whitelist of custom schemes (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Fixed review comments and merged Created 4 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« components/policy/core/browser/url_blacklist_manager.cc ('K') | « components/policy/core/browser/url_blacklist_manager.cc ('k') | content/browser/loader/resource_dispatcher_host_impl.cc » ('j') | content/browser/loader/resource_dispatcher_host_impl.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: components/policy/core/browser/url_blacklist_manager_unittest.cc
diff --git a/components/policy/core/browser/url_blacklist_manager_unittest.cc b/components/policy/core/browser/url_blacklist_manager_unittest.cc
index 8b60faf4921a5b6915e34c9bbad4ac8041c1d1f5..153a7c58c4a19b78132bc09377609e43ca4ce58e 100644
--- a/components/policy/core/browser/url_blacklist_manager_unittest.cc
+++ b/components/policy/core/browser/url_blacklist_manager_unittest.cc
@@ -5,6 +5,7 @@
#include "components/policy/core/browser/url_blacklist_manager.h"
#include <stdint.h>
+#include <memory>
#include <ostream>
#include <utility>
@@ -13,6 +14,7 @@
#include "base/macros.h"
#include "base/message_loop/message_loop.h"
#include "base/thread_task_runner_handle.h"
+#include "base/values.h"
#include "components/policy/core/common/policy_pref_names.h"
#include "components/prefs/pref_registry_simple.h"
#include "components/prefs/testing_pref_service.h"
@@ -55,7 +57,7 @@ class TestingURLBlacklistManager : public URLBlacklistManager {
// Makes a direct call to UpdateOnIO during tests.
void UpdateOnIOForTesting() {
std::unique_ptr<base::ListValue> block(new base::ListValue);
- block->Append(new base::StringValue("example.com"));
+ block->AppendString("example.com");
std::unique_ptr<base::ListValue> allow(new base::ListValue);
URLBlacklistManager::UpdateOnIO(std::move(block), std::move(allow));
}
@@ -171,12 +173,45 @@ class URLBlacklistFilterToComponentsTest
} // namespace
+// Returns whether |url| matches the |pattern|.
+bool IsMatch(const std::string& pattern, const std::string& url) {
+ URLBlacklist blacklist(GetSegmentURLCallback());
+
+ // Add the pattern to blacklist.
+ std::unique_ptr<base::ListValue> blocked(new base::ListValue);
+ blocked->AppendString(pattern);
+ blacklist.Block(blocked.get());
+
+ return blacklist.IsURLBlocked(GURL(url));
+}
+
+// Returns the state from blacklist after adding |pattern| to be blocked or
+// allowed depending on |use_whitelist| and checking |url|.
+net::NetworkDelegate::URLBlacklistState GetMatch(const std::string& pattern,
+ const std::string& url,
+ const bool use_whitelist) {
+ URLBlacklist blacklist(GetSegmentURLCallback());
+
+ // Add the pattern to list.
+ std::unique_ptr<base::ListValue> blocked(new base::ListValue);
+ blocked->AppendString(pattern);
+
+ if (use_whitelist) {
+ blacklist.Allow(blocked.get());
+ } else {
+ blacklist.Block(blocked.get());
+ }
+
+ return blacklist.GetURLBlacklistState(GURL(url));
+}
+
TEST_P(URLBlacklistFilterToComponentsTest, FilterToComponents) {
std::string scheme;
std::string host;
bool match_subdomains = true;
uint16_t port = 42;
std::string path;
+ std::string query;
URLBlacklist::FilterToComponents(GetSegmentURLCallback(),
GetParam().filter(),
@@ -185,7 +220,7 @@ TEST_P(URLBlacklistFilterToComponentsTest, FilterToComponents) {
&match_subdomains,
&port,
&path,
- NULL);
+ &query);
EXPECT_EQ(GetParam().scheme(), scheme);
EXPECT_EQ(GetParam().host(), host);
EXPECT_EQ(GetParam().match_subdomains(), match_subdomains);
@@ -195,9 +230,9 @@ TEST_P(URLBlacklistFilterToComponentsTest, FilterToComponents) {
TEST_F(URLBlacklistManagerTest, SingleUpdateForTwoPrefChanges) {
base::ListValue* blacklist = new base::ListValue;
- blacklist->Append(new base::StringValue("*.google.com"));
+ blacklist->AppendString("*.google.com");
base::ListValue* whitelist = new base::ListValue;
- whitelist->Append(new base::StringValue("mail.google.com"));
+ whitelist->AppendString("mail.google.com");
pref_service_.SetManagedPref(policy_prefs::kUrlBlacklist, blacklist);
pref_service_.SetManagedPref(policy_prefs::kUrlBlacklist, whitelist);
loop_.RunUntilIdle();
@@ -326,78 +361,72 @@ TEST_F(URLBlacklistManagerTest, Filtering) {
URLBlacklist blacklist(GetSegmentURLCallback());
// Block domain and all subdomains, for any filtered scheme.
- std::unique_ptr<base::ListValue> blocked(new base::ListValue);
- blocked->Append(new base::StringValue("google.com"));
- blacklist.Block(blocked.get());
- EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://google.com")));
- EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://google.com/")));
- EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://google.com/whatever")));
- EXPECT_TRUE(blacklist.IsURLBlocked(GURL("https://google.com/")));
- EXPECT_FALSE(blacklist.IsURLBlocked(GURL("bogus://google.com/")));
- EXPECT_FALSE(blacklist.IsURLBlocked(GURL("http://notgoogle.com/")));
- EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://mail.google.com")));
- EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://x.mail.google.com")));
- EXPECT_TRUE(blacklist.IsURLBlocked(GURL("https://x.mail.google.com/")));
- EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://x.y.google.com/a/b")));
- EXPECT_FALSE(blacklist.IsURLBlocked(GURL("http://youtube.com/")));
+ EXPECT_TRUE(IsMatch("google.com", "http://google.com"));
+ EXPECT_TRUE(IsMatch("google.com", "http://google.com/"));
+ EXPECT_TRUE(IsMatch("google.com", "http://google.com/whatever"));
+ EXPECT_TRUE(IsMatch("google.com", "https://google.com/"));
+ EXPECT_FALSE(IsMatch("google.com", "bogus://google.com/"));
+ EXPECT_FALSE(IsMatch("google.com", "http://notgoogle.com/"));
+ EXPECT_TRUE(IsMatch("google.com", "http://mail.google.com"));
+ EXPECT_TRUE(IsMatch("google.com", "http://x.mail.google.com"));
+ EXPECT_TRUE(IsMatch("google.com", "https://x.mail.google.com/"));
+ EXPECT_TRUE(IsMatch("google.com", "http://x.y.google.com/a/b"));
+ EXPECT_FALSE(IsMatch("google.com", "http://youtube.com/"));
// Filter only http, ftp and ws schemes.
- blocked.reset(new base::ListValue);
- blocked->Append(new base::StringValue("http://secure.com"));
- blocked->Append(new base::StringValue("ftp://secure.com"));
- blocked->Append(new base::StringValue("ws://secure.com"));
- blacklist.Block(blocked.get());
- EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://secure.com")));
- EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://secure.com/whatever")));
- EXPECT_TRUE(blacklist.IsURLBlocked(GURL("ftp://secure.com/")));
- EXPECT_TRUE(blacklist.IsURLBlocked(GURL("ws://secure.com")));
- EXPECT_FALSE(blacklist.IsURLBlocked(GURL("https://secure.com/")));
- EXPECT_FALSE(blacklist.IsURLBlocked(GURL("wss://secure.com")));
- EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://www.secure.com")));
- EXPECT_FALSE(blacklist.IsURLBlocked(GURL("https://www.secure.com")));
- EXPECT_FALSE(blacklist.IsURLBlocked(GURL("wss://www.secure.com")));
+ EXPECT_TRUE(IsMatch("http://secure.com", "http://secure.com"));
+ EXPECT_TRUE(IsMatch("http://secure.com", "http://secure.com/whatever"));
+ EXPECT_TRUE(IsMatch("ftp://secure.com", "ftp://secure.com/"));
+ EXPECT_TRUE(IsMatch("ws://secure.com", "ws://secure.com"));
+ EXPECT_FALSE(IsMatch("http://secure.com", "https://secure.com/"));
+ EXPECT_FALSE(IsMatch("ws://secure.com", "wss://secure.com"));
+ EXPECT_TRUE(IsMatch("http://secure.com", "http://www.secure.com"));
+ EXPECT_FALSE(IsMatch("http://secure.com", "https://www.secure.com"));
+ EXPECT_FALSE(IsMatch("ws://secure.com", "wss://www.secure.com"));
// Filter only a certain path prefix.
- blocked.reset(new base::ListValue);
- blocked->Append(new base::StringValue("path.to/ruin"));
- blacklist.Block(blocked.get());
- EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://path.to/ruin")));
- EXPECT_TRUE(blacklist.IsURLBlocked(GURL("https://path.to/ruin")));
- EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://path.to/ruins")));
- EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://path.to/ruin/signup")));
- EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://www.path.to/ruin")));
- EXPECT_FALSE(blacklist.IsURLBlocked(GURL("http://path.to/fortune")));
+ EXPECT_TRUE(IsMatch("path.to/ruin", "http://path.to/ruin"));
+ EXPECT_TRUE(IsMatch("path.to/ruin", "https://path.to/ruin"));
+ EXPECT_TRUE(IsMatch("path.to/ruin", "http://path.to/ruins"));
+ EXPECT_TRUE(IsMatch("path.to/ruin", "http://path.to/ruin/signup"));
+ EXPECT_TRUE(IsMatch("path.to/ruin", "http://www.path.to/ruin"));
+ EXPECT_FALSE(IsMatch("path.to/ruin", "http://path.to/fortune"));
// Filter only a certain path prefix and scheme.
- blocked.reset(new base::ListValue);
- blocked->Append(new base::StringValue("https://s.aaa.com/path"));
- blacklist.Block(blocked.get());
- EXPECT_TRUE(blacklist.IsURLBlocked(GURL("https://s.aaa.com/path")));
- EXPECT_TRUE(blacklist.IsURLBlocked(GURL("https://s.aaa.com/path/bbb")));
- EXPECT_FALSE(blacklist.IsURLBlocked(GURL("http://s.aaa.com/path")));
- EXPECT_FALSE(blacklist.IsURLBlocked(GURL("https://aaa.com/path")));
- EXPECT_FALSE(blacklist.IsURLBlocked(GURL("https://x.aaa.com/path")));
- EXPECT_FALSE(blacklist.IsURLBlocked(GURL("https://s.aaa.com/bbb")));
- EXPECT_FALSE(blacklist.IsURLBlocked(GURL("https://s.aaa.com/")));
+ EXPECT_TRUE(IsMatch("https://s.aaa.com/path", "https://s.aaa.com/path"));
+ EXPECT_TRUE(
+ IsMatch("https://s.aaa.com/path", "https://s.aaa.com/path/bbb"));
+ EXPECT_FALSE(IsMatch("https://s.aaa.com/path", "http://s.aaa.com/path"));
+ EXPECT_FALSE(IsMatch("https://s.aaa.com/path", "https://aaa.com/path"));
+ EXPECT_FALSE(IsMatch("https://s.aaa.com/path", "https://x.aaa.com/path"));
+ EXPECT_FALSE(IsMatch("https://s.aaa.com/path", "https://s.aaa.com/bbb"));
+ EXPECT_FALSE(IsMatch("https://s.aaa.com/path", "https://s.aaa.com/"));
// Filter only ws and wss schemes.
- blocked.reset(new base::ListValue);
- blocked->Append(new base::StringValue("ws://ws.aaa.com"));
- blocked->Append(new base::StringValue("wss://ws.aaa.com"));
- blacklist.Block(blocked.get());
- EXPECT_TRUE(blacklist.IsURLBlocked(GURL("ws://ws.aaa.com")));
- EXPECT_TRUE(blacklist.IsURLBlocked(GURL("wss://ws.aaa.com")));
- EXPECT_FALSE(blacklist.IsURLBlocked(GURL("http://ws.aaa.com")));
- EXPECT_FALSE(blacklist.IsURLBlocked(GURL("https://ws.aaa.com")));
- EXPECT_FALSE(blacklist.IsURLBlocked(GURL("ftp://ws.aaa.com")));
+ EXPECT_TRUE(IsMatch("ws://ws.aaa.com", "ws://ws.aaa.com"));
+ EXPECT_TRUE(IsMatch("wss://ws.aaa.com", "wss://ws.aaa.com"));
+ EXPECT_FALSE(IsMatch("ws://ws.aaa.com", "http://ws.aaa.com"));
+ EXPECT_FALSE(IsMatch("ws://ws.aaa.com", "https://ws.aaa.com"));
+ EXPECT_FALSE(IsMatch("ws://ws.aaa.com", "ftp://ws.aaa.com"));
+
+ // Filter custom schemes.
Thiemo Nagel 2016/04/21 14:45:10 Please merge with custom scheme tests in Blacklist
igorcov 2016/04/21 16:01:34 Done.
+ EXPECT_TRUE(IsMatch("custom://*", "custom://example_app"));
+ EXPECT_TRUE(IsMatch("custom:*", "custom:example2_app"));
+ EXPECT_FALSE(IsMatch("custom://*", "customs://example_apps"));
+ EXPECT_FALSE(IsMatch("custom://*", "cust*://example_ap"));
+ EXPECT_FALSE(IsMatch("custom://*", "ecustom:example_app"));
+
+ // Block an ip address.
+ EXPECT_TRUE(IsMatch("123.123.123.123", "http://123.123.123.123/"));
+ EXPECT_FALSE(IsMatch("123.123.123.123", "http://123.123.123.124/"));
// Test exceptions to path prefixes, and most specific matches.
- blocked.reset(new base::ListValue);
+ std::unique_ptr<base::ListValue> blocked(new base::ListValue);
std::unique_ptr<base::ListValue> allowed(new base::ListValue);
- blocked->Append(new base::StringValue("s.xxx.com/a"));
- allowed->Append(new base::StringValue("s.xxx.com/a/b"));
- blocked->Append(new base::StringValue("https://s.xxx.com/a/b/c"));
- allowed->Append(new base::StringValue("https://s.xxx.com/a/b/c/d"));
+ blocked->AppendString("s.xxx.com/a");
+ allowed->AppendString("s.xxx.com/a/b");
+ blocked->AppendString("https://s.xxx.com/a/b/c");
+ allowed->AppendString("https://s.xxx.com/a/b/c/d");
blacklist.Block(blocked.get());
blacklist.Allow(allowed.get());
EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://s.xxx.com/a")));
@@ -416,16 +445,12 @@ TEST_F(URLBlacklistManagerTest, Filtering) {
EXPECT_FALSE(blacklist.IsURLBlocked(GURL("http://xxx.com/a")));
EXPECT_FALSE(blacklist.IsURLBlocked(GURL("http://xxx.com/a/b")));
- // Block an ip address.
- blocked.reset(new base::ListValue);
- blocked->Append(new base::StringValue("123.123.123.123"));
- blacklist.Block(blocked.get());
- EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://123.123.123.123/")));
- EXPECT_FALSE(blacklist.IsURLBlocked(GURL("http://123.123.123.124/")));
-
// Open an exception.
+ blocked.reset(new base::ListValue);
+ blocked->AppendString("google.com");
allowed.reset(new base::ListValue);
- allowed->Append(new base::StringValue("plus.google.com"));
+ allowed->AppendString("plus.google.com");
+ blacklist.Block(blocked.get());
blacklist.Allow(allowed.get());
EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://google.com/")));
EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://www.google.com/")));
@@ -433,7 +458,7 @@ TEST_F(URLBlacklistManagerTest, Filtering) {
// Open an exception only when using https for mail.
allowed.reset(new base::ListValue);
- allowed->Append(new base::StringValue("https://mail.google.com"));
+ allowed->AppendString("https://mail.google.com");
blacklist.Allow(allowed.get());
EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://google.com/")));
EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://mail.google.com/")));
@@ -444,7 +469,7 @@ TEST_F(URLBlacklistManagerTest, Filtering) {
// Match exactly "google.com", only for http. Subdomains without exceptions
// are still blocked.
allowed.reset(new base::ListValue);
- allowed->Append(new base::StringValue("http://.google.com"));
+ allowed->AppendString("http://.google.com");
blacklist.Allow(allowed.get());
EXPECT_FALSE(blacklist.IsURLBlocked(GURL("http://google.com/")));
EXPECT_TRUE(blacklist.IsURLBlocked(GURL("https://google.com/")));
@@ -453,10 +478,10 @@ TEST_F(URLBlacklistManagerTest, Filtering) {
// A smaller path match in an exact host overrides a longer path for hosts
// that also match subdomains.
blocked.reset(new base::ListValue);
- blocked->Append(new base::StringValue("yyy.com/aaa"));
+ blocked->AppendString("yyy.com/aaa");
blacklist.Block(blocked.get());
allowed.reset(new base::ListValue);
- allowed->Append(new base::StringValue(".yyy.com/a"));
+ allowed->AppendString(".yyy.com/a");
blacklist.Allow(allowed.get());
EXPECT_FALSE(blacklist.IsURLBlocked(GURL("http://yyy.com")));
EXPECT_FALSE(blacklist.IsURLBlocked(GURL("http://yyy.com/aaa")));
@@ -467,10 +492,10 @@ TEST_F(URLBlacklistManagerTest, Filtering) {
// If the exact entry is both allowed and blocked, allowing takes precedence.
blocked.reset(new base::ListValue);
- blocked->Append(new base::StringValue("example.com"));
+ blocked->AppendString("example.com");
blacklist.Block(blocked.get());
allowed.reset(new base::ListValue);
- allowed->Append(new base::StringValue("example.com"));
+ allowed->AppendString("example.com");
blacklist.Allow(allowed.get());
EXPECT_FALSE(blacklist.IsURLBlocked(GURL("http://example.com")));
}
@@ -616,11 +641,11 @@ TEST_F(URLBlacklistManagerTest, BlockAllWithExceptions) {
std::unique_ptr<base::ListValue> blocked(new base::ListValue);
std::unique_ptr<base::ListValue> allowed(new base::ListValue);
- blocked->Append(new base::StringValue("*"));
- allowed->Append(new base::StringValue(".www.google.com"));
- allowed->Append(new base::StringValue("plus.google.com"));
- allowed->Append(new base::StringValue("https://mail.google.com"));
- allowed->Append(new base::StringValue("https://very.safe/path"));
+ blocked->AppendString("*");
+ allowed->AppendString(".www.google.com");
+ allowed->AppendString("plus.google.com");
+ allowed->AppendString("https://mail.google.com");
+ allowed->AppendString("https://very.safe/path");
blacklist.Block(blocked.get());
blacklist.Allow(allowed.get());
EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://random.com")));
@@ -638,10 +663,10 @@ TEST_F(URLBlacklistManagerTest, BlockAllWithExceptions) {
}
TEST_F(URLBlacklistManagerTest, DontBlockResources) {
- std::unique_ptr<URLBlacklist> blacklist(
- new URLBlacklist(GetSegmentURLCallback()));
+ std::unique_ptr<URLBlacklist>
+ blacklist(new URLBlacklist(GetSegmentURLCallback()));
std::unique_ptr<base::ListValue> blocked(new base::ListValue);
- blocked->Append(new base::StringValue("google.com"));
+ blocked->AppendString("google.com");
blacklist->Block(blocked.get());
blacklist_manager_->SetBlacklist(std::move(blacklist));
EXPECT_TRUE(blacklist_manager_->IsURLBlocked(GURL("http://google.com")));
@@ -657,7 +682,7 @@ TEST_F(URLBlacklistManagerTest, DefaultBlacklistExceptions) {
std::unique_ptr<base::ListValue> blocked(new base::ListValue);
// Blacklist everything:
- blocked->Append(new base::StringValue("*"));
+ blocked->AppendString("*");
blacklist.Block(blocked.get());
// Internal NTP and extension URLs are not blocked by the "*":
@@ -667,9 +692,9 @@ TEST_F(URLBlacklistManagerTest, DefaultBlacklistExceptions) {
EXPECT_FALSE((blacklist.IsURLBlocked(GURL("chrome-native://ntp"))));
// Unless they are explicitly blacklisted:
- blocked->Append(new base::StringValue("chrome-extension://*"));
+ blocked->AppendString("chrome-extension://*");
std::unique_ptr<base::ListValue> allowed(new base::ListValue);
- allowed->Append(new base::StringValue("chrome-extension://abc"));
+ allowed->AppendString("chrome-extension://abc");
blacklist.Block(blocked.get());
blacklist.Allow(allowed.get());
@@ -680,4 +705,134 @@ TEST_F(URLBlacklistManagerTest, DefaultBlacklistExceptions) {
EXPECT_FALSE((blacklist.IsURLBlocked(GURL("chrome-native://ntp"))));
}
+TEST_F(URLBlacklistManagerTest, BlacklistBasicCoverage) {
+ // Tests to cover the documentation from
+ // http://www.chromium.org/administrators/url-blacklist-filter-format
+
+ // [scheme://][.]host[:port][/path][@query]
+ // Scheme can be http, https, ftp, chrome, etc. This field is optional, and
+ // must be followed by '://'.
+ EXPECT_TRUE(IsMatch("file://*", "file:///abc.txt"));
+ EXPECT_TRUE(IsMatch("https://*", "https:///abc.txt"));
+ EXPECT_TRUE(IsMatch("ftp://*", "ftp://ftp.txt"));
+ EXPECT_TRUE(IsMatch("chrome://*", "chrome:policy"));
+ EXPECT_TRUE(IsMatch("noscheme", "http://noscheme"));
+ EXPECT_TRUE(IsMatch("example://*", "example:///abc.txt"));
+ // Tests for custom scheme patterns that are not supported.
+ EXPECT_FALSE(IsMatch("wrong://app", "wrong://app"));
+ EXPECT_FALSE(IsMatch("wrong ://*", "wrong ://app"));
+ EXPECT_FALSE(IsMatch(" wrong:*", " wrong://app"));
+
+ // Ommitting the scheme matches most standard schemes.
+ EXPECT_TRUE(IsMatch("example.com", "chrome:example.com"));
+ EXPECT_TRUE(IsMatch("example.com", "chrome://example.com"));
+ EXPECT_TRUE(IsMatch("example.com", "file://example.com/"));
+ EXPECT_TRUE(IsMatch("example.com", "ftp://example.com"));
+ EXPECT_TRUE(IsMatch("example.com", "http://example.com"));
+ EXPECT_TRUE(IsMatch("example.com", "https://example.com"));
+ EXPECT_TRUE(IsMatch("example.com", "gopher://example.com"));
+ EXPECT_TRUE(IsMatch("example.com", "ws://example.com"));
+ EXPECT_TRUE(IsMatch("example.com", "wss://example.com"));
+
+ // Some schemes are not matched when the scheme is ommitted.
+ EXPECT_FALSE(IsMatch("example.com", "about://example.com"));
+ EXPECT_FALSE(IsMatch("example.com", "about:example.com"));
+ EXPECT_FALSE(IsMatch("example.com/*", "filesystem:///something"));
+ EXPECT_FALSE(IsMatch("example.com", "custom://example.com"));
+ EXPECT_FALSE(IsMatch("example", "custom://example"));
+
+ // An optional '.' (dot) can prefix the host field to disable subdomain
+ // matching, see below for details.
+ EXPECT_TRUE(IsMatch(".example.com", "http://example.com/path"));
+ EXPECT_FALSE(IsMatch(".example.com", "http://mail.example.com/path"));
+ EXPECT_TRUE(IsMatch("example.com", "http://mail.example.com/path"));
+ EXPECT_TRUE(IsMatch("ftp://.ftp.file", "ftp://ftp.file"));
+ EXPECT_FALSE(IsMatch("ftp://.ftp.file", "ftp://sub.ftp.file"));
+
+ // The host field is required, and is a valid hostname or an IP address. It
+ // can also take the special '*' value, see below for details.
+ EXPECT_TRUE(IsMatch("*", "http://anything"));
+ EXPECT_TRUE(IsMatch("*", "ftp://anything"));
+ EXPECT_TRUE(IsMatch("*", "custom://anything"));
+ EXPECT_TRUE(IsMatch("host", "http://host:8080"));
+ EXPECT_FALSE(IsMatch("host", "file:///host"));
+ EXPECT_TRUE(IsMatch("10.1.2.3", "http://10.1.2.3:8080/path"));
+ // No host, will match nothing.
+ EXPECT_FALSE(IsMatch(":8080", "http://host:8080"));
+ EXPECT_FALSE(IsMatch(":8080", "http://:8080"));
+
+ // An optional port can come after the host. It must be a valid port value
+ // from 1 to 65535.
+ EXPECT_TRUE(IsMatch("host:8080", "http://host:8080/path"));
+ EXPECT_TRUE(IsMatch("host:1", "http://host:1/path"));
+ // Out of range port.
+ EXPECT_FALSE(IsMatch("host:65536", "http://host:65536/path"));
+ // Star is not allowed in port numbers.
+ EXPECT_FALSE(IsMatch("example.com:*", "http://example.com"));
+ EXPECT_FALSE(IsMatch("example.com:*", "http://example.com:8888"));
+
+ // An optional path can come after port.
+ EXPECT_TRUE(IsMatch("host/path", "http://host:8080/path"));
+ EXPECT_TRUE(IsMatch("host/path/path2", "http://host/path/path2"));
+ EXPECT_TRUE(IsMatch("host/path", "http://host/path/path2"));
+
+ // An optional query can come in the end, which is a set of key-value and
+ // key-only tokens delimited by '&'. The key-value tokens are separated
+ // by '='. A query token can optionally end with a '*' to indicate prefix
+ // match. Token order is ignored during matching.
+ EXPECT_TRUE(IsMatch("host?q1=1&q2=2", "http://host?q2=2&q1=1"));
+ EXPECT_FALSE(IsMatch("host?q1=1&q2=2", "http://host?q2=1&q1=2"));
+ EXPECT_FALSE(IsMatch("host?q1=1&q2=2", "http://host?Q2=2&Q1=1"));
+ EXPECT_TRUE(IsMatch("host?q1=1&q2=2", "http://host?q2=2&q1=1&q3=3"));
+ EXPECT_TRUE(IsMatch("host?q1=1&q2=2*", "http://host?q2=21&q1=1&q3=3"));
+
+ // user:pass fields can be included but will be ignored
+ // (e.g. http://user:pass@ftp.example.com/pub/bigfile.iso).
+ EXPECT_TRUE(
+ IsMatch("host.com/path", "http://user:pass@host.com:8080/path"));
+ EXPECT_TRUE(
+ IsMatch("ftp://host.com/path", "ftp://user:pass@host.com:8080/path"));
+
+ // Case sensitivity.
+ // Scheme is case insensitive.
+ EXPECT_TRUE(IsMatch("suPPort://*", "support:example"));
+ EXPECT_TRUE(IsMatch("FILE://*", "file:example"));
+ EXPECT_TRUE(IsMatch("FILE://*", "FILE://example"));
+ EXPECT_TRUE(IsMatch("FtP:*", "ftp://example"));
+ EXPECT_TRUE(IsMatch("http://example.com", "HTTP://example.com"));
+ EXPECT_TRUE(IsMatch("HTTP://example.com", "http://example.com"));
+ // Host is case insensitive.
+ EXPECT_TRUE(IsMatch("http://EXAMPLE.COM", "http://example.com"));
+ EXPECT_TRUE(IsMatch("Example.com", "http://examplE.com/Path?Query=1"));
+ // Path is case sensitive.
+ EXPECT_FALSE(IsMatch("example.com/Path", "http://example.com/path"));
+ EXPECT_TRUE(IsMatch("http://example.com/aB", "http://example.com/aB"));
+ EXPECT_FALSE(IsMatch("http://example.com/aB", "http://example.com/Ab"));
+ EXPECT_FALSE(IsMatch("http://example.com/aB", "http://example.com/ab"));
+ EXPECT_FALSE(IsMatch("http://example.com/aB", "http://example.com/AB"));
+ // Query is case sensitive.
+ EXPECT_FALSE(IsMatch("host/path?Query=1", "http://host/path?query=1"));
+}
+
+// Test for GetURLBlacklistState method.
+TEST_F(URLBlacklistManagerTest, UseBlacklistState) {
+ const net::NetworkDelegate::URLBlacklistState in_blacklist =
+ net::NetworkDelegate::URLBlacklistState::URL_IN_BLACKLIST;
+ const net::NetworkDelegate::URLBlacklistState in_whitelist =
+ net::NetworkDelegate::URLBlacklistState::URL_IN_WHITELIST;
+ const net::NetworkDelegate::URLBlacklistState neutral_state =
+ net::NetworkDelegate::URLBlacklistState::URL_NEUTRAL_STATE;
+
+ // Test whitelist states.
+ EXPECT_EQ(in_whitelist, GetMatch("example.com", "http://example.com", true));
+ EXPECT_EQ(in_whitelist, GetMatch("http://*", "http://example.com", true));
+ EXPECT_EQ(in_whitelist, GetMatch("custom://*", "custom://app", true));
+ EXPECT_EQ(in_whitelist, GetMatch("custom:*", "custom://app/play", true));
+ EXPECT_EQ(in_whitelist, GetMatch("custom:*", "custom://app:8080", true));
+ // Test blacklist states.
+ EXPECT_EQ(in_blacklist, GetMatch("ftp:*", "ftp://server", false));
+ // Test neutral states.
+ EXPECT_EQ(neutral_state, GetMatch("file:*", "http://example.com", true));
+ EXPECT_EQ(neutral_state, GetMatch("https://*", "http://example.com", false));
+}
} // namespace policy
« components/policy/core/browser/url_blacklist_manager.cc ('K') | « components/policy/core/browser/url_blacklist_manager.cc ('k') | content/browser/loader/resource_dispatcher_host_impl.cc » ('j') | content/browser/loader/resource_dispatcher_host_impl.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698