| Index: components/policy/core/browser/url_blacklist_manager_unittest.cc
|
| diff --git a/components/policy/core/browser/url_blacklist_manager_unittest.cc b/components/policy/core/browser/url_blacklist_manager_unittest.cc
|
| index 69bd7271d86a58312a1ab66fa3d725205989421b..90cab0b1f6a00d5c17c28ce8537bae231a3f2b80 100644
|
| --- a/components/policy/core/browser/url_blacklist_manager_unittest.cc
|
| +++ b/components/policy/core/browser/url_blacklist_manager_unittest.cc
|
| @@ -5,6 +5,7 @@
|
| #include "components/policy/core/browser/url_blacklist_manager.h"
|
|
|
| #include <stdint.h>
|
| +#include <memory>
|
| #include <ostream>
|
| #include <utility>
|
|
|
| @@ -12,7 +13,9 @@
|
| #include "base/callback.h"
|
| #include "base/macros.h"
|
| #include "base/message_loop/message_loop.h"
|
| +#include "base/thread_task_runner_handle.h"
|
| #include "base/threading/thread_task_runner_handle.h"
|
| +#include "base/values.h"
|
| #include "components/policy/core/common/policy_pref_names.h"
|
| #include "components/prefs/pref_registry_simple.h"
|
| #include "components/prefs/testing_pref_service.h"
|
| @@ -55,7 +58,7 @@ class TestingURLBlacklistManager : public URLBlacklistManager {
|
| // Makes a direct call to UpdateOnIO during tests.
|
| void UpdateOnIOForTesting() {
|
| std::unique_ptr<base::ListValue> block(new base::ListValue);
|
| - block->Append(new base::StringValue("example.com"));
|
| + block->AppendString("example.com");
|
| std::unique_ptr<base::ListValue> allow(new base::ListValue);
|
| URLBlacklistManager::UpdateOnIO(std::move(block), std::move(allow));
|
| }
|
| @@ -171,12 +174,45 @@ class URLBlacklistFilterToComponentsTest
|
|
|
| } // namespace
|
|
|
| +// Returns whether |url| matches the |pattern|.
|
| +bool IsMatch(const std::string& pattern, const std::string& url) {
|
| + URLBlacklist blacklist(GetSegmentURLCallback());
|
| +
|
| + // Add the pattern to blacklist.
|
| + std::unique_ptr<base::ListValue> blocked(new base::ListValue);
|
| + blocked->AppendString(pattern);
|
| + blacklist.Block(blocked.get());
|
| +
|
| + return blacklist.IsURLBlocked(GURL(url));
|
| +}
|
| +
|
| +// Returns the state from blacklist after adding |pattern| to be blocked or
|
| +// allowed depending on |use_whitelist| and checking |url|.
|
| +net::NetworkDelegate::URLBlacklistState GetMatch(const std::string& pattern,
|
| + const std::string& url,
|
| + const bool use_whitelist) {
|
| + URLBlacklist blacklist(GetSegmentURLCallback());
|
| +
|
| + // Add the pattern to list.
|
| + std::unique_ptr<base::ListValue> blocked(new base::ListValue);
|
| + blocked->AppendString(pattern);
|
| +
|
| + if (use_whitelist) {
|
| + blacklist.Allow(blocked.get());
|
| + } else {
|
| + blacklist.Block(blocked.get());
|
| + }
|
| +
|
| + return blacklist.GetURLBlacklistState(GURL(url));
|
| +}
|
| +
|
| TEST_P(URLBlacklistFilterToComponentsTest, FilterToComponents) {
|
| std::string scheme;
|
| std::string host;
|
| bool match_subdomains = true;
|
| uint16_t port = 42;
|
| std::string path;
|
| + std::string query;
|
|
|
| URLBlacklist::FilterToComponents(GetSegmentURLCallback(),
|
| GetParam().filter(),
|
| @@ -185,7 +221,7 @@ TEST_P(URLBlacklistFilterToComponentsTest, FilterToComponents) {
|
| &match_subdomains,
|
| &port,
|
| &path,
|
| - NULL);
|
| + &query);
|
| EXPECT_EQ(GetParam().scheme(), scheme);
|
| EXPECT_EQ(GetParam().host(), host);
|
| EXPECT_EQ(GetParam().match_subdomains(), match_subdomains);
|
| @@ -195,9 +231,9 @@ TEST_P(URLBlacklistFilterToComponentsTest, FilterToComponents) {
|
|
|
| TEST_F(URLBlacklistManagerTest, SingleUpdateForTwoPrefChanges) {
|
| base::ListValue* blacklist = new base::ListValue;
|
| - blacklist->Append(new base::StringValue("*.google.com"));
|
| + blacklist->AppendString("*.google.com");
|
| base::ListValue* whitelist = new base::ListValue;
|
| - whitelist->Append(new base::StringValue("mail.google.com"));
|
| + whitelist->AppendString("mail.google.com");
|
| pref_service_.SetManagedPref(policy_prefs::kUrlBlacklist, blacklist);
|
| pref_service_.SetManagedPref(policy_prefs::kUrlBlacklist, whitelist);
|
| loop_.RunUntilIdle();
|
| @@ -326,78 +362,65 @@ TEST_F(URLBlacklistManagerTest, Filtering) {
|
| URLBlacklist blacklist(GetSegmentURLCallback());
|
|
|
| // Block domain and all subdomains, for any filtered scheme.
|
| - std::unique_ptr<base::ListValue> blocked(new base::ListValue);
|
| - blocked->Append(new base::StringValue("google.com"));
|
| - blacklist.Block(blocked.get());
|
| - EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://google.com")));
|
| - EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://google.com/")));
|
| - EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://google.com/whatever")));
|
| - EXPECT_TRUE(blacklist.IsURLBlocked(GURL("https://google.com/")));
|
| - EXPECT_FALSE(blacklist.IsURLBlocked(GURL("bogus://google.com/")));
|
| - EXPECT_FALSE(blacklist.IsURLBlocked(GURL("http://notgoogle.com/")));
|
| - EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://mail.google.com")));
|
| - EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://x.mail.google.com")));
|
| - EXPECT_TRUE(blacklist.IsURLBlocked(GURL("https://x.mail.google.com/")));
|
| - EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://x.y.google.com/a/b")));
|
| - EXPECT_FALSE(blacklist.IsURLBlocked(GURL("http://youtube.com/")));
|
| + EXPECT_TRUE(IsMatch("google.com", "http://google.com"));
|
| + EXPECT_TRUE(IsMatch("google.com", "http://google.com/"));
|
| + EXPECT_TRUE(IsMatch("google.com", "http://google.com/whatever"));
|
| + EXPECT_TRUE(IsMatch("google.com", "https://google.com/"));
|
| + EXPECT_FALSE(IsMatch("google.com", "bogus://google.com/"));
|
| + EXPECT_FALSE(IsMatch("google.com", "http://notgoogle.com/"));
|
| + EXPECT_TRUE(IsMatch("google.com", "http://mail.google.com"));
|
| + EXPECT_TRUE(IsMatch("google.com", "http://x.mail.google.com"));
|
| + EXPECT_TRUE(IsMatch("google.com", "https://x.mail.google.com/"));
|
| + EXPECT_TRUE(IsMatch("google.com", "http://x.y.google.com/a/b"));
|
| + EXPECT_FALSE(IsMatch("google.com", "http://youtube.com/"));
|
|
|
| // Filter only http, ftp and ws schemes.
|
| - blocked.reset(new base::ListValue);
|
| - blocked->Append(new base::StringValue("http://secure.com"));
|
| - blocked->Append(new base::StringValue("ftp://secure.com"));
|
| - blocked->Append(new base::StringValue("ws://secure.com"));
|
| - blacklist.Block(blocked.get());
|
| - EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://secure.com")));
|
| - EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://secure.com/whatever")));
|
| - EXPECT_TRUE(blacklist.IsURLBlocked(GURL("ftp://secure.com/")));
|
| - EXPECT_TRUE(blacklist.IsURLBlocked(GURL("ws://secure.com")));
|
| - EXPECT_FALSE(blacklist.IsURLBlocked(GURL("https://secure.com/")));
|
| - EXPECT_FALSE(blacklist.IsURLBlocked(GURL("wss://secure.com")));
|
| - EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://www.secure.com")));
|
| - EXPECT_FALSE(blacklist.IsURLBlocked(GURL("https://www.secure.com")));
|
| - EXPECT_FALSE(blacklist.IsURLBlocked(GURL("wss://www.secure.com")));
|
| + EXPECT_TRUE(IsMatch("http://secure.com", "http://secure.com"));
|
| + EXPECT_TRUE(IsMatch("http://secure.com", "http://secure.com/whatever"));
|
| + EXPECT_TRUE(IsMatch("ftp://secure.com", "ftp://secure.com/"));
|
| + EXPECT_TRUE(IsMatch("ws://secure.com", "ws://secure.com"));
|
| + EXPECT_FALSE(IsMatch("http://secure.com", "https://secure.com/"));
|
| + EXPECT_FALSE(IsMatch("ws://secure.com", "wss://secure.com"));
|
| + EXPECT_TRUE(IsMatch("http://secure.com", "http://www.secure.com"));
|
| + EXPECT_FALSE(IsMatch("http://secure.com", "https://www.secure.com"));
|
| + EXPECT_FALSE(IsMatch("ws://secure.com", "wss://www.secure.com"));
|
|
|
| // Filter only a certain path prefix.
|
| - blocked.reset(new base::ListValue);
|
| - blocked->Append(new base::StringValue("path.to/ruin"));
|
| - blacklist.Block(blocked.get());
|
| - EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://path.to/ruin")));
|
| - EXPECT_TRUE(blacklist.IsURLBlocked(GURL("https://path.to/ruin")));
|
| - EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://path.to/ruins")));
|
| - EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://path.to/ruin/signup")));
|
| - EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://www.path.to/ruin")));
|
| - EXPECT_FALSE(blacklist.IsURLBlocked(GURL("http://path.to/fortune")));
|
| + EXPECT_TRUE(IsMatch("path.to/ruin", "http://path.to/ruin"));
|
| + EXPECT_TRUE(IsMatch("path.to/ruin", "https://path.to/ruin"));
|
| + EXPECT_TRUE(IsMatch("path.to/ruin", "http://path.to/ruins"));
|
| + EXPECT_TRUE(IsMatch("path.to/ruin", "http://path.to/ruin/signup"));
|
| + EXPECT_TRUE(IsMatch("path.to/ruin", "http://www.path.to/ruin"));
|
| + EXPECT_FALSE(IsMatch("path.to/ruin", "http://path.to/fortune"));
|
|
|
| // Filter only a certain path prefix and scheme.
|
| - blocked.reset(new base::ListValue);
|
| - blocked->Append(new base::StringValue("https://s.aaa.com/path"));
|
| - blacklist.Block(blocked.get());
|
| - EXPECT_TRUE(blacklist.IsURLBlocked(GURL("https://s.aaa.com/path")));
|
| - EXPECT_TRUE(blacklist.IsURLBlocked(GURL("https://s.aaa.com/path/bbb")));
|
| - EXPECT_FALSE(blacklist.IsURLBlocked(GURL("http://s.aaa.com/path")));
|
| - EXPECT_FALSE(blacklist.IsURLBlocked(GURL("https://aaa.com/path")));
|
| - EXPECT_FALSE(blacklist.IsURLBlocked(GURL("https://x.aaa.com/path")));
|
| - EXPECT_FALSE(blacklist.IsURLBlocked(GURL("https://s.aaa.com/bbb")));
|
| - EXPECT_FALSE(blacklist.IsURLBlocked(GURL("https://s.aaa.com/")));
|
| + EXPECT_TRUE(IsMatch("https://s.aaa.com/path", "https://s.aaa.com/path"));
|
| + EXPECT_TRUE(
|
| + IsMatch("https://s.aaa.com/path", "https://s.aaa.com/path/bbb"));
|
| + EXPECT_FALSE(IsMatch("https://s.aaa.com/path", "http://s.aaa.com/path"));
|
| + EXPECT_FALSE(IsMatch("https://s.aaa.com/path", "https://aaa.com/path"));
|
| + EXPECT_FALSE(IsMatch("https://s.aaa.com/path", "https://x.aaa.com/path"));
|
| + EXPECT_FALSE(IsMatch("https://s.aaa.com/path", "https://s.aaa.com/bbb"));
|
| + EXPECT_FALSE(IsMatch("https://s.aaa.com/path", "https://s.aaa.com/"));
|
|
|
| // Filter only ws and wss schemes.
|
| - blocked.reset(new base::ListValue);
|
| - blocked->Append(new base::StringValue("ws://ws.aaa.com"));
|
| - blocked->Append(new base::StringValue("wss://ws.aaa.com"));
|
| - blacklist.Block(blocked.get());
|
| - EXPECT_TRUE(blacklist.IsURLBlocked(GURL("ws://ws.aaa.com")));
|
| - EXPECT_TRUE(blacklist.IsURLBlocked(GURL("wss://ws.aaa.com")));
|
| - EXPECT_FALSE(blacklist.IsURLBlocked(GURL("http://ws.aaa.com")));
|
| - EXPECT_FALSE(blacklist.IsURLBlocked(GURL("https://ws.aaa.com")));
|
| - EXPECT_FALSE(blacklist.IsURLBlocked(GURL("ftp://ws.aaa.com")));
|
| + EXPECT_TRUE(IsMatch("ws://ws.aaa.com", "ws://ws.aaa.com"));
|
| + EXPECT_TRUE(IsMatch("wss://ws.aaa.com", "wss://ws.aaa.com"));
|
| + EXPECT_FALSE(IsMatch("ws://ws.aaa.com", "http://ws.aaa.com"));
|
| + EXPECT_FALSE(IsMatch("ws://ws.aaa.com", "https://ws.aaa.com"));
|
| + EXPECT_FALSE(IsMatch("ws://ws.aaa.com", "ftp://ws.aaa.com"));
|
| +
|
| + // Block an ip address.
|
| + EXPECT_TRUE(IsMatch("123.123.123.123", "http://123.123.123.123/"));
|
| + EXPECT_FALSE(IsMatch("123.123.123.123", "http://123.123.123.124/"));
|
|
|
| // Test exceptions to path prefixes, and most specific matches.
|
| - blocked.reset(new base::ListValue);
|
| + std::unique_ptr<base::ListValue> blocked(new base::ListValue);
|
| std::unique_ptr<base::ListValue> allowed(new base::ListValue);
|
| - blocked->Append(new base::StringValue("s.xxx.com/a"));
|
| - allowed->Append(new base::StringValue("s.xxx.com/a/b"));
|
| - blocked->Append(new base::StringValue("https://s.xxx.com/a/b/c"));
|
| - allowed->Append(new base::StringValue("https://s.xxx.com/a/b/c/d"));
|
| + blocked->AppendString("s.xxx.com/a");
|
| + allowed->AppendString("s.xxx.com/a/b");
|
| + blocked->AppendString("https://s.xxx.com/a/b/c");
|
| + allowed->AppendString("https://s.xxx.com/a/b/c/d");
|
| blacklist.Block(blocked.get());
|
| blacklist.Allow(allowed.get());
|
| EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://s.xxx.com/a")));
|
| @@ -416,16 +439,12 @@ TEST_F(URLBlacklistManagerTest, Filtering) {
|
| EXPECT_FALSE(blacklist.IsURLBlocked(GURL("http://xxx.com/a")));
|
| EXPECT_FALSE(blacklist.IsURLBlocked(GURL("http://xxx.com/a/b")));
|
|
|
| - // Block an ip address.
|
| - blocked.reset(new base::ListValue);
|
| - blocked->Append(new base::StringValue("123.123.123.123"));
|
| - blacklist.Block(blocked.get());
|
| - EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://123.123.123.123/")));
|
| - EXPECT_FALSE(blacklist.IsURLBlocked(GURL("http://123.123.123.124/")));
|
| -
|
| // Open an exception.
|
| + blocked.reset(new base::ListValue);
|
| + blocked->AppendString("google.com");
|
| allowed.reset(new base::ListValue);
|
| - allowed->Append(new base::StringValue("plus.google.com"));
|
| + allowed->AppendString("plus.google.com");
|
| + blacklist.Block(blocked.get());
|
| blacklist.Allow(allowed.get());
|
| EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://google.com/")));
|
| EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://www.google.com/")));
|
| @@ -433,7 +452,7 @@ TEST_F(URLBlacklistManagerTest, Filtering) {
|
|
|
| // Open an exception only when using https for mail.
|
| allowed.reset(new base::ListValue);
|
| - allowed->Append(new base::StringValue("https://mail.google.com"));
|
| + allowed->AppendString("https://mail.google.com");
|
| blacklist.Allow(allowed.get());
|
| EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://google.com/")));
|
| EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://mail.google.com/")));
|
| @@ -444,7 +463,7 @@ TEST_F(URLBlacklistManagerTest, Filtering) {
|
| // Match exactly "google.com", only for http. Subdomains without exceptions
|
| // are still blocked.
|
| allowed.reset(new base::ListValue);
|
| - allowed->Append(new base::StringValue("http://.google.com"));
|
| + allowed->AppendString("http://.google.com");
|
| blacklist.Allow(allowed.get());
|
| EXPECT_FALSE(blacklist.IsURLBlocked(GURL("http://google.com/")));
|
| EXPECT_TRUE(blacklist.IsURLBlocked(GURL("https://google.com/")));
|
| @@ -453,10 +472,10 @@ TEST_F(URLBlacklistManagerTest, Filtering) {
|
| // A smaller path match in an exact host overrides a longer path for hosts
|
| // that also match subdomains.
|
| blocked.reset(new base::ListValue);
|
| - blocked->Append(new base::StringValue("yyy.com/aaa"));
|
| + blocked->AppendString("yyy.com/aaa");
|
| blacklist.Block(blocked.get());
|
| allowed.reset(new base::ListValue);
|
| - allowed->Append(new base::StringValue(".yyy.com/a"));
|
| + allowed->AppendString(".yyy.com/a");
|
| blacklist.Allow(allowed.get());
|
| EXPECT_FALSE(blacklist.IsURLBlocked(GURL("http://yyy.com")));
|
| EXPECT_FALSE(blacklist.IsURLBlocked(GURL("http://yyy.com/aaa")));
|
| @@ -467,10 +486,10 @@ TEST_F(URLBlacklistManagerTest, Filtering) {
|
|
|
| // If the exact entry is both allowed and blocked, allowing takes precedence.
|
| blocked.reset(new base::ListValue);
|
| - blocked->Append(new base::StringValue("example.com"));
|
| + blocked->AppendString("example.com");
|
| blacklist.Block(blocked.get());
|
| allowed.reset(new base::ListValue);
|
| - allowed->Append(new base::StringValue("example.com"));
|
| + allowed->AppendString("example.com");
|
| blacklist.Allow(allowed.get());
|
| EXPECT_FALSE(blacklist.IsURLBlocked(GURL("http://example.com")));
|
| }
|
| @@ -616,11 +635,11 @@ TEST_F(URLBlacklistManagerTest, BlockAllWithExceptions) {
|
|
|
| std::unique_ptr<base::ListValue> blocked(new base::ListValue);
|
| std::unique_ptr<base::ListValue> allowed(new base::ListValue);
|
| - blocked->Append(new base::StringValue("*"));
|
| - allowed->Append(new base::StringValue(".www.google.com"));
|
| - allowed->Append(new base::StringValue("plus.google.com"));
|
| - allowed->Append(new base::StringValue("https://mail.google.com"));
|
| - allowed->Append(new base::StringValue("https://very.safe/path"));
|
| + blocked->AppendString("*");
|
| + allowed->AppendString(".www.google.com");
|
| + allowed->AppendString("plus.google.com");
|
| + allowed->AppendString("https://mail.google.com");
|
| + allowed->AppendString("https://very.safe/path");
|
| blacklist.Block(blocked.get());
|
| blacklist.Allow(allowed.get());
|
| EXPECT_TRUE(blacklist.IsURLBlocked(GURL("http://random.com")));
|
| @@ -638,10 +657,10 @@ TEST_F(URLBlacklistManagerTest, BlockAllWithExceptions) {
|
| }
|
|
|
| TEST_F(URLBlacklistManagerTest, DontBlockResources) {
|
| - std::unique_ptr<URLBlacklist> blacklist(
|
| - new URLBlacklist(GetSegmentURLCallback()));
|
| + std::unique_ptr<URLBlacklist>
|
| + blacklist(new URLBlacklist(GetSegmentURLCallback()));
|
| std::unique_ptr<base::ListValue> blocked(new base::ListValue);
|
| - blocked->Append(new base::StringValue("google.com"));
|
| + blocked->AppendString("google.com");
|
| blacklist->Block(blocked.get());
|
| blacklist_manager_->SetBlacklist(std::move(blacklist));
|
| EXPECT_TRUE(blacklist_manager_->IsURLBlocked(GURL("http://google.com")));
|
| @@ -657,7 +676,7 @@ TEST_F(URLBlacklistManagerTest, DefaultBlacklistExceptions) {
|
| std::unique_ptr<base::ListValue> blocked(new base::ListValue);
|
|
|
| // Blacklist everything:
|
| - blocked->Append(new base::StringValue("*"));
|
| + blocked->AppendString("*");
|
| blacklist.Block(blocked.get());
|
|
|
| // Internal NTP and extension URLs are not blocked by the "*":
|
| @@ -667,9 +686,9 @@ TEST_F(URLBlacklistManagerTest, DefaultBlacklistExceptions) {
|
| EXPECT_FALSE((blacklist.IsURLBlocked(GURL("chrome-native://ntp"))));
|
|
|
| // Unless they are explicitly blacklisted:
|
| - blocked->Append(new base::StringValue("chrome-extension://*"));
|
| + blocked->AppendString("chrome-extension://*");
|
| std::unique_ptr<base::ListValue> allowed(new base::ListValue);
|
| - allowed->Append(new base::StringValue("chrome-extension://abc"));
|
| + allowed->AppendString("chrome-extension://abc");
|
| blacklist.Block(blocked.get());
|
| blacklist.Allow(allowed.get());
|
|
|
| @@ -680,4 +699,141 @@ TEST_F(URLBlacklistManagerTest, DefaultBlacklistExceptions) {
|
| EXPECT_FALSE((blacklist.IsURLBlocked(GURL("chrome-native://ntp"))));
|
| }
|
|
|
| +TEST_F(URLBlacklistManagerTest, BlacklistBasicCoverage) {
|
| + // Tests to cover the documentation from
|
| + // http://www.chromium.org/administrators/url-blacklist-filter-format
|
| +
|
| + // [scheme://][.]host[:port][/path][@query]
|
| + // Scheme can be http, https, ftp, chrome, etc. This field is optional, and
|
| + // must be followed by '://'.
|
| + EXPECT_TRUE(IsMatch("file://*", "file:///abc.txt"));
|
| + EXPECT_TRUE(IsMatch("file:*", "file:///usr/local/boot.txt"));
|
| + EXPECT_TRUE(IsMatch("https://*", "https:///abc.txt"));
|
| + EXPECT_TRUE(IsMatch("ftp://*", "ftp://ftp.txt"));
|
| + EXPECT_TRUE(IsMatch("chrome://*", "chrome:policy"));
|
| + EXPECT_TRUE(IsMatch("noscheme", "http://noscheme"));
|
| + // Filter custom schemes.
|
| + EXPECT_TRUE(IsMatch("custom://*", "custom://example_app"));
|
| + EXPECT_TRUE(IsMatch("custom:*", "custom:example2_app"));
|
| + EXPECT_FALSE(IsMatch("custom://*", "customs://example_apps"));
|
| + EXPECT_FALSE(IsMatch("custom://*", "cust*://example_ap"));
|
| + EXPECT_FALSE(IsMatch("custom://*", "ecustom:example_app"));
|
| + EXPECT_TRUE(IsMatch("custom://*", "custom:///abc.txt"));
|
| + // Tests for custom scheme patterns that are not supported.
|
| + EXPECT_FALSE(IsMatch("wrong://app", "wrong://app"));
|
| + EXPECT_FALSE(IsMatch("wrong ://*", "wrong ://app"));
|
| + EXPECT_FALSE(IsMatch(" wrong:*", " wrong://app"));
|
| +
|
| + // Ommitting the scheme matches most standard schemes.
|
| + EXPECT_TRUE(IsMatch("example.com", "chrome:example.com"));
|
| + EXPECT_TRUE(IsMatch("example.com", "chrome://example.com"));
|
| + EXPECT_TRUE(IsMatch("example.com", "file://example.com/"));
|
| + EXPECT_TRUE(IsMatch("example.com", "ftp://example.com"));
|
| + EXPECT_TRUE(IsMatch("example.com", "http://example.com"));
|
| + EXPECT_TRUE(IsMatch("example.com", "https://example.com"));
|
| + EXPECT_TRUE(IsMatch("example.com", "gopher://example.com"));
|
| + EXPECT_TRUE(IsMatch("example.com", "ws://example.com"));
|
| + EXPECT_TRUE(IsMatch("example.com", "wss://example.com"));
|
| +
|
| + // Some schemes are not matched when the scheme is ommitted.
|
| + EXPECT_FALSE(IsMatch("example.com", "about://example.com"));
|
| + EXPECT_FALSE(IsMatch("example.com", "about:example.com"));
|
| + EXPECT_FALSE(IsMatch("example.com/*", "filesystem:///something"));
|
| + EXPECT_FALSE(IsMatch("example.com", "custom://example.com"));
|
| + EXPECT_FALSE(IsMatch("example", "custom://example"));
|
| +
|
| + // An optional '.' (dot) can prefix the host field to disable subdomain
|
| + // matching, see below for details.
|
| + EXPECT_TRUE(IsMatch(".example.com", "http://example.com/path"));
|
| + EXPECT_FALSE(IsMatch(".example.com", "http://mail.example.com/path"));
|
| + EXPECT_TRUE(IsMatch("example.com", "http://mail.example.com/path"));
|
| + EXPECT_TRUE(IsMatch("ftp://.ftp.file", "ftp://ftp.file"));
|
| + EXPECT_FALSE(IsMatch("ftp://.ftp.file", "ftp://sub.ftp.file"));
|
| +
|
| + // The host field is required, and is a valid hostname or an IP address. It
|
| + // can also take the special '*' value, see below for details.
|
| + EXPECT_TRUE(IsMatch("*", "http://anything"));
|
| + EXPECT_TRUE(IsMatch("*", "ftp://anything"));
|
| + EXPECT_TRUE(IsMatch("*", "custom://anything"));
|
| + EXPECT_TRUE(IsMatch("host", "http://host:8080"));
|
| + EXPECT_FALSE(IsMatch("host", "file:///host"));
|
| + EXPECT_TRUE(IsMatch("10.1.2.3", "http://10.1.2.3:8080/path"));
|
| + // No host, will match nothing.
|
| + EXPECT_FALSE(IsMatch(":8080", "http://host:8080"));
|
| + EXPECT_FALSE(IsMatch(":8080", "http://:8080"));
|
| +
|
| + // An optional port can come after the host. It must be a valid port value
|
| + // from 1 to 65535.
|
| + EXPECT_TRUE(IsMatch("host:8080", "http://host:8080/path"));
|
| + EXPECT_TRUE(IsMatch("host:1", "http://host:1/path"));
|
| + // Out of range port.
|
| + EXPECT_FALSE(IsMatch("host:65536", "http://host:65536/path"));
|
| + // Star is not allowed in port numbers.
|
| + EXPECT_FALSE(IsMatch("example.com:*", "http://example.com"));
|
| + EXPECT_FALSE(IsMatch("example.com:*", "http://example.com:8888"));
|
| +
|
| + // An optional path can come after port.
|
| + EXPECT_TRUE(IsMatch("host/path", "http://host:8080/path"));
|
| + EXPECT_TRUE(IsMatch("host/path/path2", "http://host/path/path2"));
|
| + EXPECT_TRUE(IsMatch("host/path", "http://host/path/path2"));
|
| +
|
| + // An optional query can come in the end, which is a set of key-value and
|
| + // key-only tokens delimited by '&'. The key-value tokens are separated
|
| + // by '='. A query token can optionally end with a '*' to indicate prefix
|
| + // match. Token order is ignored during matching.
|
| + EXPECT_TRUE(IsMatch("host?q1=1&q2=2", "http://host?q2=2&q1=1"));
|
| + EXPECT_FALSE(IsMatch("host?q1=1&q2=2", "http://host?q2=1&q1=2"));
|
| + EXPECT_FALSE(IsMatch("host?q1=1&q2=2", "http://host?Q2=2&Q1=1"));
|
| + EXPECT_TRUE(IsMatch("host?q1=1&q2=2", "http://host?q2=2&q1=1&q3=3"));
|
| + EXPECT_TRUE(IsMatch("host?q1=1&q2=2*", "http://host?q2=21&q1=1&q3=3"));
|
| +
|
| + // user:pass fields can be included but will be ignored
|
| + // (e.g. http://user:pass@ftp.example.com/pub/bigfile.iso).
|
| + EXPECT_TRUE(
|
| + IsMatch("host.com/path", "http://user:pass@host.com:8080/path"));
|
| + EXPECT_TRUE(
|
| + IsMatch("ftp://host.com/path", "ftp://user:pass@host.com:8080/path"));
|
| +
|
| + // Case sensitivity.
|
| + // Scheme is case insensitive.
|
| + EXPECT_TRUE(IsMatch("suPPort://*", "support:example"));
|
| + EXPECT_TRUE(IsMatch("FILE://*", "file:example"));
|
| + EXPECT_TRUE(IsMatch("FILE://*", "FILE://example"));
|
| + EXPECT_TRUE(IsMatch("FtP:*", "ftp://example"));
|
| + EXPECT_TRUE(IsMatch("http://example.com", "HTTP://example.com"));
|
| + EXPECT_TRUE(IsMatch("HTTP://example.com", "http://example.com"));
|
| + // Host is case insensitive.
|
| + EXPECT_TRUE(IsMatch("http://EXAMPLE.COM", "http://example.com"));
|
| + EXPECT_TRUE(IsMatch("Example.com", "http://examplE.com/Path?Query=1"));
|
| + // Path is case sensitive.
|
| + EXPECT_FALSE(IsMatch("example.com/Path", "http://example.com/path"));
|
| + EXPECT_TRUE(IsMatch("http://example.com/aB", "http://example.com/aB"));
|
| + EXPECT_FALSE(IsMatch("http://example.com/aB", "http://example.com/Ab"));
|
| + EXPECT_FALSE(IsMatch("http://example.com/aB", "http://example.com/ab"));
|
| + EXPECT_FALSE(IsMatch("http://example.com/aB", "http://example.com/AB"));
|
| + // Query is case sensitive.
|
| + EXPECT_FALSE(IsMatch("host/path?Query=1", "http://host/path?query=1"));
|
| +}
|
| +
|
| +// Test for GetURLBlacklistState method.
|
| +TEST_F(URLBlacklistManagerTest, UseBlacklistState) {
|
| + const net::NetworkDelegate::URLBlacklistState in_blacklist =
|
| + net::NetworkDelegate::URLBlacklistState::URL_IN_BLACKLIST;
|
| + const net::NetworkDelegate::URLBlacklistState in_whitelist =
|
| + net::NetworkDelegate::URLBlacklistState::URL_IN_WHITELIST;
|
| + const net::NetworkDelegate::URLBlacklistState neutral_state =
|
| + net::NetworkDelegate::URLBlacklistState::URL_NEUTRAL_STATE;
|
| +
|
| + // Test whitelist states.
|
| + EXPECT_EQ(in_whitelist, GetMatch("example.com", "http://example.com", true));
|
| + EXPECT_EQ(in_whitelist, GetMatch("http://*", "http://example.com", true));
|
| + EXPECT_EQ(in_whitelist, GetMatch("custom://*", "custom://app", true));
|
| + EXPECT_EQ(in_whitelist, GetMatch("custom:*", "custom://app/play", true));
|
| + EXPECT_EQ(in_whitelist, GetMatch("custom:*", "custom://app:8080", true));
|
| + // Test blacklist states.
|
| + EXPECT_EQ(in_blacklist, GetMatch("ftp:*", "ftp://server", false));
|
| + // Test neutral states.
|
| + EXPECT_EQ(neutral_state, GetMatch("file:*", "http://example.com", true));
|
| + EXPECT_EQ(neutral_state, GetMatch("https://*", "http://example.com", false));
|
| +}
|
| } // namespace policy
|
|
|
Chromium Code Reviews
Issue 1692503002:
Functionality to allow blacklist and whitelist of custom schemes (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master