Index: third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicyTest.cpp |
diff --git a/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicyTest.cpp b/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicyTest.cpp |
index 5b64c5421dccf753fff9ab785c91818c67ad9c65..ffe179920153e7675c7c60c6e45d47c47110de20 100644 |
--- a/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicyTest.cpp |
+++ b/third_party/WebKit/Source/core/frame/csp/ContentSecurityPolicyTest.cpp |
@@ -11,6 +11,7 @@ |
#include "platform/network/ResourceRequest.h" |
#include "platform/weborigin/KURL.h" |
#include "platform/weborigin/SecurityOrigin.h" |
+#include "public/platform/WebURLRequest.h" |
#include "testing/gtest/include/gtest/gtest.h" |
namespace blink { |
@@ -57,6 +58,28 @@ TEST_F(ContentSecurityPolicyTest, ParseMonitorInsecureRequestsEnabled) |
EXPECT_FALSE(document->insecureNavigationsToUpgrade()->contains(secureOrigin->host().impl()->hash())); |
} |
+TEST_F(ContentSecurityPolicyTest, ParseEnforceTreatAsPublicAddressDisabled) |
+{ |
+ RuntimeEnabledFeatures::setCorsRFC1918Enabled(false); |
+ document->setHostedInReservedIPRange(true); |
+ EXPECT_EQ(WebURLRequest::AddressSpacePrivate, document->addressSpace()); |
+ |
+ csp->didReceiveHeader("treat-as-public-address", ContentSecurityPolicyHeaderTypeEnforce, ContentSecurityPolicyHeaderSourceHTTP); |
+ csp->bindToExecutionContext(document.get()); |
+ EXPECT_EQ(WebURLRequest::AddressSpacePrivate, document->addressSpace()); |
+} |
+ |
+TEST_F(ContentSecurityPolicyTest, ParseEnforceTreatAsPublicAddressEnabled) |
+{ |
+ RuntimeEnabledFeatures::setCorsRFC1918Enabled(true); |
+ document->setHostedInReservedIPRange(true); |
+ EXPECT_EQ(WebURLRequest::AddressSpacePrivate, document->addressSpace()); |
+ |
+ csp->didReceiveHeader("treat-as-public-address", ContentSecurityPolicyHeaderTypeEnforce, ContentSecurityPolicyHeaderSourceHTTP); |
+ csp->bindToExecutionContext(document.get()); |
+ EXPECT_EQ(WebURLRequest::AddressSpacePublic, document->addressSpace()); |
+} |
+ |
TEST_F(ContentSecurityPolicyTest, CopyStateFrom) |
{ |
csp->didReceiveHeader("script-src 'none'; plugin-types application/x-type-1", ContentSecurityPolicyHeaderTypeEnforce, ContentSecurityPolicyHeaderSourceHTTP); |