| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (c) 2015, Google Inc. All rights reserved. | 2 * Copyright (c) 2015, Google Inc. All rights reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
| 6 * met: | 6 * met: |
| 7 * | 7 * |
| 8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
| 9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
| 10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
| (...skipping 562 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 573 ResourceRequest resourceRequest(url); | 573 ResourceRequest resourceRequest(url); |
| 574 ResourceResponse response; | 574 ResourceResponse response; |
| 575 response.setURL(url); | 575 response.setURL(url); |
| 576 response.setSecurityInfo(securityInfo); | 576 response.setSecurityInfo(securityInfo); |
| 577 response.setHasMajorCertificateErrors(true); | 577 response.setHasMajorCertificateErrors(true); |
| 578 RefPtrWillBeRawPtr<Resource> resource = Resource::create(resourceRequest, Re
source::Image); | 578 RefPtrWillBeRawPtr<Resource> resource = Resource::create(resourceRequest, Re
source::Image); |
| 579 resource->setResponse(response); | 579 resource->setResponse(response); |
| 580 fetchContext->dispatchDidLoadResourceFromMemoryCache(resource.get(), WebURLR
equest::FrameTypeNone, WebURLRequest::RequestContextImage); | 580 fetchContext->dispatchDidLoadResourceFromMemoryCache(resource.get(), WebURLR
equest::FrameTypeNone, WebURLRequest::RequestContextImage); |
| 581 } | 581 } |
| 582 | 582 |
| 583 TEST_F(FrameFetchContextTest, SetIsExternalRequestForPublicDocument) |
| 584 { |
| 585 EXPECT_FALSE(document->isHostedInReservedIPRange()); |
| 586 |
| 587 struct TestCase { |
| 588 const char* url; |
| 589 bool isExternalExpectation; |
| 590 } cases[] = { |
| 591 { "http://example.com/", false }, |
| 592 { "https://example.com/", false }, |
| 593 { "data:text/html,whatever", false }, |
| 594 { "file:///etc/passwd", false }, |
| 595 { "blob:http://example.com/", false }, |
| 596 |
| 597 { "http://localhost/", true }, |
| 598 { "http://127.0.0.1/", true }, |
| 599 { "http://127.0.0.1:8000/", true }, |
| 600 { "http://192.168.1.1:8000/", true } |
| 601 }; |
| 602 RuntimeEnabledFeatures::setCorsRFC1918Enabled(false); |
| 603 for (const auto& test : cases) { |
| 604 ResourceRequest mainRequest(test.url); |
| 605 fetchContext->addAdditionalRequestHeaders(mainRequest, FetchMainResource
); |
| 606 EXPECT_FALSE(mainRequest.isExternalRequest()); |
| 607 |
| 608 ResourceRequest subRequest(test.url); |
| 609 fetchContext->addAdditionalRequestHeaders(subRequest, FetchSubresource); |
| 610 EXPECT_FALSE(subRequest.isExternalRequest()); |
| 611 } |
| 612 |
| 613 RuntimeEnabledFeatures::setCorsRFC1918Enabled(true); |
| 614 for (const auto& test : cases) { |
| 615 ResourceRequest mainRequest(test.url); |
| 616 fetchContext->addAdditionalRequestHeaders(mainRequest, FetchMainResource
); |
| 617 EXPECT_EQ(mainRequest.isExternalRequest(), test.isExternalExpectation); |
| 618 |
| 619 ResourceRequest subRequest(test.url); |
| 620 fetchContext->addAdditionalRequestHeaders(subRequest, FetchSubresource); |
| 621 EXPECT_EQ(subRequest.isExternalRequest(), test.isExternalExpectation); |
| 622 } |
| 623 } |
| 624 |
| 625 TEST_F(FrameFetchContextTest, SetIsExternalRequestForPrivateDocument) |
| 626 { |
| 627 document->setHostedInReservedIPRange(true); |
| 628 |
| 629 struct TestCase { |
| 630 const char* url; |
| 631 } cases[] = { |
| 632 { "http://example.com/" }, |
| 633 { "https://example.com/" }, |
| 634 { "data:text/html,whatever" }, |
| 635 { "file:///etc/passwd" }, |
| 636 { "blob:http://example.com/" }, |
| 637 { "http://localhost/" }, |
| 638 { "http://127.0.0.1/" }, |
| 639 { "http://127.0.0.1:8000/" }, |
| 640 { "http://192.168.1.1:8000/" } |
| 641 }; |
| 642 RuntimeEnabledFeatures::setCorsRFC1918Enabled(false); |
| 643 for (const auto& test : cases) { |
| 644 ResourceRequest mainRequest(test.url); |
| 645 fetchContext->addAdditionalRequestHeaders(mainRequest, FetchMainResource
); |
| 646 EXPECT_FALSE(mainRequest.isExternalRequest()); |
| 647 |
| 648 ResourceRequest subRequest(test.url); |
| 649 fetchContext->addAdditionalRequestHeaders(subRequest, FetchSubresource); |
| 650 EXPECT_FALSE(subRequest.isExternalRequest()); |
| 651 } |
| 652 |
| 653 RuntimeEnabledFeatures::setCorsRFC1918Enabled(true); |
| 654 for (const auto& test : cases) { |
| 655 ResourceRequest mainRequest(test.url); |
| 656 fetchContext->addAdditionalRequestHeaders(mainRequest, FetchMainResource
); |
| 657 EXPECT_FALSE(mainRequest.isExternalRequest()); |
| 658 |
| 659 ResourceRequest subRequest(test.url); |
| 660 fetchContext->addAdditionalRequestHeaders(subRequest, FetchSubresource); |
| 661 EXPECT_FALSE(subRequest.isExternalRequest()); |
| 662 } |
| 663 } |
| 664 |
| 583 } // namespace blink | 665 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1749153002:
CORS-RFC1918: Teach ResourceRequest about "external" requests (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master