Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(196)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/http/http_security_headers_unittest.cc

Issue 1831963002: Fix number parsing for max-age for HSTS/HPKP. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@parse_refactor
Patch Set: rebase Created 4 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/http/http_security_headers.cc ('k') | net/http/transport_security_state.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/http/http_security_headers_unittest.cc
diff --git a/net/http/http_security_headers_unittest.cc b/net/http/http_security_headers_unittest.cc
index 7e80efa3270dfcf5114671afee93e20d263e1802..1ee08d7a3521680326a732bd1726890ce68c7c06 100644
--- a/net/http/http_security_headers_unittest.cc
+++ b/net/http/http_security_headers_unittest.cc
@@ -138,6 +138,16 @@ TEST_F(HttpSecurityHeadersTest, BogusHeaders) {
&include_subdomains));
EXPECT_FALSE(ParseHSTSHeader("max-age=-3488923", &max_age,
&include_subdomains));
+ EXPECT_FALSE(
+ ParseHSTSHeader("max-age=+3488923", &max_age, &include_subdomains));
+ EXPECT_FALSE(
+ ParseHSTSHeader("max-age=13####", &max_age, &include_subdomains));
+ EXPECT_FALSE(ParseHSTSHeader("max-age=9223372036854775807#####", &max_age,
+ &include_subdomains));
+ EXPECT_FALSE(ParseHSTSHeader("max-age=18446744073709551615####", &max_age,
+ &include_subdomains));
+ EXPECT_FALSE(ParseHSTSHeader("max-age=999999999999999999999999$.&#!",
+ &max_age, &include_subdomains));
EXPECT_FALSE(ParseHSTSHeader("max-age=3488923 e", &max_age,
&include_subdomains));
EXPECT_FALSE(ParseHSTSHeader("max-age=3488923 includesubdomain",
@@ -388,56 +398,56 @@ TEST_F(HttpSecurityHeadersTest, ValidSTSHeaders) {
EXPECT_TRUE(ParseHSTSHeader(
"max-age=39408299 ;incLudesUbdOmains", &max_age,
&include_subdomains));
- expect_max_age = base::TimeDelta::FromSeconds(
- std::min(kMaxHSTSAgeSecs, static_cast<int64_t>(INT64_C(39408299))));
+ expect_max_age =
+ base::TimeDelta::FromSeconds(std::min(kMaxHSTSAgeSecs, 39408299u));
EXPECT_EQ(expect_max_age, max_age);
EXPECT_TRUE(include_subdomains);
EXPECT_TRUE(ParseHSTSHeader(
"max-age=394082038 ; incLudesUbdOmains", &max_age,
&include_subdomains));
- expect_max_age = base::TimeDelta::FromSeconds(
- std::min(kMaxHSTSAgeSecs, static_cast<int64_t>(INT64_C(394082038))));
+ expect_max_age =
+ base::TimeDelta::FromSeconds(std::min(kMaxHSTSAgeSecs, 394082038u));
EXPECT_EQ(expect_max_age, max_age);
EXPECT_TRUE(include_subdomains);
EXPECT_TRUE(ParseHSTSHeader(
"max-age=394082038 ; incLudesUbdOmains;", &max_age,
&include_subdomains));
- expect_max_age = base::TimeDelta::FromSeconds(
- std::min(kMaxHSTSAgeSecs, static_cast<int64_t>(INT64_C(394082038))));
+ expect_max_age =
+ base::TimeDelta::FromSeconds(std::min(kMaxHSTSAgeSecs, 394082038u));
EXPECT_EQ(expect_max_age, max_age);
EXPECT_TRUE(include_subdomains);
EXPECT_TRUE(ParseHSTSHeader(
";; max-age=394082038 ; incLudesUbdOmains; ;", &max_age,
&include_subdomains));
- expect_max_age = base::TimeDelta::FromSeconds(
- std::min(kMaxHSTSAgeSecs, static_cast<int64_t>(INT64_C(394082038))));
+ expect_max_age =
+ base::TimeDelta::FromSeconds(std::min(kMaxHSTSAgeSecs, 394082038u));
EXPECT_EQ(expect_max_age, max_age);
EXPECT_TRUE(include_subdomains);
EXPECT_TRUE(ParseHSTSHeader(
";; max-age=394082038 ;", &max_age,
&include_subdomains));
- expect_max_age = base::TimeDelta::FromSeconds(
- std::min(kMaxHSTSAgeSecs, static_cast<int64_t>(INT64_C(394082038))));
+ expect_max_age =
+ base::TimeDelta::FromSeconds(std::min(kMaxHSTSAgeSecs, 394082038u));
EXPECT_EQ(expect_max_age, max_age);
EXPECT_FALSE(include_subdomains);
EXPECT_TRUE(ParseHSTSHeader(
";; ; ; max-age=394082038;;; includeSubdomains ;; ;", &max_age,
&include_subdomains));
- expect_max_age = base::TimeDelta::FromSeconds(
- std::min(kMaxHSTSAgeSecs, static_cast<int64_t>(INT64_C(394082038))));
+ expect_max_age =
+ base::TimeDelta::FromSeconds(std::min(kMaxHSTSAgeSecs, 394082038u));
EXPECT_EQ(expect_max_age, max_age);
EXPECT_TRUE(include_subdomains);
EXPECT_TRUE(ParseHSTSHeader(
"incLudesUbdOmains ; max-age=394082038 ;;", &max_age,
&include_subdomains));
- expect_max_age = base::TimeDelta::FromSeconds(
- std::min(kMaxHSTSAgeSecs, static_cast<int64_t>(INT64_C(394082038))));
+ expect_max_age =
+ base::TimeDelta::FromSeconds(std::min(kMaxHSTSAgeSecs, 394082038u));
EXPECT_EQ(expect_max_age, max_age);
EXPECT_TRUE(include_subdomains);
@@ -529,8 +539,8 @@ static void TestValidPKPHeaders(HashValueTag tag) {
EXPECT_TRUE(ParseAsHPKPHeader(
"max-age=39408299 ;" + backup_pin + ";" + good_pin + "; ", chain_hashes,
&max_age, &include_subdomains, &hashes, &report_uri));
- expect_max_age = base::TimeDelta::FromSeconds(
- std::min(kMaxHPKPAgeSecs, static_cast<int64_t>(INT64_C(39408299))));
+ expect_max_age =
+ base::TimeDelta::FromSeconds(std::min(kMaxHPKPAgeSecs, 39408299u));
EXPECT_EQ(expect_max_age, max_age);
EXPECT_FALSE(include_subdomains);
@@ -538,8 +548,8 @@ static void TestValidPKPHeaders(HashValueTag tag) {
"max-age=39408038 ; cybers=39408038 ; includeSubdomains; " +
good_pin + ";" + backup_pin + "; ",
chain_hashes, &max_age, &include_subdomains, &hashes, &report_uri));
- expect_max_age = base::TimeDelta::FromSeconds(
- std::min(kMaxHPKPAgeSecs, static_cast<int64_t>(INT64_C(394082038))));
+ expect_max_age =
+ base::TimeDelta::FromSeconds(std::min(kMaxHPKPAgeSecs, 394082038u));
EXPECT_EQ(expect_max_age, max_age);
EXPECT_TRUE(include_subdomains);
« no previous file with comments | « net/http/http_security_headers.cc ('k') | net/http/transport_security_state.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698