third_party/WebKit/Source/core/fetch/CrossOriginAccessControlTest.cpp - Issue 1890053002: Exclude simple headers when building Access-Control-Request-Headers

Side by Side Diff: third_party/WebKit/Source/core/fetch/CrossOriginAccessControlTest.cpp

Issue 1890053002: Exclude simple headers when building Access-Control-Request-Headers (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Rebase Created 4 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
(Empty)
	1 // Copyright 2016 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #include "core/fetch/CrossOriginAccessControl.h"

	6

	7 #include "platform/network/ResourceRequest.h"

	8 #include "platform/weborigin/SecurityOrigin.h"

	9 #include "testing/gtest/include/gtest/gtest.h"

	10 #include "wtf/RefPtr.h"

	11 #include "wtf/text/WTFString.h"

	12

	13 namespace blink {

	14

	15 namespace {

	16

	17 class CreateAccessControlPreflightRequestTest : public ::testing::Test {

	18 protected:

	19 virtual void SetUp()

	20 {

	21 m_securityOrigin = SecurityOrigin::createFromString("http://example.com" );

	22 }

	23

	24 RefPtr<SecurityOrigin> m_securityOrigin;

	25 };

	26

	27 TEST_F(CreateAccessControlPreflightRequestTest, LexicographicalOrder)

	28 {

	29 ResourceRequest request;

	30 request.addHTTPHeaderField("Orange", "Orange");

	31 request.addHTTPHeaderField("Apple", "Red");

	32 request.addHTTPHeaderField("Kiwifruit", "Green");

	33 request.addHTTPHeaderField("Content-Type", "application/octet-stream");

	34 request.addHTTPHeaderField("Strawberry", "Red");

	35

	36 ResourceRequest preflight = createAccessControlPreflightRequest(request, m_s ecurityOrigin.get());

	37

	38 EXPECT_EQ("apple, content-type, kiwifruit, orange, strawberry", preflight.ht tpHeaderField("Access-Control-Request-Headers"));

	39 }

	40

	41 TEST_F(CreateAccessControlPreflightRequestTest, ExcludeSimpleHeaders)

	42 {

	43 ResourceRequest request;

	44 request.addHTTPHeaderField("Accept", "everything");

	45 request.addHTTPHeaderField("Accept-Language", "everything");

	46 request.addHTTPHeaderField("Content-Language", "everything");

	47 request.addHTTPHeaderField("Save-Data", "on");

	48

	49 ResourceRequest preflight = createAccessControlPreflightRequest(request, m_s ecurityOrigin.get());

	50

	51 EXPECT_EQ("", preflight.httpHeaderField("Access-Control-Request-Headers"));

	52 }

	53

	54 TEST_F(CreateAccessControlPreflightRequestTest, ExcludeSimpleContentTypeHeader)

	55 {

	56 ResourceRequest request;

	57 request.addHTTPHeaderField("Content-Type", "text/plain");

	58

	59 ResourceRequest preflight = createAccessControlPreflightRequest(request, m_s ecurityOrigin.get());

	60

	61 EXPECT_EQ("", preflight.httpHeaderField("Access-Control-Request-Headers"));

	62 }

	63

	64 TEST_F(CreateAccessControlPreflightRequestTest, IncludeNonSimpleHeader)

	65 {

	66 ResourceRequest request;

	67 request.addHTTPHeaderField("X-Custom-Header", "foobar");

	68

	69 ResourceRequest preflight = createAccessControlPreflightRequest(request, m_s ecurityOrigin.get());

	70

	71 EXPECT_EQ("x-custom-header", preflight.httpHeaderField("Access-Control-Reque st-Headers"));

	72 }

	73

	74 TEST_F(CreateAccessControlPreflightRequestTest, IncludeNonSimpleContentTypeHeade r)

	75 {

	76 ResourceRequest request;

	77 request.addHTTPHeaderField("Content-Type", "application/octet-stream");

	78

	79 ResourceRequest preflight = createAccessControlPreflightRequest(request, m_s ecurityOrigin.get());

	80

	81 EXPECT_EQ("content-type", preflight.httpHeaderField("Access-Control-Request- Headers"));

	82 }

	83

	84 } // namespace

	85

	86 } // namespace blink

OLD	NEW

« no previous file with comments | « third_party/WebKit/Source/core/fetch/CrossOriginAccessControl.cpp ('k') | no next file » | no next file with comments »