OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/proxy/proxy_service.h" | 5 #include "net/proxy/proxy_service.h" |
6 | 6 |
7 #include <cstdarg> | 7 #include <cstdarg> |
8 #include <string> | 8 #include <string> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
(...skipping 3462 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
3473 bool synchronous_success = service.TryResolveProxySynchronously( | 3473 bool synchronous_success = service.TryResolveProxySynchronously( |
3474 url, std::string(), LOAD_NORMAL, &info, nullptr, log.bound()); | 3474 url, std::string(), LOAD_NORMAL, &info, nullptr, log.bound()); |
3475 EXPECT_TRUE(synchronous_success); | 3475 EXPECT_TRUE(synchronous_success); |
3476 EXPECT_FALSE(info.is_direct()); | 3476 EXPECT_FALSE(info.is_direct()); |
3477 EXPECT_EQ("foopy1", info.proxy_server().host_port_pair().host()); | 3477 EXPECT_EQ("foopy1", info.proxy_server().host_port_pair().host()); |
3478 | 3478 |
3479 // No request should have been queued. | 3479 // No request should have been queued. |
3480 EXPECT_EQ(0u, factory->pending_requests().size()); | 3480 EXPECT_EQ(0u, factory->pending_requests().size()); |
3481 } | 3481 } |
3482 | 3482 |
| 3483 // This test checks that URLs are sanitized before being passed on to the proxy |
| 3484 // resolver (i.e. PAC scripts). |
| 3485 TEST_F(ProxyServiceTest, SanitizeUrlsBeforeResolving) { |
| 3486 MockProxyConfigService* config_service = |
| 3487 new MockProxyConfigService("http://foopy/proxy.pac"); |
| 3488 MockAsyncProxyResolver resolver; |
| 3489 MockAsyncProxyResolverFactory* factory = |
| 3490 new MockAsyncProxyResolverFactory(false); |
| 3491 |
| 3492 ProxyService service(base::WrapUnique(config_service), |
| 3493 base::WrapUnique(factory), nullptr); |
| 3494 |
| 3495 // Request 1 ---------------------------------------------------------------- |
| 3496 |
| 3497 // This URL includes a lot of different parts (some of these are expected to |
| 3498 // be stripped). |
| 3499 GURL url1("http://username:password@www.google.com:8080/path?query#fragment"); |
| 3500 GURL sanitized_url1("http://www.google.com:8080/path?query"); |
| 3501 |
| 3502 ProxyInfo info1; |
| 3503 TestCompletionCallback callback1; |
| 3504 int rv = service.ResolveProxy(url1, std::string(), LOAD_NORMAL, &info1, |
| 3505 callback1.callback(), nullptr, nullptr, |
| 3506 BoundNetLog()); |
| 3507 EXPECT_EQ(ERR_IO_PENDING, rv); |
| 3508 |
| 3509 // First step is to download the PAC script. |
| 3510 EXPECT_EQ(GURL("http://foopy/proxy.pac"), |
| 3511 factory->pending_requests()[0]->script_data()->url()); |
| 3512 factory->pending_requests()[0]->CompleteNowWithForwarder(OK, &resolver); |
| 3513 |
| 3514 ASSERT_EQ(1u, resolver.pending_requests().size()); |
| 3515 // Ensure that the sanitized URL was sent to the proxy resolver (not the full |
| 3516 // URL). |
| 3517 EXPECT_EQ(sanitized_url1, resolver.pending_requests()[0]->url()); |
| 3518 |
| 3519 // Complete the request. |
| 3520 resolver.pending_requests()[0]->results()->UsePacString("DIRECT"); |
| 3521 resolver.pending_requests()[0]->CompleteNow(OK); |
| 3522 EXPECT_EQ(OK, callback1.WaitForResult()); |
| 3523 EXPECT_TRUE(info1.is_direct()); |
| 3524 |
| 3525 // Request 2 ---------------------------------------------------------------- |
| 3526 |
| 3527 // Start another request. This time the URL is https://, so a different |
| 3528 // sanitization strategy should be used. |
| 3529 GURL url2( |
| 3530 "https://username:password@www.google.com:8080/path?query#fragment"); |
| 3531 GURL sanitized_url2("https://www.google.com:8080/"); |
| 3532 |
| 3533 ProxyInfo info2; |
| 3534 TestCompletionCallback callback2; |
| 3535 rv = service.ResolveProxy(url2, std::string(), LOAD_NORMAL, &info2, |
| 3536 callback2.callback(), nullptr, nullptr, |
| 3537 BoundNetLog()); |
| 3538 EXPECT_EQ(ERR_IO_PENDING, rv); |
| 3539 |
| 3540 ASSERT_EQ(1u, resolver.pending_requests().size()); |
| 3541 // Ensure that the sanitized URL was sent to the proxy resolver (not the full |
| 3542 // URL). |
| 3543 EXPECT_EQ(sanitized_url2, resolver.pending_requests()[0]->url()); |
| 3544 |
| 3545 // Complete the request. |
| 3546 resolver.pending_requests()[0]->results()->UsePacString("DIRECT"); |
| 3547 resolver.pending_requests()[0]->CompleteNow(OK); |
| 3548 EXPECT_EQ(OK, callback2.WaitForResult()); |
| 3549 EXPECT_TRUE(info2.is_direct()); |
| 3550 |
| 3551 // Request 3 ---------------------------------------------------------------- |
| 3552 |
| 3553 // Change the sanitization policy. |
| 3554 service.set_sanitize_url_for_pac_script_policy( |
| 3555 SanitizeUrlForPacScriptPolicy::UNSAFE); |
| 3556 |
| 3557 // Start another request. This is the same as request 2, however the expected |
| 3558 // sanitized URL is different (includes the path and query). |
| 3559 GURL url3 = url2; |
| 3560 GURL sanitized_url3("https://www.google.com:8080/path?query"); |
| 3561 |
| 3562 ProxyInfo info3; |
| 3563 TestCompletionCallback callback3; |
| 3564 rv = service.ResolveProxy(url3, std::string(), LOAD_NORMAL, &info3, |
| 3565 callback3.callback(), nullptr, nullptr, |
| 3566 BoundNetLog()); |
| 3567 EXPECT_EQ(ERR_IO_PENDING, rv); |
| 3568 |
| 3569 ASSERT_EQ(1u, resolver.pending_requests().size()); |
| 3570 // Ensure that the sanitized URL was sent to the proxy resolver (not the full |
| 3571 // URL). |
| 3572 EXPECT_EQ(sanitized_url3, resolver.pending_requests()[0]->url()); |
| 3573 |
| 3574 // Complete the request. |
| 3575 resolver.pending_requests()[0]->results()->UsePacString("DIRECT"); |
| 3576 resolver.pending_requests()[0]->CompleteNow(OK); |
| 3577 EXPECT_EQ(OK, callback3.WaitForResult()); |
| 3578 EXPECT_TRUE(info3.is_direct()); |
| 3579 } |
| 3580 |
| 3581 // Tests SanitizeUrlForPacScript() using input URLs that have a |
| 3582 // non-cryptographic scheme (i.e. http://). The sanitized result is consistent |
| 3583 // regardless of the stripping mode selected. |
| 3584 TEST_F(ProxyServiceTest, SanitizeUrlForPacScriptNonCryptographic) { |
| 3585 const struct { |
| 3586 const char* raw_url; |
| 3587 const char* sanitized_url; |
| 3588 } kTests[] = { |
| 3589 // Embedded identity is stripped. |
| 3590 { |
| 3591 "http://foo:bar@example.com/", "http://example.com/", |
| 3592 }, |
| 3593 { |
| 3594 "ftp://foo:bar@example.com/", "ftp://example.com/", |
| 3595 }, |
| 3596 // Reference fragment is stripped. |
| 3597 { |
| 3598 "http://example.com/blah#hello", "http://example.com/blah", |
| 3599 }, |
| 3600 // Query parameters are NOT stripped. |
| 3601 { |
| 3602 "http://example.com/foo/bar/baz?hello", |
| 3603 "http://example.com/foo/bar/baz?hello", |
| 3604 }, |
| 3605 // Fragment is stripped, but path and query are left intact. |
| 3606 { |
| 3607 "http://foo:bar@example.com/foo/bar/baz?hello#sigh", |
| 3608 "http://example.com/foo/bar/baz?hello", |
| 3609 }, |
| 3610 // Port numbers are not affected. |
| 3611 { |
| 3612 "http://example.com:88/hi", "http://example.com:88/hi", |
| 3613 }, |
| 3614 }; |
| 3615 |
| 3616 for (const auto& test : kTests) { |
| 3617 // The result of SanitizeUrlForPacScript() is the same regardless of the |
| 3618 // second parameter (sanitization mode), since the input URLs do not use a |
| 3619 // cryptographic scheme. |
| 3620 GURL raw_url(test.raw_url); |
| 3621 ASSERT_TRUE(raw_url.is_valid()); |
| 3622 EXPECT_FALSE(raw_url.SchemeIsCryptographic()); |
| 3623 |
| 3624 EXPECT_EQ(GURL(test.sanitized_url), |
| 3625 SanitizeUrlForPacScript(raw_url, |
| 3626 SanitizeUrlForPacScriptPolicy::UNSAFE)); |
| 3627 |
| 3628 EXPECT_EQ( |
| 3629 GURL(test.sanitized_url), |
| 3630 SanitizeUrlForPacScript(raw_url, SanitizeUrlForPacScriptPolicy::SAFE)); |
| 3631 } |
| 3632 } |
| 3633 |
| 3634 // Tests SanitizeUrlForPacScript() using input URLs that have a cryptographic |
| 3635 // schemes (i.e. https://). The sanitized result differs depending |
| 3636 // on the sanitization mode chosen. |
| 3637 TEST_F(ProxyServiceTest, SanitizeUrlForPacScriptCryptographic) { |
| 3638 const struct { |
| 3639 // Input URL. |
| 3640 const char* raw_url; |
| 3641 |
| 3642 // Output URL when stripping of cryptographic URLs is disabled. |
| 3643 const char* sanitized_url_unstripped; |
| 3644 |
| 3645 // Output URL when stripping of cryptographic URLs is enabled. |
| 3646 const char* sanitized_url; |
| 3647 } kTests[] = { |
| 3648 // Embedded identity is always stripped. |
| 3649 { |
| 3650 "https://foo:bar@example.com/", "https://example.com/", |
| 3651 "https://example.com/", |
| 3652 }, |
| 3653 // Fragments are always stripped, but stripping path is conditional on the |
| 3654 // mode. |
| 3655 { |
| 3656 "https://example.com/blah#hello", "https://example.com/blah", |
| 3657 "https://example.com/", |
| 3658 }, |
| 3659 // Stripping the query is conditional on the mode. |
| 3660 { |
| 3661 "https://example.com/foo/bar/baz?hello", |
| 3662 "https://example.com/foo/bar/baz?hello", "https://example.com/", |
| 3663 }, |
| 3664 // The embedded identity and fragment is always stripped, however path and |
| 3665 // query are conditional on the stripping mode. |
| 3666 { |
| 3667 "https://foo:bar@example.com/foo/bar/baz?hello#sigh", |
| 3668 "https://example.com/foo/bar/baz?hello", "https://example.com/", |
| 3669 }, |
| 3670 // The URL's port should not be stripped. |
| 3671 { |
| 3672 "https://example.com:88/hi", "https://example.com:88/hi", |
| 3673 "https://example.com:88/", |
| 3674 }, |
| 3675 }; |
| 3676 |
| 3677 for (const auto& test : kTests) { |
| 3678 GURL raw_url(test.raw_url); |
| 3679 ASSERT_TRUE(raw_url.is_valid()); |
| 3680 EXPECT_TRUE(raw_url.SchemeIsCryptographic()); |
| 3681 |
| 3682 EXPECT_EQ(GURL(test.sanitized_url_unstripped), |
| 3683 SanitizeUrlForPacScript(raw_url, |
| 3684 SanitizeUrlForPacScriptPolicy::UNSAFE)); |
| 3685 |
| 3686 EXPECT_EQ( |
| 3687 GURL(test.sanitized_url), |
| 3688 SanitizeUrlForPacScript(raw_url, SanitizeUrlForPacScriptPolicy::SAFE)); |
| 3689 } |
| 3690 } |
| 3691 |
3483 } // namespace net | 3692 } // namespace net |
OLD | NEW |