WIP: URLRequest-based UIR implementation.

net/url_request/url_request_unittest.cc

Index: net/url_request/url_request_unittest.cc
diff --git a/net/url_request/url_request_unittest.cc b/net/url_request/url_request_unittest.cc
index 0fce7f0ca3762f56fd719892e0daa2039daad276..ed8ea2552948a20db0752f8c5b560535f61ae3ee 100644
--- a/net/url_request/url_request_unittest.cc
+++ b/net/url_request/url_request_unittest.cc
@@ -1127,6 +1127,128 @@ TEST_F(URLRequestTest, FileDirRedirectSingleSlash) {
 
 #endif  // !defined(DISABLE_FILE_SUPPORT)
 
+TEST_F(URLRequestTest, InsecureRequestPolicyTest) {
+  TestDelegate d;
+  GURL original_url("http://example.com/path/to/file");
+  GURL upgraded_url("https://example.com/path/to/file");
+  url::Origin matched_host(original_url);
+  url::Origin mismatched_host(GURL("http://not.example.com/"));
+  std::string upgrade_type = "Upgrade";
+
+  std::unique_ptr<URLRequest> r(default_context_.CreateRequest(original_url, DEFAULT_PRIORITY, &d));
+
+  // No upgrade:
+  {
+    r->set_insecure_request_policy(URLRequest::DO_NOT_UPGRADE_INSECURE_REQUESTS);
+    
+    GURL redirect;
+    std::string type;
+    EXPECT_FALSE(r->GetSecureRedirect(&redirect, &type));
+    EXPECT_TRUE(redirect.is_empty());
+    EXPECT_TRUE(type.empty());
+  }
+
+  // Upgrade all, matching host:
+  {
+    r->set_insecure_request_policy(URLRequest::UPGRADE_ALL_INSECURE_REQUESTS);
+    r->set_initiator(matched_host);
+    
+    GURL redirect;
+    std::string type;
+    EXPECT_TRUE(r->GetSecureRedirect(&redirect, &type));
+    EXPECT_EQ(upgraded_url, redirect);
+    EXPECT_EQ(upgrade_type, type);
+  }
+
+  // Upgrade all, mismatched host:
+  {
+    r->set_insecure_request_policy(URLRequest::UPGRADE_ALL_INSECURE_REQUESTS);
+    r->set_initiator(mismatched_host);
+    
+    GURL redirect;
+    std::string type;
+    EXPECT_TRUE(r->GetSecureRedirect(&redirect, &type));
+    EXPECT_EQ(upgraded_url, redirect);
+    EXPECT_EQ(upgrade_type, type);
+  }
+
+  // Upgrade same host, matching host:
+  {
+    r->set_insecure_request_policy(URLRequest::UPGRADE_SAME_HOST_INSECURE_REQUESTS);
+    r->set_initiator(matched_host);
+    
+    GURL redirect;
+    std::string type;
+    EXPECT_TRUE(r->GetSecureRedirect(&redirect, &type));
+    EXPECT_EQ(upgraded_url, redirect);
+    EXPECT_EQ(upgrade_type, type);
+  }
+
+  // Upgrade same host, mismatched host:
+  {
+    r->set_insecure_request_policy(URLRequest::UPGRADE_SAME_HOST_INSECURE_REQUESTS);
+    r->set_initiator(mismatched_host);
+    
+    GURL redirect;
+    std::string type;
+    EXPECT_FALSE(r->GetSecureRedirect(&redirect, &type));
+    EXPECT_TRUE(redirect.is_empty());
+    EXPECT_TRUE(type.empty());
+  }
+}
+
+TEST_F(URLRequestTest, HSTSUpgradeTest) {
+  TestURLRequestContext context(true);
+  TestNetworkDelegate network_delegate;
+  TestDelegate delegate;
+
+  TransportSecurityState transport_security_state;
+
+  context.set_transport_security_state(&transport_security_state);
+  context.set_network_delegate(&network_delegate);
+  context.Init();
+
+  GURL original_url("http://example.com/path/to/file");
+  GURL upgraded_url("https://example.com/path/to/file");
+  std::string hsts_type = "HSTS";
+  std::string upgrade_type = "Upgrade";
+
+  std::unique_ptr<URLRequest> r(context.CreateRequest(original_url, DEFAULT_PRIORITY, &delegate));
+
+  // No upgrade by default:
+  {
+    GURL redirect;
+    std::string type;
+    EXPECT_FALSE(r->GetSecureRedirect(&redirect, &type));
+    EXPECT_TRUE(redirect.is_empty());
+    EXPECT_TRUE(type.empty());
+  }
+
+  // Upgrade if host is in the HSTS list:
+  {
+    transport_security_state.AddHSTS("example.com", base::Time::Now() + base::TimeDelta::FromDays(1), false);
+
+    GURL redirect;
+    std::string type;
+    EXPECT_TRUE(r->GetSecureRedirect(&redirect, &type));
+    EXPECT_EQ(upgraded_url, redirect);
+    EXPECT_EQ(hsts_type, type);
+  }
+
+  // If host is in the HSTS list, and would be upgraded by insecure request
+  // policy, the latter is reported as the upgrade type:
+  {
+    transport_security_state.AddHSTS("example.com", base::Time::Now() + base::TimeDelta::FromDays(1), false);
+    r->set_insecure_request_policy(URLRequest::UPGRADE_ALL_INSECURE_REQUESTS);
+
+    GURL redirect;
+    std::string type;
+    EXPECT_TRUE(r->GetSecureRedirect(&redirect, &type));
+    EXPECT_EQ(upgraded_url, redirect);
+    EXPECT_EQ(upgrade_type, type);
+  }
+}
+
 TEST_F(URLRequestTest, InvalidUrlTest) {
   TestDelegate d;
   {
@@ -8566,7 +8688,7 @@ TEST_F(HTTPSRequestTest, HSTSCrossOriginAddHeaders) {
   EXPECT_EQ(kOriginHeaderValue, received_cors_header);
 }
 
-// This just tests the behaviour of GetHSTSRedirect(). End-to-end tests of HSTS
+// This just tests the behaviour of GetSecureRedirect(). End-to-end tests of HSTS
 // are performed in net/websockets/websocket_end_to_end_test.cc.
 TEST(WebSocketURLRequestTest, HSTSApplied) {
   TestNetworkDelegate network_delegate;
@@ -8582,8 +8704,10 @@ TEST(WebSocketURLRequestTest, HSTSApplied) {
   TestDelegate delegate;
   std::unique_ptr<URLRequest> request(
       context.CreateRequest(ws_url, DEFAULT_PRIORITY, &delegate));
-  EXPECT_TRUE(request->GetHSTSRedirect(&ws_url));
+  std::string redirect_type;
+  EXPECT_TRUE(request->GetSecureRedirect(&ws_url, &redirect_type));
   EXPECT_TRUE(ws_url.SchemeIs("wss"));
+  EXPECT_EQ("HSTS", redirect_type);
 }
 
 namespace {