| Index: content/browser/net/insecure_request_interceptor_unittest.cc
|
| diff --git a/content/browser/net/insecure_request_interceptor_unittest.cc b/content/browser/net/insecure_request_interceptor_unittest.cc
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..52077eba36fb1deef17f582b63209012e01d0132
|
| --- /dev/null
|
| +++ b/content/browser/net/insecure_request_interceptor_unittest.cc
|
| @@ -0,0 +1,140 @@
|
| +// Copyright 2016 The Chromium Authors. All rights reserved.
|
| +// Use of this source code is governed by a BSD-style license that can be
|
| +// found in the LICENSE file.
|
| +
|
| +#include "content/browser/net/insecure_request_interceptor.h"
|
| +
|
| +#include "base/message_loop/message_loop.h"
|
| +#include "base/run_loop.h"
|
| +#include "net/base/request_priority.h"
|
| +#include "net/log/net_log.h"
|
| +#include "net/log/test_net_log.h"
|
| +#include "net/log/test_net_log_entry.h"
|
| +#include "net/log/test_net_log_util.h"
|
| +#include "net/url_request/url_request.h"
|
| +#include "net/url_request/url_request_redirect_job.h"
|
| +#include "net/url_request/url_request_test_util.h"
|
| +#include "testing/gtest/include/gtest/gtest-message.h"
|
| +#include "testing/gtest/include/gtest/gtest.h"
|
| +#include "url/gurl.h"
|
| +#include "url/origin.h"
|
| +
|
| +namespace content {
|
| +
|
| +class InsecureRequestInterceptorTest : public testing::Test {
|
| + public:
|
| + InsecureRequestInterceptorTest() : default_context_(true) {
|
| + default_context_.set_network_delegate(&default_network_delegate_);
|
| + default_context_.set_net_log(&net_log_);
|
| + }
|
| +
|
| + ~InsecureRequestInterceptorTest() override {}
|
| +
|
| + void SetUp() override { default_context_.Init(); }
|
| +
|
| + InsecureRequestInterceptor* interceptor() { return &interceptor_; }
|
| +
|
| + void VerifyJobIsRedirect(net::URLRequestJob* job) {
|
| + // Clear the log, start the job, then verify that the job logs a redirect
|
| + // event with a reason of "Upgrade":
|
| + net_log_.Clear();
|
| + job->Start();
|
| + net::TestNetLogEntry::List entries;
|
| + net_log_.GetEntries(&entries);
|
| + EXPECT_EQ(1u, entries.size());
|
| + EXPECT_EQ(net::NetLog::TYPE_URL_REQUEST_REDIRECT_JOB, entries[0].type);
|
| + std::string value;
|
| + EXPECT_TRUE(entries[0].GetStringValue("reason", &value));
|
| + EXPECT_EQ("Upgrade", value);
|
| + job->Kill();
|
| + }
|
| +
|
| + protected:
|
| + net::TestNetworkDelegate default_network_delegate_;
|
| + net::TestURLRequestContext default_context_;
|
| + net::TestDelegate delegate_;
|
| + net::TestNetLog net_log_;
|
| + base::MessageLoop loop_;
|
| +
|
| + InsecureRequestInterceptor interceptor_;
|
| +};
|
| +
|
| +TEST_F(InsecureRequestInterceptorTest, UpgradeSecureRequest) {
|
| + struct TestCase {
|
| + net::URLRequest::InsecureRequestPolicy policy;
|
| + bool matched_initiator;
|
| + } cases[] = {
|
| + {net::URLRequest::DO_NOT_UPGRADE_INSECURE_REQUESTS, true},
|
| + {net::URLRequest::DO_NOT_UPGRADE_INSECURE_REQUESTS, false},
|
| + {net::URLRequest::UPGRADE_SAME_HOST_INSECURE_REQUESTS, true},
|
| + {net::URLRequest::UPGRADE_SAME_HOST_INSECURE_REQUESTS, false},
|
| + {net::URLRequest::UPGRADE_ALL_INSECURE_REQUESTS, true},
|
| + {net::URLRequest::UPGRADE_ALL_INSECURE_REQUESTS, false},
|
| + };
|
| +
|
| + GURL secure_url("https://example.com/path/to/file");
|
| + url::Origin matched_host(secure_url);
|
| + url::Origin mismatched_host(GURL("https://not.example.com/"));
|
| + std::unique_ptr<net::URLRequest> r(default_context_.CreateRequest(
|
| + secure_url, net::DEFAULT_PRIORITY, &delegate_));
|
| + net::URLRequestJob* job;
|
| +
|
| + for (const auto& test : cases) {
|
| + SCOPED_TRACE(::testing::Message()
|
| + << "Policy: " << test.policy << ", Matched: "
|
| + << (test.matched_initiator ? "True" : "False"));
|
| + r->set_insecure_request_policy(test.policy);
|
| + r->set_initiator(test.matched_initiator ? matched_host : mismatched_host);
|
| +
|
| + job = interceptor()->MaybeInterceptRequest(r.get(),
|
| + &default_network_delegate_);
|
| + EXPECT_EQ(nullptr, job);
|
| + job = interceptor()->MaybeInterceptRedirect(
|
| + r.get(), &default_network_delegate_, secure_url);
|
| + EXPECT_EQ(nullptr, job);
|
| + }
|
| +}
|
| +
|
| +TEST_F(InsecureRequestInterceptorTest, UpgradeInsecureRequest) {
|
| + struct TestCase {
|
| + net::URLRequest::InsecureRequestPolicy policy;
|
| + bool matched_initiator;
|
| + bool expect_redirect;
|
| + } cases[] = {
|
| + {net::URLRequest::DO_NOT_UPGRADE_INSECURE_REQUESTS, true, false},
|
| + {net::URLRequest::DO_NOT_UPGRADE_INSECURE_REQUESTS, false, false},
|
| + {net::URLRequest::UPGRADE_SAME_HOST_INSECURE_REQUESTS, true, true},
|
| + {net::URLRequest::UPGRADE_SAME_HOST_INSECURE_REQUESTS, false, false},
|
| + {net::URLRequest::UPGRADE_ALL_INSECURE_REQUESTS, true, true},
|
| + {net::URLRequest::UPGRADE_ALL_INSECURE_REQUESTS, false, true},
|
| + };
|
| +
|
| + GURL insecure_url("http://example.com/path/to/file");
|
| + GURL secure_url("https://example.com/path/to/file");
|
| + url::Origin matched_host(secure_url);
|
| + url::Origin mismatched_host(GURL("https://not.example.com/"));
|
| + net::URLRequestJob* job;
|
| +
|
| + for (const auto& test : cases) {
|
| + SCOPED_TRACE(::testing::Message()
|
| + << "Policy: " << test.policy << ", Matched: "
|
| + << (test.matched_initiator ? "True" : "False"));
|
| + std::unique_ptr<net::URLRequest> r(default_context_.CreateRequest(
|
| + insecure_url, net::DEFAULT_PRIORITY, &delegate_));
|
| + r->set_insecure_request_policy(test.policy);
|
| + r->set_initiator(test.matched_initiator ? matched_host : mismatched_host);
|
| +
|
| + job = interceptor()->MaybeInterceptRequest(r.get(),
|
| + &default_network_delegate_);
|
| + if (test.expect_redirect) {
|
| + ASSERT_NE(nullptr, job);
|
| + VerifyJobIsRedirect(job);
|
| + } else {
|
| + EXPECT_EQ(nullptr, job);
|
| + }
|
| + job = interceptor()->MaybeInterceptRedirect(
|
| + r.get(), &default_network_delegate_, secure_url);
|
| + }
|
| +}
|
| +
|
| +} // namespace content
|
|
|
Chromium Code Reviews
Issue 2053693002:
WIP: Move 'Upgrade-Insecure-Requests' to the browser process.
Base URL: https://chromium.googlesource.com/chromium/src.git@replicate