Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(81)

Unified Diff: third_party/WebKit/Source/core/html/parser/HTMLPreloadScannerTest.cpp

Issue 2148723002: Teach the preload scanner about the 'nonce' attribute. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 4 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: third_party/WebKit/Source/core/html/parser/HTMLPreloadScannerTest.cpp
diff --git a/third_party/WebKit/Source/core/html/parser/HTMLPreloadScannerTest.cpp b/third_party/WebKit/Source/core/html/parser/HTMLPreloadScannerTest.cpp
index bc584d1ee13aa9b7327b6ef5e13a7c4d5d3013eb..a2f1aec6cbb72961b7f177dc6d98b41a7130878f 100644
--- a/third_party/WebKit/Source/core/html/parser/HTMLPreloadScannerTest.cpp
+++ b/third_party/WebKit/Source/core/html/parser/HTMLPreloadScannerTest.cpp
@@ -44,6 +44,12 @@ struct ReferrerPolicyTestCase {
ReferrerPolicy referrerPolicy;
};
+struct NonceTestCase {
+ const char* baseURL;
+ const char* inputHTML;
+ const char* nonce;
+};
+
class MockHTMLResourcePreloader : public ResourcePreloader {
public:
void preloadRequestVerification(Resource::Type type, const char* url, const char* baseURL, int width, const ClientHintsPreferences& preferences)
@@ -80,6 +86,15 @@ public:
}
}
+ void nonceRequestVerification(const char* nonce)
+ {
+ ASSERT_TRUE(m_preloadRequest.get());
+ if (strlen(nonce))
+ EXPECT_EQ(nonce, m_preloadRequest->nonce());
+ else
+ EXPECT_TRUE(m_preloadRequest->nonce().isEmpty());
+ }
+
protected:
void preload(std::unique_ptr<PreloadRequest> preloadRequest, const NetworkHintsInterface&) override
{
@@ -171,6 +186,16 @@ protected:
preloader.preloadRequestVerification(testCase.type, testCase.preloadedURL, testCase.outputBaseURL, testCase.resourceWidth, testCase.referrerPolicy);
}
+ void test(NonceTestCase testCase)
+ {
+ MockHTMLResourcePreloader preloader;
+ KURL baseURL(ParsedURLString, testCase.baseURL);
+ m_scanner->appendToEnd(String(testCase.inputHTML));
+ m_scanner->scanAndPreload(&preloader, baseURL, nullptr);
+
+ preloader.nonceRequestVerification(testCase.nonce);
+ }
+
private:
std::unique_ptr<DummyPageHolder> m_dummyPageHolder;
std::unique_ptr<HTMLPreloadScanner> m_scanner;
@@ -374,6 +399,31 @@ TEST_F(HTMLPreloadScannerTest, testReferrerPolicy)
test(testCase);
}
+TEST_F(HTMLPreloadScannerTest, testNonce)
+{
+ NonceTestCase testCases[] = {
+ { "http://example.test", "<script src='/script'></script>", "" },
+ { "http://example.test", "<script src='/script' nonce=''></script>", "" },
+ { "http://example.test", "<script src='/script' nonce='abc'></script>", "abc" },
+ { "http://example.test", "<link rel='import' href='/import'>", "" },
+ { "http://example.test", "<link rel='import' href='/import' nonce=''>", "" },
+ { "http://example.test", "<link rel='import' href='/import' nonce='abc'>", "abc" },
+ { "http://example.test", "<link rel='stylesheet' href='/style'>", "" },
+ { "http://example.test", "<link rel='stylesheet' href='/style' nonce=''>", "" },
+ { "http://example.test", "<link rel='stylesheet' href='/style' nonce='abc'>", "abc" },
+
+ // <img> doesn't support nonces:
+ { "http://example.test", "<img src='/image'>", "" },
+ { "http://example.test", "<img src='/image' nonce=''>", "" },
+ { "http://example.test", "<img src='/image' nonce='abc'>", "" },
+ };
+
+ for (const auto& testCase : testCases) {
+ SCOPED_TRACE(testCase.inputHTML);
+ test(testCase);
+ }
+}
+
// Tests that a document-level referrer policy (e.g. one set by HTTP
// header) is applied for preload requests.
TEST_F(HTMLPreloadScannerTest, testReferrerPolicyOnDocument)

Powered by Google App Engine
This is Rietveld 408576698