OLD | NEW |
---|---|
(Empty) | |
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "base/strings/utf_string_conversions.h" | |
6 #include "content/child/site_isolation_policy.h" | |
7 #include "content/public/common/context_menu_params.h" | |
8 #include "testing/gtest/include/gtest/gtest.h" | |
9 #include "third_party/WebKit/public/platform/WebURLResponse.h" | |
10 #include "ui/base/range/range.h" | |
11 | |
12 | |
13 namespace content { | |
14 | |
15 TEST(SiteIsolationPolicyTest, IsBlockableScheme) { | |
16 GURL data_url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAA=="); | |
17 GURL ftp_url("ftp://google.com"); | |
18 GURL mailto_url("mailto:google@google.com"); | |
19 GURL about_url("about:chrome"); | |
20 GURL http_url("http://google.com"); | |
21 GURL https_url("https://google.com"); | |
22 | |
23 EXPECT_FALSE(SiteIsolationPolicy::IsBlockableScheme(data_url)); | |
24 EXPECT_FALSE(SiteIsolationPolicy::IsBlockableScheme(ftp_url)); | |
25 EXPECT_FALSE(SiteIsolationPolicy::IsBlockableScheme(mailto_url)); | |
26 EXPECT_FALSE(SiteIsolationPolicy::IsBlockableScheme(about_url)); | |
27 EXPECT_TRUE(SiteIsolationPolicy::IsBlockableScheme(http_url)); | |
28 EXPECT_TRUE(SiteIsolationPolicy::IsBlockableScheme(https_url)); | |
29 } | |
30 | |
31 TEST(SiteIsolationPolicyTest, IsSameSite) { | |
32 GURL a_com_url0("https://mock1.a.com:8080/page1.html"); | |
33 GURL a_com_url1("https://mock2.a.com:9090/page2.html"); | |
34 GURL a_com_url2("https://a.com/page3.html"); | |
35 EXPECT_TRUE(SiteIsolationPolicy::IsSameSite(a_com_url0, a_com_url1)); | |
36 EXPECT_TRUE(SiteIsolationPolicy::IsSameSite(a_com_url1, a_com_url2)); | |
37 EXPECT_TRUE(SiteIsolationPolicy::IsSameSite(a_com_url2, a_com_url0)); | |
38 | |
39 GURL b_com_url0("https://mock1.b.com/index.html"); | |
40 EXPECT_FALSE(SiteIsolationPolicy::IsSameSite(a_com_url0, b_com_url0)); | |
41 | |
42 GURL about_blank_url("about:blank"); | |
43 EXPECT_FALSE(SiteIsolationPolicy::IsSameSite(a_com_url0, about_blank_url)); | |
44 | |
45 GURL chrome_url("chrome://extension"); | |
46 EXPECT_FALSE(SiteIsolationPolicy::IsSameSite(a_com_url0, chrome_url)); | |
47 | |
48 GURL empty_url(""); | |
49 EXPECT_FALSE(SiteIsolationPolicy::IsSameSite(a_com_url0, empty_url)); | |
50 } | |
51 | |
52 TEST(SiteIsolationPolicyTest, IsValidCorsHeaderSet) { | |
53 GURL frame_origin("http://www.google.com"); | |
54 GURL site_origin("http://www.yahoo.com"); | |
55 | |
56 EXPECT_TRUE(SiteIsolationPolicy::IsValidCorsHeaderSet( | |
57 frame_origin, site_origin, "*")); | |
58 EXPECT_FALSE(SiteIsolationPolicy::IsValidCorsHeaderSet( | |
59 frame_origin, site_origin, "\"*\"")); | |
60 EXPECT_TRUE(SiteIsolationPolicy::IsValidCorsHeaderSet( | |
61 frame_origin, site_origin, "http://mail.google.com")); | |
62 EXPECT_FALSE(SiteIsolationPolicy::IsValidCorsHeaderSet( | |
63 frame_origin, site_origin, "https://mail.google.com")); | |
64 EXPECT_FALSE(SiteIsolationPolicy::IsValidCorsHeaderSet( | |
65 frame_origin, site_origin, "http://yahoo.com")); | |
66 EXPECT_FALSE(SiteIsolationPolicy::IsValidCorsHeaderSet( | |
67 frame_origin, site_origin, "www.google.com")); | |
68 } | |
69 | |
70 TEST(SiteIsolationPolicyTest, SniffForHTML) { | |
71 const char html_data[] = " \t\r\n <HtMladfokadfkado"; | |
72 const char comment_html_data[] = " <!-- this is comment --> <html><body>"; | |
73 const char two_comments_html_data[] = | |
74 "<!-- this is comment -->\n<!-- this is comment --><html><body>"; | |
75 const char mixed_comments_html_data[] = | |
76 "<!-- this is comment <!-- --> <script></script>"; | |
77 const char non_html_data[] = " var name=window.location;\nadfadf"; | |
78 const char comment_js_data[] = " <!-- this is comment -> document.write(1); "; | |
79 | |
80 EXPECT_TRUE( | |
81 SiteIsolationPolicy::SniffForHTML(html_data, arraysize(html_data))); | |
82 EXPECT_TRUE(SiteIsolationPolicy::SniffForHTML(comment_html_data, | |
83 arraysize(comment_html_data))); | |
84 EXPECT_TRUE(SiteIsolationPolicy::SniffForHTML( | |
85 two_comments_html_data, arraysize(two_comments_html_data))); | |
86 EXPECT_TRUE(SiteIsolationPolicy::SniffForHTML( | |
87 mixed_comments_html_data, arraysize(mixed_comments_html_data))); | |
88 EXPECT_FALSE(SiteIsolationPolicy::SniffForHTML(non_html_data, | |
89 arraysize(non_html_data))); | |
90 EXPECT_FALSE(SiteIsolationPolicy::SniffForHTML(comment_js_data, | |
91 arraysize(comment_js_data))); | |
92 } | |
93 | |
94 TEST(SiteIsolationPolicyTest, SniffForXML) { | |
95 const char xml_data[] = " \t \r \n <?xml version=\"1.0\"?>\n <catalog"; | |
96 const char non_xml_data[] = " var name=window.location;\nadfadf"; | |
97 | |
98 EXPECT_TRUE(SiteIsolationPolicy::SniffForXML(xml_data, arraysize(xml_data))); | |
99 EXPECT_FALSE( | |
100 SiteIsolationPolicy::SniffForXML(non_xml_data, arraysize(non_xml_data))); | |
101 } | |
102 | |
103 TEST(SiteIsolationPolicyTest, SniffForJSON) { | |
104 const char json_data[] = "\t\t\r\n { \"name\" : \"chrome\", "; | |
105 const char non_json_data0[] = "\t\t\r\n { name : \"chrome\", "; | |
106 const char non_json_data1[] = "\t\t\r\n foo({ \"name\" : \"chrome\", "; | |
107 | |
108 EXPECT_TRUE( | |
109 SiteIsolationPolicy::SniffForJSON(json_data, arraysize(json_data))); | |
110 EXPECT_FALSE(SiteIsolationPolicy::SniffForJSON(non_json_data0, | |
111 arraysize(non_json_data0))); | |
112 EXPECT_FALSE(SiteIsolationPolicy::SniffForJSON(non_json_data1, | |
113 arraysize(non_json_data1))); | |
114 } | |
115 | |
116 TEST(SiteIsolationPolicyTest, SniffForJS) { | |
117 const char js_data[] = "\t\t\r\n var a = 4"; | |
118 const char json_data[] = "\t\t\r\n { \"name\" : \"chrome\", "; | |
119 | |
120 EXPECT_TRUE(SiteIsolationPolicy::SniffForJS(js_data, arraysize(js_data))); | |
121 EXPECT_FALSE( | |
122 SiteIsolationPolicy::SniffForJS(json_data, arraysize(json_data))); | |
123 } | |
124 | |
125 } // namespace conten | |
Charlie Reis
2013/08/22 23:05:22
nit: content
| |
OLD | NEW |