OLD | NEW |
(Empty) | |
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "base/strings/utf_string_conversions.h" |
| 6 #include "content/public/common/context_menu_params.h" |
| 7 #include "testing/gtest/include/gtest/gtest.h" |
| 8 #include "third_party/WebKit/public/platform/WebURLResponse.h" |
| 9 #include "ui/base/range/range.h" |
| 10 #include "webkit/child/site_isolation_policy.h" |
| 11 |
| 12 namespace webkit_glue { |
| 13 |
| 14 TEST(SiteIsolationPolicyTest, IsBlockableScheme) { |
| 15 GURL data_url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAA=="); |
| 16 GURL ftp_url("ftp://google.com"); |
| 17 GURL mailto_url("mailto:google@google.com"); |
| 18 GURL about_url("about:chrome"); |
| 19 GURL http_url("http://google.com"); |
| 20 GURL https_url("https://google.com"); |
| 21 |
| 22 EXPECT_FALSE(SiteIsolationPolicy::IsBlockableScheme(data_url)); |
| 23 EXPECT_FALSE(SiteIsolationPolicy::IsBlockableScheme(ftp_url)); |
| 24 EXPECT_FALSE(SiteIsolationPolicy::IsBlockableScheme(mailto_url)); |
| 25 EXPECT_FALSE(SiteIsolationPolicy::IsBlockableScheme(about_url)); |
| 26 EXPECT_TRUE(SiteIsolationPolicy::IsBlockableScheme(http_url)); |
| 27 EXPECT_TRUE(SiteIsolationPolicy::IsBlockableScheme(https_url)); |
| 28 } |
| 29 |
| 30 TEST(SiteIsolationPolicyTest, IsSameSite) { |
| 31 GURL a_com_url0("https://mock1.a.com:8080/page1.html"); |
| 32 GURL a_com_url1("https://mock2.a.com:9090/page2.html"); |
| 33 GURL a_com_url2("https://a.com/page3.html"); |
| 34 EXPECT_TRUE(SiteIsolationPolicy::IsSameSite(a_com_url0, a_com_url1)); |
| 35 EXPECT_TRUE(SiteIsolationPolicy::IsSameSite(a_com_url1, a_com_url2)); |
| 36 EXPECT_TRUE(SiteIsolationPolicy::IsSameSite(a_com_url2, a_com_url0)); |
| 37 |
| 38 GURL b_com_url0("https://mock1.b.com/index.html"); |
| 39 EXPECT_FALSE(SiteIsolationPolicy::IsSameSite(a_com_url0, b_com_url0)); |
| 40 |
| 41 GURL about_blank_url("about:blank"); |
| 42 EXPECT_FALSE(SiteIsolationPolicy::IsSameSite(a_com_url0, about_blank_url)); |
| 43 |
| 44 GURL chrome_url("chrome://extension"); |
| 45 EXPECT_FALSE(SiteIsolationPolicy::IsSameSite(a_com_url0, chrome_url)); |
| 46 |
| 47 GURL empty_url(""); |
| 48 EXPECT_FALSE(SiteIsolationPolicy::IsSameSite(a_com_url0, empty_url)); |
| 49 } |
| 50 |
| 51 TEST(SiteIsolationPolicyTest, IsValidCorsHeaderSet) { |
| 52 GURL frame_origin("http://www.google.com"); |
| 53 GURL site_origin("http://www.yahoo.com"); |
| 54 |
| 55 EXPECT_TRUE(SiteIsolationPolicy::IsValidCorsHeaderSet( |
| 56 frame_origin, site_origin, "*")); |
| 57 EXPECT_FALSE(SiteIsolationPolicy::IsValidCorsHeaderSet( |
| 58 frame_origin, site_origin, "\"*\"")); |
| 59 EXPECT_TRUE(SiteIsolationPolicy::IsValidCorsHeaderSet( |
| 60 frame_origin, site_origin, "http://mail.google.com")); |
| 61 EXPECT_FALSE(SiteIsolationPolicy::IsValidCorsHeaderSet( |
| 62 frame_origin, site_origin, "https://mail.google.com")); |
| 63 EXPECT_FALSE(SiteIsolationPolicy::IsValidCorsHeaderSet( |
| 64 frame_origin, site_origin, "http://yahoo.com")); |
| 65 EXPECT_FALSE(SiteIsolationPolicy::IsValidCorsHeaderSet( |
| 66 frame_origin, site_origin, "www.google.com")); |
| 67 } |
| 68 |
| 69 TEST(SiteIsolationPolicyTest, SniffForHTML) { |
| 70 const char* html_data = " \t\r\n <HtMladfokadfkado"; |
| 71 const char* non_html_data = " var name=window.location;\nadfadf"; |
| 72 |
| 73 EXPECT_TRUE(SiteIsolationPolicy::SniffForHTML(html_data, strlen(html_data))); |
| 74 EXPECT_FALSE( |
| 75 SiteIsolationPolicy::SniffForHTML(non_html_data, strlen(non_html_data))); |
| 76 } |
| 77 |
| 78 TEST(SiteIsolationPolicyTest, SniffForXML) { |
| 79 const char* xml_data = " \t \r \n <?xml version=\"1.0\"?>\n <catalog"; |
| 80 const char* non_xml_data = " var name=window.location;\nadfadf"; |
| 81 |
| 82 EXPECT_TRUE(SiteIsolationPolicy::SniffForXML(xml_data, strlen(xml_data))); |
| 83 EXPECT_FALSE( |
| 84 SiteIsolationPolicy::SniffForXML(non_xml_data, strlen(non_xml_data))); |
| 85 } |
| 86 |
| 87 TEST(SiteIsolationPolicyTest, SniffForJSON) { |
| 88 const char* json_data = "\t\t\r\n { \"name\" : \"chrome\", "; |
| 89 const char* non_json_data0 = "\t\t\r\n { name : \"chrome\", "; |
| 90 const char* non_json_data1 = "\t\t\r\n foo({ \"name\" : \"chrome\", "; |
| 91 |
| 92 EXPECT_TRUE(SiteIsolationPolicy::SniffForJSON(json_data, strlen(json_data))); |
| 93 EXPECT_FALSE( |
| 94 SiteIsolationPolicy::SniffForJSON(non_json_data0, strlen(non_json_data0))); |
| 95 EXPECT_FALSE( |
| 96 SiteIsolationPolicy::SniffForJSON(non_json_data1, strlen(non_json_data1))); |
| 97 } |
| 98 |
| 99 TEST(SiteIsolationPolicyTest, SniffForJS) { |
| 100 const char* js_data = "\t\t\r\n var a = 4"; |
| 101 const char* json_data = "\t\t\r\n { \"name\" : \"chrome\", "; |
| 102 |
| 103 EXPECT_TRUE(SiteIsolationPolicy::SniffForJS(js_data, strlen(js_data))); |
| 104 EXPECT_FALSE(SiteIsolationPolicy::SniffForJS(json_data, strlen(json_data))); |
| 105 } |
| 106 |
| 107 } // namespace conten |
OLD | NEW |