Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(419)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: webkit/child/site_isolation_policy_unittest.cc

Issue 22254005: UMA data collector for cross-site documents(XSD) (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@lkgr
Patch Set: "X-Content-Type-Options: nosniff" rule is added. Created 7 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« webkit/child/site_isolation_policy.cc ('K') | « webkit/child/site_isolation_policy.cc ('k') | webkit/child/weburlloader_impl.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "base/strings/utf_string_conversions.h"
6 #include "content/public/common/context_menu_params.h"
7 #include "testing/gtest/include/gtest/gtest.h"
8 #include "third_party/WebKit/public/platform/WebURLResponse.h"
9 #include "ui/base/range/range.h"
10 #include "webkit/child/site_isolation_policy.h"
11
12 namespace webkit_glue {
13
14 TEST(SiteIsolationPolicyTest, IsBlockableScheme) {
15 GURL data_url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAA==");
16 GURL ftp_url("ftp://google.com");
17 GURL mailto_url("mailto:google@google.com");
18 GURL about_url("about:chrome");
19 GURL http_url("http://google.com");
20 GURL https_url("https://google.com");
21
22 EXPECT_FALSE(SiteIsolationPolicy::IsBlockableScheme(data_url));
23 EXPECT_FALSE(SiteIsolationPolicy::IsBlockableScheme(ftp_url));
24 EXPECT_FALSE(SiteIsolationPolicy::IsBlockableScheme(mailto_url));
25 EXPECT_FALSE(SiteIsolationPolicy::IsBlockableScheme(about_url));
26 EXPECT_TRUE(SiteIsolationPolicy::IsBlockableScheme(http_url));
27 EXPECT_TRUE(SiteIsolationPolicy::IsBlockableScheme(https_url));
28 }
29
30 TEST(SiteIsolationPolicyTest, IsSameSite) {
31 GURL a_com_url0("https://mock1.a.com:8080/page1.html");
32 GURL a_com_url1("https://mock2.a.com:9090/page2.html");
33 GURL a_com_url2("https://a.com/page3.html");
34 EXPECT_TRUE(SiteIsolationPolicy::IsSameSite(a_com_url0, a_com_url1));
35 EXPECT_TRUE(SiteIsolationPolicy::IsSameSite(a_com_url1, a_com_url2));
36 EXPECT_TRUE(SiteIsolationPolicy::IsSameSite(a_com_url2, a_com_url0));
37
38 GURL b_com_url0("https://mock1.b.com/index.html");
39 EXPECT_FALSE(SiteIsolationPolicy::IsSameSite(a_com_url0, b_com_url0));
40
41 GURL about_blank_url("about:blank");
42 EXPECT_FALSE(SiteIsolationPolicy::IsSameSite(a_com_url0, about_blank_url));
43
44 GURL chrome_url("chrome://extension");
45 EXPECT_FALSE(SiteIsolationPolicy::IsSameSite(a_com_url0, chrome_url));
46
47 GURL empty_url("");
48 EXPECT_FALSE(SiteIsolationPolicy::IsSameSite(a_com_url0, empty_url));
49 }
50
51 TEST(SiteIsolationPolicyTest, IsValidCorsHeaderSet) {
52 GURL frame_origin("http://www.google.com");
53 GURL site_origin("http://www.yahoo.com");
54
55 EXPECT_TRUE(SiteIsolationPolicy::IsValidCorsHeaderSet(
56 frame_origin, site_origin, "*"));
57 EXPECT_FALSE(SiteIsolationPolicy::IsValidCorsHeaderSet(
58 frame_origin, site_origin, "\"*\""));
59 EXPECT_TRUE(SiteIsolationPolicy::IsValidCorsHeaderSet(
60 frame_origin, site_origin, "http://mail.google.com"));
61 EXPECT_FALSE(SiteIsolationPolicy::IsValidCorsHeaderSet(
62 frame_origin, site_origin, "https://mail.google.com"));
63 EXPECT_FALSE(SiteIsolationPolicy::IsValidCorsHeaderSet(
64 frame_origin, site_origin, "http://yahoo.com"));
65 EXPECT_FALSE(SiteIsolationPolicy::IsValidCorsHeaderSet(
66 frame_origin, site_origin, "www.google.com"));
67 }
68
69 TEST(SiteIsolationPolicyTest, SniffForHTML) {
70 const char* html_data = " \t\r\n <HtMladfokadfkado";
71 const char* non_html_data = " var name=window.location;\nadfadf";
72
73 EXPECT_TRUE(SiteIsolationPolicy::SniffForHTML(html_data, strlen(html_data)));
74 EXPECT_FALSE(
75 SiteIsolationPolicy::SniffForHTML(non_html_data, strlen(non_html_data)));
76 }
77
78 TEST(SiteIsolationPolicyTest, SniffForXML) {
79 const char* xml_data = " \t \r \n <?xml version=\"1.0\"?>\n <catalog";
80 const char* non_xml_data = " var name=window.location;\nadfadf";
81
82 EXPECT_TRUE(SiteIsolationPolicy::SniffForXML(xml_data, strlen(xml_data)));
83 EXPECT_FALSE(
84 SiteIsolationPolicy::SniffForXML(non_xml_data, strlen(non_xml_data)));
85 }
86
87 TEST(SiteIsolationPolicyTest, SniffForJSON) {
88 const char* json_data = "\t\t\r\n { \"name\" : \"chrome\", ";
89 const char* non_json_data0 = "\t\t\r\n { name : \"chrome\", ";
90 const char* non_json_data1 = "\t\t\r\n foo({ \"name\" : \"chrome\", ";
91
92 EXPECT_TRUE(SiteIsolationPolicy::SniffForJSON(json_data, strlen(json_data)));
93 EXPECT_FALSE(
94 SiteIsolationPolicy::SniffForJSON(non_json_data0, strlen(non_json_data0)));
95 EXPECT_FALSE(
96 SiteIsolationPolicy::SniffForJSON(non_json_data1, strlen(non_json_data1)));
97 }
98
99 TEST(SiteIsolationPolicyTest, SniffForJS) {
100 const char* js_data = "\t\t\r\n var a = 4";
101 const char* json_data = "\t\t\r\n { \"name\" : \"chrome\", ";
102
103 EXPECT_TRUE(SiteIsolationPolicy::SniffForJS(js_data, strlen(js_data)));
104 EXPECT_FALSE(SiteIsolationPolicy::SniffForJS(json_data, strlen(json_data)));
105 }
106
107 } // namespace conten
OLDNEW
« webkit/child/site_isolation_policy.cc ('K') | « webkit/child/site_isolation_policy.cc ('k') | webkit/child/weburlloader_impl.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698