Index: webkit/child/site_isolation_policy_unittest.cc |
diff --git a/webkit/child/site_isolation_policy_unittest.cc b/webkit/child/site_isolation_policy_unittest.cc |
new file mode 100644 |
index 0000000000000000000000000000000000000000..8aa0aaab7ca8a00cf37ba436e8e8265b73de1607 |
--- /dev/null |
+++ b/webkit/child/site_isolation_policy_unittest.cc |
@@ -0,0 +1,107 @@ |
+// Copyright (c) 2013 The Chromium Authors. All rights reserved. |
+// Use of this source code is governed by a BSD-style license that can be |
+// found in the LICENSE file. |
+ |
+#include "base/strings/utf_string_conversions.h" |
+#include "content/public/common/context_menu_params.h" |
+#include "testing/gtest/include/gtest/gtest.h" |
+#include "third_party/WebKit/public/platform/WebURLResponse.h" |
+#include "ui/base/range/range.h" |
+#include "webkit/child/site_isolation_policy.h" |
+ |
+namespace webkit_glue { |
+ |
+TEST(SiteIsolationPolicyTest, IsBlockableScheme) { |
+ GURL data_url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAA=="); |
+ GURL ftp_url("ftp://google.com"); |
+ GURL mailto_url("mailto:google@google.com"); |
+ GURL about_url("about:chrome"); |
+ GURL http_url("http://google.com"); |
+ GURL https_url("https://google.com"); |
+ |
+ EXPECT_FALSE(SiteIsolationPolicy::IsBlockableScheme(data_url)); |
+ EXPECT_FALSE(SiteIsolationPolicy::IsBlockableScheme(ftp_url)); |
+ EXPECT_FALSE(SiteIsolationPolicy::IsBlockableScheme(mailto_url)); |
+ EXPECT_FALSE(SiteIsolationPolicy::IsBlockableScheme(about_url)); |
+ EXPECT_TRUE(SiteIsolationPolicy::IsBlockableScheme(http_url)); |
+ EXPECT_TRUE(SiteIsolationPolicy::IsBlockableScheme(https_url)); |
+} |
+ |
+TEST(SiteIsolationPolicyTest, IsSameSite) { |
+ GURL a_com_url0("https://mock1.a.com:8080/page1.html"); |
+ GURL a_com_url1("https://mock2.a.com:9090/page2.html"); |
+ GURL a_com_url2("https://a.com/page3.html"); |
+ EXPECT_TRUE(SiteIsolationPolicy::IsSameSite(a_com_url0, a_com_url1)); |
+ EXPECT_TRUE(SiteIsolationPolicy::IsSameSite(a_com_url1, a_com_url2)); |
+ EXPECT_TRUE(SiteIsolationPolicy::IsSameSite(a_com_url2, a_com_url0)); |
+ |
+ GURL b_com_url0("https://mock1.b.com/index.html"); |
+ EXPECT_FALSE(SiteIsolationPolicy::IsSameSite(a_com_url0, b_com_url0)); |
+ |
+ GURL about_blank_url("about:blank"); |
+ EXPECT_FALSE(SiteIsolationPolicy::IsSameSite(a_com_url0, about_blank_url)); |
+ |
+ GURL chrome_url("chrome://extension"); |
+ EXPECT_FALSE(SiteIsolationPolicy::IsSameSite(a_com_url0, chrome_url)); |
+ |
+ GURL empty_url(""); |
+ EXPECT_FALSE(SiteIsolationPolicy::IsSameSite(a_com_url0, empty_url)); |
+} |
+ |
+TEST(SiteIsolationPolicyTest, IsValidCorsHeaderSet) { |
+ GURL frame_origin("http://www.google.com"); |
+ GURL site_origin("http://www.yahoo.com"); |
+ |
+ EXPECT_TRUE(SiteIsolationPolicy::IsValidCorsHeaderSet( |
+ frame_origin, site_origin, "*")); |
+ EXPECT_FALSE(SiteIsolationPolicy::IsValidCorsHeaderSet( |
+ frame_origin, site_origin, "\"*\"")); |
+ EXPECT_TRUE(SiteIsolationPolicy::IsValidCorsHeaderSet( |
+ frame_origin, site_origin, "http://mail.google.com")); |
+ EXPECT_FALSE(SiteIsolationPolicy::IsValidCorsHeaderSet( |
+ frame_origin, site_origin, "https://mail.google.com")); |
+ EXPECT_FALSE(SiteIsolationPolicy::IsValidCorsHeaderSet( |
+ frame_origin, site_origin, "http://yahoo.com")); |
+ EXPECT_FALSE(SiteIsolationPolicy::IsValidCorsHeaderSet( |
+ frame_origin, site_origin, "www.google.com")); |
+} |
+ |
+TEST(SiteIsolationPolicyTest, SniffForHTML) { |
+ const char* html_data = " \t\r\n <HtMladfokadfkado"; |
+ const char* non_html_data = " var name=window.location;\nadfadf"; |
+ |
+ EXPECT_TRUE(SiteIsolationPolicy::SniffForHTML(html_data, strlen(html_data))); |
+ EXPECT_FALSE( |
+ SiteIsolationPolicy::SniffForHTML(non_html_data, strlen(non_html_data))); |
+} |
+ |
+TEST(SiteIsolationPolicyTest, SniffForXML) { |
+ const char* xml_data = " \t \r \n <?xml version=\"1.0\"?>\n <catalog"; |
+ const char* non_xml_data = " var name=window.location;\nadfadf"; |
+ |
+ EXPECT_TRUE(SiteIsolationPolicy::SniffForXML(xml_data, strlen(xml_data))); |
+ EXPECT_FALSE( |
+ SiteIsolationPolicy::SniffForXML(non_xml_data, strlen(non_xml_data))); |
+} |
+ |
+TEST(SiteIsolationPolicyTest, SniffForJSON) { |
+ const char* json_data = "\t\t\r\n { \"name\" : \"chrome\", "; |
+ const char* non_json_data0 = "\t\t\r\n { name : \"chrome\", "; |
+ const char* non_json_data1 = "\t\t\r\n foo({ \"name\" : \"chrome\", "; |
+ |
+ EXPECT_TRUE(SiteIsolationPolicy::SniffForJSON(json_data, strlen(json_data))); |
+ EXPECT_FALSE( |
+ SiteIsolationPolicy::SniffForJSON(non_json_data0, strlen(non_json_data0))); |
+ EXPECT_FALSE( |
+ SiteIsolationPolicy::SniffForJSON(non_json_data1, strlen(non_json_data1))); |
+} |
+ |
+TEST(SiteIsolationPolicyTest, SniffForJS) { |
+ const char* js_data = "\t\t\r\n var a = 4"; |
+ const char* json_data = "\t\t\r\n { \"name\" : \"chrome\", "; |
+ |
+ EXPECT_TRUE(SiteIsolationPolicy::SniffForJS(js_data, strlen(js_data))); |
+ EXPECT_FALSE(SiteIsolationPolicy::SniffForJS(json_data, strlen(json_data))); |
+} |
+ |
+} // namespace conten |