| Index: webkit/child/site_isolation_policy_unittest.cc
|
| diff --git a/webkit/child/site_isolation_policy_unittest.cc b/webkit/child/site_isolation_policy_unittest.cc
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..8aa0aaab7ca8a00cf37ba436e8e8265b73de1607
|
| --- /dev/null
|
| +++ b/webkit/child/site_isolation_policy_unittest.cc
|
| @@ -0,0 +1,107 @@
|
| +// Copyright (c) 2013 The Chromium Authors. All rights reserved.
|
| +// Use of this source code is governed by a BSD-style license that can be
|
| +// found in the LICENSE file.
|
| +
|
| +#include "base/strings/utf_string_conversions.h"
|
| +#include "content/public/common/context_menu_params.h"
|
| +#include "testing/gtest/include/gtest/gtest.h"
|
| +#include "third_party/WebKit/public/platform/WebURLResponse.h"
|
| +#include "ui/base/range/range.h"
|
| +#include "webkit/child/site_isolation_policy.h"
|
| +
|
| +namespace webkit_glue {
|
| +
|
| +TEST(SiteIsolationPolicyTest, IsBlockableScheme) {
|
| + GURL data_url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAA==");
|
| + GURL ftp_url("ftp://google.com");
|
| + GURL mailto_url("mailto:google@google.com");
|
| + GURL about_url("about:chrome");
|
| + GURL http_url("http://google.com");
|
| + GURL https_url("https://google.com");
|
| +
|
| + EXPECT_FALSE(SiteIsolationPolicy::IsBlockableScheme(data_url));
|
| + EXPECT_FALSE(SiteIsolationPolicy::IsBlockableScheme(ftp_url));
|
| + EXPECT_FALSE(SiteIsolationPolicy::IsBlockableScheme(mailto_url));
|
| + EXPECT_FALSE(SiteIsolationPolicy::IsBlockableScheme(about_url));
|
| + EXPECT_TRUE(SiteIsolationPolicy::IsBlockableScheme(http_url));
|
| + EXPECT_TRUE(SiteIsolationPolicy::IsBlockableScheme(https_url));
|
| +}
|
| +
|
| +TEST(SiteIsolationPolicyTest, IsSameSite) {
|
| + GURL a_com_url0("https://mock1.a.com:8080/page1.html");
|
| + GURL a_com_url1("https://mock2.a.com:9090/page2.html");
|
| + GURL a_com_url2("https://a.com/page3.html");
|
| + EXPECT_TRUE(SiteIsolationPolicy::IsSameSite(a_com_url0, a_com_url1));
|
| + EXPECT_TRUE(SiteIsolationPolicy::IsSameSite(a_com_url1, a_com_url2));
|
| + EXPECT_TRUE(SiteIsolationPolicy::IsSameSite(a_com_url2, a_com_url0));
|
| +
|
| + GURL b_com_url0("https://mock1.b.com/index.html");
|
| + EXPECT_FALSE(SiteIsolationPolicy::IsSameSite(a_com_url0, b_com_url0));
|
| +
|
| + GURL about_blank_url("about:blank");
|
| + EXPECT_FALSE(SiteIsolationPolicy::IsSameSite(a_com_url0, about_blank_url));
|
| +
|
| + GURL chrome_url("chrome://extension");
|
| + EXPECT_FALSE(SiteIsolationPolicy::IsSameSite(a_com_url0, chrome_url));
|
| +
|
| + GURL empty_url("");
|
| + EXPECT_FALSE(SiteIsolationPolicy::IsSameSite(a_com_url0, empty_url));
|
| +}
|
| +
|
| +TEST(SiteIsolationPolicyTest, IsValidCorsHeaderSet) {
|
| + GURL frame_origin("http://www.google.com");
|
| + GURL site_origin("http://www.yahoo.com");
|
| +
|
| + EXPECT_TRUE(SiteIsolationPolicy::IsValidCorsHeaderSet(
|
| + frame_origin, site_origin, "*"));
|
| + EXPECT_FALSE(SiteIsolationPolicy::IsValidCorsHeaderSet(
|
| + frame_origin, site_origin, "\"*\""));
|
| + EXPECT_TRUE(SiteIsolationPolicy::IsValidCorsHeaderSet(
|
| + frame_origin, site_origin, "http://mail.google.com"));
|
| + EXPECT_FALSE(SiteIsolationPolicy::IsValidCorsHeaderSet(
|
| + frame_origin, site_origin, "https://mail.google.com"));
|
| + EXPECT_FALSE(SiteIsolationPolicy::IsValidCorsHeaderSet(
|
| + frame_origin, site_origin, "http://yahoo.com"));
|
| + EXPECT_FALSE(SiteIsolationPolicy::IsValidCorsHeaderSet(
|
| + frame_origin, site_origin, "www.google.com"));
|
| +}
|
| +
|
| +TEST(SiteIsolationPolicyTest, SniffForHTML) {
|
| + const char* html_data = " \t\r\n <HtMladfokadfkado";
|
| + const char* non_html_data = " var name=window.location;\nadfadf";
|
| +
|
| + EXPECT_TRUE(SiteIsolationPolicy::SniffForHTML(html_data, strlen(html_data)));
|
| + EXPECT_FALSE(
|
| + SiteIsolationPolicy::SniffForHTML(non_html_data, strlen(non_html_data)));
|
| +}
|
| +
|
| +TEST(SiteIsolationPolicyTest, SniffForXML) {
|
| + const char* xml_data = " \t \r \n <?xml version=\"1.0\"?>\n <catalog";
|
| + const char* non_xml_data = " var name=window.location;\nadfadf";
|
| +
|
| + EXPECT_TRUE(SiteIsolationPolicy::SniffForXML(xml_data, strlen(xml_data)));
|
| + EXPECT_FALSE(
|
| + SiteIsolationPolicy::SniffForXML(non_xml_data, strlen(non_xml_data)));
|
| +}
|
| +
|
| +TEST(SiteIsolationPolicyTest, SniffForJSON) {
|
| + const char* json_data = "\t\t\r\n { \"name\" : \"chrome\", ";
|
| + const char* non_json_data0 = "\t\t\r\n { name : \"chrome\", ";
|
| + const char* non_json_data1 = "\t\t\r\n foo({ \"name\" : \"chrome\", ";
|
| +
|
| + EXPECT_TRUE(SiteIsolationPolicy::SniffForJSON(json_data, strlen(json_data)));
|
| + EXPECT_FALSE(
|
| + SiteIsolationPolicy::SniffForJSON(non_json_data0, strlen(non_json_data0)));
|
| + EXPECT_FALSE(
|
| + SiteIsolationPolicy::SniffForJSON(non_json_data1, strlen(non_json_data1)));
|
| +}
|
| +
|
| +TEST(SiteIsolationPolicyTest, SniffForJS) {
|
| + const char* js_data = "\t\t\r\n var a = 4";
|
| + const char* json_data = "\t\t\r\n { \"name\" : \"chrome\", ";
|
| +
|
| + EXPECT_TRUE(SiteIsolationPolicy::SniffForJS(js_data, strlen(js_data)));
|
| + EXPECT_FALSE(SiteIsolationPolicy::SniffForJS(json_data, strlen(json_data)));
|
| +}
|
| +
|
| +} // namespace conten
|
|
|
Chromium Code Reviews
Issue 22254005:
UMA data collector for cross-site documents(XSD) (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@lkgr