Add Content-Type header to net::ReportSender reports

net/http/transport_security_state_unittest.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/http/transport_security_state.h"
 
 #include <algorithm>
 #include <string>
 #include <vector>
 
@@ skipping 77 matching lines @@
     : public TransportSecurityState::ReportSenderInterface {
  public:
   MockCertificateReportSender() {}
   ~MockCertificateReportSender() override {}
 
   void Send(const GURL& report_uri, const std::string& report) override {
     latest_report_uri_ = report_uri;
     latest_report_ = report;
   }
 
+  void SetContentTypeHeader(const std::string& content_type) override {
+    latest_content_type_ = content_type;
+  }
+
   void SetErrorCallback(
       const base::Callback<void(const GURL&, int)>& error_callback) override {}
 
   void Clear() {
     latest_report_uri_ = GURL();
     latest_report_ = std::string();
   }
 
   const GURL& latest_report_uri() { return latest_report_uri_; }
   const std::string& latest_report() { return latest_report_; }
+  const std::string& latest_content_type() { return latest_content_type_; }
 
  private:
   GURL latest_report_uri_;
   std::string latest_report_;
+  std::string latest_content_type_;
 };
 
 // A mock ReportSenderInterface that simulates a net error on every report sent.
 class MockFailingCertificateReportSender
     : public TransportSecurityState::ReportSenderInterface {
  public:
   MockFailingCertificateReportSender() : net_error_(ERR_CONNECTION_FAILED) {}
   ~MockFailingCertificateReportSender() override {}
 
   int net_error() { return net_error_; }
 
   // TransportSecurityState::ReportSenderInterface:
   void Send(const GURL& report_uri, const std::string& report) override {
     ASSERT_FALSE(error_callback_.is_null());
     error_callback_.Run(report_uri, net_error_);
   }
 
+  void SetContentTypeHeader(const std::string& content_type) override {}
+
   void SetErrorCallback(
       const base::Callback<void(const GURL&, int)>& error_callback) override {
     error_callback_ = error_callback;
   }
 
  private:
   const int net_error_;
   base::Callback<void(const GURL&, int)> error_callback_;
 };
 
@@ skipping 187 matching lines @@
 }
 
 // Set up |state| for ExpectStaple, call CheckExpectStaple(), and verify the
 // serialized report caught by |reporter|.
 void CheckExpectStapleReport(TransportSecurityState* state,
                              MockCertificateReportSender* reporter,
                              const SSLInfo& ssl_info,
                              const std::string& ocsp_response,
                              const std::string& response_status,
                              const std::string& cert_status) {
+  EXPECT_EQ("application/json", reporter->latest_content_type());
   // Expect-Staple is preload list based, so we use the baked-in test hostname
   // from the list ("preloaded-expect-staple.badssl.com").
   HostPortPair host_port(kExpectStapleStaticHostname, 443);
   state->SetReportSender(reporter);
   state->CheckExpectStaple(host_port, ssl_info, ocsp_response);
   EXPECT_EQ(GURL(kExpectStapleStaticReportURI), reporter->latest_report_uri());
   std::string serialized_report = reporter->latest_report();
   EXPECT_NO_FATAL_FAILURE(CheckSerializedExpectStapleReport(
       serialized_report, host_port, ssl_info, ocsp_response, response_status,
       cert_status));
@@ skipping 1089 matching lines @@
   EXPECT_EQ(std::string(), mock_report_sender.latest_report());
 
   EXPECT_EQ(TransportSecurityState::PKPStatus::VIOLATED,
             state.CheckPublicKeyPins(
                 host_port_pair, true, bad_hashes, cert1.get(), cert2.get(),
                 TransportSecurityState::ENABLE_PIN_REPORTS, &failure_log));
 
   // Now a report should have been sent. Check that it contains the
   // right information.
   EXPECT_EQ(report_uri, mock_report_sender.latest_report_uri());
+  EXPECT_EQ("application/json", mock_report_sender.latest_content_type());
   std::string report = mock_report_sender.latest_report();
   ASSERT_FALSE(report.empty());
   ASSERT_NO_FATAL_FAILURE(CheckHPKPReport(report, host_port_pair, true, kHost,
                                           cert1.get(), cert2.get(),
                                           good_hashes));
   mock_report_sender.Clear();
   EXPECT_EQ(TransportSecurityState::PKPStatus::VIOLATED,
             state.CheckPublicKeyPins(subdomain_host_port_pair, true, bad_hashes,
                                      cert1.get(), cert2.get(),
                                      TransportSecurityState::ENABLE_PIN_REPORTS,
                                      &failure_log));
 
   // Now a report should have been sent for the subdomain. Check that it
   // contains the right information.
   EXPECT_EQ(report_uri, mock_report_sender.latest_report_uri());
+  EXPECT_EQ("application/json", mock_report_sender.latest_content_type());
   report = mock_report_sender.latest_report();
   ASSERT_FALSE(report.empty());
   ASSERT_NO_FATAL_FAILURE(CheckHPKPReport(report, subdomain_host_port_pair,
                                           true, kHost, cert1.get(), cert2.get(),
                                           good_hashes));
 }
 
 // Tests that a histogram entry is recorded when TransportSecurityState
 // fails to send an HPKP violation report.
 TEST_F(TransportSecurityStateTest, UMAOnHPKPReportingFailure) {
@@ skipping 851 matching lines @@
   base::FieldTrialList::CreateFieldTrial("EnforceCTForProblematicRoots",
                                          "disabled");
 
   EXPECT_FALSE(
       state.ShouldRequireCT("www.example.com", before_cert.get(), hashes));
   EXPECT_FALSE(
       state.ShouldRequireCT("www.example.com", after_cert.get(), hashes));
 }
 
 }  // namespace net