chrome/browser/budget_service/budget_manager_unittest.cc - Issue 2366533002: Budget API calls should only succeed on secure origins

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: chrome/browser/budget_service/budget_manager_unittest.cc

Issue 2366533002: Budget API calls should only succeed on secure origins (Closed)

Patch Set: Expanded unique origin test. Created 4 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: chrome/browser/budget_service/budget_manager_unittest.cc

diff --git a/chrome/browser/budget_service/budget_manager_unittest.cc b/chrome/browser/budget_service/budget_manager_unittest.cc

index f6826beb14478b53d69bdabe7d463ae0ae17e784..80c8345551ca1e75e7b684ac03e346ab617c0228 100644

--- a/chrome/browser/budget_service/budget_manager_unittest.cc

+++ b/chrome/browser/budget_service/budget_manager_unittest.cc

@@ -37,16 +37,18 @@ class BudgetManagerTest : public testing::Test {

void SetSiteEngagementScore(double score) {

SiteEngagementService* service = SiteEngagementService::Get(&profile_);

- service->ResetScoreForURL(GURL(kTestOrigin), score);

+ service->ResetScoreForURL(GURL(origin().Serialize()), score);

}

Profile* profile() { return &profile_; }

const url::Origin origin() const { return origin_; }

+ void SetOrigin(const url::Origin& origin) { origin_ = origin; }

void ReserveCallback(base::Closure run_loop_closure,

blink::mojom::BudgetServiceErrorType error,

bool success) {

success_ = (error == blink::mojom::BudgetServiceErrorType::NONE) && success;

+ error_ = error;

run_loop_closure.Run();

}

@@ -77,11 +79,12 @@ class BudgetManagerTest : public testing::Test {

// Members for callbacks to set.

bool success_;

+ blink::mojom::BudgetServiceErrorType error_;

private:

content::TestBrowserThreadBundle thread_bundle_;

TestingProfile profile_;

- const url::Origin origin_;

+ url::Origin origin_;

};

TEST_F(BudgetManagerTest, GetBudgetConsumedOverTime) {

@@ -107,3 +110,26 @@ TEST_F(BudgetManagerTest, GetBudgetConsumedOverTime) {

// available.

ASSERT_FALSE(ConsumeBudget(type));

}

+TEST_F(BudgetManagerTest, TestInsecureOrigin) {

+ const blink::mojom::BudgetOperationType type =

+ blink::mojom::BudgetOperationType::SILENT_PUSH;

+ SetOrigin(url::Origin(GURL("http://example.com")));

+ SetSiteEngagementScore(kTestSES);

+ // Methods on the BudgetManager should only be allowed for secure origins.

+ ASSERT_FALSE(ReserveBudget(type));

+ ASSERT_EQ(blink::mojom::BudgetServiceErrorType::NOT_SUPPORTED, error_);

+ ASSERT_FALSE(ConsumeBudget(type));

+TEST_F(BudgetManagerTest, TestUniqueOrigin) {

+ const blink::mojom::BudgetOperationType type =

+ blink::mojom::BudgetOperationType::SILENT_PUSH;

+ SetOrigin(url::Origin(GURL("file://example.com:443/etc/passwd")));

+ // Methods on the BudgetManager should not be allowed for unique origins.

+ ASSERT_FALSE(ReserveBudget(type));

+ ASSERT_EQ(blink::mojom::BudgetServiceErrorType::NOT_SUPPORTED, error_);

+ ASSERT_FALSE(ConsumeBudget(type));

« no previous file with comments | « chrome/browser/budget_service/budget_manager.cc ('k') | third_party/WebKit/Source/modules/budget/BudgetService.cpp » ('j') | no next file with comments »