Add Origin::CreateFromNormalizedTuple and call from WebSecurityOrigin

content/child/blink_platform_impl_unittest.cc

Index: content/child/blink_platform_impl_unittest.cc
diff --git a/content/child/blink_platform_impl_unittest.cc b/content/child/blink_platform_impl_unittest.cc
index 0483fd6e7c250f10b5d8dc1689eaed95f87ca989..1e2c83728227d67391d8cecb48a6c321f358f504 100644
--- a/content/child/blink_platform_impl_unittest.cc
+++ b/content/child/blink_platform_impl_unittest.cc
@@ -15,9 +15,22 @@
 
 namespace content {
 
-TEST(BlinkPlatformTest, castWebSecurityOrigin) {
+void CheckCastedOriginsAlreadyNormalized(
+    const blink::WebSecurityOrigin& origin) {
+  url::Origin checked_origin =
+      url::Origin::UnsafelyCreateOriginWithoutNormalization(
+          origin.protocol().utf8(), origin.host().utf8(),
+          origin.effectivePort());
+  url::Origin non_checked_origin = url::Origin::CreateFromNormalizedTuple(
+      origin.protocol().utf8(), origin.host().utf8(), origin.effectivePort());
+  EXPECT_EQ(checked_origin.scheme(), non_checked_origin.scheme());
+  EXPECT_EQ(checked_origin.host(), non_checked_origin.host());
+  EXPECT_EQ(checked_origin.port(), non_checked_origin.port());
+}
+
+TEST(BlinkPlatformTest, CastWebSecurityOrigin) {
   struct TestCase {
-    const char* origin;
+    const char* url;
     const char* scheme;
     const char* host;
     uint16_t port;
@@ -28,12 +41,55 @@ TEST(BlinkPlatformTest, castWebSecurityOrigin) {
       {"https://example.com", "https", "example.com", 443},
       {"https://example.com:443", "https", "example.com", 443},
       {"https://example.com:444", "https", "example.com", 444},
+
+      // Copied from url/origin_unittest.cc
+
+      // IP Addresses
+      {"http://192.168.9.1/", "http", "192.168.9.1", 80},
+      {"http://[2001:db8::1]/", "http", "[2001:db8::1]", 80},
+
+      // Punycode
+      {"http://☃.net/", "http", "xn--n3h.net", 80},
+      {"blob:http://☃.net/", "http", "xn--n3h.net", 80},
+
+      // Generic URLs
+      {"http://example.com/", "http", "example.com", 80},
+      {"http://example.com:123/", "http", "example.com", 123},
+      {"https://example.com/", "https", "example.com", 443},
+      {"https://example.com:123/", "https", "example.com", 123},
+      {"http://user:pass@example.com/", "http", "example.com", 80},
+      {"http://example.com:123/?query", "http", "example.com", 123},
+      {"https://example.com/#1234", "https", "example.com", 443},
+      {"https://u:p@example.com:123/?query#1234", "https", "example.com", 123},
+
+      // Registered URLs
+      {"ftp://example.com/", "ftp", "example.com", 21},
+      {"gopher://example.com/", "gopher", "example.com", 70},

[Charlie Harrison, 2016/10/11 11:58:10]

FYI: The gopher changes are needed for this test to pass. I included this test
because it's in origin_unittest. I'm happy to remove this though.

+      {"ws://example.com/", "ws", "example.com", 80},
+      {"wss://example.com/", "wss", "example.com", 443},
+
+      // file: URLs
+      {"file:///etc/passwd", "file", "", 0},
+      {"file://example.com/etc/passwd", "file", "example.com", 0},
+
+      // Filesystem:
+      {"filesystem:http://example.com/type/", "http", "example.com", 80},
+      {"filesystem:http://example.com:123/type/", "http", "example.com", 123},
+      {"filesystem:https://example.com/type/", "https", "example.com", 443},
+      {"filesystem:https://example.com:123/type/", "https", "example.com", 123},
+
+      // Blob:
+      {"blob:http://example.com/guid-goes-here", "http", "example.com", 80},
+      {"blob:http://example.com:123/guid-goes-here", "http", "example.com",
+       123},
+      {"blob:https://example.com/guid-goes-here", "https", "example.com", 443},
+      {"blob:http://u:p@example.com/guid-goes-here", "http", "example.com", 80},
   };
 
   for (const auto& test : cases) {
     blink::WebSecurityOrigin web_origin =
         blink::WebSecurityOrigin::createFromString(
-            blink::WebString::fromUTF8(test.origin));
+            blink::WebString::fromUTF8(test.url));
     EXPECT_EQ(test.scheme, web_origin.protocol().utf8());
     EXPECT_EQ(test.host, web_origin.host().utf8());
     EXPECT_EQ(test.port, web_origin.effectivePort());
@@ -43,10 +99,12 @@ TEST(BlinkPlatformTest, castWebSecurityOrigin) {
     EXPECT_EQ(test.host, url_origin.host());
     EXPECT_EQ(test.port, url_origin.port());
 
-    web_origin = url::Origin(GURL(test.origin));
+    web_origin = url::Origin(GURL(test.url));
     EXPECT_EQ(test.scheme, web_origin.protocol().utf8());
     EXPECT_EQ(test.host, web_origin.host().utf8());
     EXPECT_EQ(test.port, web_origin.effectivePort());
+
+    CheckCastedOriginsAlreadyNormalized(web_origin);
   }
 
   blink::WebSecurityOrigin web_origin =
@@ -60,4 +118,44 @@ TEST(BlinkPlatformTest, castWebSecurityOrigin) {
   EXPECT_TRUE(web_origin.isUnique());
 }
 
+// This test ensures that WebSecurityOrigins can safely use
+// url::Origin::CreateFromNormalizedTuple when doing conversions.
+TEST(BlinkPlatformTest, WebSecurityOriginNormalization) {
+  struct TestCases {
+    const char* url;
+  } cases[] = {{""},
+               {"javascript:alert(1)"},
+               {"file://example.com:443/etc/passwd"},
+               {"blob:https://example.com/uuid-goes-here"},
+               {"filesystem:https://example.com/temporary/yay.png"},
+               {"data"},
+               {"blob:"},
+               {"xkcd://927"},
+               {"filesystem"},
+               {"data://example.com:80"},
+               {"http://☃.net:80"},
+               {"http\nmore://example.com:80"},
+               {"http\rmore://:example.com:80"},
+               {"http\n://example.com:80"},
+               {"http\r://example.com:80"},
+               {"http://example.com\nnot-example.com:80"},
+               {"http://example.com\rnot-example.com:80"},
+               {"http://example.com\n:80"},
+               {"http://example.com\r:80"},
+               {"http://example.com:0"},
+               {"http://EXAMPLE.com"},
+               {"http://EXAMPLE.com/%3Afoo"},
+               {"https://example.com:443"},
+               {"file:///"},
+               {"file:///root:80"}};
+
+  for (const auto& test : cases) {
+    SCOPED_TRACE(testing::Message() << test.url);
+    blink::WebSecurityOrigin web_origin =
+        blink::WebSecurityOrigin::createFromString(
+            blink::WebString::fromUTF8(test.url));
+    CheckCastedOriginsAlreadyNormalized(web_origin);
+  }
+}
+
 }  // namespace content