Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(38)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/http/http_security_headers_unittest.cc

Issue 2397873002: Reject some previuosly-escaped chars in hostnames.
Patch Set: Some tests fixed Created 4 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/cert/x509_certificate_unittest.cc ('k') | net/proxy/proxy_config_service_linux_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <stdint.h> 5 #include <stdint.h>
6 #include <algorithm> 6 #include <algorithm>
7 7
8 #include "base/base64.h" 8 #include "base/base64.h"
9 #include "base/strings/string_piece.h" 9 #include "base/strings/string_piece.h"
10 #include "crypto/sha2.h" 10 #include "crypto/sha2.h"
(...skipping 606 matching lines...) Expand 10 before | Expand all | Expand 10 after
617 EXPECT_EQ(expect_report_uri, report_uri); 617 EXPECT_EQ(expect_report_uri, report_uri);
618 618
619 // Test that the parser allows quoted max-age values. 619 // Test that the parser allows quoted max-age values.
620 EXPECT_TRUE(ParseAsHPKPHeader( 620 EXPECT_TRUE(ParseAsHPKPHeader(
621 "max-age='999'; " + backup_pin + "; " + good_pin, chain_hashes, &max_age, 621 "max-age='999'; " + backup_pin + "; " + good_pin, chain_hashes, &max_age,
622 &include_subdomains, &hashes, &report_uri)); 622 &include_subdomains, &hashes, &report_uri));
623 expect_max_age = base::TimeDelta::FromSeconds(999); 623 expect_max_age = base::TimeDelta::FromSeconds(999);
624 EXPECT_EQ(expect_max_age, max_age); 624 EXPECT_EQ(expect_max_age, max_age);
625 EXPECT_FALSE(include_subdomains); 625 EXPECT_FALSE(include_subdomains);
626 626
627 // Test that the parser handles escaped values.
628 expect_report_uri = GURL("http://foo.com'a");
629 EXPECT_TRUE(ParseAsHPKPHeader("max-age=999; " + backup_pin + "; " + good_pin +
630 "; report-uri='http://foo.com\\'\\a'",
631 chain_hashes, &max_age, &include_subdomains,
632 &hashes, &report_uri));
633 expect_max_age = base::TimeDelta::FromSeconds(999);
634 EXPECT_EQ(expect_max_age, max_age);
635 EXPECT_FALSE(include_subdomains);
636 EXPECT_EQ(expect_report_uri, report_uri);
637
638 // Test that the parser does not require max-age for Report-Only 627 // Test that the parser does not require max-age for Report-Only
639 // headers. 628 // headers.
640 expect_report_uri = GURL("http://foo.com"); 629 expect_report_uri = GURL("http://foo.com");
641 EXPECT_TRUE(ParseHPKPReportOnlyHeader( 630 EXPECT_TRUE(ParseHPKPReportOnlyHeader(
642 backup_pin + "; " + good_pin + "; report-uri='http://foo.com'", 631 backup_pin + "; " + good_pin + "; report-uri='http://foo.com'",
643 &include_subdomains, &hashes, &report_uri)); 632 &include_subdomains, &hashes, &report_uri));
644 EXPECT_EQ(expect_report_uri, report_uri); 633 EXPECT_EQ(expect_report_uri, report_uri);
645 } 634 }
646 635
647 TEST_F(HttpSecurityHeadersTest, BogusPinsHeadersSHA256) { 636 TEST_F(HttpSecurityHeadersTest, BogusPinsHeadersSHA256) {
(...skipping 251 matching lines...) Expand 10 before | Expand all | Expand 10 after
899 // The old pins must still exist. 888 // The old pins must still exist.
900 EXPECT_TRUE(state.HasPublicKeyPins("example.com")); 889 EXPECT_TRUE(state.HasPublicKeyPins("example.com"));
901 EXPECT_EQ(TransportSecurityState::PKPStatus::OK, 890 EXPECT_EQ(TransportSecurityState::PKPStatus::OK,
902 state.CheckPublicKeyPins( 891 state.CheckPublicKeyPins(
903 domain_port, is_issued_by_known_root, 892 domain_port, is_issued_by_known_root,
904 ssl_info.public_key_hashes, nullptr, nullptr, 893 ssl_info.public_key_hashes, nullptr, nullptr,
905 TransportSecurityState::DISABLE_PIN_REPORTS, &failure_log)); 894 TransportSecurityState::DISABLE_PIN_REPORTS, &failure_log));
906 } 895 }
907 896
908 }; // namespace net 897 }; // namespace net
OLDNEW
« no previous file with comments | « net/cert/x509_certificate_unittest.cc ('k') | net/proxy/proxy_config_service_linux_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698