OLD | NEW |
---|---|
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "core/frame/csp/CSPSource.h" | 5 #include "core/frame/csp/CSPSource.h" |
6 | 6 |
7 #include "core/dom/Document.h" | 7 #include "core/dom/Document.h" |
8 #include "core/frame/csp/ContentSecurityPolicy.h" | 8 #include "core/frame/csp/ContentSecurityPolicy.h" |
9 #include "platform/network/ResourceRequest.h" | 9 #include "platform/network/ResourceRequest.h" |
10 #include "platform/weborigin/KURL.h" | 10 #include "platform/weborigin/KURL.h" |
11 #include "platform/weborigin/SecurityOrigin.h" | 11 #include "platform/weborigin/SecurityOrigin.h" |
12 #include "testing/gtest/include/gtest/gtest.h" | 12 #include "testing/gtest/include/gtest/gtest.h" |
13 | 13 |
14 namespace blink { | 14 namespace blink { |
15 | 15 |
16 enum NormalizationReturn { | |
17 FirstCSPSource, | |
18 SecondCSPSource, | |
19 NewCSPSource, | |
20 NullCSPSource | |
21 }; | |
22 | |
16 class CSPSourceTest : public ::testing::Test { | 23 class CSPSourceTest : public ::testing::Test { |
17 public: | 24 public: |
18 CSPSourceTest() : csp(ContentSecurityPolicy::create()) {} | 25 CSPSourceTest() : csp(ContentSecurityPolicy::create()) {} |
19 | 26 |
20 protected: | 27 protected: |
21 Persistent<ContentSecurityPolicy> csp; | 28 Persistent<ContentSecurityPolicy> csp; |
29 void assertNormalizationReturn(CSPSource* a, | |
30 CSPSource* b, | |
31 CSPSource* returned, | |
32 NormalizationReturn expected) { | |
33 switch (expected) { | |
34 case NullCSPSource: | |
35 EXPECT_EQ(returned, nullptr); | |
36 break; | |
37 case FirstCSPSource: | |
38 EXPECT_EQ(returned, a); | |
39 break; | |
40 case SecondCSPSource: | |
41 EXPECT_EQ(returned, b); | |
42 break; | |
43 case NewCSPSource: | |
44 EXPECT_NE(returned, a); | |
45 EXPECT_NE(returned, b); | |
46 EXPECT_NE(returned, nullptr); | |
47 break; | |
48 } | |
49 } | |
22 }; | 50 }; |
23 | 51 |
24 TEST_F(CSPSourceTest, BasicMatching) { | 52 TEST_F(CSPSourceTest, BasicMatching) { |
25 KURL base; | 53 KURL base; |
26 CSPSource source(csp.get(), "http", "example.com", 8000, "/foo/", | 54 CSPSource source(csp.get(), "http", "example.com", 8000, "/foo/", |
27 CSPSource::NoWildcard, CSPSource::NoWildcard); | 55 CSPSource::NoWildcard, CSPSource::NoWildcard); |
28 | 56 |
29 EXPECT_TRUE(source.matches(KURL(base, "http://example.com:8000/foo/"))); | 57 EXPECT_TRUE(source.matches(KURL(base, "http://example.com:8000/foo/"))); |
30 EXPECT_TRUE(source.matches(KURL(base, "http://example.com:8000/foo/bar"))); | 58 EXPECT_TRUE(source.matches(KURL(base, "http://example.com:8000/foo/bar"))); |
31 EXPECT_TRUE(source.matches(KURL(base, "HTTP://EXAMPLE.com:8000/foo/BAR"))); | 59 EXPECT_TRUE(source.matches(KURL(base, "HTTP://EXAMPLE.com:8000/foo/BAR"))); |
(...skipping 84 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
116 EXPECT_FALSE(source.matches(KURL(base, "https://example.com:8443/"))); | 144 EXPECT_FALSE(source.matches(KURL(base, "https://example.com:8443/"))); |
117 | 145 |
118 EXPECT_FALSE(source.matches(KURL(base, "http://not-example.com/"))); | 146 EXPECT_FALSE(source.matches(KURL(base, "http://not-example.com/"))); |
119 EXPECT_FALSE(source.matches(KURL(base, "http://not-example.com:80/"))); | 147 EXPECT_FALSE(source.matches(KURL(base, "http://not-example.com:80/"))); |
120 EXPECT_FALSE(source.matches(KURL(base, "http://not-example.com:443/"))); | 148 EXPECT_FALSE(source.matches(KURL(base, "http://not-example.com:443/"))); |
121 EXPECT_FALSE(source.matches(KURL(base, "https://not-example.com/"))); | 149 EXPECT_FALSE(source.matches(KURL(base, "https://not-example.com/"))); |
122 EXPECT_FALSE(source.matches(KURL(base, "https://not-example.com:80/"))); | 150 EXPECT_FALSE(source.matches(KURL(base, "https://not-example.com:80/"))); |
123 EXPECT_FALSE(source.matches(KURL(base, "https://not-example.com:443/"))); | 151 EXPECT_FALSE(source.matches(KURL(base, "https://not-example.com:443/"))); |
124 } | 152 } |
125 | 153 |
154 TEST_F(CSPSourceTest, GetPrefferredCSPMixed) { | |
155 struct TestCase { | |
156 String aScheme; | |
157 String bScheme; | |
158 String aPath; | |
159 String bPath; | |
160 int aPort; | |
161 int bPort; | |
162 const NormalizationReturn expected; | |
Mike West
2016/10/26 11:40:29
Here, and elsewhere, would you mind reordering the
| |
163 } cases[] = { | |
164 // Equal signals | |
165 {"http", "http", "/", "/", 0, 0, NullCSPSource}, | |
166 // One stronger signal in 'a' | |
167 {"https", "http", "/", "/", 0, 0, FirstCSPSource}, | |
168 {"http", "http", "/page1.html", "/", 0, 0, FirstCSPSource}, | |
169 {"http", "http", "/", "/", 800, 0, FirstCSPSource}, | |
170 // Two stronger signals in 'a' | |
171 {"https", "http", "/page1.html", "/", 0, 0, FirstCSPSource}, | |
172 {"https", "http", "/", "/", 800, 0, FirstCSPSource}, | |
173 {"http", "http", "/page1.html", "/", 800, 0, FirstCSPSource}, | |
174 // Three stronger signals in 'a' | |
175 {"https", "http", "/page1.html", "/", 800, 0, FirstCSPSource}, | |
176 // Mixed signals | |
177 {"https", "http", "/", "/page1.html", 0, 0, NewCSPSource}, | |
178 {"https", "http", "/", "/", 0, 800, NewCSPSource}, | |
179 {"http", "http", "/page1.html", "/", 0, 800, NewCSPSource}, | |
180 }; | |
181 | |
182 for (const auto& test : cases) { | |
183 CSPSource* a = | |
184 new CSPSource(csp.get(), test.aScheme, "example.com", test.aPort, | |
185 test.aPath, CSPSource::NoWildcard, CSPSource::NoWildcard); | |
186 | |
187 CSPSource* b = | |
188 new CSPSource(csp.get(), test.bScheme, "example.com", test.bPort, | |
189 test.bPath, CSPSource::NoWildcard, CSPSource::NoWildcard); | |
190 | |
191 assertNormalizationReturn(a, b, a->getPreferredCSPSource(b), test.expected); | |
192 } | |
193 | |
194 // Verify the same test with a and b swapped. | |
195 for (const auto& test : cases) { | |
196 CSPSource* b = | |
197 new CSPSource(csp.get(), test.aScheme, "example.com", test.aPort, | |
198 test.aPath, CSPSource::NoWildcard, CSPSource::NoWildcard); | |
199 | |
200 CSPSource* a = | |
201 new CSPSource(csp.get(), test.bScheme, "example.com", test.bPort, | |
202 test.bPath, CSPSource::NoWildcard, CSPSource::NoWildcard); | |
203 | |
204 // Reverse the order of comparison for First vs Second but the call to the | |
205 // function is the same. | |
206 assertNormalizationReturn(b, a, a->getPreferredCSPSource(b), test.expected); | |
Mike West
2016/10/26 11:40:29
Why do you need a separate loop, rather than addin
| |
207 } | |
208 } | |
209 | |
210 TEST_F(CSPSourceTest, NormalizingCSPSourcesProtocols) { | |
211 struct TestCase { | |
212 String aScheme; | |
213 String bScheme; | |
214 NormalizationReturn expected; | |
215 } cases[] = { | |
216 // HTTP | |
217 {"http", "http", FirstCSPSource}, | |
218 {"http", "https", SecondCSPSource}, | |
219 {"https", "http", FirstCSPSource}, | |
220 {"https", "https", FirstCSPSource}, | |
221 // WSS | |
222 {"ws", "ws", FirstCSPSource}, | |
223 {"ws", "wss", SecondCSPSource}, | |
224 {"wss", "ws", FirstCSPSource}, | |
225 {"wss", "wss", FirstCSPSource}, | |
226 // Unequal | |
227 {"ws", "http", NullCSPSource}, | |
228 {"http", "ws", NullCSPSource}, | |
229 {"http", "about", NullCSPSource}, | |
230 }; | |
231 | |
232 for (const auto& test : cases) { | |
233 CSPSource* a = new CSPSource(csp.get(), test.aScheme, "example.com", 0, "/", | |
234 CSPSource::NoWildcard, CSPSource::NoWildcard); | |
235 | |
236 CSPSource* b = new CSPSource(csp.get(), test.bScheme, "example.com", 0, "/", | |
237 CSPSource::NoWildcard, CSPSource::NoWildcard); | |
238 | |
239 assertNormalizationReturn(a, b, a->getNormalized(b), test.expected); | |
Mike West
2016/10/26 11:40:29
Might as well do the inverse here as well.
| |
240 } | |
241 } | |
242 | |
243 TEST_F(CSPSourceTest, NormalizingCSPSourcesSchemesWithWildcards) { | |
244 struct TestCase { | |
245 String aScheme; | |
246 String bScheme; | |
247 bool aHasHost; | |
248 bool bHasHost; | |
249 NormalizationReturn expected; | |
250 } cases[] = { | |
251 // "http", "http" | |
252 {"http", "http", true, true, FirstCSPSource}, | |
253 {"http", "http", false, true, SecondCSPSource}, | |
254 {"http", "http", true, false, FirstCSPSource}, | |
255 {"http", "http", false, false, FirstCSPSource}, | |
256 // "https", "http" | |
257 {"https", "http", true, true, FirstCSPSource}, | |
258 {"https", "http", false, true, NewCSPSource}, | |
259 {"https", "http", true, false, FirstCSPSource}, | |
260 {"https", "http", false, false, FirstCSPSource}, | |
261 // "http", "https" | |
262 {"http", "https", true, true, SecondCSPSource}, | |
263 {"http", "https", false, true, SecondCSPSource}, | |
264 {"http", "https", true, false, NewCSPSource}, | |
265 {"http", "https", false, false, SecondCSPSource}, | |
266 // "https", "https" | |
267 {"https", "https", true, true, FirstCSPSource}, | |
268 {"https", "https", false, true, SecondCSPSource}, | |
269 {"https", "https", true, false, FirstCSPSource}, | |
270 {"https", "https", false, false, FirstCSPSource}, | |
271 // Unequal | |
272 {"ws", "http", true, true, NullCSPSource}, | |
273 {"http", "ws", true, true, NullCSPSource}, | |
274 {"http", "about", true, true, NullCSPSource}, | |
275 {"ws", "http", false, true, NullCSPSource}, | |
276 {"http", "ws", false, true, NullCSPSource}, | |
277 {"http", "about", false, true, NullCSPSource}, | |
278 {"ws", "http", true, false, NullCSPSource}, | |
279 {"http", "ws", true, false, NullCSPSource}, | |
280 {"http", "about", true, false, NullCSPSource}, | |
281 {"ws", "http", false, false, NullCSPSource}, | |
282 {"http", "ws", false, false, NullCSPSource}, | |
283 {"http", "about", false, false, NullCSPSource}, | |
284 }; | |
285 | |
286 for (const auto& test : cases) { | |
287 String aHost = test.aHasHost ? "example.com" : ""; | |
288 String bHost = test.bHasHost ? "example.com" : ""; | |
289 | |
290 CSPSource* a = new CSPSource(csp.get(), test.aScheme, aHost, 0, "/", | |
291 CSPSource::NoWildcard, CSPSource::NoWildcard); | |
292 | |
293 CSPSource* b = new CSPSource(csp.get(), test.bScheme, bHost, 0, "/", | |
294 CSPSource::NoWildcard, CSPSource::NoWildcard); | |
295 | |
296 assertNormalizationReturn(a, b, a->getNormalized(b), test.expected); | |
297 } | |
298 } | |
299 | |
300 TEST_F(CSPSourceTest, NormalizingCSPSourcesNotSimilar) { | |
301 struct TestCase { | |
302 String aScheme; | |
303 String bScheme; | |
304 String aHost; | |
305 String bHost; | |
306 String aPath; | |
307 String bPath; | |
308 int aPort; | |
309 int bPort; | |
310 NormalizationReturn expected; | |
311 } cases[] = { | |
312 {"http", "http", "example.com", "another.com", "/", "/", 0, 0}, | |
313 {"wss", "http", "example.com", "example.com", "/", "/", 0, 0}, | |
314 {"wss", "about", "example.com", "example.com", "/", "/", 0, 0}, | |
315 {"http", "about", "example.com", "example.com", "/", "/", 0, 0}, | |
316 {"http", "http", "example.com", "example.com", "/path1.html", | |
317 "/path2.html", 0, 0}, | |
318 {"http", "http", "example.com", "example.com", "/", "/", 433, 800}, | |
319 }; | |
320 | |
321 for (const auto& test : cases) { | |
322 CSPSource* a = | |
323 new CSPSource(csp.get(), test.aScheme, test.aHost, test.aPort, | |
324 test.aPath, CSPSource::NoWildcard, CSPSource::NoWildcard); | |
325 | |
326 CSPSource* b = | |
327 new CSPSource(csp.get(), test.bScheme, test.bHost, test.bPort, | |
328 test.bPath, CSPSource::NoWildcard, CSPSource::NoWildcard); | |
329 | |
330 assertNormalizationReturn(a, b, a->getNormalized(b), NullCSPSource); | |
331 } | |
332 | |
333 // Verify the same test with a and b swapped. | |
334 for (const auto& test : cases) { | |
335 CSPSource* b = | |
336 new CSPSource(csp.get(), test.aScheme, test.aHost, test.aPort, | |
337 test.aPath, CSPSource::NoWildcard, CSPSource::NoWildcard); | |
338 | |
339 CSPSource* a = | |
340 new CSPSource(csp.get(), test.bScheme, test.bHost, test.bPort, | |
341 test.bPath, CSPSource::NoWildcard, CSPSource::NoWildcard); | |
342 | |
343 // Reverse the order of comparison for First vs Second but the call to the | |
344 // function is the same. | |
345 assertNormalizationReturn(b, a, a->getNormalized(b), NullCSPSource); | |
346 } | |
347 } | |
348 | |
349 TEST_F(CSPSourceTest, NormalizingCSPSourcesWildcardsInHostsPorts) { | |
350 // Hosts must be equal, schemes matching as well as paths. | |
351 struct TestCase { | |
352 CSPSource::WildcardDisposition aHostDispotion; | |
353 CSPSource::WildcardDisposition aPortDispotion; | |
354 CSPSource::WildcardDisposition bHostDispotion; | |
355 CSPSource::WildcardDisposition bPortDispotion; | |
356 NormalizationReturn expected; | |
357 } cases[] = { | |
358 // One out of four possible wildcards. | |
359 {CSPSource::HasWildcard, CSPSource::NoWildcard, CSPSource::NoWildcard, | |
360 CSPSource::NoWildcard, SecondCSPSource}, | |
361 {CSPSource::NoWildcard, CSPSource::HasWildcard, CSPSource::NoWildcard, | |
362 CSPSource::NoWildcard, SecondCSPSource}, | |
363 {CSPSource::NoWildcard, CSPSource::NoWildcard, CSPSource::NoWildcard, | |
364 CSPSource::HasWildcard, FirstCSPSource}, | |
365 {CSPSource::NoWildcard, CSPSource::NoWildcard, CSPSource::HasWildcard, | |
366 CSPSource::NoWildcard, FirstCSPSource}, | |
367 // Two out of four possible wildcards. | |
368 {CSPSource::HasWildcard, CSPSource::HasWildcard, CSPSource::NoWildcard, | |
369 CSPSource::NoWildcard, SecondCSPSource}, | |
370 {CSPSource::HasWildcard, CSPSource::NoWildcard, CSPSource::HasWildcard, | |
371 CSPSource::NoWildcard, FirstCSPSource}, | |
372 {CSPSource::HasWildcard, CSPSource::NoWildcard, CSPSource::NoWildcard, | |
373 CSPSource::HasWildcard, NewCSPSource}, | |
374 {CSPSource::NoWildcard, CSPSource::HasWildcard, CSPSource::HasWildcard, | |
375 CSPSource::NoWildcard, NewCSPSource}, | |
376 {CSPSource::NoWildcard, CSPSource::HasWildcard, CSPSource::NoWildcard, | |
377 CSPSource::HasWildcard, FirstCSPSource}, | |
378 {CSPSource::NoWildcard, CSPSource::NoWildcard, CSPSource::HasWildcard, | |
379 CSPSource::HasWildcard, FirstCSPSource}, | |
380 // Three out of four possible wildcards. | |
381 {CSPSource::HasWildcard, CSPSource::HasWildcard, CSPSource::HasWildcard, | |
382 CSPSource::NoWildcard, SecondCSPSource}, | |
383 {CSPSource::HasWildcard, CSPSource::HasWildcard, CSPSource::NoWildcard, | |
384 CSPSource::HasWildcard, SecondCSPSource}, | |
385 {CSPSource::HasWildcard, CSPSource::NoWildcard, CSPSource::HasWildcard, | |
386 CSPSource::HasWildcard, FirstCSPSource}, | |
387 {CSPSource::NoWildcard, CSPSource::HasWildcard, CSPSource::HasWildcard, | |
388 CSPSource::HasWildcard, FirstCSPSource}, | |
389 // Four out of four possible wildcards. | |
390 {CSPSource::HasWildcard, CSPSource::HasWildcard, CSPSource::HasWildcard, | |
391 CSPSource::HasWildcard, FirstCSPSource}, | |
392 }; | |
393 | |
394 for (const auto& test : cases) { | |
395 CSPSource* a = new CSPSource(csp.get(), "http", "example.com", 0, "/", | |
396 test.aHostDispotion, test.aPortDispotion); | |
397 | |
398 CSPSource* b = new CSPSource(csp.get(), "http", "example.com", 0, "/", | |
399 test.bHostDispotion, test.bPortDispotion); | |
400 | |
401 assertNormalizationReturn(a, b, a->getNormalized(b), test.expected); | |
402 } | |
403 | |
404 // If hosts are not matching, wildcards should not matter. | |
405 for (const auto& test : cases) { | |
406 NormalizationReturn expected = NullCSPSource; | |
407 CSPSource* a = new CSPSource(csp.get(), "http", "a.com", 0, "/", | |
408 test.aHostDispotion, test.aPortDispotion); | |
409 | |
410 CSPSource* b = new CSPSource(csp.get(), "http", "b.com", 0, "/", | |
411 test.bHostDispotion, test.bPortDispotion); | |
412 | |
413 assertNormalizationReturn(a, b, a->getNormalized(b), expected); | |
414 } | |
415 | |
416 // If schemes are not matching, wildcards should not matter. | |
417 for (const auto& test : cases) { | |
418 NormalizationReturn expected = NullCSPSource; | |
419 CSPSource* a = new CSPSource(csp.get(), "wss", "example.com", 0, "/", | |
420 test.aHostDispotion, test.aPortDispotion); | |
421 | |
422 CSPSource* b = new CSPSource(csp.get(), "http", "example.com", 0, "/", | |
423 test.bHostDispotion, test.bPortDispotion); | |
424 | |
425 assertNormalizationReturn(a, b, a->getNormalized(b), expected); | |
426 } | |
427 | |
428 // If paths are not matching, wildcards should not matter. | |
429 for (const auto& test : cases) { | |
430 NormalizationReturn expected = NullCSPSource; | |
431 CSPSource* a = | |
432 new CSPSource(csp.get(), "wss", "example.com", 0, "/path1.html", | |
433 test.aHostDispotion, test.aPortDispotion); | |
434 | |
435 CSPSource* b = | |
436 new CSPSource(csp.get(), "http", "example.com", 0, "/path2.html", | |
437 test.bHostDispotion, test.bPortDispotion); | |
438 | |
439 assertNormalizationReturn(a, b, a->getNormalized(b), expected); | |
440 } | |
441 | |
442 // If first CSP source is just a scheme, wildcards should not matter. | |
443 for (const auto& test : cases) { | |
444 NormalizationReturn expected = SecondCSPSource; | |
445 CSPSource* a = new CSPSource(csp.get(), "http", "", 0, "/", | |
446 test.aHostDispotion, test.aPortDispotion); | |
447 | |
448 CSPSource* b = | |
449 new CSPSource(csp.get(), "http", "example.com", 0, "/path2.html", | |
450 test.bHostDispotion, test.bPortDispotion); | |
451 | |
452 assertNormalizationReturn(a, b, a->getNormalized(b), expected); | |
453 } | |
454 | |
455 // If there are many different signals, new CSPSource will be created now | |
456 // matter what. | |
457 // In this case higher scheme in the first and more precise path in the | |
458 // second. | |
459 for (const auto& test : cases) { | |
460 NormalizationReturn expected = NewCSPSource; | |
461 CSPSource* a = new CSPSource(csp.get(), "https", "example.com", 0, "/", | |
462 test.aHostDispotion, test.aPortDispotion); | |
463 | |
464 CSPSource* b = | |
465 new CSPSource(csp.get(), "http", "example.com", 0, "/path2.html", | |
466 test.bHostDispotion, test.bPortDispotion); | |
467 | |
468 assertNormalizationReturn(a, b, a->getNormalized(b), expected); | |
469 } | |
470 | |
471 // If there are many different signals, new CSPSource will be created now | |
472 // matter what. | |
473 // In this case higher scheme in the second and more precise path in the | |
474 // first. | |
475 for (const auto& test : cases) { | |
476 NormalizationReturn expected = NewCSPSource; | |
477 CSPSource* a = | |
478 new CSPSource(csp.get(), "http", "example.com", 0, "/path2.html", | |
479 test.aHostDispotion, test.aPortDispotion); | |
480 | |
481 CSPSource* b = new CSPSource(csp.get(), "https", "example.com", 0, "/", | |
482 test.bHostDispotion, test.bPortDispotion); | |
483 | |
484 assertNormalizationReturn(a, b, a->getNormalized(b), expected); | |
485 } | |
486 } | |
487 | |
488 TEST_F(CSPSourceTest, NormalizingCSPSourcesWildcardsInHostsPortsWithPreferred) { | |
489 // Hosts must be equal, schemes matching as well as paths. | |
490 struct TestCase { | |
491 CSPSource::WildcardDisposition aHostDispotion; | |
492 CSPSource::WildcardDisposition aPortDispotion; | |
493 CSPSource::WildcardDisposition bHostDispotion; | |
494 CSPSource::WildcardDisposition bPortDispotion; | |
495 NormalizationReturn expected; | |
496 } cases[] = { | |
497 // One out of four possible wildcards. | |
498 {CSPSource::HasWildcard, CSPSource::NoWildcard, CSPSource::NoWildcard, | |
499 CSPSource::NoWildcard, SecondCSPSource}, | |
500 {CSPSource::NoWildcard, CSPSource::HasWildcard, CSPSource::NoWildcard, | |
501 CSPSource::NoWildcard, SecondCSPSource}, | |
502 {CSPSource::NoWildcard, CSPSource::NoWildcard, CSPSource::NoWildcard, | |
503 CSPSource::HasWildcard, NewCSPSource}, | |
504 {CSPSource::NoWildcard, CSPSource::NoWildcard, CSPSource::HasWildcard, | |
505 CSPSource::NoWildcard, NewCSPSource}, | |
506 // Two out of four possible wildcards. | |
507 {CSPSource::HasWildcard, CSPSource::HasWildcard, CSPSource::NoWildcard, | |
508 CSPSource::NoWildcard, SecondCSPSource}, | |
509 {CSPSource::HasWildcard, CSPSource::NoWildcard, CSPSource::HasWildcard, | |
510 CSPSource::NoWildcard, SecondCSPSource}, | |
511 {CSPSource::HasWildcard, CSPSource::NoWildcard, CSPSource::NoWildcard, | |
512 CSPSource::HasWildcard, NewCSPSource}, | |
513 {CSPSource::NoWildcard, CSPSource::HasWildcard, CSPSource::HasWildcard, | |
514 CSPSource::NoWildcard, NewCSPSource}, | |
515 {CSPSource::NoWildcard, CSPSource::HasWildcard, CSPSource::NoWildcard, | |
516 CSPSource::HasWildcard, SecondCSPSource}, | |
517 {CSPSource::NoWildcard, CSPSource::NoWildcard, CSPSource::HasWildcard, | |
518 CSPSource::HasWildcard, NewCSPSource}, | |
519 // Three out of four possible wildcards. | |
520 {CSPSource::HasWildcard, CSPSource::HasWildcard, CSPSource::HasWildcard, | |
521 CSPSource::NoWildcard, SecondCSPSource}, | |
522 {CSPSource::HasWildcard, CSPSource::HasWildcard, CSPSource::NoWildcard, | |
523 CSPSource::HasWildcard, SecondCSPSource}, | |
524 {CSPSource::HasWildcard, CSPSource::NoWildcard, CSPSource::HasWildcard, | |
525 CSPSource::HasWildcard, NewCSPSource}, | |
526 {CSPSource::NoWildcard, CSPSource::HasWildcard, CSPSource::HasWildcard, | |
527 CSPSource::HasWildcard, NewCSPSource}, | |
528 // Four out of four possible wildcards. | |
529 {CSPSource::HasWildcard, CSPSource::HasWildcard, CSPSource::HasWildcard, | |
530 CSPSource::HasWildcard, SecondCSPSource}, | |
531 }; | |
532 | |
533 // There are different cases for wildcards but now also the second CSPSource | |
534 // has a more specific path. | |
535 for (const auto& test : cases) { | |
536 CSPSource* a = new CSPSource(csp.get(), "http", "example.com", 0, "/", | |
537 test.aHostDispotion, test.aPortDispotion); | |
538 | |
539 CSPSource* b = | |
540 new CSPSource(csp.get(), "http", "example.com", 0, "/page1.html", | |
541 test.bHostDispotion, test.bPortDispotion); | |
542 | |
543 assertNormalizationReturn(a, b, a->getNormalized(b), test.expected); | |
544 } | |
545 } | |
546 | |
126 } // namespace blink | 547 } // namespace blink |
OLD | NEW |