OLD | NEW |
---|---|
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "core/frame/csp/SourceListDirective.h" | 5 #include "core/frame/csp/SourceListDirective.h" |
6 | 6 |
7 #include "core/dom/Document.h" | 7 #include "core/dom/Document.h" |
8 #include "core/frame/csp/CSPSource.h" | 8 #include "core/frame/csp/CSPSource.h" |
9 #include "core/frame/csp/ContentSecurityPolicy.h" | 9 #include "core/frame/csp/ContentSecurityPolicy.h" |
10 #include "platform/network/ResourceRequest.h" | 10 #include "platform/network/ResourceRequest.h" |
(...skipping 235 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
246 {"https://example1.com/foo/ https://example2.com/bar/", | 246 {"https://example1.com/foo/ https://example2.com/bar/", |
247 "https://example1.com/foo/ https://example2.com/bar/"}, | 247 "https://example1.com/foo/ https://example2.com/bar/"}, |
248 {"https://example1.com/foo/ wss://example2.com/bar/", | 248 {"https://example1.com/foo/ wss://example2.com/bar/", |
249 "https://example1.com/foo/"}, | 249 "https://example1.com/foo/"}, |
250 // Normalizing hosts. | 250 // Normalizing hosts. |
251 {"http://*.example1.com/foo/ http://*.example2.com/bar/", | 251 {"http://*.example1.com/foo/ http://*.example2.com/bar/", |
252 "http://example1.com/foo/ http://*.example2.com/bar/"}, | 252 "http://example1.com/foo/ http://*.example2.com/bar/"}, |
253 {"http://*.example1.com/foo/ http://foo.example2.com/bar/", | 253 {"http://*.example1.com/foo/ http://foo.example2.com/bar/", |
254 "http://example1.com/foo/ http://foo.example2.com/bar/"}, | 254 "http://example1.com/foo/ http://foo.example2.com/bar/"}, |
255 // Normalizing ports. | 255 // Normalizing ports. |
256 {"http://example1.com:80/foo/ http://example2.com/bar/", | 256 {"http://example1.com/foo/ http://example2.com/bar/", |
257 "http://example1.com:80/foo/ http://example2.com/bar/"}, | 257 "http://example1.com/foo/ http://example2.com/bar/"}, |
258 {"http://example1.com/foo/ http://example2.com:90/bar/", | 258 {"http://example1.com/foo/ http://example2.com:90/bar/", |
259 "http://example1.com/foo/"}, | 259 "http://example1.com/foo/"}, |
260 {"http://example1.com:*/foo/ http://example2.com/bar/", | 260 {"http://example1.com:*/foo/ http://example2.com/bar/", |
261 "http://example1.com/foo/ http://example2.com/bar/"}, | 261 "http://example1.com/foo/ http://example2.com/bar/"}, |
262 {"http://*.example3.com:100/bar/ http://example1.com/foo/", | 262 {"http://*.example3.com:100/bar/ http://example1.com/foo/", |
263 "http://example1.com/foo/ http://*.example3.com:100/bar/"}, | 263 "http://example1.com/foo/ http://*.example3.com:100/bar/"}, |
264 // Normalizing paths. | 264 // Normalizing paths. |
265 {"http://example1.com/ http://example2.com/", | 265 {"http://example1.com/ http://example2.com/", |
266 "http://example1.com/foo/ http://example2.com/bar/"}, | 266 "http://example1.com/foo/ http://example2.com/bar/"}, |
267 {"http://example1.com/foo/index.html http://example2.com/bar/", | 267 {"http://example1.com/foo/index.html http://example2.com/bar/", |
(...skipping 18 matching lines...) Expand all Loading... | |
286 normalized[i]->m_port, normalized[i]->m_path, | 286 normalized[i]->m_port, normalized[i]->m_path, |
287 normalized[i]->m_hostWildcard, normalized[i]->m_portWildcard}; | 287 normalized[i]->m_hostWildcard, normalized[i]->m_portWildcard}; |
288 Source b = {expected[i]->m_scheme, expected[i]->m_host, | 288 Source b = {expected[i]->m_scheme, expected[i]->m_host, |
289 expected[i]->m_port, expected[i]->m_path, | 289 expected[i]->m_port, expected[i]->m_path, |
290 expected[i]->m_hostWildcard, expected[i]->m_portWildcard}; | 290 expected[i]->m_hostWildcard, expected[i]->m_portWildcard}; |
291 EXPECT_TRUE(equalSources(a, b)); | 291 EXPECT_TRUE(equalSources(a, b)); |
292 } | 292 } |
293 } | 293 } |
294 } | 294 } |
295 | 295 |
296 TEST_F(SourceListDirectiveTest, GetIntersectCSPSourcesSchemes) { | |
297 KURL base; | |
298 String sources = | |
299 "http: http://example1.com/foo/ https://example1.com/foo/ " | |
300 "http://example1.com/bar/page.html"; | |
301 SourceListDirective sourceList("script-src", sources, csp.get()); | |
Mike West
2016/11/17 10:58:31
Might as well just inline the source string here.
| |
302 struct TestCase { | |
303 String sources; | |
304 String expected; | |
305 } cases[] = { | |
306 {"http:", | |
307 "http: http://example1.com/foo/ https://example1.com/foo/ " | |
308 "http://example1.com/bar/page.html"}, | |
309 {"https:", | |
310 "https: https://example1.com/foo/ https://example1.com/foo/ " | |
311 "https://example1.com/bar/page.html"}, | |
312 {"https: http://example1.com/foo/", | |
313 "https: http://example1.com/foo/ https://example1.com/foo/ " | |
314 "https://example1.com/bar/page.html"}, | |
315 {"http://*.example1.com/", | |
316 "http://*.example1.com/ http://example1.com/foo/ " | |
317 "https://example1.com/foo/ http://example1.com/bar/page.html"}, | |
318 {"http://example1.com/foo/ https://example1.com/foo/", | |
319 "https://example1.com/foo/ http://example1.com/foo/ " | |
320 "https://example1.com/foo/"}, | |
321 {"https://example1.com/foo/ https://example1.com/foo/", | |
322 "https://example1.com/foo/ https://example1.com/foo/ " | |
323 "https://example1.com/foo/"}, | |
324 {"https://example1.com/foo/ http://example1.com/foo/", | |
325 "http://example1.com/foo/ http://example1.com/foo/ " | |
326 "https://example1.com/foo/"}, | |
327 }; | |
328 | |
329 for (const auto& test : cases) { | |
330 SourceListDirective secondList("script-src", test.sources, csp.get()); | |
331 HeapVector<Member<CSPSource>> normalized = | |
332 sourceList.getIntersectCSPSources(secondList.m_list); | |
Mike West
2016/11/17 10:58:31
This should be symmetric right? Could you add chec
| |
333 SourceListDirective helperSourceList("script-src", test.expected, | |
334 csp.get()); | |
335 HeapVector<Member<CSPSource>> expected = helperSourceList.m_list; | |
336 EXPECT_EQ(normalized.size(), expected.size()); | |
337 for (size_t i = 0; i < normalized.size(); i++) { | |
338 Source a = {normalized[i]->m_scheme, normalized[i]->m_host, | |
339 normalized[i]->m_port, normalized[i]->m_path, | |
340 normalized[i]->m_hostWildcard, normalized[i]->m_portWildcard}; | |
341 Source b = {expected[i]->m_scheme, expected[i]->m_host, | |
342 expected[i]->m_port, expected[i]->m_path, | |
343 expected[i]->m_hostWildcard, expected[i]->m_portWildcard}; | |
344 EXPECT_TRUE(equalSources(a, b)); | |
345 } | |
346 } | |
347 } | |
348 | |
296 } // namespace blink | 349 } // namespace blink |
OLD | NEW |