 Chromium Code Reviews
 Chromium Code Reviews Issue 2487983003:
  Part 2.3: Is policy list subsumed under subsuming policy?  (Closed)
    
  
    Issue 2487983003:
  Part 2.3: Is policy list subsumed under subsuming policy?  (Closed) 
  | Index: third_party/WebKit/Source/core/frame/csp/CSPSourceTest.cpp | 
| diff --git a/third_party/WebKit/Source/core/frame/csp/CSPSourceTest.cpp b/third_party/WebKit/Source/core/frame/csp/CSPSourceTest.cpp | 
| index fff48cc563876e1e83e8edb37d629d15665d0083..f631994a5665cc595cd8ad72eb924bdc806cd600 100644 | 
| --- a/third_party/WebKit/Source/core/frame/csp/CSPSourceTest.cpp | 
| +++ b/third_party/WebKit/Source/core/frame/csp/CSPSourceTest.cpp | 
| @@ -19,6 +19,20 @@ class CSPSourceTest : public ::testing::Test { | 
| protected: | 
| Persistent<ContentSecurityPolicy> csp; | 
| + struct Source { | 
| + String scheme; | 
| + String host; | 
| + String path; | 
| + const int port; | 
| 
Mike West
2016/11/24 14:00:54
Nit: Can you add a comment about the meaning of `0
 
amalika
2016/11/24 14:50:33
Added!
 | 
| + CSPSource::WildcardDisposition hostWildcard; | 
| + CSPSource::WildcardDisposition portWildcard; | 
| + }; | 
| + | 
| + bool equalSources(const Source& a, const Source& b) { | 
| + return a.scheme == b.scheme && a.host == b.host && a.port == b.port && | 
| + a.path == b.path && a.hostWildcard == b.hostWildcard && | 
| + a.portWildcard == b.portWildcard; | 
| + } | 
| }; | 
| TEST_F(CSPSourceTest, BasicMatching) { | 
| @@ -540,4 +554,191 @@ TEST_F(CSPSourceTest, FirstSubsumesSecond) { | 
| } | 
| } | 
| +TEST_F(CSPSourceTest, Intersect) { | 
| + struct TestCase { | 
| + const Source a; | 
| + const Source b; | 
| + const Source normalized; | 
| + } cases[] = { | 
| + {{"http", "example.com", "/", 0, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}, | 
| + {"http", "example.com", "/", 0, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}, | 
| + {"http", "example.com", "/", 0, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}}, | 
| + {{"ws", "example.com", "/", 0, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}, | 
| + {"wss", "example.com", "/", 0, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}, | 
| + {"wss", "example.com", "/", 0, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}}, | 
| + // Wildcards | 
| + {{"http", "example.com", "/", 0, CSPSource::HasWildcard, | 
| + CSPSource::NoWildcard}, | 
| + {"http", "example.com", "/", 0, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}, | 
| + {"http", "example.com", "/", 0, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}}, | 
| + {{"http", "example.com", "/", 0, CSPSource::HasWildcard, | 
| + CSPSource::HasWildcard}, | 
| + {"http", "example.com", "/", 0, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}, | 
| + {"http", "example.com", "/", 0, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}}, | 
| + {{"http", "example.com", "/", 0, CSPSource::HasWildcard, | 
| + CSPSource::NoWildcard}, | 
| + {"http", "example.com", "/", 0, CSPSource::NoWildcard, | 
| + CSPSource::HasWildcard}, | 
| + {"http", "example.com", "/", 0, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}}, | 
| + // Ports | 
| + {{"http", "example.com", "/", 80, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}, | 
| + {"http", "example.com", "/", 0, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}, | 
| + {"http", "example.com", "/", 80, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}}, | 
| + // Paths | 
| + {{"http", "example.com", "/", 0, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}, | 
| + {"http", "example.com", "/1.html", 0, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}, | 
| + {"http", "example.com", "/1.html", 0, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}}, | 
| + {{"http", "example.com", "/", 0, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}, | 
| + {"http", "example.com", "", 0, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}, | 
| + {"http", "example.com", "/", 0, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}}, | 
| + {{"http", "example.com", "/", 0, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}, | 
| + {"http", "example.com", "/a/b/", 0, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}, | 
| + {"http", "example.com", "/a/b/", 0, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}}, | 
| + {{"http", "example.com", "/a/", 0, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}, | 
| + {"http", "example.com", "/a/b/", 0, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}, | 
| + {"http", "example.com", "/a/b/", 0, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}}, | 
| + {{"http", "example.com", "/a/", 0, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}, | 
| + {"http", "example.com", "/a/b/1.html", 0, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}, | 
| + {"http", "example.com", "/a/b/1.html", 0, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}}, | 
| + // Mixed | 
| + {{"http", "example.com", "/1.html", 0, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}, | 
| + {"http", "example.com", "/", 80, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}, | 
| + {"http", "example.com", "/1.html", 80, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}}, | 
| + }; | 
| + | 
| + for (const auto& test : cases) { | 
| + CSPSource* A = | 
| + new CSPSource(csp.get(), test.a.scheme, test.a.host, test.a.port, | 
| + test.a.path, test.a.hostWildcard, test.a.portWildcard); | 
| + CSPSource* B = | 
| + new CSPSource(csp.get(), test.b.scheme, test.b.host, test.b.port, | 
| + test.b.path, test.b.hostWildcard, test.b.portWildcard); | 
| + | 
| + CSPSource* normalized = A->intersect(B); | 
| + Source intersectAB = { | 
| + normalized->m_scheme, normalized->m_host, | 
| + normalized->m_path, normalized->m_port, | 
| + normalized->m_hostWildcard, normalized->m_portWildcard}; | 
| + EXPECT_TRUE(equalSources(intersectAB, test.normalized)); | 
| + | 
| + // Verify the same test with A and B swapped. The result should be | 
| + // identical. | 
| + normalized = B->intersect(A); | 
| + Source intersectBA = { | 
| + normalized->m_scheme, normalized->m_host, | 
| + normalized->m_path, normalized->m_port, | 
| + normalized->m_hostWildcard, normalized->m_portWildcard}; | 
| + EXPECT_TRUE(equalSources(intersectBA, test.normalized)); | 
| + } | 
| +} | 
| + | 
| +TEST_F(CSPSourceTest, IntersectSchemesOnly) { | 
| + struct TestCase { | 
| + const Source a; | 
| + const Source b; | 
| + const Source normalized; | 
| + } cases[] = { | 
| + // Both sources are schemes only. | 
| + {{"http", "", "", 0, CSPSource::NoWildcard, CSPSource::NoWildcard}, | 
| + {"http", "", "", 0, CSPSource::NoWildcard, CSPSource::NoWildcard}, | 
| + {"http", "", "", 0, CSPSource::NoWildcard, CSPSource::NoWildcard}}, | 
| + {{"http", "", "", 0, CSPSource::NoWildcard, CSPSource::NoWildcard}, | 
| + {"https", "", "", 0, CSPSource::NoWildcard, CSPSource::NoWildcard}, | 
| + {"https", "", "", 0, CSPSource::NoWildcard, CSPSource::NoWildcard}}, | 
| + {{"ws", "", "", 0, CSPSource::NoWildcard, CSPSource::NoWildcard}, | 
| + {"wss", "", "", 0, CSPSource::NoWildcard, CSPSource::NoWildcard}, | 
| + {"wss", "", "", 0, CSPSource::NoWildcard, CSPSource::NoWildcard}}, | 
| + // One source is a scheme only and the other one has no wildcards. | 
| + {{"http", "", "", 0, CSPSource::NoWildcard, CSPSource::NoWildcard}, | 
| + {"http", "example.com", "/", 0, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}, | 
| + {"http", "example.com", "/", 0, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}}, | 
| + {{"http", "", "", 0, CSPSource::NoWildcard, CSPSource::NoWildcard}, | 
| + {"https", "example.com", "/", 80, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}, | 
| + {"https", "example.com", "/", 80, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}}, | 
| + {{"https", "", "", 0, CSPSource::NoWildcard, CSPSource::NoWildcard}, | 
| + {"http", "example.com", "/page.html", 80, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}, | 
| + {"https", "example.com", "/page.html", 80, CSPSource::NoWildcard, | 
| + CSPSource::NoWildcard}}, | 
| + // One source is a scheme only and the other has one or two wildcards. | 
| + {{"https", "", "", 0, CSPSource::NoWildcard, CSPSource::NoWildcard}, | 
| + {"http", "example.com", "/page.html", 80, CSPSource::HasWildcard, | 
| + CSPSource::NoWildcard}, | 
| + {"https", "example.com", "/page.html", 80, CSPSource::HasWildcard, | 
| + CSPSource::NoWildcard}}, | 
| + {{"https", "", "", 0, CSPSource::NoWildcard, CSPSource::NoWildcard}, | 
| + {"http", "example.com", "/page.html", 80, CSPSource::NoWildcard, | 
| + CSPSource::HasWildcard}, | 
| + {"https", "example.com", "/page.html", 80, CSPSource::NoWildcard, | 
| + CSPSource::HasWildcard}}, | 
| + {{"https", "", "", 0, CSPSource::NoWildcard, CSPSource::NoWildcard}, | 
| + {"http", "example.com", "/page.html", 80, CSPSource::HasWildcard, | 
| + CSPSource::HasWildcard}, | 
| + {"https", "example.com", "/page.html", 80, CSPSource::HasWildcard, | 
| + CSPSource::HasWildcard}}, | 
| + }; | 
| + | 
| + for (const auto& test : cases) { | 
| + CSPSource* A = | 
| + new CSPSource(csp.get(), test.a.scheme, test.a.host, test.a.port, | 
| + test.a.path, test.a.hostWildcard, test.a.portWildcard); | 
| + | 
| + CSPSource* B = | 
| + new CSPSource(csp.get(), test.b.scheme, test.b.host, test.b.port, | 
| + test.b.path, test.b.hostWildcard, test.b.portWildcard); | 
| + | 
| + CSPSource* normalized = A->intersect(B); | 
| + Source intersectAB = { | 
| + normalized->m_scheme, normalized->m_host, | 
| + normalized->m_path, normalized->m_port, | 
| + normalized->m_hostWildcard, normalized->m_portWildcard}; | 
| + EXPECT_TRUE(equalSources(intersectAB, test.normalized)); | 
| + | 
| + // Verify the same test with A and B swapped. The result should be | 
| + // identical. | 
| + normalized = B->intersect(A); | 
| + Source intersectBA = { | 
| + normalized->m_scheme, normalized->m_host, | 
| + normalized->m_path, normalized->m_port, | 
| + normalized->m_hostWildcard, normalized->m_portWildcard}; | 
| + EXPECT_TRUE(equalSources(intersectBA, test.normalized)); | 
| + } | 
| +} | 
| + | 
| } // namespace blink |