OLD | NEW |
---|---|
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "core/frame/csp/CSPSource.h" | 5 #include "core/frame/csp/CSPSource.h" |
6 | 6 |
7 #include "core/dom/Document.h" | 7 #include "core/dom/Document.h" |
8 #include "core/frame/csp/ContentSecurityPolicy.h" | 8 #include "core/frame/csp/ContentSecurityPolicy.h" |
9 #include "platform/network/ResourceRequest.h" | 9 #include "platform/network/ResourceRequest.h" |
10 #include "platform/weborigin/KURL.h" | 10 #include "platform/weborigin/KURL.h" |
(...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
46 EXPECT_TRUE(source.matches(KURL(base, "http://example.com:8000/foo/bar"))); | 46 EXPECT_TRUE(source.matches(KURL(base, "http://example.com:8000/foo/bar"))); |
47 EXPECT_TRUE(source.matches(KURL(base, "HTTP://EXAMPLE.com:8000/foo/BAR"))); | 47 EXPECT_TRUE(source.matches(KURL(base, "HTTP://EXAMPLE.com:8000/foo/BAR"))); |
48 | 48 |
49 EXPECT_FALSE(source.matches(KURL(base, "http://example.com:8000/bar/"))); | 49 EXPECT_FALSE(source.matches(KURL(base, "http://example.com:8000/bar/"))); |
50 EXPECT_FALSE(source.matches(KURL(base, "https://example.com:8000/bar/"))); | 50 EXPECT_FALSE(source.matches(KURL(base, "https://example.com:8000/bar/"))); |
51 EXPECT_FALSE(source.matches(KURL(base, "http://example.com:9000/bar/"))); | 51 EXPECT_FALSE(source.matches(KURL(base, "http://example.com:9000/bar/"))); |
52 EXPECT_FALSE(source.matches(KURL(base, "HTTP://example.com:8000/FOO/bar"))); | 52 EXPECT_FALSE(source.matches(KURL(base, "HTTP://example.com:8000/FOO/bar"))); |
53 EXPECT_FALSE(source.matches(KURL(base, "HTTP://example.com:8000/FOO/BAR"))); | 53 EXPECT_FALSE(source.matches(KURL(base, "HTTP://example.com:8000/FOO/BAR"))); |
54 } | 54 } |
55 | 55 |
56 TEST_F(CSPSourceTest, BasicPathMatching) { | |
amalika
2016/12/08 19:31:00
Added path matching test
| |
57 KURL base; | |
58 CSPSource A(csp.get(), "http", "example.com", 8000, "/", | |
59 CSPSource::NoWildcard, CSPSource::NoWildcard); | |
60 | |
61 EXPECT_TRUE(A.matches(KURL(base, "http://example.com:8000"))); | |
62 EXPECT_TRUE(A.matches(KURL(base, "http://example.com:8000/"))); | |
63 EXPECT_TRUE(A.matches(KURL(base, "http://example.com:8000/foo/bar"))); | |
64 | |
65 EXPECT_FALSE(A.matches(KURL(base, "http://example.com:8000path"))); | |
66 EXPECT_FALSE(A.matches(KURL(base, "http://example.com:9000/"))); | |
67 | |
68 CSPSource B(csp.get(), "http", "example.com", 8000, "", CSPSource::NoWildcard, | |
69 CSPSource::NoWildcard); | |
70 EXPECT_TRUE(B.matches(KURL(base, "http://example.com:8000"))); | |
71 EXPECT_TRUE(B.matches(KURL(base, "http://example.com:8000/"))); | |
72 EXPECT_TRUE(A.matches(KURL(base, "http://example.com:8000/foo/bar"))); | |
73 | |
74 EXPECT_FALSE(B.matches(KURL(base, "http://example.com:8000path"))); | |
75 EXPECT_FALSE(B.matches(KURL(base, "http://example.com:9000/"))); | |
76 } | |
77 | |
56 TEST_F(CSPSourceTest, WildcardMatching) { | 78 TEST_F(CSPSourceTest, WildcardMatching) { |
57 KURL base; | 79 KURL base; |
58 CSPSource source(csp.get(), "http", "example.com", 0, "/", | 80 CSPSource source(csp.get(), "http", "example.com", 0, "/", |
59 CSPSource::HasWildcard, CSPSource::HasWildcard); | 81 CSPSource::HasWildcard, CSPSource::HasWildcard); |
60 | 82 |
61 EXPECT_TRUE(source.matches(KURL(base, "http://foo.example.com:8000/"))); | 83 EXPECT_TRUE(source.matches(KURL(base, "http://foo.example.com:8000/"))); |
62 EXPECT_TRUE(source.matches(KURL(base, "http://foo.example.com:8000/foo"))); | 84 EXPECT_TRUE(source.matches(KURL(base, "http://foo.example.com:8000/foo"))); |
63 EXPECT_TRUE(source.matches(KURL(base, "http://foo.example.com:9000/foo/"))); | 85 EXPECT_TRUE(source.matches(KURL(base, "http://foo.example.com:9000/foo/"))); |
64 EXPECT_TRUE( | 86 EXPECT_TRUE( |
65 source.matches(KURL(base, "HTTP://FOO.EXAMPLE.com:8000/foo/BAR"))); | 87 source.matches(KURL(base, "HTTP://FOO.EXAMPLE.com:8000/foo/BAR"))); |
(...skipping 121 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
187 } cases[] = { | 209 } cases[] = { |
188 // Equal signals | 210 // Equal signals |
189 {{"http", "/", 0}, {"http", "/", 0}, true, true}, | 211 {{"http", "/", 0}, {"http", "/", 0}, true, true}, |
190 {{"https", "/", 0}, {"https", "/", 0}, true, true}, | 212 {{"https", "/", 0}, {"https", "/", 0}, true, true}, |
191 {{"https", "/page1.html", 0}, {"https", "/page1.html", 0}, true, true}, | 213 {{"https", "/page1.html", 0}, {"https", "/page1.html", 0}, true, true}, |
192 {{"http", "/", 70}, {"http", "/", 70}, true, true}, | 214 {{"http", "/", 70}, {"http", "/", 70}, true, true}, |
193 {{"https", "/", 70}, {"https", "/", 70}, true, true}, | 215 {{"https", "/", 70}, {"https", "/", 70}, true, true}, |
194 {{"https", "/page1.html", 0}, {"https", "/page1.html", 0}, true, true}, | 216 {{"https", "/page1.html", 0}, {"https", "/page1.html", 0}, true, true}, |
195 {{"http", "/page1.html", 70}, {"http", "/page1.html", 70}, true, true}, | 217 {{"http", "/page1.html", 70}, {"http", "/page1.html", 70}, true, true}, |
196 {{"https", "/page1.html", 70}, {"https", "/page1.html", 70}, true, true}, | 218 {{"https", "/page1.html", 70}, {"https", "/page1.html", 70}, true, true}, |
219 {{"http", "/", 0}, {"http", "", 0}, true, true}, | |
220 {{"http", "/", 80}, {"http", "", 80}, true, true}, | |
221 {{"http", "/", 80}, {"https", "", 443}, false, true}, | |
197 // One stronger signal in the first CSPSource | 222 // One stronger signal in the first CSPSource |
198 {{"https", "/", 0}, {"http", "/", 0}, true, false}, | 223 {{"https", "/", 0}, {"http", "/", 0}, true, false}, |
199 {{"http", "/page1.html", 0}, {"http", "/", 0}, true, false}, | 224 {{"http", "/page1.html", 0}, {"http", "/", 0}, true, false}, |
200 {{"http", "/", 80}, {"http", "/", 0}, true, true}, | 225 {{"http", "/", 80}, {"http", "/", 0}, true, true}, |
201 {{"http", "/", 700}, {"http", "/", 0}, false, false}, | 226 {{"http", "/", 700}, {"http", "/", 0}, false, false}, |
202 // Two stronger signals in the first CSPSource | 227 // Two stronger signals in the first CSPSource |
203 {{"https", "/page1.html", 0}, {"http", "/", 0}, true, false}, | 228 {{"https", "/page1.html", 0}, {"http", "/", 0}, true, false}, |
204 {{"https", "/", 80}, {"http", "/", 0}, false, false}, | 229 {{"https", "/", 80}, {"http", "/", 0}, false, false}, |
205 {{"http", "/page1.html", 80}, {"http", "/", 0}, true, false}, | 230 {{"http", "/page1.html", 80}, {"http", "/", 0}, true, false}, |
206 // Three stronger signals in the first CSPSource | 231 // Three stronger signals in the first CSPSource |
(...skipping 548 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
755 normalized = B->intersect(A); | 780 normalized = B->intersect(A); |
756 Source intersectBA = { | 781 Source intersectBA = { |
757 normalized->m_scheme, normalized->m_host, | 782 normalized->m_scheme, normalized->m_host, |
758 normalized->m_path, normalized->m_port, | 783 normalized->m_path, normalized->m_port, |
759 normalized->m_hostWildcard, normalized->m_portWildcard}; | 784 normalized->m_hostWildcard, normalized->m_portWildcard}; |
760 EXPECT_TRUE(equalSources(intersectBA, test.normalized)); | 785 EXPECT_TRUE(equalSources(intersectBA, test.normalized)); |
761 } | 786 } |
762 } | 787 } |
763 | 788 |
764 } // namespace blink | 789 } // namespace blink |
OLD | NEW |