Chromium Code Reviews Chromium Code Reviews
Issue 2550093005:
Embedding-CSP: Fixing path matching (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "core/frame/csp/CSPSource.h" | 5 #include "core/frame/csp/CSPSource.h" |
| 6 | 6 |
| 7 #include "core/dom/Document.h" | 7 #include "core/dom/Document.h" |
| 8 #include "core/frame/csp/ContentSecurityPolicy.h" | 8 #include "core/frame/csp/ContentSecurityPolicy.h" |
| 9 #include "platform/network/ResourceRequest.h" | 9 #include "platform/network/ResourceRequest.h" |
| 10 #include "platform/weborigin/KURL.h" | 10 #include "platform/weborigin/KURL.h" |
| (...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 46 EXPECT_TRUE(source.matches(KURL(base, "http://example.com:8000/foo/bar"))); | 46 EXPECT_TRUE(source.matches(KURL(base, "http://example.com:8000/foo/bar"))); |
| 47 EXPECT_TRUE(source.matches(KURL(base, "HTTP://EXAMPLE.com:8000/foo/BAR"))); | 47 EXPECT_TRUE(source.matches(KURL(base, "HTTP://EXAMPLE.com:8000/foo/BAR"))); |
| 48 | 48 |
| 49 EXPECT_FALSE(source.matches(KURL(base, "http://example.com:8000/bar/"))); | 49 EXPECT_FALSE(source.matches(KURL(base, "http://example.com:8000/bar/"))); |
| 50 EXPECT_FALSE(source.matches(KURL(base, "https://example.com:8000/bar/"))); | 50 EXPECT_FALSE(source.matches(KURL(base, "https://example.com:8000/bar/"))); |
| 51 EXPECT_FALSE(source.matches(KURL(base, "http://example.com:9000/bar/"))); | 51 EXPECT_FALSE(source.matches(KURL(base, "http://example.com:9000/bar/"))); |
| 52 EXPECT_FALSE(source.matches(KURL(base, "HTTP://example.com:8000/FOO/bar"))); | 52 EXPECT_FALSE(source.matches(KURL(base, "HTTP://example.com:8000/FOO/bar"))); |
| 53 EXPECT_FALSE(source.matches(KURL(base, "HTTP://example.com:8000/FOO/BAR"))); | 53 EXPECT_FALSE(source.matches(KURL(base, "HTTP://example.com:8000/FOO/BAR"))); |
| 54 } | 54 } |
| 55 | 55 |
| 56 TEST_F(CSPSourceTest, BasicPathMatching) { | |
|
amalika
2016/12/08 19:31:00
Added path matching test
| |
| 57 KURL base; | |
| 58 CSPSource A(csp.get(), "http", "example.com", 8000, "/", | |
| 59 CSPSource::NoWildcard, CSPSource::NoWildcard); | |
| 60 | |
| 61 EXPECT_TRUE(A.matches(KURL(base, "http://example.com:8000"))); | |
| 62 EXPECT_TRUE(A.matches(KURL(base, "http://example.com:8000/"))); | |
| 63 EXPECT_TRUE(A.matches(KURL(base, "http://example.com:8000/foo/bar"))); | |
| 64 | |
| 65 EXPECT_FALSE(A.matches(KURL(base, "http://example.com:8000path"))); | |
| 66 EXPECT_FALSE(A.matches(KURL(base, "http://example.com:9000/"))); | |
| 67 | |
| 68 CSPSource B(csp.get(), "http", "example.com", 8000, "", CSPSource::NoWildcard, | |
| 69 CSPSource::NoWildcard); | |
| 70 EXPECT_TRUE(B.matches(KURL(base, "http://example.com:8000"))); | |
| 71 EXPECT_TRUE(B.matches(KURL(base, "http://example.com:8000/"))); | |
| 72 EXPECT_TRUE(A.matches(KURL(base, "http://example.com:8000/foo/bar"))); | |
| 73 | |
| 74 EXPECT_FALSE(B.matches(KURL(base, "http://example.com:8000path"))); | |
| 75 EXPECT_FALSE(B.matches(KURL(base, "http://example.com:9000/"))); | |
| 76 } | |
| 77 | |
| 56 TEST_F(CSPSourceTest, WildcardMatching) { | 78 TEST_F(CSPSourceTest, WildcardMatching) { |
| 57 KURL base; | 79 KURL base; |
| 58 CSPSource source(csp.get(), "http", "example.com", 0, "/", | 80 CSPSource source(csp.get(), "http", "example.com", 0, "/", |
| 59 CSPSource::HasWildcard, CSPSource::HasWildcard); | 81 CSPSource::HasWildcard, CSPSource::HasWildcard); |
| 60 | 82 |
| 61 EXPECT_TRUE(source.matches(KURL(base, "http://foo.example.com:8000/"))); | 83 EXPECT_TRUE(source.matches(KURL(base, "http://foo.example.com:8000/"))); |
| 62 EXPECT_TRUE(source.matches(KURL(base, "http://foo.example.com:8000/foo"))); | 84 EXPECT_TRUE(source.matches(KURL(base, "http://foo.example.com:8000/foo"))); |
| 63 EXPECT_TRUE(source.matches(KURL(base, "http://foo.example.com:9000/foo/"))); | 85 EXPECT_TRUE(source.matches(KURL(base, "http://foo.example.com:9000/foo/"))); |
| 64 EXPECT_TRUE( | 86 EXPECT_TRUE( |
| 65 source.matches(KURL(base, "HTTP://FOO.EXAMPLE.com:8000/foo/BAR"))); | 87 source.matches(KURL(base, "HTTP://FOO.EXAMPLE.com:8000/foo/BAR"))); |
| (...skipping 121 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 187 } cases[] = { | 209 } cases[] = { |
| 188 // Equal signals | 210 // Equal signals |
| 189 {{"http", "/", 0}, {"http", "/", 0}, true, true}, | 211 {{"http", "/", 0}, {"http", "/", 0}, true, true}, |
| 190 {{"https", "/", 0}, {"https", "/", 0}, true, true}, | 212 {{"https", "/", 0}, {"https", "/", 0}, true, true}, |
| 191 {{"https", "/page1.html", 0}, {"https", "/page1.html", 0}, true, true}, | 213 {{"https", "/page1.html", 0}, {"https", "/page1.html", 0}, true, true}, |
| 192 {{"http", "/", 70}, {"http", "/", 70}, true, true}, | 214 {{"http", "/", 70}, {"http", "/", 70}, true, true}, |
| 193 {{"https", "/", 70}, {"https", "/", 70}, true, true}, | 215 {{"https", "/", 70}, {"https", "/", 70}, true, true}, |
| 194 {{"https", "/page1.html", 0}, {"https", "/page1.html", 0}, true, true}, | 216 {{"https", "/page1.html", 0}, {"https", "/page1.html", 0}, true, true}, |
| 195 {{"http", "/page1.html", 70}, {"http", "/page1.html", 70}, true, true}, | 217 {{"http", "/page1.html", 70}, {"http", "/page1.html", 70}, true, true}, |
| 196 {{"https", "/page1.html", 70}, {"https", "/page1.html", 70}, true, true}, | 218 {{"https", "/page1.html", 70}, {"https", "/page1.html", 70}, true, true}, |
| 219 {{"http", "/", 0}, {"http", "", 0}, true, true}, | |
| 220 {{"http", "/", 80}, {"http", "", 80}, true, true}, | |
| 221 {{"http", "/", 80}, {"https", "", 443}, false, true}, | |
| 197 // One stronger signal in the first CSPSource | 222 // One stronger signal in the first CSPSource |
| 198 {{"https", "/", 0}, {"http", "/", 0}, true, false}, | 223 {{"https", "/", 0}, {"http", "/", 0}, true, false}, |
| 199 {{"http", "/page1.html", 0}, {"http", "/", 0}, true, false}, | 224 {{"http", "/page1.html", 0}, {"http", "/", 0}, true, false}, |
| 200 {{"http", "/", 80}, {"http", "/", 0}, true, true}, | 225 {{"http", "/", 80}, {"http", "/", 0}, true, true}, |
| 201 {{"http", "/", 700}, {"http", "/", 0}, false, false}, | 226 {{"http", "/", 700}, {"http", "/", 0}, false, false}, |
| 202 // Two stronger signals in the first CSPSource | 227 // Two stronger signals in the first CSPSource |
| 203 {{"https", "/page1.html", 0}, {"http", "/", 0}, true, false}, | 228 {{"https", "/page1.html", 0}, {"http", "/", 0}, true, false}, |
| 204 {{"https", "/", 80}, {"http", "/", 0}, false, false}, | 229 {{"https", "/", 80}, {"http", "/", 0}, false, false}, |
| 205 {{"http", "/page1.html", 80}, {"http", "/", 0}, true, false}, | 230 {{"http", "/page1.html", 80}, {"http", "/", 0}, true, false}, |
| 206 // Three stronger signals in the first CSPSource | 231 // Three stronger signals in the first CSPSource |
| (...skipping 548 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 755 normalized = B->intersect(A); | 780 normalized = B->intersect(A); |
| 756 Source intersectBA = { | 781 Source intersectBA = { |
| 757 normalized->m_scheme, normalized->m_host, | 782 normalized->m_scheme, normalized->m_host, |
| 758 normalized->m_path, normalized->m_port, | 783 normalized->m_path, normalized->m_port, |
| 759 normalized->m_hostWildcard, normalized->m_portWildcard}; | 784 normalized->m_hostWildcard, normalized->m_portWildcard}; |
| 760 EXPECT_TRUE(equalSources(intersectBA, test.normalized)); | 785 EXPECT_TRUE(equalSources(intersectBA, test.normalized)); |
| 761 } | 786 } |
| 762 } | 787 } |
| 763 | 788 |
| 764 } // namespace blink | 789 } // namespace blink |
| OLD | NEW |
