| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/strings/string_piece.h" | 5 #include "base/strings/string_piece.h" |
| 6 #include "content/common/cross_site_document_classifier.h" | 6 #include "content/common/cross_site_document_classifier.h" |
| 7 #include "testing/gtest/include/gtest/gtest.h" | 7 #include "testing/gtest/include/gtest/gtest.h" |
| 8 | 8 |
| 9 using base::StringPiece; | 9 using base::StringPiece; |
| 10 | 10 |
| (...skipping 12 matching lines...) Expand all Loading... |
| 23 EXPECT_FALSE(CrossSiteDocumentClassifier::IsBlockableScheme(mailto_url)); | 23 EXPECT_FALSE(CrossSiteDocumentClassifier::IsBlockableScheme(mailto_url)); |
| 24 EXPECT_FALSE(CrossSiteDocumentClassifier::IsBlockableScheme(about_url)); | 24 EXPECT_FALSE(CrossSiteDocumentClassifier::IsBlockableScheme(about_url)); |
| 25 EXPECT_TRUE(CrossSiteDocumentClassifier::IsBlockableScheme(http_url)); | 25 EXPECT_TRUE(CrossSiteDocumentClassifier::IsBlockableScheme(http_url)); |
| 26 EXPECT_TRUE(CrossSiteDocumentClassifier::IsBlockableScheme(https_url)); | 26 EXPECT_TRUE(CrossSiteDocumentClassifier::IsBlockableScheme(https_url)); |
| 27 } | 27 } |
| 28 | 28 |
| 29 TEST(CrossSiteDocumentClassifierTest, IsSameSite) { | 29 TEST(CrossSiteDocumentClassifierTest, IsSameSite) { |
| 30 GURL a_com_url0("https://mock1.a.com:8080/page1.html"); | 30 GURL a_com_url0("https://mock1.a.com:8080/page1.html"); |
| 31 GURL a_com_url1("https://mock2.a.com:9090/page2.html"); | 31 GURL a_com_url1("https://mock2.a.com:9090/page2.html"); |
| 32 GURL a_com_url2("https://a.com/page3.html"); | 32 GURL a_com_url2("https://a.com/page3.html"); |
| 33 EXPECT_TRUE(CrossSiteDocumentClassifier::IsSameSite(a_com_url0, a_com_url1)); | 33 url::Origin a_com_origin0(a_com_url0); |
| 34 EXPECT_TRUE(CrossSiteDocumentClassifier::IsSameSite(a_com_url1, a_com_url2)); | 34 EXPECT_TRUE( |
| 35 EXPECT_TRUE(CrossSiteDocumentClassifier::IsSameSite(a_com_url2, a_com_url0)); | 35 CrossSiteDocumentClassifier::IsSameSite(a_com_origin0, a_com_url1)); |
| 36 EXPECT_TRUE(CrossSiteDocumentClassifier::IsSameSite(url::Origin(a_com_url1), |
| 37 a_com_url2)); |
| 38 EXPECT_TRUE(CrossSiteDocumentClassifier::IsSameSite(url::Origin(a_com_url2), |
| 39 a_com_url0)); |
| 36 | 40 |
| 37 GURL b_com_url0("https://mock1.b.com/index.html"); | 41 GURL b_com_url0("https://mock1.b.com/index.html"); |
| 38 EXPECT_FALSE(CrossSiteDocumentClassifier::IsSameSite(a_com_url0, b_com_url0)); | 42 EXPECT_FALSE( |
| 43 CrossSiteDocumentClassifier::IsSameSite(a_com_origin0, b_com_url0)); |
| 39 | 44 |
| 40 GURL about_blank_url("about:blank"); | 45 GURL about_blank_url("about:blank"); |
| 41 EXPECT_FALSE( | 46 EXPECT_FALSE( |
| 42 CrossSiteDocumentClassifier::IsSameSite(a_com_url0, about_blank_url)); | 47 CrossSiteDocumentClassifier::IsSameSite(a_com_origin0, about_blank_url)); |
| 43 | 48 |
| 44 GURL chrome_url("chrome://extension"); | 49 GURL chrome_url("chrome://extension"); |
| 45 EXPECT_FALSE(CrossSiteDocumentClassifier::IsSameSite(a_com_url0, chrome_url)); | 50 EXPECT_FALSE( |
| 51 CrossSiteDocumentClassifier::IsSameSite(a_com_origin0, chrome_url)); |
| 46 | 52 |
| 47 GURL empty_url(""); | 53 GURL empty_url(""); |
| 48 EXPECT_FALSE(CrossSiteDocumentClassifier::IsSameSite(a_com_url0, empty_url)); | 54 EXPECT_FALSE( |
| 55 CrossSiteDocumentClassifier::IsSameSite(a_com_origin0, empty_url)); |
| 49 } | 56 } |
| 50 | 57 |
| 51 TEST(CrossSiteDocumentClassifierTest, IsValidCorsHeaderSet) { | 58 TEST(CrossSiteDocumentClassifierTest, IsValidCorsHeaderSet) { |
| 52 GURL frame_origin("http://www.google.com"); | 59 url::Origin frame_origin(GURL("http://www.google.com")); |
| 53 GURL site_origin("http://www.yahoo.com"); | 60 GURL site_origin_url("http://www.yahoo.com"); |
| 54 | 61 |
| 55 EXPECT_TRUE(CrossSiteDocumentClassifier::IsValidCorsHeaderSet( | 62 EXPECT_TRUE(CrossSiteDocumentClassifier::IsValidCorsHeaderSet( |
| 56 frame_origin, site_origin, "*")); | 63 frame_origin, site_origin_url, "*")); |
| 57 EXPECT_FALSE(CrossSiteDocumentClassifier::IsValidCorsHeaderSet( | 64 EXPECT_FALSE(CrossSiteDocumentClassifier::IsValidCorsHeaderSet( |
| 58 frame_origin, site_origin, "\"*\"")); | 65 frame_origin, site_origin_url, "\"*\"")); |
| 59 EXPECT_TRUE(CrossSiteDocumentClassifier::IsValidCorsHeaderSet( | 66 EXPECT_TRUE(CrossSiteDocumentClassifier::IsValidCorsHeaderSet( |
| 60 frame_origin, site_origin, "http://mail.google.com")); | 67 frame_origin, site_origin_url, "http://mail.google.com")); |
| 61 EXPECT_FALSE(CrossSiteDocumentClassifier::IsValidCorsHeaderSet( | 68 EXPECT_FALSE(CrossSiteDocumentClassifier::IsValidCorsHeaderSet( |
| 62 frame_origin, site_origin, "https://mail.google.com")); | 69 frame_origin, site_origin_url, "https://mail.google.com")); |
| 63 EXPECT_FALSE(CrossSiteDocumentClassifier::IsValidCorsHeaderSet( | 70 EXPECT_FALSE(CrossSiteDocumentClassifier::IsValidCorsHeaderSet( |
| 64 frame_origin, site_origin, "http://yahoo.com")); | 71 frame_origin, site_origin_url, "http://yahoo.com")); |
| 65 EXPECT_FALSE(CrossSiteDocumentClassifier::IsValidCorsHeaderSet( | 72 EXPECT_FALSE(CrossSiteDocumentClassifier::IsValidCorsHeaderSet( |
| 66 frame_origin, site_origin, "www.google.com")); | 73 frame_origin, site_origin_url, "www.google.com")); |
| 67 } | 74 } |
| 68 | 75 |
| 69 TEST(CrossSiteDocumentClassifierTest, SniffForHTML) { | 76 TEST(CrossSiteDocumentClassifierTest, SniffForHTML) { |
| 70 StringPiece html_data(" \t\r\n <HtMladfokadfkado"); | 77 StringPiece html_data(" \t\r\n <HtMladfokadfkado"); |
| 71 StringPiece comment_html_data(" <!-- this is comment --> <html><body>"); | 78 StringPiece comment_html_data(" <!-- this is comment --> <html><body>"); |
| 72 StringPiece two_comments_html_data( | 79 StringPiece two_comments_html_data( |
| 73 "<!-- this is comment -->\n<!-- this is comment --><html><body>"); | 80 "<!-- this is comment -->\n<!-- this is comment --><html><body>"); |
| 74 StringPiece mixed_comments_html_data( | 81 StringPiece mixed_comments_html_data( |
| 75 "<!-- this is comment <!-- --> <script></script>"); | 82 "<!-- this is comment <!-- --> <script></script>"); |
| 76 StringPiece non_html_data(" var name=window.location;\nadfadf"); | 83 StringPiece non_html_data(" var name=window.location;\nadfadf"); |
| (...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 110 | 117 |
| 111 EXPECT_TRUE(CrossSiteDocumentClassifier::SniffForJSON(json_data)); | 118 EXPECT_TRUE(CrossSiteDocumentClassifier::SniffForJSON(json_data)); |
| 112 EXPECT_FALSE(CrossSiteDocumentClassifier::SniffForJSON(non_json_data0)); | 119 EXPECT_FALSE(CrossSiteDocumentClassifier::SniffForJSON(non_json_data0)); |
| 113 EXPECT_FALSE(CrossSiteDocumentClassifier::SniffForJSON(non_json_data1)); | 120 EXPECT_FALSE(CrossSiteDocumentClassifier::SniffForJSON(non_json_data1)); |
| 114 | 121 |
| 115 // Basic bounds check. | 122 // Basic bounds check. |
| 116 EXPECT_FALSE(CrossSiteDocumentClassifier::SniffForJSON(empty_data)); | 123 EXPECT_FALSE(CrossSiteDocumentClassifier::SniffForJSON(empty_data)); |
| 117 } | 124 } |
| 118 | 125 |
| 119 } // namespace content | 126 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2568133007:
Allow CrossSiteDocumentClassifier to operate on Origins (Closed)
