Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(241)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/WebKit/Source/core/fetch/CrossOriginAccessControlTest.cpp

Issue 2642043004: Fix a bug in origin header generation for CORS preflight in extensions (Closed)
Patch Set: Created 3 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « third_party/WebKit/Source/core/fetch/CrossOriginAccessControl.cpp ('k') | third_party/WebKit/Source/core/loader/DocumentThreadableLoader.cpp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2016 The Chromium Authors. All rights reserved. 1 // Copyright 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "core/fetch/CrossOriginAccessControl.h" 5 #include "core/fetch/CrossOriginAccessControl.h"
6 6
7 #include "platform/network/ResourceRequest.h" 7 #include "platform/network/ResourceRequest.h"
8 #include "platform/weborigin/SecurityOrigin.h" 8 #include "platform/weborigin/SecurityOrigin.h"
9 #include "testing/gtest/include/gtest/gtest.h" 9 #include "testing/gtest/include/gtest/gtest.h"
10 #include "wtf/RefPtr.h" 10 #include "wtf/RefPtr.h"
11 #include "wtf/text/WTFString.h" 11 #include "wtf/text/WTFString.h"
12 12
13 namespace blink { 13 namespace blink {
14 14
15 namespace { 15 namespace {
16 16
17 class CreateAccessControlPreflightRequestTest : public ::testing::Test { 17 TEST(CreateAccessControlPreflightRequestTest, LexicographicalOrder) {
18 protected:
19 virtual void SetUp() {
20 m_securityOrigin = SecurityOrigin::createFromString("http://example.com");
21 }
22
23 RefPtr<SecurityOrigin> m_securityOrigin;
24 };
25
26 TEST_F(CreateAccessControlPreflightRequestTest, LexicographicalOrder) {
27 ResourceRequest request; 18 ResourceRequest request;
28 request.addHTTPHeaderField("Orange", "Orange"); 19 request.addHTTPHeaderField("Orange", "Orange");
29 request.addHTTPHeaderField("Apple", "Red"); 20 request.addHTTPHeaderField("Apple", "Red");
30 request.addHTTPHeaderField("Kiwifruit", "Green"); 21 request.addHTTPHeaderField("Kiwifruit", "Green");
31 request.addHTTPHeaderField("Content-Type", "application/octet-stream"); 22 request.addHTTPHeaderField("Content-Type", "application/octet-stream");
32 request.addHTTPHeaderField("Strawberry", "Red"); 23 request.addHTTPHeaderField("Strawberry", "Red");
33 24
34 ResourceRequest preflight = 25 ResourceRequest preflight = createAccessControlPreflightRequest(request);
35 createAccessControlPreflightRequest(request, m_securityOrigin.get());
36 26
37 EXPECT_EQ("apple, content-type, kiwifruit, orange, strawberry", 27 EXPECT_EQ("apple, content-type, kiwifruit, orange, strawberry",
38 preflight.httpHeaderField("Access-Control-Request-Headers")); 28 preflight.httpHeaderField("Access-Control-Request-Headers"));
39 } 29 }
40 30
41 TEST_F(CreateAccessControlPreflightRequestTest, ExcludeSimpleHeaders) { 31 TEST(CreateAccessControlPreflightRequestTest, ExcludeSimpleHeaders) {
42 ResourceRequest request; 32 ResourceRequest request;
43 request.addHTTPHeaderField("Accept", "everything"); 33 request.addHTTPHeaderField("Accept", "everything");
44 request.addHTTPHeaderField("Accept-Language", "everything"); 34 request.addHTTPHeaderField("Accept-Language", "everything");
45 request.addHTTPHeaderField("Content-Language", "everything"); 35 request.addHTTPHeaderField("Content-Language", "everything");
46 request.addHTTPHeaderField("Save-Data", "on"); 36 request.addHTTPHeaderField("Save-Data", "on");
47 37
48 ResourceRequest preflight = 38 ResourceRequest preflight = createAccessControlPreflightRequest(request);
49 createAccessControlPreflightRequest(request, m_securityOrigin.get());
50 39
51 EXPECT_EQ("", preflight.httpHeaderField("Access-Control-Request-Headers")); 40 EXPECT_EQ("", preflight.httpHeaderField("Access-Control-Request-Headers"));
52 } 41 }
53 42
54 TEST_F(CreateAccessControlPreflightRequestTest, 43 TEST(CreateAccessControlPreflightRequestTest, ExcludeSimpleContentTypeHeader) {
55 ExcludeSimpleContentTypeHeader) {
56 ResourceRequest request; 44 ResourceRequest request;
57 request.addHTTPHeaderField("Content-Type", "text/plain"); 45 request.addHTTPHeaderField("Content-Type", "text/plain");
58 46
59 ResourceRequest preflight = 47 ResourceRequest preflight = createAccessControlPreflightRequest(request);
60 createAccessControlPreflightRequest(request, m_securityOrigin.get());
61 48
62 EXPECT_EQ("", preflight.httpHeaderField("Access-Control-Request-Headers")); 49 EXPECT_EQ("", preflight.httpHeaderField("Access-Control-Request-Headers"));
63 } 50 }
64 51
65 TEST_F(CreateAccessControlPreflightRequestTest, IncludeNonSimpleHeader) { 52 TEST(CreateAccessControlPreflightRequestTest, IncludeNonSimpleHeader) {
66 ResourceRequest request; 53 ResourceRequest request;
67 request.addHTTPHeaderField("X-Custom-Header", "foobar"); 54 request.addHTTPHeaderField("X-Custom-Header", "foobar");
68 55
69 ResourceRequest preflight = 56 ResourceRequest preflight = createAccessControlPreflightRequest(request);
70 createAccessControlPreflightRequest(request, m_securityOrigin.get());
71 57
72 EXPECT_EQ("x-custom-header", 58 EXPECT_EQ("x-custom-header",
73 preflight.httpHeaderField("Access-Control-Request-Headers")); 59 preflight.httpHeaderField("Access-Control-Request-Headers"));
74 } 60 }
75 61
76 TEST_F(CreateAccessControlPreflightRequestTest, 62 TEST(CreateAccessControlPreflightRequestTest,
77 IncludeNonSimpleContentTypeHeader) { 63 IncludeNonSimpleContentTypeHeader) {
78 ResourceRequest request; 64 ResourceRequest request;
79 request.addHTTPHeaderField("Content-Type", "application/octet-stream"); 65 request.addHTTPHeaderField("Content-Type", "application/octet-stream");
80 66
81 ResourceRequest preflight = 67 ResourceRequest preflight = createAccessControlPreflightRequest(request);
82 createAccessControlPreflightRequest(request, m_securityOrigin.get());
83 68
84 EXPECT_EQ("content-type", 69 EXPECT_EQ("content-type",
85 preflight.httpHeaderField("Access-Control-Request-Headers")); 70 preflight.httpHeaderField("Access-Control-Request-Headers"));
86 } 71 }
87 72
88 } // namespace 73 } // namespace
89 74
90 } // namespace blink 75 } // namespace blink
OLDNEW
« no previous file with comments | « third_party/WebKit/Source/core/fetch/CrossOriginAccessControl.cpp ('k') | third_party/WebKit/Source/core/loader/DocumentThreadableLoader.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698