Index: content/common/content_security_policy/csp_context_unittest.cc |
diff --git a/content/common/content_security_policy/csp_context_unittest.cc b/content/common/content_security_policy/csp_context_unittest.cc |
index dd508e00b53a6c52befd359112f74b18152e6ca1..855d6d9e5750b40572cdd651851254698628778e 100644 |
--- a/content/common/content_security_policy/csp_context_unittest.cc |
+++ b/content/common/content_security_policy/csp_context_unittest.cc |
@@ -45,15 +45,18 @@ ContentSecurityPolicy BuildPolicy(CSPDirective::Name directive_name, |
} // namespace; |
TEST(CSPContextTest, SchemeShouldBypassCSP) { |
- CSPContextTest context; |
CSPSource source("", "example.com", false, url::PORT_UNSPECIFIED, false, ""); |
- ContentSecurityPolicy policy = |
- BuildPolicy(CSPDirective::DefaultSrc, {source}); |
- EXPECT_FALSE(context.Allow({policy}, CSPDirective::FrameSrc, |
- GURL("data:text/html,<html></html>"))); |
+ CSPContextTest context; |
+ context.AddContentSecurityPolicy( |
+ BuildPolicy(CSPDirective::DefaultSrc, {source})); |
+ |
+ EXPECT_FALSE(context.AllowContentSecurityPolicy( |
+ CSPDirective::FrameSrc, GURL("data:text/html,<html></html>"))); |
+ |
context.AddSchemeToBypassCSP("data"); |
- EXPECT_TRUE(context.Allow({policy}, CSPDirective::FrameSrc, |
- GURL("data:text/html,<html></html>"))); |
+ |
+ EXPECT_TRUE(context.AllowContentSecurityPolicy( |
+ CSPDirective::FrameSrc, GURL("data:text/html,<html></html>"))); |
} |
TEST(CSPContextTest, MultiplePolicies) { |
@@ -64,21 +67,19 @@ TEST(CSPContextTest, MultiplePolicies) { |
CSPSource source_b("", "b.com", false, url::PORT_UNSPECIFIED, false, ""); |
CSPSource source_c("", "c.com", false, url::PORT_UNSPECIFIED, false, ""); |
- ContentSecurityPolicy policy1 = |
- BuildPolicy(CSPDirective::FrameSrc, {source_a, source_b}); |
- ContentSecurityPolicy policy2 = |
- BuildPolicy(CSPDirective::FrameSrc, {source_a, source_c}); |
- |
- std::vector<ContentSecurityPolicy> policies = {policy1, policy2}; |
- |
- EXPECT_TRUE( |
- context.Allow(policies, CSPDirective::FrameSrc, GURL("http://a.com"))); |
- EXPECT_FALSE( |
- context.Allow(policies, CSPDirective::FrameSrc, GURL("http://b.com"))); |
- EXPECT_FALSE( |
- context.Allow(policies, CSPDirective::FrameSrc, GURL("http://c.com"))); |
- EXPECT_FALSE( |
- context.Allow(policies, CSPDirective::FrameSrc, GURL("http://d.com"))); |
+ context.AddContentSecurityPolicy( |
+ BuildPolicy(CSPDirective::FrameSrc, {source_a, source_b})); |
+ context.AddContentSecurityPolicy( |
+ BuildPolicy(CSPDirective::FrameSrc, {source_a, source_c})); |
+ |
+ EXPECT_TRUE(context.AllowContentSecurityPolicy(CSPDirective::FrameSrc, |
+ GURL("http://a.com"))); |
+ EXPECT_FALSE(context.AllowContentSecurityPolicy(CSPDirective::FrameSrc, |
+ GURL("http://b.com"))); |
+ EXPECT_FALSE(context.AllowContentSecurityPolicy(CSPDirective::FrameSrc, |
+ GURL("http://c.com"))); |
+ EXPECT_FALSE(context.AllowContentSecurityPolicy(CSPDirective::FrameSrc, |
+ GURL("http://d.com"))); |
} |
} // namespace content |