Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(46)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/http/transport_security_state_unittest.cc

Issue 266243004: Clang format slam. Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 6 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« net/base/mime_util_unittest.cc ('K') | « net/http/transport_security_state_static.h ('k') | net/http/url_security_manager.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/http/transport_security_state.h" 5 #include "net/http/transport_security_state.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 #include <string> 8 #include <string>
9 #include <vector> 9 #include <vector>
10 10
(...skipping 94 matching lines...) Expand 10 before | Expand all | Expand 10 after
105 TransportSecurityState::DomainState domain_state; 105 TransportSecurityState::DomainState domain_state;
106 const base::Time current_time(base::Time::Now()); 106 const base::Time current_time(base::Time::Now());
107 const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000); 107 const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000);
108 108
109 EXPECT_FALSE(state.GetDomainState("yahoo.com", true, &domain_state)); 109 EXPECT_FALSE(state.GetDomainState("yahoo.com", true, &domain_state));
110 bool include_subdomains = true; 110 bool include_subdomains = true;
111 state.AddHSTS("yahoo.com", expiry, include_subdomains); 111 state.AddHSTS("yahoo.com", expiry, include_subdomains);
112 EXPECT_TRUE(state.GetDomainState("yahoo.com", true, &domain_state)); 112 EXPECT_TRUE(state.GetDomainState("yahoo.com", true, &domain_state));
113 EXPECT_TRUE(state.GetDomainState("foo.yahoo.com", true, &domain_state)); 113 EXPECT_TRUE(state.GetDomainState("foo.yahoo.com", true, &domain_state));
114 EXPECT_TRUE(state.GetDomainState("foo.bar.yahoo.com", true, &domain_state)); 114 EXPECT_TRUE(state.GetDomainState("foo.bar.yahoo.com", true, &domain_state));
115 EXPECT_TRUE(state.GetDomainState("foo.bar.baz.yahoo.com", true, 115 EXPECT_TRUE(
116 &domain_state)); 116 state.GetDomainState("foo.bar.baz.yahoo.com", true, &domain_state));
117 EXPECT_FALSE(state.GetDomainState("com", true, &domain_state)); 117 EXPECT_FALSE(state.GetDomainState("com", true, &domain_state));
118 } 118 }
119 119
120 TEST_F(TransportSecurityStateTest, InvalidDomains) { 120 TEST_F(TransportSecurityStateTest, InvalidDomains) {
121 TransportSecurityState state; 121 TransportSecurityState state;
122 TransportSecurityState::DomainState domain_state; 122 TransportSecurityState::DomainState domain_state;
123 const base::Time current_time(base::Time::Now()); 123 const base::Time current_time(base::Time::Now());
124 const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000); 124 const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000);
125 125
126 EXPECT_FALSE(state.GetDomainState("yahoo.com", true, &domain_state)); 126 EXPECT_FALSE(state.GetDomainState("yahoo.com", true, &domain_state));
(...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after
184 } 184 }
185 185
186 TEST_F(TransportSecurityStateTest, PreloadedDomainSet) { 186 TEST_F(TransportSecurityStateTest, PreloadedDomainSet) {
187 TransportSecurityState state; 187 TransportSecurityState state;
188 TransportSecurityState::DomainState domain_state; 188 TransportSecurityState::DomainState domain_state;
189 189
190 // The domain wasn't being set, leading to a blank string in the 190 // The domain wasn't being set, leading to a blank string in the
191 // chrome://net-internals/#hsts UI. So test that. 191 // chrome://net-internals/#hsts UI. So test that.
192 EXPECT_TRUE(state.GetDomainState("market.android.com", true, &domain_state)); 192 EXPECT_TRUE(state.GetDomainState("market.android.com", true, &domain_state));
193 EXPECT_EQ(domain_state.domain, "market.android.com"); 193 EXPECT_EQ(domain_state.domain, "market.android.com");
194 EXPECT_TRUE(state.GetDomainState("sub.market.android.com", true, 194 EXPECT_TRUE(
195 &domain_state)); 195 state.GetDomainState("sub.market.android.com", true, &domain_state));
196 EXPECT_EQ(domain_state.domain, "market.android.com"); 196 EXPECT_EQ(domain_state.domain, "market.android.com");
197 } 197 }
198 198
199 static bool ShouldRedirect(const char* hostname) { 199 static bool ShouldRedirect(const char* hostname) {
200 TransportSecurityState state; 200 TransportSecurityState state;
201 TransportSecurityState::DomainState domain_state; 201 TransportSecurityState::DomainState domain_state;
202 return state.GetDomainState(hostname, true /* SNI ok */, &domain_state) && 202 return state.GetDomainState(hostname, true /* SNI ok */, &domain_state) &&
203 domain_state.ShouldUpgradeToSSL(); 203 domain_state.ShouldUpgradeToSSL();
204 } 204 }
205 205
206 static bool HasState(const char* hostname) { 206 static bool HasState(const char* hostname) {
207 TransportSecurityState state; 207 TransportSecurityState state;
208 TransportSecurityState::DomainState domain_state; 208 TransportSecurityState::DomainState domain_state;
209 return state.GetDomainState(hostname, true /* SNI ok */, &domain_state); 209 return state.GetDomainState(hostname, true /* SNI ok */, &domain_state);
210 } 210 }
211 211
212 static bool HasPublicKeyPins(const char* hostname, bool sni_enabled) { 212 static bool HasPublicKeyPins(const char* hostname, bool sni_enabled) {
213 TransportSecurityState state; 213 TransportSecurityState state;
214 TransportSecurityState::DomainState domain_state; 214 TransportSecurityState::DomainState domain_state;
215 if (!state.GetDomainState(hostname, sni_enabled, &domain_state)) 215 if (!state.GetDomainState(hostname, sni_enabled, &domain_state))
216 return false; 216 return false;
217 217
218 return domain_state.HasPublicKeyPins(); 218 return domain_state.HasPublicKeyPins();
219 } 219 }
220 220
221 static bool HasPublicKeyPins(const char* hostname) { 221 static bool HasPublicKeyPins(const char* hostname) {
222 return HasPublicKeyPins(hostname, true); 222 return HasPublicKeyPins(hostname, true);
223 } 223 }
224 224
225 static bool OnlyPinning(const char *hostname) { 225 static bool OnlyPinning(const char* hostname) {
226 TransportSecurityState state; 226 TransportSecurityState state;
227 TransportSecurityState::DomainState domain_state; 227 TransportSecurityState::DomainState domain_state;
228 if (!state.GetDomainState(hostname, true /* SNI ok */, &domain_state)) 228 if (!state.GetDomainState(hostname, true /* SNI ok */, &domain_state))
229 return false; 229 return false;
230 230
231 return (domain_state.static_spki_hashes.size() > 0 || 231 return (domain_state.static_spki_hashes.size() > 0 ||
232 domain_state.bad_static_spki_hashes.size() > 0 || 232 domain_state.bad_static_spki_hashes.size() > 0 ||
233 domain_state.dynamic_spki_hashes.size() > 0) && 233 domain_state.dynamic_spki_hashes.size() > 0) &&
234 !domain_state.ShouldUpgradeToSSL(); 234 !domain_state.ShouldUpgradeToSSL();
235 } 235 }
(...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after
298 EXPECT_TRUE(OnlyPinning("appspot.com")); 298 EXPECT_TRUE(OnlyPinning("appspot.com"));
299 EXPECT_TRUE(OnlyPinning("googlesyndication.com")); 299 EXPECT_TRUE(OnlyPinning("googlesyndication.com"));
300 EXPECT_TRUE(OnlyPinning("doubleclick.net")); 300 EXPECT_TRUE(OnlyPinning("doubleclick.net"));
301 EXPECT_TRUE(OnlyPinning("googlegroups.com")); 301 EXPECT_TRUE(OnlyPinning("googlegroups.com"));
302 302
303 // Tests for domains that don't work without SNI. 303 // Tests for domains that don't work without SNI.
304 EXPECT_FALSE(state.GetDomainState("gmail.com", false, &domain_state)); 304 EXPECT_FALSE(state.GetDomainState("gmail.com", false, &domain_state));
305 EXPECT_FALSE(state.GetDomainState("www.gmail.com", false, &domain_state)); 305 EXPECT_FALSE(state.GetDomainState("www.gmail.com", false, &domain_state));
306 EXPECT_FALSE(state.GetDomainState("m.gmail.com", false, &domain_state)); 306 EXPECT_FALSE(state.GetDomainState("m.gmail.com", false, &domain_state));
307 EXPECT_FALSE(state.GetDomainState("googlemail.com", false, &domain_state)); 307 EXPECT_FALSE(state.GetDomainState("googlemail.com", false, &domain_state));
308 EXPECT_FALSE(state.GetDomainState("www.googlemail.com", false, 308 EXPECT_FALSE(
309 &domain_state)); 309 state.GetDomainState("www.googlemail.com", false, &domain_state));
310 EXPECT_FALSE(state.GetDomainState("m.googlemail.com", false, &domain_state)); 310 EXPECT_FALSE(state.GetDomainState("m.googlemail.com", false, &domain_state));
311 311
312 // Other hosts: 312 // Other hosts:
313 313
314 EXPECT_TRUE(ShouldRedirect("aladdinschools.appspot.com")); 314 EXPECT_TRUE(ShouldRedirect("aladdinschools.appspot.com"));
315 315
316 EXPECT_TRUE(ShouldRedirect("ottospora.nl")); 316 EXPECT_TRUE(ShouldRedirect("ottospora.nl"));
317 EXPECT_TRUE(ShouldRedirect("www.ottospora.nl")); 317 EXPECT_TRUE(ShouldRedirect("www.ottospora.nl"));
318 318
319 EXPECT_TRUE(ShouldRedirect("www.paycheckrecords.com")); 319 EXPECT_TRUE(ShouldRedirect("www.paycheckrecords.com"));
(...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after
396 396
397 EXPECT_TRUE(ShouldRedirect("linx.net")); 397 EXPECT_TRUE(ShouldRedirect("linx.net"));
398 EXPECT_TRUE(ShouldRedirect("foo.linx.net")); 398 EXPECT_TRUE(ShouldRedirect("foo.linx.net"));
399 399
400 EXPECT_TRUE(ShouldRedirect("dropcam.com")); 400 EXPECT_TRUE(ShouldRedirect("dropcam.com"));
401 EXPECT_TRUE(ShouldRedirect("www.dropcam.com")); 401 EXPECT_TRUE(ShouldRedirect("www.dropcam.com"));
402 EXPECT_FALSE(HasState("foo.dropcam.com")); 402 EXPECT_FALSE(HasState("foo.dropcam.com"));
403 403
404 EXPECT_TRUE(state.GetDomainState("torproject.org", false, &domain_state)); 404 EXPECT_TRUE(state.GetDomainState("torproject.org", false, &domain_state));
405 EXPECT_FALSE(domain_state.static_spki_hashes.empty()); 405 EXPECT_FALSE(domain_state.static_spki_hashes.empty());
406 EXPECT_TRUE(state.GetDomainState("www.torproject.org", false, 406 EXPECT_TRUE(state.GetDomainState("www.torproject.org", false, &domain_state));
407 &domain_state));
408 EXPECT_FALSE(domain_state.static_spki_hashes.empty()); 407 EXPECT_FALSE(domain_state.static_spki_hashes.empty());
409 EXPECT_TRUE(state.GetDomainState("check.torproject.org", false, 408 EXPECT_TRUE(
410 &domain_state)); 409 state.GetDomainState("check.torproject.org", false, &domain_state));
411 EXPECT_FALSE(domain_state.static_spki_hashes.empty()); 410 EXPECT_FALSE(domain_state.static_spki_hashes.empty());
412 EXPECT_TRUE(state.GetDomainState("blog.torproject.org", false, 411 EXPECT_TRUE(
413 &domain_state)); 412 state.GetDomainState("blog.torproject.org", false, &domain_state));
414 EXPECT_FALSE(domain_state.static_spki_hashes.empty()); 413 EXPECT_FALSE(domain_state.static_spki_hashes.empty());
415 EXPECT_TRUE(ShouldRedirect("ebanking.indovinabank.com.vn")); 414 EXPECT_TRUE(ShouldRedirect("ebanking.indovinabank.com.vn"));
416 EXPECT_TRUE(ShouldRedirect("foo.ebanking.indovinabank.com.vn")); 415 EXPECT_TRUE(ShouldRedirect("foo.ebanking.indovinabank.com.vn"));
417 416
418 EXPECT_TRUE(ShouldRedirect("epoxate.com")); 417 EXPECT_TRUE(ShouldRedirect("epoxate.com"));
419 EXPECT_FALSE(HasState("foo.epoxate.com")); 418 EXPECT_FALSE(HasState("foo.epoxate.com"));
420 419
421 EXPECT_TRUE(HasPublicKeyPins("torproject.org")); 420 EXPECT_TRUE(HasPublicKeyPins("torproject.org"));
422 EXPECT_TRUE(HasPublicKeyPins("www.torproject.org")); 421 EXPECT_TRUE(HasPublicKeyPins("www.torproject.org"));
423 EXPECT_TRUE(HasPublicKeyPins("check.torproject.org")); 422 EXPECT_TRUE(HasPublicKeyPins("check.torproject.org"));
(...skipping 107 matching lines...) Expand 10 before | Expand all | Expand 10 after
531 EXPECT_TRUE(HasPublicKeyPins("www.twitter.com")); 530 EXPECT_TRUE(HasPublicKeyPins("www.twitter.com"));
532 EXPECT_TRUE(HasPublicKeyPins("api.twitter.com")); 531 EXPECT_TRUE(HasPublicKeyPins("api.twitter.com"));
533 EXPECT_TRUE(HasPublicKeyPins("oauth.twitter.com")); 532 EXPECT_TRUE(HasPublicKeyPins("oauth.twitter.com"));
534 EXPECT_TRUE(HasPublicKeyPins("mobile.twitter.com")); 533 EXPECT_TRUE(HasPublicKeyPins("mobile.twitter.com"));
535 EXPECT_TRUE(HasPublicKeyPins("dev.twitter.com")); 534 EXPECT_TRUE(HasPublicKeyPins("dev.twitter.com"));
536 EXPECT_TRUE(HasPublicKeyPins("business.twitter.com")); 535 EXPECT_TRUE(HasPublicKeyPins("business.twitter.com"));
537 EXPECT_TRUE(HasPublicKeyPins("platform.twitter.com")); 536 EXPECT_TRUE(HasPublicKeyPins("platform.twitter.com"));
538 EXPECT_TRUE(HasPublicKeyPins("si0.twimg.com")); 537 EXPECT_TRUE(HasPublicKeyPins("si0.twimg.com"));
539 } 538 }
540 539
541 static bool AddHash(const std::string& type_and_base64, 540 static bool AddHash(const std::string& type_and_base64, HashValueVector* out) {
542 HashValueVector* out) {
543 HashValue hash; 541 HashValue hash;
544 if (!hash.FromString(type_and_base64)) 542 if (!hash.FromString(type_and_base64))
545 return false; 543 return false;
546 544
547 out->push_back(hash); 545 out->push_back(hash);
548 return true; 546 return true;
549 } 547 }
550 548
551 TEST_F(TransportSecurityStateTest, PinValidationWithoutRejectedCerts) { 549 TEST_F(TransportSecurityStateTest, PinValidationWithoutRejectedCerts) {
552 // kGoodPath is blog.torproject.org. 550 // kGoodPath is blog.torproject.org.
553 static const char* kGoodPath[] = { 551 static const char* kGoodPath[] = {
554 "sha1/m9lHYJYke9k0GtVZ+bXSQYE8nDI=", 552 "sha1/m9lHYJYke9k0GtVZ+bXSQYE8nDI=", "sha1/o5OZxATDsgmwgcIfIWIneMJ0jkw=",
555 "sha1/o5OZxATDsgmwgcIfIWIneMJ0jkw=", 553 "sha1/wHqYaI2J+6sFZAwRfap9ZbjKzE4=", NULL,
556 "sha1/wHqYaI2J+6sFZAwRfap9ZbjKzE4=",
557 NULL,
558 }; 554 };
559 555
560 // kBadPath is plus.google.com via Trustcenter, which is utterly wrong for 556 // kBadPath is plus.google.com via Trustcenter, which is utterly wrong for
561 // torproject.org. 557 // torproject.org.
562 static const char* kBadPath[] = { 558 static const char* kBadPath[] = {
563 "sha1/4BjDjn8v2lWeUFQnqSs0BgbIcrU=", 559 "sha1/4BjDjn8v2lWeUFQnqSs0BgbIcrU=", "sha1/gzuEEAB/bkqdQS3EIjk2by7lW+k=",
564 "sha1/gzuEEAB/bkqdQS3EIjk2by7lW+k=", 560 "sha1/SOZo+SvSspXXR9gjIBBPM5iQn9Q=", NULL,
565 "sha1/SOZo+SvSspXXR9gjIBBPM5iQn9Q=",
566 NULL,
567 }; 561 };
568 562
569 HashValueVector good_hashes, bad_hashes; 563 HashValueVector good_hashes, bad_hashes;
570 564
571 for (size_t i = 0; kGoodPath[i]; i++) { 565 for (size_t i = 0; kGoodPath[i]; i++) {
572 EXPECT_TRUE(AddHash(kGoodPath[i], &good_hashes)); 566 EXPECT_TRUE(AddHash(kGoodPath[i], &good_hashes));
573 } 567 }
574 for (size_t i = 0; kBadPath[i]; i++) { 568 for (size_t i = 0; kBadPath[i]; i++) {
575 EXPECT_TRUE(AddHash(kBadPath[i], &bad_hashes)); 569 EXPECT_TRUE(AddHash(kBadPath[i], &bad_hashes));
576 } 570 }
(...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after
622 TransportSecurityState::DomainState domain_state; 616 TransportSecurityState::DomainState domain_state;
623 const base::Time current_time(base::Time::Now()); 617 const base::Time current_time(base::Time::Now());
624 const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000); 618 const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000);
625 domain_state.upgrade_expiry = expiry; 619 domain_state.upgrade_expiry = expiry;
626 EnableHost(&state, "www.google.com", domain_state); 620 EnableHost(&state, "www.google.com", domain_state);
627 621
628 EXPECT_TRUE(state.GetDomainState("www.google.com", true, &domain_state)); 622 EXPECT_TRUE(state.GetDomainState("www.google.com", true, &domain_state));
629 } 623 }
630 624
631 TEST_F(TransportSecurityStateTest, GooglePinnedProperties) { 625 TEST_F(TransportSecurityStateTest, GooglePinnedProperties) {
632 EXPECT_FALSE(TransportSecurityState::IsGooglePinnedProperty( 626 EXPECT_FALSE(
633 "www.example.com", true)); 627 TransportSecurityState::IsGooglePinnedProperty("www.example.com", true));
634 EXPECT_FALSE(TransportSecurityState::IsGooglePinnedProperty( 628 EXPECT_FALSE(
635 "www.paypal.com", true)); 629 TransportSecurityState::IsGooglePinnedProperty("www.paypal.com", true));
636 EXPECT_FALSE(TransportSecurityState::IsGooglePinnedProperty( 630 EXPECT_FALSE(
637 "mail.twitter.com", true)); 631 TransportSecurityState::IsGooglePinnedProperty("mail.twitter.com", true));
638 EXPECT_FALSE(TransportSecurityState::IsGooglePinnedProperty( 632 EXPECT_FALSE(TransportSecurityState::IsGooglePinnedProperty(
639 "www.google.com.int", true)); 633 "www.google.com.int", true));
640 EXPECT_FALSE(TransportSecurityState::IsGooglePinnedProperty( 634 EXPECT_FALSE(
641 "jottit.com", true)); 635 TransportSecurityState::IsGooglePinnedProperty("jottit.com", true));
642 // learn.doubleclick.net has a more specific match than 636 // learn.doubleclick.net has a more specific match than
643 // *.doubleclick.com, and has 0 or NULL for its required certs. 637 // *.doubleclick.com, and has 0 or NULL for its required certs.
644 // This test ensures that the exact-match-preferred behavior 638 // This test ensures that the exact-match-preferred behavior
645 // works. 639 // works.
646 EXPECT_FALSE(TransportSecurityState::IsGooglePinnedProperty( 640 EXPECT_FALSE(TransportSecurityState::IsGooglePinnedProperty(
647 "learn.doubleclick.net", true)); 641 "learn.doubleclick.net", true));
648 642
649 EXPECT_TRUE(TransportSecurityState::IsGooglePinnedProperty( 643 EXPECT_TRUE(TransportSecurityState::IsGooglePinnedProperty(
650 "encrypted.google.com", true)); 644 "encrypted.google.com", true));
651 EXPECT_TRUE(TransportSecurityState::IsGooglePinnedProperty( 645 EXPECT_TRUE(
652 "mail.google.com", true)); 646 TransportSecurityState::IsGooglePinnedProperty("mail.google.com", true));
653 EXPECT_TRUE(TransportSecurityState::IsGooglePinnedProperty( 647 EXPECT_TRUE(TransportSecurityState::IsGooglePinnedProperty(
654 "accounts.google.com", true)); 648 "accounts.google.com", true));
655 EXPECT_TRUE(TransportSecurityState::IsGooglePinnedProperty( 649 EXPECT_TRUE(
656 "doubleclick.net", true)); 650 TransportSecurityState::IsGooglePinnedProperty("doubleclick.net", true));
657 EXPECT_TRUE(TransportSecurityState::IsGooglePinnedProperty( 651 EXPECT_TRUE(TransportSecurityState::IsGooglePinnedProperty(
658 "ad.doubleclick.net", true)); 652 "ad.doubleclick.net", true));
659 EXPECT_TRUE(TransportSecurityState::IsGooglePinnedProperty( 653 EXPECT_TRUE(
660 "youtube.com", true)); 654 TransportSecurityState::IsGooglePinnedProperty("youtube.com", true));
661 EXPECT_TRUE(TransportSecurityState::IsGooglePinnedProperty( 655 EXPECT_TRUE(TransportSecurityState::IsGooglePinnedProperty(
662 "www.profiles.google.com", true)); 656 "www.profiles.google.com", true));
663 EXPECT_TRUE(TransportSecurityState::IsGooglePinnedProperty( 657 EXPECT_TRUE(TransportSecurityState::IsGooglePinnedProperty(
664 "checkout.google.com", true)); 658 "checkout.google.com", true));
665 EXPECT_TRUE(TransportSecurityState::IsGooglePinnedProperty( 659 EXPECT_TRUE(TransportSecurityState::IsGooglePinnedProperty(
666 "googleadservices.com", true)); 660 "googleadservices.com", true));
667 661
668 // Test with sni_enabled false: 662 // Test with sni_enabled false:
669 EXPECT_FALSE(TransportSecurityState::IsGooglePinnedProperty( 663 EXPECT_FALSE(
670 "www.example.com", false)); 664 TransportSecurityState::IsGooglePinnedProperty("www.example.com", false));
671 EXPECT_FALSE(TransportSecurityState::IsGooglePinnedProperty( 665 EXPECT_FALSE(
672 "www.paypal.com", false)); 666 TransportSecurityState::IsGooglePinnedProperty("www.paypal.com", false));
673 EXPECT_TRUE(TransportSecurityState::IsGooglePinnedProperty( 667 EXPECT_TRUE(TransportSecurityState::IsGooglePinnedProperty(
674 "checkout.google.com", false)); 668 "checkout.google.com", false));
675 EXPECT_TRUE(TransportSecurityState::IsGooglePinnedProperty( 669 EXPECT_TRUE(TransportSecurityState::IsGooglePinnedProperty(
676 "googleadservices.com", false)); 670 "googleadservices.com", false));
677 671
678 // Test some SNI hosts: 672 // Test some SNI hosts:
679 EXPECT_TRUE(TransportSecurityState::IsGooglePinnedProperty( 673 EXPECT_TRUE(
680 "gmail.com", true)); 674 TransportSecurityState::IsGooglePinnedProperty("gmail.com", true));
681 EXPECT_TRUE(TransportSecurityState::IsGooglePinnedProperty( 675 EXPECT_TRUE(
682 "googlegroups.com", true)); 676 TransportSecurityState::IsGooglePinnedProperty("googlegroups.com", true));
683 EXPECT_TRUE(TransportSecurityState::IsGooglePinnedProperty( 677 EXPECT_TRUE(TransportSecurityState::IsGooglePinnedProperty(
684 "www.googlegroups.com", true)); 678 "www.googlegroups.com", true));
685 // Expect to fail for SNI hosts when not searching the SNI list: 679 // Expect to fail for SNI hosts when not searching the SNI list:
686 EXPECT_FALSE(TransportSecurityState::IsGooglePinnedProperty( 680 EXPECT_FALSE(
687 "gmail.com", false)); 681 TransportSecurityState::IsGooglePinnedProperty("gmail.com", false));
688 EXPECT_FALSE(TransportSecurityState::IsGooglePinnedProperty( 682 EXPECT_FALSE(TransportSecurityState::IsGooglePinnedProperty(
689 "googlegroups.com", false)); 683 "googlegroups.com", false));
690 EXPECT_FALSE(TransportSecurityState::IsGooglePinnedProperty( 684 EXPECT_FALSE(TransportSecurityState::IsGooglePinnedProperty(
691 "www.googlegroups.com", false)); 685 "www.googlegroups.com", false));
692 } 686 }
693 687
694 } // namespace net 688 } // namespace net
OLDNEW
« net/base/mime_util_unittest.cc ('K') | « net/http/transport_security_state_static.h ('k') | net/http/url_security_manager.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698