OLD | NEW |
---|---|
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "core/frame/csp/CSPSource.h" | 5 #include "core/frame/csp/CSPSource.h" |
6 | 6 |
7 #include "core/dom/Document.h" | 7 #include "core/dom/Document.h" |
8 #include "core/frame/csp/ContentSecurityPolicy.h" | 8 #include "core/frame/csp/ContentSecurityPolicy.h" |
9 #include "platform/network/ResourceRequest.h" | 9 #include "platform/network/ResourceRequest.h" |
10 #include "platform/weborigin/KURL.h" | 10 #include "platform/weborigin/KURL.h" |
(...skipping 143 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
154 EXPECT_FALSE(source.matches(KURL(base, "https://example.com:8443/"))); | 154 EXPECT_FALSE(source.matches(KURL(base, "https://example.com:8443/"))); |
155 | 155 |
156 EXPECT_FALSE(source.matches(KURL(base, "http://not-example.com/"))); | 156 EXPECT_FALSE(source.matches(KURL(base, "http://not-example.com/"))); |
157 EXPECT_FALSE(source.matches(KURL(base, "http://not-example.com:80/"))); | 157 EXPECT_FALSE(source.matches(KURL(base, "http://not-example.com:80/"))); |
158 EXPECT_FALSE(source.matches(KURL(base, "http://not-example.com:443/"))); | 158 EXPECT_FALSE(source.matches(KURL(base, "http://not-example.com:443/"))); |
159 EXPECT_FALSE(source.matches(KURL(base, "https://not-example.com/"))); | 159 EXPECT_FALSE(source.matches(KURL(base, "https://not-example.com/"))); |
160 EXPECT_FALSE(source.matches(KURL(base, "https://not-example.com:80/"))); | 160 EXPECT_FALSE(source.matches(KURL(base, "https://not-example.com:80/"))); |
161 EXPECT_FALSE(source.matches(KURL(base, "https://not-example.com:443/"))); | 161 EXPECT_FALSE(source.matches(KURL(base, "https://not-example.com:443/"))); |
162 } | 162 } |
163 | 163 |
164 TEST_F(CSPSourceTest, HostMatches) { | |
165 KURL base; | |
166 Persistent<ContentSecurityPolicy> csp(ContentSecurityPolicy::create()); | |
167 csp->setupSelf(*SecurityOrigin::createFromString("http://a.com")); | |
168 | |
169 // Host is * (source-expression = "http://*") | |
170 { | |
171 CSPSource source(csp.get(), "http", "", 0, "", CSPSource::HasWildcard, | |
172 CSPSource::NoWildcard); | |
173 EXPECT_TRUE(source.matches(KURL(base, "http://a.com"))); | |
174 EXPECT_TRUE(source.matches(KURL(base, "http://."))); | |
175 } | |
176 | |
177 // Host is *.foo.bar | |
178 { | |
179 CSPSource source(csp.get(), "", "foo.bar", 0, "", CSPSource::HasWildcard, | |
180 CSPSource::NoWildcard); | |
181 EXPECT_FALSE(source.matches(KURL(base, "http://a.com"))); | |
182 EXPECT_FALSE(source.matches(KURL(base, "http://bar"))); | |
183 EXPECT_FALSE(source.matches(KURL(base, "http://foo.bar"))); | |
184 EXPECT_FALSE(source.matches(KURL(base, "http://o.bar"))); | |
185 EXPECT_TRUE(source.matches(KURL(base, "http://*.foo.bar"))); | |
arthursonzogni
2017/02/14 14:16:30
It is strange to me(A wildcard in the host name),
Mike West
2017/02/15 06:43:49
This should match. It gets canonicalized to someth
arthursonzogni
2017/02/15 12:47:59
Acknowledged.
| |
186 EXPECT_TRUE(source.matches(KURL(base, "http://sub.foo.bar"))); | |
187 EXPECT_TRUE(source.matches(KURL(base, "http://sub.sub.foo.bar"))); | |
188 EXPECT_TRUE(source.matches(KURL(base, "http://.foo.bar"))); | |
arthursonzogni
2017/02/14 14:16:30
You said it looks strange to you. What do you thin
Mike West
2017/02/15 06:43:49
I did say that this looks strange. Please file a b
arthursonzogni
2017/02/15 12:47:59
Done. BUG=692505
| |
189 } | |
190 | |
191 // Host is exact. | |
192 { | |
193 CSPSource source(csp.get(), "", "foo.bar", 0, "", CSPSource::NoWildcard, | |
194 CSPSource::NoWildcard); | |
195 EXPECT_TRUE(source.matches(KURL(base, "http://foo.bar"))); | |
196 EXPECT_FALSE(source.matches(KURL(base, "http://sub.foo.bar"))); | |
197 EXPECT_FALSE(source.matches(KURL(base, "http://bar"))); | |
198 EXPECT_FALSE(source.matches(KURL(base, "http://.foo.bar"))); | |
arthursonzogni
2017/02/14 14:16:30
Same here.
Mike West
2017/02/15 06:43:49
Ditto.
arthursonzogni
2017/02/15 12:47:59
Done.
| |
199 } | |
200 } | |
201 | |
164 TEST_F(CSPSourceTest, DoesNotSubsume) { | 202 TEST_F(CSPSourceTest, DoesNotSubsume) { |
165 struct Source { | 203 struct Source { |
166 const char* scheme; | 204 const char* scheme; |
167 const char* host; | 205 const char* host; |
168 const char* path; | 206 const char* path; |
169 const int port; | 207 const int port; |
170 }; | 208 }; |
171 struct TestCase { | 209 struct TestCase { |
172 const Source a; | 210 const Source a; |
173 const Source b; | 211 const Source b; |
(...skipping 606 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
780 normalized = B->intersect(A); | 818 normalized = B->intersect(A); |
781 Source intersectBA = { | 819 Source intersectBA = { |
782 normalized->m_scheme, normalized->m_host, | 820 normalized->m_scheme, normalized->m_host, |
783 normalized->m_path, normalized->m_port, | 821 normalized->m_path, normalized->m_port, |
784 normalized->m_hostWildcard, normalized->m_portWildcard}; | 822 normalized->m_hostWildcard, normalized->m_portWildcard}; |
785 EXPECT_TRUE(equalSources(intersectBA, test.normalized)); | 823 EXPECT_TRUE(equalSources(intersectBA, test.normalized)); |
786 } | 824 } |
787 } | 825 } |
788 | 826 |
789 } // namespace blink | 827 } // namespace blink |
OLD | NEW |