OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "core/frame/csp/CSPSource.h" | 5 #include "core/frame/csp/CSPSource.h" |
6 | 6 |
7 #include "core/dom/Document.h" | 7 #include "core/dom/Document.h" |
8 #include "core/frame/csp/ContentSecurityPolicy.h" | 8 #include "core/frame/csp/ContentSecurityPolicy.h" |
9 #include "platform/network/ResourceRequest.h" | 9 #include "platform/network/ResourceRequest.h" |
10 #include "platform/weborigin/KURL.h" | 10 #include "platform/weborigin/KURL.h" |
(...skipping 221 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
232 CSPSource source(csp.get(), "", "example.com", 80, "/", | 232 CSPSource source(csp.get(), "", "example.com", 80, "/", |
233 CSPSource::NoWildcard, CSPSource::NoWildcard); | 233 CSPSource::NoWildcard, CSPSource::NoWildcard); |
234 EXPECT_TRUE(source.matches(KURL(base, "http://example.com/"))); | 234 EXPECT_TRUE(source.matches(KURL(base, "http://example.com/"))); |
235 EXPECT_TRUE(source.matches(KURL(base, "https://example.com:443"))); | 235 EXPECT_TRUE(source.matches(KURL(base, "https://example.com:443"))); |
236 // TODO(mkwst, arthursonzogni): It is weird to upgrade the port without the | 236 // TODO(mkwst, arthursonzogni): It is weird to upgrade the port without the |
237 // sheme. See http://crbug.com/692499 | 237 // sheme. See http://crbug.com/692499 |
238 EXPECT_TRUE(source.matches(KURL(base, "http://example.com:443"))); | 238 EXPECT_TRUE(source.matches(KURL(base, "http://example.com:443"))); |
239 } | 239 } |
240 } | 240 } |
241 | 241 |
| 242 TEST_F(CSPSourceTest, HostMatches) { |
| 243 KURL base; |
| 244 Persistent<ContentSecurityPolicy> csp(ContentSecurityPolicy::create()); |
| 245 csp->setupSelf(*SecurityOrigin::createFromString("http://a.com")); |
| 246 |
| 247 // Host is * (source-expression = "http://*") |
| 248 { |
| 249 CSPSource source(csp.get(), "http", "", 0, "", CSPSource::HasWildcard, |
| 250 CSPSource::NoWildcard); |
| 251 EXPECT_TRUE(source.matches(KURL(base, "http://a.com"))); |
| 252 EXPECT_TRUE(source.matches(KURL(base, "http://."))); |
| 253 } |
| 254 |
| 255 // Host is *.foo.bar |
| 256 { |
| 257 CSPSource source(csp.get(), "", "foo.bar", 0, "", CSPSource::HasWildcard, |
| 258 CSPSource::NoWildcard); |
| 259 EXPECT_FALSE(source.matches(KURL(base, "http://a.com"))); |
| 260 EXPECT_FALSE(source.matches(KURL(base, "http://bar"))); |
| 261 EXPECT_FALSE(source.matches(KURL(base, "http://foo.bar"))); |
| 262 EXPECT_FALSE(source.matches(KURL(base, "http://o.bar"))); |
| 263 EXPECT_TRUE(source.matches(KURL(base, "http://*.foo.bar"))); |
| 264 EXPECT_TRUE(source.matches(KURL(base, "http://sub.foo.bar"))); |
| 265 EXPECT_TRUE(source.matches(KURL(base, "http://sub.sub.foo.bar"))); |
| 266 // Please see http://crbug.com/692505 |
| 267 EXPECT_TRUE(source.matches(KURL(base, "http://.foo.bar"))); |
| 268 } |
| 269 |
| 270 // Host is exact. |
| 271 { |
| 272 CSPSource source(csp.get(), "", "foo.bar", 0, "", CSPSource::NoWildcard, |
| 273 CSPSource::NoWildcard); |
| 274 EXPECT_TRUE(source.matches(KURL(base, "http://foo.bar"))); |
| 275 EXPECT_FALSE(source.matches(KURL(base, "http://sub.foo.bar"))); |
| 276 EXPECT_FALSE(source.matches(KURL(base, "http://bar"))); |
| 277 // Please see http://crbug.com/692505 |
| 278 EXPECT_FALSE(source.matches(KURL(base, "http://.foo.bar"))); |
| 279 } |
| 280 } |
| 281 |
242 TEST_F(CSPSourceTest, DoesNotSubsume) { | 282 TEST_F(CSPSourceTest, DoesNotSubsume) { |
243 struct Source { | 283 struct Source { |
244 const char* scheme; | 284 const char* scheme; |
245 const char* host; | 285 const char* host; |
246 const char* path; | 286 const char* path; |
247 const int port; | 287 const int port; |
248 }; | 288 }; |
249 struct TestCase { | 289 struct TestCase { |
250 const Source a; | 290 const Source a; |
251 const Source b; | 291 const Source b; |
(...skipping 606 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
858 normalized = B->intersect(A); | 898 normalized = B->intersect(A); |
859 Source intersectBA = { | 899 Source intersectBA = { |
860 normalized->m_scheme, normalized->m_host, | 900 normalized->m_scheme, normalized->m_host, |
861 normalized->m_path, normalized->m_port, | 901 normalized->m_path, normalized->m_port, |
862 normalized->m_hostWildcard, normalized->m_portWildcard}; | 902 normalized->m_hostWildcard, normalized->m_portWildcard}; |
863 EXPECT_TRUE(equalSources(intersectBA, test.normalized)); | 903 EXPECT_TRUE(equalSources(intersectBA, test.normalized)); |
864 } | 904 } |
865 } | 905 } |
866 | 906 |
867 } // namespace blink | 907 } // namespace blink |
OLD | NEW |