CSP Suborigins

Source/platform/weborigin/SecurityOriginTest.cpp

Index: Source/platform/weborigin/SecurityOriginTest.cpp
diff --git a/Source/platform/weborigin/SecurityOriginTest.cpp b/Source/platform/weborigin/SecurityOriginTest.cpp
index 8c9e36e1209df69fb0495c7bc6c9f167be46853a..acc3d23b7551b36d8bd0a16581761c6bf39e6209 100644
--- a/Source/platform/weborigin/SecurityOriginTest.cpp
+++ b/Source/platform/weborigin/SecurityOriginTest.cpp
@@ -139,5 +139,30 @@ TEST(SecurityOriginTest, CanAccessFeatureRequringSecureOrigin)
     EXPECT_EQ("Only secure origins are allowed. http://goo.gl/lq4gCo", errorMessage);
 }
 
+TEST(SecurityOriginTest, Suborigins)
+{
+    RefPtr<SecurityOrigin> origin = SecurityOrigin::createFromString("https://test.com");
+    EXPECT_FALSE(origin->hasSuborigin());
+    origin->addSuborigin("foobar");
+    EXPECT_TRUE(origin->hasSuborigin());
+    EXPECT_EQ("foobar", origin->suboriginName());
+
+    origin = SecurityOrigin::createFromString("suborigin+foobar+https://test.com");
+    EXPECT_TRUE(origin->hasSuborigin());
+    EXPECT_EQ("foobar", origin->suboriginName());

[Mike West, 2015/03/23 07:32:56]

Please verify the rest of the origin as well here and elsewhere, to ensure that
parsing a suborigin doesn't screw up parsing the rest of the URL.

+
+    origin = SecurityOrigin::createFromString("sborigin+foobar+https://test.com");
+    EXPECT_FALSE(origin->hasSuborigin());
+
+    origin = SecurityOrigin::createFromString("+foobar+https://test.com");
+    EXPECT_FALSE(origin->hasSuborigin());
+
+    origin = SecurityOrigin::createFromString("suborigin++https://test.com");
+    EXPECT_FALSE(origin->hasSuborigin());
+
+    origin = SecurityOrigin::createFromString("suborigin+https://test.com");
+    EXPECT_FALSE(origin->hasSuborigin());
+}
+

[Mike West, 2015/03/23 07:32:56]

It would be good to add a number of new unit tests to cover the behavioral
changes in SecurityOrigin. I've noted several in the CPP file.

[jww, 2015/04/11 02:52:36]

Yup, added.

 } // namespace