OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "core/frame/SubresourceIntegrity.h" | 5 #include "core/frame/SubresourceIntegrity.h" |
6 | 6 |
7 #include "core/HTMLNames.h" | 7 #include "core/HTMLNames.h" |
8 #include "core/dom/Document.h" | 8 #include "core/dom/Document.h" |
9 #include "core/html/HTMLScriptElement.h" | 9 #include "core/html/HTMLScriptElement.h" |
10 #include "platform/Crypto.h" | 10 #include "platform/Crypto.h" |
(...skipping 159 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
170 enum CorsStatus { WithCors, NoCors }; | 170 enum CorsStatus { WithCors, NoCors }; |
171 | 171 |
172 void expectIntegrity(const char* integrity, | 172 void expectIntegrity(const char* integrity, |
173 const char* script, | 173 const char* script, |
174 size_t size, | 174 size_t size, |
175 const KURL& url, | 175 const KURL& url, |
176 const KURL& requestorUrl, | 176 const KURL& requestorUrl, |
177 CorsStatus corsStatus = WithCors) { | 177 CorsStatus corsStatus = WithCors) { |
178 scriptElement->setAttribute(HTMLNames::integrityAttr, integrity); | 178 scriptElement->setAttribute(HTMLNames::integrityAttr, integrity); |
179 EXPECT_TRUE(SubresourceIntegrity::CheckSubresourceIntegrity( | 179 EXPECT_TRUE(SubresourceIntegrity::CheckSubresourceIntegrity( |
180 *scriptElement, script, size, url, | 180 String(integrity), scriptElement->document(), script, size, url, |
181 *createTestResource(url, requestorUrl, corsStatus))); | 181 *createTestResource(url, requestorUrl, corsStatus))); |
182 } | 182 } |
183 | 183 |
184 void expectIntegrityFailure(const char* integrity, | 184 void expectIntegrityFailure(const char* integrity, |
185 const char* script, | 185 const char* script, |
186 size_t size, | 186 size_t size, |
187 const KURL& url, | 187 const KURL& url, |
188 const KURL& requestorUrl, | 188 const KURL& requestorUrl, |
189 CorsStatus corsStatus = WithCors) { | 189 CorsStatus corsStatus = WithCors) { |
190 scriptElement->setAttribute(HTMLNames::integrityAttr, integrity); | 190 scriptElement->setAttribute(HTMLNames::integrityAttr, integrity); |
191 EXPECT_FALSE(SubresourceIntegrity::CheckSubresourceIntegrity( | 191 EXPECT_FALSE(SubresourceIntegrity::CheckSubresourceIntegrity( |
192 *scriptElement, script, size, url, | 192 String(integrity), scriptElement->document(), script, size, url, |
193 *createTestResource(url, requestorUrl, corsStatus))); | 193 *createTestResource(url, requestorUrl, corsStatus))); |
194 } | 194 } |
195 | 195 |
196 Resource* createTestResource(const KURL& url, | 196 Resource* createTestResource(const KURL& url, |
197 const KURL& allowOriginUrl, | 197 const KURL& allowOriginUrl, |
198 CorsStatus corsStatus) { | 198 CorsStatus corsStatus) { |
199 ResourceResponse response; | 199 ResourceResponse response; |
200 response.setURL(url); | 200 response.setURL(url); |
201 response.setHTTPStatusCode(200); | 201 response.setHTTPStatusCode(200); |
202 if (corsStatus == WithCors) { | 202 if (corsStatus == WithCors) { |
(...skipping 323 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
526 expectIntegrity(kBadSha256AndGoodSha384Integrities, kBasicScript, | 526 expectIntegrity(kBadSha256AndGoodSha384Integrities, kBasicScript, |
527 strlen(kBasicScript), secureURL, insecureURL); | 527 strlen(kBasicScript), secureURL, insecureURL); |
528 | 528 |
529 expectIntegrityFailure(kSha256Integrity, kBasicScript, strlen(kBasicScript), | 529 expectIntegrityFailure(kSha256Integrity, kBasicScript, strlen(kBasicScript), |
530 secureURL, insecureURL, NoCors); | 530 secureURL, insecureURL, NoCors); |
531 expectIntegrityFailure(kGoodSha256AndBadSha384Integrities, kBasicScript, | 531 expectIntegrityFailure(kGoodSha256AndBadSha384Integrities, kBasicScript, |
532 strlen(kBasicScript), secureURL, insecureURL); | 532 strlen(kBasicScript), secureURL, insecureURL); |
533 } | 533 } |
534 | 534 |
535 } // namespace blink | 535 } // namespace blink |
OLD | NEW |