Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(110)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/common/content_security_policy/csp_context_unittest.cc

Issue 2756913002: Revert of PlzNavigate: Enforce 'frame-src' CSP on the browser. (Closed)
Patch Set: Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « content/common/content_security_policy/csp_context.cc ('k') | content/common/content_security_policy/csp_disposition_enum.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/common/content_security_policy/csp_context_unittest.cc
diff --git a/content/common/content_security_policy/csp_context_unittest.cc b/content/common/content_security_policy/csp_context_unittest.cc
index 41bbca409532871832e6ab84c6de007cb687980d..dd508e00b53a6c52befd359112f74b18152e6ca1 100644
--- a/content/common/content_security_policy/csp_context_unittest.cc
+++ b/content/common/content_security_policy/csp_context_unittest.cc
@@ -45,18 +45,15 @@
} // namespace;
TEST(CSPContextTest, SchemeShouldBypassCSP) {
+ CSPContextTest context;
CSPSource source("", "example.com", false, url::PORT_UNSPECIFIED, false, "");
- CSPContextTest context;
- context.AddContentSecurityPolicy(
- BuildPolicy(CSPDirective::DefaultSrc, {source}));
-
- EXPECT_FALSE(context.IsAllowedByCsp(CSPDirective::FrameSrc,
- GURL("data:text/html,<html></html>")));
-
+ ContentSecurityPolicy policy =
+ BuildPolicy(CSPDirective::DefaultSrc, {source});
+ EXPECT_FALSE(context.Allow({policy}, CSPDirective::FrameSrc,
+ GURL("data:text/html,<html></html>")));
context.AddSchemeToBypassCSP("data");
-
- EXPECT_TRUE(context.IsAllowedByCsp(CSPDirective::FrameSrc,
- GURL("data:text/html,<html></html>")));
+ EXPECT_TRUE(context.Allow({policy}, CSPDirective::FrameSrc,
+ GURL("data:text/html,<html></html>")));
}
TEST(CSPContextTest, MultiplePolicies) {
@@ -67,19 +64,21 @@
CSPSource source_b("", "b.com", false, url::PORT_UNSPECIFIED, false, "");
CSPSource source_c("", "c.com", false, url::PORT_UNSPECIFIED, false, "");
- context.AddContentSecurityPolicy(
- BuildPolicy(CSPDirective::FrameSrc, {source_a, source_b}));
- context.AddContentSecurityPolicy(
- BuildPolicy(CSPDirective::FrameSrc, {source_a, source_c}));
+ ContentSecurityPolicy policy1 =
+ BuildPolicy(CSPDirective::FrameSrc, {source_a, source_b});
+ ContentSecurityPolicy policy2 =
+ BuildPolicy(CSPDirective::FrameSrc, {source_a, source_c});
+
+ std::vector<ContentSecurityPolicy> policies = {policy1, policy2};
EXPECT_TRUE(
- context.IsAllowedByCsp(CSPDirective::FrameSrc, GURL("http://a.com")));
+ context.Allow(policies, CSPDirective::FrameSrc, GURL("http://a.com")));
EXPECT_FALSE(
- context.IsAllowedByCsp(CSPDirective::FrameSrc, GURL("http://b.com")));
+ context.Allow(policies, CSPDirective::FrameSrc, GURL("http://b.com")));
EXPECT_FALSE(
- context.IsAllowedByCsp(CSPDirective::FrameSrc, GURL("http://c.com")));
+ context.Allow(policies, CSPDirective::FrameSrc, GURL("http://c.com")));
EXPECT_FALSE(
- context.IsAllowedByCsp(CSPDirective::FrameSrc, GURL("http://d.com")));
+ context.Allow(policies, CSPDirective::FrameSrc, GURL("http://d.com")));
}
} // namespace content
« no previous file with comments | « content/common/content_security_policy/csp_context.cc ('k') | content/common/content_security_policy/csp_disposition_enum.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698