Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(666)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/browser/loader/resource_dispatcher_host_unittest.cc

Issue 277903002: Sanitize referrers for programmatic downloads. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: CONTENT_EXPORT Created 6 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« content/browser/loader/resource_dispatcher_host_impl.cc ('K') | « content/browser/loader/resource_dispatcher_host_impl.cc ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/browser/loader/resource_dispatcher_host_unittest.cc
diff --git a/content/browser/loader/resource_dispatcher_host_unittest.cc b/content/browser/loader/resource_dispatcher_host_unittest.cc
index 08e5f4d17e040b7706ada50493dc550197b71656..2a1f12cd82322a9c92ec8c4b60ae6bda6c2461ec 100644
--- a/content/browser/loader/resource_dispatcher_host_unittest.cc
+++ b/content/browser/loader/resource_dispatcher_host_unittest.cc
@@ -2935,4 +2935,96 @@ TEST_F(ResourceDispatcherHostTest, DownloadToFile) {
filter_->child_id(), response_head.download_file_path));
}
+namespace {
+
+void MatchSanitizedReferrer(
+ const std::string& original_referrer_url,
+ blink::WebReferrerPolicy referrer_policy,
+ const std::string& request_url,
+ const std::string& expected_sanitized_referrer_url) {
+ Referrer sanitized_referrer = SanitizeReferrerForRequest(
+ GURL(request_url),
+ Referrer(GURL(original_referrer_url), referrer_policy));
+ EXPECT_EQ(GURL(expected_sanitized_referrer_url), sanitized_referrer.url);
+ EXPECT_EQ(referrer_policy, sanitized_referrer.policy);
+}
+
+}
+
+TEST(SanitizeReferrerForRequestTest, HttpReferrerHttpRequest) {
+ MatchSanitizedReferrer("http://user:pass@foo.example.com/path#frag",
+ blink::WebReferrerPolicyAlways,
+ "http://bar.example.com",
+ "http://foo.example.com/path");
+ MatchSanitizedReferrer("http://user:pass@foo.example.com/path#frag",
+ blink::WebReferrerPolicyDefault,
+ "http://bar.example.com",
+ "http://foo.example.com/path");
+ MatchSanitizedReferrer("http://user:pass@foo.example.com/path#frag",
+ blink::WebReferrerPolicyOrigin,
+ "http://bar.example.com",
+ "http://foo.example.com");
+ MatchSanitizedReferrer("http://user:pass@foo.example.com/path#frag",
+ blink::WebReferrerPolicyNever,
+ "http://bar.example.com",
+ "");
+}
+
+TEST(SanitizeReferrerForRequestTest, HttpReferrerHttpsRequest) {
+ MatchSanitizedReferrer("http://user:pass@foo.example.com/path#frag",
+ blink::WebReferrerPolicyAlways,
+ "https://bar.example.com",
+ "http://foo.example.com/path");
+ MatchSanitizedReferrer("http://user:pass@foo.example.com/path#frag",
+ blink::WebReferrerPolicyDefault,
+ "https://bar.example.com",
+ "http://foo.example.com/path");
+ MatchSanitizedReferrer("http://user:pass@foo.example.com/path#frag",
+ blink::WebReferrerPolicyOrigin,
+ "https://bar.example.com",
+ "http://foo.example.com");
+ MatchSanitizedReferrer("http://user:pass@foo.example.com/path#frag",
+ blink::WebReferrerPolicyNever,
+ "https://bar.example.com",
+ "");
+}
+
+TEST(SanitizeReferrerForRequestTest, HttpsReferrerHttpRequest) {
+ MatchSanitizedReferrer("https://user:pass@foo.example.com/path#frag",
+ blink::WebReferrerPolicyAlways,
+ "http://bar.example.com",
+ "https://foo.example.com/path");
+ MatchSanitizedReferrer("https://user:pass@foo.example.com/path#frag",
+ blink::WebReferrerPolicyDefault,
+ "http://bar.example.com",
+ "");
+ MatchSanitizedReferrer("https://user:pass@foo.example.com/path#frag",
+ blink::WebReferrerPolicyOrigin,
+ "http://bar.example.com",
+ "https://foo.example.com");
+ MatchSanitizedReferrer("https://user:pass@foo.example.com/path#frag",
+ blink::WebReferrerPolicyNever,
+ "http://bar.example.com",
+ "");
+}
+
+TEST(SanitizeReferrerForRequestTest, HttpsReferrerHttpsRequest) {
+ MatchSanitizedReferrer("https://user:pass@foo.example.com/path#frag",
+ blink::WebReferrerPolicyAlways,
+ "https://bar.example.com",
+ "https://foo.example.com/path");
+ MatchSanitizedReferrer("https://user:pass@foo.example.com/path#frag",
+ blink::WebReferrerPolicyDefault,
+ "https://bar.example.com",
+ "https://foo.example.com/path");
+ MatchSanitizedReferrer("https://user:pass@foo.example.com/path#frag",
+ blink::WebReferrerPolicyOrigin,
+ "https://bar.example.com",
+ "https://foo.example.com");
+ MatchSanitizedReferrer("https://user:pass@foo.example.com/path#frag",
+ blink::WebReferrerPolicyNever,
+ "https://bar.example.com",
+ "");
+}
+
} // namespace content
« content/browser/loader/resource_dispatcher_host_impl.cc ('K') | « content/browser/loader/resource_dispatcher_host_impl.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698