OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <memory> | 5 #include <memory> |
6 #include <utility> | 6 #include <utility> |
7 | 7 |
8 #include "base/memory/ptr_util.h" | 8 #include "base/memory/ptr_util.h" |
9 #include "base/run_loop.h" | 9 #include "base/run_loop.h" |
10 #include "build/build_config.h" | 10 #include "build/build_config.h" |
(...skipping 817 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
828 } | 828 } |
829 | 829 |
830 protected: | 830 protected: |
831 TestNetLog net_log_; | 831 TestNetLog net_log_; |
832 TestNetworkDelegate default_network_delegate_; // Must outlive URLRequest. | 832 TestNetworkDelegate default_network_delegate_; // Must outlive URLRequest. |
833 URLRequestJobFactoryImpl* job_factory_impl_; | 833 URLRequestJobFactoryImpl* job_factory_impl_; |
834 std::unique_ptr<URLRequestJobFactory> job_factory_; | 834 std::unique_ptr<URLRequestJobFactory> job_factory_; |
835 TestURLRequestContext default_context_; | 835 TestURLRequestContext default_context_; |
836 }; | 836 }; |
837 | 837 |
| 838 // This NetworkDelegate is picky about what files are accessible. Only |
| 839 // whitelisted files are allowed. |
| 840 class CookieBlockingNetworkDelegate : public TestNetworkDelegate { |
| 841 public: |
| 842 CookieBlockingNetworkDelegate(){}; |
| 843 |
| 844 // Adds |directory| to the access white list. |
| 845 void AddToWhitelist(const base::FilePath& directory) { |
| 846 whitelist_.insert(directory); |
| 847 } |
| 848 |
| 849 private: |
| 850 // Returns true if |path| matches the white list. |
| 851 bool OnCanAccessFileInternal(const base::FilePath& path) const { |
| 852 for (const auto& directory : whitelist_) { |
| 853 if (directory == path || directory.IsParent(path)) |
| 854 return true; |
| 855 } |
| 856 return false; |
| 857 } |
| 858 |
| 859 // Returns true only if both |original_path| and |absolute_path| match the |
| 860 // white list. |
| 861 bool OnCanAccessFile(const URLRequest& request, |
| 862 const base::FilePath& original_path, |
| 863 const base::FilePath& absolute_path) const override { |
| 864 return (OnCanAccessFileInternal(original_path) && |
| 865 OnCanAccessFileInternal(absolute_path)); |
| 866 } |
| 867 |
| 868 std::set<base::FilePath> whitelist_; |
| 869 |
| 870 DISALLOW_COPY_AND_ASSIGN(CookieBlockingNetworkDelegate); |
| 871 }; |
| 872 |
838 TEST_F(URLRequestTest, AboutBlankTest) { | 873 TEST_F(URLRequestTest, AboutBlankTest) { |
839 TestDelegate d; | 874 TestDelegate d; |
840 { | 875 { |
841 std::unique_ptr<URLRequest> r( | 876 std::unique_ptr<URLRequest> r( |
842 default_context_.CreateRequest(GURL("about:blank"), DEFAULT_PRIORITY, | 877 default_context_.CreateRequest(GURL("about:blank"), DEFAULT_PRIORITY, |
843 &d, TRAFFIC_ANNOTATION_FOR_TESTS)); | 878 &d, TRAFFIC_ANNOTATION_FOR_TESTS)); |
844 | 879 |
845 r->Start(); | 880 r->Start(); |
846 EXPECT_TRUE(r->is_pending()); | 881 EXPECT_TRUE(r->is_pending()); |
847 | 882 |
(...skipping 228 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1076 base::RunLoop().Run(); | 1111 base::RunLoop().Run(); |
1077 EXPECT_TRUE(d.request_failed()); | 1112 EXPECT_TRUE(d.request_failed()); |
1078 } | 1113 } |
1079 | 1114 |
1080 EXPECT_TRUE(base::DeleteFile(temp_path, false)); | 1115 EXPECT_TRUE(base::DeleteFile(temp_path, false)); |
1081 } | 1116 } |
1082 | 1117 |
1083 TEST_F(URLRequestTest, AllowFileURLs) { | 1118 TEST_F(URLRequestTest, AllowFileURLs) { |
1084 base::ScopedTempDir temp_dir; | 1119 base::ScopedTempDir temp_dir; |
1085 ASSERT_TRUE(temp_dir.CreateUniqueTempDir()); | 1120 ASSERT_TRUE(temp_dir.CreateUniqueTempDir()); |
| 1121 // Get an absolute path since |temp_dir| can contain a symbolic link. As of |
| 1122 // now, Mac and Android bots return a path with a symbolic link. |
| 1123 base::FilePath absolute_temp_dir = |
| 1124 base::MakeAbsoluteFilePath(temp_dir.GetPath()); |
| 1125 |
1086 base::FilePath test_file; | 1126 base::FilePath test_file; |
1087 ASSERT_TRUE(base::CreateTemporaryFileInDir(temp_dir.GetPath(), &test_file)); | 1127 ASSERT_TRUE(base::CreateTemporaryFileInDir(absolute_temp_dir, &test_file)); |
| 1128 // The directory part of the path returned from CreateTemporaryFileInDir() |
| 1129 // can be slightly different from |absolute_temp_dir| on Windows. |
| 1130 // Example: C:\\Users\\CHROME~2 -> C:\\Users\\chrome-bot |
| 1131 // Hence the test should use the directory name of |test_file|, rather than |
| 1132 // |absolute_temp_dir|, for whitelisting. |
| 1133 base::FilePath real_temp_dir = test_file.DirName(); |
1088 std::string test_data("monkey"); | 1134 std::string test_data("monkey"); |
1089 base::WriteFile(test_file, test_data.data(), test_data.size()); | 1135 base::WriteFile(test_file, test_data.data(), test_data.size()); |
1090 GURL test_file_url = FilePathToFileURL(test_file); | 1136 GURL test_file_url = FilePathToFileURL(test_file); |
1091 | |
1092 { | 1137 { |
1093 TestDelegate d; | 1138 TestDelegate d; |
1094 TestNetworkDelegate network_delegate; | 1139 CookieBlockingNetworkDelegate network_delegate; |
1095 network_delegate.set_can_access_files(true); | 1140 network_delegate.AddToWhitelist(real_temp_dir); |
1096 default_context_.set_network_delegate(&network_delegate); | 1141 default_context_.set_network_delegate(&network_delegate); |
1097 std::unique_ptr<URLRequest> r(default_context_.CreateRequest( | 1142 std::unique_ptr<URLRequest> r(default_context_.CreateRequest( |
1098 test_file_url, DEFAULT_PRIORITY, &d, TRAFFIC_ANNOTATION_FOR_TESTS)); | 1143 test_file_url, DEFAULT_PRIORITY, &d, TRAFFIC_ANNOTATION_FOR_TESTS)); |
1099 r->Start(); | 1144 r->Start(); |
1100 base::RunLoop().Run(); | 1145 base::RunLoop().Run(); |
| 1146 // This should be allowed as the file path is whitelisted. |
1101 EXPECT_FALSE(d.request_failed()); | 1147 EXPECT_FALSE(d.request_failed()); |
1102 EXPECT_EQ(test_data, d.data_received()); | 1148 EXPECT_EQ(test_data, d.data_received()); |
1103 } | 1149 } |
1104 | 1150 |
1105 { | 1151 { |
1106 TestDelegate d; | 1152 TestDelegate d; |
1107 TestNetworkDelegate network_delegate; | 1153 CookieBlockingNetworkDelegate network_delegate; |
1108 network_delegate.set_can_access_files(false); | |
1109 default_context_.set_network_delegate(&network_delegate); | 1154 default_context_.set_network_delegate(&network_delegate); |
1110 std::unique_ptr<URLRequest> r(default_context_.CreateRequest( | 1155 std::unique_ptr<URLRequest> r(default_context_.CreateRequest( |
1111 test_file_url, DEFAULT_PRIORITY, &d, TRAFFIC_ANNOTATION_FOR_TESTS)); | 1156 test_file_url, DEFAULT_PRIORITY, &d, TRAFFIC_ANNOTATION_FOR_TESTS)); |
1112 r->Start(); | 1157 r->Start(); |
1113 base::RunLoop().Run(); | 1158 base::RunLoop().Run(); |
| 1159 // This should be rejected as the file path is not whitelisted. |
1114 EXPECT_TRUE(d.request_failed()); | 1160 EXPECT_TRUE(d.request_failed()); |
1115 EXPECT_EQ("", d.data_received()); | 1161 EXPECT_EQ("", d.data_received()); |
| 1162 EXPECT_EQ(ERR_ACCESS_DENIED, d.request_status()); |
1116 } | 1163 } |
1117 } | 1164 } |
1118 | 1165 |
| 1166 #if defined(OS_POSIX) // Bacause of symbolic links. |
| 1167 |
| 1168 TEST_F(URLRequestTest, SymlinksToFiles) { |
| 1169 base::ScopedTempDir temp_dir; |
| 1170 ASSERT_TRUE(temp_dir.CreateUniqueTempDir()); |
| 1171 // Get an absolute path since temp_dir can contain a symbolic link. |
| 1172 base::FilePath absolute_temp_dir = |
| 1173 base::MakeAbsoluteFilePath(temp_dir.GetPath()); |
| 1174 |
| 1175 // Create a good directory (will be whitelisted) and a good file. |
| 1176 base::FilePath good_dir = absolute_temp_dir.AppendASCII("good"); |
| 1177 ASSERT_TRUE(base::CreateDirectory(good_dir)); |
| 1178 base::FilePath good_file; |
| 1179 ASSERT_TRUE(base::CreateTemporaryFileInDir(good_dir, &good_file)); |
| 1180 std::string good_data("good"); |
| 1181 base::WriteFile(good_file, good_data.data(), good_data.size()); |
| 1182 // See the comment in AllowFileURLs() for why this is done. |
| 1183 base::FilePath real_good_dir = good_file.DirName(); |
| 1184 |
| 1185 // Create a bad directory (will not be whitelisted) and a bad file. |
| 1186 base::FilePath bad_dir = absolute_temp_dir.AppendASCII("bad"); |
| 1187 ASSERT_TRUE(base::CreateDirectory(bad_dir)); |
| 1188 base::FilePath bad_file; |
| 1189 ASSERT_TRUE(base::CreateTemporaryFileInDir(bad_dir, &bad_file)); |
| 1190 std::string bad_data("bad"); |
| 1191 base::WriteFile(bad_file, bad_data.data(), bad_data.size()); |
| 1192 |
| 1193 // This symlink will point to the good file. Access to the symlink will be |
| 1194 // allowed as both the symlink and the destination file are in the same |
| 1195 // good directory. |
| 1196 base::FilePath good_symlink = good_dir.AppendASCII("good_symlink"); |
| 1197 ASSERT_TRUE(base::CreateSymbolicLink(good_file, good_symlink)); |
| 1198 GURL good_file_url = FilePathToFileURL(good_symlink); |
| 1199 // This symlink will point to the bad file. Even though the symlink is in |
| 1200 // the good directory, access to the symlink will be rejected since it |
| 1201 // points to the bad file. |
| 1202 base::FilePath bad_symlink = good_dir.AppendASCII("bad_symlink"); |
| 1203 ASSERT_TRUE(base::CreateSymbolicLink(bad_file, bad_symlink)); |
| 1204 GURL bad_file_url = FilePathToFileURL(bad_symlink); |
| 1205 |
| 1206 CookieBlockingNetworkDelegate network_delegate; |
| 1207 network_delegate.AddToWhitelist(real_good_dir); |
| 1208 { |
| 1209 TestDelegate d; |
| 1210 default_context_.set_network_delegate(&network_delegate); |
| 1211 std::unique_ptr<URLRequest> r( |
| 1212 default_context_.CreateRequest(good_file_url, DEFAULT_PRIORITY, &d)); |
| 1213 r->Start(); |
| 1214 base::RunLoop().Run(); |
| 1215 // good_file_url should be allowed. |
| 1216 EXPECT_FALSE(d.request_failed()); |
| 1217 EXPECT_EQ(good_data, d.data_received()); |
| 1218 } |
| 1219 |
| 1220 { |
| 1221 TestDelegate d; |
| 1222 default_context_.set_network_delegate(&network_delegate); |
| 1223 std::unique_ptr<URLRequest> r( |
| 1224 default_context_.CreateRequest(bad_file_url, DEFAULT_PRIORITY, &d)); |
| 1225 r->Start(); |
| 1226 base::RunLoop().Run(); |
| 1227 // bad_file_url should be rejected. |
| 1228 EXPECT_TRUE(d.request_failed()); |
| 1229 EXPECT_EQ("", d.data_received()); |
| 1230 EXPECT_EQ(ERR_ACCESS_DENIED, d.request_status()); |
| 1231 } |
| 1232 } |
| 1233 |
| 1234 TEST_F(URLRequestTest, SymlinksToDirs) { |
| 1235 base::ScopedTempDir temp_dir; |
| 1236 ASSERT_TRUE(temp_dir.CreateUniqueTempDir()); |
| 1237 // Get an absolute path since temp_dir can contain a symbolic link. |
| 1238 base::FilePath absolute_temp_dir = |
| 1239 base::MakeAbsoluteFilePath(temp_dir.GetPath()); |
| 1240 |
| 1241 // Create a good directory (will be whitelisted). |
| 1242 base::FilePath good_dir = absolute_temp_dir.AppendASCII("good"); |
| 1243 ASSERT_TRUE(base::CreateDirectory(good_dir)); |
| 1244 |
| 1245 // Create a bad directory (will not be whitelisted). |
| 1246 base::FilePath bad_dir = absolute_temp_dir.AppendASCII("bad"); |
| 1247 ASSERT_TRUE(base::CreateDirectory(bad_dir)); |
| 1248 |
| 1249 // This symlink will point to the good directory. Access to the symlink |
| 1250 // will be allowed as the symlink is in the good dir that'll be white |
| 1251 // listed. |
| 1252 base::FilePath good_symlink = good_dir.AppendASCII("good_symlink"); |
| 1253 ASSERT_TRUE(base::CreateSymbolicLink(good_dir, good_symlink)); |
| 1254 GURL good_file_url = FilePathToFileURL(good_symlink); |
| 1255 // This symlink will point to the bad directory. Even though the symlink is |
| 1256 // in the good directory, access to the symlink will be rejected since it |
| 1257 // points to the bad directory. |
| 1258 base::FilePath bad_symlink = good_dir.AppendASCII("bad_symlink"); |
| 1259 ASSERT_TRUE(base::CreateSymbolicLink(bad_dir, bad_symlink)); |
| 1260 GURL bad_file_url = FilePathToFileURL(bad_symlink); |
| 1261 |
| 1262 CookieBlockingNetworkDelegate network_delegate; |
| 1263 network_delegate.AddToWhitelist(good_dir); |
| 1264 { |
| 1265 TestDelegate d; |
| 1266 default_context_.set_network_delegate(&network_delegate); |
| 1267 std::unique_ptr<URLRequest> r( |
| 1268 default_context_.CreateRequest(good_file_url, DEFAULT_PRIORITY, &d)); |
| 1269 r->Start(); |
| 1270 base::RunLoop().Run(); |
| 1271 // good_file_url should be allowed. |
| 1272 EXPECT_FALSE(d.request_failed()); |
| 1273 ASSERT_NE(d.data_received().find("good_symlink"), std::string::npos); |
| 1274 } |
| 1275 |
| 1276 { |
| 1277 TestDelegate d; |
| 1278 default_context_.set_network_delegate(&network_delegate); |
| 1279 std::unique_ptr<URLRequest> r( |
| 1280 default_context_.CreateRequest(bad_file_url, DEFAULT_PRIORITY, &d)); |
| 1281 r->Start(); |
| 1282 base::RunLoop().Run(); |
| 1283 // bad_file_url should be rejected. |
| 1284 EXPECT_TRUE(d.request_failed()); |
| 1285 EXPECT_EQ("", d.data_received()); |
| 1286 EXPECT_EQ(ERR_ACCESS_DENIED, d.request_status()); |
| 1287 } |
| 1288 } |
| 1289 |
| 1290 #endif // defined(OS_POSIX) |
1119 | 1291 |
1120 TEST_F(URLRequestTest, FileDirCancelTest) { | 1292 TEST_F(URLRequestTest, FileDirCancelTest) { |
1121 // Put in mock resource provider. | 1293 // Put in mock resource provider. |
1122 NetModule::SetResourceProvider(TestNetResourceProvider); | 1294 NetModule::SetResourceProvider(TestNetResourceProvider); |
1123 | 1295 |
1124 TestDelegate d; | 1296 TestDelegate d; |
1125 { | 1297 { |
1126 base::FilePath file_path; | 1298 base::FilePath file_path; |
1127 PathService::Get(base::DIR_SOURCE_ROOT, &file_path); | 1299 PathService::Get(base::DIR_SOURCE_ROOT, &file_path); |
1128 file_path = file_path.Append(FILE_PATH_LITERAL("net")); | 1300 file_path = file_path.Append(FILE_PATH_LITERAL("net")); |
(...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1160 req->Start(); | 1332 req->Start(); |
1161 base::RunLoop().Run(); | 1333 base::RunLoop().Run(); |
1162 | 1334 |
1163 // Generate entry for the sentinel file. | 1335 // Generate entry for the sentinel file. |
1164 base::FilePath sentinel_path = path.AppendASCII(sentinel_name); | 1336 base::FilePath sentinel_path = path.AppendASCII(sentinel_name); |
1165 base::File::Info info; | 1337 base::File::Info info; |
1166 EXPECT_TRUE(base::GetFileInfo(sentinel_path, &info)); | 1338 EXPECT_TRUE(base::GetFileInfo(sentinel_path, &info)); |
1167 EXPECT_GT(info.size, 0); | 1339 EXPECT_GT(info.size, 0); |
1168 std::string sentinel_output = GetDirectoryListingEntry( | 1340 std::string sentinel_output = GetDirectoryListingEntry( |
1169 base::string16(sentinel_name, sentinel_name + strlen(sentinel_name)), | 1341 base::string16(sentinel_name, sentinel_name + strlen(sentinel_name)), |
1170 std::string(sentinel_name), | 1342 std::string(sentinel_name), false /* is_dir */, info.size, |
1171 false /* is_dir */, | 1343 |
1172 info.size, | |
1173 info.last_modified); | 1344 info.last_modified); |
1174 | 1345 |
1175 ASSERT_LT(0, d.bytes_received()); | 1346 ASSERT_LT(0, d.bytes_received()); |
1176 ASSERT_FALSE(d.request_failed()); | 1347 ASSERT_FALSE(d.request_failed()); |
1177 EXPECT_EQ(OK, d.request_status()); | 1348 EXPECT_EQ(OK, d.request_status()); |
1178 // Check for the entry generated for the "sentinel" file. | 1349 // Check for the entry generated for the "sentinel" file. |
1179 const std::string& data = d.data_received(); | 1350 const std::string& data = d.data_received(); |
1180 ASSERT_NE(data.find(sentinel_output), std::string::npos); | 1351 ASSERT_NE(data.find(sentinel_output), std::string::npos); |
1181 } | 1352 } |
1182 | 1353 |
(...skipping 9876 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
11059 AddTestInterceptor()->set_main_intercept_job(std::move(job)); | 11230 AddTestInterceptor()->set_main_intercept_job(std::move(job)); |
11060 | 11231 |
11061 req->Start(); | 11232 req->Start(); |
11062 req->Cancel(); | 11233 req->Cancel(); |
11063 base::RunLoop().RunUntilIdle(); | 11234 base::RunLoop().RunUntilIdle(); |
11064 EXPECT_EQ(ERR_ABORTED, d.request_status()); | 11235 EXPECT_EQ(ERR_ABORTED, d.request_status()); |
11065 EXPECT_EQ(0, d.received_redirect_count()); | 11236 EXPECT_EQ(0, d.received_redirect_count()); |
11066 } | 11237 } |
11067 | 11238 |
11068 } // namespace net | 11239 } // namespace net |
OLD | NEW |