Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(10)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/WebKit/Source/core/loader/BaseFetchContextTest.cpp

Issue 2823213002: Implement CanRequest in BaseFetchContext (Closed)
Patch Set: make it work with non-document Created 3 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « third_party/WebKit/Source/core/loader/BaseFetchContext.cpp ('k') | third_party/WebKit/Source/core/loader/FrameFetchContext.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (c) 2015, Google Inc. All rights reserved. 2 * Copyright (c) 2015, Google Inc. All rights reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions are 5 * modification, are permitted provided that the following conditions are
6 * met: 6 * met:
7 * 7 *
8 * * Redistributions of source code must retain the above copyright 8 * * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer. 9 * notice, this list of conditions and the following disclaimer.
10 * * Redistributions in binary form must reproduce the above 10 * * Redistributions in binary form must reproduce the above
(...skipping 19 matching lines...) Expand all
30 30
31 #include "core/loader/BaseFetchContext.h" 31 #include "core/loader/BaseFetchContext.h"
32 32
33 #include "core/testing/NullExecutionContext.h" 33 #include "core/testing/NullExecutionContext.h"
34 #include "platform/RuntimeEnabledFeatures.h" 34 #include "platform/RuntimeEnabledFeatures.h"
35 #include "testing/gmock/include/gmock/gmock.h" 35 #include "testing/gmock/include/gmock/gmock.h"
36 #include "testing/gtest/include/gtest/gtest.h" 36 #include "testing/gtest/include/gtest/gtest.h"
37 37
38 namespace blink { 38 namespace blink {
39 39
40 class MockBaseFetchContext final : public BaseFetchContext {
41 public:
42 explicit MockBaseFetchContext(ExecutionContext* execution_context)
43 : BaseFetchContext(execution_context) {}
44 ~MockBaseFetchContext() override {}
45
46 // BaseFetchContext overrides:
47 ContentSettingsClient* GetContentSettingsClient() const override {
48 return nullptr;
49 }
50 Settings* GetSettings() const override { return nullptr; }
51 SubresourceFilter* GetSubresourceFilter() const override { return nullptr; }
52 SecurityContext* GetMainResourceSecurityContext() const override {
53 return nullptr;
54 }
55 bool ShouldBlockRequestByInspector(const ResourceRequest&) const override {
56 return false;
57 }
58 void DispatchDidBlockRequest(const ResourceRequest&,
59 const FetchInitiatorInfo&,
60 ResourceRequestBlockedReason) const override {}
61 void ReportLocalLoadFailed(const KURL&) const override {}
62 bool ShouldBypassMainWorldCSP() const override { return false; }
63 bool IsSVGImageChromeClient() const override { return false; }
64 void CountUsage(UseCounter::Feature) const override {}
65 void CountDeprecation(UseCounter::Feature) const override {}
66 bool ShouldBlockFetchByMixedContentCheck(
67 const ResourceRequest&,
68 const KURL&,
69 SecurityViolationReportingPolicy) const override {
70 return false;
71 }
72 };
73
40 class BaseFetchContextTest : public ::testing::Test { 74 class BaseFetchContextTest : public ::testing::Test {
41 protected: 75 protected:
42 void SetUp() override { 76 void SetUp() override {
43 execution_context_ = new NullExecutionContext(); 77 execution_context_ = new NullExecutionContext();
44 fetch_context_ = new BaseFetchContext(execution_context_); 78 static_cast<NullExecutionContext*>(execution_context_.Get())
79 ->SetUpSecurityContext();
80 fetch_context_ = new MockBaseFetchContext(execution_context_);
45 } 81 }
46 82
47 Persistent<ExecutionContext> execution_context_; 83 Persistent<ExecutionContext> execution_context_;
48 Persistent<BaseFetchContext> fetch_context_; 84 Persistent<BaseFetchContext> fetch_context_;
49 }; 85 };
50 86
51 TEST_F(BaseFetchContextTest, SetIsExternalRequestForPublicContext) { 87 TEST_F(BaseFetchContextTest, SetIsExternalRequestForPublicContext) {
52 EXPECT_EQ(kWebAddressSpacePublic, 88 EXPECT_EQ(kWebAddressSpacePublic,
53 execution_context_->GetSecurityContext().AddressSpace()); 89 execution_context_->GetSecurityContext().AddressSpace());
54 90
(...skipping 121 matching lines...) Expand 10 before | Expand all | Expand 10 after
176 fetch_context_->AddAdditionalRequestHeaders(main_request, 212 fetch_context_->AddAdditionalRequestHeaders(main_request,
177 kFetchMainResource); 213 kFetchMainResource);
178 EXPECT_EQ(test.is_external_expectation, main_request.IsExternalRequest()); 214 EXPECT_EQ(test.is_external_expectation, main_request.IsExternalRequest());
179 215
180 ResourceRequest sub_request(test.url); 216 ResourceRequest sub_request(test.url);
181 fetch_context_->AddAdditionalRequestHeaders(sub_request, kFetchSubresource); 217 fetch_context_->AddAdditionalRequestHeaders(sub_request, kFetchSubresource);
182 EXPECT_EQ(test.is_external_expectation, sub_request.IsExternalRequest()); 218 EXPECT_EQ(test.is_external_expectation, sub_request.IsExternalRequest());
183 } 219 }
184 } 220 }
185 221
222 // Tests that CanFollowRedirect() checks both report-only and enforced CSP
223 // headers.
224 TEST_F(BaseFetchContextTest, RedirectChecksReportedAndEnforcedCSP) {
225 ContentSecurityPolicy* policy =
226 execution_context_->GetContentSecurityPolicy();
227 policy->DidReceiveHeader("script-src https://foo.test",
228 kContentSecurityPolicyHeaderTypeEnforce,
229 kContentSecurityPolicyHeaderSourceHTTP);
230 policy->DidReceiveHeader("script-src https://bar.test",
231 kContentSecurityPolicyHeaderTypeReport,
232 kContentSecurityPolicyHeaderSourceHTTP);
233 KURL url(KURL(), "http://baz.test");
234 ResourceRequest resource_request(url);
235 resource_request.SetRequestContext(WebURLRequest::kRequestContextScript);
236 EXPECT_EQ(
237 ResourceRequestBlockedReason::CSP,
238 fetch_context_->CanFollowRedirect(
239 Resource::kScript, resource_request, url, ResourceLoaderOptions(),
240 SecurityViolationReportingPolicy::kReport,
241 FetchParameters::kUseDefaultOriginRestrictionForType));
242 EXPECT_EQ(2u, policy->violation_reports_sent_.size());
243 }
244
245 // Tests that AllowResponse() checks both report-only and enforced CSP headers.
246 TEST_F(BaseFetchContextTest, AllowResponseChecksReportedAndEnforcedCSP) {
247 ContentSecurityPolicy* policy =
248 execution_context_->GetContentSecurityPolicy();
249 policy->DidReceiveHeader("script-src https://foo.test",
250 kContentSecurityPolicyHeaderTypeEnforce,
251 kContentSecurityPolicyHeaderSourceHTTP);
252 policy->DidReceiveHeader("script-src https://bar.test",
253 kContentSecurityPolicyHeaderTypeReport,
254 kContentSecurityPolicyHeaderSourceHTTP);
255 KURL url(KURL(), "http://baz.test");
256 ResourceRequest resource_request(url);
257 resource_request.SetRequestContext(WebURLRequest::kRequestContextScript);
258 EXPECT_EQ(ResourceRequestBlockedReason::CSP,
259 fetch_context_->AllowResponse(Resource::kScript, resource_request,
260 url, ResourceLoaderOptions()));
261 EXPECT_EQ(2u, policy->violation_reports_sent_.size());
262 }
263
186 } // namespace blink 264 } // namespace blink
OLDNEW
« no previous file with comments | « third_party/WebKit/Source/core/loader/BaseFetchContext.cpp ('k') | third_party/WebKit/Source/core/loader/FrameFetchContext.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698