OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/cookies/canonical_cookie.h" | 5 #include "net/cookies/canonical_cookie.h" |
6 | 6 |
7 #include <memory> | 7 #include <memory> |
8 | 8 |
9 #include "base/memory/ptr_util.h" | 9 #include "base/memory/ptr_util.h" |
10 #include "base/test/histogram_tester.h" | 10 #include "base/test/histogram_tester.h" |
(...skipping 26 matching lines...) Expand all Loading... |
37 COOKIE_PRIORITY_DEFAULT)); | 37 COOKIE_PRIORITY_DEFAULT)); |
38 EXPECT_EQ("A", cookie2->Name()); | 38 EXPECT_EQ("A", cookie2->Name()); |
39 EXPECT_EQ("2", cookie2->Value()); | 39 EXPECT_EQ("2", cookie2->Value()); |
40 EXPECT_EQ(".www.example.com", cookie2->Domain()); | 40 EXPECT_EQ(".www.example.com", cookie2->Domain()); |
41 EXPECT_EQ("/", cookie2->Path()); | 41 EXPECT_EQ("/", cookie2->Path()); |
42 EXPECT_FALSE(cookie2->IsSecure()); | 42 EXPECT_FALSE(cookie2->IsSecure()); |
43 EXPECT_FALSE(cookie2->IsHttpOnly()); | 43 EXPECT_FALSE(cookie2->IsHttpOnly()); |
44 EXPECT_EQ(CookieSameSite::NO_RESTRICTION, cookie2->SameSite()); | 44 EXPECT_EQ(CookieSameSite::NO_RESTRICTION, cookie2->SameSite()); |
45 } | 45 } |
46 | 46 |
| 47 TEST(CanonicalCookie, SpaceInName) { |
| 48 GURL url("http://www.example.com/test/foo.html"); |
| 49 base::Time creation_time = base::Time::Now(); |
| 50 CookieOptions options; |
| 51 std::unique_ptr<CanonicalCookie> cookie( |
| 52 CanonicalCookie::Create(url, "A C=2", creation_time, options)); |
| 53 EXPECT_TRUE(cookie.get()); |
| 54 EXPECT_EQ("A C", cookie->Name()); |
| 55 } |
| 56 |
47 TEST(CanonicalCookieTest, Create) { | 57 TEST(CanonicalCookieTest, Create) { |
48 // Test creating cookies from a cookie string. | 58 // Test creating cookies from a cookie string. |
49 GURL url("http://www.example.com/test/foo.html"); | 59 GURL url("http://www.example.com/test/foo.html"); |
50 base::Time creation_time = base::Time::Now(); | 60 base::Time creation_time = base::Time::Now(); |
51 CookieOptions options; | 61 CookieOptions options; |
52 | 62 |
53 std::unique_ptr<CanonicalCookie> cookie( | 63 std::unique_ptr<CanonicalCookie> cookie( |
54 CanonicalCookie::Create(url, "A=2", creation_time, options)); | 64 CanonicalCookie::Create(url, "A=2", creation_time, options)); |
55 EXPECT_EQ("A", cookie->Name()); | 65 EXPECT_EQ("A", cookie->Name()); |
56 EXPECT_EQ("2", cookie->Value()); | 66 EXPECT_EQ("2", cookie->Value()); |
(...skipping 532 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
589 CanonicalCookie::Create(https_url, "a=b", creation_time, options)); | 599 CanonicalCookie::Create(https_url, "a=b", creation_time, options)); |
590 std::unique_ptr<CanonicalCookie> https_cookie_secure(CanonicalCookie::Create( | 600 std::unique_ptr<CanonicalCookie> https_cookie_secure(CanonicalCookie::Create( |
591 https_url, "a=b; Secure", creation_time, options)); | 601 https_url, "a=b; Secure", creation_time, options)); |
592 | 602 |
593 EXPECT_TRUE(http_cookie_no_secure.get()); | 603 EXPECT_TRUE(http_cookie_no_secure.get()); |
594 EXPECT_FALSE(http_cookie_secure.get()); | 604 EXPECT_FALSE(http_cookie_secure.get()); |
595 EXPECT_TRUE(https_cookie_no_secure.get()); | 605 EXPECT_TRUE(https_cookie_no_secure.get()); |
596 EXPECT_TRUE(https_cookie_secure.get()); | 606 EXPECT_TRUE(https_cookie_secure.get()); |
597 } | 607 } |
598 | 608 |
| 609 TEST(CanonicalCookieTest, IsCanonical) { |
| 610 // Base correct template. |
| 611 EXPECT_TRUE(CanonicalCookie("A", "B", "x.y", "/path", base::Time(), |
| 612 base::Time(), base::Time(), false, false, |
| 613 CookieSameSite::NO_RESTRICTION, |
| 614 COOKIE_PRIORITY_LOW) |
| 615 .IsCanonical()); |
| 616 |
| 617 // Newline in name. |
| 618 EXPECT_FALSE(CanonicalCookie("A\n", "B", "x.y", "/path", base::Time(), |
| 619 base::Time(), base::Time(), false, false, |
| 620 CookieSameSite::NO_RESTRICTION, |
| 621 COOKIE_PRIORITY_LOW) |
| 622 .IsCanonical()); |
| 623 |
| 624 // Carriage return in name. |
| 625 EXPECT_FALSE(CanonicalCookie("A\r", "B", "x.y", "/path", base::Time(), |
| 626 base::Time(), base::Time(), false, false, |
| 627 CookieSameSite::NO_RESTRICTION, |
| 628 COOKIE_PRIORITY_LOW) |
| 629 .IsCanonical()); |
| 630 |
| 631 // Null character in name. |
| 632 EXPECT_FALSE(CanonicalCookie(std::string("A\0Z", 3), "B", "x.y", "/path", |
| 633 base::Time(), base::Time(), base::Time(), false, |
| 634 false, CookieSameSite::NO_RESTRICTION, |
| 635 COOKIE_PRIORITY_LOW) |
| 636 .IsCanonical()); |
| 637 |
| 638 // Name begins with whitespace. |
| 639 EXPECT_FALSE(CanonicalCookie(" A", "B", "x.y", "/path", base::Time(), |
| 640 base::Time(), base::Time(), false, false, |
| 641 CookieSameSite::NO_RESTRICTION, |
| 642 COOKIE_PRIORITY_LOW) |
| 643 .IsCanonical()); |
| 644 |
| 645 // Name ends with whitespace. |
| 646 EXPECT_FALSE(CanonicalCookie("A ", "B", "x.y", "/path", base::Time(), |
| 647 base::Time(), base::Time(), false, false, |
| 648 CookieSameSite::NO_RESTRICTION, |
| 649 COOKIE_PRIORITY_LOW) |
| 650 .IsCanonical()); |
| 651 |
| 652 // Empty name. (Note this is against the spec but compatible with other |
| 653 // browsers.) |
| 654 EXPECT_TRUE(CanonicalCookie("", "B", "x.y", "/path", base::Time(), |
| 655 base::Time(), base::Time(), false, false, |
| 656 CookieSameSite::NO_RESTRICTION, |
| 657 COOKIE_PRIORITY_LOW) |
| 658 .IsCanonical()); |
| 659 |
| 660 // Space in name |
| 661 EXPECT_TRUE(CanonicalCookie("A C", "B", "x.y", "/path", base::Time(), |
| 662 base::Time(), base::Time(), false, false, |
| 663 CookieSameSite::NO_RESTRICTION, |
| 664 COOKIE_PRIORITY_LOW) |
| 665 .IsCanonical()); |
| 666 |
| 667 // Extra space suffixing name. |
| 668 EXPECT_FALSE(CanonicalCookie("A ", "B", "x.y", "/path", base::Time(), |
| 669 base::Time(), base::Time(), false, false, |
| 670 CookieSameSite::NO_RESTRICTION, |
| 671 COOKIE_PRIORITY_LOW) |
| 672 .IsCanonical()); |
| 673 |
| 674 // '=' character in name. |
| 675 EXPECT_FALSE(CanonicalCookie("A=", "B", "x.y", "/path", base::Time(), |
| 676 base::Time(), base::Time(), false, false, |
| 677 CookieSameSite::NO_RESTRICTION, |
| 678 COOKIE_PRIORITY_LOW) |
| 679 .IsCanonical()); |
| 680 |
| 681 // Separator in name. |
| 682 EXPECT_FALSE(CanonicalCookie("A;", "B", "x.y", "/path", base::Time(), |
| 683 base::Time(), base::Time(), false, false, |
| 684 CookieSameSite::NO_RESTRICTION, |
| 685 COOKIE_PRIORITY_LOW) |
| 686 .IsCanonical()); |
| 687 |
| 688 // '=' character in value. |
| 689 EXPECT_TRUE(CanonicalCookie("A", "B=", "x.y", "/path", base::Time(), |
| 690 base::Time(), base::Time(), false, false, |
| 691 CookieSameSite::NO_RESTRICTION, |
| 692 COOKIE_PRIORITY_LOW) |
| 693 .IsCanonical()); |
| 694 |
| 695 // Separator in value. |
| 696 EXPECT_FALSE(CanonicalCookie("A", "B;", "x.y", "/path", base::Time(), |
| 697 base::Time(), base::Time(), false, false, |
| 698 CookieSameSite::NO_RESTRICTION, |
| 699 COOKIE_PRIORITY_LOW) |
| 700 .IsCanonical()); |
| 701 |
| 702 // Separator in domain. |
| 703 EXPECT_FALSE(CanonicalCookie("A", "B", ";x.y", "/path", base::Time(), |
| 704 base::Time(), base::Time(), false, false, |
| 705 CookieSameSite::NO_RESTRICTION, |
| 706 COOKIE_PRIORITY_LOW) |
| 707 .IsCanonical()); |
| 708 |
| 709 // Garbage in domain. |
| 710 EXPECT_FALSE(CanonicalCookie("A", "B", "@:&", "/path", base::Time(), |
| 711 base::Time(), base::Time(), false, false, |
| 712 CookieSameSite::NO_RESTRICTION, |
| 713 COOKIE_PRIORITY_LOW) |
| 714 .IsCanonical()); |
| 715 |
| 716 // Space in domain. |
| 717 EXPECT_FALSE(CanonicalCookie("A", "B", "x.y ", "/path", base::Time(), |
| 718 base::Time(), base::Time(), false, false, |
| 719 CookieSameSite::NO_RESTRICTION, |
| 720 COOKIE_PRIORITY_LOW) |
| 721 .IsCanonical()); |
| 722 |
| 723 // Empty domain. (This is against cookie spec, but needed for Chrome's |
| 724 // out-of-spec use of cookies for extensions; see http://crbug.com/730633. |
| 725 EXPECT_TRUE(CanonicalCookie("A", "B", "", "/path", base::Time(), base::Time(), |
| 726 base::Time(), false, false, |
| 727 CookieSameSite::NO_RESTRICTION, |
| 728 COOKIE_PRIORITY_LOW) |
| 729 .IsCanonical()); |
| 730 |
| 731 // Path does not start with a "/". |
| 732 EXPECT_FALSE(CanonicalCookie("A", "B", "x.y", "path", base::Time(), |
| 733 base::Time(), base::Time(), false, false, |
| 734 CookieSameSite::NO_RESTRICTION, |
| 735 COOKIE_PRIORITY_LOW) |
| 736 .IsCanonical()); |
| 737 |
| 738 // Empty path. |
| 739 EXPECT_FALSE(CanonicalCookie("A", "B", "x.y", "", base::Time(), base::Time(), |
| 740 base::Time(), false, false, |
| 741 CookieSameSite::NO_RESTRICTION, |
| 742 COOKIE_PRIORITY_LOW) |
| 743 .IsCanonical()); |
| 744 |
| 745 // Path suffixed with a space. |
| 746 EXPECT_FALSE(CanonicalCookie("A", "B", "x.y", "/path ", base::Time(), |
| 747 base::Time(), base::Time(), false, false, |
| 748 CookieSameSite::NO_RESTRICTION, |
| 749 COOKIE_PRIORITY_LOW) |
| 750 .IsCanonical()); |
| 751 |
| 752 // Path suffixed with separator. |
| 753 EXPECT_FALSE(CanonicalCookie("A", "B", "x.y", "/path;", base::Time(), |
| 754 base::Time(), base::Time(), false, false, |
| 755 CookieSameSite::NO_RESTRICTION, |
| 756 COOKIE_PRIORITY_LOW) |
| 757 .IsCanonical()); |
| 758 |
| 759 // Simple IPv4 address as domain. |
| 760 EXPECT_TRUE(CanonicalCookie("A", "B", "1.2.3.4", "/path", base::Time(), |
| 761 base::Time(), base::Time(), false, false, |
| 762 CookieSameSite::NO_RESTRICTION, |
| 763 COOKIE_PRIORITY_LOW) |
| 764 .IsCanonical()); |
| 765 |
| 766 // NOn-canonical IPv4 address as domain. |
| 767 EXPECT_FALSE(CanonicalCookie("A", "B", "01.2.03.4", "/path", base::Time(), |
| 768 base::Time(), base::Time(), false, false, |
| 769 CookieSameSite::NO_RESTRICTION, |
| 770 COOKIE_PRIORITY_LOW) |
| 771 .IsCanonical()); |
| 772 |
| 773 // Null IPv6 address as domain. |
| 774 EXPECT_TRUE(CanonicalCookie("A", "B", "[::]", "/path", base::Time(), |
| 775 base::Time(), base::Time(), false, false, |
| 776 CookieSameSite::NO_RESTRICTION, |
| 777 COOKIE_PRIORITY_LOW) |
| 778 .IsCanonical()); |
| 779 |
| 780 // Localhost IPv6 address as domain. |
| 781 EXPECT_TRUE(CanonicalCookie("A", "B", "[::1]", "/path", base::Time(), |
| 782 base::Time(), base::Time(), false, false, |
| 783 CookieSameSite::NO_RESTRICTION, |
| 784 COOKIE_PRIORITY_LOW) |
| 785 .IsCanonical()); |
| 786 |
| 787 // Fully speced IPv6 address as domain. |
| 788 EXPECT_FALSE(CanonicalCookie( |
| 789 "A", "B", "[2001:0DB8:AC10:FE01:0000:0000:0000:0000]", |
| 790 "/path", base::Time(), base::Time(), base::Time(), false, |
| 791 false, CookieSameSite::NO_RESTRICTION, COOKIE_PRIORITY_LOW) |
| 792 .IsCanonical()); |
| 793 |
| 794 // Zero abbreviated IPv6 address as domain. Not canonical because of leading |
| 795 // zeros & uppercase hex letters. |
| 796 EXPECT_FALSE(CanonicalCookie("A", "B", "[2001:0DB8:AC10:FE01::]", "/path", |
| 797 base::Time(), base::Time(), base::Time(), false, |
| 798 false, CookieSameSite::NO_RESTRICTION, |
| 799 COOKIE_PRIORITY_LOW) |
| 800 .IsCanonical()); |
| 801 |
| 802 // Zero prefixes removed IPv6 address as domain. Not canoncial because of |
| 803 // uppercase hex letters. |
| 804 EXPECT_FALSE(CanonicalCookie("A", "B", "[2001:DB8:AC10:FE01::]", "/path", |
| 805 base::Time(), base::Time(), base::Time(), false, |
| 806 false, CookieSameSite::NO_RESTRICTION, |
| 807 COOKIE_PRIORITY_LOW) |
| 808 .IsCanonical()); |
| 809 |
| 810 // Lowercased hex IPv6 address as domain. |
| 811 EXPECT_TRUE(CanonicalCookie("A", "B", "[2001:db8:ac10:fe01::]", "/path", |
| 812 base::Time(), base::Time(), base::Time(), false, |
| 813 false, CookieSameSite::NO_RESTRICTION, |
| 814 COOKIE_PRIORITY_LOW) |
| 815 .IsCanonical()); |
| 816 |
| 817 // Properly formatted host cookie. |
| 818 EXPECT_TRUE(CanonicalCookie("__Host-A", "B", "x.y", "/", base::Time(), |
| 819 base::Time(), base::Time(), true, false, |
| 820 CookieSameSite::NO_RESTRICTION, |
| 821 COOKIE_PRIORITY_LOW) |
| 822 .IsCanonical()); |
| 823 |
| 824 // Insecure host cookie. |
| 825 EXPECT_FALSE(CanonicalCookie("__Host-A", "B", "x.y", "/", base::Time(), |
| 826 base::Time(), base::Time(), false, false, |
| 827 CookieSameSite::NO_RESTRICTION, |
| 828 COOKIE_PRIORITY_LOW) |
| 829 .IsCanonical()); |
| 830 |
| 831 // Host cookie with non-null path. |
| 832 EXPECT_FALSE(CanonicalCookie("__Host-A", "B", "x.y", "/path", base::Time(), |
| 833 base::Time(), base::Time(), true, false, |
| 834 CookieSameSite::NO_RESTRICTION, |
| 835 COOKIE_PRIORITY_LOW) |
| 836 .IsCanonical()); |
| 837 |
| 838 // Host cookie with empty domain. |
| 839 EXPECT_FALSE(CanonicalCookie("__Host-A", "B", "", "/", base::Time(), |
| 840 base::Time(), base::Time(), true, false, |
| 841 CookieSameSite::NO_RESTRICTION, |
| 842 COOKIE_PRIORITY_LOW) |
| 843 .IsCanonical()); |
| 844 |
| 845 // Host cookie with period prefixed domain. |
| 846 EXPECT_FALSE(CanonicalCookie("__Host-A", "B", ".x.y", "/", base::Time(), |
| 847 base::Time(), base::Time(), true, false, |
| 848 CookieSameSite::NO_RESTRICTION, |
| 849 COOKIE_PRIORITY_LOW) |
| 850 .IsCanonical()); |
| 851 |
| 852 // Properly formatted secure cookie. |
| 853 EXPECT_TRUE(CanonicalCookie("__Secure-A", "B", "x.y", "/", base::Time(), |
| 854 base::Time(), base::Time(), true, false, |
| 855 CookieSameSite::NO_RESTRICTION, |
| 856 COOKIE_PRIORITY_LOW) |
| 857 .IsCanonical()); |
| 858 |
| 859 // Insecure secure cookie. |
| 860 EXPECT_FALSE(CanonicalCookie("__Secure-A", "B", "x.y", "/", base::Time(), |
| 861 base::Time(), base::Time(), false, false, |
| 862 CookieSameSite::NO_RESTRICTION, |
| 863 COOKIE_PRIORITY_LOW) |
| 864 .IsCanonical()); |
| 865 } |
| 866 |
599 TEST(CanonicalCookieTest, TestPrefixHistograms) { | 867 TEST(CanonicalCookieTest, TestPrefixHistograms) { |
600 base::HistogramTester histograms; | 868 base::HistogramTester histograms; |
601 const char kCookiePrefixHistogram[] = "Cookie.CookiePrefix"; | 869 const char kCookiePrefixHistogram[] = "Cookie.CookiePrefix"; |
602 const char kCookiePrefixBlockedHistogram[] = "Cookie.CookiePrefixBlocked"; | 870 const char kCookiePrefixBlockedHistogram[] = "Cookie.CookiePrefixBlocked"; |
603 GURL https_url("https://www.example.test"); | 871 GURL https_url("https://www.example.test"); |
604 base::Time creation_time = base::Time::Now(); | 872 base::Time creation_time = base::Time::Now(); |
605 CookieOptions options; | 873 CookieOptions options; |
606 | 874 |
607 EXPECT_FALSE(CanonicalCookie::Create(https_url, "__Host-A=B;", creation_time, | 875 EXPECT_FALSE(CanonicalCookie::Create(https_url, "__Host-A=B;", creation_time, |
608 options)); | 876 options)); |
(...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
640 CanonicalCookie::COOKIE_PREFIX_SECURE, 1); | 908 CanonicalCookie::COOKIE_PREFIX_SECURE, 1); |
641 EXPECT_TRUE(CanonicalCookie::Create(https_url, "__SecureA=B; Path=/; Secure", | 909 EXPECT_TRUE(CanonicalCookie::Create(https_url, "__SecureA=B; Path=/; Secure", |
642 creation_time, options)); | 910 creation_time, options)); |
643 histograms.ExpectBucketCount(kCookiePrefixHistogram, | 911 histograms.ExpectBucketCount(kCookiePrefixHistogram, |
644 CanonicalCookie::COOKIE_PREFIX_SECURE, 2); | 912 CanonicalCookie::COOKIE_PREFIX_SECURE, 2); |
645 histograms.ExpectBucketCount(kCookiePrefixBlockedHistogram, | 913 histograms.ExpectBucketCount(kCookiePrefixBlockedHistogram, |
646 CanonicalCookie::COOKIE_PREFIX_SECURE, 1); | 914 CanonicalCookie::COOKIE_PREFIX_SECURE, 1); |
647 } | 915 } |
648 | 916 |
649 } // namespace net | 917 } // namespace net |
OLD | NEW |