| Index: components/data_reduction_proxy/browser/data_reduction_proxy_tamper_detect_unittest.cc
|
| diff --git a/components/data_reduction_proxy/browser/data_reduction_proxy_tamper_detect_unittest.cc b/components/data_reduction_proxy/browser/data_reduction_proxy_tamper_detect_unittest.cc
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..f0b6fad903ae625894cacf93367997146da77bf1
|
| --- /dev/null
|
| +++ b/components/data_reduction_proxy/browser/data_reduction_proxy_tamper_detect_unittest.cc
|
| @@ -0,0 +1,1187 @@
|
| +// Copyright 2014 The Chromium Authors. All rights reserved.
|
| +// Use of this source code is governed by a BSD-style license that can be
|
| +// found in the LICENSE file.
|
| +
|
| +#include "components/data_reduction_proxy/browser/data_reduction_proxy_tamper_detect.h"
|
| +
|
| +#include <string.h>
|
| +#include <algorithm>
|
| +#include <map>
|
| +#include <vector>
|
| +
|
| +#include "base/base64.h"
|
| +#include "base/md5.h"
|
| +#include "base/strings/string_number_conversions.h"
|
| +#include "base/strings/string_split.h"
|
| +#include "components/data_reduction_proxy/common/data_reduction_proxy_headers.h"
|
| +#include "net/android/network_library.h"
|
| +#include "net/http/http_response_headers.h"
|
| +#include "net/http/http_util.h"
|
| +#include "testing/gtest/include/gtest/gtest.h"
|
| +
|
| +namespace {
|
| +
|
| +void HeadersToRaw(std::string* headers) {
|
| + std::replace(headers->begin(), headers->end(), '\n', '\0');
|
| + if (!headers->empty())
|
| + *headers += '\0';
|
| +}
|
| +
|
| +// Calcuates MD5 hash value for a string and then base64 encode it.
|
| +static std::string GetEncoded(const std::string& input) {
|
| + base::MD5Digest digest;
|
| + base::MD5Sum(input.c_str(), input.size(), &digest);
|
| + std::string base64encoded;
|
| + base::Base64Encode(std::string((char*)digest.a,
|
| + ARRAYSIZE_UNSAFE(digest.a)), &base64encoded);
|
| + return base64encoded;
|
| +}
|
| +
|
| +// Replaces all contents within "[]" by corresponding base64 encoded MD5 value.
|
| +void ReplaceWithEncodedString(std::string* input)
|
| +{
|
| + size_t start, end;
|
| + while (true) {
|
| + start = input->find("[");
|
| + if (start == std::string::npos) break;
|
| + end = input->find("]", start);
|
| + std::string need_to_encode = input->substr(start + 1, end - start - 1);
|
| + *input = input->substr(0, start) + GetEncoded(need_to_encode) +
|
| + input->substr(end + 1);
|
| + }
|
| +}
|
| +
|
| +// Testcase for fingerprint checking functions. |received_fingerprint| is
|
| +// fingerprint received from the data reduction proxy. |expected_tampered| is
|
| +// expected tampered or not result.
|
| +struct TestCaseCheckingFingerprint {
|
| + std::string raw_header;
|
| + std::string received_fingerprint;
|
| + bool expected_tampered;
|
| +};
|
| +
|
| +} // namespace
|
| +
|
| +namespace data_reduction_proxy {
|
| +
|
| +class DataReductionProxyTamperDetectionTest : public testing::Test {
|
| + public:
|
| + static void TestFingerprintCommon(const TestCaseCheckingFingerprint& test,
|
| + DataReductionProxyTamperDetection::FingerprintCode fingerprint);
|
| +};
|
| +
|
| +// Common function for testing fingerprint checking functions. For a given
|
| +// header string |test.raw_header|, generates HttpResponseHeaders |headers| and
|
| +// checks specified fingerprint checking function returns expected result or
|
| +// not.
|
| +void DataReductionProxyTamperDetectionTest::TestFingerprintCommon(
|
| + const TestCaseCheckingFingerprint& test,
|
| + DataReductionProxyTamperDetection::FingerprintCode fingerprint) {
|
| + std::string raw_headers(test.raw_header);
|
| + HeadersToRaw(&raw_headers);
|
| + scoped_refptr<net::HttpResponseHeaders> headers(
|
| + new net::HttpResponseHeaders(raw_headers));
|
| +
|
| + // Removes Chrome-Proxy header's fingerprint from Chrome-Proxy header.
|
| + std::vector<std::string> chrome_proxy_header_values =
|
| + DataReductionProxyTamperDetection::
|
| + GetHeaderValues(headers, "Chrome-Proxy");
|
| +
|
| + DataReductionProxyTamperDetection::RemoveChromeProxyFingerprint(
|
| + &chrome_proxy_header_values);
|
| +
|
| + DataReductionProxyTamperDetection tamper_detection(
|
| + headers, true, 0, &chrome_proxy_header_values);
|
| +
|
| + bool tampered;
|
| + switch (fingerprint) {
|
| + case DataReductionProxyTamperDetection::CHROMEPROXY:
|
| + tampered = tamper_detection.IsChromeProxyHeaderTampered(
|
| + test.received_fingerprint);
|
| + break;
|
| + case DataReductionProxyTamperDetection::VIA:
|
| + tampered = tamper_detection.IsViaHeaderTampered(
|
| + test.received_fingerprint);
|
| + break;
|
| + case DataReductionProxyTamperDetection::OTHERHEADERS:
|
| + tampered = tamper_detection.AreOtherHeadersTampered(
|
| + test.received_fingerprint);
|
| + break;
|
| + case DataReductionProxyTamperDetection::CONTENTLENGTH:
|
| + tampered = tamper_detection.IsContentLengthHeaderTampered(
|
| + test.received_fingerprint);
|
| + break;
|
| + case DataReductionProxyTamperDetection::NONEXIST:
|
| + break;
|
| + }
|
| +
|
| + EXPECT_EQ(test.expected_tampered, tampered);
|
| +}
|
| +
|
| +// Checks function IsChromeProxyHeaderTampered.
|
| +TEST_F(DataReductionProxyTamperDetectionTest, ChromeProxy) {
|
| + TestCaseCheckingFingerprint test[] = {
|
| + // Checks sorting values and decoding.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Chrome-Proxy: aut=aauutthh,"
|
| + "fp=123,bbbypas=0,aaxxx=xxx,bbbloc=1\n",
|
| + "aaxxx=xxx,aut=aauutthh,bbbloc=1,bbbypas=0,fp=123,",
|
| + false,
|
| + },
|
| +
|
| + // Checks Chrome-Proxy's fingerprint removing.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Chrome-Proxy: a,b,c,d,e,3,2,1," +
|
| + std::string(tamper_detection_fingerprint_names::kFingerprintChromeProxy) +
|
| + "=1231\n",
|
| + "1,2,3,a,b,c,d,e,",
|
| + false,
|
| + },
|
| +
|
| + // Checks no Chrome-Proxy header case (should not happen).
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Content-Length: 12345\n",
|
| + "",
|
| + false,
|
| + },
|
| +
|
| + // Checks empty Chrome-Proxy header case (should not happen).
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Chrome-Proxy: \n",
|
| + ",",
|
| + false,
|
| + },
|
| +
|
| + // Checks Chrome-Proxy header with its fingerprint only case.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Chrome-Proxy: " +
|
| + std::string(tamper_detection_fingerprint_names::kFingerprintChromeProxy) +
|
| + "=xyz\n",
|
| + "",
|
| + false,
|
| + },
|
| +
|
| + // Checks empty Chrome-Proxy header case, with extra ","
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Chrome-Proxy: " +
|
| + std::string(tamper_detection_fingerprint_names::kFingerprintChromeProxy) +
|
| + "=abcde , \n",
|
| + "",
|
| + false,
|
| + },
|
| +
|
| + // Checks empty Chrome-Proxy header, different to fingerprint.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Chrome-Proxy: " +
|
| + std::string(tamper_detection_fingerprint_names::kFingerprintChromeProxy) +
|
| + "=xyz\n",
|
| + ",",
|
| + true,
|
| + },
|
| +
|
| + // Chrome-Proxy header different to its fingerprint.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Chrome-Proxy: aut=aauutthh,bbbypas=2,aaxxx=xxx,bbbloc=1\n",
|
| + "aaxxx=xxx,aut=aauutthh,bbbloc=1,bbbypas=0,",
|
| + true,
|
| + },
|
| +
|
| + // Chrome-Proxy header different to its fingerprint.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Chrome-Proxy: a,aut=aauutthh,bbbypas=0,aaxxx=xxx,bbbloc=1\n",
|
| + "aaxxx=xxx,aut=aauutthh,bbbloc=1,bbbypas=0,",
|
| + true,
|
| + },
|
| +
|
| + // Chrome-Proxy header different to its fingerprint in order.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Chrome-Proxy: aut=aauutthh,bbbypas=0,aaxxx=xxx,bbbloc=1\n",
|
| + "aaxxx=xxx,aut=aauutthh,bbbypas=0,bbbloc=1,",
|
| + true,
|
| + },
|
| +
|
| + // Checks Chrome-Proxy header with extra " ".
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Chrome-Proxy: aut=aauutthh , bbbypas=0 , aaxxx=xxx"
|
| + " ,bbbloc=1 \n",
|
| + "aaxxx=xxx,aut=aauutthh,bbbloc=1,bbbypas=0,",
|
| + false
|
| + },
|
| +
|
| + // Check Chrome-Proxy header, with extra lines and " ".
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Chrome-Proxy: aut=aauutthh , bbbypas=0 , bbbloc=1 \n"
|
| + "Chrome-Proxy: aaxxx=xxx \n",
|
| + "aaxxx=xxx,aut=aauutthh,bbbloc=1,bbbypas=0,",
|
| + false
|
| + },
|
| +
|
| + // Checks Chrome-Proxy header with multiple lines.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Chrome-Proxy: aaxxx=xxx \n"
|
| + "Chrome-Proxy: aut=aauutthh\n"
|
| + "Chrome-Proxy: bbbypas=0\n"
|
| + "Chrome-Proxy:bbbloc=1 \n",
|
| + "aaxxx=xxx,aut=aauutthh,bbbloc=1,bbbypas=0,",
|
| + false
|
| + },
|
| +
|
| + // Checks Chrome-Proxy header with multiple lines, at different positions
|
| + // of the entire header.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Chrome-Proxy: aaxxx=xxx \n"
|
| + "Chrome-Proxy: aut=aauutthh\n"
|
| + "Content-Type: 1\n"
|
| + "Cache-Control: 2\n"
|
| + "ETag: 3\n"
|
| + "Chrome-Proxy: bbbypas=0\n"
|
| + "Connection: 4\n"
|
| + "Expires: 5\n"
|
| + "Chrome-Proxy: bbbloc=1\n"
|
| + "Via: \n"
|
| + "Content-Length: 12345\n"
|
| + "fp=123 \n",
|
| + "aaxxx=xxx,aut=aauutthh,bbbloc=1,bbbypas=0,",
|
| + false
|
| + },
|
| +
|
| + // Checks Chrome-Proxy header with multiple same values.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Chrome-Proxy: aaxxx=xxx \n"
|
| + "Chrome-Proxy: aut=aauutthh\n"
|
| + "Content-Type: 1\n"
|
| + "Cache-Control: 2\n"
|
| + "ETag: 3\n"
|
| + "Chrome-Proxy: bbbypas=0\n"
|
| + "Connection: 4\n"
|
| + "Expires: 5\n"
|
| + "Chrome-Proxy: bbbloc=1, fp=123 \n"
|
| + "Chrome-Proxy: aaxxx=xxx \n"
|
| + "Via: \n"
|
| + "Content-Length: 12345\n",
|
| + "aaxxx=xxx,aaxxx=xxx,aut=aauutthh,bbbloc=1,bbbypas=0,fp=123,",
|
| + false
|
| + },
|
| +
|
| + // Checks Chrome-Proxy header with multiple same values.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Chrome-Proxy: aaxxx=xxx \n"
|
| + "Chrome-Proxy: aut=aauutthh\n"
|
| + "Content-Type: 1\n"
|
| + "Cache-Control: 2\n"
|
| + "ETag: 3\n"
|
| + "Chrome-Proxy: bbbypas=0\n"
|
| + "Connection: 4\n"
|
| + "Expires: 5\n"
|
| + "Chrome-Proxy: bbbloc=1, fp=123 \n" +
|
| + std::string(tamper_detection_fingerprint_names::kFingerprintChromeProxy) +
|
| + "xyn \n" +
|
| + "Chrome-Proxy: aaxxx=xxx \n"
|
| + "Via: \n"
|
| + "Content-Length: 12345\n",
|
| + "aaxxx=xxx,aaxxx=xxx,aut=aauutthh,bbbloc=1,bbbypas=0,fp=123,",
|
| + false
|
| + },
|
| +
|
| + // Checks Chrome-Proxy header with multiple same values, but different to
|
| + // fingerprint.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Chrome-Proxy: aaxxx=xxx \n"
|
| + "Chrome-Proxy: aaxxx=xxx \n"
|
| + "Chrome-Proxy: aut=aauutthh\n"
|
| + "Content-Type: 1\n"
|
| + "Cache-Control: 2\n"
|
| + "ETag: 3\n"
|
| + "Chrome-Proxy: bbbypas=0\n"
|
| + "Connection: 4\n"
|
| + "Expires: 5\n"
|
| + "Chrome-Proxy: bbbloc=1\n"
|
| + "Chrome-Proxy: aaxxx=xxx \n"
|
| + "Via: \n"
|
| + "Content-Length: 12345\n",
|
| + "aaxxx=xxx,aaxxx=xxx,aut=aauutthh,bbbloc=1,bbbypas=0,",
|
| + true,
|
| + },
|
| +
|
| + // Check Chrome-Proxy header with multiple same values, but different to
|
| + // fingerprint.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Chrome-Proxy: aaxxx=xxx \n"
|
| + "Chrome-Proxy: aaxxx=xxx \n"
|
| + "Chrome-Proxy: aut=aauutthh\n"
|
| + "Content-Type: 1\n"
|
| + "Cache-Control: 2\n"
|
| + "ETag: 3\n"
|
| + "Chrome-Proxy: bbbypas=0\n"
|
| + "Connection: 4\n"
|
| + "Expires: 5\n" +
|
| + std::string(tamper_detection_fingerprint_names::kFingerprintChromeProxy) +
|
| + "xyn \n" +
|
| + "Chrome-Proxy: bbbloc=1\n"
|
| + "Chrome-Proxy: aaxxx=xxx \n"
|
| + "Via: \n"
|
| + "Content-Length: 12345\n",
|
| + "aaxxx=xxx,aaxxx=xxx,aut=aauutthh,bbbloc=1,bbbypas=0,",
|
| + true,
|
| + },
|
| +
|
| + // Check Chrome-Proxy header with multiple lines, but different to
|
| + // fingerprint.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Content-Type: 1\n"
|
| + "Cache-Control: 2\n"
|
| + "ETag: 3\n"
|
| + "Chrome-Proxy: bbbypas=0\n"
|
| + "Connection: 4\n"
|
| + "Expires: 5\n"
|
| + "Chrome-Proxy: bbbloc=1\n"
|
| + "Chrome-Proxy: aaxxx=xxx \n"
|
| + "Via: \n"
|
| + "Content-Length: 12345\n",
|
| + "aaxxx=xxx,aaxxx=xxx,aut=aauutthh,bbbloc=1,bbbypas=0,",
|
| + true,
|
| + },
|
| +
|
| + // Checks case whose received fingerprint is empty.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Chrome-Proxy: aaxxx=xxx \n"
|
| + "Chrome-Proxy: aaxxx=xxx \n"
|
| + "Chrome-Proxy: aut=aauutthh\n"
|
| + "Content-Type: 1\n"
|
| + "Cache-Control: 2\n"
|
| + "ETag: 3\n"
|
| + "Chrome-Proxy: bbbypas=0\n"
|
| + "Connection: 4\n"
|
| + "Expires: 5\n"
|
| + "Chrome-Proxy: bbbloc=1\n"
|
| + "Chrome-Proxy: aaxxx=xxx \n"
|
| + "Via: \n"
|
| + "Content-Length: 12345\n",
|
| + "",
|
| + true,
|
| + },
|
| +
|
| + };
|
| +
|
| + for (size_t i=0; i<ARRAYSIZE_UNSAFE(test); ++i) {
|
| + test[i].received_fingerprint =
|
| + GetEncoded(test[i].received_fingerprint);
|
| +
|
| + DataReductionProxyTamperDetectionTest::TestFingerprintCommon(test[i],
|
| + DataReductionProxyTamperDetection::CHROMEPROXY);
|
| + }
|
| +}
|
| +
|
| +// Check function IsViaHeaderTampered.
|
| +TEST_F(DataReductionProxyTamperDetectionTest, Via) {
|
| + TestCaseCheckingFingerprint test[] = {
|
| + // Checks the case that Chrome-Compression-Proxy occurs at the last.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Via: a, b, c, 1.1 Chrome-Compression-Proxy\n",
|
| + "0",
|
| + false
|
| + },
|
| +
|
| + // Checks when there is intermediary between the data reduction proxy and
|
| + // the Chromium client.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Via: a, b, c, 1.1 Chrome-Compression-Proxy, xyz\n",
|
| + "0",
|
| + true,
|
| + },
|
| +
|
| + // Checks the case of empty Via header.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Via: \n",
|
| + "0",
|
| + false,
|
| + },
|
| +
|
| + // Checks the case that only the data reduction proxy's Via header occurs.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Via: 1.1 Chrome-Compression-Proxy \n",
|
| + "0",
|
| + false
|
| + },
|
| +
|
| + // Checks the case that there are " ", i.e., empty value after the data
|
| + // reduction proxy's Via header.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Via: 1.1 Chrome-Compression-Proxy , , \n",
|
| + "0",
|
| + false
|
| + },
|
| +
|
| + // Checks the case when there is no Via header
|
| + {
|
| + "HTTP/1.1 200 OK \n",
|
| + "0",
|
| + false
|
| + },
|
| +
|
| + // Same to above test cases, but with deprecated data reduciton proxy Via
|
| + // header.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Via: a, b, c, 1.1 Chrome Compression Proxy\n",
|
| + "0",
|
| + false
|
| + },
|
| +
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Via: a, b, c, 1.1 Chrome Compression Proxy, xyz\n",
|
| + "0",
|
| + true,
|
| + },
|
| +
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Via: \n",
|
| + "0",
|
| + false,
|
| + },
|
| +
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Via: 1.1 Chrome Compression Proxy \n",
|
| + "0",
|
| + false
|
| + },
|
| +
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Via: 1.1 Chrome Compression Proxy , , \n",
|
| + "0",
|
| + false
|
| + },
|
| +
|
| + {
|
| + "HTTP/1.1 200 OK \n",
|
| + "0",
|
| + false
|
| + },
|
| + };
|
| +
|
| + for (size_t i=0; i<ARRAYSIZE_UNSAFE(test); ++i) {
|
| + DataReductionProxyTamperDetectionTest::TestFingerprintCommon(test[i],
|
| + DataReductionProxyTamperDetection::VIA);
|
| + }
|
| +}
|
| +
|
| +// Checks function AreOtherHeadersTampered.
|
| +TEST_F(DataReductionProxyTamperDetectionTest, OtherHeaders) {
|
| + // For following testcases, |received_fingerprint| is not the actual
|
| + // fingerprint from data reduction proxy, instead, the base64 encoded field
|
| + // is in plain text (within "[]") and needs to be encoded first. For example,
|
| + // "[12345;]:content-length" needs to be encoded to
|
| + // "Base64Encoded(MD5(12345;)):content-length" before calling the checking
|
| + // function.
|
| + TestCaseCheckingFingerprint test[] = {
|
| + // Checks the case of correct fingerprint.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Chrome-Proxy: aut=aauutthh,bbbypas=0,aaxxx=xxx,bbbloc=1\n"
|
| + "Content-Type: 1\n"
|
| + "Cache-Control: 2\n"
|
| + "ETag: 3\n"
|
| + "Connection: 4\n"
|
| + "Expires: 5\n"
|
| + "Via: \n" +
|
| + std::string(tamper_detection_fingerprint_names::kFingerprintChromeProxy) +
|
| + "abcde \n"
|
| + "Content-Length: 12345\n",
|
| + "[1,;2,;3,;4,;5,;]:content-type:cache-control:etag:connection:expires",
|
| + false
|
| + },
|
| +
|
| + // Checks the case of correct fingerprint.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Chrome-Proxy: aut=aauutthh,bbbypas=0,aaxxx=xxx,bbbloc=1\n"
|
| + "Content-Type: aaa1\n"
|
| + "Cache-Control: aaa2\n" +
|
| + std::string(tamper_detection_fingerprint_names::kFingerprintChromeProxy) +
|
| + "abcde \n" +
|
| + "ETag: aaa3\n"
|
| + "Connection: aaa4\n"
|
| + "Expires: aaa5\n"
|
| + "Via: \n"
|
| + "Content-Length: 12345\n",
|
| + "[aaa1,;aaa2,;aaa3,;aaa4,;aaa5,;]:content-type:cache-control:"
|
| + "etag:connection:expires",
|
| + false
|
| + },
|
| +
|
| + // Checks the case that one header has multiple values.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Chrome-Proxy: aut=aauutthh,bbbypas=0,aaxxx=xxx,bbbloc=1\n" +
|
| + std::string(tamper_detection_fingerprint_names::kFingerprintChromeProxy) +
|
| + "abcde \n" +
|
| + "Content-Type: aaa1, bbb1, ccc1\n"
|
| + "Cache-Control: aaa2\n"
|
| + "ETag: aaa3\n"
|
| + "Connection: aaa4\n"
|
| + "Expires: aaa5\n"
|
| + "Via: \n"
|
| + "Content-Length: 12345\n",
|
| + "[aaa1,bbb1,ccc1,;aaa2,;aaa3,;aaa4,;aaa5,;]:"
|
| + "content-type:cache-control:etag:connection:expires",
|
| + false
|
| + },
|
| +
|
| + // Checks the case that one header has multiple lines.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Chrome-Proxy: aut=aauutthh,bbbypas=0,aaxxx=xxx,bbbloc=1\n"
|
| + "Content-Type: aaa1, ccc1\n"
|
| + "Content-Type: xxx1, bbb1, ccc1\n"
|
| + "Cache-Control: aaa2\n"
|
| + "ETag: aaa3\n"
|
| + "Connection: aaa4\n"
|
| + "Expires: aaa5\n"
|
| + "Via: \n" +
|
| + std::string(tamper_detection_fingerprint_names::kFingerprintChromeProxy) +
|
| + "abcde \n" +
|
| + "Content-Length: 12345\n",
|
| + "[aaa1,bbb1,ccc1,ccc1,xxx1,;aaa2,;aaa3,;aaa4,;aaa5,;]:"
|
| + "content-type:cache-control:etag:connection:expires",
|
| + false
|
| + },
|
| +
|
| + // Checks the case that one header has multiple values, and such multiple
|
| + // lines occur at different positions.
|
| + {
|
| + "HTTP/1.1 200 OK \n" +
|
| + std::string(tamper_detection_fingerprint_names::kFingerprintChromeProxy) +
|
| + "abcde \n" +
|
| + "Chrome-Proxy: aut=aauutthh,bbbypas=0,aaxxx=xxx,bbbloc=1\n"
|
| + "Content-Type: aaa1, ccc1\n"
|
| + "Cache-Control: aaa2\n"
|
| + "ETag: aaa3\n"
|
| + "Content-Type: xxx1, bbb1, ccc1\n"
|
| + "Connection: aaa4\n"
|
| + "Expires: aaa5\n"
|
| + "Via: \n"
|
| + "Content-Length: 12345\n",
|
| + "[aaa1,bbb1,ccc1,ccc1,xxx1,;aaa2,;aaa3,;aaa4,;aaa5,;]"
|
| + ":content-type:cache-control:etag:connection:expires",
|
| + false
|
| + },
|
| +
|
| + // Checks the case that more than one headers have multiple values.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Chrome-Proxy: aut=aauutthh,bbbypas=0,aaxxx=xxx,bbbloc=1\n"
|
| + "Content-Type: aaa1, ccc1\n"
|
| + "Cache-Control: ccc2 , bbb2\n"
|
| + "ETag: aaa3\n"
|
| + "Content-Type: xxx1, bbb1, ccc1\n"
|
| + "Connection: aaa4\n"
|
| + "Cache-Control: aaa2 \n"
|
| + "Expires: aaa5\n" +
|
| + std::string(tamper_detection_fingerprint_names::kFingerprintChromeProxy) +
|
| + "abcde \n" +
|
| + "Via: \n"
|
| + "Content-Length: 12345\n",
|
| + "[aaa1,bbb1,ccc1,ccc1,xxx1,;aaa2,bbb2,ccc2,;aaa3,;aaa4,;aaa5,;]:"
|
| + "content-type:cache-control:etag:connection:expires",
|
| + false
|
| + },
|
| +
|
| + // Checks the case that one of the requested headers is missing (Expires).
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Chrome-Proxy: aut=aauutthh,bbbypas=0,aaxxx=xxx,bbbloc=1\n"
|
| + "Content-Type: aaa1, ccc1\n"
|
| + "Cache-Control: ccc2 , bbb2\n"
|
| + "ETag: aaa3\n"
|
| + "Content-Type: xxx1, bbb1, ccc1\n"
|
| + "Connection: aaa4\n"
|
| + "Cache-Control: aaa2 \n"
|
| + "Via: \n"
|
| + "Content-Length: 12345\n" +
|
| + std::string(tamper_detection_fingerprint_names::kFingerprintChromeProxy) +
|
| + "abcde \n",
|
| + "[aaa1,bbb1,ccc1,ccc1,xxx1,;aaa2,bbb2,ccc2,;aaa3,;aaa4,;;]:"
|
| + "content-type:cache-control:etag:connection:expires",
|
| + false
|
| + },
|
| +
|
| + // Checks the case that more than one of the requested headers are missing.
|
| + // (Content-Type, Expires).
|
| + {
|
| + "HTTP/1.1 200 OK \n" +
|
| + std::string(tamper_detection_fingerprint_names::kFingerprintChromeProxy) +
|
| + "abcde \n" +
|
| + "Chrome-Proxy: aut=aauutthh,bbbypas=0,aaxxx=xxx,bbbloc=1\n"
|
| + "Cache-Control: ccc2 , bbb2\n"
|
| + "ETag: aaa3\n"
|
| + "Connection: aaa4\n"
|
| + "Cache-Control: aaa2 \n"
|
| + "Via: \n"
|
| + "Content-Length: 12345\n",
|
| + "[;aaa2,bbb2,ccc2,;aaa3,;aaa4,;;]:content-type:cache-control:"
|
| + "etag:connection:expires",
|
| + false
|
| + },
|
| +
|
| + // Checks the case that all the requested headers are missing.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Chrome-Proxy: aut=aauutthh,bbbypas=0,aaxxx=xxx,bbbloc=1\n"
|
| + "Via: \n"
|
| + "Content-Length: 12345\n" +
|
| + std::string(tamper_detection_fingerprint_names::kFingerprintChromeProxy) +
|
| + "abcde \n",
|
| + "[;;;;;]:content-type:cache-control:etag:connection:expires",
|
| + false
|
| + },
|
| +
|
| + // Checks the case that only one header is requested.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Chrome-Proxy: aut=aauutthh,bbbypas=0,aaxxx=xxx,bbbloc=1\n"
|
| + "Via: \n"
|
| + "Content-Length: 12345\n" +
|
| + std::string(tamper_detection_fingerprint_names::kFingerprintChromeProxy) +
|
| + "abcde \n",
|
| + "[12345,;]:content-length",
|
| + false
|
| + },
|
| +
|
| + // Checks the case that fingerprint is different to received one.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Chrome-Proxy: aut=aauutthh,bbbypas=0,aaxxx=xxx,bbbloc=1\n"
|
| + "Content-Type: aaa1, ccc1\n"
|
| + "Cache-Control: ccc2 , bbb2\n"
|
| + "ETag: etag\n"
|
| + "Content-Type: xxx1, bbb1, ccc1\n"
|
| + "Connection: aaa4\n"
|
| + "Cache-Control: aaa2 \n"
|
| + "Via: \n"
|
| + "Content-Length: 12345\n",
|
| + "[aaa1,bbb1,ccc1,ccc1,xxx1,;aaa2,bbb2,ccc2,;aaa3,;aaa4,;;]:"
|
| + "content-type:cache-control:etag:connection:expires",
|
| + true
|
| + },
|
| +
|
| + // Checks the case that some of the requested headers have empty value
|
| + // (different to above header-missing case).
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Content-Type: \n"
|
| + "Cache-Control: \n"
|
| + "ETag: \n"
|
| + "Connection: \n"
|
| + "Expires: 5\n" +
|
| + std::string(tamper_detection_fingerprint_names::kFingerprintChromeProxy) +
|
| + "abcde \n" +
|
| + "Via: \n"
|
| + "Content-Length: 12345\n",
|
| + "[,;,;,;,;5,;]:content-type:cache-control:etag:connection:expires",
|
| + false
|
| + },
|
| +
|
| + // Checks the case that some headers are missing, some of them are of
|
| + // empty values (whether delimiter "," and ";" work correctly).
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Cache-Control: \n"
|
| + "Connection: \n"
|
| + "Expires: 5\n"
|
| + "Via: \n"
|
| + "Content-Length: 12345\n" +
|
| + std::string(tamper_detection_fingerprint_names::kFingerprintChromeProxy) +
|
| + "abcde \n",
|
| + "[;,;;,;5,;]:content-type:cache-control:etag:connection:expires",
|
| + false
|
| + },
|
| +
|
| + // Checks the case there is no requested header (header list is empty).
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Chrome-Proxy: aut=aauutthh,bbbypas=0,aaxxx=xxx,bbbloc=1\n"
|
| + "Content-Type: 1\n"
|
| + "Cache-Control: 2\n"
|
| + "ETag: 3\n"
|
| + "Connection: 4\n" +
|
| + std::string(tamper_detection_fingerprint_names::kFingerprintChromeProxy) +
|
| + "abcde \n" +
|
| + "Expires: 5\n"
|
| + "Via: \n"
|
| + "Content-Length: 12345\n",
|
| + "[]",
|
| + false
|
| + },
|
| +
|
| + // Checks the case that there is only one requested header and it does not
|
| + // exist.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Chrome-Proxy: aut=aauutthh,bbbypas=0,aaxxx=xxx,bbbloc=1\n"
|
| + "Content-Type: 1\n"
|
| + "Cache-Control: 2\n"
|
| + "ETag: 3\n"
|
| + "Connection: 4\n"
|
| + "Expires: 5\n"
|
| + "Via: \n" +
|
| + std::string(tamper_detection_fingerprint_names::kFingerprintChromeProxy) +
|
| + "abcde \n" +
|
| + "Content-Length: 12345\n",
|
| + "[;]:non_exist_header",
|
| + false
|
| + },
|
| +
|
| + // Checks the case that there is only one requested header.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Cache-Control: \n"
|
| + "Connection: \n"
|
| + "Expires: 5\n"
|
| + "Via: \n"
|
| + "Content-Length: 12345\n" +
|
| + std::string(tamper_detection_fingerprint_names::kFingerprintChromeProxy) +
|
| + "abcde \n",
|
| + "[;]:content-type",
|
| + false
|
| + },
|
| +
|
| + /* Lead to NOTREACHED() */
|
| + /*
|
| + // special case, if base64 decoding fails
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Cache-Control: \n"
|
| + "Connection: \n"
|
| + "Expires: 5\n"
|
| + "Via: \n"
|
| + "Content-Length: 12345\n",
|
| + ";:content-type",
|
| + true
|
| + },
|
| +
|
| + // special case, if base64 decoding fails
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Cache-Control: \n"
|
| + "Connection: \n"
|
| + "Expires: 5\n"
|
| + "Via: \n"
|
| + "Content-Length: 12345\n",
|
| + "abcde:content-type:cache-control:etag:connection:expires",
|
| + true
|
| + },
|
| + */
|
| + };
|
| +
|
| + for (size_t i=0; i<ARRAYSIZE_UNSAFE(test); ++i) {
|
| + ReplaceWithEncodedString(&(test[i].received_fingerprint));
|
| + DataReductionProxyTamperDetectionTest::TestFingerprintCommon(test[i],
|
| + DataReductionProxyTamperDetection::OTHERHEADERS);
|
| + }
|
| +}
|
| +
|
| +// Checks function IsContentLengthTampered.
|
| +TEST_F(DataReductionProxyTamperDetectionTest, ContentLength) {
|
| + TestCaseCheckingFingerprint test[] = {
|
| + // Checks the case fingerprint matches received response.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Content-Type: 1\n"
|
| + "Content-Length: 12345\n",
|
| + "12345",
|
| + false,
|
| + },
|
| +
|
| + // Checks the case that fingerprint does not match received response.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Content-Type: text/html; charset=ISO-8859-4\n"
|
| + "Content-Length: 12345\n",
|
| + "125",
|
| + true,
|
| + },
|
| +
|
| + // Checks the case that the data reduction proxy has not sent
|
| + // Content-Length header.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Content-Type: text/javascript\n"
|
| + "Content-Length: 12345\n",
|
| + "",
|
| + false,
|
| + },
|
| +
|
| + // Checks the case that the data reduction proxy sends invalid
|
| + // Content-Length header.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Content-Type: text/javascript\n"
|
| + "Content-Length: 12345\n",
|
| + "aaa",
|
| + false,
|
| + },
|
| +
|
| + // Checks the case that the data reduction proxy sends invalid
|
| + // Content-Length header.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Content-Type: text/javascript\n"
|
| + "Content-Length: aaa\n",
|
| + "aaa",
|
| + false,
|
| + },
|
| +
|
| + // Checks the case that Content-Length header are missing at both end.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Content-Type: 1\n",
|
| + "",
|
| + false,
|
| + },
|
| +
|
| + // Checks the case that Content-Length is 0.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Content-Type: application/x-javascript\n"
|
| + "Content-Length: 0\n",
|
| + "0",
|
| + false,
|
| + },
|
| +
|
| + // Checks the case that Content-Length is empty at the data reduction proxy
|
| + // side.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Content-Type: application/x-javascript\n"
|
| + "Content-Length: 123\n",
|
| + ",",
|
| + false,
|
| + },
|
| +
|
| + // Checks the case that Content-Length header is missing at the Chromium
|
| + // client side.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Content-Type: application/javascript \n",
|
| + "123",
|
| + false,
|
| + },
|
| + };
|
| +
|
| + for (size_t i=0; i<ARRAYSIZE_UNSAFE(test); ++i) {
|
| + DataReductionProxyTamperDetectionTest::TestFingerprintCommon(test[i],
|
| + DataReductionProxyTamperDetection::CONTENTLENGTH);
|
| + }
|
| +}
|
| +
|
| +// Testcase for RemoveChromeProxyFingerprint function.
|
| +TEST_F(DataReductionProxyTamperDetectionTest, HeaderRemoving) {
|
| + struct {
|
| + std::string input_values[10];
|
| + std::string expected_output_values[10];
|
| + } test[] = {
|
| + // Checks the case that there is no Chrome-Proxy header's fingerprint.
|
| + {
|
| + {"1", "2", "3", "5",},
|
| + {"1", "2", "3", "5",},
|
| + },
|
| + // Checks the case that there is Chrome-Proxy header's fingerprint.
|
| + {
|
| + {"1", "2", "3",
|
| + std::string(tamper_detection_fingerprint_names::
|
| + kFingerprintChromeProxy) + "=4", "5",},
|
| + {"1", "2", "3", "5",},
|
| + },
|
| + // Checks the case that there is Chrome-Proxy header's fingerprint, and it
|
| + // occurs at the end.
|
| + {
|
| + {"1", "2", "3",
|
| + std::string(tamper_detection_fingerprint_names::
|
| + kFingerprintChromeProxy) + "=4",},
|
| + {"1", "2", "3",},
|
| + },
|
| + // Checks the case that there is Chrome-Proxy header's fingerprint, and it
|
| + // occurs at the beginning.
|
| + {
|
| + {std::string(tamper_detection_fingerprint_names::kFingerprintChromeProxy)
|
| + + "=1", "2", "3",},
|
| + {"2", "3",},
|
| + },
|
| + };
|
| +
|
| + for (size_t i=0; i<ARRAYSIZE_UNSAFE(test); ++i) {
|
| + std::vector<std::string> input_values, output_values;
|
| + for (size_t j=0; j<ARRAYSIZE_UNSAFE(test[i].input_values); ++j) {
|
| + if (test[i].input_values[j].size())
|
| + input_values.push_back(test[i].input_values[j]);
|
| + }
|
| + for (size_t j=0; j<ARRAYSIZE_UNSAFE(test[i].expected_output_values); ++j) {
|
| + if (test[i].expected_output_values[j].size())
|
| + output_values.push_back(test[i].expected_output_values[j]);
|
| + }
|
| +
|
| + DataReductionProxyTamperDetection::RemoveChromeProxyFingerprint(
|
| + &input_values);
|
| +
|
| + EXPECT_EQ(input_values, output_values);
|
| + }
|
| +}
|
| +
|
| +// Testcase for ValuesToSortedString function.
|
| +TEST_F(DataReductionProxyTamperDetectionTest, ValuesToSortedString) {
|
| + struct {
|
| + std::string input_values[10];
|
| + std::string expected_output_string;
|
| + } test[] = {
|
| + // Checks the correctness of sorting.
|
| + {
|
| + {"1", "2", "3",},
|
| + "1,2,3,",
|
| + },
|
| + // Checks the case that there is an empty input vector.
|
| + {
|
| + {},
|
| + "",
|
| + },
|
| + // Checks the case that there is an empty string in the input vector.
|
| + {
|
| + {" ",},
|
| + ",",
|
| + },
|
| + };
|
| +
|
| + for (size_t i=0; i<ARRAYSIZE_UNSAFE(test); ++i) {
|
| + std::vector<std::string> input_values;
|
| + for (size_t j=0; j<ARRAYSIZE_UNSAFE(test[i].input_values); ++j) {
|
| + if (test[i].input_values[j].size()) {
|
| + if (test[i].input_values[j] == " ")
|
| + input_values.push_back("");
|
| + else
|
| + input_values.push_back(test[i].input_values[j]);
|
| + }
|
| + }
|
| +
|
| + std::string output_string = DataReductionProxyTamperDetection::
|
| + ValuesToSortedString(&input_values);
|
| +
|
| + EXPECT_EQ(output_string, test[i].expected_output_string);
|
| + }
|
| +}
|
| +
|
| +// Testcase for GetHeaderValues function.
|
| +TEST_F(DataReductionProxyTamperDetectionTest, GetHeaderValues) {
|
| + struct {
|
| + std::string raw_header;
|
| + std::string header_name;
|
| + std::string expected_output_values[10];
|
| + } test[] = {
|
| + // Checks the correctness of getting single line header.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "test: 1, 2, 3\n",
|
| + "test",
|
| + {"1", "2", "3"},
|
| + },
|
| + // Checks the correctness of getting multiple lines header.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "test: 1, 2, 3\n"
|
| + "test: 4, 5, 6\n"
|
| + "test: 7, 8, 9\n",
|
| + "test",
|
| + {"1", "2", "3", "4", "5", "6", "7", "8", "9"},
|
| + },
|
| + // Checks the correctness of getting missing header.
|
| + {
|
| + "HTTP/1.1 200 OK \n",
|
| + "test",
|
| + {},
|
| + },
|
| + // Checks the correctness of getting empty header.
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "test: \n",
|
| + "test",
|
| + {" "},
|
| + },
|
| + };
|
| +
|
| + for (size_t i=0; i<ARRAYSIZE_UNSAFE(test); ++i) {
|
| + std::string raw_headers(test[i].raw_header);
|
| + HeadersToRaw(&raw_headers);
|
| + scoped_refptr<net::HttpResponseHeaders> headers =
|
| + new net::HttpResponseHeaders(raw_headers);
|
| +
|
| + std::vector<std::string> expected_output_values;
|
| + for (size_t j=0; j<ARRAYSIZE_UNSAFE(test[i].expected_output_values); ++j) {
|
| + if ((test[i].expected_output_values[j]).size()) {
|
| + if (test[i].expected_output_values[j] == " ")
|
| + expected_output_values.push_back("");
|
| + else
|
| + expected_output_values.push_back(test[i].expected_output_values[j]);
|
| + }
|
| + }
|
| +
|
| + std::vector<std::string> output_values =
|
| + DataReductionProxyTamperDetection::GetHeaderValues(
|
| + headers, test[i].header_name);
|
| + EXPECT_EQ(expected_output_values, output_values);
|
| + }
|
| +}
|
| +
|
| +// Testcase for main function CheckResponseFingerprint. First generate
|
| +// simulated response from the data reduction proxy, by replacing fingerprint
|
| +// with its base64 encoded MD5 value and appending it to Chrome-Proxy header.
|
| +// Then runs through function CheckResponseFingerprint.
|
| +TEST_F(DataReductionProxyTamperDetectionTest, Completed) {
|
| + struct {
|
| + std::string raw_header;
|
| + std::string chrome_header;
|
| + bool expected_contain_tamper_detect_fingerprints;
|
| + bool expected_tampered_chrome_proxy;
|
| + bool expected_tampered_via;
|
| + bool expected_tampered_other_headers;
|
| + bool expected_tampered_content_length;
|
| + } test[] = {
|
| + // Check normal case, Chrome-Proxy fingerprint doesn't exist
|
| + {
|
| + "HTTP/1.1 200 OK \n"
|
| + "Via: a1, b2, 1.1 Chrome-Compression-Proxy\n"
|
| + "Content-Length: 12345\n"
|
| + "header1: header_1\n"
|
| + "header2: header_2\n"
|
| + "header3: header_3\n",
|
| + "a,b,c,d,e," +
|
| + std::string(tamper_detection_fingerprint_names::
|
| + kFingerprintContentLength) + "=12345," +
|
| + std::string(tamper_detection_fingerprint_names::
|
| + kFingerprintOtherHeaders) +
|
| + "=[header_1,;header_2,;header_3,;]:header1:header2:header3," +
|
| + std::string(tamper_detection_fingerprint_names::kFingerprintVia) + "=0,",
|
| + true,
|
| + false,
|
| + false,
|
| + false,
|
| + false,
|
| + },
|
| + };
|
| +
|
| + for (size_t i=0; i<ARRAYSIZE_UNSAFE(test); ++i) {
|
| + // Replace fingerprint with base64 encoded MD5 value.
|
| + ReplaceWithEncodedString(&(test[i].chrome_header));
|
| + // Generate fingerprint for Chrome-Proxy header.
|
| + std::string chrome_header_fingerprint = GetEncoded(test[i].chrome_header);
|
| + // Append Chrome-Proxy header to response headers.
|
| + test[i].raw_header += "Chrome-Proxy: " + test[i].chrome_header +
|
| + std::string(tamper_detection_fingerprint_names::
|
| + kFingerprintChromeProxy) + "=" + chrome_header_fingerprint + "\n";
|
| +
|
| + std::string raw_headers(test[i].raw_header);
|
| + HeadersToRaw(&raw_headers);
|
| + scoped_refptr<net::HttpResponseHeaders> headers =
|
| + new net::HttpResponseHeaders(raw_headers);
|
| +
|
| + // Below copying codes from CheckResponseFingerprint, with checking points
|
| + // added.
|
| + std::string chrome_proxy_fingerprint;
|
| + bool contain_chrome_proxy_fingerprint = GetDataReductionProxyActionValue(
|
| + headers,
|
| + tamper_detection_fingerprint_names::kFingerprintChromeProxy,
|
| + &chrome_proxy_fingerprint);
|
| +
|
| +
|
| + EXPECT_EQ(test[i].expected_contain_tamper_detect_fingerprints,
|
| + contain_chrome_proxy_fingerprint);
|
| + if (!contain_chrome_proxy_fingerprint)
|
| + return;
|
| + std::vector<std::string> chrome_proxy_header_values =
|
| + DataReductionProxyTamperDetection::
|
| + GetHeaderValues(headers, "Chrome-Proxy");
|
| +
|
| + DataReductionProxyTamperDetection::
|
| + RemoveChromeProxyFingerprint(&chrome_proxy_header_values);
|
| +
|
| + DataReductionProxyTamperDetection tamper_detection(
|
| + headers,
|
| + true,
|
| + 0,
|
| + &chrome_proxy_header_values);
|
| +
|
| + bool tampered_chrome_proxy =
|
| + tamper_detection.IsChromeProxyHeaderTampered(chrome_proxy_fingerprint);
|
| + EXPECT_EQ(test[i].expected_tampered_chrome_proxy, tampered_chrome_proxy);
|
| + if (tampered_chrome_proxy)
|
| + return;
|
| +
|
| + // Checks other fingerprints.
|
| + const char* fingerprint_names[] = {
|
| + data_reduction_proxy::tamper_detection_fingerprint_names::
|
| + kFingerprintVia,
|
| + data_reduction_proxy::tamper_detection_fingerprint_names::
|
| + kFingerprintOtherHeaders,
|
| + data_reduction_proxy::tamper_detection_fingerprint_names::
|
| + kFingerprintContentLength
|
| + };
|
| +
|
| + for (size_t j = 0; j < ARRAYSIZE_UNSAFE(fingerprint_names); ++j) {
|
| + std::string fingerprint;
|
| + if (!GetDataReductionProxyActionValue(
|
| + headers, fingerprint_names[j], &fingerprint)) {
|
| + continue;
|
| + }
|
| +
|
| + bool tampered = false;
|
| + DataReductionProxyTamperDetection::FingerprintCode fingerprint_code =
|
| + tamper_detection.GetFingerprintCode(fingerprint_names[i]);
|
| + switch (fingerprint_code) {
|
| + case DataReductionProxyTamperDetection::VIA:
|
| + tampered = tamper_detection.IsViaHeaderTampered(fingerprint);
|
| + EXPECT_EQ(test[i].expected_tampered_via, tampered);
|
| + break;
|
| + case DataReductionProxyTamperDetection::OTHERHEADERS:
|
| + tampered = tamper_detection.AreOtherHeadersTampered(fingerprint);
|
| + EXPECT_EQ(test[i].expected_tampered_other_headers, tampered);
|
| + break;
|
| + case DataReductionProxyTamperDetection::CONTENTLENGTH:
|
| + tampered = tamper_detection.IsContentLengthHeaderTampered(fingerprint);
|
| + EXPECT_EQ(test[i].expected_tampered_content_length, tampered);
|
| + break;
|
| + default:
|
| + NOTREACHED();
|
| + break;
|
| + }
|
| + }
|
| + return;
|
| + }
|
| +}
|
| +
|
| +} // namespace
|
|
|
Chromium Code Reviews
Issue 338483002:
Chrome Participated Tamper Detect (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master