Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(3292)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/ui/browser_navigator_browsertest.cc

Issue 643963004: Unescape BiDi control chars while parsing data urls (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Add a browsertest Created 6 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | net/base/data_url.cc » ('j') | net/base/data_url_unittest.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/ui/browser_navigator_browsertest.cc
diff --git a/chrome/browser/ui/browser_navigator_browsertest.cc b/chrome/browser/ui/browser_navigator_browsertest.cc
index ac37ac9823637b1c72b0f36e4567d4e5adb9f034..6865a1454271da70e1bbee8fe511267f04f685fc 100644
--- a/chrome/browser/ui/browser_navigator_browsertest.cc
+++ b/chrome/browser/ui/browser_navigator_browsertest.cc
@@ -1376,4 +1376,37 @@ IN_PROC_BROWSER_TEST_F(BrowserNavigatorTest,
EXPECT_NE(expected_title, title);
}
+// This test navigates to a data URL that contains BiDi control
+// characters. For security reasons, BiDi control chars shouldn't be
+// unescaped in the URL but they should be escaped in the rendered page.
+IN_PROC_BROWSER_TEST_F(BrowserNavigatorTest,
mmenke 2014/10/17 15:24:43 Not sure if this is the best browsertest file for
meacer 2014/10/17 20:41:54 I looked at other browsertests but couldn't find a
+ NavigateToDataURLWithBiDiControlChars) {
+ // Uses a test sever to verify POST request.
+ ASSERT_TRUE(test_server()->Start());
mmenke 2014/10/17 15:24:43 Not needed
meacer 2014/10/17 20:41:54 Copy/paste artifact from previous test case. Remov
+ // Text in Arabic.
+ std::string text = "\xD8\xA7\xD8\xAE\xD8\xAA\xD8\xA8\xD8\xA7\xD8\xB1";
+ // Page title starts with RTL mark.
+ std::string title = "\xE2\x80\x8F" + text;
+ GURL data_url("data:text/html;charset=utf-8, <html><title>" + title +
mmenke 2014/10/17 15:24:43 Is the space before HTML needed?
meacer 2014/10/17 20:41:54 Removed.
+ "</title></html>");
+ // BiDi control chars in URLs aren't unescaped, so the expected URL should
+ // have the title with the escaped RTL mark.
mmenke 2014/10/17 15:24:43 If we're expect something not to be escape, should
meacer 2014/10/17 20:41:54 Done.
+ std::string escaped_title = "%E2%80%8F" + text;
+ GURL expected_url("data:text/html;charset=utf-8, <html><title>" +
+ escaped_title + "</title></html>");
+
+ // Navigate to the page.
+ chrome::NavigateParams p(MakeNavigateParams());
mmenke 2014/10/17 15:24:43 This name violates the google style guide. Sugges
meacer 2014/10/17 20:41:54 Another copy paste artifact. Fixed other test case
+ p.disposition = NEW_FOREGROUND_TAB;
+ p.url = GURL(data_url);
+ p.window_action = chrome::NavigateParams::SHOW_WINDOW;
+ ui_test_utils::NavigateToURL(&p);
+
+ base::string16 expected_title(base::UTF8ToUTF16(title));
+ EXPECT_TRUE(p.target_contents);
+ EXPECT_EQ(expected_url, p.target_contents->GetURL());
+ EXPECT_EQ(expected_title, p.target_contents->GetTitle());
+}
+
+
mmenke 2014/10/17 15:24:43 nit: Remove extra line break.
meacer 2014/10/17 20:41:54 Done.
} // namespace
« no previous file with comments | « no previous file | net/base/data_url.cc » ('j') | net/base/data_url_unittest.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698