Index: net/url_request/url_request_unittest.cc |
diff --git a/net/url_request/url_request_unittest.cc b/net/url_request/url_request_unittest.cc |
index 1d777dc50b9068f9e455b6d93e5dde4269161b57..843a3a3203d996d0e67d5079bcba9cb55122848c 100644 |
--- a/net/url_request/url_request_unittest.cc |
+++ b/net/url_request/url_request_unittest.cc |
@@ -3913,32 +3913,6 @@ TEST_F(URLRequestTestHTTP, GetZippedTest) { |
} |
} |
-TEST_F(URLRequestTestHTTP, HTTPSToHTTPRedirectNoRefererTest) { |
- ASSERT_TRUE(test_server_.Start()); |
- |
- SpawnedTestServer https_test_server( |
- SpawnedTestServer::TYPE_HTTPS, SpawnedTestServer::kLocalhost, |
- base::FilePath(FILE_PATH_LITERAL("net/data/ssl"))); |
- ASSERT_TRUE(https_test_server.Start()); |
- |
- // An https server is sent a request with an https referer, |
- // and responds with a redirect to an http url. The http |
- // server should not be sent the referer. |
- GURL http_destination = test_server_.GetURL(std::string()); |
- TestDelegate d; |
- scoped_ptr<URLRequest> req(default_context_.CreateRequest( |
- https_test_server.GetURL("server-redirect?" + http_destination.spec()), |
- DEFAULT_PRIORITY, &d, NULL)); |
- req->SetReferrer("https://www.referrer.com/"); |
- req->Start(); |
- base::RunLoop().Run(); |
- |
- EXPECT_EQ(1, d.response_started_count()); |
- EXPECT_EQ(1, d.received_redirect_count()); |
- EXPECT_EQ(http_destination, req->url()); |
- EXPECT_EQ(std::string(), req->referrer()); |
-} |
- |
TEST_F(URLRequestTestHTTP, RedirectLoadTiming) { |
ASSERT_TRUE(test_server_.Start()); |
@@ -6727,6 +6701,208 @@ TEST_F(URLRequestInterceptorTestHTTP, |
EXPECT_EQ(2, default_network_delegate()->headers_received_count()); |
} |
+class URLRequestTestReferrerPolicy : public URLRequestTest { |
+ public: |
+ URLRequestTestReferrerPolicy() {} |
+ |
+ void InstantiateServers(SpawnedTestServer::Type origin_type, |
+ const char* origin_hostname, |
+ SpawnedTestServer::Type destination_type, |
+ const char* destination_hostname) { |
+ origin_server_.reset(new SpawnedTestServer( |
+ origin_type, origin_hostname, |
+ origin_type == SpawnedTestServer::TYPE_HTTPS |
+ ? base::FilePath(FILE_PATH_LITERAL("net/data/ssl")) |
+ : base::FilePath( |
+ FILE_PATH_LITERAL("net/data/url_request_unittest")))); |
+ ASSERT_TRUE(origin_server_->Start()); |
+ |
+ if (origin_type != destination_type || |
+ origin_hostname != destination_hostname) { |
+ destination_server_.reset(new SpawnedTestServer( |
+ destination_type, destination_hostname, |
+ destination_type == SpawnedTestServer::TYPE_HTTPS |
+ ? base::FilePath(FILE_PATH_LITERAL("net/data/ssl")) |
+ : base::FilePath( |
+ FILE_PATH_LITERAL("net/data/url_request_unittest")))); |
+ ASSERT_TRUE(destination_server_->Start()); |
+ } |
+ } |
+ |
+ void VerifyReferrerAfterRedirect(URLRequest::ReferrerPolicy policy, |
+ const GURL& referrer, |
+ const GURL& expected) { |
+ // Create and execute the request: we'll only have a |destination_server_| |
+ // if the origins are meant to be distinct. Otherwise, we'll use the |
+ // |origin_server_| for both endpoints. |
+ GURL destination_url = destination_server_ |
+ ? destination_server_->GetURL(std::string()) |
+ : origin_server_->GetURL(std::string()); |
mmenke
2014/11/20 16:23:45
Maybe use GetURL("/echoheader?Referrer"), and then
Mike West
2014/11/21 09:29:29
Good idea! Done.
|
+ GURL origin_url = |
+ origin_server_->GetURL("server-redirect?" + destination_url.spec()); |
+ |
+ TestDelegate d; |
+ scoped_ptr<URLRequest> req( |
+ default_context_.CreateRequest(origin_url, DEFAULT_PRIORITY, &d, NULL)); |
+ req->set_referrer_policy(policy); |
+ req->SetReferrer(referrer.spec()); |
+ req->Start(); |
+ base::RunLoop().Run(); |
+ |
+ EXPECT_EQ(1, d.response_started_count()); |
+ EXPECT_EQ(1, d.received_redirect_count()); |
+ EXPECT_EQ(destination_url, req->url()); |
mmenke
2014/11/20 16:23:45
Maybe add "EXPECT_EQ(200, req->response_headers()-
Mike West
2014/11/21 09:29:29
The paranoia was justified! HTTPS SpawnedTestServe
|
+ |
+ EXPECT_EQ(expected.spec(), req->referrer()); |
+ } |
+ |
+ protected: |
mmenke
2014/11/20 16:23:45
Style guide requires all class variables be privat
Mike West
2014/11/21 09:29:29
Done.
|
+ scoped_ptr<SpawnedTestServer> origin_server_; |
+ scoped_ptr<SpawnedTestServer> destination_server_; |
+}; |
+ |
+TEST_F(URLRequestTestReferrerPolicy, HTTPToSameOriginHTTP) { |
+ InstantiateServers(SpawnedTestServer::TYPE_HTTP, "127.0.0.1", |
+ SpawnedTestServer::TYPE_HTTP, "127.0.0.1"); |
+ |
+ VerifyReferrerAfterRedirect( |
+ URLRequest::CLEAR_REFERRER_ON_TRANSITION_FROM_SECURE_TO_INSECURE, |
+ origin_server_->GetURL("path/to/file.html"), |
+ origin_server_->GetURL("path/to/file.html")); |
+ |
+ VerifyReferrerAfterRedirect( |
+ URLRequest::REDUCE_REFERRER_GRANULARITY_ON_TRANSITION_CROSS_ORIGIN, |
+ origin_server_->GetURL("path/to/file.html"), |
+ origin_server_->GetURL("path/to/file.html")); |
+ |
+ VerifyReferrerAfterRedirect( |
+ URLRequest::ORIGIN_ONLY_ON_TRANSITION_CROSS_ORIGIN, |
+ origin_server_->GetURL("path/to/file.html"), |
+ origin_server_->GetURL("path/to/file.html")); |
+ |
+ VerifyReferrerAfterRedirect(URLRequest::NEVER_CLEAR_REFERRER, |
+ origin_server_->GetURL("path/to/file.html"), |
+ origin_server_->GetURL("path/to/file.html")); |
+} |
+ |
+TEST_F(URLRequestTestReferrerPolicy, HTTPToCrossOriginHTTP) { |
+ InstantiateServers(SpawnedTestServer::TYPE_HTTP, "127.0.0.1", |
+ SpawnedTestServer::TYPE_HTTP, "localhost"); |
+ |
+ VerifyReferrerAfterRedirect( |
+ URLRequest::CLEAR_REFERRER_ON_TRANSITION_FROM_SECURE_TO_INSECURE, |
+ origin_server_->GetURL("path/to/file.html"), |
+ origin_server_->GetURL("path/to/file.html")); |
+ |
+ VerifyReferrerAfterRedirect( |
+ URLRequest::REDUCE_REFERRER_GRANULARITY_ON_TRANSITION_CROSS_ORIGIN, |
+ origin_server_->GetURL("path/to/file.html"), |
+ origin_server_->GetURL(std::string())); |
+ |
+ VerifyReferrerAfterRedirect( |
+ URLRequest::ORIGIN_ONLY_ON_TRANSITION_CROSS_ORIGIN, |
+ origin_server_->GetURL("path/to/file.html"), |
+ origin_server_->GetURL(std::string())); |
+ |
+ VerifyReferrerAfterRedirect(URLRequest::NEVER_CLEAR_REFERRER, |
+ origin_server_->GetURL("path/to/file.html"), |
+ origin_server_->GetURL("path/to/file.html")); |
+} |
+ |
+TEST_F(URLRequestTestReferrerPolicy, HTTPSToSameOriginHTTPS) { |
+ InstantiateServers(SpawnedTestServer::TYPE_HTTPS, "127.0.0.1", |
+ SpawnedTestServer::TYPE_HTTPS, "127.0.0.1"); |
+ |
+ VerifyReferrerAfterRedirect( |
+ URLRequest::CLEAR_REFERRER_ON_TRANSITION_FROM_SECURE_TO_INSECURE, |
+ origin_server_->GetURL("path/to/file.html"), |
+ origin_server_->GetURL("path/to/file.html")); |
+ |
+ VerifyReferrerAfterRedirect( |
+ URLRequest::REDUCE_REFERRER_GRANULARITY_ON_TRANSITION_CROSS_ORIGIN, |
+ origin_server_->GetURL("path/to/file.html"), |
+ origin_server_->GetURL("path/to/file.html")); |
+ |
+ VerifyReferrerAfterRedirect( |
+ URLRequest::ORIGIN_ONLY_ON_TRANSITION_CROSS_ORIGIN, |
+ origin_server_->GetURL("path/to/file.html"), |
+ origin_server_->GetURL("path/to/file.html")); |
+ |
+ VerifyReferrerAfterRedirect(URLRequest::NEVER_CLEAR_REFERRER, |
+ origin_server_->GetURL("path/to/file.html"), |
+ origin_server_->GetURL("path/to/file.html")); |
+} |
+ |
+TEST_F(URLRequestTestReferrerPolicy, HTTPSToCrossOriginHTTPS) { |
+ InstantiateServers(SpawnedTestServer::TYPE_HTTPS, "127.0.0.1", |
+ SpawnedTestServer::TYPE_HTTPS, "localhost"); |
+ |
+ VerifyReferrerAfterRedirect( |
+ URLRequest::CLEAR_REFERRER_ON_TRANSITION_FROM_SECURE_TO_INSECURE, |
+ origin_server_->GetURL("path/to/file.html"), |
+ origin_server_->GetURL("path/to/file.html")); |
+ |
+ VerifyReferrerAfterRedirect( |
+ URLRequest::REDUCE_REFERRER_GRANULARITY_ON_TRANSITION_CROSS_ORIGIN, |
+ origin_server_->GetURL("path/to/file.html"), |
+ origin_server_->GetURL(std::string())); |
+ |
+ VerifyReferrerAfterRedirect( |
+ URLRequest::ORIGIN_ONLY_ON_TRANSITION_CROSS_ORIGIN, |
+ origin_server_->GetURL("path/to/file.html"), |
+ origin_server_->GetURL(std::string())); |
+ |
+ VerifyReferrerAfterRedirect(URLRequest::NEVER_CLEAR_REFERRER, |
+ origin_server_->GetURL("path/to/file.html"), |
+ origin_server_->GetURL("path/to/file.html")); |
+} |
+ |
+TEST_F(URLRequestTestReferrerPolicy, HTTPToHTTPS) { |
+ InstantiateServers(SpawnedTestServer::TYPE_HTTP, "127.0.0.1", |
+ SpawnedTestServer::TYPE_HTTPS, "localhost"); |
+ |
+ VerifyReferrerAfterRedirect( |
+ URLRequest::CLEAR_REFERRER_ON_TRANSITION_FROM_SECURE_TO_INSECURE, |
+ origin_server_->GetURL("path/to/file.html"), |
+ origin_server_->GetURL("path/to/file.html")); |
+ |
+ VerifyReferrerAfterRedirect( |
+ URLRequest::REDUCE_REFERRER_GRANULARITY_ON_TRANSITION_CROSS_ORIGIN, |
+ origin_server_->GetURL("path/to/file.html"), |
+ origin_server_->GetURL(std::string())); |
+ |
+ VerifyReferrerAfterRedirect( |
+ URLRequest::ORIGIN_ONLY_ON_TRANSITION_CROSS_ORIGIN, |
+ origin_server_->GetURL("path/to/file.html"), |
+ origin_server_->GetURL(std::string())); |
+ |
+ VerifyReferrerAfterRedirect(URLRequest::NEVER_CLEAR_REFERRER, |
+ origin_server_->GetURL("path/to/file.html"), |
+ origin_server_->GetURL("path/to/file.html")); |
+} |
+ |
+TEST_F(URLRequestTestReferrerPolicy, HTTPSToHTTP) { |
+ InstantiateServers(SpawnedTestServer::TYPE_HTTPS, "127.0.0.1", |
+ SpawnedTestServer::TYPE_HTTP, "localhost"); |
+ |
+ VerifyReferrerAfterRedirect( |
+ URLRequest::CLEAR_REFERRER_ON_TRANSITION_FROM_SECURE_TO_INSECURE, |
+ origin_server_->GetURL("path/to/file.html"), GURL()); |
+ |
+ VerifyReferrerAfterRedirect( |
+ URLRequest::REDUCE_REFERRER_GRANULARITY_ON_TRANSITION_CROSS_ORIGIN, |
+ origin_server_->GetURL("path/to/file.html"), GURL()); |
+ |
+ VerifyReferrerAfterRedirect( |
+ URLRequest::ORIGIN_ONLY_ON_TRANSITION_CROSS_ORIGIN, |
+ origin_server_->GetURL("path/to/file.html"), |
+ origin_server_->GetURL(std::string())); |
+ |
+ VerifyReferrerAfterRedirect(URLRequest::NEVER_CLEAR_REFERRER, |
+ origin_server_->GetURL("path/to/file.html"), |
+ origin_server_->GetURL("path/to/file.html")); |
+} |
+ |
class HTTPSRequestTest : public testing::Test { |
public: |
HTTPSRequestTest() : default_context_(true) { |