Index: net/url_request/url_request_unittest.cc |
diff --git a/net/url_request/url_request_unittest.cc b/net/url_request/url_request_unittest.cc |
index 1d777dc50b9068f9e455b6d93e5dde4269161b57..c27422a87e1ad832055778cc20c2436b6027d5e8 100644 |
--- a/net/url_request/url_request_unittest.cc |
+++ b/net/url_request/url_request_unittest.cc |
@@ -2827,6 +2827,59 @@ class URLRequestTestHTTP : public URLRequestTest { |
return &test_server_; |
} |
+ void VerifyReferrerPolicyAfterRedirect(URLRequest::ReferrerPolicy policy, |
+ SpawnedTestServer::Type origin, |
+ SpawnedTestServer::Type destination, |
+ const std::string& referrer, |
+ const std::string& expected) { |
+ // Spin up the servers. |
+ SpawnedTestServer https_test_server( |
+ SpawnedTestServer::TYPE_HTTPS, SpawnedTestServer::kLocalhost, |
+ base::FilePath(FILE_PATH_LITERAL("net/data/ssl"))); |
+ ASSERT_TRUE(https_test_server.Start()); |
+ ASSERT_TRUE(test_server_.Start()); |
+ |
+ // Create and execute the request. |
+ GURL destination_url = destination == SpawnedTestServer::TYPE_HTTP |
+ ? test_server_.GetURL(std::string()) |
+ : https_test_server.GetURL(std::string()); |
+ GURL origin_url = |
+ origin == SpawnedTestServer::TYPE_HTTP |
+ ? test_server_.GetURL("server-redirect?" + destination_url.spec()) |
+ : https_test_server.GetURL("server-redirect?" + |
+ destination_url.spec()); |
+ |
+ std::string original_referrer = referrer; |
+ ReplaceFirstSubstringAfterOffset(&original_referrer, 0, "[HTTP_ORIGIN]", |
+ test_server_.GetURL(std::string()).spec()); |
+ ReplaceFirstSubstringAfterOffset( |
+ &original_referrer, 0, "[HTTPS_ORIGIN]", |
+ https_test_server.GetURL(std::string()).spec()); |
+ |
+ std::string expected_referrer = expected; |
+ ReplaceFirstSubstringAfterOffset(&expected_referrer, 0, "[HTTP_ORIGIN]", |
+ test_server_.GetURL(std::string()).spec()); |
+ ReplaceFirstSubstringAfterOffset( |
+ &expected_referrer, 0, "[HTTPS_ORIGIN]", |
+ https_test_server.GetURL(std::string()).spec()); |
Mike West
2014/11/19 09:57:37
This bit is fairly hideous. Since I don't know the
|
+ |
+ TestDelegate d; |
+ scoped_ptr<URLRequest> req( |
+ default_context_.CreateRequest(origin_url, DEFAULT_PRIORITY, &d, NULL)); |
+ req->set_referrer_policy(policy); |
+ req->SetReferrer(original_referrer); |
+ req->Start(); |
+ base::RunLoop().Run(); |
+ |
+ EXPECT_EQ(1, d.response_started_count()); |
+ EXPECT_EQ(1, d.received_redirect_count()); |
+ EXPECT_EQ(destination_url, req->url()); |
+ EXPECT_EQ(expected_referrer, req->referrer()); |
+ |
+ ASSERT_TRUE(test_server_.Stop()); |
+ ASSERT_TRUE(https_test_server.Stop()); |
+ } |
+ |
protected: |
LocalHttpTestServer test_server_; |
}; |
@@ -3913,30 +3966,98 @@ TEST_F(URLRequestTestHTTP, GetZippedTest) { |
} |
} |
-TEST_F(URLRequestTestHTTP, HTTPSToHTTPRedirectNoRefererTest) { |
- ASSERT_TRUE(test_server_.Start()); |
+TEST_F(URLRequestTestHTTP, ReferrerPolicyClearRefererOnTransition) { |
+ VerifyReferrerPolicyAfterRedirect( |
+ URLRequest::CLEAR_REFERRER_ON_TRANSITION_FROM_SECURE_TO_INSECURE, |
+ SpawnedTestServer::TYPE_HTTPS, SpawnedTestServer::TYPE_HTTPS, |
+ "https://www.referrer.com/path/to/file.html", |
+ "https://www.referrer.com/path/to/file.html"); |
- SpawnedTestServer https_test_server( |
- SpawnedTestServer::TYPE_HTTPS, SpawnedTestServer::kLocalhost, |
- base::FilePath(FILE_PATH_LITERAL("net/data/ssl"))); |
- ASSERT_TRUE(https_test_server.Start()); |
+ VerifyReferrerPolicyAfterRedirect( |
+ URLRequest::CLEAR_REFERRER_ON_TRANSITION_FROM_SECURE_TO_INSECURE, |
+ SpawnedTestServer::TYPE_HTTPS, SpawnedTestServer::TYPE_HTTP, |
+ "https://www.referrer.com/path/to/file.html", ""); |
- // An https server is sent a request with an https referer, |
- // and responds with a redirect to an http url. The http |
- // server should not be sent the referer. |
- GURL http_destination = test_server_.GetURL(std::string()); |
- TestDelegate d; |
- scoped_ptr<URLRequest> req(default_context_.CreateRequest( |
- https_test_server.GetURL("server-redirect?" + http_destination.spec()), |
- DEFAULT_PRIORITY, &d, NULL)); |
- req->SetReferrer("https://www.referrer.com/"); |
- req->Start(); |
- base::RunLoop().Run(); |
+ VerifyReferrerPolicyAfterRedirect( |
+ URLRequest::CLEAR_REFERRER_ON_TRANSITION_FROM_SECURE_TO_INSECURE, |
+ SpawnedTestServer::TYPE_HTTP, SpawnedTestServer::TYPE_HTTPS, |
+ "http://www.referrer.com/path/to/file.html", |
+ "http://www.referrer.com/path/to/file.html"); |
- EXPECT_EQ(1, d.response_started_count()); |
- EXPECT_EQ(1, d.received_redirect_count()); |
- EXPECT_EQ(http_destination, req->url()); |
- EXPECT_EQ(std::string(), req->referrer()); |
+ VerifyReferrerPolicyAfterRedirect( |
+ URLRequest::CLEAR_REFERRER_ON_TRANSITION_FROM_SECURE_TO_INSECURE, |
+ SpawnedTestServer::TYPE_HTTP, SpawnedTestServer::TYPE_HTTP, |
+ "http://www.referrer.com/path/to/file.html", |
+ "http://www.referrer.com/path/to/file.html"); |
+} |
+ |
+TEST_F(URLRequestTestHTTP, ReferrerPolicyNeverClearReferer) { |
+ VerifyReferrerPolicyAfterRedirect( |
+ URLRequest::NEVER_CLEAR_REFERRER, SpawnedTestServer::TYPE_HTTPS, |
+ SpawnedTestServer::TYPE_HTTPS, |
+ "https://www.referrer.com/path/to/file.html", |
+ "https://www.referrer.com/path/to/file.html"); |
+ |
+ VerifyReferrerPolicyAfterRedirect( |
+ URLRequest::NEVER_CLEAR_REFERRER, SpawnedTestServer::TYPE_HTTPS, |
+ SpawnedTestServer::TYPE_HTTP, |
+ "https://www.referrer.com/path/to/file.html", |
+ "https://www.referrer.com/path/to/file.html"); |
+ |
+ VerifyReferrerPolicyAfterRedirect( |
+ URLRequest::NEVER_CLEAR_REFERRER, SpawnedTestServer::TYPE_HTTP, |
+ SpawnedTestServer::TYPE_HTTPS, |
+ "http://www.referrer.com/path/to/file.html", |
+ "http://www.referrer.com/path/to/file.html"); |
+ |
+ VerifyReferrerPolicyAfterRedirect( |
+ URLRequest::NEVER_CLEAR_REFERRER, SpawnedTestServer::TYPE_HTTP, |
+ SpawnedTestServer::TYPE_HTTP, "http://www.referrer.com/path/to/file.html", |
+ "http://www.referrer.com/path/to/file.html"); |
+} |
+ |
+TEST_F(URLRequestTestHTTP, ReferrerPolicyReduceReferrerGranularity) { |
+ VerifyReferrerPolicyAfterRedirect( |
+ URLRequest::REDUCE_REFERRER_GRANULARITY_ON_TRANSITION_CROSS_ORIGIN, |
+ SpawnedTestServer::TYPE_HTTPS, SpawnedTestServer::TYPE_HTTPS, |
+ "[HTTPS_ORIGIN]path/to/file.html", "[HTTPS_ORIGIN]path/to/file.html"); |
+ |
+ VerifyReferrerPolicyAfterRedirect( |
+ URLRequest::REDUCE_REFERRER_GRANULARITY_ON_TRANSITION_CROSS_ORIGIN, |
+ SpawnedTestServer::TYPE_HTTPS, SpawnedTestServer::TYPE_HTTP, |
+ "[HTTPS_ORIGIN]path/to/file.html", ""); |
+ |
+ VerifyReferrerPolicyAfterRedirect( |
+ URLRequest::REDUCE_REFERRER_GRANULARITY_ON_TRANSITION_CROSS_ORIGIN, |
+ SpawnedTestServer::TYPE_HTTP, SpawnedTestServer::TYPE_HTTPS, |
+ "[HTTP_ORIGIN]path/to/file.html", "[HTTP_ORIGIN]"); |
+ |
+ VerifyReferrerPolicyAfterRedirect( |
+ URLRequest::REDUCE_REFERRER_GRANULARITY_ON_TRANSITION_CROSS_ORIGIN, |
+ SpawnedTestServer::TYPE_HTTP, SpawnedTestServer::TYPE_HTTP, |
+ "[HTTP_ORIGIN]path/to/file.html", "[HTTP_ORIGIN]path/to/file.html"); |
+} |
+ |
+TEST_F(URLRequestTestHTTP, ReferrerPolicyOriginOnly) { |
+ VerifyReferrerPolicyAfterRedirect( |
+ URLRequest::ORIGIN_ONLY_ON_TRANSITION_CROSS_ORIGIN, |
+ SpawnedTestServer::TYPE_HTTPS, SpawnedTestServer::TYPE_HTTPS, |
+ "[HTTPS_ORIGIN]path/to/file.html", "[HTTPS_ORIGIN]path/to/file.html"); |
+ |
+ VerifyReferrerPolicyAfterRedirect( |
+ URLRequest::ORIGIN_ONLY_ON_TRANSITION_CROSS_ORIGIN, |
+ SpawnedTestServer::TYPE_HTTPS, SpawnedTestServer::TYPE_HTTP, |
+ "[HTTPS_ORIGIN]path/to/file.html", "[HTTPS_ORIGIN]"); |
+ |
+ VerifyReferrerPolicyAfterRedirect( |
+ URLRequest::ORIGIN_ONLY_ON_TRANSITION_CROSS_ORIGIN, |
+ SpawnedTestServer::TYPE_HTTP, SpawnedTestServer::TYPE_HTTPS, |
+ "[HTTP_ORIGIN]path/to/file.html", "[HTTP_ORIGIN]"); |
+ |
+ VerifyReferrerPolicyAfterRedirect( |
+ URLRequest::ORIGIN_ONLY_ON_TRANSITION_CROSS_ORIGIN, |
+ SpawnedTestServer::TYPE_HTTP, SpawnedTestServer::TYPE_HTTP, |
+ "[HTTP_ORIGIN]path/to/file.html", "[HTTP_ORIGIN]path/to/file.html"); |
} |
TEST_F(URLRequestTestHTTP, RedirectLoadTiming) { |