OLD | NEW |
1 /* | 1 /* |
2 * Copyright (c) 2013, Google Inc. All rights reserved. | 2 * Copyright (c) 2013, Google Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
6 * met: | 6 * met: |
7 * | 7 * |
8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
(...skipping 136 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
147 { "https://example.test:1212/image.png", "https://example.test:1212/imag
e.png" }, | 147 { "https://example.test:1212/image.png", "https://example.test:1212/imag
e.png" }, |
148 | 148 |
149 { "ftp://example.test/image.png", "ftp://example.test/image.png" }, | 149 { "ftp://example.test/image.png", "ftp://example.test/image.png" }, |
150 { "ftp://example.test:21/image.png", "ftp://example.test:21/image.png" }
, | 150 { "ftp://example.test:21/image.png", "ftp://example.test:21/image.png" }
, |
151 { "ftp://example.test:1212/image.png", "ftp://example.test:1212/image.pn
g" }, | 151 { "ftp://example.test:1212/image.png", "ftp://example.test:1212/image.pn
g" }, |
152 }; | 152 }; |
153 | 153 |
154 document->setInsecureRequestsPolicy(SecurityContext::InsecureRequestsUpgrade
); | 154 document->setInsecureRequestsPolicy(SecurityContext::InsecureRequestsUpgrade
); |
155 | 155 |
156 for (auto test : tests) { | 156 for (auto test : tests) { |
157 // secureOrigin's host is 'secureorigin.test', not 'example.test' | 157 document->insecureNavigationsToUpgrade()->clear(); |
158 document->setSecurityOrigin(secureOrigin); | |
159 | 158 |
160 // We always upgrade for FrameTypeNone and FrameTypeNested. | 159 // We always upgrade for FrameTypeNone and FrameTypeNested. |
161 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeNone, test.upgraded); | 160 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeNone, test.upgraded); |
162 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeNested, test.upgraded); | 161 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeNested, test.upgraded); |
163 | 162 |
164 // We do not upgrade for FrameTypeTopLevel or FrameTypeAuxiliary... | 163 // We do not upgrade for FrameTypeTopLevel or FrameTypeAuxiliary... |
165 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeTopLevel, test.original); | 164 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeTopLevel, test.original); |
166 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeAuxiliary, test.original); | 165 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeAuxiliary, test.original); |
167 | 166 |
168 // unless the request context is RequestContextForm. | 167 // unless the request context is RequestContextForm. |
169 expectUpgrade(test.original, WebURLRequest::RequestContextForm, WebURLRe
quest::FrameTypeTopLevel, test.upgraded); | 168 expectUpgrade(test.original, WebURLRequest::RequestContextForm, WebURLRe
quest::FrameTypeTopLevel, test.upgraded); |
170 expectUpgrade(test.original, WebURLRequest::RequestContextForm, WebURLRe
quest::FrameTypeAuxiliary, test.upgraded); | 169 expectUpgrade(test.original, WebURLRequest::RequestContextForm, WebURLRe
quest::FrameTypeAuxiliary, test.upgraded); |
171 | 170 |
172 // Or unless the host of the document matches the host of the resource: | 171 // Or unless the host of the resource is in the document's InsecureNavig
ationsSet: |
173 document->setSecurityOrigin(exampleOrigin); | 172 document->addInsecureNavigationUpgrade(exampleOrigin->host()); |
174 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeTopLevel, test.upgraded); | 173 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeTopLevel, test.upgraded); |
175 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeAuxiliary, test.upgraded); | 174 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeAuxiliary, test.upgraded); |
176 } | 175 } |
177 } | 176 } |
178 | 177 |
179 TEST_F(ResourceFetcherUpgradeTest, DoNotUpgradeInsecureResourceRequests) | 178 TEST_F(ResourceFetcherUpgradeTest, DoNotUpgradeInsecureResourceRequests) |
180 { | 179 { |
181 document->setSecurityOrigin(secureOrigin); | 180 document->setSecurityOrigin(secureOrigin); |
182 document->setInsecureRequestsPolicy(SecurityContext::InsecureRequestsDoNotUp
grade); | 181 document->setInsecureRequestsPolicy(SecurityContext::InsecureRequestsDoNotUp
grade); |
183 | 182 |
(...skipping 95 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
279 expectHeader("http://www.example.com/1.gif", "DPR", false, ""); | 278 expectHeader("http://www.example.com/1.gif", "DPR", false, ""); |
280 expectHeader("http://www.example.com/1.gif", "RW", false, ""); | 279 expectHeader("http://www.example.com/1.gif", "RW", false, ""); |
281 | 280 |
282 dummyPageHolder->frame().setShouldSendDPRHint(); | 281 dummyPageHolder->frame().setShouldSendDPRHint(); |
283 dummyPageHolder->frame().setShouldSendRWHint(); | 282 dummyPageHolder->frame().setShouldSendRWHint(); |
284 expectHeader("http://www.example.com/1.gif", "DPR", true, "1"); | 283 expectHeader("http://www.example.com/1.gif", "DPR", true, "1"); |
285 expectHeader("http://www.example.com/1.gif", "RW", true, "500"); | 284 expectHeader("http://www.example.com/1.gif", "RW", true, "500"); |
286 } | 285 } |
287 | 286 |
288 } // namespace | 287 } // namespace |
OLD | NEW |