OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "config.h" | 5 #include "config.h" |
6 #include "core/frame/csp/ContentSecurityPolicy.h" | 6 #include "core/frame/csp/ContentSecurityPolicy.h" |
7 | 7 |
8 #include "core/dom/Document.h" | 8 #include "core/dom/Document.h" |
9 #include "core/loader/DocumentLoader.h" | 9 #include "core/loader/DocumentLoader.h" |
10 #include "platform/RuntimeEnabledFeatures.h" | 10 #include "platform/RuntimeEnabledFeatures.h" |
(...skipping 24 matching lines...) Expand all Loading... |
35 RefPtr<ContentSecurityPolicy> csp; | 35 RefPtr<ContentSecurityPolicy> csp; |
36 KURL secureURL; | 36 KURL secureURL; |
37 RefPtr<SecurityOrigin> secureOrigin; | 37 RefPtr<SecurityOrigin> secureOrigin; |
38 RefPtrWillBePersistent<Document> document; | 38 RefPtrWillBePersistent<Document> document; |
39 }; | 39 }; |
40 | 40 |
41 TEST_F(ContentSecurityPolicyTest, ParseUpgradeInsecureRequestsDisabled) | 41 TEST_F(ContentSecurityPolicyTest, ParseUpgradeInsecureRequestsDisabled) |
42 { | 42 { |
43 RuntimeEnabledFeatures::setExperimentalContentSecurityPolicyFeaturesEnabled(
false); | 43 RuntimeEnabledFeatures::setExperimentalContentSecurityPolicyFeaturesEnabled(
false); |
44 csp->didReceiveHeader("upgrade-insecure-requests", ContentSecurityPolicyHead
erTypeEnforce, ContentSecurityPolicyHeaderSourceHTTP); | 44 csp->didReceiveHeader("upgrade-insecure-requests", ContentSecurityPolicyHead
erTypeEnforce, ContentSecurityPolicyHeaderSourceHTTP); |
45 EXPECT_EQ(SecurityContext::InsecureContentDoNotUpgrade, csp->insecureContent
Policy()); | 45 EXPECT_EQ(SecurityContext::InsecureRequestsDoNotUpgrade, csp->insecureReques
tsPolicy()); |
46 | 46 |
47 csp->bindToExecutionContext(document.get()); | 47 csp->bindToExecutionContext(document.get()); |
48 EXPECT_EQ(SecurityContext::InsecureContentDoNotUpgrade, document->insecureCo
ntentPolicy()); | 48 EXPECT_EQ(SecurityContext::InsecureRequestsDoNotUpgrade, document->insecureR
equestsPolicy()); |
49 } | 49 } |
50 | 50 |
51 TEST_F(ContentSecurityPolicyTest, ParseUpgradeInsecureRequestsEnabled) | 51 TEST_F(ContentSecurityPolicyTest, ParseUpgradeInsecureRequestsEnabled) |
52 { | 52 { |
53 RuntimeEnabledFeatures::setExperimentalContentSecurityPolicyFeaturesEnabled(
true); | 53 RuntimeEnabledFeatures::setExperimentalContentSecurityPolicyFeaturesEnabled(
true); |
54 csp->didReceiveHeader("upgrade-insecure-requests", ContentSecurityPolicyHead
erTypeEnforce, ContentSecurityPolicyHeaderSourceHTTP); | 54 csp->didReceiveHeader("upgrade-insecure-requests", ContentSecurityPolicyHead
erTypeEnforce, ContentSecurityPolicyHeaderSourceHTTP); |
55 EXPECT_EQ(SecurityContext::InsecureContentUpgrade, csp->insecureContentPolic
y()); | 55 EXPECT_EQ(SecurityContext::InsecureRequestsUpgrade, csp->insecureRequestsPol
icy()); |
56 | 56 |
57 csp->bindToExecutionContext(document.get()); | 57 csp->bindToExecutionContext(document.get()); |
58 EXPECT_EQ(SecurityContext::InsecureContentUpgrade, document->insecureContent
Policy()); | 58 EXPECT_EQ(SecurityContext::InsecureRequestsUpgrade, document->insecureReques
tsPolicy()); |
59 } | 59 } |
60 | 60 |
61 TEST_F(ContentSecurityPolicyTest, ParseMonitorInsecureRequestsDisabled) | 61 TEST_F(ContentSecurityPolicyTest, ParseMonitorInsecureRequestsDisabled) |
62 { | 62 { |
63 RuntimeEnabledFeatures::setExperimentalContentSecurityPolicyFeaturesEnabled(
false); | 63 RuntimeEnabledFeatures::setExperimentalContentSecurityPolicyFeaturesEnabled(
false); |
64 csp->didReceiveHeader("upgrade-insecure-requests", ContentSecurityPolicyHead
erTypeReport, ContentSecurityPolicyHeaderSourceHTTP); | 64 csp->didReceiveHeader("upgrade-insecure-requests", ContentSecurityPolicyHead
erTypeReport, ContentSecurityPolicyHeaderSourceHTTP); |
65 EXPECT_EQ(SecurityContext::InsecureContentDoNotUpgrade, csp->insecureContent
Policy()); | 65 EXPECT_EQ(SecurityContext::InsecureRequestsDoNotUpgrade, csp->insecureReques
tsPolicy()); |
66 | 66 |
67 csp->bindToExecutionContext(document.get()); | 67 csp->bindToExecutionContext(document.get()); |
68 EXPECT_EQ(SecurityContext::InsecureContentDoNotUpgrade, document->insecureCo
ntentPolicy()); | 68 EXPECT_EQ(SecurityContext::InsecureRequestsDoNotUpgrade, document->insecureR
equestsPolicy()); |
69 } | 69 } |
70 | 70 |
71 TEST_F(ContentSecurityPolicyTest, ParseMonitorInsecureRequestsEnabled) | 71 TEST_F(ContentSecurityPolicyTest, ParseMonitorInsecureRequestsEnabled) |
72 { | 72 { |
73 RuntimeEnabledFeatures::setExperimentalContentSecurityPolicyFeaturesEnabled(
true); | 73 RuntimeEnabledFeatures::setExperimentalContentSecurityPolicyFeaturesEnabled(
true); |
74 csp->didReceiveHeader("upgrade-insecure-requests", ContentSecurityPolicyHead
erTypeReport, ContentSecurityPolicyHeaderSourceHTTP); | 74 csp->didReceiveHeader("upgrade-insecure-requests", ContentSecurityPolicyHead
erTypeReport, ContentSecurityPolicyHeaderSourceHTTP); |
75 EXPECT_EQ(SecurityContext::InsecureContentDoNotUpgrade, csp->insecureContent
Policy()); | 75 EXPECT_EQ(SecurityContext::InsecureRequestsDoNotUpgrade, csp->insecureReques
tsPolicy()); |
76 | 76 |
77 csp->bindToExecutionContext(document.get()); | 77 csp->bindToExecutionContext(document.get()); |
78 EXPECT_EQ(SecurityContext::InsecureContentDoNotUpgrade, document->insecureCo
ntentPolicy()); | 78 EXPECT_EQ(SecurityContext::InsecureRequestsDoNotUpgrade, document->insecureR
equestsPolicy()); |
79 } | 79 } |
80 | 80 |
81 } // namespace | 81 } // namespace |
OLD | NEW |