OLD | NEW |
1 /* | 1 /* |
2 * Copyright (c) 2013, Google Inc. All rights reserved. | 2 * Copyright (c) 2013, Google Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
6 * met: | 6 * met: |
7 * | 7 * |
8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
(...skipping 136 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
147 { "https://example.test:1212/image.png", "https://example.test:1212/imag
e.png" }, | 147 { "https://example.test:1212/image.png", "https://example.test:1212/imag
e.png" }, |
148 | 148 |
149 { "ftp://example.test/image.png", "ftp://example.test/image.png" }, | 149 { "ftp://example.test/image.png", "ftp://example.test/image.png" }, |
150 { "ftp://example.test:21/image.png", "ftp://example.test:21/image.png" }
, | 150 { "ftp://example.test:21/image.png", "ftp://example.test:21/image.png" }
, |
151 { "ftp://example.test:1212/image.png", "ftp://example.test:1212/image.pn
g" }, | 151 { "ftp://example.test:1212/image.png", "ftp://example.test:1212/image.pn
g" }, |
152 }; | 152 }; |
153 | 153 |
154 document->setInsecureRequestsPolicy(SecurityContext::InsecureRequestsUpgrade
); | 154 document->setInsecureRequestsPolicy(SecurityContext::InsecureRequestsUpgrade
); |
155 | 155 |
156 for (auto test : tests) { | 156 for (auto test : tests) { |
157 document->insecureNavigationsToUpgrade()->clear(); | 157 // secureOrigin's host is 'secureorigin.test', not 'example.test' |
| 158 document->setSecurityOrigin(secureOrigin); |
158 | 159 |
159 // We always upgrade for FrameTypeNone and FrameTypeNested. | 160 // We always upgrade for FrameTypeNone and FrameTypeNested. |
160 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeNone, test.upgraded); | 161 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeNone, test.upgraded); |
161 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeNested, test.upgraded); | 162 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeNested, test.upgraded); |
162 | 163 |
163 // We do not upgrade for FrameTypeTopLevel or FrameTypeAuxiliary... | 164 // We do not upgrade for FrameTypeTopLevel or FrameTypeAuxiliary... |
164 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeTopLevel, test.original); | 165 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeTopLevel, test.original); |
165 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeAuxiliary, test.original); | 166 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeAuxiliary, test.original); |
166 | 167 |
167 // unless the request context is RequestContextForm. | 168 // unless the request context is RequestContextForm. |
168 expectUpgrade(test.original, WebURLRequest::RequestContextForm, WebURLRe
quest::FrameTypeTopLevel, test.upgraded); | 169 expectUpgrade(test.original, WebURLRequest::RequestContextForm, WebURLRe
quest::FrameTypeTopLevel, test.upgraded); |
169 expectUpgrade(test.original, WebURLRequest::RequestContextForm, WebURLRe
quest::FrameTypeAuxiliary, test.upgraded); | 170 expectUpgrade(test.original, WebURLRequest::RequestContextForm, WebURLRe
quest::FrameTypeAuxiliary, test.upgraded); |
170 | 171 |
171 // Or unless the host of the resource is in the document's InsecureNavig
ationsSet: | 172 // Or unless the host of the document matches the host of the resource: |
172 document->addInsecureNavigationUpgrade(exampleOrigin->host()); | 173 document->setSecurityOrigin(exampleOrigin); |
173 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeTopLevel, test.upgraded); | 174 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeTopLevel, test.upgraded); |
174 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeAuxiliary, test.upgraded); | 175 expectUpgrade(test.original, WebURLRequest::RequestContextScript, WebURL
Request::FrameTypeAuxiliary, test.upgraded); |
175 } | 176 } |
176 } | 177 } |
177 | 178 |
178 TEST_F(ResourceFetcherUpgradeTest, DoNotUpgradeInsecureResourceRequests) | 179 TEST_F(ResourceFetcherUpgradeTest, DoNotUpgradeInsecureResourceRequests) |
179 { | 180 { |
180 document->setSecurityOrigin(secureOrigin); | 181 document->setSecurityOrigin(secureOrigin); |
181 document->setInsecureRequestsPolicy(SecurityContext::InsecureRequestsDoNotUp
grade); | 182 document->setInsecureRequestsPolicy(SecurityContext::InsecureRequestsDoNotUp
grade); |
182 | 183 |
(...skipping 95 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
278 expectHeader("http://www.example.com/1.gif", "DPR", false, ""); | 279 expectHeader("http://www.example.com/1.gif", "DPR", false, ""); |
279 expectHeader("http://www.example.com/1.gif", "RW", false, ""); | 280 expectHeader("http://www.example.com/1.gif", "RW", false, ""); |
280 | 281 |
281 dummyPageHolder->frame().setShouldSendDPRHint(); | 282 dummyPageHolder->frame().setShouldSendDPRHint(); |
282 dummyPageHolder->frame().setShouldSendRWHint(); | 283 dummyPageHolder->frame().setShouldSendRWHint(); |
283 expectHeader("http://www.example.com/1.gif", "DPR", true, "1"); | 284 expectHeader("http://www.example.com/1.gif", "DPR", true, "1"); |
284 expectHeader("http://www.example.com/1.gif", "RW", true, "500"); | 285 expectHeader("http://www.example.com/1.gif", "RW", true, "500"); |
285 } | 286 } |
286 | 287 |
287 } // namespace | 288 } // namespace |
OLD | NEW |