OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "config.h" | 5 #include "config.h" |
6 #include "core/frame/csp/ContentSecurityPolicy.h" | 6 #include "core/frame/csp/ContentSecurityPolicy.h" |
7 | 7 |
8 #include "core/dom/Document.h" | 8 #include "core/dom/Document.h" |
9 #include "core/loader/DocumentLoader.h" | 9 #include "core/loader/DocumentLoader.h" |
10 #include "platform/RuntimeEnabledFeatures.h" | 10 #include "platform/RuntimeEnabledFeatures.h" |
(...skipping 28 matching lines...) Expand all Loading... |
39 }; | 39 }; |
40 | 40 |
41 TEST_F(ContentSecurityPolicyTest, ParseUpgradeInsecureRequestsDisabled) | 41 TEST_F(ContentSecurityPolicyTest, ParseUpgradeInsecureRequestsDisabled) |
42 { | 42 { |
43 RuntimeEnabledFeatures::setExperimentalContentSecurityPolicyFeaturesEnabled(
false); | 43 RuntimeEnabledFeatures::setExperimentalContentSecurityPolicyFeaturesEnabled(
false); |
44 csp->didReceiveHeader("upgrade-insecure-requests", ContentSecurityPolicyHead
erTypeEnforce, ContentSecurityPolicyHeaderSourceHTTP); | 44 csp->didReceiveHeader("upgrade-insecure-requests", ContentSecurityPolicyHead
erTypeEnforce, ContentSecurityPolicyHeaderSourceHTTP); |
45 EXPECT_EQ(SecurityContext::InsecureRequestsDoNotUpgrade, csp->insecureReques
tsPolicy()); | 45 EXPECT_EQ(SecurityContext::InsecureRequestsDoNotUpgrade, csp->insecureReques
tsPolicy()); |
46 | 46 |
47 csp->bindToExecutionContext(document.get()); | 47 csp->bindToExecutionContext(document.get()); |
48 EXPECT_EQ(SecurityContext::InsecureRequestsDoNotUpgrade, document->insecureR
equestsPolicy()); | 48 EXPECT_EQ(SecurityContext::InsecureRequestsDoNotUpgrade, document->insecureR
equestsPolicy()); |
49 EXPECT_FALSE(document->insecureNavigationsToUpgrade()->contains(secureOrigin
->host().impl()->hash())); | |
50 } | 49 } |
51 | 50 |
52 TEST_F(ContentSecurityPolicyTest, ParseUpgradeInsecureRequestsEnabled) | 51 TEST_F(ContentSecurityPolicyTest, ParseUpgradeInsecureRequestsEnabled) |
53 { | 52 { |
54 RuntimeEnabledFeatures::setExperimentalContentSecurityPolicyFeaturesEnabled(
true); | 53 RuntimeEnabledFeatures::setExperimentalContentSecurityPolicyFeaturesEnabled(
true); |
55 csp->didReceiveHeader("upgrade-insecure-requests", ContentSecurityPolicyHead
erTypeEnforce, ContentSecurityPolicyHeaderSourceHTTP); | 54 csp->didReceiveHeader("upgrade-insecure-requests", ContentSecurityPolicyHead
erTypeEnforce, ContentSecurityPolicyHeaderSourceHTTP); |
56 EXPECT_EQ(SecurityContext::InsecureRequestsUpgrade, csp->insecureRequestsPol
icy()); | 55 EXPECT_EQ(SecurityContext::InsecureRequestsUpgrade, csp->insecureRequestsPol
icy()); |
57 | 56 |
58 csp->bindToExecutionContext(document.get()); | 57 csp->bindToExecutionContext(document.get()); |
59 EXPECT_EQ(SecurityContext::InsecureRequestsUpgrade, document->insecureReques
tsPolicy()); | 58 EXPECT_EQ(SecurityContext::InsecureRequestsUpgrade, document->insecureReques
tsPolicy()); |
60 EXPECT_TRUE(document->insecureNavigationsToUpgrade()->contains(secureOrigin-
>host().impl()->hash())); | |
61 } | 59 } |
62 | 60 |
63 TEST_F(ContentSecurityPolicyTest, ParseMonitorInsecureRequestsDisabled) | 61 TEST_F(ContentSecurityPolicyTest, ParseMonitorInsecureRequestsDisabled) |
64 { | 62 { |
65 RuntimeEnabledFeatures::setExperimentalContentSecurityPolicyFeaturesEnabled(
false); | 63 RuntimeEnabledFeatures::setExperimentalContentSecurityPolicyFeaturesEnabled(
false); |
66 csp->didReceiveHeader("upgrade-insecure-requests", ContentSecurityPolicyHead
erTypeReport, ContentSecurityPolicyHeaderSourceHTTP); | 64 csp->didReceiveHeader("upgrade-insecure-requests", ContentSecurityPolicyHead
erTypeReport, ContentSecurityPolicyHeaderSourceHTTP); |
67 EXPECT_EQ(SecurityContext::InsecureRequestsDoNotUpgrade, csp->insecureReques
tsPolicy()); | 65 EXPECT_EQ(SecurityContext::InsecureRequestsDoNotUpgrade, csp->insecureReques
tsPolicy()); |
68 | 66 |
69 csp->bindToExecutionContext(document.get()); | 67 csp->bindToExecutionContext(document.get()); |
70 EXPECT_EQ(SecurityContext::InsecureRequestsDoNotUpgrade, document->insecureR
equestsPolicy()); | 68 EXPECT_EQ(SecurityContext::InsecureRequestsDoNotUpgrade, document->insecureR
equestsPolicy()); |
71 EXPECT_FALSE(document->insecureNavigationsToUpgrade()->contains(secureOrigin
->host().impl()->hash())); | |
72 } | 69 } |
73 | 70 |
74 TEST_F(ContentSecurityPolicyTest, ParseMonitorInsecureRequestsEnabled) | 71 TEST_F(ContentSecurityPolicyTest, ParseMonitorInsecureRequestsEnabled) |
75 { | 72 { |
76 RuntimeEnabledFeatures::setExperimentalContentSecurityPolicyFeaturesEnabled(
true); | 73 RuntimeEnabledFeatures::setExperimentalContentSecurityPolicyFeaturesEnabled(
true); |
77 csp->didReceiveHeader("upgrade-insecure-requests", ContentSecurityPolicyHead
erTypeReport, ContentSecurityPolicyHeaderSourceHTTP); | 74 csp->didReceiveHeader("upgrade-insecure-requests", ContentSecurityPolicyHead
erTypeReport, ContentSecurityPolicyHeaderSourceHTTP); |
78 EXPECT_EQ(SecurityContext::InsecureRequestsDoNotUpgrade, csp->insecureReques
tsPolicy()); | 75 EXPECT_EQ(SecurityContext::InsecureRequestsDoNotUpgrade, csp->insecureReques
tsPolicy()); |
79 | 76 |
80 csp->bindToExecutionContext(document.get()); | 77 csp->bindToExecutionContext(document.get()); |
81 EXPECT_EQ(SecurityContext::InsecureRequestsDoNotUpgrade, document->insecureR
equestsPolicy()); | 78 EXPECT_EQ(SecurityContext::InsecureRequestsDoNotUpgrade, document->insecureR
equestsPolicy()); |
82 EXPECT_FALSE(document->insecureNavigationsToUpgrade()->contains(secureOrigin
->host().impl()->hash())); | |
83 } | 79 } |
84 | 80 |
85 } // namespace | 81 } // namespace |
OLD | NEW |