Skip to content

GitLab

T
tangled
Commit 16d842a0 authored by Lukasz Anforowicz's avatar Lukasz Anforowicz Committed by Chromium LUCI CQ
Browse files
Options

Sharing IsPotentiallyTrustworthy tests across Blink and "network" layers 

Bug: 1164416
Change-Id: I3834ffb77ff1ef23f39c8886049b563753ab6cf0
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2630625
Commit-Queue: Łukasz Anforowicz <lukasza@chromium.org>
Reviewed-by: default avatarDaniel Cheng <dcheng@chromium.org>
Reviewed-by: default avatarKinuko Yasuda <kinuko@chromium.org>
Reviewed-by: default avatarTom Sepez <tsepez@chromium.org>
Auto-Submit: Łukasz Anforowicz <lukasza@chromium.org>
Cr-Commit-Position: refs/heads/master@{#845905}
parent a5c22c52
Hide whitespace changes
Inline Side-by-side
Showing with 527 additions and 369 deletions
services/network/public/cpp/BUILD.gn
View file @ 16d842a0
......@@ -300,6 +300,21 @@ mojom("test_interfaces") {
public_deps = [ "//services/network/public/mojom" ]
}
source_set("test_support") {
testonly = true
sources = [ "is_potentially_trustworthy_unittest.h" ]
public_deps = [
":cpp",
"//base",
"//base/test:test_support",
"//testing/gmock",
"//testing/gtest",
"//url:url_test_support",
]
}
source_set("tests") {
testonly = true
......@@ -355,6 +370,7 @@ source_set("tests") {
deps = [
":cpp",
":test_interfaces",
":test_support",
"//base",
"//mojo/public/cpp/bindings",
"//mojo/public/cpp/test_support:test_utils",
......
services/network/public/cpp/is_potentially_trustworthy_unittest.cc
View file @ 16d842a0
......@@ -2,7 +2,7 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "services/network/public/cpp/is_potentially_trustworthy.h"
#include "services/network/public/cpp/is_potentially_trustworthy_unittest.h"
#include "base/test/scoped_command_line.h"
#include "services/network/public/cpp/network_switches.h"
......@@ -13,6 +13,7 @@
#include "url/url_util.h"
namespace network {
namespace test {
bool IsOriginAllowlisted(const url::Origin& origin) {
return SecureOriginAllowlist::GetInstance().IsOriginAllowlisted(origin);
......@@ -22,12 +23,8 @@ bool IsOriginAllowlisted(const char* str) {
return IsOriginAllowlisted(url::Origin::Create(GURL(str)));
}
bool IsOriginPotentiallyTrustworthy(const char* str) {
return IsOriginPotentiallyTrustworthy(url::Origin::Create(GURL(str)));
}
bool IsUrlPotentiallyTrustworthy(const char* str) {
return IsUrlPotentiallyTrustworthy(GURL(str));
return network::IsUrlPotentiallyTrustworthy(GURL(str));
}
std::vector<std::string> CanonicalizeAllowlist(
......@@ -37,51 +34,18 @@ std::vector<std::string> CanonicalizeAllowlist(
allowlist, rejected_patterns);
}
TEST(IsPotentiallyTrustworthy, Origin) {
const url::Origin unique_origin;
EXPECT_FALSE(IsOriginPotentiallyTrustworthy(unique_origin));
const url::Origin opaque_origin =
url::Origin::Create(GURL("https://www.example.com"))
.DeriveNewOpaqueOrigin();
EXPECT_FALSE(IsOriginPotentiallyTrustworthy(opaque_origin));
EXPECT_FALSE(IsOriginPotentiallyTrustworthy("about:blank"));
EXPECT_FALSE(IsOriginPotentiallyTrustworthy("about:blank#ref"));
EXPECT_FALSE(IsOriginPotentiallyTrustworthy("about:srcdoc"));
EXPECT_FALSE(IsOriginPotentiallyTrustworthy("javascript:alert('blah')"));
EXPECT_FALSE(IsOriginPotentiallyTrustworthy("data:test/plain;blah"));
EXPECT_TRUE(
IsOriginPotentiallyTrustworthy("quic-transport://example.com/counter"));
}
// TODO(crbug.com/1153336 and crbug.com/1164416): Fix product behavior, so that
// blink::SecurityOrigin::IsSecure(const KURL&) is compatible with
// network::IsUrlPotentiallyTrustworthy(const GURL&) and then move the tests
// below to the AbstractTrustworthinessTest.UrlFromString test case in
// //services/network/public/cpp/is_potentially_trustworthy_unittest.h
// See also SecurityOriginTest.IsSecure test.
TEST(IsPotentiallyTrustworthy, Url) {
EXPECT_TRUE(IsUrlPotentiallyTrustworthy("about:blank"));
EXPECT_TRUE(IsUrlPotentiallyTrustworthy("about:blank?x=2"));
EXPECT_TRUE(IsUrlPotentiallyTrustworthy("about:blank#ref"));
EXPECT_TRUE(IsUrlPotentiallyTrustworthy("about:blank?x=2#ref"));
EXPECT_TRUE(IsUrlPotentiallyTrustworthy("about:srcdoc"));
EXPECT_TRUE(IsUrlPotentiallyTrustworthy("about:srcdoc?x=2"));
EXPECT_TRUE(IsUrlPotentiallyTrustworthy("about:srcdoc#ref"));
EXPECT_TRUE(IsUrlPotentiallyTrustworthy("about:srcdoc?x=2#ref"));
EXPECT_TRUE(IsUrlPotentiallyTrustworthy("about:mumble"));
EXPECT_TRUE(IsUrlPotentiallyTrustworthy("data:test/plain;blah"));
EXPECT_FALSE(IsUrlPotentiallyTrustworthy("javascript:alert('blah')"));
EXPECT_TRUE(IsUrlPotentiallyTrustworthy("file:///test/fun.html"));
EXPECT_TRUE(IsUrlPotentiallyTrustworthy("file:///test/"));
EXPECT_TRUE(IsUrlPotentiallyTrustworthy("file://localhost/test/"));
EXPECT_TRUE(IsUrlPotentiallyTrustworthy("file://otherhost/test/"));
EXPECT_TRUE(IsUrlPotentiallyTrustworthy("https://example.com/fun.html"));
EXPECT_FALSE(IsUrlPotentiallyTrustworthy("http://example.com/fun.html"));
EXPECT_TRUE(IsUrlPotentiallyTrustworthy("wss://example.com/fun.html"));
EXPECT_FALSE(IsUrlPotentiallyTrustworthy("ws://example.com/fun.html"));
EXPECT_TRUE(IsUrlPotentiallyTrustworthy("http://localhost/fun.html"));
EXPECT_TRUE(IsUrlPotentiallyTrustworthy("http://localhost./fun.html"));
EXPECT_TRUE(IsUrlPotentiallyTrustworthy("http://pumpkin.localhost/fun.html"));
......@@ -91,99 +55,20 @@ TEST(IsPotentiallyTrustworthy, Url) {
IsUrlPotentiallyTrustworthy("http://pumpkin.localhost:8080/fun.html"));
EXPECT_TRUE(IsUrlPotentiallyTrustworthy(
"http://crumpet.pumpkin.localhost:3000/fun.html"));
EXPECT_FALSE(IsUrlPotentiallyTrustworthy("http://localhost.com/fun.html"));
EXPECT_TRUE(IsUrlPotentiallyTrustworthy("https://localhost.com/fun.html"));
EXPECT_TRUE(IsUrlPotentiallyTrustworthy("http://127.0.0.1/fun.html"));
EXPECT_TRUE(IsUrlPotentiallyTrustworthy("ftp://127.0.0.1/fun.html"));
EXPECT_TRUE(IsUrlPotentiallyTrustworthy("http://127.3.0.1/fun.html"));
EXPECT_FALSE(IsUrlPotentiallyTrustworthy("http://127.example.com/fun.html"));
EXPECT_TRUE(IsUrlPotentiallyTrustworthy("https://127.example.com/fun.html"));
EXPECT_TRUE(IsUrlPotentiallyTrustworthy("http://[::1]/fun.html"));
EXPECT_FALSE(IsUrlPotentiallyTrustworthy("http://[::2]/fun.html"));
EXPECT_FALSE(
IsUrlPotentiallyTrustworthy("http://[::1].example.com/fun.html"));
// IPv4 mapped IPv6 literals for loopback.
EXPECT_FALSE(IsUrlPotentiallyTrustworthy("http://[::ffff:127.0.0.1]/"));
EXPECT_FALSE(IsUrlPotentiallyTrustworthy("http://[::ffff:7f00:1]"));
// IPv4 compatible IPv6 literal for loopback.
EXPECT_FALSE(IsUrlPotentiallyTrustworthy("http://[::127.0.0.1]"));
EXPECT_FALSE(IsUrlPotentiallyTrustworthy("http://loopback"));
// Legacy localhost names.
EXPECT_FALSE(IsUrlPotentiallyTrustworthy("http://localhost.localdomain"));
EXPECT_FALSE(IsUrlPotentiallyTrustworthy("http://localhost6"));
EXPECT_FALSE(IsUrlPotentiallyTrustworthy("ftp://localhost6.localdomain6"));
EXPECT_FALSE(IsUrlPotentiallyTrustworthy(
"filesystem:http://www.example.com/temporary/"));
EXPECT_FALSE(IsUrlPotentiallyTrustworthy(
"filesystem:ftp://www.example.com/temporary/"));
EXPECT_TRUE(
IsUrlPotentiallyTrustworthy("filesystem:ftp://127.0.0.1/temporary/"));
EXPECT_TRUE(IsUrlPotentiallyTrustworthy(
"filesystem:https://www.example.com/temporary/"));
EXPECT_FALSE(IsUrlPotentiallyTrustworthy(
"blob:http://www.example.com/guid-goes-here"));
EXPECT_FALSE(
IsUrlPotentiallyTrustworthy("blob:ftp://www.example.com/guid-goes-here"));
EXPECT_TRUE(
IsUrlPotentiallyTrustworthy("blob:ftp://127.0.0.1/guid-goes-here"));
EXPECT_TRUE(IsUrlPotentiallyTrustworthy(
"blob:https://www.example.com/guid-goes-here"));
EXPECT_FALSE(IsUrlPotentiallyTrustworthy("blob:data:text/html,Hello"));
EXPECT_FALSE(IsUrlPotentiallyTrustworthy("blob:about:blank"));
EXPECT_FALSE(IsUrlPotentiallyTrustworthy("filesystem:data:text/html,Hello"));
EXPECT_FALSE(IsUrlPotentiallyTrustworthy("filesystem:about:blank"));
EXPECT_FALSE(IsUrlPotentiallyTrustworthy(
"blob:blob:https://example.com/578223a1-8c13-17b3-84d5-eca045ae384a"));
EXPECT_FALSE(
IsUrlPotentiallyTrustworthy("filesystem:blob:https://example.com/"
"578223a1-8c13-17b3-84d5-eca045ae384a"));
EXPECT_TRUE(
IsUrlPotentiallyTrustworthy("quic-transport://example.com/counter"));
}
TEST(IsPotentiallyTrustworthy, CustomSchemes) {
url::ScopedSchemeRegistryForTests scoped_registry;
url::AddSecureScheme("sec-nonstd-scheme");
url::AddSecureScheme("sec-std-scheme");
url::AddStandardScheme("sec-std-scheme", url::SCHEME_WITH_HOST);
url::AddSecureScheme("sec-noaccess-scheme");
url::AddNoAccessScheme("sec-noaccess-scheme");
url::AddNoAccessScheme("nonsec-noaccess-scheme");
// Unrecognized / unknown schemes are not trustworthy.
EXPECT_FALSE(IsOriginPotentiallyTrustworthy("unknown-scheme://example.com"));
EXPECT_FALSE(IsUrlPotentiallyTrustworthy("unknown-scheme://example.com"));
// Secure URLs are trustworthy, even if their scheme is also marked as
// no-access, or are not marked as standard. See also //chrome-layer
// ChromeContentClientTest.AdditionalSchemes test and
// https://crbug.com/734581.
EXPECT_TRUE(IsUrlPotentiallyTrustworthy("sec-nonstd-scheme://blah/x.js"));
EXPECT_TRUE(IsUrlPotentiallyTrustworthy("sec-std-scheme://blah/x.js"));
EXPECT_TRUE(IsUrlPotentiallyTrustworthy("sec-noaccess-scheme://blah/x.js"));
EXPECT_TRUE(IsOriginPotentiallyTrustworthy("sec-std-scheme://blah/x.js"));
// No-access and non-standard/non-local schemes translate into an
// untrustworthy, opaque origin.
// TODO(lukasza): Maybe if the spec had a notion of an origin *precursor*,
// then it could inspect the scheme of the precursor. After this, it may be
// possible to EXPECT_TRUE below...
EXPECT_FALSE(IsOriginPotentiallyTrustworthy("sec-nonstd-scheme://blah/x.js"));
EXPECT_FALSE(
IsOriginPotentiallyTrustworthy("sec-noaccess-scheme://blah/x.js"));
// No-access, non-secure schemes are untrustworthy.
EXPECT_FALSE(IsUrlPotentiallyTrustworthy("nonsec-noaccess-scheme:blah"));
EXPECT_FALSE(IsOriginPotentiallyTrustworthy("nonsec-noaccess-scheme:blah"));
}
class SecureOriginAllowlistTest : public testing::Test {
......@@ -330,4 +215,24 @@ TEST_F(SecureOriginAllowlistTest, Canonicalization) {
EXPECT_THAT(canonicalized, ::testing::ElementsAre("*.example.com"));
}
class TrustworthinessTestTraits final
: public virtual url::UrlOriginTestTraits,
public virtual TrustworthinessTraitsBase<url::Origin> {
public:
bool IsOriginPotentiallyTrustworthy(const OriginType& origin) override {
return network::IsOriginPotentiallyTrustworthy(origin);
}
bool IsUrlPotentiallyTrustworthy(base::StringPiece str) override {
return network::IsUrlPotentiallyTrustworthy(GURL(str));
}
bool IsOriginOfLocalhost(const OriginType& origin) override {
return net::IsLocalhost(origin.GetURL());
}
};
INSTANTIATE_TYPED_TEST_SUITE_P(UrlOrigin,
AbstractTrustworthinessTest,
TrustworthinessTestTraits);
} // namespace test
} // namespace network
services/network/public/cpp/is_potentially_trustworthy_unittest.h 0 → 100644
View file @ 16d842a0
// Copyright 2021 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef SERVICES_NETWORK_PUBLIC_CPP_IS_POTENTIALLY_TRUSTWORTHY_UNITTEST_H_
#define SERVICES_NETWORK_PUBLIC_CPP_IS_POTENTIALLY_TRUSTWORTHY_UNITTEST_H_
#include "base/strings/string_piece.h"
#include "net/base/url_util.h"
#include "services/network/public/cpp/is_potentially_trustworthy.h"
#include "url/origin_abstract_tests.h"
namespace network {
namespace test {
// AbstractTrustworthinessTest below abstracts away differences between
// network::IsOriginPotentiallyTrustworthy and
// blink::SecurityOrigin::IsPotentiallyTrustworthy by parametrizing the tests
// with a class that has to be derived from TrustworthinessTraitsBase
// below.
template <typename TConcreteOriginType>
class TrustworthinessTraitsBase
: public virtual url::OriginTraitsBase<TConcreteOriginType> {
public:
using OriginType = TConcreteOriginType;
virtual bool IsOriginPotentiallyTrustworthy(const OriginType& origin) = 0;
virtual bool IsUrlPotentiallyTrustworthy(base::StringPiece str) = 0;
virtual bool IsOriginOfLocalhost(const OriginType& origin) = 0;
};
// Test suite for tests that cover both url::Origin and blink::SecurityOrigin.
template <typename TTrustworthinessTraits>
class AbstractTrustworthinessTest
: public url::AbstractOriginTest<TTrustworthinessTraits> {
static_assert(
std::is_base_of<TrustworthinessTraitsBase<
typename TTrustworthinessTraits::OriginType>,
TTrustworthinessTraits>::value,
"TTrustworthinessTraits needs to expose the right members.");
protected:
// Wrappers that allow tests to ignore presence of `test_traits_`.
//
// Note that calling the wrappers needs to be prefixed with `this->...` to
// avoid hitting: explicit qualification required to use member 'FooBar'
// from dependent base class.
using OriginType = typename TTrustworthinessTraits::OriginType;
bool IsOriginPotentiallyTrustworthy(const OriginType& origin) {
return trustworthiness_traits_.IsOriginPotentiallyTrustworthy(origin);
}
bool IsOriginPotentiallyTrustworthy(base::StringPiece str) {
auto origin = this->CreateOriginFromString(str);
return this->IsOriginPotentiallyTrustworthy(origin);
}
bool IsUrlPotentiallyTrustworthy(base::StringPiece str) {
return trustworthiness_traits_.IsUrlPotentiallyTrustworthy(str);
}
bool IsOriginOfLocalhost(const OriginType& origin) {
return trustworthiness_traits_.IsOriginOfLocalhost(origin);
}
private:
TTrustworthinessTraits trustworthiness_traits_;
};
TYPED_TEST_SUITE_P(AbstractTrustworthinessTest);
TYPED_TEST_P(AbstractTrustworthinessTest, OpaqueOrigins) {
auto unique_origin = this->CreateUniqueOpaqueOrigin();
EXPECT_FALSE(this->IsOriginPotentiallyTrustworthy(unique_origin));
auto example_origin = this->CreateOriginFromString("https://www.example.com");
auto opaque_origin = this->DeriveNewOpaqueOrigin(example_origin);
EXPECT_FALSE(this->IsOriginPotentiallyTrustworthy(opaque_origin));
}
TYPED_TEST_P(AbstractTrustworthinessTest, OriginFromString) {
EXPECT_FALSE(this->IsOriginPotentiallyTrustworthy("about:blank"));
EXPECT_FALSE(this->IsOriginPotentiallyTrustworthy("about:blank#ref"));
EXPECT_FALSE(this->IsOriginPotentiallyTrustworthy("about:srcdoc"));
EXPECT_FALSE(
this->IsOriginPotentiallyTrustworthy("javascript:alert('blah')"));
EXPECT_FALSE(this->IsOriginPotentiallyTrustworthy("data:test/plain;blah"));
EXPECT_TRUE(this->IsOriginPotentiallyTrustworthy(
"quic-transport://example.com/counter"));
}
TYPED_TEST_P(AbstractTrustworthinessTest, CustomSchemes) {
// Custom testing schemes are registered in url::AbstractOriginTest::SetUp.
// Let's double-check that schemes we test with have the expected properties.
EXPECT_TRUE(base::Contains(url::GetSecureSchemes(), "sec"));
EXPECT_TRUE(base::Contains(url::GetSecureSchemes(), "sec-std-with-host"));
EXPECT_TRUE(base::Contains(url::GetSecureSchemes(), "sec-noaccess"));
EXPECT_TRUE(base::Contains(url::GetNoAccessSchemes(), "sec-noaccess"));
EXPECT_TRUE(base::Contains(url::GetNoAccessSchemes(), "noaccess"));
EXPECT_TRUE(GURL("sec-std-with-host://blah/x.js").IsStandard());
// Unrecognized / unknown schemes are not trustworthy.
EXPECT_FALSE(
this->IsOriginPotentiallyTrustworthy("unknown-scheme://example.com"));
EXPECT_FALSE(
this->IsUrlPotentiallyTrustworthy("unknown-scheme://example.com"));
// Secure URLs are trustworthy, even if their scheme is also marked as
// no-access, or are not marked as standard. See also //chrome-layer
// ChromeContentClientTest.AdditionalSchemes test and
// https://crbug.com/734581.
EXPECT_TRUE(this->IsUrlPotentiallyTrustworthy("sec://blah/x.js"));
EXPECT_TRUE(
this->IsUrlPotentiallyTrustworthy("sec-std-with-host://blah/x.js"));
EXPECT_TRUE(this->IsUrlPotentiallyTrustworthy("sec-noaccess://blah/x.js"));
EXPECT_TRUE(
this->IsOriginPotentiallyTrustworthy("sec-std-with-host://blah/x.js"));
// No-access and non-standard/non-local schemes translate into an
// untrustworthy, opaque origin.
// TODO(lukasza): Maybe if the spec had a notion of an origin *precursor*,
// then it could inspect the scheme of the precursor. After this, it may be
// possible to EXPECT_TRUE below...
EXPECT_FALSE(this->IsOriginPotentiallyTrustworthy("sec://blah/x.js"));
EXPECT_FALSE(
this->IsOriginPotentiallyTrustworthy("sec-noaccess://blah/x.js"));
// No-access, non-secure schemes are untrustworthy.
EXPECT_FALSE(this->IsUrlPotentiallyTrustworthy("noaccess:blah"));
EXPECT_FALSE(this->IsOriginPotentiallyTrustworthy("noaccess:blah"));
// Standard, but non-secure schemes are untrustworthy.
EXPECT_FALSE(this->IsUrlPotentiallyTrustworthy("std-with-host://blah/x.js"));
EXPECT_FALSE(
this->IsOriginPotentiallyTrustworthy("std-with-host://blah/x.js"));
}
TYPED_TEST_P(AbstractTrustworthinessTest, UrlFromString) {
EXPECT_TRUE(this->IsUrlPotentiallyTrustworthy("about:blank"));
EXPECT_TRUE(this->IsUrlPotentiallyTrustworthy("about:blank?x=2"));
EXPECT_TRUE(this->IsUrlPotentiallyTrustworthy("about:blank#ref"));
EXPECT_TRUE(this->IsUrlPotentiallyTrustworthy("about:blank?x=2#ref"));
EXPECT_TRUE(this->IsUrlPotentiallyTrustworthy("about:srcdoc"));
EXPECT_TRUE(this->IsUrlPotentiallyTrustworthy("about:srcdoc?x=2"));
EXPECT_TRUE(this->IsUrlPotentiallyTrustworthy("about:srcdoc#ref"));
EXPECT_TRUE(this->IsUrlPotentiallyTrustworthy("about:srcdoc?x=2#ref"));
// The test expectations below document the current behavior, that "emerges"
// from how out implementation of IsUrlPotentiallyTrustworthy treats scenarios
// that are not covered by the spec. The current behavior might or might not
// be the desirable long-term behavior (it just accidentally emerged from the
// current implentattion). In particular, not how
// https://www.w3.org/TR/secure-contexts/#is-url-trustworthy only mentions how
// to deal with "about:srcdoc" and "about:blank", and how
// https://github.com/w3c/webappsec-secure-contexts/issues/85 discusses
// general treatment of "secure" / "authenticated" schemes (see also
// IsSchemeConsideredAuthenticated in product code).
EXPECT_TRUE(this->IsUrlPotentiallyTrustworthy("about:about"));
EXPECT_TRUE(this->IsUrlPotentiallyTrustworthy("about:mumble"));
EXPECT_TRUE(this->IsUrlPotentiallyTrustworthy("data:test/plain;blah"));
EXPECT_TRUE(this->IsUrlPotentiallyTrustworthy("data:text/html,Hello"));
EXPECT_FALSE(this->IsUrlPotentiallyTrustworthy("javascript:alert('blah')"));
EXPECT_TRUE(
this->IsUrlPotentiallyTrustworthy("https://example.com/fun.html"));
EXPECT_FALSE(
this->IsUrlPotentiallyTrustworthy("http://example.com/fun.html"));
EXPECT_FALSE(this->IsUrlPotentiallyTrustworthy("ftp://example.com/"));
EXPECT_TRUE(this->IsUrlPotentiallyTrustworthy("wss://example.com/fun.html"));
EXPECT_FALSE(this->IsUrlPotentiallyTrustworthy("ws://example.com/fun.html"));
EXPECT_FALSE(
this->IsUrlPotentiallyTrustworthy("http://localhost.com/fun.html"));
EXPECT_TRUE(
this->IsUrlPotentiallyTrustworthy("https://localhost.com/fun.html"));
EXPECT_FALSE(
this->IsUrlPotentiallyTrustworthy("http://127.example.com/fun.html"));
EXPECT_TRUE(
this->IsUrlPotentiallyTrustworthy("https://127.example.com/fun.html"));
EXPECT_FALSE(this->IsUrlPotentiallyTrustworthy("http://[::2]/fun.html"));
EXPECT_FALSE(
this->IsUrlPotentiallyTrustworthy("http://[::1].example.com/fun.html"));
// IPv4 mapped IPv6 literals for loopback.
EXPECT_FALSE(this->IsUrlPotentiallyTrustworthy("http://[::ffff:127.0.0.1]/"));
EXPECT_FALSE(this->IsUrlPotentiallyTrustworthy("http://[::ffff:7f00:1]"));
// IPv4 compatible IPv6 literal for loopback.
EXPECT_FALSE(this->IsUrlPotentiallyTrustworthy("http://[::127.0.0.1]"));
EXPECT_FALSE(this->IsUrlPotentiallyTrustworthy("http://loopback"));
// Legacy localhost names.
EXPECT_FALSE(
this->IsUrlPotentiallyTrustworthy("http://localhost.localdomain"));
EXPECT_FALSE(this->IsUrlPotentiallyTrustworthy("http://localhost6"));
EXPECT_FALSE(
this->IsUrlPotentiallyTrustworthy("ftp://localhost6.localdomain6"));
EXPECT_FALSE(this->IsUrlPotentiallyTrustworthy(
"filesystem:http://www.example.com/temporary/"));
EXPECT_FALSE(this->IsUrlPotentiallyTrustworthy(
"filesystem:ftp://www.example.com/temporary/"));
EXPECT_TRUE(this->IsUrlPotentiallyTrustworthy(
"filesystem:https://www.example.com/temporary/"));
EXPECT_FALSE(this->IsUrlPotentiallyTrustworthy(
"blob:http://www.example.com/guid-goes-here"));
EXPECT_FALSE(this->IsUrlPotentiallyTrustworthy(
"blob:ftp://www.example.com/guid-goes-here"));
EXPECT_TRUE(this->IsUrlPotentiallyTrustworthy(
"blob:https://www.example.com/guid-goes-here"));
EXPECT_FALSE(
this->IsUrlPotentiallyTrustworthy("filesystem:data:text/html,Hello"));
EXPECT_FALSE(this->IsUrlPotentiallyTrustworthy("filesystem:about:blank"));
EXPECT_FALSE(this->IsUrlPotentiallyTrustworthy(
"blob:blob:https://example.com/578223a1-8c13-17b3-84d5-eca045ae384a"));
EXPECT_FALSE(this->IsUrlPotentiallyTrustworthy(
"filesystem:blob:https://example.com/"
"578223a1-8c13-17b3-84d5-eca045ae384a"));
EXPECT_TRUE(this->IsUrlPotentiallyTrustworthy(
"quic-transport://example.com/counter"));
}
TYPED_TEST_P(AbstractTrustworthinessTest, TestcasesInheritedFromBlink) {
struct TestCase {
bool is_potentially_trustworthy;
bool is_localhost;
const char* url;
};
TestCase inputs[] = {
// Access is granted to webservers running on localhost.
{true, true, "http://localhost"},
{true, true, "http://localhost."},
{true, true, "http://LOCALHOST"},
{true, true, "http://localhost:100"},
{true, true, "http://a.localhost"},
{true, true, "http://a.b.localhost"},
{true, true, "http://127.0.0.1"},
{true, true, "http://127.0.0.2"},
{true, true, "http://127.1.0.2"},
{true, true, "http://0177.00.00.01"},
{true, true, "http://[::1]"},
{true, true, "http://[0:0::1]"},
{true, true, "http://[0:0:0:0:0:0:0:1]"},
{true, true, "http://[::1]:21"},
{true, true, "http://127.0.0.1:8080"},
{true, true, "ftp://127.0.0.1"},
{true, true, "ftp://127.0.0.1:443"},
{true, true, "ws://127.0.0.1"},
// Non-localhost over HTTP
{false, false, "http://[1::]"},
{false, false, "http://[::2]"},
{false, false, "http://[1::1]"},
{false, false, "http://[1:2::3]"},
{false, false, "http://[::127.0.0.1]"},
{false, false, "http://a.127.0.0.1"},
{false, false, "http://127.0.0.1.b"},
{false, false, "http://localhost.a"},
// loopback resolves to localhost on Windows, but not
// recognized generically here.
{false, false, "http://loopback"},
// IPv4 mapped IPv6 literals for 127.0.0.1.
{false, false, "http://[::ffff:127.0.0.1]"},
{false, false, "http://[::ffff:7f00:1]"},
// IPv4 compatible IPv6 literal for 127.0.0.1.
{false, false, "http://[::127.0.0.1]"},
// Legacy localhost names.
{false, false, "http://localhost.localdomain"},
{false, false, "http://localhost6"},
{false, false, "ftp://localhost6.localdomain6"},
// Secure transports are considered trustworthy.
{true, false, "https://foobar.com"},
{true, false, "wss://foobar.com"},
{true, false, "quic-transport://example.com/counter"},
// Insecure transports are not considered trustworthy.
{false, false, "ftp://foobar.com"},
{false, false, "http://foobar.com"},
{false, false, "http://foobar.com:443"},
{false, false, "ws://foobar.com"},
{false, false, "custom-scheme://example.com"},
// Local files are considered trustworthy.
{true, false, "file:///home/foobar/index.html"},
// blob: URLs must look to the inner URL's origin, and apply the same
// rules as above. Spot check some of them
{true, true,
"blob:http://localhost:1000/578223a1-8c13-17b3-84d5-eca045ae384a"},
{true, false,
"blob:https://foopy:99/578223a1-8c13-17b3-84d5-eca045ae384a"},
{false, false, "blob:http://baz:99/578223a1-8c13-17b3-84d5-eca045ae384a"},
{false, false, "blob:ftp://evil:99/578223a1-8c13-17b3-84d5-eca045ae384a"},
{false, false, "blob:data:text/html,Hello"},
{false, false, "blob:about:blank"},
{false, false,
"blob:blob:https://example.com/578223a1-8c13-17b3-84d5-eca045ae384a"},
// filesystem: URLs work the same as blob: URLs, and look to the inner
// URL for security origin.
{true, true, "filesystem:http://localhost:1000/foo"},
{true, false, "filesystem:https://foopy:99/foo"},
{false, false, "filesystem:http://baz:99/foo"},
{false, false, "filesystem:ftp://evil:99/foo"},
{false, false, "filesystem:data:text/html,Hello"},
{false, false, "filesystem:about:blank"},
{false, false,
"filesystem:blob:https://example.com/"
"578223a1-8c13-17b3-84d5-eca045ae384a"},
// about: and data: URLs.
{false, false, "about:blank"},
{false, false, "about:srcdoc"},
{false, false, "data:text/html,Hello"},
};
for (size_t i = 0; i < base::size(inputs); ++i) {
SCOPED_TRACE(inputs[i].url);
auto origin = this->CreateOriginFromString(inputs[i].url);
EXPECT_EQ(inputs[i].is_potentially_trustworthy,
this->IsOriginPotentiallyTrustworthy(origin));
EXPECT_EQ(inputs[i].is_localhost, this->IsOriginOfLocalhost(origin));
GURL test_gurl(inputs[i].url);
if (!(test_gurl.SchemeIsBlob() || test_gurl.SchemeIsFileSystem())) {
// Check that the origin's notion of localhost matches //net's notion of
// localhost. This is skipped for blob: and filesystem: URLs since
// blink::SecurityOrigin uses their inner URL's origin.
EXPECT_EQ(net::IsLocalhost(GURL(inputs[i].url)),
this->IsOriginOfLocalhost(origin));
}
}
}
REGISTER_TYPED_TEST_SUITE_P(AbstractTrustworthinessTest,
OpaqueOrigins,
OriginFromString,
CustomSchemes,
UrlFromString,
TestcasesInheritedFromBlink);
} // namespace test
} // namespace network
#endif // SERVICES_NETWORK_PUBLIC_CPP_IS_POTENTIALLY_TRUSTWORTHY_UNITTEST_H_
third_party/blink/renderer/platform/BUILD.gn
View file @ 16d842a0
......@@ -2174,6 +2174,7 @@ source_set("blink_platform_unittests_sources") {
"//mojo/public/cpp/bindings/tests:for_blink_tests",
"//mojo/public/cpp/test_support:test_utils",
"//mojo/public/interfaces/bindings/tests:test_interfaces_blink",
"//services/network/public/cpp:test_support",
"//services/viz/public/mojom",
"//skia",
"//skia:skcms",
......
third_party/blink/renderer/platform/weborigin/security_origin_test.cc
View file @ 16d842a0
......@@ -35,7 +35,7 @@
#include "base/stl_util.h"
#include "base/test/scoped_command_line.h"
#include "net/base/url_util.h"
#include "services/network/public/cpp/is_potentially_trustworthy.h"
#include "services/network/public/cpp/is_potentially_trustworthy_unittest.h"
#include "services/network/public/cpp/network_switches.h"
#include "services/network/public/mojom/cors.mojom-blink.h"
#include "services/network/public/mojom/cors_origin_pattern.mojom-blink.h"
......@@ -99,169 +99,23 @@ TEST_F(SecurityOriginTest, LocalAccess) {
EXPECT_FALSE(file2->CanAccess(file1.get()));
}
TEST_F(SecurityOriginTest, IsPotentiallyTrustworthy) {
struct TestCase {
bool is_potentially_trustworthy;
bool is_localhost;
const char* url;
};
// TODO(crbug.com/1153336): Merge SecurityOrigin::IsPotentiallyTrustworthy
// into network::IsOriginPotentiallyTrustworthy.
// https://w3c.github.io/webappsec-secure-contexts/#is-origin-trustworthy
TestCase inputs[] = {
// Access is granted to webservers running on localhost.
{true, true, "http://localhost"},
{true, true, "http://localhost."},
{true, true, "http://LOCALHOST"},
{true, true, "http://localhost:100"},
{true, true, "http://a.localhost"},
{true, true, "http://a.b.localhost"},
{true, true, "http://127.0.0.1"},
{true, true, "http://127.0.0.2"},
{true, true, "http://127.1.0.2"},
{true, true, "http://0177.00.00.01"},
{true, true, "http://[::1]"},
{true, true, "http://[0:0::1]"},
{true, true, "http://[0:0:0:0:0:0:0:1]"},
{true, true, "http://[::1]:21"},
{true, true, "http://127.0.0.1:8080"},
{true, true, "ftp://127.0.0.1"},
{true, true, "ftp://127.0.0.1:443"},
{true, true, "ws://127.0.0.1"},
// Non-localhost over HTTP
{false, false, "http://[1::]"},
{false, false, "http://[::2]"},
{false, false, "http://[1::1]"},
{false, false, "http://[1:2::3]"},
{false, false, "http://[::127.0.0.1]"},
{false, false, "http://a.127.0.0.1"},
{false, false, "http://127.0.0.1.b"},
{false, false, "http://localhost.a"},
// loopback resolves to localhost on Windows, but not
// recognized generically here.
{false, false, "http://loopback"},
// IPv4 mapped IPv6 literals for 127.0.0.1.
{false, false, "http://[::ffff:127.0.0.1]"},
{false, false, "http://[::ffff:7f00:1]"},
// IPv4 compatible IPv6 literal for 127.0.0.1.
{false, false, "http://[::127.0.0.1]"},
// Legacy localhost names.
{false, false, "http://localhost.localdomain"},
{false, false, "http://localhost6"},
{false, false, "ftp://localhost6.localdomain6"},
// Secure transports are considered trustworthy.
{true, false, "https://foobar.com"},
{true, false, "wss://foobar.com"},
{true, false, "quic-transport://example.com/counter"},
// Insecure transports are not considered trustworthy.
{false, false, "ftp://foobar.com"},
{false, false, "http://foobar.com"},
{false, false, "http://foobar.com:443"},
{false, false, "ws://foobar.com"},
{false, false, "custom-scheme://example.com"},
// Local files are considered trustworthy.
{true, false, "file:///home/foobar/index.html"},
// blob: URLs must look to the inner URL's origin, and apply the same
// rules as above. Spot check some of them
{true, true,
"blob:http://localhost:1000/578223a1-8c13-17b3-84d5-eca045ae384a"},
{true, false,
"blob:https://foopy:99/578223a1-8c13-17b3-84d5-eca045ae384a"},
{false, false, "blob:http://baz:99/578223a1-8c13-17b3-84d5-eca045ae384a"},
{false, false, "blob:ftp://evil:99/578223a1-8c13-17b3-84d5-eca045ae384a"},
{false, false, "blob:data:text/html,Hello"},
{false, false, "blob:about:blank"},
{false, false,
"blob:blob:https://example.com/578223a1-8c13-17b3-84d5-eca045ae384a"},
// filesystem: URLs work the same as blob: URLs, and look to the inner
// URL for security origin.
{true, true, "filesystem:http://localhost:1000/foo"},
{true, false, "filesystem:https://foopy:99/foo"},
{false, false, "filesystem:http://baz:99/foo"},
{false, false, "filesystem:ftp://evil:99/foo"},
{false, false, "filesystem:data:text/html,Hello"},
{false, false, "filesystem:about:blank"},
{false, false,
"filesystem:blob:https://example.com/"
"578223a1-8c13-17b3-84d5-eca045ae384a"},
// about: and data: URLs.
{false, false, "about:blank"},
{false, false, "about:srcdoc"},
{false, false, "data:text/html,Hello"},
};
for (size_t i = 0; i < base::size(inputs); ++i) {
SCOPED_TRACE(inputs[i].url);
scoped_refptr<const SecurityOrigin> origin =
SecurityOrigin::CreateFromString(inputs[i].url);
String error_message;
EXPECT_EQ(inputs[i].is_potentially_trustworthy,
origin->IsPotentiallyTrustworthy());
EXPECT_EQ(inputs[i].is_localhost, origin->IsLocalhost());
GURL test_gurl(inputs[i].url);
if (!(test_gurl.SchemeIsBlob() || test_gurl.SchemeIsFileSystem())) {
// Check that the origin's notion of localhost matches //net's notion of
// localhost. This is skipped for blob: and filesystem: URLs since
// SecurityOrigin uses their inner URL's origin.
EXPECT_EQ(net::IsLocalhost(GURL(inputs[i].url)), origin->IsLocalhost());
}
}
// Anonymous opaque origins are not considered secure.
scoped_refptr<SecurityOrigin> opaque_origin =
SecurityOrigin::CreateUniqueOpaque();
EXPECT_FALSE(opaque_origin->IsPotentiallyTrustworthy());
}
TEST_F(SecurityOriginTest, IsSecure) {
struct TestCase {
bool is_secure;
const char* url;
} inputs[] = {
// TODO(crbug.com/1153336): Should SecurityOrigin::IsSecure be aligned
// with network::IsURLPotentiallyTrustworthy?
// https://w3c.github.io/webappsec-secure-contexts/#is-url-trustworthy
{false, "blob:ftp://evil:99/578223a1-8c13-17b3-84d5-eca045ae384a"},
{false, "blob:http://example.com/578223a1-8c13-17b3-84d5-eca045ae384a"},
// TODO(crbug.com/1153336 and crbug.com/1164416): Fix product behavior, so
// that blink::SecurityOrigin::IsSecure(const KURL&) is compatible with
// network::IsUrlPotentiallyTrustworthy(const GURL&) and then move the
// tests below to the AbstractTrustworthinessTest.UrlFromString test case
// in //services/network/public/cpp/is_potentially_trustworthy_unittest.
// See also IsPotentiallyTrustworthy.Url test.
{false, "file:///etc/passwd"},
{false, "ftp://example.com/"},
{false, "http://example.com/"},
{false, "ws://example.com/"},
{true, "blob:https://example.com/578223a1-8c13-17b3-84d5-eca045ae384a"},
{true, "https://example.com/"},
{true, "wss://example.com/"},
{true, "about:blank"},
{true, "about:srcdoc"},
{true, "about:about"},
{true, "data:text/html,Hello"},
{false,
"filesystem:http://example.com/578223a1-8c13-17b3-84d5-eca045ae384a"},
{true,
"filesystem:https://example.com/578223a1-8c13-17b3-84d5-eca045ae384a"},
{true, "blob:data:text/html,Hello"},
{true, "blob:about:blank"},
{false, "filesystem:data:text/html,Hello"},
{false, "filesystem:about:blank"},
{false,
"blob:blob:https://example.com/578223a1-8c13-17b3-84d5-eca045ae384a"},
{false,
"filesystem:blob:https://example.com/"
"578223a1-8c13-17b3-84d5-eca045ae384a"},
{false, "custom-scheme://example.com"},
{true, "quic-transport://example.com/counter"},
{false, ""},
{false, "\0"},
};
......@@ -273,48 +127,6 @@ TEST_F(SecurityOriginTest, IsSecure) {
EXPECT_FALSE(SecurityOrigin::IsSecure(NullURL()));
}
// Tests the trustworthiness of an URL and origin whose scheme was added to the
// custom sets of standard and secure schemes. A scheme must be added to both
// to be considered trustworthy.
TEST_F(SecurityOriginTest, CustomScheme) {
const char* custom_scheme = "custom-scheme";
const char* custom_scheme_example = "custom-scheme://example.com";
KURL url = KURL(custom_scheme_example);
{
EXPECT_FALSE(SecurityOrigin::IsSecure(url));
scoped_refptr<const SecurityOrigin> origin =
SecurityOrigin::CreateFromString(custom_scheme_example);
EXPECT_FALSE(origin->IsPotentiallyTrustworthy());
}
{
url::ScopedSchemeRegistryForTests scoped_registry;
url::AddSecureScheme(custom_scheme);
// TODO(crbug.com/1153336): Should SecurityOrigin::IsSecure always consider
// non-standard schemes as insecure?
EXPECT_TRUE(SecurityOrigin::IsSecure(url));
scoped_refptr<const SecurityOrigin> origin =
SecurityOrigin::CreateFromString(custom_scheme_example);
EXPECT_FALSE(origin->IsPotentiallyTrustworthy());
}
{
url::ScopedSchemeRegistryForTests scoped_registry;
url::AddStandardScheme(custom_scheme, url::SchemeType::SCHEME_WITH_HOST);
EXPECT_FALSE(SecurityOrigin::IsSecure(url));
scoped_refptr<const SecurityOrigin> origin =
SecurityOrigin::CreateFromString(custom_scheme_example);
EXPECT_FALSE(origin->IsPotentiallyTrustworthy());
}
{
url::ScopedSchemeRegistryForTests scoped_registry;
url::AddStandardScheme(custom_scheme, url::SchemeType::SCHEME_WITH_HOST);
url::AddSecureScheme(custom_scheme);
EXPECT_TRUE(SecurityOrigin::IsSecure(url));
scoped_refptr<const SecurityOrigin> origin =
SecurityOrigin::CreateFromString(custom_scheme_example);
EXPECT_TRUE(origin->IsPotentiallyTrustworthy());
}
}
TEST_F(SecurityOriginTest, IsSecureViaTrustworthy) {
// TODO(crbug.com/1153336): Should SecurityOrigin::IsSecure be aligned with
// network::IsURLPotentiallyTrustworthy?
......@@ -1254,7 +1066,8 @@ TEST_F(SecurityOriginTest, PercentEncodesHost) {
namespace url {
class BlinkSecurityOriginTestTraits final
: public url::OriginTraitsBase<scoped_refptr<blink::SecurityOrigin>> {
: public network::test::TrustworthinessTraitsBase<
scoped_refptr<blink::SecurityOrigin>> {
public:
OriginType CreateOriginFromString(base::StringPiece s) override {
return blink::SecurityOrigin::CreateFromString(String::FromUTF8(s));
......@@ -1311,6 +1124,18 @@ class BlinkSecurityOriginTestTraits final
bool IsValidUrl(base::StringPiece str) override {
return blink::KURL(String::FromUTF8(str)).IsValid();
}
bool IsOriginPotentiallyTrustworthy(const OriginType& origin) override {
return origin->IsPotentiallyTrustworthy();
}
bool IsUrlPotentiallyTrustworthy(base::StringPiece str) override {
return blink::SecurityOrigin::IsSecure(blink::KURL(String::FromUTF8(str)));
}
bool IsOriginOfLocalhost(const OriginType& origin) override {
return origin->IsLocalhost();
}
};
INSTANTIATE_TYPED_TEST_SUITE_P(BlinkSecurityOrigin,
......@@ -1318,3 +1143,15 @@ INSTANTIATE_TYPED_TEST_SUITE_P(BlinkSecurityOrigin,
BlinkSecurityOriginTestTraits);
} // namespace url
// Apparently INSTANTIATE_TYPED_TEST_SUITE_P needs to be used in the same
// namespace as where the typed test suite was defined.
namespace network {
namespace test {
INSTANTIATE_TYPED_TEST_SUITE_P(BlinkSecurityOrigin,
AbstractTrustworthinessTest,
url::BlinkSecurityOriginTestTraits);
} // namespace test
} // namespace network
url/BUILD.gn
View file @ 16d842a0
......@@ -176,6 +176,7 @@ source_set("url_test_support") {
sources = [
"gurl_abstract_tests.h",
"origin_abstract_tests.cc",
"origin_abstract_tests.h",
]
......
url/origin_abstract_tests.cc 0 → 100644
View file @ 16d842a0
// Copyright 2021 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "url/origin_abstract_tests.h"
namespace url {
Origin UrlOriginTestTraits::CreateOriginFromString(base::StringPiece s) {
return Origin::Create(GURL(s));
}
Origin UrlOriginTestTraits::CreateUniqueOpaqueOrigin() {
return Origin();
}
Origin UrlOriginTestTraits::CreateWithReferenceOrigin(
base::StringPiece url,
const Origin& reference_origin) {
return Origin::Resolve(GURL(url), reference_origin);
}
Origin UrlOriginTestTraits::DeriveNewOpaqueOrigin(
const Origin& reference_origin) {
return reference_origin.DeriveNewOpaqueOrigin();
}
bool UrlOriginTestTraits::IsOpaque(const Origin& origin) {
return origin.opaque();
}
std::string UrlOriginTestTraits::GetScheme(const Origin& origin) {
return origin.scheme();
}
std::string UrlOriginTestTraits::GetHost(const Origin& origin) {
return origin.host();
}
uint16_t UrlOriginTestTraits::GetPort(const Origin& origin) {
return origin.port();
}
SchemeHostPort UrlOriginTestTraits::GetTupleOrPrecursorTupleIfOpaque(
const Origin& origin) {
return origin.GetTupleOrPrecursorTupleIfOpaque();
}
bool UrlOriginTestTraits::IsSameOrigin(const Origin& a, const Origin& b) {
return a.IsSameOriginWith(b);
}
std::string UrlOriginTestTraits::Serialize(const Origin& origin) {
return origin.Serialize();
}
bool UrlOriginTestTraits::IsValidUrl(base::StringPiece str) {
return GURL(str).is_valid();
}
} // namespace url
url/origin_abstract_tests.h
View file @ 16d842a0
......@@ -8,8 +8,13 @@
#include <string>
#include <type_traits>
#include "base/containers/contains.h"
#include "base/optional.h"
#include "base/strings/string_piece.h"
#include "testing/gtest/include/gtest/gtest.h"
#include "url/gurl.h"
#include "url/origin.h"
#include "url/scheme_host_port.h"
#include "url/url_util.h"
namespace url {
......@@ -74,6 +79,9 @@ class AbstractOriginTest : public testing::Test {
"local-std-with-host",
"local-noaccess-std-with-host",
"also-local",
"sec",
"sec-std-with-host",
"sec-noaccess",
};
for (const char* kScheme : kSchemesToRegister) {
std::string scheme(kScheme);
......@@ -83,6 +91,8 @@ class AbstractOriginTest : public testing::Test {
AddStandardScheme(kScheme, SchemeType::SCHEME_WITH_HOST);
if (base::Contains(scheme, "local"))
AddLocalScheme(kScheme);
if (base::Contains(scheme, "sec"))
AddSecureScheme(kScheme);
}
}
......@@ -489,6 +499,25 @@ REGISTER_TYPED_TEST_SUITE_P(AbstractOriginTest,
CustomSchemes_OpaqueOrigins,
CustomSchemes_TupleOrigins);
class UrlOriginTestTraits : public virtual OriginTraitsBase<Origin> {
public:
OriginType CreateOriginFromString(base::StringPiece s) override;
OriginType CreateUniqueOpaqueOrigin() override;
OriginType CreateWithReferenceOrigin(
base::StringPiece url,
const OriginType& reference_origin) override;
OriginType DeriveNewOpaqueOrigin(const OriginType& reference_origin) override;
bool IsOpaque(const OriginType& origin) override;
std::string GetScheme(const OriginType& origin) override;
std::string GetHost(const OriginType& origin) override;
uint16_t GetPort(const OriginType& origin) override;
SchemeHostPort GetTupleOrPrecursorTupleIfOpaque(
const OriginType& origin) override;
bool IsSameOrigin(const OriginType& a, const OriginType& b) override;
std::string Serialize(const OriginType& origin) override;
bool IsValidUrl(base::StringPiece str) override;
};
} // namespace url
#endif // URL_ORIGIN_ABSTRACT_TESTS_H_
url/origin_unittest.cc
View file @ 16d842a0
......@@ -956,55 +956,6 @@ TEST_F(OriginTest, DeserializeValidNonce) {
EXPECT_EQ(opaque.GetDebugString(), deserialized.value().GetDebugString());
}
class UrlOriginTestTraits final : public OriginTraitsBase<Origin> {
public:
OriginType CreateOriginFromString(base::StringPiece s) override {
return Origin::Create(GURL(s));
}
OriginType CreateUniqueOpaqueOrigin() override { return Origin(); }
OriginType CreateWithReferenceOrigin(
base::StringPiece url,
const OriginType& reference_origin) override {
return Origin::Resolve(GURL(url), reference_origin);
}
OriginType DeriveNewOpaqueOrigin(
const OriginType& reference_origin) override {
return reference_origin.DeriveNewOpaqueOrigin();
}
bool IsOpaque(const OriginType& origin) override { return origin.opaque(); }
std::string GetScheme(const OriginType& origin) override {
return origin.scheme();
}
std::string GetHost(const OriginType& origin) override {
return origin.host();
}
uint16_t GetPort(const OriginType& origin) override { return origin.port(); }
SchemeHostPort GetTupleOrPrecursorTupleIfOpaque(
const OriginType& origin) override {
return origin.GetTupleOrPrecursorTupleIfOpaque();
}
bool IsSameOrigin(const OriginType& a, const OriginType& b) override {
return a.IsSameOriginWith(b);
}
std::string Serialize(const OriginType& origin) override {
return origin.Serialize();
}
bool IsValidUrl(base::StringPiece str) override {
return GURL(str).is_valid();
}
};
INSTANTIATE_TYPED_TEST_SUITE_P(UrlOrigin,
AbstractOriginTest,
UrlOriginTestTraits);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment