Consolidate tests for HTTP request restrictions on untrusted loaders.

Reducing the number of tests should speed up bots, and we are unlikely
to ever need to separately enable/disable these.
Review URL: http://codereview.chromium.org/8857003

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@113524 0039d316-1c4b-4281-b951-d872f2087c98

chrome/test/ui/ppapi_uitest.cc

@@ -338,14 +338,8 @@ TEST_PPAPI_IN_PROCESS_VIA_HTTP(URLLoader_UntrustedJavascriptURLRestriction)
 // TODO(bbudge) Fix Javascript URLs for trusted loaders.
 // http://crbug.com/103062
 TEST_PPAPI_IN_PROCESS_VIA_HTTP(FAILS_URLLoader_TrustedJavascriptURLRestriction)
-TEST_PPAPI_IN_PROCESS_VIA_HTTP(URLLoader_UntrustedMethodRestriction)
-TEST_PPAPI_IN_PROCESS_VIA_HTTP(URLLoader_TrustedMethodRestriction)
-TEST_PPAPI_IN_PROCESS_VIA_HTTP(URLLoader_UntrustedHeaderRestriction)
-TEST_PPAPI_IN_PROCESS_VIA_HTTP(URLLoader_TrustedHeaderRestriction)
-TEST_PPAPI_IN_PROCESS_VIA_HTTP(URLLoader_UntrustedCustomReferrer)
-TEST_PPAPI_IN_PROCESS_VIA_HTTP(URLLoader_TrustedCustomReferrer)
-TEST_PPAPI_IN_PROCESS_VIA_HTTP(URLLoader_UntrustedCustomContentTransferEncoding)
-TEST_PPAPI_IN_PROCESS_VIA_HTTP(URLLoader_TrustedCustomContentTransferEncoding)
+TEST_PPAPI_IN_PROCESS_VIA_HTTP(URLLoader_UntrustedHttpRestriction)
+TEST_PPAPI_IN_PROCESS_VIA_HTTP(URLLoader_TrustedHttpRestriction)
 TEST_PPAPI_IN_PROCESS_VIA_HTTP(URLLoader_AuditURLRedirect)
 TEST_PPAPI_IN_PROCESS_VIA_HTTP(URLLoader_AbortCalls)
 TEST_PPAPI_IN_PROCESS_VIA_HTTP(URLLoader_UntendedLoad)
@@ -370,16 +364,8 @@ TEST_PPAPI_OUT_OF_PROCESS_VIA_HTTP(URLLoader_UntrustedJavascriptURLRestriction)
 // http://crbug.com/103062
 TEST_PPAPI_OUT_OF_PROCESS_VIA_HTTP(
     FAILS_URLLoader_TrustedJavascriptURLRestriction)
-TEST_PPAPI_OUT_OF_PROCESS_VIA_HTTP(URLLoader_UntrustedMethodRestriction)
-TEST_PPAPI_OUT_OF_PROCESS_VIA_HTTP(URLLoader_TrustedMethodRestriction)
-TEST_PPAPI_OUT_OF_PROCESS_VIA_HTTP(URLLoader_UntrustedHeaderRestriction)
-TEST_PPAPI_OUT_OF_PROCESS_VIA_HTTP(URLLoader_TrustedHeaderRestriction)
-TEST_PPAPI_OUT_OF_PROCESS_VIA_HTTP(URLLoader_UntrustedCustomReferrer)
-TEST_PPAPI_OUT_OF_PROCESS_VIA_HTTP(URLLoader_TrustedCustomReferrer)
-TEST_PPAPI_OUT_OF_PROCESS_VIA_HTTP(
-    URLLoader_UntrustedCustomContentTransferEncoding)
-TEST_PPAPI_OUT_OF_PROCESS_VIA_HTTP(
-    URLLoader_TrustedCustomContentTransferEncoding)
+TEST_PPAPI_OUT_OF_PROCESS_VIA_HTTP(URLLoader_UntrustedHttpRestriction)
+TEST_PPAPI_OUT_OF_PROCESS_VIA_HTTP(URLLoader_TrustedHttpRestriction)
 TEST_PPAPI_OUT_OF_PROCESS_VIA_HTTP(URLLoader_AuditURLRedirect)
 TEST_PPAPI_OUT_OF_PROCESS_VIA_HTTP(URLLoader_AbortCalls)
 TEST_PPAPI_OUT_OF_PROCESS_VIA_HTTP(URLLoader_UntendedLoad)
@@ -398,10 +384,7 @@ TEST_PPAPI_NACL_VIA_HTTP(URLLoader_StreamToFile)
 TEST_PPAPI_NACL_VIA_HTTP(DISABLED_URLLoader_UntrustedSameOriginRestriction)
 TEST_PPAPI_NACL_VIA_HTTP(DISABLED_URLLoader_UntrustedCrossOriginRequest)
 TEST_PPAPI_NACL_VIA_HTTP(URLLoader_UntrustedJavascriptURLRestriction)
-TEST_PPAPI_NACL_VIA_HTTP(URLLoader_UntrustedMethodRestriction)
-TEST_PPAPI_NACL_VIA_HTTP(URLLoader_UntrustedHeaderRestriction)
-TEST_PPAPI_NACL_VIA_HTTP(URLLoader_UntrustedCustomReferrer)
-TEST_PPAPI_NACL_VIA_HTTP(URLLoader_UntrustedCustomContentTransferEncoding)
+TEST_PPAPI_NACL_VIA_HTTP(URLLoader_UntrustedHttpRestriction)
 TEST_PPAPI_NACL_VIA_HTTP(URLLoader_AuditURLRedirect)
 TEST_PPAPI_NACL_VIA_HTTP(URLLoader_AbortCalls)
 TEST_PPAPI_NACL_VIA_HTTP(URLLoader_UntendedLoad)

ppapi/tests/test_url_loader.cc

@@ -120,14 +120,8 @@ void TestURLLoader::RunTests(const std::string& filter) {
   RUN_TEST_FORCEASYNC_AND_NOT(TrustedCrossOriginRequest, filter);
   RUN_TEST_FORCEASYNC_AND_NOT(UntrustedJavascriptURLRestriction, filter);
   RUN_TEST_FORCEASYNC_AND_NOT(TrustedJavascriptURLRestriction, filter);
-  RUN_TEST_FORCEASYNC_AND_NOT(UntrustedMethodRestriction, filter);
-  RUN_TEST_FORCEASYNC_AND_NOT(TrustedMethodRestriction, filter);
-  RUN_TEST_FORCEASYNC_AND_NOT(UntrustedHeaderRestriction, filter);
-  RUN_TEST_FORCEASYNC_AND_NOT(TrustedHeaderRestriction, filter);
-  RUN_TEST_FORCEASYNC_AND_NOT(UntrustedCustomReferrer, filter);
-  RUN_TEST_FORCEASYNC_AND_NOT(TrustedCustomReferrer, filter);
-  RUN_TEST_FORCEASYNC_AND_NOT(UntrustedCustomContentTransferEncoding, filter);
-  RUN_TEST_FORCEASYNC_AND_NOT(TrustedCustomContentTransferEncoding, filter);
+  RUN_TEST_FORCEASYNC_AND_NOT(UntrustedHttpRequests, filter);
+  RUN_TEST_FORCEASYNC_AND_NOT(TrustedHttpRequests, filter);
   RUN_TEST_FORCEASYNC_AND_NOT(AuditURLRedirect, filter);
   RUN_TEST_FORCEASYNC_AND_NOT(AbortCalls, filter);
   RUN_TEST_FORCEASYNC_AND_NOT(UntendedLoad, filter);
@@ -592,31 +586,21 @@ std::string TestURLLoader::TestTrustedJavascriptURLRestriction() {
   PASS();
 }
 
-// HTTP methods are restricted only for untrusted loaders. Forbidden
-// methods are CONNECT, TRACE, and TRACK, and any string that is not a valid
-// token (containing special characters like CR, LF).
-// http://www.w3.org/TR/XMLHttpRequest/
-std::string TestURLLoader::TestUntrustedMethodRestriction() {
+std::string TestURLLoader::TestUntrustedHttpRequests() {
+  // HTTP methods are restricted only for untrusted loaders. Forbidden
+  // methods are CONNECT, TRACE, and TRACK, and any string that is not a
+  // valid token (containing special characters like CR, LF).
+  // http://www.w3.org/TR/XMLHttpRequest/
+  {
     ASSERT_EQ(OpenUntrusted("cOnNeCt", ""), PP_ERROR_NOACCESS);
     ASSERT_EQ(OpenUntrusted("tRaCk", ""), PP_ERROR_NOACCESS);
     ASSERT_EQ(OpenUntrusted("tRaCe", ""), PP_ERROR_NOACCESS);
     ASSERT_EQ(OpenUntrusted("POST\x0d\x0ax-csrf-token:\x20test1234", ""),
                             PP_ERROR_NOACCESS);
-  PASS();
-}
-
-// Trusted requests can use restricted methods.
-std::string TestURLLoader::TestTrustedMethodRestriction() {
-  ASSERT_EQ(OpenTrusted("cOnNeCt", ""), PP_OK);
-  ASSERT_EQ(OpenTrusted("tRaCk", ""), PP_OK);
-  ASSERT_EQ(OpenTrusted("tRaCe", ""), PP_OK);
-
-  PASS();
-}
-
-// HTTP methods are restricted only for untrusted loaders. Try all headers
-// that are forbidden by http://www.w3.org/TR/XMLHttpRequest/.
-std::string TestURLLoader::TestUntrustedHeaderRestriction() {
+  }
+  // HTTP methods are restricted only for untrusted loaders. Try all headers
+  // that are forbidden by http://www.w3.org/TR/XMLHttpRequest/.
+  {
     ASSERT_EQ(OpenUntrusted("GET", "Accept-Charset:\n"), PP_ERROR_NOACCESS);
     ASSERT_EQ(OpenUntrusted("GET", "Accept-Encoding:\n"), PP_ERROR_NOACCESS);
     ASSERT_EQ(OpenUntrusted("GET", "Connection:\n"), PP_ERROR_NOACCESS);
@@ -632,7 +616,8 @@ std::string TestURLLoader::TestUntrustedHeaderRestriction() {
     ASSERT_EQ(OpenUntrusted("GET", "Referer:\n"), PP_ERROR_NOACCESS);
     ASSERT_EQ(OpenUntrusted("GET", "TE:\n"), PP_ERROR_NOACCESS);
     ASSERT_EQ(OpenUntrusted("GET", "Trailer:\n"), PP_ERROR_NOACCESS);
-  ASSERT_EQ(OpenUntrusted("GET", "Transfer-Encoding:\n"), PP_ERROR_NOACCESS);
+    ASSERT_EQ(OpenUntrusted(
+        "GET", "Transfer-Encoding:\n"), PP_ERROR_NOACCESS);
     ASSERT_EQ(OpenUntrusted("GET", "Upgrade:\n"), PP_ERROR_NOACCESS);
     ASSERT_EQ(OpenUntrusted("GET", "User-Agent:\n"), PP_ERROR_NOACCESS);
     ASSERT_EQ(OpenUntrusted("GET", "Via:\n"), PP_ERROR_NOACCESS);
@@ -640,12 +625,40 @@ std::string TestURLLoader::TestUntrustedHeaderRestriction() {
         "GET", "Proxy-Authorization: Basic dXNlcjpwYXNzd29yZA==:\n"),
             PP_ERROR_NOACCESS);
     ASSERT_EQ(OpenUntrusted("GET", "Sec-foo:\n"), PP_ERROR_NOACCESS);
+  }
+  // Untrusted requests with custom referrer should fail.
+  {
+    pp::URLRequestInfo request(instance_);
+    request.SetCustomReferrerURL("http://www.google.com/");
+
+    int32_t rv = OpenUntrusted(request);
+    if (rv != PP_ERROR_NOACCESS)
+      return ReportError(
+          "Untrusted request with custom referrer restriction", rv);
+  }
+  // Untrusted requests with custom transfer encodings should fail.
+  {
+    pp::URLRequestInfo request(instance_);
+    request.SetCustomContentTransferEncoding("foo");
+
+    int32_t rv = OpenUntrusted(request);
+    if (rv != PP_ERROR_NOACCESS)
+      return ReportError(
+          "Untrusted request with content-transfer-encoding restriction", rv);
+  }
 
   PASS();
 }
 
-// Trusted requests can use restricted headers.
-std::string TestURLLoader::TestTrustedHeaderRestriction() {
+std::string TestURLLoader::TestTrustedHttpRequests() {
+  // Trusted requests can use restricted methods.
+  {
+    ASSERT_EQ(OpenTrusted("cOnNeCt", ""), PP_OK);
+    ASSERT_EQ(OpenTrusted("tRaCk", ""), PP_OK);
+    ASSERT_EQ(OpenTrusted("tRaCe", ""), PP_OK);
+  }
+  // Trusted requests can use restricted headers.
+  {
     ASSERT_EQ(OpenTrusted("GET", "Accept-Charset:\n"), PP_OK);
     ASSERT_EQ(OpenTrusted("GET", "Accept-Encoding:\n"), PP_OK);
     ASSERT_EQ(OpenTrusted("GET", "Connection:\n"), PP_OK);
@@ -668,57 +681,27 @@ std::string TestURLLoader::TestTrustedHeaderRestriction() {
     ASSERT_EQ(OpenTrusted(
         "GET", "Proxy-Authorization: Basic dXNlcjpwYXNzd29yZA==:\n"), PP_OK);
     ASSERT_EQ(OpenTrusted("GET", "Sec-foo:\n"), PP_OK);
-
-  PASS();
-}
-
-// Untrusted requests with custom referrer should fail.
-std::string TestURLLoader::TestUntrustedCustomReferrer() {
-  pp::URLRequestInfo request(instance_);
-  request.SetCustomReferrerURL("http://www.google.com/");
-
-  int32_t rv = OpenUntrusted(request);
-  if (rv != PP_ERROR_NOACCESS)
-    return ReportError(
-        "Untrusted request with custom referrer restriction", rv);
-
-  PASS();
-}
-
-// Trusted requests with custom referrer should succeed.
-std::string TestURLLoader::TestTrustedCustomReferrer() {
+  }
+  // Trusted requests with custom referrer should succeed.
+  {
     pp::URLRequestInfo request(instance_);
     request.SetCustomReferrerURL("http://www.google.com/");
 
     int32_t rv = OpenTrusted(request);
     if (rv != PP_OK)
       return ReportError("Trusted request with custom referrer", rv);
-
-  PASS();
-}
-
-// Untrusted requests with custom transfer encodings should fail.
-std::string TestURLLoader::TestUntrustedCustomContentTransferEncoding() {
-  pp::URLRequestInfo request(instance_);
-  request.SetCustomContentTransferEncoding("foo");
-
-  int32_t rv = OpenUntrusted(request);
-  if (rv != PP_ERROR_NOACCESS)
-    return ReportError(
-        "Untrusted request with content-transfer-encoding restriction", rv);
-
-  PASS();
-}
-
-// Trusted requests with custom transfer encodings should succeed.
-std::string TestURLLoader::TestTrustedCustomContentTransferEncoding() {
+  }
+  // Trusted requests with custom transfer encodings should succeed.
+  {
     pp::URLRequestInfo request(instance_);
     request.SetCustomContentTransferEncoding("foo");
 
     int32_t rv = OpenTrusted(request);
     if (rv != PP_OK)
-    return ReportError("Trusted request with content-transfer-encoding failed",
-                       rv);
+      return ReportError(
+          "Trusted request with content-transfer-encoding failed", rv);
+  }
+
   PASS();
 }
 

ppapi/tests/test_url_loader.h

@@ -64,14 +64,8 @@ class TestURLLoader : public TestCase {
   std::string TestTrustedCrossOriginRequest();
   std::string TestUntrustedJavascriptURLRestriction();
   std::string TestTrustedJavascriptURLRestriction();
-  std::string TestUntrustedMethodRestriction();
-  std::string TestTrustedMethodRestriction();
-  std::string TestUntrustedHeaderRestriction();
-  std::string TestTrustedHeaderRestriction();
-  std::string TestUntrustedCustomReferrer();
-  std::string TestTrustedCustomReferrer();
-  std::string TestUntrustedCustomContentTransferEncoding();
-  std::string TestTrustedCustomContentTransferEncoding();
+  std::string TestUntrustedHttpRequests();
+  std::string TestTrustedHttpRequests();
   std::string TestAuditURLRedirect();
   std::string TestAbortCalls();
   std::string TestUntendedLoad();