summaryrefslogtreecommitdiffstats
path: root/net/base/transport_security_state_unittest.cc
diff options
context:
space:
mode:
authorphajdan.jr@chromium.org <phajdan.jr@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2011-09-27 21:04:49 +0000
committerphajdan.jr@chromium.org <phajdan.jr@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2011-09-27 21:04:49 +0000
commitedbc4f91345a02160137f8fd506fefaca4e33f6a (patch)
tree98e5a1f9096b79e6f60f2c7c0ebd09218ac9780d /net/base/transport_security_state_unittest.cc
parentbb6ec17d7939713e4d0d9d2c25c2e1e734b0e96e (diff)
downloadchromium_src-edbc4f91345a02160137f8fd506fefaca4e33f6a.zip
chromium_src-edbc4f91345a02160137f8fd506fefaca4e33f6a.tar.gz
chromium_src-edbc4f91345a02160137f8fd506fefaca4e33f6a.tar.bz2
Make TransportSecurityState not ref-counted for simplicity.
BUG=none Review URL: http://codereview.chromium.org/8054001 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@103012 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/base/transport_security_state_unittest.cc')
-rw-r--r--net/base/transport_security_state_unittest.cc1010
1 files changed, 493 insertions, 517 deletions
diff --git a/net/base/transport_security_state_unittest.cc b/net/base/transport_security_state_unittest.cc
index 263e29a..11c6edf 100644
--- a/net/base/transport_security_state_unittest.cc
+++ b/net/base/transport_security_state_unittest.cc
@@ -142,168 +142,155 @@ TEST_F(TransportSecurityStateTest, ValidHeaders) {
}
TEST_F(TransportSecurityStateTest, SimpleMatches) {
- scoped_refptr<TransportSecurityState> state(
- new TransportSecurityState(std::string()));
+ TransportSecurityState state("");
TransportSecurityState::DomainState domain_state;
const base::Time current_time(base::Time::Now());
const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000);
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "yahoo.com", true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "yahoo.com", true));
domain_state.expiry = expiry;
- state->EnableHost("yahoo.com", domain_state);
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "yahoo.com", true));
+ state.EnableHost("yahoo.com", domain_state);
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "yahoo.com", true));
}
TEST_F(TransportSecurityStateTest, MatchesCase1) {
- scoped_refptr<TransportSecurityState> state(
- new TransportSecurityState(std::string()));
+ TransportSecurityState state("");
TransportSecurityState::DomainState domain_state;
const base::Time current_time(base::Time::Now());
const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000);
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "yahoo.com", true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "yahoo.com", true));
domain_state.expiry = expiry;
- state->EnableHost("YAhoo.coM", domain_state);
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "yahoo.com", true));
+ state.EnableHost("YAhoo.coM", domain_state);
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "yahoo.com", true));
}
TEST_F(TransportSecurityStateTest, MatchesCase2) {
- scoped_refptr<TransportSecurityState> state(
- new TransportSecurityState(std::string()));
+ TransportSecurityState state("");
TransportSecurityState::DomainState domain_state;
const base::Time current_time(base::Time::Now());
const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000);
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "YAhoo.coM", true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "YAhoo.coM", true));
domain_state.expiry = expiry;
- state->EnableHost("yahoo.com", domain_state);
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "YAhoo.coM", true));
+ state.EnableHost("yahoo.com", domain_state);
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "YAhoo.coM", true));
}
TEST_F(TransportSecurityStateTest, SubdomainMatches) {
- scoped_refptr<TransportSecurityState> state(
- new TransportSecurityState(std::string()));
+ TransportSecurityState state("");
TransportSecurityState::DomainState domain_state;
const base::Time current_time(base::Time::Now());
const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000);
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "yahoo.com", true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "yahoo.com", true));
domain_state.expiry = expiry;
domain_state.include_subdomains = true;
- state->EnableHost("yahoo.com", domain_state);
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "yahoo.com", true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "foo.yahoo.com", true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "foo.bar.yahoo.com",
- true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "foo.bar.baz.yahoo.com",
- true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "com", true));
+ state.EnableHost("yahoo.com", domain_state);
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "yahoo.com", true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "foo.yahoo.com", true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "foo.bar.yahoo.com",
+ true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "foo.bar.baz.yahoo.com",
+ true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "com", true));
}
TEST_F(TransportSecurityStateTest, Serialise1) {
- scoped_refptr<TransportSecurityState> state(
- new TransportSecurityState(std::string()));
+ TransportSecurityState state("");
std::string output;
bool dirty;
- state->Serialise(&output);
- EXPECT_TRUE(state->LoadEntries(output, &dirty));
+ state.Serialise(&output);
+ EXPECT_TRUE(state.LoadEntries(output, &dirty));
EXPECT_FALSE(dirty);
}
TEST_F(TransportSecurityStateTest, Serialise2) {
- scoped_refptr<TransportSecurityState> state(
- new TransportSecurityState(std::string()));
-
+ TransportSecurityState state("");
TransportSecurityState::DomainState domain_state;
const base::Time current_time(base::Time::Now());
const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000);
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "yahoo.com", true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "yahoo.com", true));
domain_state.mode = TransportSecurityState::DomainState::MODE_STRICT;
domain_state.expiry = expiry;
domain_state.include_subdomains = true;
- state->EnableHost("yahoo.com", domain_state);
+ state.EnableHost("yahoo.com", domain_state);
std::string output;
bool dirty;
- state->Serialise(&output);
- EXPECT_TRUE(state->LoadEntries(output, &dirty));
+ state.Serialise(&output);
+ EXPECT_TRUE(state.LoadEntries(output, &dirty));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "yahoo.com", true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "yahoo.com", true));
EXPECT_EQ(domain_state.mode, TransportSecurityState::DomainState::MODE_STRICT);
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "foo.yahoo.com", true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "foo.yahoo.com", true));
EXPECT_EQ(domain_state.mode, TransportSecurityState::DomainState::MODE_STRICT);
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "foo.bar.yahoo.com",
- true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "foo.bar.yahoo.com",
+ true));
EXPECT_EQ(domain_state.mode, TransportSecurityState::DomainState::MODE_STRICT);
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "foo.bar.baz.yahoo.com",
- true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "foo.bar.baz.yahoo.com",
+ true));
EXPECT_EQ(domain_state.mode, TransportSecurityState::DomainState::MODE_STRICT);
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "com", true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "com", true));
}
TEST_F(TransportSecurityStateTest, DeleteSince) {
- scoped_refptr<TransportSecurityState> state(
- new TransportSecurityState(std::string()));
-
+ TransportSecurityState state("");
TransportSecurityState::DomainState domain_state;
const base::Time current_time(base::Time::Now());
const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000);
const base::Time older = current_time - base::TimeDelta::FromSeconds(1000);
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "yahoo.com", true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "yahoo.com", true));
domain_state.mode = TransportSecurityState::DomainState::MODE_STRICT;
domain_state.expiry = expiry;
- state->EnableHost("yahoo.com", domain_state);
+ state.EnableHost("yahoo.com", domain_state);
- state->DeleteSince(expiry);
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "yahoo.com", true));
- state->DeleteSince(older);
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "yahoo.com", true));
+ state.DeleteSince(expiry);
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "yahoo.com", true));
+ state.DeleteSince(older);
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "yahoo.com", true));
}
TEST_F(TransportSecurityStateTest, DeleteHost) {
- scoped_refptr<TransportSecurityState> state(
- new TransportSecurityState(std::string()));
-
+ TransportSecurityState state("");
TransportSecurityState::DomainState domain_state;
const base::Time current_time(base::Time::Now());
const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000);
domain_state.mode = TransportSecurityState::DomainState::MODE_STRICT;
domain_state.expiry = expiry;
- state->EnableHost("yahoo.com", domain_state);
+ state.EnableHost("yahoo.com", domain_state);
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "yahoo.com", true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "example.com", true));
- EXPECT_TRUE(state->DeleteHost("yahoo.com"));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "yahoo.com", true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "yahoo.com", true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "example.com", true));
+ EXPECT_TRUE(state.DeleteHost("yahoo.com"));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "yahoo.com", true));
}
TEST_F(TransportSecurityStateTest, SerialiseOld) {
- scoped_refptr<TransportSecurityState> state(
- new TransportSecurityState(std::string()));
+ TransportSecurityState state("");
// This is an old-style piece of transport state JSON, which has no creation
// date.
std::string output =
"{ "
- "\"NiyD+3J1r6z1wjl2n1ALBu94Zj9OsEAMo0kCN8js0Uk=\": {"
- "\"expiry\": 1266815027.983453, "
- "\"include_subdomains\": false, "
- "\"mode\": \"strict\" "
- "}"
+ "\"NiyD+3J1r6z1wjl2n1ALBu94Zj9OsEAMo0kCN8js0Uk=\": {"
+ "\"expiry\": 1266815027.983453, "
+ "\"include_subdomains\": false, "
+ "\"mode\": \"strict\" "
+ "}"
"}";
bool dirty;
- EXPECT_TRUE(state->LoadEntries(output, &dirty));
+ EXPECT_TRUE(state.LoadEntries(output, &dirty));
EXPECT_TRUE(dirty);
}
TEST_F(TransportSecurityStateTest, IsPreloaded) {
- scoped_refptr<TransportSecurityState> state(
- new TransportSecurityState(std::string()));
+ TransportSecurityState state("");
const std::string paypal =
TransportSecurityState::CanonicalizeHost("paypal.com");
@@ -319,414 +306,410 @@ TEST_F(TransportSecurityStateTest, IsPreloaded) {
TransportSecurityState::CanonicalizeHost("aypal.com");
TransportSecurityState::DomainState domain_state;
- EXPECT_FALSE(state->IsPreloadedSTS(paypal, true, &domain_state));
- EXPECT_TRUE(state->IsPreloadedSTS(www_paypal, true, &domain_state));
+ EXPECT_FALSE(state.IsPreloadedSTS(paypal, true, &domain_state));
+ EXPECT_TRUE(state.IsPreloadedSTS(www_paypal, true, &domain_state));
EXPECT_FALSE(domain_state.include_subdomains);
- EXPECT_FALSE(state->IsPreloadedSTS(a_www_paypal, true, &domain_state));
- EXPECT_FALSE(state->IsPreloadedSTS(abc_paypal, true, &domain_state));
- EXPECT_FALSE(state->IsPreloadedSTS(example, true, &domain_state));
- EXPECT_FALSE(state->IsPreloadedSTS(aypal, true, &domain_state));
+ EXPECT_FALSE(state.IsPreloadedSTS(a_www_paypal, true, &domain_state));
+ EXPECT_FALSE(state.IsPreloadedSTS(abc_paypal, true, &domain_state));
+ EXPECT_FALSE(state.IsPreloadedSTS(example, true, &domain_state));
+ EXPECT_FALSE(state.IsPreloadedSTS(aypal, true, &domain_state));
}
TEST_F(TransportSecurityStateTest, Preloaded) {
- scoped_refptr<TransportSecurityState> state(
- new TransportSecurityState(std::string()));
+ TransportSecurityState state("");
TransportSecurityState::DomainState domain_state;
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "paypal.com", true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "www.paypal.com", true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "paypal.com", true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "www.paypal.com", true));
EXPECT_EQ(domain_state.mode,
TransportSecurityState::DomainState::MODE_STRICT);
EXPECT_TRUE(domain_state.preloaded);
EXPECT_FALSE(domain_state.include_subdomains);
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "www2.paypal.com", true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state,
- "a.www.paypal.com",
- true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "www2.paypal.com", true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state,
+ "a.www.paypal.com",
+ true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "elanex.biz", true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "www.elanex.biz", true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "elanex.biz", true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "www.elanex.biz", true));
EXPECT_EQ(domain_state.mode,
TransportSecurityState::DomainState::MODE_STRICT);
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "foo.elanex.biz", true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state,
- "a.foo.elanex.biz",
- true));
-
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "sunshinepress.org",
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "foo.elanex.biz", true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state,
+ "a.foo.elanex.biz",
true));
+
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "sunshinepress.org",
+ true));
EXPECT_EQ(domain_state.mode,
TransportSecurityState::DomainState::MODE_STRICT);
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "www.sunshinepress.org",
- true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "a.b.sunshinepress.org",
- true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "www.sunshinepress.org",
+ true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "a.b.sunshinepress.org",
+ true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "www.noisebridge.net",
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "www.noisebridge.net",
+ true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state,
+ "noisebridge.net",
+ true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state,
+ "foo.noisebridge.net",
true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state,
- "noisebridge.net",
- true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state,
- "foo.noisebridge.net",
- true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "neg9.org", true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "www.neg9.org", true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "neg9.org", true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "www.neg9.org", true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "riseup.net", true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "foo.riseup.net", true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "riseup.net", true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "foo.riseup.net", true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "factor.cc", true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "www.factor.cc", true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "factor.cc", true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "www.factor.cc", true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "members.mayfirst.org",
- true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "support.mayfirst.org",
- true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "id.mayfirst.org", true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "lists.mayfirst.org",
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "members.mayfirst.org",
+ true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "support.mayfirst.org",
+ true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "id.mayfirst.org", true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "lists.mayfirst.org",
+ true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state,
+ "www.mayfirst.org",
true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state,
- "www.mayfirst.org",
- true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "splendidbacon.com",
- true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "www.splendidbacon.com",
- true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "foo.splendidbacon.com",
- true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "splendidbacon.com",
+ true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "www.splendidbacon.com",
+ true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "foo.splendidbacon.com",
+ true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "chrome.google.com",
- true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "checkout.google.com",
- true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "health.google.com",
- true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "aladdinschools.appspot.com",
- true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "ottospora.nl", true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "www.ottospora.nl", true));
-
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "docs.google.com", true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "sites.google.com", true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "drive.google.com", true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "spreadsheets.google.com",
- true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "appengine.google.com",
- true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "chrome.google.com",
+ true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "checkout.google.com",
+ true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "health.google.com",
+ true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "aladdinschools.appspot.com",
+ true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "ottospora.nl", true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "www.ottospora.nl", true));
+
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "docs.google.com", true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "sites.google.com", true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "drive.google.com", true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "spreadsheets.google.com",
+ true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "appengine.google.com",
+ true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "www.paycheckrecords.com",
- true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "market.android.com",
- true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "www.paycheckrecords.com",
+ true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "market.android.com",
+ true));
// The domain wasn't being set, leading to a blank string in the
// chrome://net-internals/#hsts UI. So test that.
EXPECT_EQ(domain_state.domain, "market.android.com");
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "sub.market.android.com",
- true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "sub.market.android.com",
+ true));
EXPECT_EQ(domain_state.domain, "market.android.com");
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "lastpass.com", true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "www.lastpass.com", true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state,
- "blog.lastpass.com",
- true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "lastpass.com", true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "www.lastpass.com", true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state,
+ "blog.lastpass.com",
+ true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "keyerror.com", true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "www.keyerror.com", true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "keyerror.com", true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "www.keyerror.com", true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "encrypted.google.com",
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "encrypted.google.com",
+ true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "accounts.google.com",
+ true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "profiles.google.com",
+ true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "mail.google.com", true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "chatenabled.mail.google.com",
+ true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "talkgadget.google.com",
+ true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "hostedtalkgadget.google.com",
+ true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "talk.google.com", true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "plus.google.com", true));
+
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "entropia.de", true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "www.entropia.de", true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "foo.entropia.de", true));
+
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "ssl.google-analytics.com",
+ true));
+
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "www.google.com", true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "google.com", true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "www.youtube.com", true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "youtube.com", true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "i.ytimg.com", true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "ytimg.com", true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state,
+ "googleusercontent.com",
true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "accounts.google.com",
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state,
+ "www.googleusercontent.com",
true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "profiles.google.com",
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state,
+ "www.google-analytics.com",
true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "mail.google.com", true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "chatenabled.mail.google.com",
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state,
+ "google-analytics.com",
true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "talkgadget.google.com",
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "googleapis.com", true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state,
+ "googleadservices.com",
true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "hostedtalkgadget.google.com",
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "googlecode.com", true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "appspot.com", true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state,
+ "googlesyndication.com",
true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "talk.google.com", true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "plus.google.com", true));
-
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "entropia.de", true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "www.entropia.de", true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "foo.entropia.de", true));
-
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "ssl.google-analytics.com",
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "doubleclick.net", true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state,
+ "googlegroups.com",
true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "www.google.com", true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "google.com", true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "www.youtube.com", true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "youtube.com", true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "i.ytimg.com", true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "ytimg.com", true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state,
- "googleusercontent.com",
- true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state,
- "www.googleusercontent.com",
- true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state,
- "www.google-analytics.com",
- true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state,
- "google-analytics.com",
- true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "googleapis.com", true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state,
- "googleadservices.com",
- true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "googlecode.com", true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "appspot.com", true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state,
- "googlesyndication.com",
- true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "doubleclick.net", true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state,
- "googlegroups.com",
- true));
-
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "gmail.com", true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "www.gmail.com", true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "m.gmail.com", true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "googlemail.com", true));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "gmail.com", true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "www.gmail.com", true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "m.gmail.com", true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "googlemail.com", true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "www.googlemail.com",
+ true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state,
+ "m.googlemail.com",
+ true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "gmail.com", false));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "www.gmail.com", false));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "m.gmail.com", false));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "googlemail.com", false));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state,
"www.googlemail.com",
- true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state,
- "m.googlemail.com",
- true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "gmail.com", false));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "www.gmail.com", false));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "m.gmail.com", false));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "googlemail.com", false));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state,
- "www.googlemail.com",
- false));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state,
- "m.googlemail.com",
- false));
-
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "romab.com", false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "www.romab.com", false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "foo.romab.com", false));
-
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "logentries.com", false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "www.logentries.com",
false));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state,
- "foo.logentries.com",
- false));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state,
+ "m.googlemail.com",
+ false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "stripe.com", false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "foo.stripe.com", false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "romab.com", false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "www.romab.com", false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "foo.romab.com", false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "cloudsecurityalliance.org",
- false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "foo.cloudsecurityalliance.org",
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "logentries.com", false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "www.logentries.com",
+ false));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state,
+ "foo.logentries.com",
false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "login.sapo.pt",
- false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "foo.login.sapo.pt",
- false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "stripe.com", false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "foo.stripe.com", false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "mattmccutchen.net",
- false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "foo.mattmccutchen.net",
- false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "cloudsecurityalliance.org",
+ false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "foo.cloudsecurityalliance.org",
+ false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "betnet.fr",
- false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "foo.betnet.fr",
- false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "login.sapo.pt",
+ false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "foo.login.sapo.pt",
+ false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "uprotect.it",
- false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "foo.uprotect.it",
- false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "mattmccutchen.net",
+ false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "foo.mattmccutchen.net",
+ false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "squareup.com",
- false));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state,
- "foo.squareup.com",
- false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "betnet.fr",
+ false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "foo.betnet.fr",
+ false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "cert.se",
- false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "foo.cert.se",
- false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "uprotect.it",
+ false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "foo.uprotect.it",
+ false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "crypto.is",
- false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "foo.crypto.is",
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "squareup.com",
+ false));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state,
+ "foo.squareup.com",
false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "simon.butcher.name",
- false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "foo.simon.butcher.name",
- false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "cert.se",
+ false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "foo.cert.se",
+ false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "linx.net",
- false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "foo.linx.net",
- false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "crypto.is",
+ false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "foo.crypto.is",
+ false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "dropcam.com",
- false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "foo.dropcam.com",
- false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "simon.butcher.name",
+ false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "foo.simon.butcher.name",
+ false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "ebanking.indovinabank.com.vn",
- false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "foo.ebanking.indovinabank.com.vn",
- false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "linx.net",
+ false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "foo.linx.net",
+ false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "epoxate.com",
- false));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state,
- "foo.epoxate.com",
- false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "dropcam.com",
+ false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "foo.dropcam.com",
+ false));
+
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "ebanking.indovinabank.com.vn",
+ false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "foo.ebanking.indovinabank.com.vn",
+ false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "torproject.org",
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "epoxate.com",
+ false));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state,
+ "foo.epoxate.com",
false));
+
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "torproject.org",
+ false));
EXPECT_TRUE(domain_state.public_key_hashes.size() != 0);
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "www.torproject.org",
- false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "www.torproject.org",
+ false));
EXPECT_TRUE(domain_state.public_key_hashes.size() != 0);
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "check.torproject.org",
- false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "check.torproject.org",
+ false));
EXPECT_TRUE(domain_state.public_key_hashes.size() != 0);
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "blog.torproject.org",
- false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "blog.torproject.org",
+ false));
EXPECT_TRUE(domain_state.public_key_hashes.size() != 0);
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state,
- "foo.torproject.org",
- false));
-
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "www.moneybookers.com",
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state,
+ "foo.torproject.org",
false));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state,
+
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "www.moneybookers.com",
+ false));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state,
"moneybookers.com",
false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "ledgerscope.net",
- false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "www.ledgerscope.net",
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "ledgerscope.net",
+ false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "www.ledgerscope.net",
+ false));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state,
+ "status.ledgerscope.net",
false));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state,
- "status.ledgerscope.net",
- false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "kyps.net",
- false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "www.kyps.net",
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "kyps.net",
+ false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "www.kyps.net",
+ false));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state,
+ "foo.kyps.net",
false));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state,
- "foo.kyps.net",
- false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "foo.app.recurly.com",
- false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "foo.api.recurly.com",
- false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "foo.app.recurly.com",
+ false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "foo.api.recurly.com",
+ false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "greplin.com",
- false));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "www.greplin.com",
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "greplin.com",
+ false));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "www.greplin.com",
+ false));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state,
+ "foo.greplin.com",
false));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state,
- "foo.greplin.com",
- false));
}
TEST_F(TransportSecurityStateTest, LongNames) {
- scoped_refptr<TransportSecurityState> state(
- new TransportSecurityState(std::string()));
+ TransportSecurityState state("");
const char kLongName[] =
"lookupByWaveIdHashAndWaveIdIdAndWaveIdDomainAndWaveletIdIdAnd"
"WaveletIdDomainAndBlipBlipid";
TransportSecurityState::DomainState domain_state;
// Just checks that we don't hit a NOTREACHED.
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, kLongName, true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, kLongName, true));
}
TEST_F(TransportSecurityStateTest, PublicKeyHashes) {
- scoped_refptr<TransportSecurityState> state(
- new TransportSecurityState(std::string()));
-
+ TransportSecurityState state("");
TransportSecurityState::DomainState domain_state;
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "example.com", false));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "example.com", false));
std::vector<SHA1Fingerprint> hashes;
EXPECT_TRUE(domain_state.IsChainOfPublicKeysPermitted(hashes));
@@ -743,161 +726,154 @@ TEST_F(TransportSecurityStateTest, PublicKeyHashes) {
const base::Time current_time(base::Time::Now());
const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000);
domain_state.expiry = expiry;
- state->EnableHost("example.com", domain_state);
+ state.EnableHost("example.com", domain_state);
std::string ser;
- EXPECT_TRUE(state->Serialise(&ser));
+ EXPECT_TRUE(state.Serialise(&ser));
bool dirty;
- EXPECT_TRUE(state->LoadEntries(ser, &dirty));
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "example.com", false));
+ EXPECT_TRUE(state.LoadEntries(ser, &dirty));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "example.com", false));
EXPECT_EQ(1u, domain_state.public_key_hashes.size());
EXPECT_TRUE(0 == memcmp(domain_state.public_key_hashes[0].data, hash.data,
sizeof(hash.data)));
}
TEST_F(TransportSecurityStateTest, BuiltinCertPins) {
- scoped_refptr<TransportSecurityState> state(
- new TransportSecurityState(std::string()));
-
+ TransportSecurityState state("");
TransportSecurityState::DomainState domain_state;
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state,
- "chrome.google.com",
- true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state, "chrome.google.com", true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state,
+ "chrome.google.com",
+ true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state, "chrome.google.com", true));
std::vector<SHA1Fingerprint> hashes;
// This essential checks that a built-in list does exist.
EXPECT_FALSE(domain_state.IsChainOfPublicKeysPermitted(hashes));
- EXPECT_FALSE(state->HasPinsForHost(&domain_state, "www.paypal.com", true));
- EXPECT_FALSE(state->HasPinsForHost(&domain_state, "twitter.com", true));
-
- EXPECT_TRUE(state->HasPinsForHost(&domain_state, "docs.google.com", true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state, "1.docs.google.com", true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state, "sites.google.com", true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state, "drive.google.com", true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state,
- "spreadsheets.google.com",
- true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state, "health.google.com", true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state,
- "checkout.google.com",
- true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state,
- "appengine.google.com",
- true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state, "market.android.com", true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state,
- "encrypted.google.com",
- true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state,
- "accounts.google.com",
- true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state,
- "profiles.google.com",
- true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state, "mail.google.com", true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state,
- "chatenabled.mail.google.com",
- true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state,
- "talkgadget.google.com",
- true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state,
- "hostedtalkgadget.google.com",
- true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state, "talk.google.com", true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state, "plus.google.com", true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state, "ssl.gstatic.com", true));
- EXPECT_FALSE(state->HasPinsForHost(&domain_state, "www.gstatic.com", true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state,
- "ssl.google-analytics.com",
- true));
+ EXPECT_FALSE(state.HasPinsForHost(&domain_state, "www.paypal.com", true));
+ EXPECT_FALSE(state.HasPinsForHost(&domain_state, "twitter.com", true));
+
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state, "docs.google.com", true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state, "1.docs.google.com", true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state, "sites.google.com", true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state, "drive.google.com", true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state,
+ "spreadsheets.google.com",
+ true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state, "health.google.com", true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state,
+ "checkout.google.com",
+ true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state,
+ "appengine.google.com",
+ true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state, "market.android.com", true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state,
+ "encrypted.google.com",
+ true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state,
+ "accounts.google.com",
+ true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state,
+ "profiles.google.com",
+ true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state, "mail.google.com", true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state,
+ "chatenabled.mail.google.com",
+ true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state,
+ "talkgadget.google.com",
+ true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state,
+ "hostedtalkgadget.google.com",
+ true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state, "talk.google.com", true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state, "plus.google.com", true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state, "ssl.gstatic.com", true));
+ EXPECT_FALSE(state.HasPinsForHost(&domain_state, "www.gstatic.com", true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state,
+ "ssl.google-analytics.com",
+ true));
}
TEST_F(TransportSecurityStateTest, OptionalHSTSCertPins) {
- scoped_refptr<TransportSecurityState> state(
- new TransportSecurityState(std::string()));
-
+ TransportSecurityState state("");
TransportSecurityState::DomainState domain_state;
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state,
- "www.google-analytics.com",
- false));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state,
- "www.google-analytics.com",
- true));
- EXPECT_FALSE(state->HasPinsForHost(&domain_state,
- "www.google-analytics.com",
- false));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state,
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state,
+ "www.google-analytics.com",
+ false));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state,
+ "www.google-analytics.com",
+ true));
+ EXPECT_FALSE(state.HasPinsForHost(&domain_state,
"www.google-analytics.com",
+ false));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state,
+ "www.google-analytics.com",
+ true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state, "google.com", true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state, "www.google.com", true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state,
+ "mail-attachment.googleusercontent.com",
+ true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state, "www.youtube.com", true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state, "i.ytimg.com", true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state, "googleapis.com", true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state,
+ "ajax.googleapis.com",
+ true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state,
+ "googleadservices.com",
+ true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state,
+ "pagead2.googleadservices.com",
+ true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state, "googlecode.com", true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state,
+ "kibbles.googlecode.com",
+ true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state, "appspot.com", true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state,
+ "googlesyndication.com",
+ true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state, "doubleclick.net", true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state, "ad.doubleclick.net", true));
+ EXPECT_FALSE(state.HasPinsForHost(&domain_state,
+ "learn.doubleclick.net",
true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state, "google.com", true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state, "www.google.com", true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state,
- "mail-attachment.googleusercontent.com",
- true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state, "www.youtube.com", true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state, "i.ytimg.com", true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state, "googleapis.com", true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state,
- "ajax.googleapis.com",
- true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state,
- "googleadservices.com",
- true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state,
- "pagead2.googleadservices.com",
- true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state, "googlecode.com", true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state,
- "kibbles.googlecode.com",
- true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state, "appspot.com", true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state,
- "googlesyndication.com",
- true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state, "doubleclick.net", true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state, "ad.doubleclick.net", true));
- EXPECT_FALSE(state->HasPinsForHost(&domain_state,
- "learn.doubleclick.net",
- true));
- EXPECT_TRUE(state->HasPinsForHost(&domain_state, "a.googlegroups.com", true));
- EXPECT_FALSE(state->HasPinsForHost(&domain_state,
- "a.googlegroups.com",
- false));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state, "a.googlegroups.com", true));
+ EXPECT_FALSE(state.HasPinsForHost(&domain_state,
+ "a.googlegroups.com",
+ false));
}
TEST_F(TransportSecurityStateTest, ForcePreloads) {
// This is a docs.google.com override.
std::string preload("{"
- "\"4AGT3lHihuMSd5rUj7B4u6At0jlSH3HFePovjPR+oLE=\": {"
- "\"created\": 0.0,"
- "\"expiry\": 2000000000.0,"
- "\"include_subdomains\": false,"
- "\"mode\": \"none\""
- "}}");
-
- scoped_refptr<TransportSecurityState> state(
- new TransportSecurityState(preload));
+ "\"4AGT3lHihuMSd5rUj7B4u6At0jlSH3HFePovjPR+oLE=\": {"
+ "\"created\": 0.0,"
+ "\"expiry\": 2000000000.0,"
+ "\"include_subdomains\": false,"
+ "\"mode\": \"none\""
+ "}}");
+
+ TransportSecurityState state(preload);
TransportSecurityState::DomainState domain_state;
- EXPECT_FALSE(state->HasPinsForHost(&domain_state, "docs.google.com", true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "docs.google.com", true));
+ EXPECT_FALSE(state.HasPinsForHost(&domain_state, "docs.google.com", true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "docs.google.com", true));
}
TEST_F(TransportSecurityStateTest, OverrideBuiltins) {
- scoped_refptr<TransportSecurityState> state(
- new TransportSecurityState(std::string()));
-
+ TransportSecurityState state("");
TransportSecurityState::DomainState domain_state;
- EXPECT_TRUE(state->HasPinsForHost(&domain_state, "google.com", true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "google.com", true));
- EXPECT_FALSE(state->IsEnabledForHost(&domain_state, "www.google.com", true));
+ EXPECT_TRUE(state.HasPinsForHost(&domain_state, "google.com", true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "google.com", true));
+ EXPECT_FALSE(state.IsEnabledForHost(&domain_state, "www.google.com", true));
domain_state = TransportSecurityState::DomainState();
const base::Time current_time(base::Time::Now());
const base::Time expiry = current_time + base::TimeDelta::FromSeconds(1000);
domain_state.expiry = expiry;
- state->EnableHost("www.google.com", domain_state);
+ state.EnableHost("www.google.com", domain_state);
- EXPECT_TRUE(state->IsEnabledForHost(&domain_state, "www.google.com", true));
+ EXPECT_TRUE(state.IsEnabledForHost(&domain_state, "www.google.com", true));
}
static const uint8 kSidePinLeafSPKI[] = {
generated by cgit v1.1 at 2025-03-31 03:46:11 +0000