rAc libaddressinput - disable insecure downloads

another layer of protection so the security team sleeps better at night

BUG=none
R=dbeam@chromium.org

Review URL: https://codereview.chromium.org/154303003

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@249120 0039d316-1c4b-4281-b951-d872f2087c98

2 files changed, 24 insertions, 4 deletions

diff --git a/third_party/libaddressinput/chromium/chrome_downloader_impl.cc b/third_party/libaddressinput/chromium/chrome_downloader_impl.cc
index a0a8b17..507cc9e 100644
--- a/third_party/libaddressinput/chromium/chrome_downloader_impl.cc
+++ b/third_party/libaddressinput/chromium/chrome_downloader_impl.cc
@@ -58,8 +58,14 @@ ChromeDownloaderImpl::~ChromeDownloaderImpl() {
 void ChromeDownloaderImpl::Download(
     const std::string& url,
     scoped_ptr<Callback> downloaded) {
+  GURL resource(url);
+  if (!resource.SchemeIsSecure()) {
+    (*downloaded)(false, url, make_scoped_ptr(new std::string()));
+    return;
+  }
+
   scoped_ptr<net::URLFetcher> fetcher(
-      net::URLFetcher::Create(GURL(url), net::URLFetcher::GET, this));
+      net::URLFetcher::Create(resource, net::URLFetcher::GET, this));
   fetcher->SetLoadFlags(
       net::LOAD_DO_NOT_SEND_COOKIES | net::LOAD_DO_NOT_SAVE_COOKIES);
   fetcher->SetRequestContext(getter_);
diff --git a/third_party/libaddressinput/chromium/chrome_downloader_impl_unittest.cc b/third_party/libaddressinput/chromium/chrome_downloader_impl_unittest.cc
index 07683ec..15502f5 100644
--- a/third_party/libaddressinput/chromium/chrome_downloader_impl_unittest.cc
+++ b/third_party/libaddressinput/chromium/chrome_downloader_impl_unittest.cc
@@ -11,7 +11,8 @@
 
 namespace autofill {
 
-static const char kFakeUrl[] = "http://example.com";
+static const char kFakeUrl[] = "https://example.com";
+static const char kFakeInsecureUrl[] = "http://example.com";
 
 class ChromeDownloaderImplTest : public testing::Test {
  public:
@@ -23,7 +24,7 @@ class ChromeDownloaderImplTest : public testing::Test {
  protected:
   // Sets the response for the download.
   void SetFakeResponse(const std::string& payload, net::HttpStatusCode code) {
-    fake_factory_.SetFakeResponse(GURL(kFakeUrl),
+    fake_factory_.SetFakeResponse(url_,
                                   payload,
                                   code,
                                   net::URLRequestStatus::SUCCESS);
@@ -34,10 +35,11 @@ class ChromeDownloaderImplTest : public testing::Test {
     net::TestURLRequestContextGetter* getter =
         new net::TestURLRequestContextGetter(base::MessageLoopProxy::current());
     ChromeDownloaderImpl impl(getter);
-    impl.Download(kFakeUrl, BuildCallback());
+    impl.Download(url_.spec(), BuildCallback());
     base::MessageLoop::current()->RunUntilIdle();
   }
 
+  void set_url(const GURL& url) { url_ = url; }
   const std::string& data() { return *data_; }
   bool success() { return success_; }
 
@@ -58,12 +60,14 @@ class ChromeDownloaderImplTest : public testing::Test {
   base::MessageLoop loop_;
   net::URLFetcherImplFactory factory_;
   net::FakeURLFetcherFactory fake_factory_;
+  GURL url_;
   scoped_ptr<std::string> data_;
   bool success_;
 };
 
 TEST_F(ChromeDownloaderImplTest, Success) {
   const char kFakePayload[] = "ham hock";
+  set_url(GURL(kFakeUrl));
   SetFakeResponse(kFakePayload, net::HTTP_OK);
   Download();
   EXPECT_TRUE(success());
@@ -72,10 +76,20 @@ TEST_F(ChromeDownloaderImplTest, Success) {
 
 TEST_F(ChromeDownloaderImplTest, Failure) {
   const char kFakePayload[] = "ham hock";
+  set_url(GURL(kFakeUrl));
   SetFakeResponse(kFakePayload, net::HTTP_INTERNAL_SERVER_ERROR);
   Download();
   EXPECT_FALSE(success());
   EXPECT_EQ(std::string(), data());
 }
 
+TEST_F(ChromeDownloaderImplTest, RejectsInsecureScheme) {
+  const char kFakePayload[] = "ham hock";
+  set_url(GURL(kFakeInsecureUrl));
+  SetFakeResponse(kFakePayload, net::HTTP_OK);
+  Download();
+  EXPECT_FALSE(success());
+  EXPECT_EQ(std::string(), data());
+}
+
 }  // namespace autofill