summaryrefslogtreecommitdiffstats
path: root/net/url_request/url_request_unittest.cc
diff options
context:
space:
mode:
Diffstat (limited to 'net/url_request/url_request_unittest.cc')
-rw-r--r--net/url_request/url_request_unittest.cc180
1 files changed, 180 insertions, 0 deletions
diff --git a/net/url_request/url_request_unittest.cc b/net/url_request/url_request_unittest.cc
index f91a283..3fb6cb2 100644
--- a/net/url_request/url_request_unittest.cc
+++ b/net/url_request/url_request_unittest.cc
@@ -662,6 +662,11 @@ class MockCertificateReportSender
std::string latest_report_;
};
+class TestExperimentalFeaturesNetworkDelegate : public TestNetworkDelegate {
+ public:
+ bool OnAreExperimentalCookieFeaturesEnabled() const override { return true; }
+};
+
} // namespace
// Inherit PlatformTest since we require the autorelease pool on Mac OS X.
@@ -2722,6 +2727,181 @@ TEST_F(URLRequestTest, FirstPartyOnlyCookiesDisabled) {
}
}
+// Tests that $Secure- cookies can't be set on non-secure origins.
+TEST_F(URLRequestTest, SecureCookiePrefixOnNonsecureOrigin) {
+ LocalHttpTestServer test_server;
+ ASSERT_TRUE(test_server.Start());
+ SpawnedTestServer test_server_https(
+ SpawnedTestServer::TYPE_HTTPS, SpawnedTestServer::kLocalhost,
+ base::FilePath(FILE_PATH_LITERAL("net/data/ssl")));
+ ASSERT_TRUE(test_server_https.Start());
+
+ TestExperimentalFeaturesNetworkDelegate network_delegate;
+ TestURLRequestContext context(true);
+ context.set_network_delegate(&network_delegate);
+ context.Init();
+
+ // Try to set a Secure $Secure- cookie, with experimental features
+ // enabled.
+ {
+ TestDelegate d;
+ scoped_ptr<URLRequest> req(context.CreateRequest(
+ test_server.GetURL("set-cookie?$Secure-nonsecure-origin=1;Secure"),
+ DEFAULT_PRIORITY, &d));
+ req->Start();
+ base::RunLoop().Run();
+ EXPECT_EQ(0, network_delegate.blocked_get_cookies_count());
+ EXPECT_EQ(0, network_delegate.blocked_set_cookie_count());
+ }
+
+ // Verify that the cookie is not set.
+ {
+ TestDelegate d;
+ scoped_ptr<URLRequest> req(context.CreateRequest(
+ test_server_https.GetURL("echoheader?Cookie"), DEFAULT_PRIORITY, &d));
+ req->Start();
+ base::RunLoop().Run();
+
+ EXPECT_TRUE(d.data_received().find("$Secure-nonsecure-origin=1") ==
+ std::string::npos);
+ EXPECT_EQ(0, network_delegate.blocked_get_cookies_count());
+ EXPECT_EQ(0, network_delegate.blocked_set_cookie_count());
+ }
+}
+
+TEST_F(URLRequestTest, SecureCookiePrefixNonexperimental) {
+ SpawnedTestServer test_server(
+ SpawnedTestServer::TYPE_HTTPS, SpawnedTestServer::kLocalhost,
+ base::FilePath(FILE_PATH_LITERAL("net/data/ssl")));
+ ASSERT_TRUE(test_server.Start());
+
+ TestNetworkDelegate network_delegate;
+ TestURLRequestContext context(true);
+ context.set_network_delegate(&network_delegate);
+ context.Init();
+
+ // Without experimental features, there should be no restrictions on
+ // $Secure- cookies.
+
+ // Set a non-Secure cookie with the $Secure- prefix.
+ {
+ TestDelegate d;
+ scoped_ptr<URLRequest> req(context.CreateRequest(
+ test_server.GetURL("set-cookie?$Secure-nonsecure-not-experimental=1"),
+ DEFAULT_PRIORITY, &d));
+ req->Start();
+ base::RunLoop().Run();
+ EXPECT_EQ(0, network_delegate.blocked_get_cookies_count());
+ EXPECT_EQ(0, network_delegate.blocked_set_cookie_count());
+ }
+
+ // Set a Secure cookie with the $Secure- prefix.
+ {
+ TestDelegate d;
+ scoped_ptr<URLRequest> req(context.CreateRequest(
+ test_server.GetURL(
+ "set-cookie?$Secure-secure-not-experimental=1;Secure"),
+ DEFAULT_PRIORITY, &d));
+ req->Start();
+ base::RunLoop().Run();
+ EXPECT_EQ(0, network_delegate.blocked_get_cookies_count());
+ EXPECT_EQ(0, network_delegate.blocked_set_cookie_count());
+ }
+
+ // Verify that the cookies are set. Neither should have any
+ // restrictions because the experimental flag is off.
+ {
+ TestDelegate d;
+ scoped_ptr<URLRequest> req(context.CreateRequest(
+ test_server.GetURL("echoheader?Cookie"), DEFAULT_PRIORITY, &d));
+ req->Start();
+ base::RunLoop().Run();
+
+ EXPECT_TRUE(d.data_received().find("$Secure-secure-not-experimental=1") !=
+ std::string::npos);
+ EXPECT_TRUE(
+ d.data_received().find("$Secure-nonsecure-not-experimental=1") !=
+ std::string::npos);
+ EXPECT_EQ(0, network_delegate.blocked_get_cookies_count());
+ EXPECT_EQ(0, network_delegate.blocked_set_cookie_count());
+ }
+}
+
+TEST_F(URLRequestTest, SecureCookiePrefixExperimentalNonsecure) {
+ SpawnedTestServer test_server(
+ SpawnedTestServer::TYPE_HTTPS, SpawnedTestServer::kLocalhost,
+ base::FilePath(FILE_PATH_LITERAL("net/data/ssl")));
+ ASSERT_TRUE(test_server.Start());
+
+ TestExperimentalFeaturesNetworkDelegate network_delegate;
+ TestURLRequestContext context(true);
+ context.set_network_delegate(&network_delegate);
+ context.Init();
+
+ // Try to set a non-Secure $Secure- cookie, with experimental features
+ // enabled.
+ {
+ TestDelegate d;
+ scoped_ptr<URLRequest> req(context.CreateRequest(
+ test_server.GetURL("set-cookie?$Secure-foo=1"), DEFAULT_PRIORITY, &d));
+ req->Start();
+ base::RunLoop().Run();
+ EXPECT_EQ(0, network_delegate.blocked_get_cookies_count());
+ EXPECT_EQ(0, network_delegate.blocked_set_cookie_count());
+ }
+
+ // Verify that the cookie is not set.
+ {
+ TestDelegate d;
+ scoped_ptr<URLRequest> req(context.CreateRequest(
+ test_server.GetURL("echoheader?Cookie"), DEFAULT_PRIORITY, &d));
+ req->Start();
+ base::RunLoop().Run();
+
+ EXPECT_TRUE(d.data_received().find("$Secure-foo=1") == std::string::npos);
+ EXPECT_EQ(0, network_delegate.blocked_get_cookies_count());
+ EXPECT_EQ(0, network_delegate.blocked_set_cookie_count());
+ }
+}
+
+TEST_F(URLRequestTest, SecureCookiePrefixExperimentalSecure) {
+ SpawnedTestServer test_server(
+ SpawnedTestServer::TYPE_HTTPS, SpawnedTestServer::kLocalhost,
+ base::FilePath(FILE_PATH_LITERAL("net/data/ssl")));
+ ASSERT_TRUE(test_server.Start());
+
+ TestExperimentalFeaturesNetworkDelegate network_delegate;
+ TestURLRequestContext context(true);
+ context.set_network_delegate(&network_delegate);
+ context.Init();
+
+ // Try to set a Secure $Secure- cookie, with experimental features
+ // enabled.
+ {
+ TestDelegate d;
+ scoped_ptr<URLRequest> req(context.CreateRequest(
+ test_server.GetURL("set-cookie?$Secure-bar=1;Secure"), DEFAULT_PRIORITY,
+ &d));
+ req->Start();
+ base::RunLoop().Run();
+ EXPECT_EQ(0, network_delegate.blocked_get_cookies_count());
+ EXPECT_EQ(0, network_delegate.blocked_set_cookie_count());
+ }
+
+ // Verify that the cookie is set.
+ {
+ TestDelegate d;
+ scoped_ptr<URLRequest> req(context.CreateRequest(
+ test_server.GetURL("echoheader?Cookie"), DEFAULT_PRIORITY, &d));
+ req->Start();
+ base::RunLoop().Run();
+
+ EXPECT_TRUE(d.data_received().find("$Secure-bar=1") != std::string::npos);
+ EXPECT_EQ(0, network_delegate.blocked_get_cookies_count());
+ EXPECT_EQ(0, network_delegate.blocked_set_cookie_count());
+ }
+}
+
// Tests that a request is cancelled while entering suspend mode. Uses mocks
// rather than a spawned test server because the connection used to talk to
// the test server is affected by entering suspend mode on Android.
generated by cgit v1.1 at 2025-05-14 14:55:59 +0000