blob: 261456518a38a4c7f90fc552cd6e69bc4ea2f1c9 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
// Copyright 2015 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "base/command_line.h"
#include "chrome/common/chrome_switches.h"
#include "content/public/common/origin_util.h"
#include "testing/gtest/include/gtest/gtest.h"
#include "url/gurl.h"
using content::IsOriginSecure;
namespace chrome {
TEST(SecureOriginWhiteList, UnsafelyTreatInsecureOriginAsSecure) {
EXPECT_FALSE(content::IsOriginSecure(GURL("http://example.com/a.html")));
EXPECT_FALSE(
content::IsOriginSecure(GURL("http://127.example.com/a.html")));
// Add http://example.com and http://127.example.com to whitelist by
// command-line and see if they are now considered secure origins.
// (The command line is applied via
// ChromeContentClient::AddSecureSchemesAndOrigins)
base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
command_line->AppendSwitchASCII(
switches::kUnsafelyTreatInsecureOriginAsSecure,
"http://example.com,http://127.example.com");
command_line->AppendSwitch(switches::kUserDataDir);
content::ResetSchemesAndOriginsWhitelistForTesting();
// They should be now white-listed.
EXPECT_TRUE(content::IsOriginSecure(GURL("http://example.com/a.html")));
EXPECT_TRUE(content::IsOriginSecure(GURL("http://127.example.com/a.html")));
// Check that similarly named sites are not considered secure.
EXPECT_FALSE(content::IsOriginSecure(GURL("http://128.example.com/a.html")));
EXPECT_FALSE(content::IsOriginSecure(
GURL("http://foobar.127.example.com/a.html")));
}
} // namespace chrome
|
