Home | History | Annotate | Download | only in http
      1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #include "net/http/url_security_manager.h"
      6 
      7 #include "base/basictypes.h"
      8 #include "googleurl/src/gurl.h"
      9 #include "net/base/net_errors.h"
     10 #include "net/http/http_auth_filter.h"
     11 #include "testing/gtest/include/gtest/gtest.h"
     12 
     13 namespace net {
     14 
     15 namespace {
     16 
     17 struct TestData {
     18   const char* url;
     19   bool succeds_in_windows_default;
     20   bool succeeds_in_whitelist;
     21 };
     22 
     23 const char* kTestAuthWhitelist = "*example.com,*foobar.com,baz";
     24 
     25 // Under Windows the following will be allowed by default:
     26 //    localhost
     27 //    host names without a period.
     28 // In Posix systems (or on Windows if a whitelist is specified explicitly),
     29 // everything depends on the whitelist.
     30 const TestData kTestDataList[] = {
     31   { "http://localhost", true, false },
     32   { "http://bat", true, false },
     33   { "http://www.example.com", false, true },
     34   { "http://example.com", false, true },
     35   { "http://foobar.com", false, true },
     36   { "http://boo.foobar.com", false, true },
     37   { "http://baz", true, true },
     38   { "http://www.exampl.com", false, false },
     39   { "http://example.org", false, false },
     40   { "http://foobar.net", false, false },
     41   { "http://boo.fubar.com", false, false },
     42 };
     43 
     44 }  // namespace
     45 
     46 TEST(URLSecurityManager, UseDefaultCredentials) {
     47   HttpAuthFilterWhitelist* auth_filter = new HttpAuthFilterWhitelist(
     48       kTestAuthWhitelist);
     49   ASSERT_TRUE(auth_filter);
     50   // The URL security manager takes ownership of |auth_filter|.
     51   scoped_ptr<URLSecurityManager> url_security_manager(
     52       URLSecurityManager::Create(auth_filter, NULL));
     53   ASSERT_TRUE(url_security_manager.get());
     54 
     55   for (size_t i = 0; i < arraysize(kTestDataList); ++i) {
     56     GURL gurl(kTestDataList[i].url);
     57     bool can_use_default =
     58         url_security_manager->CanUseDefaultCredentials(gurl);
     59 
     60     EXPECT_EQ(kTestDataList[i].succeeds_in_whitelist, can_use_default)
     61         << " Run: " << i << " URL: '" << gurl << "'";
     62   }
     63 }
     64 
     65 TEST(URLSecurityManager, CanDelegate) {
     66   HttpAuthFilterWhitelist* auth_filter = new HttpAuthFilterWhitelist(
     67       kTestAuthWhitelist);
     68   ASSERT_TRUE(auth_filter);
     69   // The URL security manager takes ownership of |auth_filter|.
     70   scoped_ptr<URLSecurityManager> url_security_manager(
     71       URLSecurityManager::Create(NULL, auth_filter));
     72   ASSERT_TRUE(url_security_manager.get());
     73 
     74   for (size_t i = 0; i < arraysize(kTestDataList); ++i) {
     75     GURL gurl(kTestDataList[i].url);
     76     bool can_delegate = url_security_manager->CanDelegate(gurl);
     77     EXPECT_EQ(kTestDataList[i].succeeds_in_whitelist, can_delegate)
     78         << " Run: " << i << " URL: '" << gurl << "'";
     79   }
     80 }
     81 
     82 TEST(URLSecurityManager, CanDelegate_NoWhitelist) {
     83   // Nothing can delegate in this case.
     84   scoped_ptr<URLSecurityManager> url_security_manager(
     85       URLSecurityManager::Create(NULL, NULL));
     86   ASSERT_TRUE(url_security_manager.get());
     87 
     88   for (size_t i = 0; i < arraysize(kTestDataList); ++i) {
     89     GURL gurl(kTestDataList[i].url);
     90     bool can_delegate = url_security_manager->CanDelegate(gurl);
     91     EXPECT_FALSE(can_delegate);
     92   }
     93 }
     94 
     95 
     96 }  // namespace net
     97