chrome/common/secure_origin_whitelist_unittest.cc - chromium/src - Git at Google

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "base/command_line.h"
 #include "chrome/common/chrome_switches.h"
 #include "content/public/common/origin_util.h"
 #include "testing/gtest/include/gtest/gtest.h"
 #include "url/gurl.h"

 using content::IsOriginSecure;

 namespace chrome {

 TEST(SecureOriginWhiteList, UnsafetyTreatInsecureOriginAsSecure) {
   EXPECT_FALSE(content::IsOriginSecure(GURL("http://example.com/a.html")));
   EXPECT_FALSE(
       content::IsOriginSecure(GURL("http://127.example.com/a.html")));

   // Add http://example.com and http://127.example.com to whitelist by
   // command-line and see if they are now considered secure origins.
   // (The command line is applied via
   // ChromeContentClient::AddSecureSchemesAndOrigins)
   base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
   command_line->AppendSwitchASCII(
       switches::kUnsafetyTreatInsecureOriginAsSecure,
       "http://example.com,http://127.example.com");
   command_line->AppendSwitch(switches::kUserDataDir);
   content::ResetSecureSchemesAndOriginsForTesting();

   // They should be now white-listed.
   EXPECT_TRUE(content::IsOriginSecure(GURL("http://example.com/a.html")));
   EXPECT_TRUE(content::IsOriginSecure(GURL("http://127.example.com/a.html")));

   // Check that similarly named sites are not considered secure.
   EXPECT_FALSE(content::IsOriginSecure(GURL("http://128.example.com/a.html")));
   EXPECT_FALSE(content::IsOriginSecure(
       GURL("http://foobar.127.example.com/a.html")));
 }

 }  // namespace chrome
	// Copyright 2015 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "base/command_line.h"
	#include "chrome/common/chrome_switches.h"
	#include "content/public/common/origin_util.h"
	#include "testing/gtest/include/gtest/gtest.h"
	#include "url/gurl.h"

	using content::IsOriginSecure;

	namespace chrome {

	TEST(SecureOriginWhiteList, UnsafetyTreatInsecureOriginAsSecure) {
	EXPECT_FALSE(content::IsOriginSecure(GURL("http://example.com/a.html")));
	EXPECT_FALSE(
	content::IsOriginSecure(GURL("http://127.example.com/a.html")));

	// Add http://example.com and http://127.example.com to whitelist by
	// command-line and see if they are now considered secure origins.
	// (The command line is applied via
	// ChromeContentClient::AddSecureSchemesAndOrigins)
	base::CommandLine* command_line = base::CommandLine::ForCurrentProcess();
	command_line->AppendSwitchASCII(
	switches::kUnsafetyTreatInsecureOriginAsSecure,
	"http://example.com,http://127.example.com");
	command_line->AppendSwitch(switches::kUserDataDir);
	content::ResetSecureSchemesAndOriginsForTesting();

	// They should be now white-listed.
	EXPECT_TRUE(content::IsOriginSecure(GURL("http://example.com/a.html")));
	EXPECT_TRUE(content::IsOriginSecure(GURL("http://127.example.com/a.html")));

	// Check that similarly named sites are not considered secure.
	EXPECT_FALSE(content::IsOriginSecure(GURL("http://128.example.com/a.html")));
	EXPECT_FALSE(content::IsOriginSecure(
	GURL("http://foobar.127.example.com/a.html")));
	}

	} // namespace chrome