mirror of
https://bitbucket.org/chromiumembedded/cef
synced 2025-06-05 21:39:12 +02:00
Improvements to scheme handling (issue #246).
- Break CefRegisterScheme into separate CefRegisterCustomScheme and CefRegisterSchemeHandlerFactory functions. - Allow registration of handlers for built-in schemes. - Supply scheme and request information to CefSchemeHandlerFactory::Create. - Add CrossOriginWhitelist functions for bypassing the same-origin policy with both built-in and custom standard schemes. git-svn-id: https://chromiumembedded.googlecode.com/svn/trunk@247 5089003a-bbd8-11dd-ad1f-f1f9622dbc98
This commit is contained in:
@ -2,6 +2,7 @@
|
||||
// reserved. Use of this source code is governed by a BSD-style license that
|
||||
// can be found in the LICENSE file.
|
||||
|
||||
#include "include/cef_runnable.h"
|
||||
#include "test_handler.h"
|
||||
|
||||
namespace {
|
||||
@ -10,6 +11,8 @@ class TestResults
|
||||
{
|
||||
public:
|
||||
TestResults()
|
||||
: status_code(0),
|
||||
sub_status_code(0)
|
||||
{
|
||||
}
|
||||
|
||||
@ -18,22 +21,45 @@ public:
|
||||
url.clear();
|
||||
html.clear();
|
||||
status_code = 0;
|
||||
redirect_url.clear();
|
||||
sub_url.clear();
|
||||
sub_html.clear();
|
||||
sub_status_code = 0;
|
||||
sub_allow_origin.clear();
|
||||
exit_url.clear();
|
||||
got_request.reset();
|
||||
got_read.reset();
|
||||
got_output.reset();
|
||||
got_redirect.reset();
|
||||
got_error.reset();
|
||||
got_sub_request.reset();
|
||||
got_sub_read.reset();
|
||||
got_sub_success.reset();
|
||||
}
|
||||
|
||||
std::string url;
|
||||
std::string html;
|
||||
int status_code;
|
||||
|
||||
// Used for testing redirects
|
||||
std::string redirect_url;
|
||||
|
||||
// Used for testing XHR requests
|
||||
std::string sub_url;
|
||||
std::string sub_html;
|
||||
int sub_status_code;
|
||||
std::string sub_allow_origin;
|
||||
std::string exit_url;
|
||||
|
||||
TrackCallback
|
||||
got_request,
|
||||
got_read,
|
||||
got_output,
|
||||
got_redirect;
|
||||
got_redirect,
|
||||
got_error,
|
||||
got_sub_request,
|
||||
got_sub_read,
|
||||
got_sub_success;
|
||||
};
|
||||
|
||||
class TestSchemeHandler : public TestHandler
|
||||
@ -55,9 +81,18 @@ public:
|
||||
NavType navType,
|
||||
bool isRedirect) OVERRIDE
|
||||
{
|
||||
std::string newUrl = request->GetURL();
|
||||
if (!test_results_->exit_url.empty() &&
|
||||
newUrl.find(test_results_->exit_url) != std::string::npos) {
|
||||
// XHR tests use an exit URL to destroy the test.
|
||||
if (newUrl.find("SUCCESS") != std::string::npos)
|
||||
test_results_->got_sub_success.yes();
|
||||
DestroyTest();
|
||||
return true;
|
||||
}
|
||||
|
||||
if (isRedirect) {
|
||||
test_results_->got_redirect.yes();
|
||||
std::string newUrl = request->GetURL();
|
||||
EXPECT_EQ(newUrl, test_results_->redirect_url);
|
||||
|
||||
// No read should have occurred for the redirect.
|
||||
@ -76,15 +111,34 @@ public:
|
||||
CefRefPtr<CefFrame> frame,
|
||||
int httpStatusCode) OVERRIDE
|
||||
{
|
||||
// Test that the output is correct.
|
||||
std::string output = frame->GetSource();
|
||||
if (output == test_results_->html)
|
||||
test_results_->got_output.yes();
|
||||
std::string url = frame->GetURL();
|
||||
if (url == test_results_->url || test_results_->status_code != 200) {
|
||||
if (test_results_->sub_url.empty()) {
|
||||
// Test that the output is correct.
|
||||
std::string output = frame->GetSource();
|
||||
if (output == test_results_->html)
|
||||
test_results_->got_output.yes();
|
||||
} else {
|
||||
test_results_->got_output.yes();
|
||||
}
|
||||
|
||||
// Test that the status code is correct.
|
||||
EXPECT_EQ(httpStatusCode, test_results_->status_code);
|
||||
// Test that the status code is correct.
|
||||
EXPECT_EQ(httpStatusCode, test_results_->status_code);
|
||||
|
||||
if (test_results_->sub_url.empty())
|
||||
DestroyTest();
|
||||
}
|
||||
}
|
||||
|
||||
virtual bool OnLoadError(CefRefPtr<CefBrowser> browser,
|
||||
CefRefPtr<CefFrame> frame,
|
||||
ErrorCode errorCode,
|
||||
const CefString& failedUrl,
|
||||
CefString& errorText) OVERRIDE
|
||||
{
|
||||
test_results_->got_error.yes();
|
||||
DestroyTest();
|
||||
return false;
|
||||
}
|
||||
|
||||
protected:
|
||||
@ -95,7 +149,7 @@ class ClientSchemeHandler : public CefSchemeHandler
|
||||
{
|
||||
public:
|
||||
ClientSchemeHandler(TestResults* tr)
|
||||
: test_results_(tr), offset_(0) {}
|
||||
: test_results_(tr), offset_(0), is_sub_(false) {}
|
||||
|
||||
virtual bool ProcessRequest(CefRefPtr<CefRequest> request,
|
||||
CefString& redirectUrl,
|
||||
@ -104,20 +158,43 @@ public:
|
||||
{
|
||||
EXPECT_TRUE(CefCurrentlyOn(TID_IO));
|
||||
|
||||
test_results_->got_request.yes();
|
||||
|
||||
std::string url = request->GetURL();
|
||||
EXPECT_EQ(url, test_results_->url);
|
||||
is_sub_ = (!test_results_->sub_url.empty() &&
|
||||
test_results_->sub_url == url);
|
||||
|
||||
response->SetStatus(test_results_->status_code);
|
||||
if (is_sub_) {
|
||||
test_results_->got_sub_request.yes();
|
||||
response->SetStatus(test_results_->sub_status_code);
|
||||
|
||||
if (!test_results_->redirect_url.empty()) {
|
||||
redirectUrl = test_results_->redirect_url;
|
||||
return true;
|
||||
} else if (!test_results_->html.empty()) {
|
||||
response->SetMimeType("text/html");
|
||||
*response_length = test_results_->html.size();
|
||||
return true;
|
||||
if (!test_results_->sub_allow_origin.empty()) {
|
||||
// Set the Access-Control-Allow-Origin header to allow cross-domain
|
||||
// scripting.
|
||||
CefResponse::HeaderMap headers;
|
||||
headers.insert(std::make_pair("Access-Control-Allow-Origin",
|
||||
test_results_->sub_allow_origin));
|
||||
response->SetHeaderMap(headers);
|
||||
}
|
||||
|
||||
if (!test_results_->sub_html.empty()) {
|
||||
response->SetMimeType("text/html");
|
||||
*response_length = test_results_->sub_html.size();
|
||||
return true;
|
||||
}
|
||||
} else {
|
||||
EXPECT_EQ(url, test_results_->url);
|
||||
|
||||
test_results_->got_request.yes();
|
||||
|
||||
response->SetStatus(test_results_->status_code);
|
||||
|
||||
if (!test_results_->redirect_url.empty()) {
|
||||
redirectUrl = test_results_->redirect_url;
|
||||
return true;
|
||||
} else if (!test_results_->html.empty()) {
|
||||
response->SetMimeType("text/html");
|
||||
*response_length = test_results_->html.size();
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
return false;
|
||||
@ -132,18 +209,26 @@ public:
|
||||
{
|
||||
EXPECT_TRUE(CefCurrentlyOn(TID_IO));
|
||||
|
||||
test_results_->got_read.yes();
|
||||
std::string* data;
|
||||
|
||||
if (is_sub_) {
|
||||
test_results_->got_sub_read.yes();
|
||||
data = &test_results_->sub_html;
|
||||
} else {
|
||||
test_results_->got_read.yes();
|
||||
data = &test_results_->html;
|
||||
}
|
||||
|
||||
bool has_data = false;
|
||||
*bytes_read = 0;
|
||||
|
||||
AutoLock lock_scope(this);
|
||||
|
||||
size_t size = test_results_->html.size();
|
||||
size_t size = data->size();
|
||||
if(offset_ < size) {
|
||||
int transfer_size =
|
||||
std::min(bytes_to_read, static_cast<int>(size - offset_));
|
||||
memcpy(data_out, test_results_->html.c_str() + offset_, transfer_size);
|
||||
memcpy(data_out, data->c_str() + offset_, transfer_size);
|
||||
offset_ += transfer_size;
|
||||
|
||||
*bytes_read = transfer_size;
|
||||
@ -156,6 +241,7 @@ public:
|
||||
private:
|
||||
TestResults* test_results_;
|
||||
size_t offset_;
|
||||
bool is_sub_;
|
||||
|
||||
IMPLEMENT_REFCOUNTING(ClientSchemeHandler);
|
||||
IMPLEMENT_LOCKING(ClientSchemeHandler);
|
||||
@ -167,7 +253,8 @@ public:
|
||||
ClientSchemeHandlerFactory(TestResults* tr)
|
||||
: test_results_(tr){}
|
||||
|
||||
virtual CefRefPtr<CefSchemeHandler> Create()
|
||||
virtual CefRefPtr<CefSchemeHandler> Create(const CefString& scheme_name,
|
||||
CefRefPtr<CefRequest> request)
|
||||
{
|
||||
EXPECT_TRUE(CefCurrentlyOn(TID_IO));
|
||||
return new ClientSchemeHandler(test_results_);
|
||||
@ -181,35 +268,145 @@ public:
|
||||
// Global test results object.
|
||||
TestResults g_TestResults;
|
||||
|
||||
void CreateStandardTestScheme()
|
||||
void NotifyEvent(base::WaitableEvent* event)
|
||||
{
|
||||
g_TestResults.reset();
|
||||
static bool registered = false;
|
||||
if (!registered) {
|
||||
CefRegisterScheme("stdscheme", "tests", true,
|
||||
new ClientSchemeHandlerFactory(&g_TestResults));
|
||||
registered = true;
|
||||
}
|
||||
event->Signal();
|
||||
}
|
||||
|
||||
void CreateNonStandardTestScheme()
|
||||
// Post a task to the specified thread and wait for the task to execute as
|
||||
// indication that all previously pending tasks on that thread have completed.
|
||||
void WaitForThread(CefThreadId thread_id)
|
||||
{
|
||||
base::WaitableEvent event(true, false);
|
||||
CefPostTask(thread_id, NewCefRunnableFunction(&NotifyEvent, &event));
|
||||
event.Wait();
|
||||
}
|
||||
|
||||
#define WaitForIOThread() WaitForThread(TID_IO)
|
||||
#define WaitForUIThread() WaitForThread(TID_UI)
|
||||
|
||||
// If |domain| is empty the scheme will be registered as non-standard.
|
||||
void RegisterTestScheme(const std::string& scheme, const std::string& domain)
|
||||
{
|
||||
g_TestResults.reset();
|
||||
static bool registered = false;
|
||||
if (!registered) {
|
||||
CefRegisterScheme("nonstdscheme", CefString(), false,
|
||||
new ClientSchemeHandlerFactory(&g_TestResults));
|
||||
registered = true;
|
||||
static std::set<std::string> schemes;
|
||||
|
||||
if (schemes.empty()) {
|
||||
// Never register built-in schemes.
|
||||
schemes.insert("http");
|
||||
}
|
||||
|
||||
// Only register custom schemes one time.
|
||||
if (schemes.find(scheme) == schemes.end()) {
|
||||
EXPECT_TRUE(CefRegisterCustomScheme(scheme, domain.empty()?false:true,
|
||||
false, false));
|
||||
WaitForUIThread();
|
||||
schemes.insert(scheme);
|
||||
}
|
||||
|
||||
EXPECT_TRUE(CefRegisterSchemeHandlerFactory(scheme, domain,
|
||||
new ClientSchemeHandlerFactory(&g_TestResults)));
|
||||
WaitForIOThread();
|
||||
}
|
||||
|
||||
void ClearTestSchemes()
|
||||
{
|
||||
EXPECT_TRUE(CefClearSchemeHandlerFactories());
|
||||
WaitForIOThread();
|
||||
}
|
||||
|
||||
void SetUpXHR(const std::string& url, const std::string& sub_url,
|
||||
const std::string& sub_allow_origin = std::string())
|
||||
{
|
||||
g_TestResults.sub_url = sub_url;
|
||||
g_TestResults.sub_html = "SUCCESS";
|
||||
g_TestResults.sub_status_code = 200;
|
||||
g_TestResults.sub_allow_origin = sub_allow_origin;
|
||||
|
||||
g_TestResults.url = url;
|
||||
std::stringstream ss;
|
||||
ss << "<html><head>\
|
||||
<script language=\"JavaScript\">\
|
||||
function execXMLHttpRequest() {\
|
||||
var result = 'FAILURE';\
|
||||
try {\
|
||||
xhr = new XMLHttpRequest();\
|
||||
xhr.open(\"GET\", \"" << sub_url.c_str() << "\", false);\
|
||||
xhr.send();\
|
||||
result = xhr.responseText;\
|
||||
} catch(e) {}\
|
||||
document.location = \"http://tests/exit?result=\"+result;\
|
||||
}\
|
||||
</script>\
|
||||
</head><body onload=\"execXMLHttpRequest();\">\
|
||||
Running execXMLHttpRequest...\
|
||||
</body></html>";
|
||||
g_TestResults.html = ss.str();
|
||||
g_TestResults.status_code = 200;
|
||||
|
||||
g_TestResults.exit_url = "http://tests/exit";
|
||||
}
|
||||
|
||||
void SetUpXSS(const std::string& url, const std::string& sub_url,
|
||||
const std::string& domain = std::string())
|
||||
{
|
||||
// 1. Load |url| which contains an iframe.
|
||||
// 2. The iframe loads |xss_url|.
|
||||
// 3. |xss_url| tries to call a JS function in |url|.
|
||||
// 4. |url| tries to call a JS function in |xss_url|.
|
||||
|
||||
std::stringstream ss;
|
||||
std::string domain_line;
|
||||
if (!domain.empty())
|
||||
domain_line = "document.domain = '" + domain + "';";
|
||||
|
||||
g_TestResults.sub_url = sub_url;
|
||||
ss << "<html><head>\
|
||||
<script language=\"JavaScript\">" << domain_line << "\
|
||||
function getResult() {\
|
||||
return 'SUCCESS';\
|
||||
}\
|
||||
function execXSSRequest() {\
|
||||
var result = 'FAILURE';\
|
||||
try {\
|
||||
result = parent.getResult();\
|
||||
} catch(e) {}\
|
||||
document.location = \"http://tests/exit?result=\"+result;\
|
||||
}\
|
||||
</script>\
|
||||
</head><body onload=\"execXSSRequest();\">\
|
||||
Running execXSSRequest...\
|
||||
</body></html>";
|
||||
g_TestResults.sub_html = ss.str();
|
||||
g_TestResults.sub_status_code = 200;
|
||||
|
||||
g_TestResults.url = url;
|
||||
ss.str("");
|
||||
ss << "<html><head>\
|
||||
<script language=\"JavaScript\">" << domain_line << "\
|
||||
function getResult() {\
|
||||
try {\
|
||||
return document.getElementById('s').contentWindow.getResult();\
|
||||
} catch(e) {}\
|
||||
return 'FAILURE';\
|
||||
}\
|
||||
</script>\
|
||||
</head><body>\
|
||||
<iframe src=\"" << sub_url.c_str() << "\" id=\"s\">\
|
||||
</body></html>";
|
||||
g_TestResults.html = ss.str();
|
||||
g_TestResults.status_code = 200;
|
||||
|
||||
g_TestResults.exit_url = "http://tests/exit";
|
||||
}
|
||||
|
||||
} // anonymous
|
||||
|
||||
// Test that a standard scheme can return normal results.
|
||||
TEST(SchemeHandlerTest, StandardSchemeNormalResponse)
|
||||
// Test that scheme registration/unregistration works as expected.
|
||||
TEST(SchemeHandlerTest, Registration)
|
||||
{
|
||||
CreateStandardTestScheme();
|
||||
g_TestResults.url = "stdscheme://tests/run.html";
|
||||
RegisterTestScheme("customstd", "test");
|
||||
g_TestResults.url = "customstd://test/run.html";
|
||||
g_TestResults.html =
|
||||
"<html><head></head><body><h1>Success!</h1></body></html>";
|
||||
g_TestResults.status_code = 200;
|
||||
@ -220,90 +417,41 @@ TEST(SchemeHandlerTest, StandardSchemeNormalResponse)
|
||||
EXPECT_TRUE(g_TestResults.got_request);
|
||||
EXPECT_TRUE(g_TestResults.got_read);
|
||||
EXPECT_TRUE(g_TestResults.got_output);
|
||||
}
|
||||
|
||||
// Test that a standard scheme can return an error code.
|
||||
TEST(SchemeHandlerTest, StandardSchemeErrorResponse)
|
||||
{
|
||||
CreateStandardTestScheme();
|
||||
g_TestResults.url = "stdscheme://tests/run.html";
|
||||
g_TestResults.html =
|
||||
"<html><head></head><body><h1>404</h1></body></html>";
|
||||
g_TestResults.status_code = 404;
|
||||
|
||||
CefRefPtr<TestSchemeHandler> handler = new TestSchemeHandler(&g_TestResults);
|
||||
// Unregister the handler.
|
||||
EXPECT_TRUE(CefRegisterSchemeHandlerFactory("customstd", "test", NULL));
|
||||
WaitForIOThread();
|
||||
|
||||
g_TestResults.got_request.reset();
|
||||
g_TestResults.got_read.reset();
|
||||
g_TestResults.got_output.reset();
|
||||
handler->ExecuteTest();
|
||||
|
||||
EXPECT_TRUE(g_TestResults.got_error);
|
||||
EXPECT_FALSE(g_TestResults.got_request);
|
||||
EXPECT_FALSE(g_TestResults.got_read);
|
||||
EXPECT_FALSE(g_TestResults.got_output);
|
||||
|
||||
// Re-register the handler.
|
||||
EXPECT_TRUE(CefRegisterSchemeHandlerFactory("customstd", "test",
|
||||
new ClientSchemeHandlerFactory(&g_TestResults)));
|
||||
WaitForIOThread();
|
||||
|
||||
g_TestResults.got_error.reset();
|
||||
handler->ExecuteTest();
|
||||
|
||||
EXPECT_TRUE(g_TestResults.got_request);
|
||||
EXPECT_TRUE(g_TestResults.got_read);
|
||||
EXPECT_TRUE(g_TestResults.got_output);
|
||||
|
||||
ClearTestSchemes();
|
||||
}
|
||||
|
||||
// Test that standard scheme handling fails when the scheme name is incorrect.
|
||||
TEST(SchemeHandlerTest, StandardSchemeNameNotHandled)
|
||||
// Test that a custom standard scheme can return normal results.
|
||||
TEST(SchemeHandlerTest, CustomStandardNormalResponse)
|
||||
{
|
||||
CreateStandardTestScheme();
|
||||
g_TestResults.url = "stdscheme2://tests/run.html";
|
||||
|
||||
CefRefPtr<TestSchemeHandler> handler = new TestSchemeHandler(&g_TestResults);
|
||||
handler->ExecuteTest();
|
||||
|
||||
EXPECT_FALSE(g_TestResults.got_request);
|
||||
EXPECT_FALSE(g_TestResults.got_read);
|
||||
EXPECT_FALSE(g_TestResults.got_output);
|
||||
}
|
||||
|
||||
// Test that standard scheme handling fails when the domain name is incorrect.
|
||||
TEST(SchemeHandlerTest, StandardSchemeDomainNotHandled)
|
||||
{
|
||||
CreateStandardTestScheme();
|
||||
g_TestResults.url = "stdscheme://tests2/run.html";
|
||||
|
||||
CefRefPtr<TestSchemeHandler> handler = new TestSchemeHandler(&g_TestResults);
|
||||
handler->ExecuteTest();
|
||||
|
||||
EXPECT_FALSE(g_TestResults.got_request);
|
||||
EXPECT_FALSE(g_TestResults.got_read);
|
||||
EXPECT_FALSE(g_TestResults.got_output);
|
||||
}
|
||||
|
||||
// Test that a standard scheme can return no response.
|
||||
TEST(SchemeHandlerTest, StandardSchemeNoResponse)
|
||||
{
|
||||
CreateStandardTestScheme();
|
||||
g_TestResults.url = "stdscheme://tests/run.html";
|
||||
|
||||
CefRefPtr<TestSchemeHandler> handler = new TestSchemeHandler(&g_TestResults);
|
||||
handler->ExecuteTest();
|
||||
|
||||
EXPECT_TRUE(g_TestResults.got_request);
|
||||
EXPECT_FALSE(g_TestResults.got_read);
|
||||
EXPECT_FALSE(g_TestResults.got_output);
|
||||
}
|
||||
|
||||
// Test that a standard scheme can generate redirects.
|
||||
TEST(SchemeHandlerTest, StandardSchemeRedirect)
|
||||
{
|
||||
CreateStandardTestScheme();
|
||||
g_TestResults.url = "stdscheme://tests/run.html";
|
||||
g_TestResults.redirect_url = "stdscheme://tests/redirect.html";
|
||||
g_TestResults.html =
|
||||
"<html><head></head><body><h1>Redirected</h1></body></html>";
|
||||
|
||||
CefRefPtr<TestSchemeHandler> handler = new TestSchemeHandler(&g_TestResults);
|
||||
handler->ExecuteTest();
|
||||
|
||||
EXPECT_TRUE(g_TestResults.got_request);
|
||||
EXPECT_TRUE(g_TestResults.got_read);
|
||||
EXPECT_TRUE(g_TestResults.got_output);
|
||||
EXPECT_TRUE(g_TestResults.got_redirect);
|
||||
}
|
||||
|
||||
// Test that a non-standard scheme can return normal results.
|
||||
TEST(SchemeHandlerTest, NonStandardSchemeNormalResponse)
|
||||
{
|
||||
CreateNonStandardTestScheme();
|
||||
g_TestResults.url = "nonstdscheme:some%20value";
|
||||
RegisterTestScheme("customstd", "test");
|
||||
g_TestResults.url = "customstd://test/run.html";
|
||||
g_TestResults.html =
|
||||
"<html><head></head><body><h1>Success!</h1></body></html>";
|
||||
g_TestResults.status_code = 200;
|
||||
@ -314,13 +462,34 @@ TEST(SchemeHandlerTest, NonStandardSchemeNormalResponse)
|
||||
EXPECT_TRUE(g_TestResults.got_request);
|
||||
EXPECT_TRUE(g_TestResults.got_read);
|
||||
EXPECT_TRUE(g_TestResults.got_output);
|
||||
|
||||
ClearTestSchemes();
|
||||
}
|
||||
|
||||
// Test that a non-standard scheme can return an error code.
|
||||
TEST(SchemeHandlerTest, NonStandardSchemeErrorResponse)
|
||||
// Test that a custom nonstandard scheme can return normal results.
|
||||
TEST(SchemeHandlerTest, CustomNonStandardNormalResponse)
|
||||
{
|
||||
CreateNonStandardTestScheme();
|
||||
g_TestResults.url = "nonstdscheme:some%20value";
|
||||
RegisterTestScheme("customnonstd", std::string());
|
||||
g_TestResults.url = "customnonstd:some%20value";
|
||||
g_TestResults.html =
|
||||
"<html><head></head><body><h1>Success!</h1></body></html>";
|
||||
g_TestResults.status_code = 200;
|
||||
|
||||
CefRefPtr<TestSchemeHandler> handler = new TestSchemeHandler(&g_TestResults);
|
||||
handler->ExecuteTest();
|
||||
|
||||
EXPECT_TRUE(g_TestResults.got_request);
|
||||
EXPECT_TRUE(g_TestResults.got_read);
|
||||
EXPECT_TRUE(g_TestResults.got_output);
|
||||
|
||||
ClearTestSchemes();
|
||||
}
|
||||
|
||||
// Test that a custom standard scheme can return an error code.
|
||||
TEST(SchemeHandlerTest, CustomStandardErrorResponse)
|
||||
{
|
||||
RegisterTestScheme("customstd", "test");
|
||||
g_TestResults.url = "customstd://test/run.html";
|
||||
g_TestResults.html =
|
||||
"<html><head></head><body><h1>404</h1></body></html>";
|
||||
g_TestResults.status_code = 404;
|
||||
@ -331,14 +500,35 @@ TEST(SchemeHandlerTest, NonStandardSchemeErrorResponse)
|
||||
EXPECT_TRUE(g_TestResults.got_request);
|
||||
EXPECT_TRUE(g_TestResults.got_read);
|
||||
EXPECT_TRUE(g_TestResults.got_output);
|
||||
|
||||
ClearTestSchemes();
|
||||
}
|
||||
|
||||
// Test that non-standard scheme handling fails when the scheme name is
|
||||
// Test that a custom nonstandard scheme can return an error code.
|
||||
TEST(SchemeHandlerTest, CustomNonStandardErrorResponse)
|
||||
{
|
||||
RegisterTestScheme("customnonstd", std::string());
|
||||
g_TestResults.url = "customnonstd:some%20value";
|
||||
g_TestResults.html =
|
||||
"<html><head></head><body><h1>404</h1></body></html>";
|
||||
g_TestResults.status_code = 404;
|
||||
|
||||
CefRefPtr<TestSchemeHandler> handler = new TestSchemeHandler(&g_TestResults);
|
||||
handler->ExecuteTest();
|
||||
|
||||
EXPECT_TRUE(g_TestResults.got_request);
|
||||
EXPECT_TRUE(g_TestResults.got_read);
|
||||
EXPECT_TRUE(g_TestResults.got_output);
|
||||
|
||||
ClearTestSchemes();
|
||||
}
|
||||
|
||||
// Test that custom standard scheme handling fails when the scheme name is
|
||||
// incorrect.
|
||||
TEST(SchemeHandlerTest, NonStandardSchemeNameNotHandled)
|
||||
TEST(SchemeHandlerTest, CustomStandardNameNotHandled)
|
||||
{
|
||||
CreateNonStandardTestScheme();
|
||||
g_TestResults.url = "nonstdscheme2:some%20value";
|
||||
RegisterTestScheme("customstd", "test");
|
||||
g_TestResults.url = "customstd2://test/run.html";
|
||||
|
||||
CefRefPtr<TestSchemeHandler> handler = new TestSchemeHandler(&g_TestResults);
|
||||
handler->ExecuteTest();
|
||||
@ -346,13 +536,49 @@ TEST(SchemeHandlerTest, NonStandardSchemeNameNotHandled)
|
||||
EXPECT_FALSE(g_TestResults.got_request);
|
||||
EXPECT_FALSE(g_TestResults.got_read);
|
||||
EXPECT_FALSE(g_TestResults.got_output);
|
||||
|
||||
ClearTestSchemes();
|
||||
}
|
||||
|
||||
// Test that a non-standard scheme can return no response.
|
||||
TEST(SchemeHandlerTest, NonStandardSchemeNoResponse)
|
||||
// Test that custom nonstandard scheme handling fails when the scheme name is
|
||||
// incorrect.
|
||||
TEST(SchemeHandlerTest, CustomNonStandardNameNotHandled)
|
||||
{
|
||||
CreateNonStandardTestScheme();
|
||||
g_TestResults.url = "nonstdscheme:some%20value";
|
||||
RegisterTestScheme("customnonstd", std::string());
|
||||
g_TestResults.url = "customnonstd2:some%20value";
|
||||
|
||||
CefRefPtr<TestSchemeHandler> handler = new TestSchemeHandler(&g_TestResults);
|
||||
handler->ExecuteTest();
|
||||
|
||||
EXPECT_FALSE(g_TestResults.got_request);
|
||||
EXPECT_FALSE(g_TestResults.got_read);
|
||||
EXPECT_FALSE(g_TestResults.got_output);
|
||||
|
||||
ClearTestSchemes();
|
||||
}
|
||||
|
||||
// Test that custom standard scheme handling fails when the domain name is
|
||||
// incorrect.
|
||||
TEST(SchemeHandlerTest, CustomStandardDomainNotHandled)
|
||||
{
|
||||
RegisterTestScheme("customstd", "test");
|
||||
g_TestResults.url = "customstd://noexist/run.html";
|
||||
|
||||
CefRefPtr<TestSchemeHandler> handler = new TestSchemeHandler(&g_TestResults);
|
||||
handler->ExecuteTest();
|
||||
|
||||
EXPECT_FALSE(g_TestResults.got_request);
|
||||
EXPECT_FALSE(g_TestResults.got_read);
|
||||
EXPECT_FALSE(g_TestResults.got_output);
|
||||
|
||||
ClearTestSchemes();
|
||||
}
|
||||
|
||||
// Test that a custom standard scheme can return no response.
|
||||
TEST(SchemeHandlerTest, CustomStandardNoResponse)
|
||||
{
|
||||
RegisterTestScheme("customstd", "test");
|
||||
g_TestResults.url = "customstd://test/run.html";
|
||||
|
||||
CefRefPtr<TestSchemeHandler> handler = new TestSchemeHandler(&g_TestResults);
|
||||
handler->ExecuteTest();
|
||||
@ -360,14 +586,32 @@ TEST(SchemeHandlerTest, NonStandardSchemeNoResponse)
|
||||
EXPECT_TRUE(g_TestResults.got_request);
|
||||
EXPECT_FALSE(g_TestResults.got_read);
|
||||
EXPECT_FALSE(g_TestResults.got_output);
|
||||
|
||||
ClearTestSchemes();
|
||||
}
|
||||
|
||||
// Test that a non-standard scheme can generate redirects.
|
||||
TEST(SchemeHandlerTest, NonStandardSchemeRedirect)
|
||||
// Test that a custom nonstandard scheme can return no response.
|
||||
TEST(SchemeHandlerTest, CustomNonStandardNoResponse)
|
||||
{
|
||||
CreateNonStandardTestScheme();
|
||||
g_TestResults.url = "nonstdscheme:some%20value";
|
||||
g_TestResults.redirect_url = "nonstdscheme:some%20other%20value";
|
||||
RegisterTestScheme("customnonstd", std::string());
|
||||
g_TestResults.url = "customnonstd:some%20value";
|
||||
|
||||
CefRefPtr<TestSchemeHandler> handler = new TestSchemeHandler(&g_TestResults);
|
||||
handler->ExecuteTest();
|
||||
|
||||
EXPECT_TRUE(g_TestResults.got_request);
|
||||
EXPECT_FALSE(g_TestResults.got_read);
|
||||
EXPECT_FALSE(g_TestResults.got_output);
|
||||
|
||||
ClearTestSchemes();
|
||||
}
|
||||
|
||||
// Test that a custom standard scheme can generate redirects.
|
||||
TEST(SchemeHandlerTest, CustomStandardRedirect)
|
||||
{
|
||||
RegisterTestScheme("customstd", "test");
|
||||
g_TestResults.url = "customstd://test/run.html";
|
||||
g_TestResults.redirect_url = "customstd://test/redirect.html";
|
||||
g_TestResults.html =
|
||||
"<html><head></head><body><h1>Redirected</h1></body></html>";
|
||||
|
||||
@ -378,4 +622,314 @@ TEST(SchemeHandlerTest, NonStandardSchemeRedirect)
|
||||
EXPECT_TRUE(g_TestResults.got_read);
|
||||
EXPECT_TRUE(g_TestResults.got_output);
|
||||
EXPECT_TRUE(g_TestResults.got_redirect);
|
||||
|
||||
ClearTestSchemes();
|
||||
}
|
||||
|
||||
// Test that a custom nonstandard scheme can generate redirects.
|
||||
TEST(SchemeHandlerTest, CustomNonStandardRedirect)
|
||||
{
|
||||
RegisterTestScheme("customnonstd", std::string());
|
||||
g_TestResults.url = "customnonstd:some%20value";
|
||||
g_TestResults.redirect_url = "customnonstd:some%20other%20value";
|
||||
g_TestResults.html =
|
||||
"<html><head></head><body><h1>Redirected</h1></body></html>";
|
||||
|
||||
CefRefPtr<TestSchemeHandler> handler = new TestSchemeHandler(&g_TestResults);
|
||||
handler->ExecuteTest();
|
||||
|
||||
EXPECT_TRUE(g_TestResults.got_request);
|
||||
EXPECT_TRUE(g_TestResults.got_read);
|
||||
EXPECT_TRUE(g_TestResults.got_output);
|
||||
EXPECT_TRUE(g_TestResults.got_redirect);
|
||||
|
||||
ClearTestSchemes();
|
||||
}
|
||||
|
||||
// Test that a custom standard scheme can generate same origin XHR requests.
|
||||
TEST(SchemeHandlerTest, CustomStandardXHRSameOrigin)
|
||||
{
|
||||
RegisterTestScheme("customstd", "test");
|
||||
SetUpXHR("customstd://test/run.html",
|
||||
"customstd://test/xhr.html");
|
||||
|
||||
CefRefPtr<TestSchemeHandler> handler = new TestSchemeHandler(&g_TestResults);
|
||||
handler->ExecuteTest();
|
||||
|
||||
EXPECT_TRUE(g_TestResults.got_request);
|
||||
EXPECT_TRUE(g_TestResults.got_read);
|
||||
EXPECT_TRUE(g_TestResults.got_output);
|
||||
EXPECT_TRUE(g_TestResults.got_sub_request);
|
||||
EXPECT_TRUE(g_TestResults.got_sub_read);
|
||||
EXPECT_TRUE(g_TestResults.got_sub_success);
|
||||
|
||||
ClearTestSchemes();
|
||||
}
|
||||
|
||||
// Test that a custom nonstandard scheme can generate same origin XHR requests.
|
||||
TEST(SchemeHandlerTest, CustomNonStandardXHRSameOrigin)
|
||||
{
|
||||
RegisterTestScheme("customnonstd", std::string());
|
||||
SetUpXHR("customnonstd:some%20value",
|
||||
"customnonstd:xhr%20value");
|
||||
|
||||
CefRefPtr<TestSchemeHandler> handler = new TestSchemeHandler(&g_TestResults);
|
||||
handler->ExecuteTest();
|
||||
|
||||
EXPECT_TRUE(g_TestResults.got_request);
|
||||
EXPECT_TRUE(g_TestResults.got_read);
|
||||
EXPECT_TRUE(g_TestResults.got_output);
|
||||
EXPECT_TRUE(g_TestResults.got_sub_request);
|
||||
EXPECT_TRUE(g_TestResults.got_sub_read);
|
||||
EXPECT_TRUE(g_TestResults.got_sub_success);
|
||||
|
||||
ClearTestSchemes();
|
||||
}
|
||||
// Test that a custom standard scheme can generate same origin XSS requests.
|
||||
TEST(SchemeHandlerTest, CustomStandardXSSSameOrigin)
|
||||
{
|
||||
RegisterTestScheme("customstd", "test");
|
||||
SetUpXSS("customstd://test/run.html",
|
||||
"customstd://test/iframe.html");
|
||||
|
||||
CefRefPtr<TestSchemeHandler> handler = new TestSchemeHandler(&g_TestResults);
|
||||
handler->ExecuteTest();
|
||||
|
||||
EXPECT_TRUE(g_TestResults.got_request);
|
||||
EXPECT_TRUE(g_TestResults.got_read);
|
||||
EXPECT_TRUE(g_TestResults.got_output);
|
||||
EXPECT_TRUE(g_TestResults.got_sub_request);
|
||||
EXPECT_TRUE(g_TestResults.got_sub_read);
|
||||
EXPECT_TRUE(g_TestResults.got_sub_success);
|
||||
|
||||
ClearTestSchemes();
|
||||
}
|
||||
|
||||
// Test that a custom nonstandard scheme can generate same origin XSS requests.
|
||||
TEST(SchemeHandlerTest, CustomNonStandardXSSSameOrigin)
|
||||
{
|
||||
RegisterTestScheme("customnonstd", std::string());
|
||||
SetUpXSS("customnonstd:some%20value",
|
||||
"customnonstd:xhr%20value");
|
||||
|
||||
CefRefPtr<TestSchemeHandler> handler = new TestSchemeHandler(&g_TestResults);
|
||||
handler->ExecuteTest();
|
||||
|
||||
EXPECT_TRUE(g_TestResults.got_request);
|
||||
EXPECT_TRUE(g_TestResults.got_read);
|
||||
EXPECT_TRUE(g_TestResults.got_output);
|
||||
EXPECT_TRUE(g_TestResults.got_sub_request);
|
||||
EXPECT_TRUE(g_TestResults.got_sub_read);
|
||||
EXPECT_TRUE(g_TestResults.got_sub_success);
|
||||
|
||||
ClearTestSchemes();
|
||||
}
|
||||
|
||||
// Test that a custom standard scheme cannot generate cross-domain XHR requests
|
||||
// by default.
|
||||
TEST(SchemeHandlerTest, CustomStandardXHRDifferentOrigin)
|
||||
{
|
||||
RegisterTestScheme("customstd", "test1");
|
||||
RegisterTestScheme("customstd", "test2");
|
||||
SetUpXHR("customstd://test1/run.html",
|
||||
"customstd://test2/xhr.html");
|
||||
|
||||
CefRefPtr<TestSchemeHandler> handler = new TestSchemeHandler(&g_TestResults);
|
||||
handler->ExecuteTest();
|
||||
|
||||
EXPECT_TRUE(g_TestResults.got_request);
|
||||
EXPECT_TRUE(g_TestResults.got_read);
|
||||
EXPECT_TRUE(g_TestResults.got_output);
|
||||
EXPECT_FALSE(g_TestResults.got_sub_request);
|
||||
EXPECT_FALSE(g_TestResults.got_sub_read);
|
||||
EXPECT_FALSE(g_TestResults.got_sub_success);
|
||||
|
||||
ClearTestSchemes();
|
||||
}
|
||||
|
||||
// Test that a custom standard scheme cannot generate cross-domain XSS requests
|
||||
// by default.
|
||||
TEST(SchemeHandlerTest, CustomStandardXSSDifferentOrigin)
|
||||
{
|
||||
RegisterTestScheme("customstd", "test1");
|
||||
RegisterTestScheme("customstd", "test2");
|
||||
SetUpXSS("customstd://test1/run.html",
|
||||
"customstd://test2/iframe.html");
|
||||
|
||||
CefRefPtr<TestSchemeHandler> handler = new TestSchemeHandler(&g_TestResults);
|
||||
handler->ExecuteTest();
|
||||
|
||||
EXPECT_TRUE(g_TestResults.got_request);
|
||||
EXPECT_TRUE(g_TestResults.got_read);
|
||||
EXPECT_TRUE(g_TestResults.got_output);
|
||||
EXPECT_TRUE(g_TestResults.got_sub_request);
|
||||
EXPECT_TRUE(g_TestResults.got_sub_read);
|
||||
EXPECT_FALSE(g_TestResults.got_sub_success);
|
||||
|
||||
ClearTestSchemes();
|
||||
}
|
||||
|
||||
// Test that an HTTP scheme cannot generate cross-domain XHR requests by
|
||||
// default.
|
||||
TEST(SchemeHandlerTest, HttpXHRDifferentOrigin)
|
||||
{
|
||||
RegisterTestScheme("http", "test1");
|
||||
RegisterTestScheme("http", "test2");
|
||||
SetUpXHR("http://test1/run.html",
|
||||
"http://test2/xhr.html");
|
||||
|
||||
CefRefPtr<TestSchemeHandler> handler = new TestSchemeHandler(&g_TestResults);
|
||||
handler->ExecuteTest();
|
||||
|
||||
EXPECT_TRUE(g_TestResults.got_request);
|
||||
EXPECT_TRUE(g_TestResults.got_read);
|
||||
EXPECT_TRUE(g_TestResults.got_output);
|
||||
EXPECT_TRUE(g_TestResults.got_sub_request);
|
||||
EXPECT_TRUE(g_TestResults.got_sub_read);
|
||||
EXPECT_FALSE(g_TestResults.got_sub_success);
|
||||
|
||||
ClearTestSchemes();
|
||||
}
|
||||
|
||||
// Test that an HTTP scheme cannot generate cross-domain XSS requests by
|
||||
// default.
|
||||
TEST(SchemeHandlerTest, HttpXSSDifferentOrigin)
|
||||
{
|
||||
RegisterTestScheme("http", "test1");
|
||||
RegisterTestScheme("http", "test2");
|
||||
SetUpXHR("http://test1/run.html",
|
||||
"http://test2/xhr.html");
|
||||
|
||||
CefRefPtr<TestSchemeHandler> handler = new TestSchemeHandler(&g_TestResults);
|
||||
handler->ExecuteTest();
|
||||
|
||||
EXPECT_TRUE(g_TestResults.got_request);
|
||||
EXPECT_TRUE(g_TestResults.got_read);
|
||||
EXPECT_TRUE(g_TestResults.got_output);
|
||||
EXPECT_TRUE(g_TestResults.got_sub_request);
|
||||
EXPECT_TRUE(g_TestResults.got_sub_read);
|
||||
EXPECT_FALSE(g_TestResults.got_sub_success);
|
||||
|
||||
ClearTestSchemes();
|
||||
}
|
||||
|
||||
// Test that a custom standard scheme cannot generate cross-domain XHR requests
|
||||
// even when setting the Access-Control-Allow-Origin header.
|
||||
TEST(SchemeHandlerTest, CustomStandardXHRDifferentOriginWithHeader)
|
||||
{
|
||||
RegisterTestScheme("customstd", "test1");
|
||||
RegisterTestScheme("customstd", "test2");
|
||||
SetUpXHR("customstd://test1/run.html",
|
||||
"customstd://test2/xhr.html",
|
||||
"customstd://test1");
|
||||
|
||||
CefRefPtr<TestSchemeHandler> handler = new TestSchemeHandler(&g_TestResults);
|
||||
handler->ExecuteTest();
|
||||
|
||||
EXPECT_TRUE(g_TestResults.got_request);
|
||||
EXPECT_TRUE(g_TestResults.got_read);
|
||||
EXPECT_TRUE(g_TestResults.got_output);
|
||||
EXPECT_FALSE(g_TestResults.got_sub_request);
|
||||
EXPECT_FALSE(g_TestResults.got_sub_read);
|
||||
EXPECT_FALSE(g_TestResults.got_sub_success);
|
||||
|
||||
ClearTestSchemes();
|
||||
}
|
||||
|
||||
// Test that a custom standard scheme can generate cross-domain XHR requests
|
||||
// when using the cross-origin whitelist.
|
||||
TEST(SchemeHandlerTest, CustomStandardXHRDifferentOriginWithWhitelist)
|
||||
{
|
||||
RegisterTestScheme("customstd", "test1");
|
||||
RegisterTestScheme("customstd", "test2");
|
||||
SetUpXHR("customstd://test1/run.html",
|
||||
"customstd://test2/xhr.html");
|
||||
|
||||
EXPECT_TRUE(CefAddCrossOriginWhitelistEntry("customstd://test1", "customstd",
|
||||
"test2", false));
|
||||
WaitForUIThread();
|
||||
|
||||
CefRefPtr<TestSchemeHandler> handler = new TestSchemeHandler(&g_TestResults);
|
||||
handler->ExecuteTest();
|
||||
|
||||
EXPECT_TRUE(g_TestResults.got_request);
|
||||
EXPECT_TRUE(g_TestResults.got_read);
|
||||
EXPECT_TRUE(g_TestResults.got_output);
|
||||
EXPECT_TRUE(g_TestResults.got_sub_request);
|
||||
EXPECT_TRUE(g_TestResults.got_sub_read);
|
||||
EXPECT_TRUE(g_TestResults.got_sub_success);
|
||||
|
||||
EXPECT_TRUE(CefClearCrossOriginWhitelist());
|
||||
WaitForUIThread();
|
||||
|
||||
ClearTestSchemes();
|
||||
}
|
||||
|
||||
// Test that an HTTP scheme can generate cross-domain XHR requests when setting
|
||||
// the Access-Control-Allow-Origin header.
|
||||
TEST(SchemeHandlerTest, HttpXHRDifferentOriginWithHeader)
|
||||
{
|
||||
RegisterTestScheme("http", "test1");
|
||||
RegisterTestScheme("http", "test2");
|
||||
SetUpXHR("http://test1/run.html",
|
||||
"http://test2/xhr.html",
|
||||
"http://test1");
|
||||
|
||||
CefRefPtr<TestSchemeHandler> handler = new TestSchemeHandler(&g_TestResults);
|
||||
handler->ExecuteTest();
|
||||
|
||||
EXPECT_TRUE(g_TestResults.got_request);
|
||||
EXPECT_TRUE(g_TestResults.got_read);
|
||||
EXPECT_TRUE(g_TestResults.got_output);
|
||||
EXPECT_TRUE(g_TestResults.got_sub_request);
|
||||
EXPECT_TRUE(g_TestResults.got_sub_read);
|
||||
EXPECT_TRUE(g_TestResults.got_sub_success);
|
||||
|
||||
ClearTestSchemes();
|
||||
}
|
||||
|
||||
// Test that a custom standard scheme can generate cross-domain XSS requests
|
||||
// when using document.domain.
|
||||
TEST(SchemeHandlerTest, CustomStandardXSSDifferentOriginWithDomain)
|
||||
{
|
||||
RegisterTestScheme("customstd", "a.test");
|
||||
RegisterTestScheme("customstd", "b.test");
|
||||
SetUpXSS("customstd://a.test/run.html",
|
||||
"customstd://b.test/iframe.html",
|
||||
"test");
|
||||
|
||||
CefRefPtr<TestSchemeHandler> handler = new TestSchemeHandler(&g_TestResults);
|
||||
handler->ExecuteTest();
|
||||
|
||||
EXPECT_TRUE(g_TestResults.got_request);
|
||||
EXPECT_TRUE(g_TestResults.got_read);
|
||||
EXPECT_TRUE(g_TestResults.got_output);
|
||||
EXPECT_TRUE(g_TestResults.got_sub_request);
|
||||
EXPECT_TRUE(g_TestResults.got_sub_read);
|
||||
EXPECT_TRUE(g_TestResults.got_sub_success);
|
||||
|
||||
ClearTestSchemes();
|
||||
}
|
||||
|
||||
// Test that an HTTP scheme can generate cross-domain XSS requests when using
|
||||
// document.domain.
|
||||
TEST(SchemeHandlerTest, HttpXSSDifferentOriginWithDomain)
|
||||
{
|
||||
RegisterTestScheme("http", "a.test");
|
||||
RegisterTestScheme("http", "b.test");
|
||||
SetUpXSS("http://a.test/run.html",
|
||||
"http://b.test/iframe.html",
|
||||
"test");
|
||||
|
||||
CefRefPtr<TestSchemeHandler> handler = new TestSchemeHandler(&g_TestResults);
|
||||
handler->ExecuteTest();
|
||||
|
||||
EXPECT_TRUE(g_TestResults.got_request);
|
||||
EXPECT_TRUE(g_TestResults.got_read);
|
||||
EXPECT_TRUE(g_TestResults.got_output);
|
||||
EXPECT_TRUE(g_TestResults.got_sub_request);
|
||||
EXPECT_TRUE(g_TestResults.got_sub_read);
|
||||
EXPECT_TRUE(g_TestResults.got_sub_success);
|
||||
|
||||
ClearTestSchemes();
|
||||
}
|
||||
|
Reference in New Issue
Block a user