Bug 1020477 - CSP in C++: Convert test_csp_ignores_path.js to compiled code tests. r=sstamm

This commit is contained in:
Christoph Kerschbaumer 2014-06-04 16:35:41 -07:00
parent 38c7289d78
commit 20ab3c6e32
2 changed files with 166 additions and 23 deletions

View File

@ -260,20 +260,16 @@ nsCSPParser::subPath(nsCSPHostSrc* aCspHost)
++charCounter;
}
if (accept(SLASH)) {
// do not accept double slashes
// see http://tools.ietf.org/html/rfc3986#section-3.3
if (accept(SLASH)) {
const char16_t* params[] = { mCurToken.get() };
logWarningErrorToConsole(nsIScriptError::warningFlag, "couldntParseInvalidSource",
params, ArrayLength(params));
return false;
}
++charCounter;
aCspHost->appendPath(mCurValue);
// Resetting current value since we are appending parts of the path
// to aCspHost, e.g; "http://www.example.com/path1/path2" then the
// first part is "/path1", second part "/path2"
resetCurValue();
}
if (atEnd()) {
return true;
}
if (charCounter > kSubHostPathCharacterCutoff) {
return false;
}
@ -305,6 +301,8 @@ nsCSPParser::path(nsCSPHostSrc* aCspHost)
if (atEnd()) {
return true;
}
// path can begin with "/" but not "//"
// see http://tools.ietf.org/html/rfc3986#section-3.3
if (!hostChar()) {
const char16_t* params[] = { mCurToken.get() };
logWarningErrorToConsole(nsIScriptError::warningFlag, "couldntParseInvalidSource",

View File

@ -391,6 +391,10 @@ nsresult TestSimplePolicies() {
"default-src http://abc" },
{ "script-src 'none' 'none' 'none';",
"script-src 'none'" },
{ "script-src http://www.example.com/path-1//",
"script-src http://www.example.com" },
{ "script-src http://www.example.com/path-1//path_2",
"script-src http://www.example.com" },
};
uint32_t policyCount = sizeof(policies) / sizeof(PolicyTest);
@ -441,8 +445,6 @@ nsresult TestBadPolicies() {
{ "script-src test..com", "" },
{ "script-src sub1.sub2.example+", "" },
{ "script-src http://www.example.com//", "" },
{ "script-src http://www.example.com/path-1//", "" },
{ "script-src http://www.example.com/path-1//path_2", "" },
{ "script-src http://www.example.com:88path-1/", "" },
{ "script-src http://www.example.com:88//", "" },
{ "script-src http://www.example.com:88//path-1", "" },
@ -719,6 +721,147 @@ nsresult TestBadGeneratedPolicies() {
return runTestSuite(policies, policyCount, 0);
}
// ============ TestGoodGeneratedPoliciesForPathHandling ============
nsresult TestGoodGeneratedPoliciesForPathHandling() {
// Once bug 808292 (Implement path-level host-source matching to CSP)
// lands we have to update the expected output to include the parsed path
static const PolicyTest policies[] =
{
{ "img-src http://test1.example.com",
"img-src http://test1.example.com" },
{ "img-src http://test1.example.com/",
"img-src http://test1.example.com" },
{ "img-src http://test1.example.com/path-1",
"img-src http://test1.example.com" },
{ "img-src http://test1.example.com/path-1/",
"img-src http://test1.example.com" },
{ "img-src http://test1.example.com/path-1/path_2/",
"img-src http://test1.example.com" },
{ "img-src http://test1.example.com/path-1/path_2/file.js",
"img-src http://test1.example.com" },
{ "img-src http://test1.example.com/path-1/path_2/file_1.js",
"img-src http://test1.example.com" },
{ "img-src http://test1.example.com/path-1/path_2/file-2.js",
"img-src http://test1.example.com" },
{ "img-src http://test1.example.com/path-1/path_2/f.js",
"img-src http://test1.example.com" },
{ "img-src http://test1.example.com/path-1/path_2/f.oo.js",
"img-src http://test1.example.com" },
{ "img-src test1.example.com",
"img-src http://test1.example.com" },
{ "img-src test1.example.com/",
"img-src http://test1.example.com" },
{ "img-src test1.example.com/path-1",
"img-src http://test1.example.com" },
{ "img-src test1.example.com/path-1/",
"img-src http://test1.example.com" },
{ "img-src test1.example.com/path-1/path_2/",
"img-src http://test1.example.com" },
{ "img-src test1.example.com/path-1/path_2/file.js",
"img-src http://test1.example.com" },
{ "img-src test1.example.com/path-1/path_2/file_1.js",
"img-src http://test1.example.com" },
{ "img-src test1.example.com/path-1/path_2/file-2.js",
"img-src http://test1.example.com" },
{ "img-src test1.example.com/path-1/path_2/f.js",
"img-src http://test1.example.com" },
{ "img-src test1.example.com/path-1/path_2/f.oo.js",
"img-src http://test1.example.com" },
{ "img-src *.example.com",
"img-src http://*.example.com" },
{ "img-src *.example.com/",
"img-src http://*.example.com" },
{ "img-src *.example.com/path-1",
"img-src http://*.example.com" },
{ "img-src *.example.com/path-1/",
"img-src http://*.example.com" },
{ "img-src *.example.com/path-1/path_2/",
"img-src http://*.example.com" },
{ "img-src *.example.com/path-1/path_2/file.js",
"img-src http://*.example.com" },
{ "img-src *.example.com/path-1/path_2/file_1.js",
"img-src http://*.example.com" },
{ "img-src *.example.com/path-1/path_2/file-2.js",
"img-src http://*.example.com" },
{ "img-src *.example.com/path-1/path_2/f.js",
"img-src http://*.example.com" },
{ "img-src *.example.com/path-1/path_2/f.oo.js",
"img-src http://*.example.com" },
{ "img-src test1.example.com:80",
"img-src http://test1.example.com:80" },
{ "img-src test1.example.com:80/",
"img-src http://test1.example.com:80" },
{ "img-src test1.example.com:80/path-1",
"img-src http://test1.example.com:80" },
{ "img-src test1.example.com:80/path-1/",
"img-src http://test1.example.com:80" },
{ "img-src test1.example.com:80/path-1/path_2",
"img-src http://test1.example.com:80" },
{ "img-src test1.example.com:80/path-1/path_2/",
"img-src http://test1.example.com:80" },
{ "img-src test1.example.com:80/path-1/path_2/file.js",
"img-src http://test1.example.com:80" },
{ "img-src test1.example.com:80/path-1/path_2/f.ile.js",
"img-src http://test1.example.com:80" },
{ "img-src test1.example.com:*",
"img-src http://test1.example.com:*" },
{ "img-src test1.example.com:*/",
"img-src http://test1.example.com:*" },
{ "img-src test1.example.com:*/path-1",
"img-src http://test1.example.com:*" },
{ "img-src test1.example.com:*/path-1/",
"img-src http://test1.example.com:*" },
{ "img-src test1.example.com:*/path-1/path_2",
"img-src http://test1.example.com:*" },
{ "img-src test1.example.com:*/path-1/path_2/",
"img-src http://test1.example.com:*" },
{ "img-src test1.example.com:*/path-1/path_2/file.js",
"img-src http://test1.example.com:*" },
{ "img-src test1.example.com:*/path-1/path_2/f.ile.js",
"img-src http://test1.example.com:*" },
{ "img-src http://test1.example.com/abc//",
"img-src http://test1.example.com" },
{ "img-src https://test1.example.com/abc/def//",
"img-src https://test1.example.com" },
{ "img-src https://test1.example.com/abc/def/ghi//",
"img-src https://test1.example.com" },
{ "img-src http://test1.example.com:80/abc//",
"img-src http://test1.example.com:80" },
{ "img-src https://test1.example.com:80/abc/def//",
"img-src https://test1.example.com:80" },
{ "img-src https://test1.example.com:80/abc/def/ghi//",
"img-src https://test1.example.com:80" },
{ "img-src https://test1.example.com/abc////////////def/",
"img-src https://test1.example.com" },
{ "img-src https://test1.example.com/abc////////////",
"img-src https://test1.example.com" },
};
uint32_t policyCount = sizeof(policies) / sizeof(PolicyTest);
return runTestSuite(policies, policyCount, 1);
}
// ============ TestBadGeneratedPoliciesForPathHandling ============
nsresult TestBadGeneratedPoliciesForPathHandling() {
static const PolicyTest policies[] =
{
{ "img-src test1.example.com:88path-1/", "" },
{ "img-src test1.example.com:80.js", "" },
{ "img-src test1.example.com:*.js", "" },
{ "img-src test1.example.com:*.", "" },
{ "img-src http://test1.example.com//", "" },
{ "img-src http://test1.example.com:80//", "" },
{ "img-src http://test1.example.com:80abc", "" },
};
uint32_t policyCount = sizeof(policies) / sizeof(PolicyTest);
return runTestSuite(policies, policyCount, 0);
}
// ============================= TestFuzzyPolicies ========================
// Use a policy, eliminate one character at a time,
@ -875,21 +1018,23 @@ int main(int argc, char** argv) {
return 1;
}
if (NS_FAILED(TestDirectives())) { return 1; }
if (NS_FAILED(TestKeywords())) { return 1; }
if (NS_FAILED(TestIgnoreUpperLowerCasePolicies())) { return 1; }
if (NS_FAILED(TestIgnorePaths())) { return 1; }
if (NS_FAILED(TestSimplePolicies())) { return 1; }
if (NS_FAILED(TestPoliciesThatLogWarning())) { return 1; }
if (NS_FAILED(TestBadPolicies())) { return 1; }
if (NS_FAILED(TestGoodGeneratedPolicies())) { return 1; }
if (NS_FAILED(TestBadGeneratedPolicies())) { return 1; }
if (NS_FAILED(TestShorteningPolicies())) { return 1; }
if (NS_FAILED(TestDirectives())) { return 1; }
if (NS_FAILED(TestKeywords())) { return 1; }
if (NS_FAILED(TestIgnoreUpperLowerCasePolicies())) { return 1; }
if (NS_FAILED(TestIgnorePaths())) { return 1; }
if (NS_FAILED(TestSimplePolicies())) { return 1; }
if (NS_FAILED(TestPoliciesThatLogWarning())) { return 1; }
if (NS_FAILED(TestBadPolicies())) { return 1; }
if (NS_FAILED(TestGoodGeneratedPolicies())) { return 1; }
if (NS_FAILED(TestBadGeneratedPolicies())) { return 1; }
if (NS_FAILED(TestGoodGeneratedPoliciesForPathHandling())) { return 1; }
if (NS_FAILED(TestBadGeneratedPoliciesForPathHandling())) { return 1; }
if (NS_FAILED(TestShorteningPolicies())) { return 1; }
#if RUN_OFFLINE_TESTS
if (NS_FAILED(TestFuzzyPolicies())) { return 1; }
if (NS_FAILED(TestFuzzyPoliciesIncDir())) { return 1; }
if (NS_FAILED(TestFuzzyPoliciesIncDirLimASCII())) { return 1; }
if (NS_FAILED(TestFuzzyPolicies())) { return 1; }
if (NS_FAILED(TestFuzzyPoliciesIncDir())) { return 1; }
if (NS_FAILED(TestFuzzyPoliciesIncDirLimASCII())) { return 1; }
#endif
return 0;