diff options
author | Zeno Albisser <zeno.albisser@digia.com> | 2013-11-21 14:09:57 +0100 |
---|---|---|
committer | Andras Becsi <andras.becsi@digia.com> | 2013-11-29 15:14:36 +0100 |
commit | eb32ba6f51d0c21d58cd7d89785285ff8fa64624 (patch) | |
tree | 2c7c940e1dbee81b89d935626110816b494aa32c /chromium/webkit/browser/fileapi/sandbox_context_unittest.cc | |
parent | 9427c1a0222ebd67efef1a2c7990a0fa5c9aac84 (diff) | |
download | qtwebengine-chromium-eb32ba6f51d0c21d58cd7d89785285ff8fa64624.tar.gz |
Update chromium to branch 1599.
Change-Id: I04e775a946a208bb4500d3b722bcb05c82b9d7cb
Reviewed-by: Andras Becsi <andras.becsi@digia.com>
Diffstat (limited to 'chromium/webkit/browser/fileapi/sandbox_context_unittest.cc')
-rw-r--r-- | chromium/webkit/browser/fileapi/sandbox_context_unittest.cc | 82 |
1 files changed, 82 insertions, 0 deletions
diff --git a/chromium/webkit/browser/fileapi/sandbox_context_unittest.cc b/chromium/webkit/browser/fileapi/sandbox_context_unittest.cc new file mode 100644 index 00000000000..841e10b5b83 --- /dev/null +++ b/chromium/webkit/browser/fileapi/sandbox_context_unittest.cc @@ -0,0 +1,82 @@ +// Copyright 2013 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "webkit/browser/fileapi/sandbox_context.h" + +#include "base/basictypes.h" +#include "base/file_util.h" +#include "base/files/scoped_temp_dir.h" +#include "base/memory/scoped_ptr.h" +#include "base/message_loop/message_loop.h" +#include "base/message_loop/message_loop_proxy.h" +#include "testing/gtest/include/gtest/gtest.h" +#include "url/gurl.h" +#include "webkit/browser/fileapi/file_system_url.h" +#include "webkit/browser/fileapi/mock_file_system_options.h" + +namespace fileapi { + +namespace { + +FileSystemURL CreateFileSystemURL(const char* path) { + const GURL kOrigin("http://foo/"); + return FileSystemURL::CreateForTest( + kOrigin, kFileSystemTypeTemporary, base::FilePath::FromUTF8Unsafe(path)); +} + +} // namespace + +class SandboxContextTest : public testing::Test { + protected: + virtual void SetUp() { + ASSERT_TRUE(data_dir_.CreateUniqueTempDir()); + context_.reset(new SandboxContext( + NULL /* quota_manager_proxy */, + base::MessageLoopProxy::current().get(), + data_dir_.path(), + NULL /* special_storage_policy */, + CreateAllowFileAccessOptions())); + } + + base::ScopedTempDir data_dir_; + base::MessageLoop message_loop_; + scoped_ptr<SandboxContext> context_; +}; + +TEST_F(SandboxContextTest, IsAccessValid) { + // Normal case. + EXPECT_TRUE(context_->IsAccessValid(CreateFileSystemURL("a"))); + + // Access to a path with parent references ('..') should be disallowed. + EXPECT_FALSE(context_->IsAccessValid(CreateFileSystemURL("a/../b"))); + + // Access from non-allowed scheme should be disallowed. + EXPECT_FALSE(context_->IsAccessValid( + FileSystemURL::CreateForTest( + GURL("unknown://bar"), kFileSystemTypeTemporary, + base::FilePath::FromUTF8Unsafe("foo")))); + + // Access with restricted name should be disallowed. + EXPECT_FALSE(context_->IsAccessValid(CreateFileSystemURL("."))); + EXPECT_FALSE(context_->IsAccessValid(CreateFileSystemURL(".."))); + + // This is also disallowed due to Windows XP parent path handling. + EXPECT_FALSE(context_->IsAccessValid(CreateFileSystemURL("..."))); + + // These are identified as unsafe cases due to weird path handling + // on Windows. + EXPECT_FALSE(context_->IsAccessValid(CreateFileSystemURL(" .."))); + EXPECT_FALSE(context_->IsAccessValid(CreateFileSystemURL(".. "))); + + // Similar but safe cases. + EXPECT_TRUE(context_->IsAccessValid(CreateFileSystemURL(" ."))); + EXPECT_TRUE(context_->IsAccessValid(CreateFileSystemURL(". "))); + EXPECT_TRUE(context_->IsAccessValid(CreateFileSystemURL("b."))); + EXPECT_TRUE(context_->IsAccessValid(CreateFileSystemURL(".b"))); + + // A path that looks like a drive letter. + EXPECT_TRUE(context_->IsAccessValid(CreateFileSystemURL("c:"))); +} + +} // namespace fileapi |