Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code
Issues
All Issues

Side by Side Diff: test/WebRequest.cpp

Issue 29377825: Issue 4951 - Restrict request headers in XMLHttpRequest.Also test Accept-Encoding with th… (Closed) Base URL: https://hg.adblockplus.org/libadblockplus/
Patch Set: Updated based on the feedback. Created March 8, 2017, 4:15 a.m.
Left:
Right:
Use n/p to move between diff chunks; N/P to move between comments.
Jump to:
View unified diff | Download patch
« no previous file with comments | « lib/compat.js ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * This file is part of Adblock Plus <https://adblockplus.org/>, 2 * This file is part of Adblock Plus <https://adblockplus.org/>,
3 * Copyright (C) 2006-2016 Eyeo GmbH 3 * Copyright (C) 2006-2016 Eyeo GmbH
4 * 4 *
5 * Adblock Plus is free software: you can redistribute it and/or modify 5 * Adblock Plus is free software: you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 3 as 6 * it under the terms of the GNU General Public License version 3 as
7 * published by the Free Software Foundation. 7 * published by the Free Software Foundation.
8 * 8 *
9 * Adblock Plus is distributed in the hope that it will be useful, 9 * Adblock Plus is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details. 12 * GNU General Public License for more details.
13 * 13 *
14 * You should have received a copy of the GNU General Public License 14 * You should have received a copy of the GNU General Public License
15 * along with Adblock Plus. If not, see <http://www.gnu.org/licenses/>. 15 * along with Adblock Plus. If not, see <http://www.gnu.org/licenses/>.
16 */ 16 */
17 17
18 #include <sstream> 18 #include <sstream>
19 #include "BaseJsTest.h" 19 #include "BaseJsTest.h"
20 #include "../src/Thread.h" 20 #include "../src/Thread.h"
21 21
22 namespace 22 namespace
23 { 23 {
24 class MockWebRequest : public AdblockPlus::WebRequest 24 class MockWebRequest : public AdblockPlus::WebRequest
25 { 25 {
26 public: 26 public:
27 AdblockPlus::ServerResponse GET(const std::string& url, const AdblockPlus::H eaderList& requestHeaders) const 27 AdblockPlus::ServerResponse GET(const std::string& url, const AdblockPlus::H eaderList& requestHeaders) const
28 { 28 {
29 lastRequestHeaders.clear();
sergei 2017/03/13 09:56:57 Sorry, I forgot to say it again when my comments h
sergei 2017/03/16 11:08:25 What about this point? Actually I find it very imp
30 for (auto header : requestHeaders)
31 {
32 lastRequestHeaders.insert(header.first);
33 }
34
29 AdblockPlus::Sleep(50); 35 AdblockPlus::Sleep(50);
30 36
31 AdblockPlus::ServerResponse result; 37 AdblockPlus::ServerResponse result;
32 result.status = NS_OK; 38 result.status = NS_OK;
33 result.responseStatus = 123; 39 result.responseStatus = 123;
34 result.responseHeaders.push_back(std::pair<std::string, std::string>("Foo" , "Bar")); 40 result.responseHeaders.push_back(std::pair<std::string, std::string>("Foo" , "Bar"));
35 result.responseText = url + "\n" + requestHeaders[0].first + "\n" + reques tHeaders[0].second; 41 result.responseText = url + "\n";
42 if (!requestHeaders.empty())
43 {
44 result.responseText += requestHeaders[0].first + "\n" + requestHeaders[0 ].second;
45 }
36 return result; 46 return result;
37 } 47 }
48
49 // mutable. Very Ugly. But we are testing and need to change this in GET whi ch is const.
50 mutable std::set<std::string> lastRequestHeaders;
38 }; 51 };
39 52
40 template<class T> 53 template<class T>
41 class WebRequestTest : public BaseJsTest 54 class WebRequestTest : public BaseJsTest
42 { 55 {
43 protected: 56 protected:
44 void SetUp() 57 void SetUp()
45 { 58 {
46 BaseJsTest::SetUp(); 59 BaseJsTest::SetUp();
47 jsEngine->SetWebRequest(AdblockPlus::WebRequestPtr(new T)); 60 jsEngine->SetWebRequest(AdblockPlus::WebRequestPtr(new T));
48 jsEngine->SetFileSystem(AdblockPlus::FileSystemPtr(new LazyFileSystem)); 61 jsEngine->SetFileSystem(AdblockPlus::FileSystemPtr(new LazyFileSystem));
49 } 62 }
50 }; 63 };
51 64
52 typedef WebRequestTest<MockWebRequest> MockWebRequestTest; 65 typedef WebRequestTest<MockWebRequest> MockWebRequestTest;
53 typedef WebRequestTest<AdblockPlus::DefaultWebRequest> DefaultWebRequestTest; 66 typedef WebRequestTest<AdblockPlus::DefaultWebRequest> DefaultWebRequestTest;
67 typedef WebRequestTest<MockWebRequest> XMLHttpRequestTest;
68
69 void
Felix Dahlke 2017/03/09 15:10:58 Nit: Why the new line? Not really consistent with
hub 2017/03/09 15:33:02 probably habit. I'll remove it when I send you the
sergei 2017/03/13 09:56:56 Just in case for future, I would rather prefer to
70 ResetTestXHR(const AdblockPlus::JsEnginePtr& jsEngine)
71 {
72 jsEngine->Evaluate("\
73 var result;\
74 var request = new XMLHttpRequest();\
75 request.open('GET', 'https://easylist-downloads.adblockplus.org/easylist.t xt');\
76 request.overrideMimeType('text/plain');\
77 request.addEventListener('load', function() {result = request.responseText ;}, false);\
78 request.addEventListener('error', function() {result = 'error';}, false);\
79 ");
80 }
81
82 void WaitForVariable(const std::string& variable, const AdblockPlus::JsEngineP tr& jsEngine)
83 {
84 do
85 {
86 AdblockPlus::Sleep(60);
sergei 2017/03/13 09:56:56 Since we touched it here I would say that I person
hub 2017/03/13 14:16:51 I'll file an issue for that.
hub 2017/03/13 14:29:32 filed https://issues.adblockplus.org/ticket/4983
87 } while (jsEngine->Evaluate(variable)->IsUndefined());
88 }
89
54 } 90 }
55 91
56 TEST_F(MockWebRequestTest, BadCall) 92 TEST_F(MockWebRequestTest, BadCall)
57 { 93 {
58 ASSERT_ANY_THROW(jsEngine->Evaluate("_webRequest.GET()")); 94 ASSERT_ANY_THROW(jsEngine->Evaluate("_webRequest.GET()"));
59 ASSERT_ANY_THROW(jsEngine->Evaluate("_webRequest.GET('', {}, function(){})")); 95 ASSERT_ANY_THROW(jsEngine->Evaluate("_webRequest.GET('', {}, function(){})"));
60 ASSERT_ANY_THROW(jsEngine->Evaluate("_webRequest.GET({toString: false}, {}, fu nction(){})")); 96 ASSERT_ANY_THROW(jsEngine->Evaluate("_webRequest.GET({toString: false}, {}, fu nction(){})"));
61 ASSERT_ANY_THROW(jsEngine->Evaluate("_webRequest.GET('http://example.com/', nu ll, function(){})")); 97 ASSERT_ANY_THROW(jsEngine->Evaluate("_webRequest.GET('http://example.com/', nu ll, function(){})"));
62 ASSERT_ANY_THROW(jsEngine->Evaluate("_webRequest.GET('http://example.com/', {} , null)")); 98 ASSERT_ANY_THROW(jsEngine->Evaluate("_webRequest.GET('http://example.com/', {} , null)"));
63 ASSERT_ANY_THROW(jsEngine->Evaluate("_webRequest.GET('http://example.com/', {} , function(){}, 0)")); 99 ASSERT_ANY_THROW(jsEngine->Evaluate("_webRequest.GET('http://example.com/', {} , function(){}, 0)"));
64 } 100 }
65 101
66 TEST_F(MockWebRequestTest, SuccessfulRequest) 102 TEST_F(MockWebRequestTest, SuccessfulRequest)
67 { 103 {
68 jsEngine->Evaluate("_webRequest.GET('http://example.com/', {X: 'Y'}, function( result) {foo = result;} )"); 104 jsEngine->Evaluate("_webRequest.GET('http://example.com/', {X: 'Y'}, function( result) {foo = result;} )");
69 ASSERT_TRUE(jsEngine->Evaluate("this.foo")->IsUndefined()); 105 ASSERT_TRUE(jsEngine->Evaluate("this.foo")->IsUndefined());
70 AdblockPlus::Sleep(200); 106 AdblockPlus::Sleep(200);
71 ASSERT_EQ(AdblockPlus::WebRequest::NS_OK, jsEngine->Evaluate("foo.status")->As Int()); 107 ASSERT_EQ(AdblockPlus::WebRequest::NS_OK, jsEngine->Evaluate("foo.status")->As Int());
72 ASSERT_EQ(123, jsEngine->Evaluate("foo.responseStatus")->AsInt()); 108 ASSERT_EQ(123, jsEngine->Evaluate("foo.responseStatus")->AsInt());
73 ASSERT_EQ("http://example.com/\nX\nY", jsEngine->Evaluate("foo.responseText")- >AsString()); 109 ASSERT_EQ("http://example.com/\nX\nY", jsEngine->Evaluate("foo.responseText")- >AsString());
74 ASSERT_EQ("{\"Foo\":\"Bar\"}", jsEngine->Evaluate("JSON.stringify(foo.response Headers)")->AsString()); 110 ASSERT_EQ("{\"Foo\":\"Bar\"}", jsEngine->Evaluate("JSON.stringify(foo.response Headers)")->AsString());
75 } 111 }
76 112
77 #if defined(HAVE_CURL) || defined(_WIN32) 113 #if defined(HAVE_CURL) || defined(_WIN32)
78 TEST_F(DefaultWebRequestTest, RealWebRequest) 114 TEST_F(DefaultWebRequestTest, RealWebRequest)
79 { 115 {
80 // This URL should redirect to easylist-downloads.adblockplus.org and we 116 // This URL should redirect to easylist-downloads.adblockplus.org and we
81 // should get the actual filter list back. 117 // should get the actual filter list back.
82 jsEngine->Evaluate("_webRequest.GET('https://easylist-downloads.adblockplus.or g/easylist.txt', {}, function(result) {foo = result;} )"); 118 jsEngine->Evaluate("_webRequest.GET('https://easylist-downloads.adblockplus.or g/easylist.txt', {}, function(result) {foo = result;} )");
83 do 119 WaitForVariable("this.foo", jsEngine);
84 {
85 AdblockPlus::Sleep(200);
86 } while (jsEngine->Evaluate("this.foo")->IsUndefined());
87 ASSERT_EQ("text/plain", jsEngine->Evaluate("foo.responseHeaders['content-type' ].substr(0, 10)")->AsString()); 120 ASSERT_EQ("text/plain", jsEngine->Evaluate("foo.responseHeaders['content-type' ].substr(0, 10)")->AsString());
88 ASSERT_EQ(AdblockPlus::WebRequest::NS_OK, jsEngine->Evaluate("foo.status")->As Int()); 121 ASSERT_EQ(AdblockPlus::WebRequest::NS_OK, jsEngine->Evaluate("foo.status")->As Int());
89 ASSERT_EQ(200, jsEngine->Evaluate("foo.responseStatus")->AsInt()); 122 ASSERT_EQ(200, jsEngine->Evaluate("foo.responseStatus")->AsInt());
90 ASSERT_EQ("[Adblock Plus ", jsEngine->Evaluate("foo.responseText.substr(0, 14) ")->AsString()); 123 ASSERT_EQ("[Adblock Plus ", jsEngine->Evaluate("foo.responseText.substr(0, 14) ")->AsString());
91 ASSERT_EQ("text/plain", jsEngine->Evaluate("foo.responseHeaders['content-type' ].substr(0, 10)")->AsString()); 124 ASSERT_EQ("text/plain", jsEngine->Evaluate("foo.responseHeaders['content-type' ].substr(0, 10)")->AsString());
92 #if defined(HAVE_CURL) 125 #if defined(HAVE_CURL)
93 ASSERT_EQ("gzip", jsEngine->Evaluate("foo.responseHeaders['content-encoding']. substr(0, 4)")->AsString()); 126 ASSERT_EQ("gzip", jsEngine->Evaluate("foo.responseHeaders['content-encoding']. substr(0, 4)")->AsString());
94 #endif 127 #endif
95 ASSERT_TRUE(jsEngine->Evaluate("foo.responseHeaders['location']")->IsUndefined ()); 128 ASSERT_TRUE(jsEngine->Evaluate("foo.responseHeaders['location']")->IsUndefined ());
96 } 129 }
97 130
98 TEST_F(DefaultWebRequestTest, XMLHttpRequest) 131 TEST_F(DefaultWebRequestTest, XMLHttpRequest)
99 { 132 {
100 AdblockPlus::FilterEngine filterEngine(jsEngine); 133 AdblockPlus::FilterEngine filterEngine(jsEngine);
101 134
135 ResetTestXHR(jsEngine);
102 jsEngine->Evaluate("\ 136 jsEngine->Evaluate("\
103 var result;\
104 var request = new XMLHttpRequest();\
105 request.open('GET', 'https://easylist-downloads.adblockplus.org/easylist.txt ');\
106 request.setRequestHeader('X', 'Y');\ 137 request.setRequestHeader('X', 'Y');\
107 request.setRequestHeader('X2', 'Y2');\ 138 request.setRequestHeader('X2', 'Y2');\
108 request.overrideMimeType('text/plain');\
109 request.addEventListener('load', function() {result = request.responseText;} , false);\
110 request.addEventListener('error', function() {result = 'error';}, false);\
111 request.send(null);"); 139 request.send(null);");
112 do 140 WaitForVariable("result", jsEngine);
113 {
114 AdblockPlus::Sleep(200);
115 } while (jsEngine->Evaluate("result")->IsUndefined());
116 ASSERT_EQ(AdblockPlus::WebRequest::NS_OK, jsEngine->Evaluate("request.channel. status")->AsInt()); 141 ASSERT_EQ(AdblockPlus::WebRequest::NS_OK, jsEngine->Evaluate("request.channel. status")->AsInt());
117 ASSERT_EQ(200, jsEngine->Evaluate("request.status")->AsInt()); 142 ASSERT_EQ(200, jsEngine->Evaluate("request.status")->AsInt());
118 ASSERT_EQ("[Adblock Plus ", jsEngine->Evaluate("result.substr(0, 14)")->AsStri ng()); 143 ASSERT_EQ("[Adblock Plus ", jsEngine->Evaluate("result.substr(0, 14)")->AsStri ng());
119 ASSERT_EQ("text/plain", jsEngine->Evaluate("request.getResponseHeader('Content -Type').substr(0, 10)")->AsString()); 144 ASSERT_EQ("text/plain", jsEngine->Evaluate("request.getResponseHeader('Content -Type').substr(0, 10)")->AsString());
145 #if defined(HAVE_CURL)
sergei 2017/03/13 09:56:56 It seems, it should be in commit https://github.co
146 ASSERT_EQ("gzip", jsEngine->Evaluate("request.getResponseHeader('Content-Encod ing').substr(0, 4)")->AsString());
147 #endif
120 ASSERT_TRUE(jsEngine->Evaluate("request.getResponseHeader('Location')")->IsNul l()); 148 ASSERT_TRUE(jsEngine->Evaluate("request.getResponseHeader('Location')")->IsNul l());
121 } 149 }
122 #else 150 #else
123 TEST_F(DefaultWebRequestTest, DummyWebRequest) 151 TEST_F(DefaultWebRequestTest, DummyWebRequest)
124 { 152 {
125 jsEngine->Evaluate("_webRequest.GET('https://easylist-downloads.adblockplus.or g/easylist.txt', {}, function(result) {foo = result;} )"); 153 jsEngine->Evaluate("_webRequest.GET('https://easylist-downloads.adblockplus.or g/easylist.txt', {}, function(result) {foo = result;} )");
126 do 154 WaitForVariable("this.foo", jsEngine);
127 {
128 AdblockPlus::Sleep(200);
129 } while (jsEngine->Evaluate("this.foo")->IsUndefined());
130 ASSERT_EQ(AdblockPlus::WebRequest::NS_ERROR_FAILURE, jsEngine->Evaluate("foo.s tatus")->AsInt()); 155 ASSERT_EQ(AdblockPlus::WebRequest::NS_ERROR_FAILURE, jsEngine->Evaluate("foo.s tatus")->AsInt());
131 ASSERT_EQ(0, jsEngine->Evaluate("foo.responseStatus")->AsInt()); 156 ASSERT_EQ(0, jsEngine->Evaluate("foo.responseStatus")->AsInt());
132 ASSERT_EQ("", jsEngine->Evaluate("foo.responseText")->AsString()); 157 ASSERT_EQ("", jsEngine->Evaluate("foo.responseText")->AsString());
133 ASSERT_EQ("{}", jsEngine->Evaluate("JSON.stringify(foo.responseHeaders)")->AsS tring()); 158 ASSERT_EQ("{}", jsEngine->Evaluate("JSON.stringify(foo.responseHeaders)")->AsS tring());
134 } 159 }
135 160
136 TEST_F(DefaultWebRequestTest, XMLHttpRequest) 161 TEST_F(DefaultWebRequestTest, XMLHttpRequest)
137 { 162 {
138 AdblockPlus::FilterEngine filterEngine(jsEngine); 163 AdblockPlus::FilterEngine filterEngine(jsEngine);
139 164
165 ResetTestXHR(jsEngine);
140 jsEngine->Evaluate("\ 166 jsEngine->Evaluate("\
141 var result;\
142 var request = new XMLHttpRequest();\
143 request.open('GET', 'https://easylist-downloads.adblockplus.org/easylist.txt ');\
144 request.setRequestHeader('X', 'Y');\ 167 request.setRequestHeader('X', 'Y');\
145 request.overrideMimeType('text/plain');\
146 request.addEventListener('load', function() {result = request.responseText;} , false);\
147 request.addEventListener('error', function() {result = 'error';}, false);\
148 request.send(null);"); 168 request.send(null);");
149 do 169 WaitForVariable("result", jsEngine);
150 {
151 AdblockPlus::Sleep(200);
152 } while (jsEngine->Evaluate("result")->IsUndefined());
153 ASSERT_EQ(AdblockPlus::WebRequest::NS_ERROR_FAILURE, jsEngine->Evaluate("reque st.channel.status")->AsInt()); 170 ASSERT_EQ(AdblockPlus::WebRequest::NS_ERROR_FAILURE, jsEngine->Evaluate("reque st.channel.status")->AsInt());
154 ASSERT_EQ(0, jsEngine->Evaluate("request.status")->AsInt()); 171 ASSERT_EQ(0, jsEngine->Evaluate("request.status")->AsInt());
155 ASSERT_EQ("error", jsEngine->Evaluate("result")->AsString()); 172 ASSERT_EQ("error", jsEngine->Evaluate("result")->AsString());
156 ASSERT_TRUE(jsEngine->Evaluate("request.getResponseHeader('Content-Type')")->I sNull()); 173 ASSERT_TRUE(jsEngine->Evaluate("request.getResponseHeader('Content-Type')")->I sNull());
157 } 174 }
158 175
159 #endif 176 #endif
177
178 namespace
179 {
180 class CatchLogSystem : public AdblockPlus::LogSystem
181 {
182 public:
183 AdblockPlus::LogSystem::LogLevel lastLogLevel;
184 std::string lastMessage;
185
186 CatchLogSystem()
187 : AdblockPlus::LogSystem(),
188 lastLogLevel(AdblockPlus::LogSystem::LOG_LEVEL_TRACE)
189 {
190 }
191
192 void operator()(AdblockPlus::LogSystem::LogLevel logLevel,
193 const std::string& message, const std::string&)
194 {
195 lastLogLevel = logLevel;
196 lastMessage = message;
197 }
198
199 void clear()
200 {
201 lastLogLevel = AdblockPlus::LogSystem::LOG_LEVEL_TRACE;
202 lastMessage.clear();
203 }
204 };
205
206 typedef std::shared_ptr<CatchLogSystem> CatchLogSystemPtr;
207 }
208
209 TEST_F(XMLHttpRequestTest, RequestHeaderValidation)
210 {
211 auto catchLogSystem = CatchLogSystemPtr(new CatchLogSystem);
sergei 2017/03/13 09:56:56 Could we please always use either () or {} for con
sergei 2017/03/13 09:56:57 I would prefer to have std::make_shared<CatchLogSy
Felix Dahlke 2017/03/13 10:05:47 I definitely prefer omitting these when not necess
sergei 2017/03/13 10:31:02 It seems Mozilla's coding style does not mention i
Felix Dahlke 2017/03/13 11:05:42 We are talking a bout `new CatchLogSystem` vs `new
sergei 2017/03/13 11:39:16 Yes.
Felix Dahlke 2017/03/13 11:55:06 I see - rusty after all :P Looking at our existing
sergei 2017/03/13 12:19:58 On 2017/03/13 11:55:06, Felix Dahlke wrote: ...
hub 2017/03/13 14:16:51 I see two occurences, line 60 and 61 of this file.
hub 2017/03/13 14:16:51 I did submit a follow up patch to address these. I
212 jsEngine->SetLogSystem(catchLogSystem);
213
214 AdblockPlus::FilterEngine filterEngine(jsEngine);
215 auto webRequest =
216 std::static_pointer_cast<MockWebRequest>(jsEngine->GetWebRequest());
sergei 2017/03/13 09:56:56 Although it's fine here, I would rather prefer to
217
218 ASSERT_TRUE(webRequest);
219
220 const std::string msg = "Attempt to set a forbidden header was denied: ";
221
222 // The test will check that console.warn has been called when the
223 // header is rejected. While this is an implementation detail, we
224 // have no other way to check this
225
226 // test 'Accept-Encoding' is rejected
227 catchLogSystem->clear();
228 ResetTestXHR(jsEngine);
229 jsEngine->Evaluate("\
230 request.setRequestHeader('Accept-Encoding', 'gzip');\nrequest.send();");
231 EXPECT_EQ(AdblockPlus::LogSystem::LOG_LEVEL_WARN, catchLogSystem->lastLogLevel );
232 EXPECT_EQ(msg + "Accept-Encoding", catchLogSystem->lastMessage);
233 WaitForVariable("result", jsEngine);
234 EXPECT_TRUE(webRequest->lastRequestHeaders.cend() ==
235 webRequest->lastRequestHeaders.find("Accept-Encoding"));
236
237 // test 'DNT' is rejected
238 catchLogSystem->clear();
239 ResetTestXHR(jsEngine);
240 jsEngine->Evaluate("\
241 request.setRequestHeader('DNT', '1');\nrequest.send();");
242 EXPECT_EQ(AdblockPlus::LogSystem::LOG_LEVEL_WARN, catchLogSystem->lastLogLevel );
243 EXPECT_EQ(msg + "DNT", catchLogSystem->lastMessage);
244 WaitForVariable("result", jsEngine);
245 EXPECT_TRUE(webRequest->lastRequestHeaders.cend() ==
246 webRequest->lastRequestHeaders.find("DNT"));
247
248 // test random 'X' header is accepted
249 catchLogSystem->clear();
250 ResetTestXHR(jsEngine);
251 jsEngine->Evaluate("\
252 request.setRequestHeader('X', 'y');\nrequest.send();");
253 EXPECT_EQ(AdblockPlus::LogSystem::LOG_LEVEL_TRACE, catchLogSystem->lastLogLeve l);
254 EXPECT_EQ("", catchLogSystem->lastMessage);
255 WaitForVariable("result", jsEngine);
256 EXPECT_FALSE(webRequest->lastRequestHeaders.cend() ==
257 webRequest->lastRequestHeaders.find("X"));
258
259 // test /^Proxy-/ is rejected.
260 catchLogSystem->clear();
261 ResetTestXHR(jsEngine);
262 jsEngine->Evaluate("\
263 request.setRequestHeader('Proxy-foo', 'bar');\nrequest.send();");
264 EXPECT_EQ(AdblockPlus::LogSystem::LOG_LEVEL_WARN, catchLogSystem->lastLogLevel );
265 EXPECT_EQ(msg + "Proxy-foo", catchLogSystem->lastMessage);
266 WaitForVariable("result", jsEngine);
267 EXPECT_TRUE(webRequest->lastRequestHeaders.cend() ==
268 webRequest->lastRequestHeaders.find("Proxy-foo"));
269
270 // test /^Sec-/ is rejected.
271 catchLogSystem->clear();
272 ResetTestXHR(jsEngine);
273 jsEngine->Evaluate("\
274 request.setRequestHeader('Sec-foo', 'bar');\nrequest.send();");
275 EXPECT_EQ(AdblockPlus::LogSystem::LOG_LEVEL_WARN, catchLogSystem->lastLogLevel );
276 EXPECT_EQ(msg + "Sec-foo", catchLogSystem->lastMessage);
277 WaitForVariable("result", jsEngine);
278 EXPECT_TRUE(webRequest->lastRequestHeaders.cend() ==
279 webRequest->lastRequestHeaders.find("Sec-foo"));
280
281 // test 'Security' is accepted.
282 catchLogSystem->clear();
283 ResetTestXHR(jsEngine);
284 jsEngine->Evaluate("\
285 request.setRequestHeader('Security', 'theater');\nrequest.send();");
286 EXPECT_EQ(AdblockPlus::LogSystem::LOG_LEVEL_TRACE, catchLogSystem->lastLogLeve l);
287 EXPECT_EQ("", catchLogSystem->lastMessage);
288 WaitForVariable("result", jsEngine);
289 EXPECT_FALSE(webRequest->lastRequestHeaders.cend() ==
290 webRequest->lastRequestHeaders.find("Security"));
291 }
OLDNEW
« no previous file with comments | « lib/compat.js ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld