mirror of
https://github.com/servo/servo.git
synced 2025-08-08 15:05:35 +01:00
Network Security : Implement StrictOrigin and StrictOriginWhenCrossOrigin
Referer policy strict-origin and strict-origin-when-cross-origin changes have been implemented. Relevant unit test cases have been added. Enum for RefererPolicy has been added to hyper codebase and v 0.9.11 of hyper contains these changes. This commit also contains changes related to upgrade of hyper from v0.9.10 to v0.9.11. Other dependencies changed are rayon, utils, num_cpus.
This commit is contained in:
Raghav
parent
05f4512433
commit
c24aa56377
14 changed files with 246 additions and 55 deletions
|
|
@ -1767,6 +1767,155 @@ fn test_http_to_https_considered_cross_origin_for_referrer_header_logic() {
|
|||
assert_referrer_header_matches(&origin_info, request_url, expected_referrer);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_referrer_with_strictorigin_policy_http_to_https() {
|
||||
let request_url = "https://mozilla.com";
|
||||
let referrer_url = "http://mozilla.com";
|
||||
let referrer_policy = Some(ReferrerPolicy::StrictOrigin);
|
||||
let expected_referrer = "http://mozilla.com/";
|
||||
|
||||
let origin_info = LoadOriginInfo {
|
||||
referrer_url: referrer_url,
|
||||
referrer_policy: referrer_policy
|
||||
};
|
||||
|
||||
assert_referrer_header_matches(&origin_info, request_url, expected_referrer);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_no_referrer_with_strictorigin_policy_https_to_http() {
|
||||
let request_url = "http://mozilla.com";
|
||||
let referrer_url = "https://mozilla.com/some/path";
|
||||
let referrer_policy = Some(ReferrerPolicy::StrictOrigin);
|
||||
|
||||
let origin_info = LoadOriginInfo {
|
||||
referrer_url: referrer_url,
|
||||
referrer_policy: referrer_policy
|
||||
};
|
||||
|
||||
assert_referrer_header_not_included(&origin_info, request_url);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_referrer_with_strictorigin_policy_http_to_http() {
|
||||
let request_url = "http://mozilla.com/";
|
||||
let referrer_url = "http://mozilla.com/some/path";
|
||||
let referrer_policy = Some(ReferrerPolicy::StrictOrigin);
|
||||
let expected_referrer = "http://mozilla.com/";
|
||||
|
||||
let origin_info = LoadOriginInfo {
|
||||
referrer_url: referrer_url,
|
||||
referrer_policy: referrer_policy
|
||||
};
|
||||
|
||||
assert_referrer_header_matches(&origin_info, request_url, expected_referrer);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_referrer_with_strictorigin_policy_https_to_https() {
|
||||
let request_url = "https://mozilla.com/";
|
||||
let referrer_url = "https://mozilla.com/some/path";
|
||||
let referrer_policy = Some(ReferrerPolicy::StrictOrigin);
|
||||
let expected_referrer = "https://mozilla.com/";
|
||||
|
||||
let origin_info = LoadOriginInfo {
|
||||
referrer_url: referrer_url,
|
||||
referrer_policy: referrer_policy
|
||||
};
|
||||
|
||||
assert_referrer_header_matches(&origin_info, request_url, expected_referrer);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_referrer_with_strictoriginwhencrossorigin_policy_https_to_https_same_origin() {
|
||||
let request_url = "https://mozilla.com";
|
||||
let referrer_url = "https://mozilla.com/some/path";
|
||||
let referrer_policy = Some(ReferrerPolicy::StrictOriginWhenCrossOrigin);
|
||||
let expected_referrer = "https://mozilla.com/some/path";
|
||||
|
||||
let origin_info = LoadOriginInfo {
|
||||
referrer_url: referrer_url,
|
||||
referrer_policy: referrer_policy
|
||||
};
|
||||
|
||||
assert_referrer_header_matches(&origin_info, request_url, expected_referrer);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_referrer_with_strictoriginwhencrossorigin_policy_https_to_https_cross_origin() {
|
||||
let request_url = "https://servo.mozilla.com";
|
||||
let referrer_url = "https://mozilla.com/some/path";
|
||||
let referrer_policy = Some(ReferrerPolicy::StrictOriginWhenCrossOrigin);
|
||||
let expected_referrer = "https://mozilla.com/";
|
||||
|
||||
let origin_info = LoadOriginInfo {
|
||||
referrer_url: referrer_url,
|
||||
referrer_policy: referrer_policy
|
||||
};
|
||||
|
||||
assert_referrer_header_matches(&origin_info, request_url, expected_referrer);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_referrer_set_with_strictoriginwhencrossorigin_policy_http_to_http_cross_orig() {
|
||||
let request_url = "http://servo.mozilla.com";
|
||||
let referrer_url = "http://mozilla.com/some/path";
|
||||
let referrer_policy = Some(ReferrerPolicy::StrictOriginWhenCrossOrigin);
|
||||
let expected_referrer = "http://mozilla.com/";
|
||||
|
||||
let origin_info = LoadOriginInfo {
|
||||
referrer_url: referrer_url,
|
||||
referrer_policy: referrer_policy
|
||||
};
|
||||
|
||||
assert_referrer_header_matches(&origin_info, request_url, expected_referrer);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_referrer_set_with_strictoriginwhencrossorigin_policy_http_to_http_same_orig() {
|
||||
let request_url = "http://mozilla.com";
|
||||
let referrer_url = "http://mozilla.com/some/path";
|
||||
let referrer_policy = Some(ReferrerPolicy::StrictOriginWhenCrossOrigin);
|
||||
let expected_referrer = "http://mozilla.com/some/path";
|
||||
|
||||
let origin_info = LoadOriginInfo {
|
||||
referrer_url: referrer_url,
|
||||
referrer_policy: referrer_policy
|
||||
};
|
||||
|
||||
assert_referrer_header_matches(&origin_info, request_url, expected_referrer);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_referrer_set_with_strictoriginwhencrossorigin_policy_http_to_https_cross_orig() {
|
||||
let request_url = "https://servo.mozilla.com";
|
||||
let referrer_url = "http://mozilla.com/some/path";
|
||||
let referrer_policy = Some(ReferrerPolicy::StrictOriginWhenCrossOrigin);
|
||||
let expected_referrer = "http://mozilla.com/";
|
||||
|
||||
let origin_info = LoadOriginInfo {
|
||||
referrer_url: referrer_url,
|
||||
referrer_policy: referrer_policy
|
||||
};
|
||||
|
||||
assert_referrer_header_matches(&origin_info, request_url, expected_referrer);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_referrer_set_with_strictoriginwhencrossorigin_policy_http_to_https_same_orig() {
|
||||
let request_url = "https://mozilla.com";
|
||||
let referrer_url = "http://mozilla.com/some/path";
|
||||
let referrer_policy = Some(ReferrerPolicy::StrictOriginWhenCrossOrigin);
|
||||
let expected_referrer = "http://mozilla.com/";
|
||||
|
||||
let origin_info = LoadOriginInfo {
|
||||
referrer_url: referrer_url,
|
||||
referrer_policy: referrer_policy
|
||||
};
|
||||
|
||||
assert_referrer_header_matches(&origin_info, request_url, expected_referrer);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_referrer_set_to_ref_url_with_noreferrerwhendowngrade_policy_https_to_https() {
|
||||
let request_url = "https://mozilla.com";
|
||||
|
|
|
|||
|
|
@ -19,7 +19,7 @@ euclid = "0.10.1"
|
|||
lazy_static = "0.2"
|
||||
libc = "0.2"
|
||||
log = {version = "0.3.5", features = ["release_max_level_info"]}
|
||||
num_cpus = "0.2.2"
|
||||
num_cpus = "1.1.0"
|
||||
parking_lot = "0.3"
|
||||
selectors = "0.14"
|
||||
url = "1.2"
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue