content/browser/webui/url_data_manager_backend_unittest.cc

   1 // Copyright 2014 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "base/memory/scoped_ptr.h"
   6 #include "base/run_loop.h"
   7 #include "content/browser/webui/url_data_manager_backend.h"
   8 #include "content/public/test/mock_resource_context.h"
   9 #include "content/public/test/test_browser_thread_bundle.h"
  10 #include "net/http/http_response_headers.h"
  11 #include "net/http/http_response_info.h"
  12 #include "net/url_request/url_request_context.h"
  13 #include "net/url_request/url_request_job.h"
  14 #include "testing/gtest/include/gtest/gtest.h"
  15
  16 namespace content {
  17
  18 namespace {
  19
  20 // Create a request for a chrome://resource URL passing the supplied |origin|
  21 // header and checking that the response header Access-Control-Allow-Origin has
  22 // value |expected_access_control_allow_origin_value|.
  23 void RunAccessControlAllowOriginTest(
  24     const std::string& origin,
  25     const std::string& expected_access_control_allow_origin_value) {
  26   TestBrowserThreadBundle thread_bundle;
  27   MockResourceContext resource_context;
  28   scoped_ptr<net::URLRequestJobFactory::ProtocolHandler> protocol_handler(
  29       URLDataManagerBackend::CreateProtocolHandler(&resource_context, false,
  30                                                    nullptr, nullptr));
  31   net::URLRequestContext url_request_context;
  32   scoped_ptr<net::URLRequest> request = url_request_context.CreateRequest(
  33       GURL("chrome://resources/polymer/polymer/polymer.js"), net::HIGHEST,
  34       nullptr);
  35   request->SetExtraRequestHeaderByName("Origin", origin, true);
  36   scoped_refptr<net::URLRequestJob> job =
  37       protocol_handler->MaybeCreateJob(request.get(), nullptr);
  38   ASSERT_TRUE(job);
  39   job->Start();
  40   base::RunLoop().RunUntilIdle();
  41   net::HttpResponseInfo response;
  42   job->GetResponseInfo(&response);
  43   EXPECT_TRUE(response.headers->HasHeaderValue(
  44       "Access-Control-Allow-Origin",
  45       expected_access_control_allow_origin_value));
  46 }
  47
  48 }  // namespace
  49
  50 TEST(UrlDataManagerBackendTest, AccessControlAllowOriginChromeUrl) {
  51   RunAccessControlAllowOriginTest("chrome://webui", "chrome://webui");
  52 }
  53
  54 TEST(UrlDataManagerBackendTest, AccessControlAllowOriginNonChromeUrl) {
  55   RunAccessControlAllowOriginTest("http://www.example.com", "null");
  56 }
  57
  58 }  // namespace content