| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "webkit/browser/fileapi/sandbox_context.h" | |
| 6 | |
| 7 #include "base/basictypes.h" | |
| 8 #include "base/file_util.h" | |
| 9 #include "base/files/scoped_temp_dir.h" | |
| 10 #include "base/memory/scoped_ptr.h" | |
| 11 #include "base/message_loop/message_loop.h" | |
| 12 #include "base/message_loop/message_loop_proxy.h" | |
| 13 #include "testing/gtest/include/gtest/gtest.h" | |
| 14 #include "url/gurl.h" | |
| 15 #include "webkit/browser/fileapi/file_system_url.h" | |
| 16 #include "webkit/browser/fileapi/mock_file_system_options.h" | |
| 17 | |
| 18 namespace fileapi { | |
| 19 | |
| 20 namespace { | |
| 21 | |
| 22 FileSystemURL CreateFileSystemURL(const char* path) { | |
| 23 const GURL kOrigin("http://foo/"); | |
| 24 return FileSystemURL::CreateForTest( | |
| 25 kOrigin, kFileSystemTypeTemporary, base::FilePath::FromUTF8Unsafe(path)); | |
| 26 } | |
| 27 | |
| 28 } // namespace | |
| 29 | |
| 30 class SandboxContextTest : public testing::Test { | |
| 31 protected: | |
| 32 virtual void SetUp() { | |
| 33 ASSERT_TRUE(data_dir_.CreateUniqueTempDir()); | |
| 34 context_.reset(new SandboxContext( | |
| 35 NULL /* quota_manager_proxy */, | |
| 36 base::MessageLoopProxy::current().get(), | |
| 37 data_dir_.path(), | |
| 38 NULL /* special_storage_policy */, | |
| 39 CreateAllowFileAccessOptions())); | |
| 40 } | |
| 41 | |
| 42 base::ScopedTempDir data_dir_; | |
| 43 base::MessageLoop message_loop_; | |
| 44 scoped_ptr<SandboxContext> context_; | |
| 45 }; | |
| 46 | |
| 47 TEST_F(SandboxContextTest, IsAccessValid) { | |
| 48 // Normal case. | |
| 49 EXPECT_TRUE(context_->IsAccessValid(CreateFileSystemURL("a"))); | |
| 50 | |
| 51 // Access to a path with parent references ('..') should be disallowed. | |
| 52 EXPECT_FALSE(context_->IsAccessValid(CreateFileSystemURL("a/../b"))); | |
| 53 | |
| 54 // Access from non-allowed scheme should be disallowed. | |
| 55 EXPECT_FALSE(context_->IsAccessValid( | |
| 56 FileSystemURL::CreateForTest( | |
| 57 GURL("unknown://bar"), kFileSystemTypeTemporary, | |
| 58 base::FilePath::FromUTF8Unsafe("foo")))); | |
| 59 | |
| 60 // Access with restricted name should be disallowed. | |
| 61 EXPECT_FALSE(context_->IsAccessValid(CreateFileSystemURL("."))); | |
| 62 EXPECT_FALSE(context_->IsAccessValid(CreateFileSystemURL(".."))); | |
| 63 | |
| 64 // This is also disallowed due to Windows XP parent path handling. | |
| 65 EXPECT_FALSE(context_->IsAccessValid(CreateFileSystemURL("..."))); | |
| 66 | |
| 67 // These are identified as unsafe cases due to weird path handling | |
| 68 // on Windows. | |
| 69 EXPECT_FALSE(context_->IsAccessValid(CreateFileSystemURL(" .."))); | |
| 70 EXPECT_FALSE(context_->IsAccessValid(CreateFileSystemURL(".. "))); | |
| 71 | |
| 72 // Similar but safe cases. | |
| 73 EXPECT_TRUE(context_->IsAccessValid(CreateFileSystemURL(" ."))); | |
| 74 EXPECT_TRUE(context_->IsAccessValid(CreateFileSystemURL(". "))); | |
| 75 EXPECT_TRUE(context_->IsAccessValid(CreateFileSystemURL("b."))); | |
| 76 EXPECT_TRUE(context_->IsAccessValid(CreateFileSystemURL(".b"))); | |
| 77 | |
| 78 // A path that looks like a drive letter. | |
| 79 EXPECT_TRUE(context_->IsAccessValid(CreateFileSystemURL("c:"))); | |
| 80 } | |
| 81 | |
| 82 } // namespace fileapi | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 23167002:
FileAPI: Rename SandboxContext to SandboxFileSystemBackendDelegate (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src