Skip to content

Commit

Permalink
Write unit tests for cookie isolation
Browse files Browse the repository at this point in the history
  • Loading branch information
@jxs
jxs committed Nov 12, 2015
1 parent 49d48a8 commit 79fcd1d
Showing 1 changed file with 170 additions and 0 deletions.
170 changes: 170 additions & 0 deletions tests/unit/net/http_loader.rs
View file
Expand Up @@ -241,6 +241,52 @@ fn assert_cookie_for_domain(cookie_jar: Arc<RwLock<CookieStorage>>, domain: &str
}
}

struct AssertRequestMustNotHaveHeaders {
headers_not_expected: Vec<String>,
request_headers: Headers,
t: ResponseType
}

impl AssertRequestMustNotHaveHeaders {
fn new(t: ResponseType, headers_not_expected: Vec<String>) -> Self {
AssertRequestMustNotHaveHeaders {
headers_not_expected: headers_not_expected,
request_headers: Headers::new(), t: t }
}
}

impl HttpRequest for AssertRequestMustNotHaveHeaders {
type R = MockResponse;

fn headers_mut(&mut self) -> &mut Headers { &mut self.request_headers }

fn send(self, _: &Option<Vec<u8>>) -> Result<MockResponse, LoadError> {
for header in &self.headers_not_expected {
assert!(self.request_headers.get_raw(header).is_none());
}

response_for_request_type(self.t)
}
}

struct AssertMustNotHaveHeadersRequestFactory {
headers_not_expected: Vec<String>,
body: Vec<u8>
}

impl HttpRequestFactory for AssertMustNotHaveHeadersRequestFactory {
type R = AssertRequestMustNotHaveHeaders;

fn create(&self, _: Url, _: Method) -> Result<AssertRequestMustNotHaveHeaders, LoadError> {
Ok(
AssertRequestMustNotHaveHeaders::new(
ResponseType::Text(self.body.clone()),
self.headers_not_expected.clone()
)
)
}
}

struct AssertMustHaveBodyRequest {
expected_body: Option<Vec<u8>>,
headers: Headers,
Expand Down Expand Up @@ -733,6 +779,130 @@ fn test_load_sets_requests_cookies_header_for_url_by_getting_cookies_from_the_re
}, DEFAULT_USER_AGENT.to_string());
}

#[test]
fn test_load_sends_cookie_if_nonhttp() {
let url = Url::parse("http://mozilla.com").unwrap();

let hsts_list = Arc::new(RwLock::new(HSTSList::new()));
let cookie_jar = Arc::new(RwLock::new(CookieStorage::new()));

{
let mut cookie_jar = cookie_jar.write().unwrap();
let cookie_url = url.clone();
let cookie = Cookie::new_wrapped(
CookiePair::new("mozillaIs".to_owned(), "theBest".to_owned()),
&cookie_url,
CookieSource::NonHTTP
).unwrap();
cookie_jar.push(cookie, CookieSource::HTTP);
}

let mut load_data = LoadData::new(url, None);
load_data.data = Some(<[_]>::to_vec("Yay!".as_bytes()));

let mut headers = Headers::new();
headers.set_raw("Cookie".to_owned(), vec![<[_]>::to_vec("mozillaIs=theBest".as_bytes())]);

let _ = load::<AssertRequestMustIncludeHeaders>(
load_data.clone(), hsts_list, cookie_jar, None,
&AssertMustIncludeHeadersRequestFactory {
expected_headers: headers,
body: <[_]>::to_vec(&*load_data.data.unwrap())
}, DEFAULT_USER_AGENT.to_string());
}

#[test]
fn test_cookie_set_with_httponly_should_not_be_available_using_getcookiesforurl() {
struct Factory;

impl HttpRequestFactory for Factory {
type R = MockRequest;

fn create(&self, _: Url, _: Method) -> Result<MockRequest, LoadError> {
let content = <[_]>::to_vec("Yay!".as_bytes());
let mut headers = Headers::new();
headers.set_raw("set-cookie", vec![b"mozillaIs=theBest; HttpOnly;".to_vec()]);
Ok(MockRequest::new(ResponseType::WithHeaders(content, headers)))
}
}

let url = Url::parse("http://mozilla.com").unwrap();

let hsts_list = Arc::new(RwLock::new(HSTSList::new()));
let cookie_jar = Arc::new(RwLock::new(CookieStorage::new()));

let load_data = LoadData::new(url.clone(), None);
let _ = load::<MockRequest>(load_data, hsts_list,
cookie_jar.clone(),
None,
&Factory,
DEFAULT_USER_AGENT.to_string());

let mut cookie_jar = cookie_jar.write().unwrap();
assert!(cookie_jar.cookies_for_url(&url, CookieSource::NonHTTP).is_none());
}

#[test]
fn test_when_cookie_received_marked_secure_is_ignored_for_http() {
struct Factory;

impl HttpRequestFactory for Factory {
type R = MockRequest;

fn create(&self, _: Url, _: Method) -> Result<MockRequest, LoadError> {
let content = <[_]>::to_vec("Yay!".as_bytes());
let mut headers = Headers::new();
headers.set_raw("set-cookie", vec![b"mozillaIs=theBest; Secure;".to_vec()]);
Ok(MockRequest::new(ResponseType::WithHeaders(content, headers)))
}
}

let hsts_list = Arc::new(RwLock::new(HSTSList::new()));
let cookie_jar = Arc::new(RwLock::new(CookieStorage::new()));

let load_data = LoadData::new(Url::parse("http://mozilla.com").unwrap(), None);
let _ = load::<MockRequest>(load_data, hsts_list,
cookie_jar.clone(),
None,
&Factory,
DEFAULT_USER_AGENT.to_string());

assert_cookie_for_domain(cookie_jar, "http://mozilla.com", "");
}

#[test]
fn test_when_cookie_set_marked_httpsonly_secure_isnt_sent_on_http_request() {

let sec_url = Url::parse("https://mozilla.com").unwrap();
let url = Url::parse("http://mozilla.com").unwrap();

let hsts_list = Arc::new(RwLock::new(HSTSList::new()));
let cookie_jar = Arc::new(RwLock::new(CookieStorage::new()));

{
let mut cookie_jar = cookie_jar.write().unwrap();
let cookie_url = sec_url.clone();
let cookie = Cookie::new_wrapped(
CookiePair::parse("mozillaIs=theBest; Secure;").unwrap(),
&cookie_url,
CookieSource::HTTP
).unwrap();
cookie_jar.push(cookie, CookieSource::HTTP);
}

let mut load_data = LoadData::new(url, None);
load_data.data = Some(<[_]>::to_vec("Yay!".as_bytes()));

assert_cookie_for_domain(cookie_jar.clone(), "https://mozilla.com", "mozillaIs=theBest");

let _ = load::<AssertRequestMustNotHaveHeaders>(
load_data.clone(), hsts_list, cookie_jar, None,
&AssertMustNotHaveHeadersRequestFactory {
headers_not_expected: vec!["Cookie".to_owned()],
body: <[_]>::to_vec(&*load_data.data.unwrap())
}, DEFAULT_USER_AGENT.to_string());
}

#[test]
fn test_load_sets_content_length_to_length_of_request_body() {
let content = "This is a request body";
Expand Down

0 comments on commit 79fcd1d

Please sign in to comment.