Skip to content
This repository was archived by the owner on Sep 25, 2019. It is now read-only.

Commit 0acc01d

Browse files
author
[email protected]
committed
Test downloads.download() disallows unsafe headers
Review URL: http://codereview.chromium.org/10260018 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@135243 0039d316-1c4b-4281-b951-d872f2087c98
1 parent 7009fa7 commit 0acc01d

File tree

1 file changed

+204
-0
lines changed
  • chrome/test/data/extensions/api_test/downloads

1 file changed

+204
-0
lines changed

chrome/test/data/extensions/api_test/downloads/test.js

Lines changed: 204 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -510,6 +510,210 @@ chrome.test.getConfig(function(testConfig) {
510510
}));
511511
},
512512

513+
function downloadHeadersInvalid0() {
514+
// Test that we disallow certain headers case-insensitive.
515+
downloads.download(
516+
{'url': SAFE_FAST_URL,
517+
'headers': [{'name': 'Accept-chArsEt', 'value': 'evil'}]},
518+
chrome.test.callbackFail(downloads.ERROR_GENERIC));
519+
},
520+
521+
function downloadHeadersInvalid1() {
522+
// Test that we disallow certain headers.
523+
downloads.download(
524+
{'url': SAFE_FAST_URL,
525+
'headers': [{'name': 'accept-eNcoding', 'value': 'evil'}]},
526+
chrome.test.callbackFail(downloads.ERROR_GENERIC));
527+
},
528+
529+
function downloadHeadersInvalid2() {
530+
// Test that we disallow certain headers.
531+
downloads.download(
532+
{'url': SAFE_FAST_URL,
533+
'headers': [{'name': 'coNNection', 'value': 'evil'}]},
534+
chrome.test.callbackFail(downloads.ERROR_GENERIC));
535+
},
536+
537+
function downloadHeadersInvalid3() {
538+
// Test that we disallow certain headers.
539+
downloads.download(
540+
{'url': SAFE_FAST_URL,
541+
'headers': [{'name': 'coNteNt-leNgth', 'value': 'evil'}]},
542+
chrome.test.callbackFail(downloads.ERROR_GENERIC));
543+
},
544+
545+
function downloadHeadersInvalid4() {
546+
// Test that we disallow certain headers.
547+
downloads.download(
548+
{'url': SAFE_FAST_URL,
549+
'headers': [{'name': 'cooKIE', 'value': 'evil'}]},
550+
chrome.test.callbackFail(downloads.ERROR_GENERIC));
551+
},
552+
553+
function downloadHeadersInvalid5() {
554+
// Test that we disallow certain headers.
555+
downloads.download(
556+
{'url': SAFE_FAST_URL,
557+
'headers': [{'name': 'cOOkie2', 'value': 'evil'}]},
558+
chrome.test.callbackFail(downloads.ERROR_GENERIC));
559+
},
560+
561+
function downloadHeadersInvalid6() {
562+
// Test that we disallow certain headers.
563+
downloads.download(
564+
{'url': SAFE_FAST_URL,
565+
'headers': [{'name': 'coNteNt-traNsfer-eNcodiNg', 'value': 'evil'}]},
566+
chrome.test.callbackFail(downloads.ERROR_GENERIC));
567+
},
568+
569+
function downloadHeadersInvalid7() {
570+
// Test that we disallow certain headers.
571+
downloads.download(
572+
{'url': SAFE_FAST_URL,
573+
'headers': [{'name': 'dAtE', 'value': 'evil'}]},
574+
chrome.test.callbackFail(downloads.ERROR_GENERIC));
575+
},
576+
577+
function downloadHeadersInvalid8() {
578+
// Test that we disallow certain headers.
579+
downloads.download(
580+
{'url': SAFE_FAST_URL,
581+
'headers': [{'name': 'ExpEcT', 'value': 'evil'}]},
582+
chrome.test.callbackFail(downloads.ERROR_GENERIC));
583+
},
584+
585+
function downloadHeadersInvalid9() {
586+
// Test that we disallow certain headers.
587+
downloads.download(
588+
{'url': SAFE_FAST_URL,
589+
'headers': [{'name': 'hOsT', 'value': 'evil'}]},
590+
chrome.test.callbackFail(downloads.ERROR_GENERIC));
591+
},
592+
593+
function downloadHeadersInvalid10() {
594+
// Test that we disallow certain headers.
595+
downloads.download(
596+
{'url': SAFE_FAST_URL,
597+
'headers': [{'name': 'kEEp-aLivE', 'value': 'evil'}]},
598+
chrome.test.callbackFail(downloads.ERROR_GENERIC));
599+
},
600+
601+
function downloadHeadersInvalid11() {
602+
// Test that we disallow certain headers.
603+
downloads.download(
604+
{'url': SAFE_FAST_URL,
605+
'headers': [{'name': 'rEfErEr', 'value': 'evil'}]},
606+
chrome.test.callbackFail(downloads.ERROR_GENERIC));
607+
},
608+
609+
function downloadHeadersInvalid12() {
610+
// Test that we disallow certain headers.
611+
downloads.download(
612+
{'url': SAFE_FAST_URL,
613+
'headers': [{'name': 'tE', 'value': 'evil'}]},
614+
chrome.test.callbackFail(downloads.ERROR_GENERIC));
615+
},
616+
617+
function downloadHeadersInvalid13() {
618+
// Test that we disallow certain headers.
619+
downloads.download(
620+
{'url': SAFE_FAST_URL,
621+
'headers': [{'name': 'trAilER', 'value': 'evil'}]},
622+
chrome.test.callbackFail(downloads.ERROR_GENERIC));
623+
},
624+
625+
function downloadHeadersInvalid14() {
626+
// Test that we disallow certain headers.
627+
downloads.download(
628+
{'url': SAFE_FAST_URL,
629+
'headers': [{'name': 'trANsfer-eNcodiNg', 'value': 'evil'}]},
630+
chrome.test.callbackFail(downloads.ERROR_GENERIC));
631+
},
632+
633+
function downloadHeadersInvalid15() {
634+
// Test that we disallow certain headers.
635+
downloads.download(
636+
{'url': SAFE_FAST_URL,
637+
'headers': [{'name': 'upGRAde', 'value': 'evil'}]},
638+
chrome.test.callbackFail(downloads.ERROR_GENERIC));
639+
},
640+
641+
function downloadHeadersInvalid16() {
642+
// Test that we disallow certain headers.
643+
downloads.download(
644+
{'url': SAFE_FAST_URL,
645+
'headers': [{'name': 'usER-agENt', 'value': 'evil'}]},
646+
chrome.test.callbackFail(downloads.ERROR_GENERIC));
647+
},
648+
649+
function downloadHeadersInvalid17() {
650+
// Test that we disallow certain headers.
651+
downloads.download(
652+
{'url': SAFE_FAST_URL,
653+
'headers': [{'name': 'viA', 'value': 'evil'}]},
654+
chrome.test.callbackFail(downloads.ERROR_GENERIC));
655+
},
656+
657+
function downloadHeadersInvalid18() {
658+
// Test that we disallow certain headers.
659+
downloads.download(
660+
{'url': SAFE_FAST_URL,
661+
'headers': [{'name': 'pRoxY-', 'value': 'evil'}]},
662+
chrome.test.callbackFail(downloads.ERROR_GENERIC));
663+
},
664+
665+
function downloadHeadersInvalid19() {
666+
// Test that we disallow certain headers.
667+
downloads.download(
668+
{'url': SAFE_FAST_URL,
669+
'headers': [{'name': 'sEc-', 'value': 'evil'}]},
670+
chrome.test.callbackFail(downloads.ERROR_GENERIC));
671+
},
672+
673+
function downloadHeadersInvalid20() {
674+
// Test that we disallow certain headers.
675+
downloads.download(
676+
{'url': SAFE_FAST_URL,
677+
'headers': [{'name': 'pRoxY-probably-not-evil', 'value': 'evil'}]},
678+
chrome.test.callbackFail(downloads.ERROR_GENERIC));
679+
},
680+
681+
function downloadHeadersInvalid21() {
682+
// Test that we disallow certain headers.
683+
downloads.download(
684+
{'url': SAFE_FAST_URL,
685+
'headers': [{'name': 'sEc-probably-not-evil', 'value': 'evil'}]},
686+
chrome.test.callbackFail(downloads.ERROR_GENERIC));
687+
},
688+
689+
function downloadHeadersInvalid22() {
690+
// Test that we disallow certain headers.
691+
downloads.download(
692+
{'url': SAFE_FAST_URL,
693+
'headers': [{'name': 'oRiGiN', 'value': 'evil'}]},
694+
chrome.test.callbackFail(downloads.ERROR_GENERIC));
695+
},
696+
697+
// TODO(benjhayden): Find why these aren't caught by
698+
// net::HttpUtil::IsSafeHeader().
699+
// function downloadHeadersInvalid23() {
700+
// // Test that we disallow certain headers.
701+
// downloads.download(
702+
// {'url': SAFE_FAST_URL,
703+
// 'headers': [{'name': 'Access-Control-Request-Headers',
704+
// 'value': 'evil'}]},
705+
// chrome.test.callbackFail(downloads.ERROR_GENERIC));
706+
// },
707+
708+
// function downloadHeadersInvalid24() {
709+
// // Test that we disallow certain headers.
710+
// downloads.download(
711+
// {'url': SAFE_FAST_URL,
712+
// 'headers': [{'name': 'Access-Control-Request-Method',
713+
// 'value': 'evil'}]},
714+
// chrome.test.callbackFail(downloads.ERROR_GENERIC));
715+
// },
716+
513717
function downloadInterrupted() {
514718
// Test that cancel()ing an in-progress download causes its state to
515719
// transition to interrupted, and test that that state transition is

0 commit comments

Comments
 (0)