[libsoup/hsts: 20/24] Add a test to ensure that subdomain policies don't modify superdomain's
- From: Claudio Saavedra <csaavedra src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [libsoup/hsts: 20/24] Add a test to ensure that subdomain policies don't modify superdomain's
- Date: Thu, 16 May 2019 09:10:19 +0000 (UTC)
commit e9e395c7d41a2c67cd75ebc327910ae2c8cc5273
Author: Claudio Saavedra <csaavedra igalia com>
Date: Wed Sep 19 16:47:52 2018 +0300
Add a test to ensure that subdomain policies don't modify superdomain's
tests/hsts-test.c | 23 +++++++++++++++++++++++
1 file changed, 23 insertions(+)
---
diff --git a/tests/hsts-test.c b/tests/hsts-test.c
index 7b0cf673..ae40495f 100644
--- a/tests/hsts-test.c
+++ b/tests/hsts-test.c
@@ -286,6 +286,28 @@ do_hsts_subdomains_test (void)
soup_test_session_abort_unref (session);
}
+static void
+do_hsts_superdomain_test (void)
+{
+ SoupHSTSEnforcer *enforcer = soup_hsts_enforcer_new ();
+ SoupHSTSPolicy *policy;
+
+ SoupSession *session = hsts_session_new (enforcer);
+ /* This adds a long-lasting policy for localhost. */
+ session_get_uri (session, "https://localhost/long-lasting", SOUP_STATUS_OK);
+
+ /* We want to set a policy with age = 0 for a subdomain, to test that the
+ superdomain's policy is not removed. We cannot test this with a
+ server, so we just create one by hand and add it to the enforcer. */
+ policy = soup_hsts_policy_new ("subdomain.localhost", 0, TRUE);
+ soup_hsts_enforcer_set_policy (enforcer, policy);
+ soup_hsts_policy_free (policy);
+
+ /* This should work, as we have a long-lasting policy in place. If it fails,
+ the subdomain policy has modified the superdomain's policy, which is wrong. */
+ session_get_uri (session, "http://localhost", SOUP_STATUS_OK);
+}
+
static void
do_hsts_multiple_headers_test (void)
{
@@ -438,6 +460,7 @@ main (int argc, char **argv)
g_test_add_func ("/hsts/no_hsts_header", do_hsts_no_hsts_header_test);
g_test_add_func ("/hsts/persistency", do_hsts_persistency_test);
g_test_add_func ("/hsts/subdomains", do_hsts_subdomains_test);
+ g_test_add_func ("/hsts/superdomain", do_hsts_superdomain_test);
g_test_add_func ("/hsts/multiple-headers", do_hsts_multiple_headers_test);
g_test_add_func ("/hsts/insecure-sts", do_hsts_insecure_sts_test);
g_test_add_func ("/hsts/missing-values", do_hsts_missing_values_test);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]