1 // Copyright 2020 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/base/scheme_host_port_matcher_rule.h"
6
7 #include "testing/gtest/include/gtest/gtest.h"
8
9 namespace net {
10
11 namespace {
12
TEST(SchemeHostPortMatcherRuleTest,SchemeHostPortMatcherHostnamePatternRule_HostOnlyRule)13 TEST(SchemeHostPortMatcherRuleTest,
14 SchemeHostPortMatcherHostnamePatternRule_HostOnlyRule) {
15 std::unique_ptr<SchemeHostPortMatcherRule> rule =
16 SchemeHostPortMatcherRule::FromUntrimmedRawString("wWw.gOogle.com");
17
18 EXPECT_EQ("www.google.com", rule->ToString());
19
20 // non-hostname components don't matter.
21 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
22 rule->Evaluate(GURL("http://www.google.com")));
23 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
24 rule->Evaluate(GURL("https://www.google.com:81")));
25 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
26 rule->Evaluate(GURL("ftp://www.google.com:99")));
27 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
28 rule->Evaluate(GURL("http://www.google.com/x/y?q#h")));
29
30 // Hostname must match.
31 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
32 rule->Evaluate(GURL("http://foo.www.google.com")));
33 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
34 rule->Evaluate(GURL("http://xxx.google.com")));
35 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
36 rule->Evaluate(GURL("http://google.com")));
37 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
38 rule->Evaluate(GURL("http://www.google.com.baz.org")));
39 }
40
TEST(SchemeHostPortMatcherRuleTest,SchemeHostPortMatcherHostnamePatternRule_BasicDomain)41 TEST(SchemeHostPortMatcherRuleTest,
42 SchemeHostPortMatcherHostnamePatternRule_BasicDomain) {
43 std::unique_ptr<SchemeHostPortMatcherRule> rule =
44 SchemeHostPortMatcherRule::FromUntrimmedRawString(".gOOgle.com");
45
46 EXPECT_EQ("*.google.com", rule->ToString());
47
48 // non-hostname components don't matter.
49 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
50 rule->Evaluate(GURL("http://www.google.com")));
51 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
52 rule->Evaluate(GURL("https://a.google.com:81")));
53 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
54 rule->Evaluate(GURL("ftp://www.google.com:99")));
55 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
56 rule->Evaluate(GURL("http://foo.google.com/x/y?q")));
57 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
58 rule->Evaluate(GURL("http://foo:[email protected]#x")));
59
60 // Hostname must be a strict "ends with" match.
61 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
62 rule->Evaluate(GURL("http://google.com")));
63 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
64 rule->Evaluate(GURL("http://www.google.com.baz.org")));
65 }
66
TEST(SchemeHostPortMatcherRuleTest,SchemeHostPortMatcherHostnamePatternRule_BasicDomainWithPort)67 TEST(SchemeHostPortMatcherRuleTest,
68 SchemeHostPortMatcherHostnamePatternRule_BasicDomainWithPort) {
69 std::unique_ptr<SchemeHostPortMatcherRule> rule =
70 SchemeHostPortMatcherRule::FromUntrimmedRawString("*.GOOGLE.com:80");
71
72 EXPECT_EQ("*.google.com:80", rule->ToString());
73
74 // non-hostname components don't matter.
75 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
76 rule->Evaluate(GURL("http://www.google.com")));
77 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
78 rule->Evaluate(GURL("https://a.google.com:80?x")));
79 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
80 rule->Evaluate(GURL("https://a.google.com:80/x/y?q#f")));
81 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
82 rule->Evaluate(GURL("ftp://www.google.com:80")));
83
84 // Hostname must be a strict "ends with" match.
85 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
86 rule->Evaluate(GURL("http://google.com")));
87 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
88 rule->Evaluate(GURL("http://www.google.com.baz.org")));
89
90 // Port must match.
91 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
92 rule->Evaluate(GURL("http://www.google.com:90")));
93 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
94 rule->Evaluate(GURL("https://www.google.com")));
95 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
96 rule->Evaluate(GURL("https://ftp.google.com")));
97 }
98
TEST(SchemeHostPortMatcherRuleTest,SchemeHostPortMatcherHostnamePatternRule_MatchAll)99 TEST(SchemeHostPortMatcherRuleTest,
100 SchemeHostPortMatcherHostnamePatternRule_MatchAll) {
101 std::unique_ptr<SchemeHostPortMatcherRule> rule =
102 SchemeHostPortMatcherRule::FromUntrimmedRawString("*");
103
104 EXPECT_EQ("*", rule->ToString());
105
106 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
107 rule->Evaluate(GURL("http://www.google.com")));
108 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
109 rule->Evaluate(GURL("ftp://www.foobar.com:99")));
110 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
111 rule->Evaluate(GURL("https://a.google.com:80/?x")));
112 }
113
TEST(SchemeHostPortMatcherRuleTest,SchemeHostPortMatcherHostnamePatternRule_HttpScheme)114 TEST(SchemeHostPortMatcherRuleTest,
115 SchemeHostPortMatcherHostnamePatternRule_HttpScheme) {
116 std::unique_ptr<SchemeHostPortMatcherRule> rule =
117 SchemeHostPortMatcherRule::FromUntrimmedRawString(
118 "http://www.google.com");
119
120 EXPECT_EQ("http://www.google.com", rule->ToString());
121
122 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
123 rule->Evaluate(GURL("http://www.google.com")));
124 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
125 rule->Evaluate(GURL("http://www.google.com/foo")));
126 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
127 rule->Evaluate(GURL("http://www.google.com:99")));
128
129 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
130 rule->Evaluate(GURL("http://foo.www.google.com")));
131 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
132 rule->Evaluate(GURL("https://www.google.com")));
133 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
134 rule->Evaluate(GURL("ftp://www.google.com")));
135 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
136 rule->Evaluate(GURL("http://www.google.com.org")));
137 }
138
TEST(SchemeHostPortMatcherRuleTest,SchemeHostPortMatcherHostnamePatternRule_HttpOnlyWithWildcard)139 TEST(SchemeHostPortMatcherRuleTest,
140 SchemeHostPortMatcherHostnamePatternRule_HttpOnlyWithWildcard) {
141 std::unique_ptr<SchemeHostPortMatcherRule> rule =
142 SchemeHostPortMatcherRule::FromUntrimmedRawString(
143 "http://*www.GOOGLE.com");
144
145 EXPECT_EQ("http://*www.google.com", rule->ToString());
146
147 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
148 rule->Evaluate(GURL("http://www.google.com/foo")));
149 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
150 rule->Evaluate(GURL("http://www.google.com:99")));
151 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
152 rule->Evaluate(GURL("http://foo.www.google.com")));
153
154 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
155 rule->Evaluate(GURL("https://www.google.com")));
156 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
157 rule->Evaluate(GURL("ftp://www.google.com")));
158 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
159 rule->Evaluate(GURL("http://www.google.com.org")));
160 }
161
TEST(SchemeHostPortMatcherRuleTest,SchemeHostPortMatcherHostnamePatternRule_PunnyCodeHostname)162 TEST(SchemeHostPortMatcherRuleTest,
163 SchemeHostPortMatcherHostnamePatternRule_PunnyCodeHostname) {
164 std::unique_ptr<SchemeHostPortMatcherRule> rule =
165 SchemeHostPortMatcherRule::FromUntrimmedRawString("*.xn--flw351e.cn");
166
167 EXPECT_EQ("*.xn--flw351e.cn", rule->ToString());
168 // Google Chinese site.
169 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
170 rule->Evaluate(GURL("http://www.谷歌.cn")));
171 }
172
TEST(SchemeHostPortMatcherRuleTest,SuffixMatchingTest)173 TEST(SchemeHostPortMatcherRuleTest, SuffixMatchingTest) {
174 // foo1.com, suffix matching rule will match www.foo1.com but the original one
175 // doesn't.
176 SchemeHostPortMatcherHostnamePatternRule rule1("", "foo1.com", -1);
177 std::unique_ptr<SchemeHostPortMatcherHostnamePatternRule>
178 suffix_matching_rule = rule1.GenerateSuffixMatchingRule();
179 EXPECT_EQ("foo1.com", rule1.ToString());
180 EXPECT_EQ("*foo1.com", suffix_matching_rule->ToString());
181 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
182 rule1.Evaluate(GURL("http://www.foo1.com")));
183 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
184 suffix_matching_rule->Evaluate(GURL("http://www.foo1.com")));
185
186 // .foo2.com, suffix matching rule will match www.foo2.com but the original
187 // one doesn't.
188 SchemeHostPortMatcherHostnamePatternRule rule2("", ".foo2.com", -1);
189 suffix_matching_rule = rule2.GenerateSuffixMatchingRule();
190 EXPECT_EQ(".foo2.com", rule2.ToString());
191 EXPECT_EQ("*.foo2.com", suffix_matching_rule->ToString());
192 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
193 rule2.Evaluate(GURL("http://www.foo2.com")));
194 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
195 suffix_matching_rule->Evaluate(GURL("http://www.foo2.com")));
196
197 // *foobar.com:80, this is already a suffix matching rule.
198 SchemeHostPortMatcherHostnamePatternRule rule3("", "*foobar.com", 80);
199 suffix_matching_rule = rule3.GenerateSuffixMatchingRule();
200 EXPECT_EQ("*foobar.com:80", rule3.ToString());
201 EXPECT_EQ("*foobar.com:80", suffix_matching_rule->ToString());
202 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
203 rule3.Evaluate(GURL("http://www.foobar.com:80")));
204 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
205 suffix_matching_rule->Evaluate(GURL("http://www.foobar.com:80")));
206
207 // *.foo, this is already a suffix matching rule.
208 SchemeHostPortMatcherHostnamePatternRule rule4("", "*.foo", -1);
209 suffix_matching_rule = rule4.GenerateSuffixMatchingRule();
210 EXPECT_EQ("*.foo", rule4.ToString());
211 EXPECT_EQ("*.foo", suffix_matching_rule->ToString());
212 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
213 rule4.Evaluate(GURL("http://www.foo")));
214 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
215 suffix_matching_rule->Evaluate(GURL("http://www.foo")));
216
217 // http://baz, suffix matching works for host part only.
218 SchemeHostPortMatcherHostnamePatternRule rule5("http", "baz", -1);
219 suffix_matching_rule = rule5.GenerateSuffixMatchingRule();
220 EXPECT_EQ("http://baz", rule5.ToString());
221 EXPECT_EQ("http://*baz", suffix_matching_rule->ToString());
222 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
223 rule5.Evaluate(GURL("http://foobaz")));
224 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
225 suffix_matching_rule->Evaluate(GURL("http://foobaz")));
226 }
227
TEST(SchemeHostPortMatcherRuleTest,SchemeHostPortMatcherIPHostRule_IPv4)228 TEST(SchemeHostPortMatcherRuleTest, SchemeHostPortMatcherIPHostRule_IPv4) {
229 std::unique_ptr<SchemeHostPortMatcherRule> rule =
230 SchemeHostPortMatcherRule::FromUntrimmedRawString("192.168.1.1");
231
232 EXPECT_EQ("192.168.1.1", rule->ToString());
233
234 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
235 rule->Evaluate(GURL("http://192.168.1.1")));
236 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
237 rule->Evaluate(GURL("http://192.168.1.1:90")));
238 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
239 rule->Evaluate(GURL("http://192.168.1.1:90/x/y?q")));
240 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
241 rule->Evaluate(GURL("http://192.168.1.1:90/x/y?q#h")));
242
243 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
244 rule->Evaluate(GURL("http://www.google.com")));
245 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
246 rule->Evaluate(GURL("http://sup.192.168.1.1")));
247 }
248
TEST(SchemeHostPortMatcherRuleTest,SchemeHostPortMatcherIPHostRule_IPv4WithPort)249 TEST(SchemeHostPortMatcherRuleTest,
250 SchemeHostPortMatcherIPHostRule_IPv4WithPort) {
251 std::unique_ptr<SchemeHostPortMatcherRule> rule =
252 SchemeHostPortMatcherRule::FromUntrimmedRawString("192.168.1.1:33");
253
254 EXPECT_EQ("192.168.1.1:33", rule->ToString());
255
256 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
257 rule->Evaluate(GURL("http://192.168.1.1:33")));
258 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
259 rule->Evaluate(GURL("http://192.168.1.1:33/x/y?q#h")));
260
261 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
262 rule->Evaluate(GURL("http://192.168.1.1")));
263 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
264 rule->Evaluate(GURL("http://192.168.1.1:90")));
265 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
266 rule->Evaluate(GURL("http://www.google.com")));
267 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
268 rule->Evaluate(GURL("http://sup.192.168.1.1")));
269 }
270
TEST(SchemeHostPortMatcherRuleTest,SchemeHostPortMatcherIPHostRule_IPv4WithScheme)271 TEST(SchemeHostPortMatcherRuleTest,
272 SchemeHostPortMatcherIPHostRule_IPv4WithScheme) {
273 std::unique_ptr<SchemeHostPortMatcherRule> rule =
274 SchemeHostPortMatcherRule::FromUntrimmedRawString("http://192.168.1.1");
275
276 EXPECT_EQ("http://192.168.1.1", rule->ToString());
277
278 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
279 rule->Evaluate(GURL("http://192.168.1.1")));
280 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
281 rule->Evaluate(GURL("http://192.168.1.1:90")));
282 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
283 rule->Evaluate(GURL("http://192.168.1.1:90/x/y?q#h")));
284
285 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
286 rule->Evaluate(GURL("ftp://192.168.1.1")));
287 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
288 rule->Evaluate(GURL("https://192.168.1.1")));
289 }
290
TEST(SchemeHostPortMatcherRuleTest,SchemeHostPortMatcherIPHostRule_IPv6)291 TEST(SchemeHostPortMatcherRuleTest, SchemeHostPortMatcherIPHostRule_IPv6) {
292 std::unique_ptr<SchemeHostPortMatcherRule> rule =
293 SchemeHostPortMatcherRule::FromUntrimmedRawString(
294 "[3ffe:2a00:100:7031:0:0::1]");
295
296 // Note that the IPv6 address is canonicalized.
297 EXPECT_EQ("[3ffe:2a00:100:7031::1]", rule->ToString());
298
299 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
300 rule->Evaluate(GURL("http://[3ffe:2a00:100:7031::1]")));
301 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
302 rule->Evaluate(GURL("http://[3ffe:2a00:100:7031::1]:33")));
303 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
304 rule->Evaluate(GURL("http://[3ffe:2a00:100:7031::1]:33/x/y?q#h")));
305
306 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
307 rule->Evaluate(GURL("http://192.168.1.1")));
308 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
309 rule->Evaluate(GURL("http://192.168.1.1:90")));
310 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
311 rule->Evaluate(GURL("http://www.google.com")));
312 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
313 rule->Evaluate(GURL("http://sup.192.168.1.1")));
314 }
315
TEST(SchemeHostPortMatcherRuleTest,SchemeHostPortMatcherIPHostRule_IPv6WithPort)316 TEST(SchemeHostPortMatcherRuleTest,
317 SchemeHostPortMatcherIPHostRule_IPv6WithPort) {
318 std::unique_ptr<SchemeHostPortMatcherRule> rule =
319 SchemeHostPortMatcherRule::FromUntrimmedRawString(
320 "[3ffe:2a00:100:7031:0:0::1]:33");
321
322 // Note that the IPv6 address is canonicalized.
323 EXPECT_EQ("[3ffe:2a00:100:7031::1]:33", rule->ToString());
324
325 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
326 rule->Evaluate(GURL("http://[3ffe:2a00:100:7031::1]:33")));
327 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
328 rule->Evaluate(GURL("http://[3ffe:2a00:100:7031::1]:33/x/y?q#h")));
329
330 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
331 rule->Evaluate(GURL("http://[3ffe:2a00:100:7031::1]")));
332 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
333 rule->Evaluate(GURL("http://192.168.1.1")));
334 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
335 rule->Evaluate(GURL("http://192.168.1.1:90")));
336 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
337 rule->Evaluate(GURL("http://www.google.com")));
338 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
339 rule->Evaluate(GURL("http://sup.192.168.1.1")));
340 }
341
TEST(SchemeHostPortMatcherRuleTest,SchemeHostPortMatcherIPHostRule_IPv6WithScheme)342 TEST(SchemeHostPortMatcherRuleTest,
343 SchemeHostPortMatcherIPHostRule_IPv6WithScheme) {
344 std::unique_ptr<SchemeHostPortMatcherRule> rule =
345 SchemeHostPortMatcherRule::FromUntrimmedRawString(
346 "https://[3ffe:2a00:100:7031:0:0::1]");
347
348 // Note that the IPv6 address is canonicalized.
349 EXPECT_EQ("https://[3ffe:2a00:100:7031::1]", rule->ToString());
350
351 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
352 rule->Evaluate(GURL("https://[3ffe:2a00:100:7031::1]")));
353 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
354 rule->Evaluate(GURL("https://[3ffe:2a00:100:7031::1]:33")));
355 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
356 rule->Evaluate(GURL("https://[3ffe:2a00:100:7031::1]:33/x/y?q#h")));
357
358 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
359 rule->Evaluate(GURL("http://[3ffe:2a00:100:7031::1]")));
360 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
361 rule->Evaluate(GURL("ftp://[3ffe:2a00:100:7031::1]")));
362 }
363
TEST(SchemeHostPortMatcherRuleTest,SchemeHostPortMatcherIPBlockRule_IPv4)364 TEST(SchemeHostPortMatcherRuleTest, SchemeHostPortMatcherIPBlockRule_IPv4) {
365 std::unique_ptr<SchemeHostPortMatcherRule> rule =
366 SchemeHostPortMatcherRule::FromUntrimmedRawString("192.168.1.1/16");
367
368 EXPECT_EQ("192.168.1.1/16", rule->ToString());
369
370 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
371 rule->Evaluate(GURL("http://192.168.1.1")));
372 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
373 rule->Evaluate(GURL("http://192.168.4.4")));
374 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
375 rule->Evaluate(GURL("http://192.168.0.0:81")));
376 // Test that an IPv4 mapped IPv6 literal matches an IPv4 CIDR rule.
377 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
378 rule->Evaluate(GURL("http://[::ffff:192.168.11.11]")));
379
380 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
381 rule->Evaluate(GURL("http://foobar.com")));
382 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
383 rule->Evaluate(GURL("http://192.169.1.1")));
384 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
385 rule->Evaluate(GURL("http://xxx.192.168.1.1")));
386 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
387 rule->Evaluate(GURL("http://192.168.1.1.xx")));
388 }
389
TEST(SchemeHostPortMatcherRuleTest,SchemeHostPortMatcherIPBlockRule_IPv6)390 TEST(SchemeHostPortMatcherRuleTest, SchemeHostPortMatcherIPBlockRule_IPv6) {
391 std::unique_ptr<SchemeHostPortMatcherRule> rule =
392 SchemeHostPortMatcherRule::FromUntrimmedRawString("a:b:c:d::/48");
393
394 EXPECT_EQ("a:b:c:d::/48", rule->ToString());
395
396 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
397 rule->Evaluate(GURL("http://[A:b:C:9::]")));
398 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
399 rule->Evaluate(GURL("http://foobar.com")));
400 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
401 rule->Evaluate(GURL("http://192.168.1.1")));
402
403 // Test that an IPv4 literal matches an IPv4 mapped IPv6 CIDR rule.
404 // This is the IPv4 mapped equivalent to 192.168.1.1/16.
405 rule = std::make_unique<SchemeHostPortMatcherIPBlockRule>(
406 "::ffff:192.168.1.1/112", "",
407 IPAddress(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0xff,
408 192, 168, 1, 1),
409 112);
410 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
411 rule->Evaluate(GURL("http://[::ffff:192.168.1.3]")));
412 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
413 rule->Evaluate(GURL("http://192.168.11.11")));
414 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
415 rule->Evaluate(GURL("http://10.10.1.1")));
416
417 // Test using an IP range that is close to IPv4 mapped, but not
418 // quite. Should not result in matches.
419 rule = std::make_unique<SchemeHostPortMatcherIPBlockRule>(
420 "::fffe:192.168.1.1/112", "",
421 IPAddress(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0xfe,
422 192, 168, 1, 1),
423 112);
424 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
425 rule->Evaluate(GURL("http://[::fffe:192.168.1.3]")));
426 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
427 rule->Evaluate(GURL("http://[::ffff:192.168.1.3]")));
428 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
429 rule->Evaluate(GURL("http://192.168.11.11")));
430 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
431 rule->Evaluate(GURL("http://10.10.1.1")));
432 }
433
TEST(SchemeHostPortMatcherRuleTest,ParseWildcardAtStart)434 TEST(SchemeHostPortMatcherRuleTest, ParseWildcardAtStart) {
435 std::unique_ptr<SchemeHostPortMatcherRule> rule =
436 SchemeHostPortMatcherRule::FromUntrimmedRawString("*.org:443");
437 EXPECT_EQ("*.org:443", rule->ToString());
438
439 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
440 rule->Evaluate(GURL("https://example.org:443")));
441 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
442 rule->Evaluate(GURL("https://example.org")));
443 EXPECT_EQ(SchemeHostPortMatcherResult::kInclude,
444 rule->Evaluate(GURL("http://foo.org:443")));
445
446 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
447 rule->Evaluate(GURL("https://example.org:80")));
448 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
449 rule->Evaluate(GURL("https://example.com:80")));
450 EXPECT_EQ(SchemeHostPortMatcherResult::kNoMatch,
451 rule->Evaluate(GURL("https://example.orgg:80")));
452 }
453
TEST(SchemeHostPortMatcherRuleTest,ParseInvalidPort)454 TEST(SchemeHostPortMatcherRuleTest, ParseInvalidPort) {
455 std::unique_ptr<SchemeHostPortMatcherRule> rule =
456 SchemeHostPortMatcherRule::FromUntrimmedRawString("*.com:+443");
457 EXPECT_EQ(nullptr, rule);
458
459 rule = SchemeHostPortMatcherRule::FromUntrimmedRawString("*.com:-443");
460 EXPECT_EQ(nullptr, rule);
461
462 rule = SchemeHostPortMatcherRule::FromUntrimmedRawString("*.com:0x443");
463 EXPECT_EQ(nullptr, rule);
464 }
465
466 // Test that parsing an IPv6 range given a bracketed literal is not supported.
467 // Whether IPv6 literals need to be bracketed or not is pretty much a coin toss
468 // depending on the context, and here it is expected to be unbracketed to match
469 // macOS. It would be fine to support bracketed too, however none of the
470 // grammars we parse need that.
TEST(SchemeHostPortMatcherRuleTest,ParseBracketedCIDR_IPv6)471 TEST(SchemeHostPortMatcherRuleTest, ParseBracketedCIDR_IPv6) {
472 std::unique_ptr<SchemeHostPortMatcherRule> rule =
473 SchemeHostPortMatcherRule::FromUntrimmedRawString("[a:b:c:d::]/48");
474 EXPECT_EQ(nullptr, rule);
475 }
476
TEST(SchemeHostPortMatcherRuleTest,BadInputs)477 TEST(SchemeHostPortMatcherRuleTest, BadInputs) {
478 std::unique_ptr<SchemeHostPortMatcherRule> rule =
479 SchemeHostPortMatcherRule::FromUntrimmedRawString("://");
480 EXPECT_EQ(nullptr, rule);
481
482 rule = SchemeHostPortMatcherRule::FromUntrimmedRawString(" ");
483 EXPECT_EQ(nullptr, rule);
484
485 rule = SchemeHostPortMatcherRule::FromUntrimmedRawString("http://");
486 EXPECT_EQ(nullptr, rule);
487
488 rule = SchemeHostPortMatcherRule::FromUntrimmedRawString("*.foo.com:-34");
489 EXPECT_EQ(nullptr, rule);
490 }
491
492 } // anonymous namespace
493
494 } // namespace net
495