[libsoup/hsts: 13/17] Add a test to ensure that subdomain policies	don't modify superdomain's
- From: Claudio Saavedra <csaavedra src gnome org>
- To: commits-list gnome org
- Cc: 
- Subject: [libsoup/hsts: 13/17] Add a test to ensure that subdomain policies	don't modify superdomain's
- Date: Wed, 22 May 2019 15:00:14 +0000 (UTC)
commit 6e1624c11fe8a3528589c9aa2b396d477f3b185e
Author: Claudio Saavedra <csaavedra igalia com>
Date:   Wed Sep 19 16:47:52 2018 +0300
    Add a test to ensure that subdomain policies don't modify superdomain's
 tests/hsts-test.c | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)
---
diff --git a/tests/hsts-test.c b/tests/hsts-test.c
index 7b0cf673..ae40495f 100644
--- a/tests/hsts-test.c
+++ b/tests/hsts-test.c
@@ -286,6 +286,28 @@ do_hsts_subdomains_test (void)
        soup_test_session_abort_unref (session);
 }
 
+static void
+do_hsts_superdomain_test (void)
+{
+       SoupHSTSEnforcer *enforcer = soup_hsts_enforcer_new ();
+       SoupHSTSPolicy *policy;
+
+       SoupSession *session = hsts_session_new (enforcer);
+       /* This adds a long-lasting policy for localhost. */
+       session_get_uri (session, "https://localhost/long-lasting", SOUP_STATUS_OK);
+
+       /* We want to set a policy with age = 0 for a subdomain, to test that the
+          superdomain's policy is not removed. We cannot test this with a
+          server, so we just create one by hand and add it to the enforcer. */
+       policy = soup_hsts_policy_new ("subdomain.localhost", 0, TRUE);
+       soup_hsts_enforcer_set_policy (enforcer, policy);
+       soup_hsts_policy_free (policy);
+
+       /* This should work, as we have a long-lasting policy in place. If it fails,
+          the subdomain policy has modified the superdomain's policy, which is wrong. */
+       session_get_uri (session, "http://localhost", SOUP_STATUS_OK);
+}
+
 static void
 do_hsts_multiple_headers_test (void)
 {
@@ -438,6 +460,7 @@ main (int argc, char **argv)
        g_test_add_func ("/hsts/no_hsts_header", do_hsts_no_hsts_header_test);
        g_test_add_func ("/hsts/persistency", do_hsts_persistency_test);
        g_test_add_func ("/hsts/subdomains", do_hsts_subdomains_test);
+       g_test_add_func ("/hsts/superdomain", do_hsts_superdomain_test);
        g_test_add_func ("/hsts/multiple-headers", do_hsts_multiple_headers_test);
        g_test_add_func ("/hsts/insecure-sts", do_hsts_insecure_sts_test);
        g_test_add_func ("/hsts/missing-values", do_hsts_missing_values_test);
[
Date Prev][
Date Next]   [
Thread Prev][
Thread Next]   
[
Thread Index]
[
Date Index]
[
Author Index]