当前位置: 首页>>代码示例>>C++>>正文

C++ Persistent::bindToExecutionContext方法代码示例

本文整理汇总了C++中Persistent::bindToExecutionContext方法的典型用法代码示例。如果您正苦于以下问题:C++ Persistent::bindToExecutionContext方法的具体用法?C++ Persistent::bindToExecutionContext怎么用?C++ Persistent::bindToExecutionContext使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在Persistent的用法示例。


在下文中一共展示了Persistent::bindToExecutionContext方法的2个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。

示例1: String

TEST_F(ContentSecurityPolicyTest, NonceInline)
{
    struct TestCase {
        const char* policy;
        const char* nonce;
        bool allowed;
    } cases[] = {
        { "'unsafe-inline'", "", true },
        { "'unsafe-inline'", "yay", true },
        { "'nonce-yay'", "", false },
        { "'nonce-yay'", "yay", true },
        { "'unsafe-inline' 'nonce-yay'", "", false },
        { "'unsafe-inline' 'nonce-yay'", "yay", true },
    };

    String contextURL;
    String content;
    WTF::OrdinalNumber contextLine;
    for (const auto& test : cases) {
        SCOPED_TRACE(testing::Message() << "Policy: `" << test.policy << "`, Nonce: `" << test.nonce << "`");

        unsigned expectedReports = test.allowed ? 0u : 1u;

        // Enforce 'script-src'
        Persistent<ContentSecurityPolicy> policy = ContentSecurityPolicy::create();
        policy->bindToExecutionContext(document.get());
        policy->didReceiveHeader(String("script-src ") + test.policy, ContentSecurityPolicyHeaderTypeEnforce, ContentSecurityPolicyHeaderSourceHTTP);
        EXPECT_EQ(test.allowed, policy->allowInlineScript(contextURL, String(test.nonce), contextLine, content));
        EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size());

        // Enforce 'style-src'
        policy = ContentSecurityPolicy::create();
        policy->bindToExecutionContext(document.get());
        policy->didReceiveHeader(String("style-src ") + test.policy, ContentSecurityPolicyHeaderTypeEnforce, ContentSecurityPolicyHeaderSourceHTTP);
        EXPECT_EQ(test.allowed, policy->allowInlineStyle(contextURL, String(test.nonce), contextLine, content));
        EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size());

        // Report 'script-src'
        policy = ContentSecurityPolicy::create();
        policy->bindToExecutionContext(document.get());
        policy->didReceiveHeader(String("script-src ") + test.policy, ContentSecurityPolicyHeaderTypeReport, ContentSecurityPolicyHeaderSourceHTTP);
        EXPECT_TRUE(policy->allowInlineScript(contextURL, String(test.nonce), contextLine, content));
        EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size());

        // Report 'style-src'
        policy = ContentSecurityPolicy::create();
        policy->bindToExecutionContext(document.get());
        policy->didReceiveHeader(String("style-src ") + test.policy, ContentSecurityPolicyHeaderTypeReport, ContentSecurityPolicyHeaderSourceHTTP);
        EXPECT_TRUE(policy->allowInlineStyle(contextURL, String(test.nonce), contextLine, content));
        EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size());
    }
}
开发者ID:endlessm,项目名称:chromium-browser,代码行数:52,代码来源:ContentSecurityPolicyTest.cpp

示例2: KURL

TEST_F(ContentSecurityPolicyTest, NonceSinglePolicy)
{
    struct TestCase {
        const char* policy;
        const char* url;
        const char* nonce;
        bool allowed;
    } cases[] = {
        { "script-src 'nonce-yay'", "https://example.com/js", "", false },
        { "script-src 'nonce-yay'", "https://example.com/js", "yay", true },
        { "script-src https://example.com", "https://example.com/js", "", true },
        { "script-src https://example.com", "https://example.com/js", "yay", true },
        { "script-src https://example.com 'nonce-yay'", "https://not.example.com/js", "", false },
        { "script-src https://example.com 'nonce-yay'", "https://not.example.com/js", "yay", true },
    };

    for (const auto& test : cases) {
        SCOPED_TRACE(testing::Message() << "Policy: `" << test.policy << "`, URL: `" << test.url << "`, Nonce: `" << test.nonce << "`");
        KURL resource = KURL(KURL(), test.url);

        unsigned expectedReports = test.allowed ? 0u : 1u;

        // Single enforce-mode policy should match `test.expected`:
        Persistent<ContentSecurityPolicy> policy = ContentSecurityPolicy::create();
        policy->bindToExecutionContext(document.get());
        policy->didReceiveHeader(test.policy, ContentSecurityPolicyHeaderTypeEnforce, ContentSecurityPolicyHeaderSourceHTTP);
        EXPECT_EQ(test.allowed, policy->allowScriptFromSource(resource, String(test.nonce)));
        // If this is expected to generate a violation, we should have sent a report.
        EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size());

        // Single report-mode policy should always be `true`:
        policy = ContentSecurityPolicy::create();
        policy->bindToExecutionContext(document.get());
        policy->didReceiveHeader(test.policy, ContentSecurityPolicyHeaderTypeReport, ContentSecurityPolicyHeaderSourceHTTP);
        EXPECT_TRUE(policy->allowScriptFromSource(resource, String(test.nonce)));
        // If this is expected to generate a violation, we should have sent a report, even though
        // we don't deny access in `allowScriptFromSource`:
        EXPECT_EQ(expectedReports, policy->m_violationReportsSent.size());
    }
}
开发者ID:endlessm,项目名称:chromium-browser,代码行数:40,代码来源:ContentSecurityPolicyTest.cpp


注:本文中的Persistent::bindToExecutionContext方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。