summaryrefslogtreecommitdiffstats
path: root/tests/auto/network/access/hsts/tst_qhsts.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'tests/auto/network/access/hsts/tst_qhsts.cpp')
-rw-r--r--tests/auto/network/access/hsts/tst_qhsts.cpp118
1 files changed, 49 insertions, 69 deletions
diff --git a/tests/auto/network/access/hsts/tst_qhsts.cpp b/tests/auto/network/access/hsts/tst_qhsts.cpp
index f59d04e9e2..4e9a5cc53f 100644
--- a/tests/auto/network/access/hsts/tst_qhsts.cpp
+++ b/tests/auto/network/access/hsts/tst_qhsts.cpp
@@ -1,30 +1,5 @@
-/****************************************************************************
-**
-** Copyright (C) 2016 The Qt Company Ltd.
-** Contact: https://www.qt.io/licensing/
-**
-** This file is part of the test suite of the Qt Toolkit.
-**
-** $QT_BEGIN_LICENSE:GPL-EXCEPT$
-** Commercial License Usage
-** Licensees holding valid commercial Qt licenses may use this file in
-** accordance with the commercial license agreement provided with the
-** Software or, alternatively, in accordance with the terms contained in
-** a written agreement between you and The Qt Company. For licensing terms
-** and conditions see https://www.qt.io/terms-conditions. For further
-** information use the contact form at https://www.qt.io/contact-us.
-**
-** GNU General Public License Usage
-** Alternatively, this file may be used under the terms of the GNU
-** General Public License version 3 as published by the Free Software
-** Foundation with exceptions as appearing in the file LICENSE.GPL3-EXCEPT
-** included in the packaging of this file. Please review the following
-** information to ensure the GNU General Public License requirements will
-** be met: https://www.gnu.org/licenses/gpl-3.0.html.
-**
-** $QT_END_LICENSE$
-**
-****************************************************************************/
+// Copyright (C) 2016 The Qt Company Ltd.
+// SPDX-License-Identifier: LicenseRef-Qt-Commercial OR GPL-3.0-only
#include <QTest>
@@ -34,6 +9,7 @@
#include <QtCore/qpair.h>
#include <QtCore/qurl.h>
+#include <QtNetwork/qhttpheaders.h>
#include <QtNetwork/private/qhstsstore_p.h>
#include <QtNetwork/private/qhsts_p.h>
@@ -214,104 +190,108 @@ void tst_QHsts::testPolicyExpiration()
void tst_QHsts::testSTSHeaderParser()
{
QHstsHeaderParser parser;
- using Header = QPair<QByteArray, QByteArray>;
- using Headers = QList<Header>;
QVERIFY(!parser.includeSubDomains());
QVERIFY(!parser.expirationDate().isValid());
- Headers list;
- QVERIFY(!parser.parse(list));
+ QHttpHeaders headers;
+ QVERIFY(!parser.parse(headers));
QVERIFY(!parser.includeSubDomains());
QVERIFY(!parser.expirationDate().isValid());
- list << Header("Strict-Transport-security", "200");
- QVERIFY(!parser.parse(list));
+ headers.append("Strict-Transport-security", "200");
+ QVERIFY(!parser.parse(headers));
QVERIFY(!parser.includeSubDomains());
QVERIFY(!parser.expirationDate().isValid());
// This header is missing REQUIRED max-age directive, so we'll ignore it:
- list << Header("Strict-Transport-Security", "includeSubDomains");
- QVERIFY(!parser.parse(list));
+ headers.append("Strict-Transport-Security", "includeSubDomains");
+ QVERIFY(!parser.parse(headers));
QVERIFY(!parser.includeSubDomains());
QVERIFY(!parser.expirationDate().isValid());
- list.pop_back();
- list << Header("Strict-Transport-Security", "includeSubDomains;max-age=1000");
- QVERIFY(parser.parse(list));
+ headers.removeAt(headers.size() - 1);
+ headers.append("Strict-Transport-Security", "includeSubDomains;max-age=1000");
+ QVERIFY(parser.parse(headers));
QVERIFY(parser.expirationDate() > QDateTime::currentDateTimeUtc());
QVERIFY(parser.includeSubDomains());
- list.pop_back();
+ headers.removeAt(headers.size() - 1);
+ headers.append("strict-transport-security", "includeSubDomains;max-age=1000");
+ QVERIFY(parser.parse(headers));
+ QVERIFY(parser.expirationDate() > QDateTime::currentDateTimeUtc());
+ QVERIFY(parser.includeSubDomains());
+
+ headers.removeAt(headers.size() - 1);
// Invalid (includeSubDomains twice):
- list << Header("Strict-Transport-Security", "max-age = 1000 ; includeSubDomains;includeSubDomains");
- QVERIFY(!parser.parse(list));
+ headers.append("Strict-Transport-Security", "max-age = 1000 ; includeSubDomains;includeSubDomains");
+ QVERIFY(!parser.parse(headers));
QVERIFY(!parser.includeSubDomains());
QVERIFY(!parser.expirationDate().isValid());
- list.pop_back();
+ headers.removeAt(headers.size() - 1);
// Invalid (weird number of seconds):
- list << Header("Strict-Transport-Security", "max-age=-1000 ; includeSubDomains");
- QVERIFY(!parser.parse(list));
+ headers.append("Strict-Transport-Security", "max-age=-1000 ; includeSubDomains");
+ QVERIFY(!parser.parse(headers));
QVERIFY(!parser.includeSubDomains());
QVERIFY(!parser.expirationDate().isValid());
- list.pop_back();
+ headers.removeAt(headers.size() - 1);
// Note, directives are case-insensitive + we should ignore unknown directive.
- list << Header("Strict-Transport-Security", ";max-age=1000 ;includesubdomains;;"
+ headers.append("Strict-Transport-Security", ";max-age=1000 ;includesubdomains;;"
"nowsomeunknownheader=\"somevaluewithescapes\\;\"");
- QVERIFY(parser.parse(list));
+ QVERIFY(parser.parse(headers));
QVERIFY(parser.includeSubDomains());
QVERIFY(parser.expirationDate().isValid());
- list.pop_back();
+ headers.removeAt(headers.size() - 1);
// Check that we know how to unescape max-age:
- list << Header("Strict-Transport-Security", "max-age=\"1000\"");
- QVERIFY(parser.parse(list));
+ headers.append("Strict-Transport-Security", "max-age=\"1000\"");
+ QVERIFY(parser.parse(headers));
QVERIFY(!parser.includeSubDomains());
QVERIFY(parser.expirationDate().isValid());
- list.pop_back();
+ headers.removeAt(headers.size() - 1);
// The only STS header, with invalid syntax though, to be ignored:
- list << Header("Strict-Transport-Security", "max-age; max-age=15768000");
- QVERIFY(!parser.parse(list));
+ headers.append("Strict-Transport-Security", "max-age; max-age=15768000");
+ QVERIFY(!parser.parse(headers));
QVERIFY(!parser.includeSubDomains());
QVERIFY(!parser.expirationDate().isValid());
// Now we check that our parse chosses the first valid STS header and ignores
// others:
- list.clear();
- list << Header("Strict-Transport-Security", "includeSubdomains; max-age=\"hehehe\";");
- list << Header("Strict-Transport-Security", "max-age=10101");
- QVERIFY(parser.parse(list));
+ headers.clear();
+ headers.append("Strict-Transport-Security", "includeSubdomains; max-age=\"hehehe\";");
+ headers.append("Strict-Transport-Security", "max-age=10101");
+ QVERIFY(parser.parse(headers));
QVERIFY(!parser.includeSubDomains());
QVERIFY(parser.expirationDate().isValid());
- list.clear();
- list << Header("Strict-Transport-Security", "max-age=0");
- QVERIFY(parser.parse(list));
+ headers.clear();
+ headers.append("Strict-Transport-Security", "max-age=0");
+ QVERIFY(parser.parse(headers));
QVERIFY(!parser.includeSubDomains());
QVERIFY(parser.expirationDate() <= QDateTime::currentDateTimeUtc());
// Parsing is case-insensitive:
- list.pop_back();
- list << Header("Strict-Transport-Security", "Max-aGE=1000; InclUdesUbdomains");
- QVERIFY(parser.parse(list));
+ headers.removeAt(headers.size() - 1);
+ headers.append("Strict-Transport-Security", "Max-aGE=1000; InclUdesUbdomains");
+ QVERIFY(parser.parse(headers));
QVERIFY(parser.includeSubDomains());
QVERIFY(parser.expirationDate().isValid());
// Grammar of STS header is quite permissive, let's check we can parse
// some weird but valid header:
- list.pop_back();
- list << Header("Strict-Transport-Security", ";;; max-age = 17; ; ; ; ;;; ;;"
+ headers.removeAt(headers.size() - 1);
+ headers.append("Strict-Transport-Security", ";;; max-age = 17; ; ; ; ;;; ;;"
";;; ; includeSubdomains ;;thisIsUnknownDirective;;;;");
- QVERIFY(parser.parse(list));
+ QVERIFY(parser.parse(headers));
QVERIFY(parser.includeSubDomains());
QVERIFY(parser.expirationDate().isValid());
- list.pop_back();
- list << Header("Strict-Transport-Security", "max-age=1000; includeSubDomains bogon");
- QVERIFY(!parser.parse(list));
+ headers.removeAt(headers.size() - 1);
+ headers.append("Strict-Transport-Security", "max-age=1000; includeSubDomains bogon");
+ QVERIFY(!parser.parse(headers));
QVERIFY(!parser.includeSubDomains());
QVERIFY(!parser.expirationDate().isValid());
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-24 20:53:40 +0000