1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
|
#include "gtest/gtest.h"
#include "nsCOMPtr.h"
#include "nsNetCID.h"
#include "nsString.h"
#include "nsComponentManagerUtils.h"
#include "../../base/nsProtocolProxyService.h"
#include "nsServiceManagerUtils.h"
#include "mozilla/Preferences.h"
#include "nsNetUtil.h"
namespace mozilla {
namespace net {
TEST(TestProtocolProxyService, LoadHostFilters)
{
nsCOMPtr<nsIProtocolProxyService2> ps =
do_GetService(NS_PROTOCOLPROXYSERVICE_CID);
ASSERT_TRUE(ps);
mozilla::net::nsProtocolProxyService* pps =
static_cast<mozilla::net::nsProtocolProxyService*>(ps.get());
nsCOMPtr<nsIURI> url;
nsAutoCString spec;
auto CheckLoopbackURLs = [&](bool expected) {
// loopback IPs are always filtered
spec = "http://127.0.0.1";
ASSERT_EQ(NS_NewURI(getter_AddRefs(url), spec), NS_OK);
ASSERT_EQ(pps->CanUseProxy(url, 80), expected);
spec = "http://[::1]";
ASSERT_EQ(NS_NewURI(getter_AddRefs(url), spec), NS_OK);
ASSERT_EQ(pps->CanUseProxy(url, 80), expected);
spec = "http://localhost";
ASSERT_EQ(NS_NewURI(getter_AddRefs(url), spec), NS_OK);
ASSERT_EQ(pps->CanUseProxy(url, 80), expected);
};
auto CheckURLs = [&](bool expected) {
spec = "http://example.com";
ASSERT_EQ(NS_NewURI(getter_AddRefs(url), spec), NS_OK);
ASSERT_EQ(pps->CanUseProxy(url, 80), expected);
spec = "https://10.2.3.4";
ASSERT_EQ(NS_NewURI(getter_AddRefs(url), spec), NS_OK);
ASSERT_EQ(pps->CanUseProxy(url, 443), expected);
spec = "http://1.2.3.4";
ASSERT_EQ(NS_NewURI(getter_AddRefs(url), spec), NS_OK);
ASSERT_EQ(pps->CanUseProxy(url, 80), expected);
spec = "http://1.2.3.4:8080";
ASSERT_EQ(NS_NewURI(getter_AddRefs(url), spec), NS_OK);
ASSERT_EQ(pps->CanUseProxy(url, 80), expected);
spec = "http://[2001::1]";
ASSERT_EQ(NS_NewURI(getter_AddRefs(url), spec), NS_OK);
ASSERT_EQ(pps->CanUseProxy(url, 80), expected);
spec = "http://2.3.4.5:7777";
ASSERT_EQ(NS_NewURI(getter_AddRefs(url), spec), NS_OK);
ASSERT_EQ(pps->CanUseProxy(url, 80), expected);
spec = "http://[abcd::2]:123";
ASSERT_EQ(NS_NewURI(getter_AddRefs(url), spec), NS_OK);
ASSERT_EQ(pps->CanUseProxy(url, 80), expected);
spec = "http://bla.test.com";
ASSERT_EQ(NS_NewURI(getter_AddRefs(url), spec), NS_OK);
ASSERT_EQ(pps->CanUseProxy(url, 80), expected);
};
auto CheckPortDomain = [&](bool expected) {
spec = "http://blabla.com:10";
ASSERT_EQ(NS_NewURI(getter_AddRefs(url), spec), NS_OK);
ASSERT_EQ(pps->CanUseProxy(url, 80), expected);
};
auto CheckLocalDomain = [&](bool expected) {
spec = "http://test";
ASSERT_EQ(NS_NewURI(getter_AddRefs(url), spec), NS_OK);
ASSERT_EQ(pps->CanUseProxy(url, 80), expected);
};
// --------------------------------------------------------------------------
nsAutoCString filter;
// Anything is allowed when there are no filters set
printf("Testing empty filter: %s\n", filter.get());
pps->LoadHostFilters(filter);
CheckLoopbackURLs(false);
CheckLocalDomain(true);
CheckURLs(true);
CheckPortDomain(true);
// --------------------------------------------------------------------------
filter =
"example.com, 1.2.3.4/16, [2001::1], 10.0.0.0/8, 2.3.0.0/16:7777, "
"[abcd::1]/64:123, *.test.com";
printf("Testing filter: %s\n", filter.get());
pps->LoadHostFilters(filter);
CheckLoopbackURLs(false);
// Check URLs can no longer use filtered proxy
CheckURLs(false);
CheckLocalDomain(true);
CheckPortDomain(true);
// --------------------------------------------------------------------------
// This is space separated. See bug 1346711 comment 4. We check this to keep
// backwards compatibility.
filter = "<local> blabla.com:10";
printf("Testing filter: %s\n", filter.get());
pps->LoadHostFilters(filter);
CheckLoopbackURLs(false);
CheckURLs(true);
CheckLocalDomain(false);
CheckPortDomain(false);
// Check that we don't crash on weird input
filter = "a b c abc:1x2, ,, * ** *.* *:10 :20 :40/12 */12:90";
printf("Testing filter: %s\n", filter.get());
pps->LoadHostFilters(filter);
// Check that filtering works properly when the filter is set to "<local>"
filter = "<local>";
printf("Testing filter: %s\n", filter.get());
pps->LoadHostFilters(filter);
CheckLoopbackURLs(false);
CheckURLs(true);
CheckLocalDomain(false);
CheckPortDomain(true);
// Check that allow_hijacking_localhost works with empty filter
Preferences::SetBool("network.proxy.allow_hijacking_localhost", true);
filter = "";
printf("Testing filter: %s\n", filter.get());
pps->LoadHostFilters(filter);
CheckLoopbackURLs(true);
CheckLocalDomain(true);
CheckURLs(true);
CheckPortDomain(true);
// Check that allow_hijacking_localhost works with non-trivial filter
filter = "127.0.0.1, [::1], localhost, blabla.com:10";
printf("Testing filter: %s\n", filter.get());
pps->LoadHostFilters(filter);
CheckLoopbackURLs(false);
CheckLocalDomain(true);
CheckURLs(true);
CheckPortDomain(false);
}
} // namespace net
} // namespace mozilla
|