1// Copyright 2013 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#include "storage/browser/fileapi/sandbox_file_system_backend_delegate.h" 6 7#include "base/basictypes.h" 8#include "base/files/file_util.h" 9#include "base/files/scoped_temp_dir.h" 10#include "base/memory/scoped_ptr.h" 11#include "base/message_loop/message_loop.h" 12#include "base/message_loop/message_loop_proxy.h" 13#include "content/public/test/test_file_system_options.h" 14#include "storage/browser/fileapi/file_system_url.h" 15#include "testing/gtest/include/gtest/gtest.h" 16#include "url/gurl.h" 17 18using storage::FileSystemURL; 19 20namespace content { 21 22namespace { 23 24FileSystemURL CreateFileSystemURL(const char* path) { 25 const GURL kOrigin("http://foo/"); 26 return storage::FileSystemURL::CreateForTest( 27 kOrigin, 28 storage::kFileSystemTypeTemporary, 29 base::FilePath::FromUTF8Unsafe(path)); 30} 31 32} // namespace 33 34class SandboxFileSystemBackendDelegateTest : public testing::Test { 35 protected: 36 virtual void SetUp() { 37 ASSERT_TRUE(data_dir_.CreateUniqueTempDir()); 38 delegate_.reset(new storage::SandboxFileSystemBackendDelegate( 39 NULL /* quota_manager_proxy */, 40 base::MessageLoopProxy::current().get(), 41 data_dir_.path(), 42 NULL /* special_storage_policy */, 43 CreateAllowFileAccessOptions())); 44 } 45 46 bool IsAccessValid(const FileSystemURL& url) const { 47 return delegate_->IsAccessValid(url); 48 } 49 50 base::ScopedTempDir data_dir_; 51 base::MessageLoop message_loop_; 52 scoped_ptr<storage::SandboxFileSystemBackendDelegate> delegate_; 53}; 54 55TEST_F(SandboxFileSystemBackendDelegateTest, IsAccessValid) { 56 // Normal case. 57 EXPECT_TRUE(IsAccessValid(CreateFileSystemURL("a"))); 58 59 // Access to a path with parent references ('..') should be disallowed. 60 EXPECT_FALSE(IsAccessValid(CreateFileSystemURL("a/../b"))); 61 62 // Access from non-allowed scheme should be disallowed. 63 EXPECT_FALSE(IsAccessValid( 64 FileSystemURL::CreateForTest(GURL("unknown://bar"), 65 storage::kFileSystemTypeTemporary, 66 base::FilePath::FromUTF8Unsafe("foo")))); 67 68 // Access with restricted name should be disallowed. 69 EXPECT_FALSE(IsAccessValid(CreateFileSystemURL("."))); 70 EXPECT_FALSE(IsAccessValid(CreateFileSystemURL(".."))); 71 72 // This is also disallowed due to Windows XP parent path handling. 73 EXPECT_FALSE(IsAccessValid(CreateFileSystemURL("..."))); 74 75 // These are identified as unsafe cases due to weird path handling 76 // on Windows. 77 EXPECT_FALSE(IsAccessValid(CreateFileSystemURL(" .."))); 78 EXPECT_FALSE(IsAccessValid(CreateFileSystemURL(".. "))); 79 80 // Similar but safe cases. 81 EXPECT_TRUE(IsAccessValid(CreateFileSystemURL(" ."))); 82 EXPECT_TRUE(IsAccessValid(CreateFileSystemURL(". "))); 83 EXPECT_TRUE(IsAccessValid(CreateFileSystemURL("b."))); 84 EXPECT_TRUE(IsAccessValid(CreateFileSystemURL(".b"))); 85 86 // A path that looks like a drive letter. 87 EXPECT_TRUE(IsAccessValid(CreateFileSystemURL("c:"))); 88} 89 90} // namespace content 91