Blame - core/tests/coretests/src/android/net/http/CookiesTest.java - platform/frameworks/base

blob: a53330e7b42a16432c5c9bb8e20c2532c0aef20d [file] [log] [blame]

Jesse Wilson	2102bde	2010-10-14 15:18:45 -0700	[diff] [blame]	1	/*
				2	* Copyright (C) 2010 The Android Open Source Project
				3	*
				4	* Licensed under the Apache License, Version 2.0 (the "License");
				5	* you may not use this file except in compliance with the License.
				6	* You may obtain a copy of the License at
				7	*
				8	* http://www.apache.org/licenses/LICENSE-2.0
				9	*
				10	* Unless required by applicable law or agreed to in writing, software
				11	* distributed under the License is distributed on an "AS IS" BASIS,
				12	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
				13	* See the License for the specific language governing permissions and
				14	* limitations under the License.
				15	*/
				16
				17	package android.net.http;
				18
Jesse Wilson	7ad00e6	2011-06-07 08:06:50 -0700	[diff] [blame]	19	import com.google.mockwebserver.MockResponse;
				20	import com.google.mockwebserver.MockWebServer;
				21	import com.google.mockwebserver.RecordedRequest;
Jesse Wilson	2102bde	2010-10-14 15:18:45 -0700	[diff] [blame]	22	import java.io.ByteArrayOutputStream;
				23	import java.io.IOException;
				24	import java.net.URISyntaxException;
Jesse Wilson	40811b0	2010-11-09 10:02:05 -0800	[diff] [blame]	25	import java.util.List;
Jesse Wilson	2102bde	2010-10-14 15:18:45 -0700	[diff] [blame]	26	import java.util.logging.Logger;
				27	import java.util.logging.SimpleFormatter;
				28	import java.util.logging.StreamHandler;
				29	import junit.framework.TestCase;
Jesse Wilson	40811b0	2010-11-09 10:02:05 -0800	[diff] [blame]	30	import org.apache.http.HttpHost;
				31	import org.apache.http.HttpResponse;
Jesse Wilson	2102bde	2010-10-14 15:18:45 -0700	[diff] [blame]	32	import org.apache.http.client.HttpClient;
				33	import org.apache.http.client.methods.HttpGet;
Jesse Wilson	40811b0	2010-11-09 10:02:05 -0800	[diff] [blame]	34	import org.apache.http.conn.params.ConnRoutePNames;
Jesse Wilson	2102bde	2010-10-14 15:18:45 -0700	[diff] [blame]	35	import org.apache.http.impl.client.DefaultHttpClient;
Jesse Wilson	2102bde	2010-10-14 15:18:45 -0700	[diff] [blame]	36
				37	public final class CookiesTest extends TestCase {
				38
Neil Fuller	6f04b2e	2016-06-28 18:29:03 +0100	[diff] [blame]	39	private MockWebServer server;
				40
				41	@Override
				42	protected void setUp() throws Exception {
				43	super.setUp();
				44	server = new MockWebServer();
				45	}
Jesse Wilson	2102bde	2010-10-14 15:18:45 -0700	[diff] [blame]	46
				47	@Override protected void tearDown() throws Exception {
				48	server.shutdown();
				49	super.tearDown();
				50	}
				51
				52	/**
				53	* Test that we don't log potentially sensitive cookie values.
				54	* http://b/3095990
				55	*/
				56	public void testCookiesAreNotLogged() throws IOException, URISyntaxException {
				57	// enqueue an HTTP response with a cookie that will be rejected
				58	server.enqueue(new MockResponse()
				59	.addHeader("Set-Cookie: password=secret; Domain=fake.domain"));
				60	server.play();
				61
				62	ByteArrayOutputStream out = new ByteArrayOutputStream();
				63	Logger logger = Logger.getLogger("org.apache.http");
				64	StreamHandler handler = new StreamHandler(out, new SimpleFormatter());
				65	logger.addHandler(handler);
				66	try {
				67	HttpClient client = new DefaultHttpClient();
				68	client.execute(new HttpGet(server.getUrl("/").toURI()));
				69	handler.close();
				70
				71	String log = out.toString("UTF-8");
				72	assertTrue(log, log.contains("password"));
				73	assertTrue(log, log.contains("fake.domain"));
				74	assertFalse(log, log.contains("secret"));
				75
				76	} finally {
				77	logger.removeHandler(handler);
				78	}
				79	}
Jesse Wilson	40811b0	2010-11-09 10:02:05 -0800	[diff] [blame]	80
				81	/**
				82	* Test that cookies aren't case-sensitive with respect to hostname.
				83	* http://b/3167208
				84	*/
				85	public void testCookiesWithNonMatchingCase() throws Exception {
				86	// use a proxy so we can manipulate the origin server's host name
				87	server = new MockWebServer();
				88	server.enqueue(new MockResponse()
				89	.addHeader("Set-Cookie: a=first; Domain=my.t-mobile.com")
				90	.addHeader("Set-Cookie: b=second; Domain=.T-mobile.com")
				91	.addHeader("Set-Cookie: c=third; Domain=.t-mobile.com")
				92	.setBody("This response sets some cookies."));
				93	server.enqueue(new MockResponse()
				94	.setBody("This response gets those cookies back."));
				95	server.play();
				96
				97	HttpClient client = new DefaultHttpClient();
				98	client.getParams().setParameter(
				99	ConnRoutePNames.DEFAULT_PROXY, new HttpHost("localhost", server.getPort()));
				100
				101	HttpResponse getCookies = client.execute(new HttpGet("http://my.t-mobile.com/"));
				102	getCookies.getEntity().consumeContent();
				103	server.takeRequest();
				104
				105	HttpResponse sendCookies = client.execute(new HttpGet("http://my.t-mobile.com/"));
				106	sendCookies.getEntity().consumeContent();
				107	RecordedRequest sendCookiesRequest = server.takeRequest();
				108	assertContains(sendCookiesRequest.getHeaders(), "Cookie: a=first; b=second; c=third");
				109	}
				110
				111	private void assertContains(List<String> headers, String header) {
				112	assertTrue(headers.toString(), headers.contains(header));
				113	}
Jesse Wilson	2102bde	2010-10-14 15:18:45 -0700	[diff] [blame]	114	}