5 files changed, 463 insertions, 0 deletions
diff --git a/Runtime/Managed/CrossDomainPolicyParser/Tests/CrossDomainPolicyParserTests.csproj b/Runtime/Managed/CrossDomainPolicyParser/Tests/CrossDomainPolicyParserTests.csproj
new file mode 100644
index 0000000..0e27635
--- /dev/null
+++ b/Runtime/Managed/CrossDomainPolicyParser/Tests/CrossDomainPolicyParserTests.csproj
@@ -0,0 +1,71 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="3.5" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <PropertyGroup>
+    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
+    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
+    <ProductVersion>9.0.30729</ProductVersion>
+    <SchemaVersion>2.0</SchemaVersion>
+    <ProjectGuid>{5C04DB87-3B34-43B4-B164-86CE4361DC7B}</ProjectGuid>
+    <OutputType>Library</OutputType>
+    <AppDesignerFolder>Properties</AppDesignerFolder>
+    <RootNamespace>CrossDomainPolicyParserTests</RootNamespace>
+    <AssemblyName>CrossDomainPolicyParserTests</AssemblyName>
+    <TargetFrameworkVersion>v3.5</TargetFrameworkVersion>
+    <FileAlignment>512</FileAlignment>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
+    <DebugSymbols>true</DebugSymbols>
+    <DebugType>full</DebugType>
+    <Optimize>false</Optimize>
+    <OutputPath>bin\Debug\</OutputPath>
+    <DefineConstants>DEBUG;TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
+    <DebugType>pdbonly</DebugType>
+    <Optimize>true</Optimize>
+    <OutputPath>bin\Release\</OutputPath>
+    <DefineConstants>TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <ItemGroup>
+    <Reference Include="System" />
+    <Reference Include="System.Core">
+      <RequiredTargetFramework>3.5</RequiredTargetFramework>
+    </Reference>
+    <Reference Include="System.Xml.Linq">
+      <RequiredTargetFramework>3.5</RequiredTargetFramework>
+    </Reference>
+    <Reference Include="System.Data.DataSetExtensions">
+      <RequiredTargetFramework>3.5</RequiredTargetFramework>
+    </Reference>
+    <Reference Include="System.Data" />
+    <Reference Include="System.Xml" />
+    <Reference Include="nunit.framework, Version=2.5.3.9345, Culture=neutral, PublicKeyToken=96d09a1eb7f44a77">
+      <SpecificVersion>False</SpecificVersion>
+      <HintPath>..\..\..\..\Tools\NUnit\bin\nunit.framework.dll</HintPath>
+    </Reference>
+  </ItemGroup>
+  <ItemGroup>
+    <Compile Include="FlashPolicyParserSocketTests.cs" />
+    <Compile Include="FlashPolicyParserTests.cs" />
+    <Compile Include="Properties\AssemblyInfo.cs" />
+    <Compile Include="UriToolsTests.cs" />
+  </ItemGroup>
+  <ItemGroup>
+    <ProjectReference Include="..\CrossDomainPolicyParser.csproj">
+      <Project>{31C2F345-D887-49DD-A1F6-741CABD74A42}</Project>
+      <Name>CrossDomainPolicyParser</Name>
+    </ProjectReference>
+  </ItemGroup>
+  <Import Project="$(MSBuildBinPath)\Microsoft.CSharp.targets" />
+  <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
+       Other similar extension points exist, see Microsoft.Common.targets.
+  <Target Name="BeforeBuild">
+  </Target>
+  <Target Name="AfterBuild">
+  </Target>
+  -->
+</Project>
+\ No newline at end of file
diff --git a/Runtime/Managed/CrossDomainPolicyParser/Tests/FlashPolicyParserSocketTests.cs b/Runtime/Managed/CrossDomainPolicyParser/Tests/FlashPolicyParserSocketTests.cs
new file mode 100644
index 0000000..8e0f62b
--- /dev/null
+++ b/Runtime/Managed/CrossDomainPolicyParser/Tests/FlashPolicyParserSocketTests.cs
@@ -0,0 +1,124 @@
+using System.IO;
+using System.Text;
+using MonoForks.System.Windows.Browser.Net;
+using NUnit.Framework;
+
+namespace CrossDomainPolicyParserTests
+{
+	[TestFixture]
+	public class FlashPolicyParserSocketTests
+	{
+		[Test]
+		public void AllDomains_AllPorts_IsAllowed()
+		{
+			string policy = @"<?xml version='1.0'?>
+<cross-domain-policy>
+	<allow-access-from domain=""*"" to-ports=""*"" />
+</cross-domain-policy>";
+			Assert.IsTrue(RequestAllowed(policy, 123));
+		}
+
+		[Test]
+		public void AllDomains_AllPorts_Trailing0_IsAllowed()
+		{
+			string policy = @"<?xml version='1.0'?>
+<cross-domain-policy>
+	<allow-access-from domain=""*"" to-ports=""*"" />
+</cross-domain-policy>" + "\0";
+			Assert.IsTrue(RequestAllowed(policy, 123));
+		}
+		
+		[Test]
+		public void AllDomains_UsingSpecificPorts_IsAllowed()
+		{
+			string policy = @"<?xml version='1.0'?>
+<cross-domain-policy>
+	<allow-access-from domain=""*"" to-ports=""1010,1020"" />
+</cross-domain-policy>";
+			Assert.IsTrue(RequestAllowed(policy, 1020));
+		}
+		
+		[Test]
+		public void AllDomains_OutsideSpecificPorts_IsDisAllowed()
+		{
+			string policy = @"<?xml version='1.0'?>
+<cross-domain-policy>
+	<allow-access-from domain=""*"" to-ports=""1010,1030"" />
+</cross-domain-policy>";
+			Assert.IsFalse(RequestAllowed(policy, 1020));
+		}
+		
+		[Test]
+		public void AllDomains_OutsidePortRange_IsDisAllowed()
+		{
+			string policy = @"<?xml version='1.0'?>
+<cross-domain-policy>
+	<allow-access-from domain=""*"" to-ports=""1030-1040"" />
+</cross-domain-policy>";
+			Assert.IsFalse(RequestAllowed(policy, 1020));
+		}		
+		
+		[Test]
+		public void AllDomains_InsidePortRange_IsAllowed()
+		{
+			string policy = @"<?xml version='1.0'?>
+<cross-domain-policy>
+	<allow-access-from domain=""*"" to-ports=""1030-1040"" />
+</cross-domain-policy>";
+			Assert.IsTrue(RequestAllowed(policy, 1035));
+		}
+
+		[Test]
+		public void PolicyReceivedFromHigherThan1024_DisallowsAccessToBelow1024Ports()
+		{
+			string policy = @"<?xml version='1.0'?>
+<cross-domain-policy>
+	<allow-access-from domain=""*"" to-ports=""1000-1040"" />
+</cross-domain-policy>";
+			Assert.IsFalse(RequestAllowed(policy, 1010, 1300));
+		}
+
+		[Test]
+		public void PolicyReceivedFromHigherThan1024_AllowsAccessToAbove1024Ports()
+		{
+			string policy = @"<?xml version='1.0'?>
+<cross-domain-policy>
+	<allow-access-from domain=""*"" to-ports=""1000-1040"" />
+</cross-domain-policy>";
+			Assert.IsTrue(RequestAllowed(policy, 1035, 1300));
+		}
+
+		[Test]
+		public void PolicyReceivedFromLowerThan1024_AllowsAccessToBelow1024Ports()
+		{
+			string policy = @"<?xml version='1.0'?>
+<cross-domain-policy>
+	<allow-access-from domain=""*"" to-ports=""1000-1040"" />
+</cross-domain-policy>";
+			Assert.IsTrue(RequestAllowed(policy, 1010, 1000));
+		}
+		[Test]
+		public void PolicyReceivedFromLowerThan1024_AllowsAccessToAbove1024Ports()
+		{
+			string policy = @"<?xml version='1.0'?>
+<cross-domain-policy>
+	<allow-access-from domain=""*"" to-ports=""1000-1040"" />
+</cross-domain-policy>";
+			Assert.IsTrue(RequestAllowed(policy, 1030, 1000));
+		}
+
+		private bool RequestAllowed(string xdomain, int port)
+		{
+			return RequestAllowed(xdomain, port, 843);
+		}
+
+		private bool RequestAllowed(string xdomain, int port, int policyport)
+		{
+			var ms = new MemoryStream(Encoding.UTF8.GetBytes(xdomain));
+			var policy = FlashCrossDomainPolicy.FromStream(ms);
+			policy.PolicyPort = policyport;
+			return policy.IsSocketConnectionAllowed(port);
+		}	
+		
+	}
+}
+\ No newline at end of file
diff --git a/Runtime/Managed/CrossDomainPolicyParser/Tests/FlashPolicyParserTests.cs b/Runtime/Managed/CrossDomainPolicyParser/Tests/FlashPolicyParserTests.cs
new file mode 100644
index 0000000..976ba92
--- /dev/null
+++ b/Runtime/Managed/CrossDomainPolicyParser/Tests/FlashPolicyParserTests.cs
@@ -0,0 +1,209 @@
+using System;
+using System.Collections.Generic;
+using System.IO;
+using System.Text;
+using MonoForks.Mono.Xml;
+using MonoForks.System.Net;
+using NUnit.Framework;
+using MonoForks.System.Windows.Browser.Net;
+using UnityEngine;
+using Uri = MonoForks.System.Uri;
+
+namespace CrossDomainPolicyParserTests
+{
+	[TestFixture]
+	public class FlashPolicyParserTests
+	{
+		static string XDomainGlobal =
+@"<?xml version=""1.0""?>
+<!DOCTYPE cross-domain-policy SYSTEM ""http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"">
+<cross-domain-policy>
+	<allow-access-from domain=""*"" />
+</cross-domain-policy>";
+
+		string http_hosted = "http://www.host.com/coolgame.unity3d";
+		string https_hosted = "https://secure.host.net/coolgame.unity3d";
+		string file_hosted = "file:///coolgame.unity3";
+
+		[Test]
+		public void GlobalXDomainAcceptsRequestOnSameDomain()
+		{
+			string requesturl = "http://www.mach8.nl/index.html";
+
+			Assert.IsTrue(RequestAllowed(XDomainGlobal, requesturl, http_hosted));
+		}
+		[Test]
+		public void GlobalXDomainAcceptsRequestOnSubDomain()
+		{
+			string requesturl = "http://subdomain.mach8.nl/index.html";
+
+			Assert.IsTrue(RequestAllowed(XDomainGlobal, requesturl, http_hosted));
+		}
+
+		[Test]
+		public void GlobalXDomainAllowsSecureRequestWhenHostedNonSecure()
+		{
+			string requesturl = "https://www.mach8.nl/index.html";
+
+			Assert.IsTrue(RequestAllowed(XDomainGlobal, requesturl, http_hosted));
+		}
+		[Test]
+		public void GlobalXDomainAcceptsSecureRequestWhenHostedSecure()
+		{
+			string requesturl = "https://www.mach8.nl/index.html";
+			
+			Assert.IsTrue(RequestAllowed(XDomainGlobal, requesturl, https_hosted));
+		}
+		[Test]
+		public void GlobalXDomainDeniesNonSecureRequestWhenHostedSecure()
+		{
+			string requesturl = "http://www.mach8.nl/index.html";
+			Assert.IsFalse(RequestAllowed(XDomainGlobal, requesturl, https_hosted));
+		}
+
+		[Test]
+		public void AllDomain_Secure()
+		{
+			string policy = @"<?xml version=""1.0""?>
+<!DOCTYPE cross-domain-policy SYSTEM ""http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"">
+<cross-domain-policy>
+	<allow-access-from domain=""*"" secure=""true""/>
+</cross-domain-policy>";
+
+			Assert.IsTrue(RequestAllowed(policy, "http://www.host.com", http_hosted));
+		}
+
+		[Test]
+		public void WhenRequestURLMatchesWildCardAccessIsAllowed()
+		{
+			string policy = @"<?xml version=""1.0""?>
+<cross-domain-policy>
+	<allow-access-from domain=""*.mydomain.nl"" />
+</cross-domain-policy>";
+
+			Assert.IsTrue(RequestAllowed(policy, "http://subdomain.mydomain.nl", http_hosted));
+		}
+
+		[Test]
+		public void WhenRequestURLDoesNotMatchWildCardAccessIsDisallowed()
+		{
+			string policy = @"<?xml version=""1.0""?>
+<cross-domain-policy>
+	<allow-access-from domain=""*.mydomain.nl"" />
+</cross-domain-policy>";
+
+			Assert.IsFalse(RequestAllowed(policy, "http://subdomain.myotherdomain.nl", http_hosted));
+		}
+
+
+		[Test]
+		public void AllDomains_NoDTD()
+		{
+			string policy = @"<?xml version='1.0'?><cross-domain-policy><allow-access-from domain='*'/></cross-domain-policy>";
+
+			Assert.IsTrue(RequestAllowed(policy, "http://www.host.com", http_hosted));
+		}
+
+		[Test]
+		public void AllDomains_NoXmlHeader()
+		{
+			string policy = @"<cross-domain-policy> 
+	<allow-access-from domain=""*"" to-ports=""*""/> 
+</cross-domain-policy> ";
+			Assert.IsTrue(RequestAllowed(policy, "http://www.host.com", http_hosted));
+		}
+
+		[Test]
+		public void AllDomains_PermittedCrossDomainPolicies_All()
+		{
+			// 'all' is the default value
+			// http://www.adobe.com/devnet/articles/crossdomain_policy_file_spec.html#site-control-permitted-cross-domain-policies
+			string policy = @"<?xml version='1.0'?>
+<!DOCTYPE cross-domain-policy SYSTEM 'http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd'>
+<cross-domain-policy>
+	<site-control permitted-cross-domain-policies='all' />
+	<allow-access-from domain='*' />
+</cross-domain-policy>";
+
+			Assert.IsTrue(RequestAllowed(policy, "http://www.host.com", http_hosted));
+		}
+
+		[Test]
+		public void AllDomains_PermittedCrossDomainPolicies_MasterOnly()
+		{
+			string policy = @"<?xml version='1.0'?>
+<!DOCTYPE cross-domain-policy SYSTEM 'http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd'>
+<cross-domain-policy>
+	<site-control permitted-cross-domain-policies='master-only' />
+	<allow-access-from domain='*' />
+</cross-domain-policy>";
+
+			Assert.IsTrue(RequestAllowed(policy, "http://www.host.com", http_hosted));
+		}
+
+		[Test]
+		public void AllDomains_PermittedCrossDomainPolicies_None()
+		{
+			string policy = @"<?xml version='1.0'?>
+<!DOCTYPE cross-domain-policy SYSTEM 'http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd'>
+<cross-domain-policy>
+	<site-control permitted-cross-domain-policies='none' />
+	<allow-access-from domain='*' />
+</cross-domain-policy>";
+			Assert.IsFalse(RequestAllowed(policy, "http://www.host.com", http_hosted));
+		}
+
+		[Test]
+		public void AllDomains_PermittedCrossDomainPolicies_ByContentType()
+		{
+			string policy = @"<?xml version='1.0'?>
+<!DOCTYPE cross-domain-policy SYSTEM 'http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd'>
+<cross-domain-policy>
+	<site-control permitted-cross-domain-policies='by-content-type' />
+	<allow-access-from domain='*' />
+</cross-domain-policy>";
+			Assert.IsFalse(RequestAllowed(policy, "http://www.host.com", http_hosted));
+		}
+
+		[Test]
+		public void AllDomains_PermittedCrossDomainPolicies_ByFtpFilename()
+		{
+			string policy = @"<?xml version='1.0'?>
+<!DOCTYPE cross-domain-policy SYSTEM 'http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd'>
+<cross-domain-policy>
+	<site-control permitted-cross-domain-policies='by-ftp-filename' />
+	<allow-access-from domain='*' />
+</cross-domain-policy>";
+			Assert.IsTrue(RequestAllowed(policy, "http://www.host.com", http_hosted));
+		}
+
+		[Test]
+		[ExpectedException(typeof(MiniParser.XMLError))]
+		public void IllformedPolicyIsRejected()
+		{
+			FlashCrossDomainPolicyFromString("bogus", "http://www.host.com");
+		}
+
+		[Test]
+		[ExpectedException(typeof(ArgumentException))]
+		public void EmptyPolicyStringIsRejected()
+		{
+			FlashCrossDomainPolicyFromString("", "http://www.host.com");
+		}
+
+		private bool RequestAllowed(string xdomain, string requesturl, string hosturl)
+		{
+			FlashCrossDomainPolicy policy = FlashCrossDomainPolicyFromString(xdomain, hosturl);
+			var wr = new WebRequest(new Uri(requesturl), new Dictionary<string, string>());
+			return policy.IsAllowed(wr);
+		}
+
+		private FlashCrossDomainPolicy FlashCrossDomainPolicyFromString(string xdomain, string hosturl)
+		{
+			UnityCrossDomainHelper.SetWebSecurityHostUriDelegate(() => hosturl);
+
+			var ms = new MemoryStream(Encoding.UTF8.GetBytes(xdomain));
+			return FlashCrossDomainPolicy.FromStream(ms);
+		}
+	}
+}
diff --git a/Runtime/Managed/CrossDomainPolicyParser/Tests/Properties/AssemblyInfo.cs b/Runtime/Managed/CrossDomainPolicyParser/Tests/Properties/AssemblyInfo.cs
new file mode 100644
index 0000000..5fd4c99
--- /dev/null
+++ b/Runtime/Managed/CrossDomainPolicyParser/Tests/Properties/AssemblyInfo.cs
@@ -0,0 +1,36 @@
+using System.Reflection;
+using System.Runtime.CompilerServices;
+using System.Runtime.InteropServices;
+
+// General Information about an assembly is controlled through the following 
+// set of attributes. Change these attribute values to modify the information
+// associated with an assembly.
+[assembly: AssemblyTitle("CrossDomainPolicyParserTests")]
+[assembly: AssemblyDescription("")]
+[assembly: AssemblyConfiguration("")]
+[assembly: AssemblyCompany("Microsoft")]
+[assembly: AssemblyProduct("CrossDomainPolicyParserTests")]
+[assembly: AssemblyCopyright("Copyright © Microsoft 2010")]
+[assembly: AssemblyTrademark("")]
+[assembly: AssemblyCulture("")]
+
+// Setting ComVisible to false makes the types in this assembly not visible 
+// to COM components.  If you need to access a type in this assembly from 
+// COM, set the ComVisible attribute to true on that type.
+[assembly: ComVisible(false)]
+
+// The following GUID is for the ID of the typelib if this project is exposed to COM
+[assembly: Guid("c40d4596-1c43-4f37-b7fa-545a543577f3")]
+
+// Version information for an assembly consists of the following four values:
+//
+//      Major Version
+//      Minor Version 
+//      Build Number
+//      Revision
+//
+// You can specify all the values or you can default the Build and Revision Numbers 
+// by using the '*' as shown below:
+// [assembly: AssemblyVersion("1.0.*")]
+[assembly: AssemblyVersion("1.0.0.0")]
+[assembly: AssemblyFileVersion("1.0.0.0")]
diff --git a/Runtime/Managed/CrossDomainPolicyParser/Tests/UriToolsTests.cs b/Runtime/Managed/CrossDomainPolicyParser/Tests/UriToolsTests.cs
new file mode 100644
index 0000000..7a29b00
--- /dev/null
+++ b/Runtime/Managed/CrossDomainPolicyParser/Tests/UriToolsTests.cs
@@ -0,0 +1,23 @@
+using CrossDomainPolicyParser;
+using MonoForks.System;
+using NUnit.Framework;
+
+namespace CrossDomainPolicyParserTests
+{
+	[TestFixture]
+	public class UriToolsTests
+	{
+		[Test]
+		public void MakeUriWorksForRelativeUri()
+		{
+			Uri uri = UriTools.MakeUri("http://mydomain.com/mygame.unity3d", "test.png");
+			Assert.AreEqual("mydomain.com",uri.Host);
+		}
+		[Test]
+		public void MakeUriWorksForAbsoluteUri()
+		{
+			Uri uri = UriTools.MakeUri("http://mydomain.com/mygame.unity3d", "http://www.google.com/test.png");
+			Assert.AreEqual("www.google.com", uri.Host);
+		}
+	}
+}