OLD | NEW |
(Empty) | |
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "base/utf_string_conversions.h" |
| 6 #include "chrome/browser/browser_thread.h" |
| 7 #include "chrome/browser/extensions/extension_apitest.h" |
| 8 #include "chrome/browser/extensions/extension_host.h" |
| 9 #include "chrome/browser/profiles/profile.h" |
| 10 #include "chrome/browser/renderer_host/render_view_host.h" |
| 11 #include "chrome/browser/tab_contents/tab_contents.h" |
| 12 #include "chrome/browser/ui/browser.h" |
| 13 #include "chrome/common/chrome_switches.h" |
| 14 #include "chrome/common/net/url_request_context_getter.h" |
| 15 #include "chrome/test/ui_test_utils.h" |
| 16 #include "net/base/cookie_store.h" |
| 17 #include "net/base/mock_host_resolver.h" |
| 18 |
| 19 namespace { |
| 20 |
| 21 void GetCookiesOnIOThread( |
| 22 const GURL& url, |
| 23 const scoped_refptr<URLRequestContextGetter>& context_getter, |
| 24 base::WaitableEvent* event, |
| 25 std::string* cookies) { |
| 26 *cookies = context_getter->GetCookieStore()->GetCookies(url); |
| 27 event->Signal(); |
| 28 } |
| 29 |
| 30 class IsolatedAppApiTest : public ExtensionApiTest { |
| 31 public: |
| 32 // Gets the cookie string and size for the given URL, using the context |
| 33 // associated with the currently visible page or app in the given |
| 34 // TabContents. |
| 35 void GetCookies(const GURL& url, TabContents* contents, std::string* value) { |
| 36 if (url.is_valid() && contents) { |
| 37 // Since we are on the UI thread don't call GetURLRequestContext(). |
| 38 // Be sure to get the request context specific to the current app. |
| 39 const Extension* installed_app = |
| 40 contents->render_view_host()->installed_app(); |
| 41 scoped_refptr<URLRequestContextGetter> context_getter = |
| 42 contents->profile()->GetRequestContextForPossibleApp(installed_app); |
| 43 |
| 44 base::WaitableEvent event(true /* manual reset */, |
| 45 false /* not initially signaled */); |
| 46 CHECK(BrowserThread::PostTask( |
| 47 BrowserThread::IO, FROM_HERE, |
| 48 NewRunnableFunction(&GetCookiesOnIOThread, |
| 49 url, context_getter, &event, value))); |
| 50 event.Wait(); |
| 51 } |
| 52 } |
| 53 |
| 54 // Returns whether the given tab's current URL has the given cookie. |
| 55 bool WARN_UNUSED_RESULT HasCookie(TabContents* contents, std::string cookie) { |
| 56 std::string actual_cookie; |
| 57 GetCookies(contents->GetURL(), contents, &actual_cookie); |
| 58 return actual_cookie.find(cookie) != std::string::npos; |
| 59 } |
| 60 }; |
| 61 |
| 62 } // namespace |
| 63 |
| 64 // Tests that cookies set within an isolated app are not visible to normal |
| 65 // pages or other apps. |
| 66 IN_PROC_BROWSER_TEST_F(IsolatedAppApiTest, CookieIsolation) { |
| 67 CommandLine::ForCurrentProcess()->AppendSwitch( |
| 68 switches::kDisablePopupBlocking); |
| 69 CommandLine::ForCurrentProcess()->AppendSwitch( |
| 70 switches::kEnableExperimentalAppManifests); |
| 71 |
| 72 host_resolver()->AddRule("*", "127.0.0.1"); |
| 73 ASSERT_TRUE(test_server()->Start()); |
| 74 |
| 75 ASSERT_TRUE(LoadExtension(test_data_dir_.AppendASCII("isolated_apps/app1"))); |
| 76 ASSERT_TRUE(LoadExtension(test_data_dir_.AppendASCII("isolated_apps/app2"))); |
| 77 |
| 78 // The app under test acts on URLs whose host is "localhost", |
| 79 // so the URLs we navigate to must have host "localhost". |
| 80 GURL base_url = test_server()->GetURL( |
| 81 "files/extensions/api_test/isolated_apps/"); |
| 82 GURL::Replacements replace_host; |
| 83 std::string host_str("localhost"); // Must stay in scope with replace_host. |
| 84 replace_host.SetHostStr(host_str); |
| 85 base_url = base_url.ReplaceComponents(replace_host); |
| 86 |
| 87 browser()->NewTab(); |
| 88 ui_test_utils::NavigateToURL(browser(), base_url.Resolve("app1/main.html")); |
| 89 browser()->NewTab(); |
| 90 ui_test_utils::NavigateToURL(browser(), base_url.Resolve("app2/main.html")); |
| 91 browser()->NewTab(); |
| 92 ui_test_utils::NavigateToURL(browser(), |
| 93 base_url.Resolve("non_app/main.html")); |
| 94 |
| 95 // Ensure first two tabs have installed apps. |
| 96 TabContents* tab1 = browser()->GetTabContentsAt(1); |
| 97 TabContents* tab2 = browser()->GetTabContentsAt(2); |
| 98 TabContents* tab3 = browser()->GetTabContentsAt(3); |
| 99 ASSERT_TRUE(tab1->render_view_host()->installed_app() != NULL); |
| 100 ASSERT_TRUE(tab2->render_view_host()->installed_app() != NULL); |
| 101 ASSERT_TRUE(tab3->render_view_host()->installed_app() == NULL); |
| 102 |
| 103 // Check that each tab sees its own cookie. |
| 104 ASSERT_TRUE(HasCookie(tab1, "app1=3")); |
| 105 ASSERT_TRUE(HasCookie(tab2, "app2=4")); |
| 106 ASSERT_TRUE(HasCookie(tab3, "normalPage=5")); |
| 107 |
| 108 // Check that app1 tab cannot see the other cookies. |
| 109 ASSERT_FALSE(HasCookie(tab1, "app2")); |
| 110 ASSERT_FALSE(HasCookie(tab1, "normalPage")); |
| 111 |
| 112 // Check that app2 tab cannot see the other cookies. |
| 113 ASSERT_FALSE(HasCookie(tab2, "app1")); |
| 114 ASSERT_FALSE(HasCookie(tab2, "normalPage")); |
| 115 |
| 116 // Check that normal tab cannot see the other cookies. |
| 117 ASSERT_FALSE(HasCookie(tab3, "app1")); |
| 118 ASSERT_FALSE(HasCookie(tab3, "app2")); |
| 119 |
| 120 // Check that the non_app iframe cookie is associated with app1 and not the |
| 121 // normal tab. (For now, iframes are always rendered in their parent |
| 122 // process, even if they aren't in the app manifest.) |
| 123 ASSERT_TRUE(HasCookie(tab1, "nonAppFrame=6")); |
| 124 ASSERT_FALSE(HasCookie(tab3, "nonAppFrame")); |
| 125 } |
| 126 |
| 127 // Without the --enable-experimental-app-manifests flag, all the tabs |
| 128 // should see each others' cookies. |
| 129 IN_PROC_BROWSER_TEST_F(IsolatedAppApiTest, CookieIsolationRequiresFlag) { |
| 130 CommandLine::ForCurrentProcess()->AppendSwitch( |
| 131 switches::kDisablePopupBlocking); |
| 132 |
| 133 host_resolver()->AddRule("*", "127.0.0.1"); |
| 134 ASSERT_TRUE(test_server()->Start()); |
| 135 |
| 136 ASSERT_TRUE(LoadExtension(test_data_dir_.AppendASCII("isolated_apps/app1"))); |
| 137 ASSERT_TRUE(LoadExtension(test_data_dir_.AppendASCII("isolated_apps/app2"))); |
| 138 |
| 139 // The app under test acts on URLs whose host is "localhost", |
| 140 // so the URLs we navigate to must have host "localhost". |
| 141 GURL base_url = test_server()->GetURL( |
| 142 "files/extensions/api_test/isolated_apps/"); |
| 143 GURL::Replacements replace_host; |
| 144 std::string host_str("localhost"); // Must stay in scope with replace_host. |
| 145 replace_host.SetHostStr(host_str); |
| 146 base_url = base_url.ReplaceComponents(replace_host); |
| 147 |
| 148 browser()->NewTab(); |
| 149 ui_test_utils::NavigateToURL(browser(), base_url.Resolve("app1/main.html")); |
| 150 browser()->NewTab(); |
| 151 ui_test_utils::NavigateToURL(browser(), base_url.Resolve("app2/main.html")); |
| 152 browser()->NewTab(); |
| 153 ui_test_utils::NavigateToURL(browser(), |
| 154 base_url.Resolve("non_app/main.html")); |
| 155 |
| 156 // Check that tabs see each others' cookies. |
| 157 ASSERT_TRUE(HasCookie(browser()->GetTabContentsAt(1), "app2=4")); |
| 158 ASSERT_TRUE(HasCookie(browser()->GetTabContentsAt(1), "normalPage=5")); |
| 159 ASSERT_TRUE(HasCookie(browser()->GetTabContentsAt(1), "nonAppFrame=6")); |
| 160 ASSERT_TRUE(HasCookie(browser()->GetTabContentsAt(2), "app1=3")); |
| 161 ASSERT_TRUE(HasCookie(browser()->GetTabContentsAt(2), "normalPage=5")); |
| 162 ASSERT_TRUE(HasCookie(browser()->GetTabContentsAt(2), "nonAppFrame=6")); |
| 163 ASSERT_TRUE(HasCookie(browser()->GetTabContentsAt(3), "app1=3")); |
| 164 ASSERT_TRUE(HasCookie(browser()->GetTabContentsAt(3), "app2=4")); |
| 165 ASSERT_TRUE(HasCookie(browser()->GetTabContentsAt(3), "nonAppFrame=6")); |
| 166 } |
OLD | NEW |