Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(264)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/child_process_security_policy_unittest.cc

Issue 7064052: Revert 88142 to fix sync_integration_tests offline. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 9 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/test/automation/automation_proxy_uitest.cc ('k') | content/browser/site_instance.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <string> 5 #include <string>
6 6
7 #include "base/basictypes.h" 7 #include "base/basictypes.h"
8 #include "base/file_path.h" 8 #include "base/file_path.h"
9 #include "base/platform_file.h" 9 #include "base/platform_file.h"
10 #include "content/browser/child_process_security_policy.h" 10 #include "content/browser/child_process_security_policy.h"
(...skipping 27 matching lines...) Expand all
38 EXPECT_TRUE(p->IsWebSafeScheme(chrome::kFtpScheme)); 38 EXPECT_TRUE(p->IsWebSafeScheme(chrome::kFtpScheme));
39 EXPECT_TRUE(p->IsWebSafeScheme(chrome::kDataScheme)); 39 EXPECT_TRUE(p->IsWebSafeScheme(chrome::kDataScheme));
40 EXPECT_TRUE(p->IsWebSafeScheme("feed")); 40 EXPECT_TRUE(p->IsWebSafeScheme("feed"));
41 EXPECT_TRUE(p->IsWebSafeScheme(chrome::kExtensionScheme)); 41 EXPECT_TRUE(p->IsWebSafeScheme(chrome::kExtensionScheme));
42 EXPECT_TRUE(p->IsWebSafeScheme(chrome::kBlobScheme)); 42 EXPECT_TRUE(p->IsWebSafeScheme(chrome::kBlobScheme));
43 EXPECT_TRUE(p->IsWebSafeScheme(chrome::kFileSystemScheme)); 43 EXPECT_TRUE(p->IsWebSafeScheme(chrome::kFileSystemScheme));
44 44
45 EXPECT_FALSE(p->IsWebSafeScheme("registered-web-safe-scheme")); 45 EXPECT_FALSE(p->IsWebSafeScheme("registered-web-safe-scheme"));
46 p->RegisterWebSafeScheme("registered-web-safe-scheme"); 46 p->RegisterWebSafeScheme("registered-web-safe-scheme");
47 EXPECT_TRUE(p->IsWebSafeScheme("registered-web-safe-scheme")); 47 EXPECT_TRUE(p->IsWebSafeScheme("registered-web-safe-scheme"));
48
49 EXPECT_FALSE(p->IsWebSafeScheme(chrome::kChromeUIScheme));
50 } 48 }
51 49
52 TEST_F(ChildProcessSecurityPolicyTest, IsPseudoSchemeTest) { 50 TEST_F(ChildProcessSecurityPolicyTest, IsPseudoSchemeTest) {
53 ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance(); 51 ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance();
54 52
55 EXPECT_TRUE(p->IsPseudoScheme(chrome::kAboutScheme)); 53 EXPECT_TRUE(p->IsPseudoScheme(chrome::kAboutScheme));
56 EXPECT_TRUE(p->IsPseudoScheme(chrome::kJavaScriptScheme)); 54 EXPECT_TRUE(p->IsPseudoScheme(chrome::kJavaScriptScheme));
57 EXPECT_TRUE(p->IsPseudoScheme(chrome::kViewSourceScheme)); 55 EXPECT_TRUE(p->IsPseudoScheme(chrome::kViewSourceScheme));
58 56
59 EXPECT_FALSE(p->IsPseudoScheme("registered-pseudo-scheme")); 57 EXPECT_FALSE(p->IsPseudoScheme("registered-pseudo-scheme"));
60 p->RegisterPseudoScheme("registered-pseudo-scheme"); 58 p->RegisterPseudoScheme("registered-pseudo-scheme");
61 EXPECT_TRUE(p->IsPseudoScheme("registered-pseudo-scheme")); 59 EXPECT_TRUE(p->IsPseudoScheme("registered-pseudo-scheme"));
62
63 EXPECT_FALSE(p->IsPseudoScheme(chrome::kChromeUIScheme));
64 } 60 }
65 61
66 TEST_F(ChildProcessSecurityPolicyTest, IsDisabledSchemeTest) { 62 TEST_F(ChildProcessSecurityPolicyTest, IsDisabledSchemeTest) {
67 ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance(); 63 ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance();
68 64
69 EXPECT_FALSE(p->IsDisabledScheme("evil-scheme")); 65 EXPECT_FALSE(p->IsDisabledScheme("evil-scheme"));
70 std::set<std::string> disabled_set; 66 std::set<std::string> disabled_set;
71 disabled_set.insert("evil-scheme"); 67 disabled_set.insert("evil-scheme");
72 p->RegisterDisabledSchemes(disabled_set); 68 p->RegisterDisabledSchemes(disabled_set);
73 EXPECT_TRUE(p->IsDisabledScheme("evil-scheme")); 69 EXPECT_TRUE(p->IsDisabledScheme("evil-scheme"));
(...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after
116 112
117 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:memory"))); 113 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:memory")));
118 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:crash"))); 114 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:crash")));
119 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:cache"))); 115 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:cache")));
120 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:hang"))); 116 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:hang")));
121 117
122 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("aBoUt:memory"))); 118 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("aBoUt:memory")));
123 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:CrASh"))); 119 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("about:CrASh")));
124 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("abOuT:cAChe"))); 120 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("abOuT:cAChe")));
125 121
126 // These requests for about: pages should be denied.
127 p->GrantRequestURL(kRendererID, GURL(chrome::kTestMemoryURL)); 122 p->GrantRequestURL(kRendererID, GURL(chrome::kTestMemoryURL));
128 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL(chrome::kTestMemoryURL))); 123 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL(chrome::kTestMemoryURL)));
129 124
130 p->GrantRequestURL(kRendererID, GURL(chrome::kAboutCrashURL)); 125 p->GrantRequestURL(kRendererID, GURL(chrome::kAboutCrashURL));
131 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL(chrome::kAboutCrashURL))); 126 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL(chrome::kAboutCrashURL)));
132 127
133 p->GrantRequestURL(kRendererID, GURL(chrome::kTestCacheURL)); 128 p->GrantRequestURL(kRendererID, GURL(chrome::kTestCacheURL));
134 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL(chrome::kTestCacheURL))); 129 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL(chrome::kTestCacheURL)));
135 130
136 p->GrantRequestURL(kRendererID, GURL(chrome::kTestHangURL)); 131 p->GrantRequestURL(kRendererID, GURL(chrome::kTestHangURL));
137 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL(chrome::kTestHangURL))); 132 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL(chrome::kTestHangURL)));
138 133
139 // These requests for chrome:// pages should be granted.
140 p->GrantRequestURL(kRendererID, GURL(chrome::kTestNewTabURL));
141 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL(chrome::kTestNewTabURL)));
142
143 p->GrantRequestURL(kRendererID, GURL(chrome::kTestHistoryURL));
144 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL(chrome::kTestHistoryURL)));
145
146 p->GrantRequestURL(kRendererID, GURL(chrome::kTestBookmarksURL));
147 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL(chrome::kTestBookmarksURL)));
148
149 p->Remove(kRendererID); 134 p->Remove(kRendererID);
150 } 135 }
151 136
152 TEST_F(ChildProcessSecurityPolicyTest, JavaScriptTest) { 137 TEST_F(ChildProcessSecurityPolicyTest, JavaScriptTest) {
153 ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance(); 138 ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance();
154 139
155 p->Add(kRendererID); 140 p->Add(kRendererID);
156 141
157 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("javascript:alert('xss')"))); 142 EXPECT_FALSE(p->CanRequestURL(kRendererID, GURL("javascript:alert('xss')")));
158 p->GrantRequestURL(kRendererID, GURL("javascript:alert('xss')")); 143 p->GrantRequestURL(kRendererID, GURL("javascript:alert('xss')"));
(...skipping 267 matching lines...) Expand 10 before | Expand all | Expand 10 after
426 411
427 // Renderers are added and removed on the UI thread, but the policy can be 412 // Renderers are added and removed on the UI thread, but the policy can be
428 // queried on the IO thread. The ChildProcessSecurityPolicy needs to be 413 // queried on the IO thread. The ChildProcessSecurityPolicy needs to be
429 // prepared to answer policy questions about renderers who no longer exist. 414 // prepared to answer policy questions about renderers who no longer exist.
430 415
431 // In this case, we default to secure behavior. 416 // In this case, we default to secure behavior.
432 EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); 417 EXPECT_FALSE(p->CanRequestURL(kRendererID, url));
433 EXPECT_FALSE(p->CanReadFile(kRendererID, file)); 418 EXPECT_FALSE(p->CanReadFile(kRendererID, file));
434 EXPECT_FALSE(p->HasWebUIBindings(kRendererID)); 419 EXPECT_FALSE(p->HasWebUIBindings(kRendererID));
435 } 420 }
OLDNEW
« no previous file with comments | « chrome/test/automation/automation_proxy_uitest.cc ('k') | content/browser/site_instance.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698