content/browser/child_process_security_policy_unittest.cc - Issue 7873007: Restricting redirects to chrome:

Unified Diff: content/browser/child_process_security_policy_unittest.cc

Issue 7873007: Restricting redirects to chrome: (Closed) Base URL: http://git.chromium.org/git/chromium.git@trunk

Patch Set: Improving that path so it doesn't break things Created 9 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

Index: content/browser/child_process_security_policy_unittest.cc

diff --git a/content/browser/child_process_security_policy_unittest.cc b/content/browser/child_process_security_policy_unittest.cc

index 673766afc20e882849b784de9451db704a9f1c9c..2e8bd376610054a6f61cf45423512b435cc746b3 100644

--- a/content/browser/child_process_security_policy_unittest.cc

+++ b/content/browser/child_process_security_policy_unittest.cc

@@ -56,6 +56,26 @@ TEST_F(ChildProcessSecurityPolicyTest, IsWebSafeSchemeTest) {

EXPECT_FALSE(p->IsWebSafeScheme(chrome::kChromeUIScheme));

}

+TEST_F(ChildProcessSecurityPolicyTest, IsWebUISchemeTest) {

+ ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance();

+ EXPECT_FALSE(p->IsWebUIScheme(chrome::kHttpScheme));

+ EXPECT_FALSE(p->IsWebUIScheme(chrome::kHttpsScheme));

+ EXPECT_FALSE(p->IsWebUIScheme(chrome::kFtpScheme));

+ EXPECT_FALSE(p->IsWebUIScheme(chrome::kDataScheme));

+ EXPECT_FALSE(p->IsWebUIScheme(chrome::kExtensionScheme));

+ EXPECT_FALSE(p->IsWebUIScheme(chrome::kBlobScheme));

+ EXPECT_FALSE(p->IsWebUIScheme(chrome::kFileSystemScheme));

+ EXPECT_FALSE(p->IsWebUIScheme(chrome::kAboutScheme));

+ EXPECT_FALSE(p->IsWebUIScheme(chrome::kJavaScriptScheme));

+ EXPECT_FALSE(p->IsWebUIScheme(chrome::kViewSourceScheme));

+ EXPECT_TRUE(p->IsWebUIScheme(chrome::kChromeUIScheme));

+ EXPECT_FALSE(p->IsWebUIScheme("registered-webui-scheme"));

+ p->RegisterWebUIScheme("registered-webui-scheme");

+ EXPECT_TRUE(p->IsWebUIScheme("registered-webui-scheme"));

TEST_F(ChildProcessSecurityPolicyTest, IsPseudoSchemeTest) {

ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance();

@@ -241,6 +261,21 @@ TEST_F(ChildProcessSecurityPolicyTest, ViewSource) {

p->Remove(kRendererID);

}

+TEST_F(ChildProcessSecurityPolicyTest, CanRedirectURL) {

+ ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance();

+ p->Add(kRendererID);

+ // Behaves the same as CanRequestURL, except for chrome: Urls

+ EXPECT_TRUE(p->CanRedirectURL(kRendererID, GURL("http://www.google.com")));

+ EXPECT_TRUE(p->CanRedirectURL(kRendererID, GURL("evil-scheme://path")));

+ EXPECT_FALSE(p->CanRedirectURL(kRendererID, GURL("chrome://settings")));

+ EXPECT_FALSE(p->CanRedirectURL(kRendererID, GURL("chrome://flags")));

+ EXPECT_FALSE(p->CanRedirectURL(kRendererID, GURL("about://flags")));

+ p->Remove(kRendererID);

TEST_F(ChildProcessSecurityPolicyTest, CanReadFiles) {

ChildProcessSecurityPolicy* p = ChildProcessSecurityPolicy::GetInstance();