content/browser/site_per_process_test.cc - Issue 11416121: Prevent cross-site pages when --site-per-process is passed

Side by Side Diff: content/browser/site_per_process_test.cc

Issue 11416121: Prevent cross-site pages when --site-per-process is passed (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Fix Redirect Bug and Tests Created 8 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
(Empty)
	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
	Charlie Reis 2012/12/05 02:02:58 This file should be named site_per_process_browser This file should be named site_per_process_browsertest.cc. irobert 2012/12/05 19:00:03 Done. Show quoted text On 2012/12/05 02:02:58, creis wrote: > This file should be named site_per_process_browsertest.cc. Done.
	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #include "base/command_line.h"

	6 #include "base/utf_string_conversions.h"

	7 #include "content/browser/web_contents/web_contents_impl.h"

	8 #include "content/public/browser/notification_types.h"

	9 #include "content/public/browser/web_contents_observer.h"

	10 #include "content/public/common/content_switches.h"

	11 #include "content/public/test/browser_test_utils.h"

	12 #include "content/public/test/test_utils.h"

	13 #include "content/shell/shell.h"

	14 #include "content/test/content_browser_test.h"

	15 #include "content/test/content_browser_test_utils.h"

	16

	17 namespace content {

	18 class SitePerProcessTest : public ContentBrowserTest {

	19 public:

	20 SitePerProcessTest() {}

	21

	22 bool NavigateIframeToURL(Shell* window,

	23 const GURL& url,

	24 std::string iframe_id) {

	25 std::string script = "var iframes = document.getElementById(\"" +
	Charlie Reis 2012/12/05 02:02:58 Please use base::StringPrintf. Please use base::StringPrintf. irobert 2012/12/05 19:00:03 Done. Show quoted text On 2012/12/05 02:02:58, creis wrote: > Please use base::StringPrintf. Done.
	26 iframe_id +"\"); iframes.src=\"" +

	27 url.spec()+ "\";";

	28 return content::ExecuteJavaScript(

	29 window->web_contents()->GetRenderViewHost(),
	Charlie Reis 2012/12/05 02:02:58 nit: wrong indent. (Should be 4 spaces in from pr nit: wrong indent. (Should be 4 spaces in from previous line.) irobert 2012/12/05 19:00:03 Done. Show quoted text On 2012/12/05 02:02:58, creis wrote: > nit: wrong indent. (Should be 4 spaces in from previous line.) Done.
	30 L"", ASCIIToWide(script));

	31 }

	32

	33 void EnableSitePerProces() {
	Charlie Reis 2012/12/05 02:02:58 If you put this in SetUpCommandLine, it will apply If you put this in SetUpCommandLine, it will apply to all the tests in this file without having to call it. Here's an example: https://code.google.com/searchframe#OAMlx_jo-ck/src/content/test/layout_brows... irobert 2012/12/05 19:00:03 Done. Show quoted text On 2012/12/05 02:02:58, creis wrote: > If you put this in SetUpCommandLine, it will apply to all the tests in this file > without having to call it. Here's an example: > https://code.google.com/searchframe#OAMlx_jo-ck/src/content/test/layout_brows... Done.
	34 /switches::kSitePerProcess/
	Charlie Reis 2012/12/05 02:02:58 Please use this constant in the line below. (No n Please use this constant in the line below. (No need for this comment.) irobert 2012/12/05 19:00:03 Done. Show quoted text On 2012/12/05 02:02:58, creis wrote: > Please use this constant in the line below. (No need for this comment.) Done.
	35 CommandLine::ForCurrentProcess()->AppendSwitch("site-per-process");

	36 }

	37 };

	38

	39 class SitePerProcessTestWebContentsObserver : public WebContentsObserver {
	Charlie Reis 2012/12/05 02:02:58 nit: SitePerProcessWebContentsObserver would be a nit: SitePerProcessWebContentsObserver would be a slightly shorter name. Let's use that instead. irobert 2012/12/05 19:00:03 Done. Show quoted text On 2012/12/05 02:02:58, creis wrote: > nit: SitePerProcessWebContentsObserver would be a slightly shorter name. Let's > use that instead. Done.
	40 public:

	41 explicit SitePerProcessTestWebContentsObserver(WebContents* web_contents)

	42 : WebContentsObserver(web_contents),

	43 navigation_result_(true) {}

	44 virtual ~SitePerProcessTestWebContentsObserver() {}

	45

	46 virtual void DidFailProvisionalLoad(

	47 int64 frame_id,

	48 bool is_main_frame,

	49 const GURL& validated_url,

	50 int error_code,

	51 const string16& error_description,

	52 RenderViewHost* render_view_host) OVERRIDE {

	53 navigation_url_ = validated_url;

	54 navigation_result_ = false;

	55 }

	56

	57 virtual void DidCommitProvisionalLoadForFrame(

	58 int64 frame_id,

	59 bool is_main_frame,

	60 const GURL& url,

	61 PageTransition transition_type,

	62 RenderViewHost* render_view_host) OVERRIDE{

	63 navigation_url_ = url;

	64 navigation_result_ = true;

	65 }

	66

	67 GURL navigation_url() const {

	68 return navigation_url_;

	69 }

	70

	71 int navigation_result() const { return navigation_result_; }

	72

	73 private:

	74 GURL navigation_url_;

	75 bool navigation_result_;
	Charlie Reis 2012/12/05 02:02:58 navigation_succeeded_ navigation_succeeded_ irobert 2012/12/05 19:00:03 Done. Show quoted text On 2012/12/05 02:02:58, creis wrote: > navigation_succeeded_ Done.
	76

	77 DISALLOW_COPY_AND_ASSIGN(SitePerProcessTestWebContentsObserver);

	78 };

	79

	80

	81 IN_PROC_BROWSER_TEST_F(SitePerProcessTest, CrossSiteIframe) {

	82 EnableSitePerProces();

	83 ASSERT_TRUE(test_server()->Start());

	84 net::TestServer https_server(

	85 net::TestServer::TYPE_HTTPS,

	86 net::TestServer::kLocalhost,

	87 FilePath(FILE_PATH_LITERAL("content/test/data")));

	88 ASSERT_TRUE(https_server.Start());

	89 GURL main_url(test_server()->GetURL("files/site_per_process_main.html"));

	90

	91 content::TitleWatcher title_watcher(shell()->web_contents(),

	92 ASCIIToUTF16("site_per_process_main"));

	93 NavigateToURL(shell(), main_url);

	94 string16 actual_title = title_watcher.WaitAndGetTitle();
	Charlie Reis 2012/12/05 02:02:58 Do we need this TitleWatcher? I think the Navigat Do we need this TitleWatcher? I think the NavigateToURL call should be sufficient. irobert 2012/12/05 19:00:03 The purpose of this is to make sure the main frame The purpose of this is to make sure the main frame navigation complete before the redirection. I think this has been done in the NavigateToURL API. On 2012/12/05 02:02:58, creis wrote: Show quoted text > Do we need this TitleWatcher? I think the NavigateToURL call should be > sufficient.
	95

	96 {

	97 // Load same-site page into Iframe.

	98 GURL http_url(test_server()->GetURL("files/title1.html"));

	99 SitePerProcessTestWebContentsObserver observer(shell()->web_contents());

	100 WindowedNotificationObserver load_observer(
	Charlie Reis 2012/12/05 02:02:58 Perhaps the load_observer should be inside Navigat Perhaps the load_observer should be inside NavigateIframeToURL? That's more consistent with NavigateToURL. irobert 2012/12/05 19:00:03 Done. Show quoted text On 2012/12/05 02:02:58, creis wrote: > Perhaps the load_observer should be inside NavigateIframeToURL? That's more > consistent with NavigateToURL. Done.
	101 NOTIFICATION_LOAD_STOP,

	102 Source<NavigationController>(

	103 &shell()->web_contents()->GetController()));
	Charlie Reis 2012/12/05 02:02:58 nit: Wrong indent. (Will this fit on the previous nit: Wrong indent. (Will this fit on the previous line?) irobert 2012/12/05 19:00:03 Cannot fit on the previous line. 82 chars. On 201 Cannot fit on the previous line. 82 chars. On 2012/12/05 02:02:58, creis wrote: Show quoted text > nit: Wrong indent. (Will this fit on the previous line?)
	104 EXPECT_TRUE(NavigateIframeToURL(shell(), http_url, "test"));

	105 load_observer.Wait();

	106 EXPECT_EQ(observer.navigation_url(), http_url);

	107 EXPECT_TRUE(observer.navigation_result());

	108 }

	109

	110 {

	111 // Load cross-site page into Iframe.

	112 GURL https_url(https_server.GetURL("files/title1.html"));

	113 SitePerProcessTestWebContentsObserver observer(shell()->web_contents());

	114 WindowedNotificationObserver load_observer(

	115 NOTIFICATION_LOAD_STOP,

	116 Source<NavigationController>(

	117 &shell()->web_contents()->GetController()));

	118 EXPECT_TRUE(NavigateIframeToURL(shell(), https_url, "test"));

	119 load_observer.Wait();

	120 EXPECT_EQ(observer.navigation_url(), https_url);

	121 EXPECT_FALSE(observer.navigation_result());

	122 }

	123 }

	124

	125 IN_PROC_BROWSER_TEST_F(SitePerProcessTest, CrossSiteIframeRedirectOnce) {

	126 EnableSitePerProces();

	127

	128 ASSERT_TRUE(test_server()->Start());

	129 net::TestServer https_server(

	130 net::TestServer::TYPE_HTTPS,

	131 net::TestServer::kLocalhost,

	132 FilePath(FILE_PATH_LITERAL("content/test/data")));

	133 ASSERT_TRUE(https_server.Start());

	134

	135 GURL main_url(test_server()->GetURL("files/site_per_process_main.html"));

	136 GURL http_url(test_server()->GetURL("files/title1.html"));

	137 GURL https_url(https_server.GetURL("files/title1.html"));

	138

	139 content::TitleWatcher title_watcher(shell()->web_contents(),

	140 ASCIIToUTF16("site_per_process_main"));

	141 NavigateToURL(shell(), main_url);

	142 string16 actual_title = title_watcher.WaitAndGetTitle();

	143

	144 SitePerProcessTestWebContentsObserver observer(shell()->web_contents());

	145 {

	146 // Load cross-site client-redirect page into Iframe.

	147 // Should be blocked.

	148 GURL client_redirect_https_url(https_server.GetURL(

	149 "client-redirect?files/title1.html"));

	150 WindowedNotificationObserver load_observer(

	151 NOTIFICATION_LOAD_STOP,

	152 Source<NavigationController>(

	153 &shell()->web_contents()->GetController()));

	154 EXPECT_TRUE(NavigateIframeToURL(shell(),

	155 client_redirect_https_url, "test"));

	156 load_observer.Wait();

	157 // DidFailProvisionalLoad when navigating to client_redirect_https_url.

	158 EXPECT_EQ(observer.navigation_url(), client_redirect_https_url);

	159 EXPECT_FALSE(observer.navigation_result());

	160 }

	161

	162 {

	163 // Load cross-site server-redirect page into Iframe,

	164 // which redirects to same-site page.

	165 GURL server_redirect_http_url(https_server.GetURL(

	166 "server-redirect?" + http_url.spec()));

	167 WindowedNotificationObserver load_observer(

	168 NOTIFICATION_LOAD_STOP,

	169 Source<NavigationController>(

	170 &shell()->web_contents()->GetController()));

	171 EXPECT_TRUE(NavigateIframeToURL(shell(),

	172 server_redirect_http_url, "test"));

	173 load_observer.Wait();

	174 EXPECT_EQ(observer.navigation_url(), http_url);

	175 EXPECT_TRUE(observer.navigation_result());

	176 }

	177

	178 {

	179 // Load cross-site server-redirect page into Iframe,

	180 // which redirects to cross-site page.

	181 GURL server_redirect_http_url(https_server.GetURL(

	182 "server-redirect?files/title1.html"));

	183 WindowedNotificationObserver load_observer(

	184 NOTIFICATION_LOAD_STOP,

	185 Source<NavigationController>(

	186 &shell()->web_contents()->GetController()));

	187 EXPECT_TRUE(NavigateIframeToURL(shell(),

	188 server_redirect_http_url, "test"));

	189 load_observer.Wait();

	190

	191 // DidFailProvisionalLoad when navigating to https_url.

	192 EXPECT_EQ(observer.navigation_url(), https_url);

	193 EXPECT_FALSE(observer.navigation_result());

	194 }

	195

	196 {

	197 // Load same-site server-redirect page into Iframe.

	198 // which redirects to same-site page.

	199 GURL server_redirect_http_url(test_server()->GetURL(

	200 "server-redirect?files/title1.html"));

	201 WindowedNotificationObserver load_observer(

	202 NOTIFICATION_LOAD_STOP,

	203 Source<NavigationController>(

	204 &shell()->web_contents()->GetController()));

	205 EXPECT_TRUE(NavigateIframeToURL(shell(),

	206 server_redirect_http_url, "test"));

	207 load_observer.Wait();

	208 EXPECT_EQ(observer.navigation_url(), http_url);

	209 EXPECT_TRUE(observer.navigation_result());

	210 }

	211

	212 {

	213 // Load same-site client-redirect page into Iframe,

	214 // which redirects to same-site page.

	215 GURL client_redirect_http_url(test_server()->GetURL(

	216 "client-redirect?files/title1.html"));

	217 WindowedNotificationObserver load_observer(

	218 NOTIFICATION_LOAD_STOP,

	219 Source<NavigationController>(

	220 &shell()->web_contents()->GetController()));

	221 EXPECT_TRUE(NavigateIframeToURL(shell(),

	222 client_redirect_http_url, "test"));

	223 load_observer.Wait();

	224 EXPECT_EQ(observer.navigation_url(), client_redirect_http_url);

	225 EXPECT_TRUE(observer.navigation_result());

	226 }

	227 }

	228

	229 IN_PROC_BROWSER_TEST_F(SitePerProcessTest, CrossSiteIframeRedirectTwice) {

	230 EnableSitePerProces();

	231

	232 ASSERT_TRUE(test_server()->Start());

	233 net::TestServer https_server(

	234 net::TestServer::TYPE_HTTPS,

	235 net::TestServer::kLocalhost,

	236 FilePath(FILE_PATH_LITERAL("content/test/data")));

	237 ASSERT_TRUE(https_server.Start());

	238

	239 GURL main_url(test_server()->GetURL("files/site_per_process_main.html"));

	240 GURL http_url(test_server()->GetURL("files/title1.html"));

	241 GURL https_url(https_server.GetURL("files/title1.html"));

	242

	243 content::TitleWatcher title_watcher(shell()->web_contents(),

	244 ASCIIToUTF16("site_per_process_main"));

	245 NavigateToURL(shell(), main_url);

	246 string16 actual_title = title_watcher.WaitAndGetTitle();

	247

	248 SitePerProcessTestWebContentsObserver observer(shell()->web_contents());

	249 {

	250 // Load client-redirect page pointed to a cross-site client-redirect page,

	251 // which eventually redirects back to same-site page.

	252 GURL client_redirect_https_url(https_server.GetURL(

	253 "client-redirect?" + http_url.spec()));

	254 GURL client_redirect_http_url(test_server()->GetURL(

	255 "client-redirect?" + client_redirect_https_url.spec()));

	256 WindowedNotificationObserver load_observer(

	257 NOTIFICATION_LOAD_STOP,

	258 Source<NavigationController>(

	259 &shell()->web_contents()->GetController()));

	260 EXPECT_TRUE(NavigateIframeToURL(shell(), client_redirect_http_url, "test"));

	261 load_observer.Wait();

	262 // We should check until second client redirect get cancelled.

	263 WindowedNotificationObserver load_observer2(

	264 NOTIFICATION_LOAD_STOP,

	265 Source<NavigationController>(

	266 &shell()->web_contents()->GetController()));

	267 load_observer2.Wait();

	268

	269 // DidFailProvisionalLoad when navigating to client_redirect_https_url.

	270 EXPECT_EQ(observer.navigation_url(), client_redirect_https_url);

	271 EXPECT_FALSE(observer.navigation_result());

	272 }

	273

	274 {

	275 // Load server-redirect page pointed to a cross-site server-redirect page,

	276 // which eventually redirect back to same-site page.

	277 GURL server_redirect_https_url(https_server.GetURL(

	278 "server-redirect?" + http_url.spec()));

	279 GURL server_redirect_http_url(test_server()->GetURL(

	280 "server-redirect?" + server_redirect_https_url.spec()));

	281 WindowedNotificationObserver load_observer(

	282 NOTIFICATION_LOAD_STOP,

	283 Source<NavigationController>(

	284 &shell()->web_contents()->GetController()));

	285 EXPECT_TRUE(NavigateIframeToURL(shell(),

	286 server_redirect_http_url, "test"));

	287 load_observer.Wait();

	288 EXPECT_EQ(observer.navigation_url(), http_url);

	289 EXPECT_TRUE(observer.navigation_result());

	290 }

	291

	292 {

	293 // Load server-redirect page pointed to a cross-site server-redirect page,

	294 // which eventually redirects back to cross-site page.

	295 GURL server_redirect_https_url(https_server.GetURL(

	296 "server-redirect?" + https_url.spec()));

	297 GURL server_redirect_http_url(test_server()->GetURL(

	298 "server-redirect?" + server_redirect_https_url.spec()));

	299 WindowedNotificationObserver load_observer(

	300 NOTIFICATION_LOAD_STOP,

	301 Source<NavigationController>(

	302 &shell()->web_contents()->GetController()));

	303 EXPECT_TRUE(NavigateIframeToURL(shell(), server_redirect_http_url, "test"));

	304 load_observer.Wait();

	305

	306 // DidFailProvisionalLoad when navigating to https_url.

	307 EXPECT_EQ(observer.navigation_url(), https_url);

	308 EXPECT_FALSE(observer.navigation_result());

	309 }

	310

	311 {

	312 // Load server-redirect page pointed to a cross-site server-redirect page,

	313 // which eventually redirects back to same-site page.

	314 GURL client_redirect_http_url(https_server.GetURL(

	315 "client-redirect?" + http_url.spec()));

	316 GURL server_redirect_http_url(test_server()->GetURL(

	317 "server-redirect?" + client_redirect_http_url.spec()));

	318 WindowedNotificationObserver load_observer(

	319 NOTIFICATION_LOAD_STOP,

	320 Source<NavigationController>(

	321 &shell()->web_contents()->GetController()));

	322 EXPECT_TRUE(NavigateIframeToURL(shell(), server_redirect_http_url, "test"));

	323 load_observer.Wait();

	324

	325 // DidFailProvisionalLoad when navigating to client_redirect_http_url.

	326 EXPECT_EQ(observer.navigation_url(), client_redirect_http_url);

	327 EXPECT_FALSE(observer.navigation_result());

	328 }

	329 }

	330

	331 }

OLD	NEW

« content/browser/renderer_host/resource_loader.cc ('K') | « content/browser/renderer_host/resource_loader.cc ('k') | content/content_tests.gypi » ('j') | content/content_tests.gypi » ('J')