Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(759)

Unified Diff: content/browser/site_per_process_test.cc

Issue 11416121: Prevent cross-site pages when --site-per-process is passed (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Fix Redirect Bug and Tests Created 8 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: content/browser/site_per_process_test.cc
diff --git a/content/browser/site_per_process_test.cc b/content/browser/site_per_process_test.cc
new file mode 100644
index 0000000000000000000000000000000000000000..d69455c3fcdae59eb095d39e5d31133132f03e50
--- /dev/null
+++ b/content/browser/site_per_process_test.cc
@@ -0,0 +1,331 @@
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
Charlie Reis 2012/12/05 02:02:58 This file should be named site_per_process_browser
irobert 2012/12/05 19:00:03 Done.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "base/command_line.h"
+#include "base/utf_string_conversions.h"
+#include "content/browser/web_contents/web_contents_impl.h"
+#include "content/public/browser/notification_types.h"
+#include "content/public/browser/web_contents_observer.h"
+#include "content/public/common/content_switches.h"
+#include "content/public/test/browser_test_utils.h"
+#include "content/public/test/test_utils.h"
+#include "content/shell/shell.h"
+#include "content/test/content_browser_test.h"
+#include "content/test/content_browser_test_utils.h"
+
+namespace content {
+class SitePerProcessTest : public ContentBrowserTest {
+ public:
+ SitePerProcessTest() {}
+
+ bool NavigateIframeToURL(Shell* window,
+ const GURL& url,
+ std::string iframe_id) {
+ std::string script = "var iframes = document.getElementById(\"" +
Charlie Reis 2012/12/05 02:02:58 Please use base::StringPrintf.
irobert 2012/12/05 19:00:03 Done.
+ iframe_id +"\"); iframes.src=\"" +
+ url.spec()+ "\";";
+ return content::ExecuteJavaScript(
+ window->web_contents()->GetRenderViewHost(),
Charlie Reis 2012/12/05 02:02:58 nit: wrong indent. (Should be 4 spaces in from pr
irobert 2012/12/05 19:00:03 Done.
+ L"", ASCIIToWide(script));
+ }
+
+ void EnableSitePerProces() {
Charlie Reis 2012/12/05 02:02:58 If you put this in SetUpCommandLine, it will apply
irobert 2012/12/05 19:00:03 Done.
+ /*switches::kSitePerProcess*/
Charlie Reis 2012/12/05 02:02:58 Please use this constant in the line below. (No n
irobert 2012/12/05 19:00:03 Done.
+ CommandLine::ForCurrentProcess()->AppendSwitch("site-per-process");
+ }
+};
+
+class SitePerProcessTestWebContentsObserver : public WebContentsObserver {
Charlie Reis 2012/12/05 02:02:58 nit: SitePerProcessWebContentsObserver would be a
irobert 2012/12/05 19:00:03 Done.
+ public:
+ explicit SitePerProcessTestWebContentsObserver(WebContents* web_contents)
+ : WebContentsObserver(web_contents),
+ navigation_result_(true) {}
+ virtual ~SitePerProcessTestWebContentsObserver() {}
+
+ virtual void DidFailProvisionalLoad(
+ int64 frame_id,
+ bool is_main_frame,
+ const GURL& validated_url,
+ int error_code,
+ const string16& error_description,
+ RenderViewHost* render_view_host) OVERRIDE {
+ navigation_url_ = validated_url;
+ navigation_result_ = false;
+ }
+
+ virtual void DidCommitProvisionalLoadForFrame(
+ int64 frame_id,
+ bool is_main_frame,
+ const GURL& url,
+ PageTransition transition_type,
+ RenderViewHost* render_view_host) OVERRIDE{
+ navigation_url_ = url;
+ navigation_result_ = true;
+ }
+
+ GURL navigation_url() const {
+ return navigation_url_;
+ }
+
+ int navigation_result() const { return navigation_result_; }
+
+ private:
+ GURL navigation_url_;
+ bool navigation_result_;
Charlie Reis 2012/12/05 02:02:58 navigation_succeeded_
irobert 2012/12/05 19:00:03 Done.
+
+ DISALLOW_COPY_AND_ASSIGN(SitePerProcessTestWebContentsObserver);
+};
+
+
+IN_PROC_BROWSER_TEST_F(SitePerProcessTest, CrossSiteIframe) {
+ EnableSitePerProces();
+ ASSERT_TRUE(test_server()->Start());
+ net::TestServer https_server(
+ net::TestServer::TYPE_HTTPS,
+ net::TestServer::kLocalhost,
+ FilePath(FILE_PATH_LITERAL("content/test/data")));
+ ASSERT_TRUE(https_server.Start());
+ GURL main_url(test_server()->GetURL("files/site_per_process_main.html"));
+
+ content::TitleWatcher title_watcher(shell()->web_contents(),
+ ASCIIToUTF16("site_per_process_main"));
+ NavigateToURL(shell(), main_url);
+ string16 actual_title = title_watcher.WaitAndGetTitle();
Charlie Reis 2012/12/05 02:02:58 Do we need this TitleWatcher? I think the Navigat
irobert 2012/12/05 19:00:03 The purpose of this is to make sure the main frame
+
+ {
+ // Load same-site page into Iframe.
+ GURL http_url(test_server()->GetURL("files/title1.html"));
+ SitePerProcessTestWebContentsObserver observer(shell()->web_contents());
+ WindowedNotificationObserver load_observer(
Charlie Reis 2012/12/05 02:02:58 Perhaps the load_observer should be inside Navigat
irobert 2012/12/05 19:00:03 Done.
+ NOTIFICATION_LOAD_STOP,
+ Source<NavigationController>(
+ &shell()->web_contents()->GetController()));
Charlie Reis 2012/12/05 02:02:58 nit: Wrong indent. (Will this fit on the previous
irobert 2012/12/05 19:00:03 Cannot fit on the previous line. 82 chars. On 201
+ EXPECT_TRUE(NavigateIframeToURL(shell(), http_url, "test"));
+ load_observer.Wait();
+ EXPECT_EQ(observer.navigation_url(), http_url);
+ EXPECT_TRUE(observer.navigation_result());
+ }
+
+ {
+ // Load cross-site page into Iframe.
+ GURL https_url(https_server.GetURL("files/title1.html"));
+ SitePerProcessTestWebContentsObserver observer(shell()->web_contents());
+ WindowedNotificationObserver load_observer(
+ NOTIFICATION_LOAD_STOP,
+ Source<NavigationController>(
+ &shell()->web_contents()->GetController()));
+ EXPECT_TRUE(NavigateIframeToURL(shell(), https_url, "test"));
+ load_observer.Wait();
+ EXPECT_EQ(observer.navigation_url(), https_url);
+ EXPECT_FALSE(observer.navigation_result());
+ }
+}
+
+IN_PROC_BROWSER_TEST_F(SitePerProcessTest, CrossSiteIframeRedirectOnce) {
+ EnableSitePerProces();
+
+ ASSERT_TRUE(test_server()->Start());
+ net::TestServer https_server(
+ net::TestServer::TYPE_HTTPS,
+ net::TestServer::kLocalhost,
+ FilePath(FILE_PATH_LITERAL("content/test/data")));
+ ASSERT_TRUE(https_server.Start());
+
+ GURL main_url(test_server()->GetURL("files/site_per_process_main.html"));
+ GURL http_url(test_server()->GetURL("files/title1.html"));
+ GURL https_url(https_server.GetURL("files/title1.html"));
+
+ content::TitleWatcher title_watcher(shell()->web_contents(),
+ ASCIIToUTF16("site_per_process_main"));
+ NavigateToURL(shell(), main_url);
+ string16 actual_title = title_watcher.WaitAndGetTitle();
+
+ SitePerProcessTestWebContentsObserver observer(shell()->web_contents());
+ {
+ // Load cross-site client-redirect page into Iframe.
+ // Should be blocked.
+ GURL client_redirect_https_url(https_server.GetURL(
+ "client-redirect?files/title1.html"));
+ WindowedNotificationObserver load_observer(
+ NOTIFICATION_LOAD_STOP,
+ Source<NavigationController>(
+ &shell()->web_contents()->GetController()));
+ EXPECT_TRUE(NavigateIframeToURL(shell(),
+ client_redirect_https_url, "test"));
+ load_observer.Wait();
+ // DidFailProvisionalLoad when navigating to client_redirect_https_url.
+ EXPECT_EQ(observer.navigation_url(), client_redirect_https_url);
+ EXPECT_FALSE(observer.navigation_result());
+ }
+
+ {
+ // Load cross-site server-redirect page into Iframe,
+ // which redirects to same-site page.
+ GURL server_redirect_http_url(https_server.GetURL(
+ "server-redirect?" + http_url.spec()));
+ WindowedNotificationObserver load_observer(
+ NOTIFICATION_LOAD_STOP,
+ Source<NavigationController>(
+ &shell()->web_contents()->GetController()));
+ EXPECT_TRUE(NavigateIframeToURL(shell(),
+ server_redirect_http_url, "test"));
+ load_observer.Wait();
+ EXPECT_EQ(observer.navigation_url(), http_url);
+ EXPECT_TRUE(observer.navigation_result());
+ }
+
+ {
+ // Load cross-site server-redirect page into Iframe,
+ // which redirects to cross-site page.
+ GURL server_redirect_http_url(https_server.GetURL(
+ "server-redirect?files/title1.html"));
+ WindowedNotificationObserver load_observer(
+ NOTIFICATION_LOAD_STOP,
+ Source<NavigationController>(
+ &shell()->web_contents()->GetController()));
+ EXPECT_TRUE(NavigateIframeToURL(shell(),
+ server_redirect_http_url, "test"));
+ load_observer.Wait();
+
+ // DidFailProvisionalLoad when navigating to https_url.
+ EXPECT_EQ(observer.navigation_url(), https_url);
+ EXPECT_FALSE(observer.navigation_result());
+ }
+
+ {
+ // Load same-site server-redirect page into Iframe.
+ // which redirects to same-site page.
+ GURL server_redirect_http_url(test_server()->GetURL(
+ "server-redirect?files/title1.html"));
+ WindowedNotificationObserver load_observer(
+ NOTIFICATION_LOAD_STOP,
+ Source<NavigationController>(
+ &shell()->web_contents()->GetController()));
+ EXPECT_TRUE(NavigateIframeToURL(shell(),
+ server_redirect_http_url, "test"));
+ load_observer.Wait();
+ EXPECT_EQ(observer.navigation_url(), http_url);
+ EXPECT_TRUE(observer.navigation_result());
+ }
+
+ {
+ // Load same-site client-redirect page into Iframe,
+ // which redirects to same-site page.
+ GURL client_redirect_http_url(test_server()->GetURL(
+ "client-redirect?files/title1.html"));
+ WindowedNotificationObserver load_observer(
+ NOTIFICATION_LOAD_STOP,
+ Source<NavigationController>(
+ &shell()->web_contents()->GetController()));
+ EXPECT_TRUE(NavigateIframeToURL(shell(),
+ client_redirect_http_url, "test"));
+ load_observer.Wait();
+ EXPECT_EQ(observer.navigation_url(), client_redirect_http_url);
+ EXPECT_TRUE(observer.navigation_result());
+ }
+}
+
+IN_PROC_BROWSER_TEST_F(SitePerProcessTest, CrossSiteIframeRedirectTwice) {
+ EnableSitePerProces();
+
+ ASSERT_TRUE(test_server()->Start());
+ net::TestServer https_server(
+ net::TestServer::TYPE_HTTPS,
+ net::TestServer::kLocalhost,
+ FilePath(FILE_PATH_LITERAL("content/test/data")));
+ ASSERT_TRUE(https_server.Start());
+
+ GURL main_url(test_server()->GetURL("files/site_per_process_main.html"));
+ GURL http_url(test_server()->GetURL("files/title1.html"));
+ GURL https_url(https_server.GetURL("files/title1.html"));
+
+ content::TitleWatcher title_watcher(shell()->web_contents(),
+ ASCIIToUTF16("site_per_process_main"));
+ NavigateToURL(shell(), main_url);
+ string16 actual_title = title_watcher.WaitAndGetTitle();
+
+ SitePerProcessTestWebContentsObserver observer(shell()->web_contents());
+ {
+ // Load client-redirect page pointed to a cross-site client-redirect page,
+ // which eventually redirects back to same-site page.
+ GURL client_redirect_https_url(https_server.GetURL(
+ "client-redirect?" + http_url.spec()));
+ GURL client_redirect_http_url(test_server()->GetURL(
+ "client-redirect?" + client_redirect_https_url.spec()));
+ WindowedNotificationObserver load_observer(
+ NOTIFICATION_LOAD_STOP,
+ Source<NavigationController>(
+ &shell()->web_contents()->GetController()));
+ EXPECT_TRUE(NavigateIframeToURL(shell(), client_redirect_http_url, "test"));
+ load_observer.Wait();
+ // We should check until second client redirect get cancelled.
+ WindowedNotificationObserver load_observer2(
+ NOTIFICATION_LOAD_STOP,
+ Source<NavigationController>(
+ &shell()->web_contents()->GetController()));
+ load_observer2.Wait();
+
+ // DidFailProvisionalLoad when navigating to client_redirect_https_url.
+ EXPECT_EQ(observer.navigation_url(), client_redirect_https_url);
+ EXPECT_FALSE(observer.navigation_result());
+ }
+
+ {
+ // Load server-redirect page pointed to a cross-site server-redirect page,
+ // which eventually redirect back to same-site page.
+ GURL server_redirect_https_url(https_server.GetURL(
+ "server-redirect?" + http_url.spec()));
+ GURL server_redirect_http_url(test_server()->GetURL(
+ "server-redirect?" + server_redirect_https_url.spec()));
+ WindowedNotificationObserver load_observer(
+ NOTIFICATION_LOAD_STOP,
+ Source<NavigationController>(
+ &shell()->web_contents()->GetController()));
+ EXPECT_TRUE(NavigateIframeToURL(shell(),
+ server_redirect_http_url, "test"));
+ load_observer.Wait();
+ EXPECT_EQ(observer.navigation_url(), http_url);
+ EXPECT_TRUE(observer.navigation_result());
+ }
+
+ {
+ // Load server-redirect page pointed to a cross-site server-redirect page,
+ // which eventually redirects back to cross-site page.
+ GURL server_redirect_https_url(https_server.GetURL(
+ "server-redirect?" + https_url.spec()));
+ GURL server_redirect_http_url(test_server()->GetURL(
+ "server-redirect?" + server_redirect_https_url.spec()));
+ WindowedNotificationObserver load_observer(
+ NOTIFICATION_LOAD_STOP,
+ Source<NavigationController>(
+ &shell()->web_contents()->GetController()));
+ EXPECT_TRUE(NavigateIframeToURL(shell(), server_redirect_http_url, "test"));
+ load_observer.Wait();
+
+ // DidFailProvisionalLoad when navigating to https_url.
+ EXPECT_EQ(observer.navigation_url(), https_url);
+ EXPECT_FALSE(observer.navigation_result());
+ }
+
+ {
+ // Load server-redirect page pointed to a cross-site server-redirect page,
+ // which eventually redirects back to same-site page.
+ GURL client_redirect_http_url(https_server.GetURL(
+ "client-redirect?" + http_url.spec()));
+ GURL server_redirect_http_url(test_server()->GetURL(
+ "server-redirect?" + client_redirect_http_url.spec()));
+ WindowedNotificationObserver load_observer(
+ NOTIFICATION_LOAD_STOP,
+ Source<NavigationController>(
+ &shell()->web_contents()->GetController()));
+ EXPECT_TRUE(NavigateIframeToURL(shell(), server_redirect_http_url, "test"));
+ load_observer.Wait();
+
+ // DidFailProvisionalLoad when navigating to client_redirect_http_url.
+ EXPECT_EQ(observer.navigation_url(), client_redirect_http_url);
+ EXPECT_FALSE(observer.navigation_result());
+ }
+}
+
+}

Powered by Google App Engine
This is Rietveld 408576698