OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "base/command_line.h" | 5 #include "base/command_line.h" |
6 #include "base/strings/string_util.h" | 6 #include "base/strings/string_util.h" |
7 #include "base/strings/stringprintf.h" | 7 #include "base/strings/stringprintf.h" |
8 #include "base/test/histogram_tester.h" | 8 #include "base/test/histogram_tester.h" |
9 #include "content/public/common/content_switches.h" | 9 #include "content/public/common/content_switches.h" |
10 #include "content/public/common/resource_type.h" | 10 #include "content/public/common/resource_type.h" |
11 #include "content/public/test/browser_test_utils.h" | 11 #include "content/public/test/browser_test_utils.h" |
12 #include "content/public/test/content_browser_test.h" | 12 #include "content/public/test/content_browser_test.h" |
13 #include "content/public/test/content_browser_test_utils.h" | 13 #include "content/public/test/content_browser_test_utils.h" |
14 #include "content/shell/browser/shell.h" | 14 #include "content/shell/browser/shell.h" |
15 #include "net/test/spawned_test_server/spawned_test_server.h" | 15 #include "net/test/spawned_test_server/spawned_test_server.h" |
16 | 16 |
17 namespace content { | 17 namespace content { |
18 | 18 |
19 // These tests simulate exploited renderer processes, which can fetch arbitrary | 19 // These tests simulate exploited renderer processes, which can fetch arbitrary |
20 // resources from other websites, not constrained by the Same Origin Policy. We | 20 // resources from other websites, not constrained by the Same Origin Policy. We |
21 // are trying to verify that the renderer cannot fetch any cross-site document | 21 // are trying to verify that the renderer cannot fetch any cross-site document |
22 // responses even when the Same Origin Policy is turned off inside the renderer. | 22 // responses even when the Same Origin Policy is turned off inside the renderer. |
23 class SiteIsolationPolicyBrowserTest : public ContentBrowserTest { | 23 class SiteIsolationStatsGathererBrowserTest : public ContentBrowserTest { |
24 public: | 24 public: |
25 SiteIsolationPolicyBrowserTest() {} | 25 SiteIsolationStatsGathererBrowserTest() {} |
26 ~SiteIsolationPolicyBrowserTest() override {} | 26 ~SiteIsolationStatsGathererBrowserTest() override {} |
27 | 27 |
28 void SetUpCommandLine(base::CommandLine* command_line) override { | 28 void SetUpCommandLine(base::CommandLine* command_line) override { |
29 ASSERT_TRUE(test_server()->Start()); | 29 ASSERT_TRUE(test_server()->Start()); |
30 // Add a host resolver rule to map all outgoing requests to the test server. | 30 // Add a host resolver rule to map all outgoing requests to the test server. |
31 // This allows us to use "real" hostnames in URLs, which we can use to | 31 // This allows us to use "real" hostnames in URLs, which we can use to |
32 // create arbitrary SiteInstances. | 32 // create arbitrary SiteInstances. |
33 command_line->AppendSwitchASCII( | 33 command_line->AppendSwitchASCII( |
34 switches::kHostResolverRules, | 34 switches::kHostResolverRules, |
35 "MAP * " + test_server()->host_port_pair().ToString() + | 35 "MAP * " + test_server()->host_port_pair().ToString() + |
36 ",EXCLUDE localhost"); | 36 ",EXCLUDE localhost"); |
(...skipping 98 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
135 "SiteIsolation.XSD.XML.NotBlocked.MaybeJS"}; | 135 "SiteIsolation.XSD.XML.NotBlocked.MaybeJS"}; |
136 | 136 |
137 for (const char* metric : all_metrics) { | 137 for (const char* metric : all_metrics) { |
138 if (!expected_metrics.count(metric)) { | 138 if (!expected_metrics.count(metric)) { |
139 histograms.ExpectTotalCount(metric, 0); | 139 histograms.ExpectTotalCount(metric, 0); |
140 } | 140 } |
141 } | 141 } |
142 } | 142 } |
143 | 143 |
144 private: | 144 private: |
145 DISALLOW_COPY_AND_ASSIGN(SiteIsolationPolicyBrowserTest); | 145 DISALLOW_COPY_AND_ASSIGN(SiteIsolationStatsGathererBrowserTest); |
146 }; | 146 }; |
147 | 147 |
148 // TODO(dsjang): we cannot run these tests on Android since SetUpCommandLine() | 148 // TODO(dsjang): we cannot run these tests on Android since SetUpCommandLine() |
149 // is executed before the I/O thread is created on Android. After this bug | 149 // is executed before the I/O thread is created on Android. After this bug |
150 // (crbug.com/278425) is resolved, we can enable this test case on Android. | 150 // (crbug.com/278425) is resolved, we can enable this test case on Android. |
151 #if defined(OS_ANDROID) | 151 #if defined(OS_ANDROID) |
152 #define MAYBE_CrossSiteDocumentBlockingForMimeType \ | 152 #define MAYBE_CrossSiteDocumentBlockingForMimeType \ |
153 DISABLED_CrossSiteDocumentBlockingForMimeType | 153 DISABLED_CrossSiteDocumentBlockingForMimeType |
154 #else | 154 #else |
155 #define MAYBE_CrossSiteDocumentBlockingForMimeType \ | 155 #define MAYBE_CrossSiteDocumentBlockingForMimeType \ |
156 CrossSiteDocumentBlockingForMimeType | 156 CrossSiteDocumentBlockingForMimeType |
157 #endif | 157 #endif |
158 | 158 |
159 IN_PROC_BROWSER_TEST_F(SiteIsolationPolicyBrowserTest, | 159 IN_PROC_BROWSER_TEST_F(SiteIsolationStatsGathererBrowserTest, |
160 MAYBE_CrossSiteDocumentBlockingForMimeType) { | 160 MAYBE_CrossSiteDocumentBlockingForMimeType) { |
161 // Load a page that issues illegal cross-site document requests to bar.com. | 161 // Load a page that issues illegal cross-site document requests to bar.com. |
162 // The page uses XHR to request HTML/XML/JSON documents from bar.com, and | 162 // The page uses XHR to request HTML/XML/JSON documents from bar.com, and |
163 // inspects if any of them were successfully received. Currently, on illegal | 163 // inspects if any of them were successfully received. Currently, on illegal |
164 // access, the XHR requests should succeed, but the UMA histograms should | 164 // access, the XHR requests should succeed, but the UMA histograms should |
165 // record that they would have been blocked. This test is only possible since | 165 // record that they would have been blocked. This test is only possible since |
166 // we run the browser without the same origin policy. | 166 // we run the browser without the same origin policy. |
167 GURL foo("http://foo.com/files/cross_site_document_request.html"); | 167 GURL foo("http://foo.com/files/cross_site_document_request.html"); |
168 | 168 |
169 NavigateToURL(shell(), foo); | 169 NavigateToURL(shell(), foo); |
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
225 // is executed before the I/O thread is created on Android. After this bug | 225 // is executed before the I/O thread is created on Android. After this bug |
226 // (crbug.com/278425) is resolved, we can enable this test case on Android. | 226 // (crbug.com/278425) is resolved, we can enable this test case on Android. |
227 #if defined(OS_ANDROID) | 227 #if defined(OS_ANDROID) |
228 #define MAYBE_CrossSiteDocumentBlockingForDifferentTargets \ | 228 #define MAYBE_CrossSiteDocumentBlockingForDifferentTargets \ |
229 DISABLED_CrossSiteDocumentBlockingForDifferentTargets | 229 DISABLED_CrossSiteDocumentBlockingForDifferentTargets |
230 #else | 230 #else |
231 #define MAYBE_CrossSiteDocumentBlockingForDifferentTargets \ | 231 #define MAYBE_CrossSiteDocumentBlockingForDifferentTargets \ |
232 CrossSiteDocumentBlockingForDifferentTargets | 232 CrossSiteDocumentBlockingForDifferentTargets |
233 #endif | 233 #endif |
234 | 234 |
235 IN_PROC_BROWSER_TEST_F(SiteIsolationPolicyBrowserTest, | 235 IN_PROC_BROWSER_TEST_F(SiteIsolationStatsGathererBrowserTest, |
236 MAYBE_CrossSiteDocumentBlockingForDifferentTargets) { | 236 MAYBE_CrossSiteDocumentBlockingForDifferentTargets) { |
237 // This webpage loads a cross-site HTML page in different targets such as | 237 // This webpage loads a cross-site HTML page in different targets such as |
238 // <img>,<link>,<embed>, etc. Since the requested document is blocked, and one | 238 // <img>,<link>,<embed>, etc. Since the requested document is blocked, and one |
239 // character string (' ') is returned instead, this tests that the renderer | 239 // character string (' ') is returned instead, this tests that the renderer |
240 // does not crash even when it receives a response body which is " ", whose | 240 // does not crash even when it receives a response body which is " ", whose |
241 // length is different from what's described in "content-length" for such | 241 // length is different from what's described in "content-length" for such |
242 // different targets. | 242 // different targets. |
243 | 243 |
244 // TODO(nick): Split up these cases, and add positive assertions here about | 244 // TODO(nick): Split up these cases, and add positive assertions here about |
245 // what actually happens in these various resource-block cases. | 245 // what actually happens in these various resource-block cases. |
246 GURL foo("http://foo.com/files/cross_site_document_request_target.html"); | 246 GURL foo("http://foo.com/files/cross_site_document_request_target.html"); |
247 NavigateToURL(shell(), foo); | 247 NavigateToURL(shell(), foo); |
248 } | 248 } |
249 | 249 |
250 } | 250 } |
OLD | NEW |