Chromium Code Reviews Chromium Code Reviews
Issue 1212163007:
Kill renderers for bad password forms in --site-per-process. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <string> | 5 #include <string> |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/metrics/histogram_samples.h" | 8 #include "base/metrics/histogram_samples.h" |
| 9 #include "base/metrics/statistics_recorder.h" | 9 #include "base/metrics/statistics_recorder.h" |
| 10 #include "base/path_service.h" | 10 #include "base/path_service.h" |
| (...skipping 11 matching lines...) Expand all Loading... | |
| 22 #include "chrome/browser/ui/login/login_prompt.h" | 22 #include "chrome/browser/ui/login/login_prompt.h" |
| 23 #include "chrome/browser/ui/login/login_prompt_test_utils.h" | 23 #include "chrome/browser/ui/login/login_prompt_test_utils.h" |
| 24 #include "chrome/browser/ui/passwords/manage_passwords_ui_controller.h" | 24 #include "chrome/browser/ui/passwords/manage_passwords_ui_controller.h" |
| 25 #include "chrome/browser/ui/tabs/tab_strip_model.h" | 25 #include "chrome/browser/ui/tabs/tab_strip_model.h" |
| 26 #include "chrome/common/chrome_paths.h" | 26 #include "chrome/common/chrome_paths.h" |
| 27 #include "chrome/common/chrome_switches.h" | 27 #include "chrome/common/chrome_switches.h" |
| 28 #include "chrome/common/chrome_version_info.h" | 28 #include "chrome/common/chrome_version_info.h" |
| 29 #include "chrome/test/base/in_process_browser_test.h" | 29 #include "chrome/test/base/in_process_browser_test.h" |
| 30 #include "chrome/test/base/test_switches.h" | 30 #include "chrome/test/base/test_switches.h" |
| 31 #include "chrome/test/base/ui_test_utils.h" | 31 #include "chrome/test/base/ui_test_utils.h" |
| 32 #include "components/autofill/content/common/autofill_messages.h" | |
| 32 #include "components/autofill/core/browser/autofill_test_utils.h" | 33 #include "components/autofill/core/browser/autofill_test_utils.h" |
| 33 #include "components/autofill/core/browser/test_autofill_client.h" | 34 #include "components/autofill/core/browser/test_autofill_client.h" |
| 35 #include "components/autofill/core/common/password_form.h" | |
| 34 #include "components/infobars/core/confirm_infobar_delegate.h" | 36 #include "components/infobars/core/confirm_infobar_delegate.h" |
| 35 #include "components/infobars/core/infobar.h" | 37 #include "components/infobars/core/infobar.h" |
| 36 #include "components/infobars/core/infobar_manager.h" | 38 #include "components/infobars/core/infobar_manager.h" |
| 37 #include "components/password_manager/content/browser/content_password_manager_d river.h" | 39 #include "components/password_manager/content/browser/content_password_manager_d river.h" |
| 38 #include "components/password_manager/content/browser/content_password_manager_d river_factory.h" | 40 #include "components/password_manager/content/browser/content_password_manager_d river_factory.h" |
| 39 #include "components/password_manager/core/browser/test_password_store.h" | 41 #include "components/password_manager/core/browser/test_password_store.h" |
| 40 #include "components/password_manager/core/common/password_manager_switches.h" | 42 #include "components/password_manager/core/common/password_manager_switches.h" |
| 41 #include "content/public/browser/navigation_controller.h" | 43 #include "content/public/browser/navigation_controller.h" |
| 42 #include "content/public/browser/notification_service.h" | 44 #include "content/public/browser/notification_service.h" |
| 43 #include "content/public/browser/render_frame_host.h" | 45 #include "content/public/browser/render_frame_host.h" |
| 46 #include "content/public/browser/render_process_host.h" | |
| 44 #include "content/public/browser/render_view_host.h" | 47 #include "content/public/browser/render_view_host.h" |
| 45 #include "content/public/browser/web_contents.h" | 48 #include "content/public/browser/web_contents.h" |
| 46 #include "content/public/browser/web_contents_observer.h" | 49 #include "content/public/browser/web_contents_observer.h" |
| 47 #include "content/public/common/content_switches.h" | 50 #include "content/public/common/content_switches.h" |
| 48 #include "content/public/test/browser_test_utils.h" | 51 #include "content/public/test/browser_test_utils.h" |
| 49 #include "content/public/test/test_utils.h" | 52 #include "content/public/test/test_utils.h" |
| 53 #include "ipc/ipc_security_test_util.h" | |
| 50 #include "net/base/filename_util.h" | 54 #include "net/base/filename_util.h" |
| 51 #include "net/dns/mock_host_resolver.h" | 55 #include "net/dns/mock_host_resolver.h" |
| 52 #include "net/test/embedded_test_server/embedded_test_server.h" | 56 #include "net/test/embedded_test_server/embedded_test_server.h" |
| 53 #include "net/test/embedded_test_server/http_request.h" | 57 #include "net/test/embedded_test_server/http_request.h" |
| 54 #include "net/test/embedded_test_server/http_response.h" | 58 #include "net/test/embedded_test_server/http_response.h" |
| 55 #include "net/test/spawned_test_server/spawned_test_server.h" | 59 #include "net/test/spawned_test_server/spawned_test_server.h" |
| 56 #include "net/url_request/test_url_fetcher_factory.h" | 60 #include "net/url_request/test_url_fetcher_factory.h" |
| 57 #include "testing/gmock/include/gmock/gmock.h" | 61 #include "testing/gmock/include/gmock/gmock.h" |
| 58 #include "third_party/WebKit/public/web/WebInputEvent.h" | 62 #include "third_party/WebKit/public/web/WebInputEvent.h" |
| 59 #include "ui/events/keycodes/keyboard_codes.h" | 63 #include "ui/events/keycodes/keyboard_codes.h" |
| (...skipping 24 matching lines...) Expand all Loading... | |
| 84 | 88 |
| 85 // Normally Wait() will not return until a main frame navigation occurs. | 89 // Normally Wait() will not return until a main frame navigation occurs. |
| 86 // If quit_on_entry_commited is true Wait() will return on EntryCommited. | 90 // If quit_on_entry_commited is true Wait() will return on EntryCommited. |
| 87 void SetQuitOnEntryCommitted(bool quit_on_entry_commited) { | 91 void SetQuitOnEntryCommitted(bool quit_on_entry_commited) { |
| 88 quit_on_entry_commited_ = quit_on_entry_commited; | 92 quit_on_entry_commited_ = quit_on_entry_commited; |
| 89 } | 93 } |
| 90 | 94 |
| 91 // content::WebContentsObserver: | 95 // content::WebContentsObserver: |
| 92 void DidFinishLoad(content::RenderFrameHost* render_frame_host, | 96 void DidFinishLoad(content::RenderFrameHost* render_frame_host, |
| 93 const GURL& validated_url) override { | 97 const GURL& validated_url) override { |
| 98 render_frame_host_ = render_frame_host; | |
| 94 if (!wait_for_path_.empty()) { | 99 if (!wait_for_path_.empty()) { |
| 95 if (validated_url.path() == wait_for_path_) | 100 if (validated_url.path() == wait_for_path_) |
| 96 message_loop_runner_->Quit(); | 101 message_loop_runner_->Quit(); |
| 97 } else if (!render_frame_host->GetParent()) { | 102 } else if (!render_frame_host->GetParent()) { |
| 98 message_loop_runner_->Quit(); | 103 message_loop_runner_->Quit(); |
| 99 } | 104 } |
| 100 } | 105 } |
| 101 void NavigationEntryCommitted( | 106 void NavigationEntryCommitted( |
| 102 const content::LoadCommittedDetails& load_details) override { | 107 const content::LoadCommittedDetails& load_details) override { |
| 103 if (quit_on_entry_commited_) | 108 if (quit_on_entry_commited_) |
| 104 message_loop_runner_->Quit(); | 109 message_loop_runner_->Quit(); |
| 105 } | 110 } |
| 106 void Wait() { message_loop_runner_->Run(); } | 111 void Wait() { message_loop_runner_->Run(); } |
| 107 | 112 |
| 113 content::RenderFrameHost* render_frame_host() { return render_frame_host_; } | |
| 114 | |
| 108 private: | 115 private: |
| 109 std::string wait_for_path_; | 116 std::string wait_for_path_; |
| 117 content::RenderFrameHost* render_frame_host_; | |
| 110 bool quit_on_entry_commited_; | 118 bool quit_on_entry_commited_; |
| 111 scoped_refptr<content::MessageLoopRunner> message_loop_runner_; | 119 scoped_refptr<content::MessageLoopRunner> message_loop_runner_; |
| 112 | 120 |
| 113 DISALLOW_COPY_AND_ASSIGN(NavigationObserver); | 121 DISALLOW_COPY_AND_ASSIGN(NavigationObserver); |
| 114 }; | 122 }; |
| 115 | 123 |
| 116 // Observes the save password prompt (bubble or infobar) for a specified | 124 // Observes the save password prompt (bubble or infobar) for a specified |
| 117 // WebContents, keeps track of whether or not it is currently shown, and allows | 125 // WebContents, keeps track of whether or not it is currently shown, and allows |
| 118 // accepting saving passwords through it. | 126 // accepting saving passwords through it. |
| 119 class PromptObserver { | 127 class PromptObserver { |
| (...skipping 2000 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 2120 content::SimulateMouseClickAt( | 2128 content::SimulateMouseClickAt( |
| 2121 WebContents(), 0, blink::WebMouseEvent::ButtonLeft, gfx::Point(left + 1, | 2129 WebContents(), 0, blink::WebMouseEvent::ButtonLeft, gfx::Point(left + 1, |
| 2122 top + 1)); | 2130 top + 1)); |
| 2123 // Verify password has been autofilled | 2131 // Verify password has been autofilled |
| 2124 WaitForElementValue("iframe", "password_field", "pa55w0rd"); | 2132 WaitForElementValue("iframe", "password_field", "pa55w0rd"); |
| 2125 | 2133 |
| 2126 // Verify username has been autofilled | 2134 // Verify username has been autofilled |
| 2127 CheckElementValue("iframe", "username_field", "temp"); | 2135 CheckElementValue("iframe", "username_field", "temp"); |
| 2128 | 2136 |
| 2129 } | 2137 } |
| 2138 | |
| 2139 // The password manager driver will kill processes when they try to access | |
| 2140 // passwords of sites other than the site the process is dedicated to, under | |
| 2141 // site isolation. | |
| 2142 IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, | |
| 2143 CrossSitePasswordEnforcement) { | |
| 2144 // The code under test is only active under site isolation. | |
| 2145 if (!base::CommandLine::ForCurrentProcess()->HasSwitch( | |
| 2146 switches::kSitePerProcess)) { | |
|
vabr (Chromium)
2015/07/08 08:26:27
Are there trybots running tests with this flag?
lfg
2015/07/08 15:31:47
Yes, however it's currently only an FYI bot. The b
vabr (Chromium)
2015/07/09 06:29:32
Acknowledged.
| |
| 2147 return; | |
| 2148 } | |
| 2149 | |
| 2150 // Setup the mock host resolver | |
| 2151 host_resolver()->AddRule("*", "127.0.0.1"); | |
| 2152 | |
| 2153 // Navigate the main frame. | |
| 2154 GURL main_frame_url = embedded_test_server()->GetURL( | |
| 2155 "/password/password_form_in_crosssite_iframe.html"); | |
| 2156 NavigationObserver observer(WebContents()); | |
| 2157 ui_test_utils::NavigateToURL(browser(), main_frame_url); | |
| 2158 observer.Wait(); | |
| 2159 | |
| 2160 // Create an iframe and navigate cross-site. | |
| 2161 NavigationObserver iframe_observer(WebContents()); | |
| 2162 iframe_observer.SetPathToWaitFor("/password/crossite_iframe_content.html"); | |
|
ncarter (slow)
2015/07/07 22:18:32
Crossite is an inosilicate double chain sodic amph
DaleCurtis
2015/07/07 22:20:09
So many words that look like misspellings there -_
lfg
2015/07/08 15:31:47
Hey! I'm just reusing what's already there ;)
| |
| 2163 GURL iframe_url = embedded_test_server()->GetURL( | |
| 2164 "foo.com", "/password/crossite_iframe_content.html"); | |
| 2165 std::string create_iframe = | |
| 2166 base::StringPrintf("create_iframe('%s');", iframe_url.spec().c_str()); | |
| 2167 ASSERT_TRUE(content::ExecuteScript(RenderViewHost(), create_iframe)); | |
| 2168 iframe_observer.Wait(); | |
| 2169 | |
| 2170 // The iframe on the http page should get its own process. | |
|
ncarter (slow)
2015/07/07 22:18:32
This comment looks like copypasta & needs reworkin
lfg
2015/07/08 15:31:47
Yup. Fixed. There's only a single iframe, so the q
| |
| 2171 content::RenderFrameHost* main_frame = WebContents()->GetMainFrame(); | |
| 2172 content::RenderFrameHost* iframe = iframe_observer.render_frame_host(); | |
| 2173 content::SiteInstance* main_site_instance = main_frame->GetSiteInstance(); | |
| 2174 content::SiteInstance* iframe_site_instance = iframe->GetSiteInstance(); | |
| 2175 EXPECT_NE(main_site_instance, iframe_site_instance); | |
| 2176 EXPECT_NE(main_frame->GetProcess(), iframe->GetProcess()); | |
| 2177 | |
| 2178 // Try to get cross-site passwords from the subframe's process and wait for it | |
| 2179 // to be killed. | |
| 2180 std::vector<autofill::PasswordForm> password_forms; | |
| 2181 password_forms.push_back(autofill::PasswordForm()); | |
| 2182 password_forms.back().origin = main_frame_url; | |
| 2183 AutofillHostMsg_PasswordFormsParsed illegal_forms_parsed( | |
| 2184 iframe->GetRoutingID(), password_forms); | |
| 2185 | |
| 2186 content::RenderProcessHostWatcher iframe_killed( | |
| 2187 iframe->GetProcess(), | |
| 2188 content::RenderProcessHostWatcher::WATCH_FOR_PROCESS_EXIT); | |
| 2189 | |
| 2190 IPC::IpcSecurityTestUtil::PwnMessageReceived( | |
| 2191 iframe->GetProcess()->GetChannel(), illegal_forms_parsed); | |
| 2192 | |
| 2193 iframe_killed.Wait(); | |
| 2194 } | |
| OLD | NEW |
