Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(234)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/renderer_security_policy_unittest.cc

Issue 12418: Implement History as HTML and add/change a bunch of stuff to make it easier t... (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/
Patch Set: '' Created 12 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/browser/renderer_security_policy.cc ('k') | chrome/browser/resources/browser_resources.vcproj » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <string> 5 #include <string>
6 6
7 #include "base/basictypes.h" 7 #include "base/basictypes.h"
8 #include "chrome/browser/renderer_security_policy.h" 8 #include "chrome/browser/renderer_security_policy.h"
9 #include "net/url_request/url_request.h" 9 #include "net/url_request/url_request.h"
10 #include "net/url_request/url_request_test_job.h" 10 #include "net/url_request/url_request_test_job.h"
11 #include "testing/gtest/include/gtest/gtest.h" 11 #include "testing/gtest/include/gtest/gtest.h"
12 12
13 class RendererSecurityPolicyTest : public testing::Test { 13 class RendererSecurityPolicyTest : public testing::Test {
14 protected: 14 protected:
15 // testing::Test 15 // testing::Test
16 virtual void SetUp() { 16 virtual void SetUp() {
17 // In the real world, "chrome-resource" is a handled scheme. 17 // In the real world, "chrome" is a handled scheme.
18 URLRequest::RegisterProtocolFactory("chrome-resource", 18 URLRequest::RegisterProtocolFactory("chrome",
19 &URLRequestTestJob::Factory); 19 &URLRequestTestJob::Factory);
20 } 20 }
21 virtual void TearDown() { 21 virtual void TearDown() {
22 URLRequest::RegisterProtocolFactory("chrome-resource", NULL); 22 URLRequest::RegisterProtocolFactory("chrome", NULL);
23 } 23 }
24 }; 24 };
25 25
26 static int kRendererID = 42; 26 static int kRendererID = 42;
27 27
28 TEST_F(RendererSecurityPolicyTest, IsWebSafeSchemeTest) { 28 TEST_F(RendererSecurityPolicyTest, IsWebSafeSchemeTest) {
29 RendererSecurityPolicy* p = RendererSecurityPolicy::GetInstance(); 29 RendererSecurityPolicy* p = RendererSecurityPolicy::GetInstance();
30 30
31 EXPECT_TRUE(p->IsWebSafeScheme("http")); 31 EXPECT_TRUE(p->IsWebSafeScheme("http"));
32 EXPECT_TRUE(p->IsWebSafeScheme("https")); 32 EXPECT_TRUE(p->IsWebSafeScheme("https"));
(...skipping 30 matching lines...) Expand all
63 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("data:text/html,<b>Hi</b>"))); 63 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("data:text/html,<b>Hi</b>")));
64 EXPECT_TRUE(p->CanRequestURL(kRendererID, 64 EXPECT_TRUE(p->CanRequestURL(kRendererID,
65 GURL("view-source:http://www.google.com/"))); 65 GURL("view-source:http://www.google.com/")));
66 66
67 // Dangerous 67 // Dangerous
68 EXPECT_FALSE(p->CanRequestURL(kRendererID, 68 EXPECT_FALSE(p->CanRequestURL(kRendererID,
69 GURL("file:///etc/passwd"))); 69 GURL("file:///etc/passwd")));
70 EXPECT_FALSE(p->CanRequestURL(kRendererID, 70 EXPECT_FALSE(p->CanRequestURL(kRendererID,
71 GURL("view-cache:http://www.google.com/"))); 71 GURL("view-cache:http://www.google.com/")));
72 EXPECT_FALSE(p->CanRequestURL(kRendererID, 72 EXPECT_FALSE(p->CanRequestURL(kRendererID,
73 GURL("chrome-resource://foo/bar"))); 73 GURL("chrome://foo/bar")));
74 74
75 p->Remove(kRendererID); 75 p->Remove(kRendererID);
76 } 76 }
77 77
78 TEST_F(RendererSecurityPolicyTest, AboutTest) { 78 TEST_F(RendererSecurityPolicyTest, AboutTest) {
79 RendererSecurityPolicy* p = RendererSecurityPolicy::GetInstance(); 79 RendererSecurityPolicy* p = RendererSecurityPolicy::GetInstance();
80 80
81 p->Add(kRendererID); 81 p->Add(kRendererID);
82 82
83 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:blank"))); 83 EXPECT_TRUE(p->CanRequestURL(kRendererID, GURL("about:blank")));
(...skipping 112 matching lines...) Expand 10 before | Expand all | Expand 10 after
196 196
197 EXPECT_FALSE(p->CanUploadFile(kRendererID, L"/etc/passwd")); 197 EXPECT_FALSE(p->CanUploadFile(kRendererID, L"/etc/passwd"));
198 EXPECT_FALSE(p->CanUploadFile(kRendererID, L"/etc/shadow")); 198 EXPECT_FALSE(p->CanUploadFile(kRendererID, L"/etc/shadow"));
199 199
200 p->Remove(kRendererID); 200 p->Remove(kRendererID);
201 } 201 }
202 202
203 TEST_F(RendererSecurityPolicyTest, CanServiceInspectElement) { 203 TEST_F(RendererSecurityPolicyTest, CanServiceInspectElement) {
204 RendererSecurityPolicy* p = RendererSecurityPolicy::GetInstance(); 204 RendererSecurityPolicy* p = RendererSecurityPolicy::GetInstance();
205 205
206 GURL url("chrome-resource://inspector/inspector.html"); 206 GURL url("chrome://inspector/inspector.html");
207 207
208 p->Add(kRendererID); 208 p->Add(kRendererID);
209 209
210 EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); 210 EXPECT_FALSE(p->CanRequestURL(kRendererID, url));
211 p->GrantInspectElement(kRendererID); 211 p->GrantInspectElement(kRendererID);
212 EXPECT_TRUE(p->CanRequestURL(kRendererID, url)); 212 EXPECT_TRUE(p->CanRequestURL(kRendererID, url));
213 213
214 p->Remove(kRendererID); 214 p->Remove(kRendererID);
215 } 215 }
216 216
217 TEST_F(RendererSecurityPolicyTest, CanServiceDOMUIBindings) { 217 TEST_F(RendererSecurityPolicyTest, CanServiceDOMUIBindings) {
218 RendererSecurityPolicy* p = RendererSecurityPolicy::GetInstance(); 218 RendererSecurityPolicy* p = RendererSecurityPolicy::GetInstance();
219 219
220 GURL url("chrome-resource://thumb/http://www.google.com/"); 220 GURL url("chrome://thumb/http://www.google.com/");
221 221
222 p->Add(kRendererID); 222 p->Add(kRendererID);
223 223
224 EXPECT_FALSE(p->HasDOMUIBindings(kRendererID)); 224 EXPECT_FALSE(p->HasDOMUIBindings(kRendererID));
225 EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); 225 EXPECT_FALSE(p->CanRequestURL(kRendererID, url));
226 p->GrantDOMUIBindings(kRendererID); 226 p->GrantDOMUIBindings(kRendererID);
227 EXPECT_TRUE(p->HasDOMUIBindings(kRendererID)); 227 EXPECT_TRUE(p->HasDOMUIBindings(kRendererID));
228 EXPECT_TRUE(p->CanRequestURL(kRendererID, url)); 228 EXPECT_TRUE(p->CanRequestURL(kRendererID, url));
229 229
230 p->Remove(kRendererID); 230 p->Remove(kRendererID);
(...skipping 20 matching lines...) Expand all
251 // Renderers are added and removed on the UI thread, but the policy can be 251 // Renderers are added and removed on the UI thread, but the policy can be
252 // queried on the IO thread. The RendererSecurityPolicy needs to be prepared 252 // queried on the IO thread. The RendererSecurityPolicy needs to be prepared
253 // to answer policy questions about renderers who no longer exist. 253 // to answer policy questions about renderers who no longer exist.
254 254
255 // In this case, we default to secure behavior. 255 // In this case, we default to secure behavior.
256 EXPECT_FALSE(p->CanRequestURL(kRendererID, url)); 256 EXPECT_FALSE(p->CanRequestURL(kRendererID, url));
257 EXPECT_FALSE(p->CanUploadFile(kRendererID, file)); 257 EXPECT_FALSE(p->CanUploadFile(kRendererID, file));
258 EXPECT_FALSE(p->HasDOMUIBindings(kRendererID)); 258 EXPECT_FALSE(p->HasDOMUIBindings(kRendererID));
259 } 259 }
260 260
OLDNEW
« no previous file with comments | « chrome/browser/renderer_security_policy.cc ('k') | chrome/browser/resources/browser_resources.vcproj » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698