| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <string> | 5 #include <string> |
| 6 | 6 |
| 7 #include "base/compiler_specific.h" | 7 #include "base/compiler_specific.h" |
| 8 #include "base/memory/scoped_ptr.h" | 8 #include "base/memory/scoped_ptr.h" |
| 9 #include "base/message_loop/message_loop.h" | 9 #include "base/message_loop/message_loop.h" |
| 10 #include "base/values.h" | 10 #include "base/values.h" |
| (...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 50 return ExtensionBuilder() | 50 return ExtensionBuilder() |
| 51 .SetManifest(DictionaryBuilder() | 51 .SetManifest(DictionaryBuilder() |
| 52 .Set("name", "Extension with ID " + id) | 52 .Set("name", "Extension with ID " + id) |
| 53 .Set("version", "1.0") | 53 .Set("version", "1.0") |
| 54 .Set("manifest_version", 2) | 54 .Set("manifest_version", 2) |
| 55 .Set("permissions", permissions)) | 55 .Set("permissions", permissions)) |
| 56 .SetID(id) | 56 .SetID(id) |
| 57 .Build(); | 57 .Build(); |
| 58 } | 58 } |
| 59 | 59 |
| 60 enum PermittedFeature { |
| 61 PERMITTED_NONE, |
| 62 PERMITTED_SCRIPT_ONLY, |
| 63 PERMITTED_CAPTURE_ONLY, |
| 64 PERMITTED_BOTH |
| 65 }; |
| 66 |
| 60 class ActiveTabTest : public ChromeRenderViewHostTestHarness { | 67 class ActiveTabTest : public ChromeRenderViewHostTestHarness { |
| 61 protected: | 68 protected: |
| 62 ActiveTabTest() | 69 ActiveTabTest() |
| 63 : current_channel(chrome::VersionInfo::CHANNEL_DEV), | 70 : current_channel(chrome::VersionInfo::CHANNEL_DEV), |
| 64 extension(CreateTestExtension("deadbeef", true, false)), | 71 extension(CreateTestExtension("deadbeef", true, false)), |
| 65 another_extension(CreateTestExtension("feedbeef", true, false)), | 72 another_extension(CreateTestExtension("feedbeef", true, false)), |
| 66 extension_without_active_tab(CreateTestExtension("badbeef", | 73 extension_without_active_tab(CreateTestExtension("badbeef", |
| 67 false, | 74 false, |
| 68 false)), | 75 false)), |
| 69 extension_with_tab_capture(CreateTestExtension("cafebeef", | 76 extension_with_tab_capture(CreateTestExtension("cafebeef", |
| 70 true, | 77 true, |
| 71 true)) {} | 78 true)) {} |
| 72 | 79 |
| 73 virtual void SetUp() OVERRIDE { | 80 virtual void SetUp() OVERRIDE { |
| 74 ChromeRenderViewHostTestHarness::SetUp(); | 81 ChromeRenderViewHostTestHarness::SetUp(); |
| 75 TabHelper::CreateForWebContents(web_contents()); | 82 TabHelper::CreateForWebContents(web_contents()); |
| 76 } | 83 } |
| 77 | 84 |
| 78 int tab_id() { | 85 int tab_id() { |
| 79 return SessionID::IdForTab(web_contents()); | 86 return SessionID::IdForTab(web_contents()); |
| 80 } | 87 } |
| 81 | 88 |
| 82 ActiveTabPermissionGranter* active_tab_permission_granter() { | 89 ActiveTabPermissionGranter* active_tab_permission_granter() { |
| 83 return extensions::TabHelper::FromWebContents(web_contents())-> | 90 return extensions::TabHelper::FromWebContents(web_contents())-> |
| 84 active_tab_permission_granter(); | 91 active_tab_permission_granter(); |
| 85 } | 92 } |
| 86 | 93 |
| 87 bool IsAllowed(const scoped_refptr<const Extension>& extension, | 94 bool IsAllowed(const scoped_refptr<const Extension>& extension, |
| 88 const GURL& url) { | 95 const GURL& url) { |
| 89 return IsAllowed(extension, url, tab_id()); | 96 return IsAllowed(extension, url, PERMITTED_BOTH, tab_id()); |
| 90 } | 97 } |
| 91 | 98 |
| 92 bool IsAllowed(const scoped_refptr<const Extension>& extension, | 99 bool IsAllowed(const scoped_refptr<const Extension>& extension, |
| 93 const GURL& url, | 100 const GURL& url, |
| 101 PermittedFeature feature) { |
| 102 return IsAllowed(extension, url, feature, tab_id()); |
| 103 } |
| 104 |
| 105 bool IsAllowed(const scoped_refptr<const Extension>& extension, |
| 106 const GURL& url, |
| 107 PermittedFeature feature, |
| 94 int tab_id) { | 108 int tab_id) { |
| 95 return PermissionsData::CanExecuteScriptOnPage( | 109 bool script = PermissionsData::CanExecuteScriptOnPage( |
| 96 extension.get(), url, url, tab_id, NULL, -1, NULL) && | 110 extension.get(), url, url, tab_id, NULL, -1, NULL); |
| 97 PermissionsData::CanCaptureVisiblePage( | 111 bool capture = HasTabsPermission(extension, tab_id) && |
| 98 extension.get(), url, tab_id, NULL) && | 112 PermissionsData::CanCaptureVisiblePage(extension.get(), tab_id, NULL); |
| 99 HasTabsPermission(extension, tab_id); | 113 switch (feature) { |
| 114 case PERMITTED_SCRIPT_ONLY: |
| 115 return script && !capture; |
| 116 case PERMITTED_CAPTURE_ONLY: |
| 117 return capture && !script; |
| 118 case PERMITTED_BOTH: |
| 119 return script && capture; |
| 120 case PERMITTED_NONE: |
| 121 return !script && !capture; |
| 122 } |
| 123 NOTREACHED(); |
| 124 return false; |
| 100 } | 125 } |
| 101 | 126 |
| 102 bool IsBlocked(const scoped_refptr<const Extension>& extension, | 127 bool IsBlocked(const scoped_refptr<const Extension>& extension, |
| 103 const GURL& url) { | 128 const GURL& url) { |
| 104 return IsBlocked(extension, url, tab_id()); | 129 return IsBlocked(extension, url, tab_id()); |
| 105 } | 130 } |
| 106 | 131 |
| 107 bool IsBlocked(const scoped_refptr<const Extension>& extension, | 132 bool IsBlocked(const scoped_refptr<const Extension>& extension, |
| 108 const GURL& url, | 133 const GURL& url, |
| 109 int tab_id) { | 134 int tab_id) { |
| 110 // Note: can't check HasTabsPermission because it isn't URL specific. | 135 return IsAllowed(extension, url, PERMITTED_NONE, tab_id); |
| 111 return !PermissionsData::CanExecuteScriptOnPage( | |
| 112 extension.get(), url, url, tab_id, NULL, -1, NULL) && | |
| 113 !PermissionsData::CanCaptureVisiblePage( | |
| 114 extension.get(), url, tab_id, NULL); | |
| 115 } | 136 } |
| 116 | 137 |
| 117 bool HasTabsPermission(const scoped_refptr<const Extension>& extension) { | 138 bool HasTabsPermission(const scoped_refptr<const Extension>& extension) { |
| 118 return HasTabsPermission(extension, tab_id()); | 139 return HasTabsPermission(extension, tab_id()); |
| 119 } | 140 } |
| 120 | 141 |
| 121 bool HasTabsPermission(const scoped_refptr<const Extension>& extension, | 142 bool HasTabsPermission(const scoped_refptr<const Extension>& extension, |
| 122 int tab_id) { | 143 int tab_id) { |
| 123 return PermissionsData::HasAPIPermissionForTab( | 144 return PermissionsData::HasAPIPermissionForTab( |
| 124 extension.get(), tab_id, APIPermission::kTab); | 145 extension.get(), tab_id, APIPermission::kTab); |
| (...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 166 extension_without_active_tab.get()); | 187 extension_without_active_tab.get()); |
| 167 | 188 |
| 168 // Granted to extension and extension_without_active_tab, but the latter | 189 // Granted to extension and extension_without_active_tab, but the latter |
| 169 // doesn't have the activeTab permission so not granted. | 190 // doesn't have the activeTab permission so not granted. |
| 170 EXPECT_TRUE(IsAllowed(extension, google)); | 191 EXPECT_TRUE(IsAllowed(extension, google)); |
| 171 EXPECT_TRUE(IsBlocked(another_extension, google)); | 192 EXPECT_TRUE(IsBlocked(another_extension, google)); |
| 172 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google)); | 193 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google)); |
| 173 | 194 |
| 174 // Other subdomains shouldn't be given access. | 195 // Other subdomains shouldn't be given access. |
| 175 GURL mail_google("http://mail.google.com"); | 196 GURL mail_google("http://mail.google.com"); |
| 176 EXPECT_TRUE(IsBlocked(extension, mail_google)); | 197 EXPECT_TRUE(IsAllowed(extension, mail_google, PERMITTED_CAPTURE_ONLY)); |
| 177 EXPECT_TRUE(IsBlocked(another_extension, mail_google)); | 198 EXPECT_TRUE(IsBlocked(another_extension, mail_google)); |
| 178 EXPECT_TRUE(IsBlocked(extension_without_active_tab, mail_google)); | 199 EXPECT_TRUE(IsBlocked(extension_without_active_tab, mail_google)); |
| 179 | 200 |
| 180 // Reloading the page should clear the active permissions. | 201 // Reloading the page should clear the active permissions. |
| 181 Reload(); | 202 Reload(); |
| 182 | 203 |
| 183 EXPECT_TRUE(IsBlocked(extension, google)); | 204 EXPECT_TRUE(IsBlocked(extension, google)); |
| 184 EXPECT_TRUE(IsBlocked(another_extension, google)); | 205 EXPECT_TRUE(IsBlocked(another_extension, google)); |
| 185 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google)); | 206 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google)); |
| 186 | 207 |
| (...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 226 EXPECT_FALSE(HasTabsPermission(another_extension)); | 247 EXPECT_FALSE(HasTabsPermission(another_extension)); |
| 227 EXPECT_FALSE(HasTabsPermission(extension_without_active_tab)); | 248 EXPECT_FALSE(HasTabsPermission(extension_without_active_tab)); |
| 228 | 249 |
| 229 // Should be able to grant to multiple extensions at the same time (if they | 250 // Should be able to grant to multiple extensions at the same time (if they |
| 230 // have the activeTab permission, of course). | 251 // have the activeTab permission, of course). |
| 231 active_tab_permission_granter()->GrantIfRequested(extension.get()); | 252 active_tab_permission_granter()->GrantIfRequested(extension.get()); |
| 232 active_tab_permission_granter()->GrantIfRequested(another_extension.get()); | 253 active_tab_permission_granter()->GrantIfRequested(another_extension.get()); |
| 233 active_tab_permission_granter()->GrantIfRequested( | 254 active_tab_permission_granter()->GrantIfRequested( |
| 234 extension_without_active_tab.get()); | 255 extension_without_active_tab.get()); |
| 235 | 256 |
| 236 EXPECT_TRUE(IsBlocked(extension, google)); | 257 EXPECT_TRUE(IsAllowed(extension, google, PERMITTED_CAPTURE_ONLY)); |
| 237 EXPECT_TRUE(IsBlocked(another_extension, google)); | 258 EXPECT_TRUE(IsAllowed(another_extension, google, PERMITTED_CAPTURE_ONLY)); |
| 238 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google)); | 259 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google)); |
| 239 | 260 |
| 240 EXPECT_TRUE(IsAllowed(extension, chromium)); | 261 EXPECT_TRUE(IsAllowed(extension, chromium)); |
| 241 EXPECT_TRUE(IsAllowed(another_extension, chromium)); | 262 EXPECT_TRUE(IsAllowed(another_extension, chromium)); |
| 242 EXPECT_TRUE(IsBlocked(extension_without_active_tab, chromium)); | 263 EXPECT_TRUE(IsBlocked(extension_without_active_tab, chromium)); |
| 243 | 264 |
| 244 // Should be able to go back to URLs that were previously cleared. | 265 // Should be able to go back to URLs that were previously cleared. |
| 245 NavigateAndCommit(google); | 266 NavigateAndCommit(google); |
| 246 | 267 |
| 247 active_tab_permission_granter()->GrantIfRequested(extension.get()); | 268 active_tab_permission_granter()->GrantIfRequested(extension.get()); |
| 248 active_tab_permission_granter()->GrantIfRequested(another_extension.get()); | 269 active_tab_permission_granter()->GrantIfRequested(another_extension.get()); |
| 249 active_tab_permission_granter()->GrantIfRequested( | 270 active_tab_permission_granter()->GrantIfRequested( |
| 250 extension_without_active_tab.get()); | 271 extension_without_active_tab.get()); |
| 251 | 272 |
| 252 EXPECT_TRUE(IsAllowed(extension, google)); | 273 EXPECT_TRUE(IsAllowed(extension, google)); |
| 253 EXPECT_TRUE(IsAllowed(another_extension, google)); | 274 EXPECT_TRUE(IsAllowed(another_extension, google)); |
| 254 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google)); | 275 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google)); |
| 255 | 276 |
| 256 EXPECT_TRUE(IsBlocked(extension, chromium)); | 277 EXPECT_TRUE(IsAllowed(extension, chromium, PERMITTED_CAPTURE_ONLY)); |
| 257 EXPECT_TRUE(IsBlocked(another_extension, chromium)); | 278 EXPECT_TRUE(IsAllowed(another_extension, chromium, PERMITTED_CAPTURE_ONLY)); |
| 258 EXPECT_TRUE(IsBlocked(extension_without_active_tab, chromium)); | 279 EXPECT_TRUE(IsBlocked(extension_without_active_tab, chromium)); |
| 259 }; | 280 }; |
| 260 | 281 |
| 261 TEST_F(ActiveTabTest, Uninstalling) { | 282 TEST_F(ActiveTabTest, Uninstalling) { |
| 262 // Some semi-arbitrary setup. | 283 // Some semi-arbitrary setup. |
| 263 GURL google("http://www.google.com"); | 284 GURL google("http://www.google.com"); |
| 264 NavigateAndCommit(google); | 285 NavigateAndCommit(google); |
| 265 | 286 |
| 266 active_tab_permission_granter()->GrantIfRequested(extension.get()); | 287 active_tab_permission_granter()->GrantIfRequested(extension.get()); |
| 267 | 288 |
| (...skipping 19 matching lines...) Expand all Loading... |
| 287 EXPECT_TRUE(IsGrantedForTab(extension.get(), web_contents())); | 308 EXPECT_TRUE(IsGrantedForTab(extension.get(), web_contents())); |
| 288 EXPECT_TRUE(IsAllowed(extension, google)); | 309 EXPECT_TRUE(IsAllowed(extension, google)); |
| 289 } | 310 } |
| 290 | 311 |
| 291 TEST_F(ActiveTabTest, OnlyActiveTab) { | 312 TEST_F(ActiveTabTest, OnlyActiveTab) { |
| 292 GURL google("http://www.google.com"); | 313 GURL google("http://www.google.com"); |
| 293 NavigateAndCommit(google); | 314 NavigateAndCommit(google); |
| 294 | 315 |
| 295 active_tab_permission_granter()->GrantIfRequested(extension.get()); | 316 active_tab_permission_granter()->GrantIfRequested(extension.get()); |
| 296 | 317 |
| 297 EXPECT_TRUE(IsAllowed(extension, google, tab_id())); | 318 EXPECT_TRUE(IsAllowed(extension, google, PERMITTED_BOTH, tab_id())); |
| 298 EXPECT_TRUE(IsBlocked(extension, google, tab_id() + 1)); | 319 EXPECT_TRUE(IsBlocked(extension, google, tab_id() + 1)); |
| 299 EXPECT_FALSE(HasTabsPermission(extension, tab_id() + 1)); | 320 EXPECT_FALSE(HasTabsPermission(extension, tab_id() + 1)); |
| 300 } | 321 } |
| 301 | 322 |
| 302 TEST_F(ActiveTabTest, NavigateInPage) { | 323 TEST_F(ActiveTabTest, NavigateInPage) { |
| 303 GURL google("http://www.google.com"); | 324 GURL google("http://www.google.com"); |
| 304 NavigateAndCommit(google); | 325 NavigateAndCommit(google); |
| 305 | 326 |
| 306 active_tab_permission_granter()->GrantIfRequested(extension.get()); | 327 active_tab_permission_granter()->GrantIfRequested(extension.get()); |
| 307 | 328 |
| 308 // Perform an in-page navigation. The extension should not lose the temporary | 329 // Perform an in-page navigation. The extension should not lose the temporary |
| 309 // permission. | 330 // permission. |
| 310 GURL google_h1("http://www.google.com#h1"); | 331 GURL google_h1("http://www.google.com#h1"); |
| 311 NavigateAndCommit(google_h1); | 332 NavigateAndCommit(google_h1); |
| 312 | 333 |
| 313 EXPECT_TRUE(IsAllowed(extension, google, tab_id())); | 334 EXPECT_TRUE(IsAllowed(extension, google)); |
| 314 EXPECT_TRUE(IsAllowed(extension, google_h1, tab_id())); | 335 EXPECT_TRUE(IsAllowed(extension, google_h1)); |
| 315 | 336 |
| 316 GURL chromium("http://www.chromium.org"); | 337 GURL chromium("http://www.chromium.org"); |
| 317 NavigateAndCommit(chromium); | 338 NavigateAndCommit(chromium); |
| 318 | 339 |
| 319 EXPECT_FALSE(IsAllowed(extension, google, tab_id())); | 340 EXPECT_FALSE(IsAllowed(extension, google)); |
| 320 EXPECT_FALSE(IsAllowed(extension, google_h1, tab_id())); | 341 EXPECT_FALSE(IsAllowed(extension, google_h1)); |
| 321 EXPECT_FALSE(IsAllowed(extension, chromium, tab_id())); | 342 EXPECT_FALSE(IsAllowed(extension, chromium)); |
| 322 | 343 |
| 323 active_tab_permission_granter()->GrantIfRequested(extension.get()); | 344 active_tab_permission_granter()->GrantIfRequested(extension.get()); |
| 324 | 345 |
| 325 EXPECT_FALSE(IsAllowed(extension, google, tab_id())); | 346 EXPECT_FALSE(IsAllowed(extension, google)); |
| 326 EXPECT_FALSE(IsAllowed(extension, google_h1, tab_id())); | 347 EXPECT_FALSE(IsAllowed(extension, google_h1)); |
| 327 EXPECT_TRUE(IsAllowed(extension, chromium, tab_id())); | 348 EXPECT_TRUE(IsAllowed(extension, chromium)); |
| 328 | 349 |
| 329 GURL chromium_h1("http://www.chromium.org#h1"); | 350 GURL chromium_h1("http://www.chromium.org#h1"); |
| 330 NavigateAndCommit(chromium_h1); | 351 NavigateAndCommit(chromium_h1); |
| 331 | 352 |
| 332 EXPECT_FALSE(IsAllowed(extension, google, tab_id())); | 353 EXPECT_FALSE(IsAllowed(extension, google)); |
| 333 EXPECT_FALSE(IsAllowed(extension, google_h1, tab_id())); | 354 EXPECT_FALSE(IsAllowed(extension, google_h1)); |
| 334 EXPECT_TRUE(IsAllowed(extension, chromium, tab_id())); | 355 EXPECT_TRUE(IsAllowed(extension, chromium)); |
| 335 EXPECT_TRUE(IsAllowed(extension, chromium_h1, tab_id())); | 356 EXPECT_TRUE(IsAllowed(extension, chromium_h1)); |
| 336 | 357 |
| 337 Reload(); | 358 Reload(); |
| 338 | 359 |
| 339 EXPECT_FALSE(IsAllowed(extension, google, tab_id())); | 360 EXPECT_FALSE(IsAllowed(extension, google)); |
| 340 EXPECT_FALSE(IsAllowed(extension, google_h1, tab_id())); | 361 EXPECT_FALSE(IsAllowed(extension, google_h1)); |
| 341 EXPECT_FALSE(IsAllowed(extension, chromium, tab_id())); | 362 EXPECT_FALSE(IsAllowed(extension, chromium)); |
| 342 EXPECT_FALSE(IsAllowed(extension, chromium_h1, tab_id())); | 363 EXPECT_FALSE(IsAllowed(extension, chromium_h1)); |
| 343 } | 364 } |
| 344 | 365 |
| 345 TEST_F(ActiveTabTest, ChromeUrlGrants) { | 366 TEST_F(ActiveTabTest, ChromeUrlGrants) { |
| 346 GURL internal("chrome://version"); | 367 GURL internal("chrome://version"); |
| 347 NavigateAndCommit(internal); | 368 NavigateAndCommit(internal); |
| 348 active_tab_permission_granter()->GrantIfRequested( | 369 active_tab_permission_granter()->GrantIfRequested( |
| 349 extension_with_tab_capture.get()); | 370 extension_with_tab_capture.get()); |
| 350 // Do not grant tabs/hosts permissions for tab. | 371 // Do not grant tabs/hosts permissions for tab. |
| 351 EXPECT_TRUE(IsBlocked(extension_with_tab_capture, internal, tab_id())); | 372 EXPECT_TRUE(IsAllowed(extension_with_tab_capture, internal, |
| 373 PERMITTED_CAPTURE_ONLY)); |
| 352 EXPECT_TRUE(PermissionsData::HasAPIPermissionForTab( | 374 EXPECT_TRUE(PermissionsData::HasAPIPermissionForTab( |
| 353 extension_with_tab_capture.get(), | 375 extension_with_tab_capture.get(), |
| 354 tab_id(), | 376 tab_id(), |
| 355 APIPermission::kTabCaptureForTab)); | 377 APIPermission::kTabCaptureForTab)); |
| 356 | 378 |
| 357 EXPECT_TRUE(IsBlocked(extension_with_tab_capture, internal, tab_id() + 1)); | 379 EXPECT_TRUE(IsBlocked(extension_with_tab_capture, internal, tab_id() + 1)); |
| 358 EXPECT_FALSE(PermissionsData::HasAPIPermissionForTab( | 380 EXPECT_FALSE(PermissionsData::HasAPIPermissionForTab( |
| 359 extension_with_tab_capture.get(), | 381 extension_with_tab_capture.get(), |
| 360 tab_id() + 1, | 382 tab_id() + 1, |
| 361 APIPermission::kTabCaptureForTab)); | 383 APIPermission::kTabCaptureForTab)); |
| 362 } | 384 } |
| 363 | 385 |
| 364 } // namespace | 386 } // namespace |
| 365 } // namespace extensions | 387 } // namespace extensions |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 140433003:
tab capture: Change the permissions for tabs.captureVisibleTab(). (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src