OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <string> | 5 #include <string> |
6 | 6 |
7 #include "base/compiler_specific.h" | 7 #include "base/compiler_specific.h" |
8 #include "base/memory/scoped_ptr.h" | 8 #include "base/memory/scoped_ptr.h" |
9 #include "base/message_loop/message_loop.h" | 9 #include "base/message_loop/message_loop.h" |
10 #include "base/values.h" | 10 #include "base/values.h" |
(...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
50 return ExtensionBuilder() | 50 return ExtensionBuilder() |
51 .SetManifest(DictionaryBuilder() | 51 .SetManifest(DictionaryBuilder() |
52 .Set("name", "Extension with ID " + id) | 52 .Set("name", "Extension with ID " + id) |
53 .Set("version", "1.0") | 53 .Set("version", "1.0") |
54 .Set("manifest_version", 2) | 54 .Set("manifest_version", 2) |
55 .Set("permissions", permissions)) | 55 .Set("permissions", permissions)) |
56 .SetID(id) | 56 .SetID(id) |
57 .Build(); | 57 .Build(); |
58 } | 58 } |
59 | 59 |
| 60 enum PermittedFeature { |
| 61 PERMITTED_NONE, |
| 62 PERMITTED_SCRIPT_ONLY, |
| 63 PERMITTED_CAPTURE_ONLY, |
| 64 PERMITTED_BOTH |
| 65 }; |
| 66 |
60 class ActiveTabTest : public ChromeRenderViewHostTestHarness { | 67 class ActiveTabTest : public ChromeRenderViewHostTestHarness { |
61 protected: | 68 protected: |
62 ActiveTabTest() | 69 ActiveTabTest() |
63 : current_channel(chrome::VersionInfo::CHANNEL_DEV), | 70 : current_channel(chrome::VersionInfo::CHANNEL_DEV), |
64 extension(CreateTestExtension("deadbeef", true, false)), | 71 extension(CreateTestExtension("deadbeef", true, false)), |
65 another_extension(CreateTestExtension("feedbeef", true, false)), | 72 another_extension(CreateTestExtension("feedbeef", true, false)), |
66 extension_without_active_tab(CreateTestExtension("badbeef", | 73 extension_without_active_tab(CreateTestExtension("badbeef", |
67 false, | 74 false, |
68 false)), | 75 false)), |
69 extension_with_tab_capture(CreateTestExtension("cafebeef", | 76 extension_with_tab_capture(CreateTestExtension("cafebeef", |
70 true, | 77 true, |
71 true)) {} | 78 true)) {} |
72 | 79 |
73 virtual void SetUp() OVERRIDE { | 80 virtual void SetUp() OVERRIDE { |
74 ChromeRenderViewHostTestHarness::SetUp(); | 81 ChromeRenderViewHostTestHarness::SetUp(); |
75 TabHelper::CreateForWebContents(web_contents()); | 82 TabHelper::CreateForWebContents(web_contents()); |
76 } | 83 } |
77 | 84 |
78 int tab_id() { | 85 int tab_id() { |
79 return SessionID::IdForTab(web_contents()); | 86 return SessionID::IdForTab(web_contents()); |
80 } | 87 } |
81 | 88 |
82 ActiveTabPermissionGranter* active_tab_permission_granter() { | 89 ActiveTabPermissionGranter* active_tab_permission_granter() { |
83 return extensions::TabHelper::FromWebContents(web_contents())-> | 90 return extensions::TabHelper::FromWebContents(web_contents())-> |
84 active_tab_permission_granter(); | 91 active_tab_permission_granter(); |
85 } | 92 } |
86 | 93 |
87 bool IsAllowed(const scoped_refptr<const Extension>& extension, | 94 bool IsAllowed(const scoped_refptr<const Extension>& extension, |
88 const GURL& url) { | 95 const GURL& url) { |
89 return IsAllowed(extension, url, tab_id()); | 96 return IsAllowed(extension, url, PERMITTED_BOTH, tab_id()); |
90 } | 97 } |
91 | 98 |
92 bool IsAllowed(const scoped_refptr<const Extension>& extension, | 99 bool IsAllowed(const scoped_refptr<const Extension>& extension, |
93 const GURL& url, | 100 const GURL& url, |
| 101 PermittedFeature feature) { |
| 102 return IsAllowed(extension, url, feature, tab_id()); |
| 103 } |
| 104 |
| 105 bool IsAllowed(const scoped_refptr<const Extension>& extension, |
| 106 const GURL& url, |
| 107 PermittedFeature feature, |
94 int tab_id) { | 108 int tab_id) { |
95 return PermissionsData::CanExecuteScriptOnPage( | 109 bool script = PermissionsData::CanExecuteScriptOnPage( |
96 extension.get(), url, url, tab_id, NULL, -1, NULL) && | 110 extension.get(), url, url, tab_id, NULL, -1, NULL); |
97 PermissionsData::CanCaptureVisiblePage( | 111 bool capture = HasTabsPermission(extension, tab_id) && |
98 extension.get(), url, tab_id, NULL) && | 112 PermissionsData::CanCaptureVisiblePage(extension.get(), tab_id, NULL); |
99 HasTabsPermission(extension, tab_id); | 113 switch (feature) { |
| 114 case PERMITTED_SCRIPT_ONLY: |
| 115 return script && !capture; |
| 116 case PERMITTED_CAPTURE_ONLY: |
| 117 return capture && !script; |
| 118 case PERMITTED_BOTH: |
| 119 return script && capture; |
| 120 case PERMITTED_NONE: |
| 121 return !script && !capture; |
| 122 } |
| 123 NOTREACHED(); |
| 124 return false; |
100 } | 125 } |
101 | 126 |
102 bool IsBlocked(const scoped_refptr<const Extension>& extension, | 127 bool IsBlocked(const scoped_refptr<const Extension>& extension, |
103 const GURL& url) { | 128 const GURL& url) { |
104 return IsBlocked(extension, url, tab_id()); | 129 return IsBlocked(extension, url, tab_id()); |
105 } | 130 } |
106 | 131 |
107 bool IsBlocked(const scoped_refptr<const Extension>& extension, | 132 bool IsBlocked(const scoped_refptr<const Extension>& extension, |
108 const GURL& url, | 133 const GURL& url, |
109 int tab_id) { | 134 int tab_id) { |
110 // Note: can't check HasTabsPermission because it isn't URL specific. | 135 return IsAllowed(extension, url, PERMITTED_NONE, tab_id); |
111 return !PermissionsData::CanExecuteScriptOnPage( | |
112 extension.get(), url, url, tab_id, NULL, -1, NULL) && | |
113 !PermissionsData::CanCaptureVisiblePage( | |
114 extension.get(), url, tab_id, NULL); | |
115 } | 136 } |
116 | 137 |
117 bool HasTabsPermission(const scoped_refptr<const Extension>& extension) { | 138 bool HasTabsPermission(const scoped_refptr<const Extension>& extension) { |
118 return HasTabsPermission(extension, tab_id()); | 139 return HasTabsPermission(extension, tab_id()); |
119 } | 140 } |
120 | 141 |
121 bool HasTabsPermission(const scoped_refptr<const Extension>& extension, | 142 bool HasTabsPermission(const scoped_refptr<const Extension>& extension, |
122 int tab_id) { | 143 int tab_id) { |
123 return PermissionsData::HasAPIPermissionForTab( | 144 return PermissionsData::HasAPIPermissionForTab( |
124 extension.get(), tab_id, APIPermission::kTab); | 145 extension.get(), tab_id, APIPermission::kTab); |
(...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
166 extension_without_active_tab.get()); | 187 extension_without_active_tab.get()); |
167 | 188 |
168 // Granted to extension and extension_without_active_tab, but the latter | 189 // Granted to extension and extension_without_active_tab, but the latter |
169 // doesn't have the activeTab permission so not granted. | 190 // doesn't have the activeTab permission so not granted. |
170 EXPECT_TRUE(IsAllowed(extension, google)); | 191 EXPECT_TRUE(IsAllowed(extension, google)); |
171 EXPECT_TRUE(IsBlocked(another_extension, google)); | 192 EXPECT_TRUE(IsBlocked(another_extension, google)); |
172 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google)); | 193 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google)); |
173 | 194 |
174 // Other subdomains shouldn't be given access. | 195 // Other subdomains shouldn't be given access. |
175 GURL mail_google("http://mail.google.com"); | 196 GURL mail_google("http://mail.google.com"); |
176 EXPECT_TRUE(IsBlocked(extension, mail_google)); | 197 EXPECT_TRUE(IsAllowed(extension, mail_google, PERMITTED_CAPTURE_ONLY)); |
177 EXPECT_TRUE(IsBlocked(another_extension, mail_google)); | 198 EXPECT_TRUE(IsBlocked(another_extension, mail_google)); |
178 EXPECT_TRUE(IsBlocked(extension_without_active_tab, mail_google)); | 199 EXPECT_TRUE(IsBlocked(extension_without_active_tab, mail_google)); |
179 | 200 |
180 // Reloading the page should clear the active permissions. | 201 // Reloading the page should clear the active permissions. |
181 Reload(); | 202 Reload(); |
182 | 203 |
183 EXPECT_TRUE(IsBlocked(extension, google)); | 204 EXPECT_TRUE(IsBlocked(extension, google)); |
184 EXPECT_TRUE(IsBlocked(another_extension, google)); | 205 EXPECT_TRUE(IsBlocked(another_extension, google)); |
185 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google)); | 206 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google)); |
186 | 207 |
(...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
226 EXPECT_FALSE(HasTabsPermission(another_extension)); | 247 EXPECT_FALSE(HasTabsPermission(another_extension)); |
227 EXPECT_FALSE(HasTabsPermission(extension_without_active_tab)); | 248 EXPECT_FALSE(HasTabsPermission(extension_without_active_tab)); |
228 | 249 |
229 // Should be able to grant to multiple extensions at the same time (if they | 250 // Should be able to grant to multiple extensions at the same time (if they |
230 // have the activeTab permission, of course). | 251 // have the activeTab permission, of course). |
231 active_tab_permission_granter()->GrantIfRequested(extension.get()); | 252 active_tab_permission_granter()->GrantIfRequested(extension.get()); |
232 active_tab_permission_granter()->GrantIfRequested(another_extension.get()); | 253 active_tab_permission_granter()->GrantIfRequested(another_extension.get()); |
233 active_tab_permission_granter()->GrantIfRequested( | 254 active_tab_permission_granter()->GrantIfRequested( |
234 extension_without_active_tab.get()); | 255 extension_without_active_tab.get()); |
235 | 256 |
236 EXPECT_TRUE(IsBlocked(extension, google)); | 257 EXPECT_TRUE(IsAllowed(extension, google, PERMITTED_CAPTURE_ONLY)); |
237 EXPECT_TRUE(IsBlocked(another_extension, google)); | 258 EXPECT_TRUE(IsAllowed(another_extension, google, PERMITTED_CAPTURE_ONLY)); |
238 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google)); | 259 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google)); |
239 | 260 |
240 EXPECT_TRUE(IsAllowed(extension, chromium)); | 261 EXPECT_TRUE(IsAllowed(extension, chromium)); |
241 EXPECT_TRUE(IsAllowed(another_extension, chromium)); | 262 EXPECT_TRUE(IsAllowed(another_extension, chromium)); |
242 EXPECT_TRUE(IsBlocked(extension_without_active_tab, chromium)); | 263 EXPECT_TRUE(IsBlocked(extension_without_active_tab, chromium)); |
243 | 264 |
244 // Should be able to go back to URLs that were previously cleared. | 265 // Should be able to go back to URLs that were previously cleared. |
245 NavigateAndCommit(google); | 266 NavigateAndCommit(google); |
246 | 267 |
247 active_tab_permission_granter()->GrantIfRequested(extension.get()); | 268 active_tab_permission_granter()->GrantIfRequested(extension.get()); |
248 active_tab_permission_granter()->GrantIfRequested(another_extension.get()); | 269 active_tab_permission_granter()->GrantIfRequested(another_extension.get()); |
249 active_tab_permission_granter()->GrantIfRequested( | 270 active_tab_permission_granter()->GrantIfRequested( |
250 extension_without_active_tab.get()); | 271 extension_without_active_tab.get()); |
251 | 272 |
252 EXPECT_TRUE(IsAllowed(extension, google)); | 273 EXPECT_TRUE(IsAllowed(extension, google)); |
253 EXPECT_TRUE(IsAllowed(another_extension, google)); | 274 EXPECT_TRUE(IsAllowed(another_extension, google)); |
254 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google)); | 275 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google)); |
255 | 276 |
256 EXPECT_TRUE(IsBlocked(extension, chromium)); | 277 EXPECT_TRUE(IsAllowed(extension, chromium, PERMITTED_CAPTURE_ONLY)); |
257 EXPECT_TRUE(IsBlocked(another_extension, chromium)); | 278 EXPECT_TRUE(IsAllowed(another_extension, chromium, PERMITTED_CAPTURE_ONLY)); |
258 EXPECT_TRUE(IsBlocked(extension_without_active_tab, chromium)); | 279 EXPECT_TRUE(IsBlocked(extension_without_active_tab, chromium)); |
259 }; | 280 }; |
260 | 281 |
261 TEST_F(ActiveTabTest, Uninstalling) { | 282 TEST_F(ActiveTabTest, Uninstalling) { |
262 // Some semi-arbitrary setup. | 283 // Some semi-arbitrary setup. |
263 GURL google("http://www.google.com"); | 284 GURL google("http://www.google.com"); |
264 NavigateAndCommit(google); | 285 NavigateAndCommit(google); |
265 | 286 |
266 active_tab_permission_granter()->GrantIfRequested(extension.get()); | 287 active_tab_permission_granter()->GrantIfRequested(extension.get()); |
267 | 288 |
(...skipping 19 matching lines...) Expand all Loading... |
287 EXPECT_TRUE(IsGrantedForTab(extension.get(), web_contents())); | 308 EXPECT_TRUE(IsGrantedForTab(extension.get(), web_contents())); |
288 EXPECT_TRUE(IsAllowed(extension, google)); | 309 EXPECT_TRUE(IsAllowed(extension, google)); |
289 } | 310 } |
290 | 311 |
291 TEST_F(ActiveTabTest, OnlyActiveTab) { | 312 TEST_F(ActiveTabTest, OnlyActiveTab) { |
292 GURL google("http://www.google.com"); | 313 GURL google("http://www.google.com"); |
293 NavigateAndCommit(google); | 314 NavigateAndCommit(google); |
294 | 315 |
295 active_tab_permission_granter()->GrantIfRequested(extension.get()); | 316 active_tab_permission_granter()->GrantIfRequested(extension.get()); |
296 | 317 |
297 EXPECT_TRUE(IsAllowed(extension, google, tab_id())); | 318 EXPECT_TRUE(IsAllowed(extension, google, PERMITTED_BOTH, tab_id())); |
298 EXPECT_TRUE(IsBlocked(extension, google, tab_id() + 1)); | 319 EXPECT_TRUE(IsBlocked(extension, google, tab_id() + 1)); |
299 EXPECT_FALSE(HasTabsPermission(extension, tab_id() + 1)); | 320 EXPECT_FALSE(HasTabsPermission(extension, tab_id() + 1)); |
300 } | 321 } |
301 | 322 |
302 TEST_F(ActiveTabTest, NavigateInPage) { | 323 TEST_F(ActiveTabTest, NavigateInPage) { |
303 GURL google("http://www.google.com"); | 324 GURL google("http://www.google.com"); |
304 NavigateAndCommit(google); | 325 NavigateAndCommit(google); |
305 | 326 |
306 active_tab_permission_granter()->GrantIfRequested(extension.get()); | 327 active_tab_permission_granter()->GrantIfRequested(extension.get()); |
307 | 328 |
308 // Perform an in-page navigation. The extension should not lose the temporary | 329 // Perform an in-page navigation. The extension should not lose the temporary |
309 // permission. | 330 // permission. |
310 GURL google_h1("http://www.google.com#h1"); | 331 GURL google_h1("http://www.google.com#h1"); |
311 NavigateAndCommit(google_h1); | 332 NavigateAndCommit(google_h1); |
312 | 333 |
313 EXPECT_TRUE(IsAllowed(extension, google, tab_id())); | 334 EXPECT_TRUE(IsAllowed(extension, google)); |
314 EXPECT_TRUE(IsAllowed(extension, google_h1, tab_id())); | 335 EXPECT_TRUE(IsAllowed(extension, google_h1)); |
315 | 336 |
316 GURL chromium("http://www.chromium.org"); | 337 GURL chromium("http://www.chromium.org"); |
317 NavigateAndCommit(chromium); | 338 NavigateAndCommit(chromium); |
318 | 339 |
319 EXPECT_FALSE(IsAllowed(extension, google, tab_id())); | 340 EXPECT_FALSE(IsAllowed(extension, google)); |
320 EXPECT_FALSE(IsAllowed(extension, google_h1, tab_id())); | 341 EXPECT_FALSE(IsAllowed(extension, google_h1)); |
321 EXPECT_FALSE(IsAllowed(extension, chromium, tab_id())); | 342 EXPECT_FALSE(IsAllowed(extension, chromium)); |
322 | 343 |
323 active_tab_permission_granter()->GrantIfRequested(extension.get()); | 344 active_tab_permission_granter()->GrantIfRequested(extension.get()); |
324 | 345 |
325 EXPECT_FALSE(IsAllowed(extension, google, tab_id())); | 346 EXPECT_FALSE(IsAllowed(extension, google)); |
326 EXPECT_FALSE(IsAllowed(extension, google_h1, tab_id())); | 347 EXPECT_FALSE(IsAllowed(extension, google_h1)); |
327 EXPECT_TRUE(IsAllowed(extension, chromium, tab_id())); | 348 EXPECT_TRUE(IsAllowed(extension, chromium)); |
328 | 349 |
329 GURL chromium_h1("http://www.chromium.org#h1"); | 350 GURL chromium_h1("http://www.chromium.org#h1"); |
330 NavigateAndCommit(chromium_h1); | 351 NavigateAndCommit(chromium_h1); |
331 | 352 |
332 EXPECT_FALSE(IsAllowed(extension, google, tab_id())); | 353 EXPECT_FALSE(IsAllowed(extension, google)); |
333 EXPECT_FALSE(IsAllowed(extension, google_h1, tab_id())); | 354 EXPECT_FALSE(IsAllowed(extension, google_h1)); |
334 EXPECT_TRUE(IsAllowed(extension, chromium, tab_id())); | 355 EXPECT_TRUE(IsAllowed(extension, chromium)); |
335 EXPECT_TRUE(IsAllowed(extension, chromium_h1, tab_id())); | 356 EXPECT_TRUE(IsAllowed(extension, chromium_h1)); |
336 | 357 |
337 Reload(); | 358 Reload(); |
338 | 359 |
339 EXPECT_FALSE(IsAllowed(extension, google, tab_id())); | 360 EXPECT_FALSE(IsAllowed(extension, google)); |
340 EXPECT_FALSE(IsAllowed(extension, google_h1, tab_id())); | 361 EXPECT_FALSE(IsAllowed(extension, google_h1)); |
341 EXPECT_FALSE(IsAllowed(extension, chromium, tab_id())); | 362 EXPECT_FALSE(IsAllowed(extension, chromium)); |
342 EXPECT_FALSE(IsAllowed(extension, chromium_h1, tab_id())); | 363 EXPECT_FALSE(IsAllowed(extension, chromium_h1)); |
343 } | 364 } |
344 | 365 |
345 TEST_F(ActiveTabTest, ChromeUrlGrants) { | 366 TEST_F(ActiveTabTest, ChromeUrlGrants) { |
346 GURL internal("chrome://version"); | 367 GURL internal("chrome://version"); |
347 NavigateAndCommit(internal); | 368 NavigateAndCommit(internal); |
348 active_tab_permission_granter()->GrantIfRequested( | 369 active_tab_permission_granter()->GrantIfRequested( |
349 extension_with_tab_capture.get()); | 370 extension_with_tab_capture.get()); |
350 // Do not grant tabs/hosts permissions for tab. | 371 // Do not grant tabs/hosts permissions for tab. |
351 EXPECT_TRUE(IsBlocked(extension_with_tab_capture, internal, tab_id())); | 372 EXPECT_TRUE(IsAllowed(extension_with_tab_capture, internal, |
| 373 PERMITTED_CAPTURE_ONLY)); |
352 EXPECT_TRUE(PermissionsData::HasAPIPermissionForTab( | 374 EXPECT_TRUE(PermissionsData::HasAPIPermissionForTab( |
353 extension_with_tab_capture.get(), | 375 extension_with_tab_capture.get(), |
354 tab_id(), | 376 tab_id(), |
355 APIPermission::kTabCaptureForTab)); | 377 APIPermission::kTabCaptureForTab)); |
356 | 378 |
357 EXPECT_TRUE(IsBlocked(extension_with_tab_capture, internal, tab_id() + 1)); | 379 EXPECT_TRUE(IsBlocked(extension_with_tab_capture, internal, tab_id() + 1)); |
358 EXPECT_FALSE(PermissionsData::HasAPIPermissionForTab( | 380 EXPECT_FALSE(PermissionsData::HasAPIPermissionForTab( |
359 extension_with_tab_capture.get(), | 381 extension_with_tab_capture.get(), |
360 tab_id() + 1, | 382 tab_id() + 1, |
361 APIPermission::kTabCaptureForTab)); | 383 APIPermission::kTabCaptureForTab)); |
362 } | 384 } |
363 | 385 |
364 } // namespace | 386 } // namespace |
365 } // namespace extensions | 387 } // namespace extensions |
OLD | NEW |