Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(602)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/browser/frame_host/navigation_controller_impl_unittest.cc

Issue 1457053004: Fix in-page logic for allow_universal_access_from_files. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Fixes from review Created 5 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « content/browser/frame_host/navigation_controller_impl.cc ('k') | content/test/test_render_frame_host.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/browser/frame_host/navigation_controller_impl_unittest.cc
diff --git a/content/browser/frame_host/navigation_controller_impl_unittest.cc b/content/browser/frame_host/navigation_controller_impl_unittest.cc
index 1cc78031a3027189e060f2b53dd8a31a3f5e1ebf..44b1acb9a69b2ff32322180830c98ada35b0ea05 100644
--- a/content/browser/frame_host/navigation_controller_impl_unittest.cc
+++ b/content/browser/frame_host/navigation_controller_impl_unittest.cc
@@ -3605,6 +3605,21 @@ TEST_F(NavigationControllerTest, IsInPageNavigation) {
EXPECT_TRUE(controller.IsURLInPageNavigation(other_url, true,
main_test_rfh()));
+ // Don't believe the renderer if it claims a cross-origin navigation is
+ // in-page.
+ const GURL different_origin_url("http://www.example.com");
+ MockRenderProcessHost* rph = main_test_rfh()->GetProcess();
+ EXPECT_EQ(0, rph->bad_msg_count());
+ EXPECT_FALSE(controller.IsURLInPageNavigation(different_origin_url, true,
+ main_test_rfh()));
+ EXPECT_EQ(1, rph->bad_msg_count());
+}
+
+// Tests that IsInPageNavigation behaves properly with the
+// allow_universal_access_from_file_urls flag.
+TEST_F(NavigationControllerTest, IsInPageNavigationWithUniversalFileAccess) {
+ NavigationControllerImpl& controller = controller_impl();
+
// Test allow_universal_access_from_file_urls flag.
const GURL different_origin_url("http://www.example.com");
MockRenderProcessHost* rph = main_test_rfh()->GetProcess();
@@ -3613,32 +3628,51 @@ TEST_F(NavigationControllerTest, IsInPageNavigation) {
test_rvh()->UpdateWebkitPreferences(prefs);
prefs = test_rvh()->GetWebkitPreferences();
EXPECT_TRUE(prefs.allow_universal_access_from_file_urls);
- // Allow in page navigation if existing URL is file scheme.
+
+ // Allow in page navigation to be cross-origin if existing URL is file scheme.
const GURL file_url("file:///foo/index.html");
- main_test_rfh()->NavigateAndCommitRendererInitiated(0, false, file_url);
+ const url::Origin file_origin(file_url);
+ main_test_rfh()->NavigateAndCommitRendererInitiated(0, true, file_url);
+ EXPECT_TRUE(file_origin.IsSameOriginWith(
+ main_test_rfh()->frame_tree_node()->current_origin()));
EXPECT_EQ(0, rph->bad_msg_count());
EXPECT_TRUE(controller.IsURLInPageNavigation(different_origin_url, true,
main_test_rfh()));
EXPECT_EQ(0, rph->bad_msg_count());
- // Don't honor allow_universal_access_from_file_urls if existing URL is
- // not file scheme.
- main_test_rfh()->NavigateAndCommitRendererInitiated(0, false, url);
- EXPECT_FALSE(controller.IsURLInPageNavigation(different_origin_url, true,
- main_test_rfh()));
- EXPECT_EQ(1, rph->bad_msg_count());
- // Remove allow_universal_access_from_file_urls flag.
- prefs.allow_universal_access_from_file_urls = false;
- test_rvh()->UpdateWebkitPreferences(prefs);
- prefs = test_rvh()->GetWebkitPreferences();
- EXPECT_FALSE(prefs.allow_universal_access_from_file_urls);
+ // Doing a replaceState to a cross-origin URL is thus allowed.
+ FrameHostMsg_DidCommitProvisionalLoad_Params params;
+ params.page_id = 1;
+ params.nav_entry_id = 1;
+ params.did_create_new_entry = false;
+ params.url = different_origin_url;
+ params.origin = file_origin;
+ params.transition = ui::PAGE_TRANSITION_LINK;
+ params.gesture = NavigationGestureUser;
+ params.page_state = PageState::CreateFromURL(different_origin_url);
+ params.was_within_same_page = true;
+ params.is_post = false;
+ params.post_id = -1;
+ main_test_rfh()->SendRendererInitiatedNavigationRequest(different_origin_url,
+ false);
+ main_test_rfh()->PrepareForCommit();
+ contents()->GetMainFrame()->SendNavigateWithParams(&params);
- // Don't believe the renderer if it claims a cross-origin navigation is
- // in-page.
- EXPECT_EQ(1, rph->bad_msg_count());
+ // At this point, we should still consider the current origin to be file://,
+ // so that a file URL would still be in-page. See https://crbug.com/553418.
+ EXPECT_TRUE(file_origin.IsSameOriginWith(
+ main_test_rfh()->frame_tree_node()->current_origin()));
+ EXPECT_TRUE(
+ controller.IsURLInPageNavigation(file_url, true, main_test_rfh()));
+ EXPECT_EQ(0, rph->bad_msg_count());
+
+ // Don't honor allow_universal_access_from_file_urls if actual URL is
+ // not file scheme.
+ const GURL url("http://www.google.com/home.html");
+ main_test_rfh()->NavigateAndCommitRendererInitiated(2, true, url);
EXPECT_FALSE(controller.IsURLInPageNavigation(different_origin_url, true,
main_test_rfh()));
- EXPECT_EQ(2, rph->bad_msg_count());
+ EXPECT_EQ(1, rph->bad_msg_count());
}
// Some pages can have subframes with the same base URL (minus the reference) as
« no previous file with comments | « content/browser/frame_host/navigation_controller_impl.cc ('k') | content/test/test_render_frame_host.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698