Chromium Code Reviews Chromium Code Reviews
Issue 1550723003:
Adapt MixedContentChecker for remote frames (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/site_per_process_browsertest.h" | 5 #include "content/browser/site_per_process_browsertest.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 #include <stdint.h> | 8 #include <stdint.h> |
| 9 | 9 |
| 10 #include <algorithm> | 10 #include <algorithm> |
| (...skipping 587 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 598 SitePerProcessHighDPIBrowserTest() {} | 598 SitePerProcessHighDPIBrowserTest() {} |
| 599 | 599 |
| 600 protected: | 600 protected: |
| 601 void SetUpCommandLine(base::CommandLine* command_line) override { | 601 void SetUpCommandLine(base::CommandLine* command_line) override { |
| 602 SitePerProcessBrowserTest::SetUpCommandLine(command_line); | 602 SitePerProcessBrowserTest::SetUpCommandLine(command_line); |
| 603 command_line->AppendSwitchASCII(switches::kForceDeviceScaleFactor, | 603 command_line->AppendSwitchASCII(switches::kForceDeviceScaleFactor, |
| 604 base::StringPrintf("2")); | 604 base::StringPrintf("2")); |
| 605 } | 605 } |
| 606 }; | 606 }; |
| 607 | 607 |
| 608 // SitePerProcessIgnoreCertErrorsBrowserTest | |
| 609 | |
| 610 class SitePerProcessIgnoreCertErrorsBrowserTest | |
| 611 : public SitePerProcessBrowserTest { | |
| 612 public: | |
| 613 SitePerProcessIgnoreCertErrorsBrowserTest() {} | |
| 614 | |
| 615 protected: | |
| 616 void SetUpCommandLine(base::CommandLine* command_line) override { | |
| 617 SitePerProcessBrowserTest::SetUpCommandLine(command_line); | |
| 618 command_line->AppendSwitch(switches::kIgnoreCertificateErrors); | |
| 619 } | |
| 620 }; | |
| 621 | |
| 608 // Ensure that navigating subframes in --site-per-process mode works and the | 622 // Ensure that navigating subframes in --site-per-process mode works and the |
| 609 // correct documents are committed. | 623 // correct documents are committed. |
| 610 IN_PROC_BROWSER_TEST_F(SitePerProcessBrowserTest, CrossSiteIframe) { | 624 IN_PROC_BROWSER_TEST_F(SitePerProcessBrowserTest, CrossSiteIframe) { |
| 611 GURL main_url(embedded_test_server()->GetURL( | 625 GURL main_url(embedded_test_server()->GetURL( |
| 612 "a.com", "/cross_site_iframe_factory.html?a(a,a(a,a(a)))")); | 626 "a.com", "/cross_site_iframe_factory.html?a(a,a(a,a(a)))")); |
| 613 NavigateToURL(shell(), main_url); | 627 NavigateToURL(shell(), main_url); |
| 614 | 628 |
| 615 // It is safe to obtain the root frame tree node here, as it doesn't change. | 629 // It is safe to obtain the root frame tree node here, as it doesn't change. |
| 616 FrameTreeNode* root = | 630 FrameTreeNode* root = |
| 617 static_cast<WebContentsImpl*>(shell()->web_contents())-> | 631 static_cast<WebContentsImpl*>(shell()->web_contents())-> |
| (...skipping 4232 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 4850 // grandchild frame should not be sandboxed. | 4864 // grandchild frame should not be sandboxed. |
| 4851 EXPECT_EQ(blink::WebSandboxFlags::None, grandchild->pending_sandbox_flags()); | 4865 EXPECT_EQ(blink::WebSandboxFlags::None, grandchild->pending_sandbox_flags()); |
| 4852 EXPECT_EQ(blink::WebSandboxFlags::None, | 4866 EXPECT_EQ(blink::WebSandboxFlags::None, |
| 4853 grandchild->effective_sandbox_flags()); | 4867 grandchild->effective_sandbox_flags()); |
| 4854 | 4868 |
| 4855 // Check that the grandchild frame isn't sandboxed on the renderer side. If | 4869 // Check that the grandchild frame isn't sandboxed on the renderer side. If |
| 4856 // sandboxed, its origin would be unique ("null"). | 4870 // sandboxed, its origin would be unique ("null"). |
| 4857 EXPECT_EQ(frame_url.GetOrigin().spec(), GetDocumentOrigin(grandchild) + "/"); | 4871 EXPECT_EQ(frame_url.GetOrigin().spec(), GetDocumentOrigin(grandchild) + "/"); |
| 4858 } | 4872 } |
| 4859 | 4873 |
| 4874 IN_PROC_BROWSER_TEST_F(SitePerProcessBrowserTest, PassiveMixedContent) { | |
| 4875 net::EmbeddedTestServer https_server(net::EmbeddedTestServer::TYPE_HTTPS); | |
| 4876 https_server.ServeFilesFromSourceDirectory("content/test/data"); | |
| 4877 ASSERT_TRUE(https_server.Start()); | |
| 4878 | |
| 4879 GURL url(https_server.GetURL("/mixed-content/basic-passive.html")); | |
| 4880 NavigateToURL(shell(), url); | |
| 4881 EXPECT_TRUE(shell()->web_contents()->DisplayedInsecureContent()); | |
| 4882 } | |
| 4883 | |
| 4884 // Tests that the WebContents is notified when passive mixed content is | |
| 4885 // displayed in an OOPIF. The test ignores cert errors so that an HTTPS | |
| 4886 // iframe can be loaded from a site other than localhost (the | |
| 4887 // EmbeddedTestServer serves a certificate that is valid for localhost). | |
| 4888 IN_PROC_BROWSER_TEST_F(SitePerProcessIgnoreCertErrorsBrowserTest, | |
| 4889 PassiveMixedContentInIframe) { | |
| 4890 net::EmbeddedTestServer https_server(net::EmbeddedTestServer::TYPE_HTTPS); | |
| 4891 https_server.ServeFilesFromSourceDirectory("content/test/data"); | |
| 4892 ASSERT_TRUE(https_server.Start()); | |
| 4893 SetupCrossSiteRedirector(&https_server); | |
| 4894 | |
| 4895 GURL iframe_url( | |
| 4896 https_server.GetURL("/mixed-content/basic-passive-in-iframe.html")); | |
| 4897 NavigateToURL(shell(), iframe_url); | |
|
alexmos
2016/01/20 22:43:55
nit: EXPECT_TRUE (for this and other uses of Navig
estark
2016/01/21 04:40:13
Done.
| |
| 4898 EXPECT_TRUE(shell()->web_contents()->DisplayedInsecureContent()); | |
| 4899 | |
| 4900 // When the subframe navigates, the WebContents should still be marked | |
| 4901 // as having displayed insecure content. | |
| 4902 GURL navigate_url(https_server.GetURL("/title1.html")); | |
|
alexmos
2016/01/20 22:43:55
nit: maybe use GetURL("b.com","/title1.html") to e
estark
2016/01/21 04:40:13
Done.
| |
| 4903 FrameTreeNode* root = static_cast<WebContentsImpl*>(shell()->web_contents()) | |
| 4904 ->GetFrameTree() | |
| 4905 ->root(); | |
| 4906 NavigateFrameToURL(root->child_at(0), navigate_url); | |
| 4907 EXPECT_TRUE(shell()->web_contents()->DisplayedInsecureContent()); | |
| 4908 | |
| 4909 // When the main frame navigates, it should no longer be marked as | |
| 4910 // displaying insecure content. | |
| 4911 NavigateToURL(shell(), navigate_url); | |
| 4912 EXPECT_FALSE(shell()->web_contents()->DisplayedInsecureContent()); | |
| 4913 } | |
| 4914 | |
| 4915 // Tests that, when a parent frame is set to strictly block mixed | |
| 4916 // content via Content Security Policy, child OOPIFs cannot display | |
| 4917 // mixed content. | |
| 4918 IN_PROC_BROWSER_TEST_F(SitePerProcessIgnoreCertErrorsBrowserTest, | |
| 4919 PassiveMixedContentInIframeWithStrictBlocking) { | |
| 4920 net::EmbeddedTestServer https_server(net::EmbeddedTestServer::TYPE_HTTPS); | |
| 4921 https_server.ServeFilesFromSourceDirectory("content/test/data"); | |
| 4922 ASSERT_TRUE(https_server.Start()); | |
| 4923 SetupCrossSiteRedirector(&https_server); | |
| 4924 | |
| 4925 GURL iframe_url_with_strict_blocking(https_server.GetURL( | |
| 4926 "/mixed-content/basic-passive-in-iframe-with-strict-blocking.html")); | |
| 4927 NavigateToURL(shell(), iframe_url_with_strict_blocking); | |
| 4928 EXPECT_FALSE(shell()->web_contents()->DisplayedInsecureContent()); | |
| 4929 | |
| 4930 FrameTreeNode* root = static_cast<WebContentsImpl*>(shell()->web_contents()) | |
| 4931 ->GetFrameTree() | |
| 4932 ->root(); | |
| 4933 EXPECT_TRUE(root->current_replication_state() | |
| 4934 .should_enforce_strict_mixed_content_checking); | |
| 4935 EXPECT_TRUE(root->child_at(0) | |
| 4936 ->current_replication_state() | |
| 4937 .should_enforce_strict_mixed_content_checking); | |
| 4938 | |
| 4939 // When the subframe navigates, it should still be marked as enforcing | |
| 4940 // strict mixed content. | |
| 4941 GURL navigate_url(https_server.GetURL("/title1.html")); | |
| 4942 NavigateFrameToURL(root->child_at(0), navigate_url); | |
| 4943 EXPECT_TRUE(root->current_replication_state() | |
| 4944 .should_enforce_strict_mixed_content_checking); | |
| 4945 EXPECT_TRUE(root->child_at(0) | |
| 4946 ->current_replication_state() | |
| 4947 .should_enforce_strict_mixed_content_checking); | |
| 4948 | |
| 4949 // When the main frame navigates, it should no longer be marked as | |
| 4950 // enforcing strict mixed content. | |
| 4951 NavigateToURL(shell(), navigate_url); | |
| 4952 EXPECT_FALSE(root->current_replication_state() | |
| 4953 .should_enforce_strict_mixed_content_checking); | |
| 4954 } | |
| 4955 | |
| 4860 } // namespace content | 4956 } // namespace content |
| OLD | NEW |
