| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/site_per_process_browsertest.h" | 5 #include "content/browser/site_per_process_browsertest.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 #include <stdint.h> | 8 #include <stdint.h> |
| 9 | 9 |
| 10 #include <algorithm> | 10 #include <algorithm> |
| (...skipping 587 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 598 SitePerProcessHighDPIBrowserTest() {} | 598 SitePerProcessHighDPIBrowserTest() {} |
| 599 | 599 |
| 600 protected: | 600 protected: |
| 601 void SetUpCommandLine(base::CommandLine* command_line) override { | 601 void SetUpCommandLine(base::CommandLine* command_line) override { |
| 602 SitePerProcessBrowserTest::SetUpCommandLine(command_line); | 602 SitePerProcessBrowserTest::SetUpCommandLine(command_line); |
| 603 command_line->AppendSwitchASCII(switches::kForceDeviceScaleFactor, | 603 command_line->AppendSwitchASCII(switches::kForceDeviceScaleFactor, |
| 604 base::StringPrintf("2")); | 604 base::StringPrintf("2")); |
| 605 } | 605 } |
| 606 }; | 606 }; |
| 607 | 607 |
| 608 // SitePerProcessIgnoreCertErrorsBrowserTest |
| 609 |
| 610 class SitePerProcessIgnoreCertErrorsBrowserTest |
| 611 : public SitePerProcessBrowserTest { |
| 612 public: |
| 613 SitePerProcessIgnoreCertErrorsBrowserTest() {} |
| 614 |
| 615 protected: |
| 616 void SetUpCommandLine(base::CommandLine* command_line) override { |
| 617 SitePerProcessBrowserTest::SetUpCommandLine(command_line); |
| 618 command_line->AppendSwitch(switches::kIgnoreCertificateErrors); |
| 619 } |
| 620 }; |
| 621 |
| 608 // Ensure that navigating subframes in --site-per-process mode works and the | 622 // Ensure that navigating subframes in --site-per-process mode works and the |
| 609 // correct documents are committed. | 623 // correct documents are committed. |
| 610 IN_PROC_BROWSER_TEST_F(SitePerProcessBrowserTest, CrossSiteIframe) { | 624 IN_PROC_BROWSER_TEST_F(SitePerProcessBrowserTest, CrossSiteIframe) { |
| 611 GURL main_url(embedded_test_server()->GetURL( | 625 GURL main_url(embedded_test_server()->GetURL( |
| 612 "a.com", "/cross_site_iframe_factory.html?a(a,a(a,a(a)))")); | 626 "a.com", "/cross_site_iframe_factory.html?a(a,a(a,a(a)))")); |
| 613 NavigateToURL(shell(), main_url); | 627 NavigateToURL(shell(), main_url); |
| 614 | 628 |
| 615 // It is safe to obtain the root frame tree node here, as it doesn't change. | 629 // It is safe to obtain the root frame tree node here, as it doesn't change. |
| 616 FrameTreeNode* root = | 630 FrameTreeNode* root = |
| 617 static_cast<WebContentsImpl*>(shell()->web_contents())-> | 631 static_cast<WebContentsImpl*>(shell()->web_contents())-> |
| (...skipping 4232 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 4850 // grandchild frame should not be sandboxed. | 4864 // grandchild frame should not be sandboxed. |
| 4851 EXPECT_EQ(blink::WebSandboxFlags::None, grandchild->pending_sandbox_flags()); | 4865 EXPECT_EQ(blink::WebSandboxFlags::None, grandchild->pending_sandbox_flags()); |
| 4852 EXPECT_EQ(blink::WebSandboxFlags::None, | 4866 EXPECT_EQ(blink::WebSandboxFlags::None, |
| 4853 grandchild->effective_sandbox_flags()); | 4867 grandchild->effective_sandbox_flags()); |
| 4854 | 4868 |
| 4855 // Check that the grandchild frame isn't sandboxed on the renderer side. If | 4869 // Check that the grandchild frame isn't sandboxed on the renderer side. If |
| 4856 // sandboxed, its origin would be unique ("null"). | 4870 // sandboxed, its origin would be unique ("null"). |
| 4857 EXPECT_EQ(frame_url.GetOrigin().spec(), GetDocumentOrigin(grandchild) + "/"); | 4871 EXPECT_EQ(frame_url.GetOrigin().spec(), GetDocumentOrigin(grandchild) + "/"); |
| 4858 } | 4872 } |
| 4859 | 4873 |
| 4874 // Tests that the WebContents is notified when passive mixed content is |
| 4875 // displayed in an OOPIF. The test ignores cert errors so that an HTTPS |
| 4876 // iframe can be loaded from a site other than localhost (the |
| 4877 // EmbeddedTestServer serves a certificate that is valid for localhost). |
| 4878 IN_PROC_BROWSER_TEST_F(SitePerProcessIgnoreCertErrorsBrowserTest, |
| 4879 PassiveMixedContentInIframe) { |
| 4880 net::EmbeddedTestServer https_server(net::EmbeddedTestServer::TYPE_HTTPS); |
| 4881 https_server.ServeFilesFromSourceDirectory("content/test/data"); |
| 4882 ASSERT_TRUE(https_server.Start()); |
| 4883 SetupCrossSiteRedirector(&https_server); |
| 4884 |
| 4885 GURL iframe_url( |
| 4886 https_server.GetURL("/mixed-content/basic-passive-in-iframe.html")); |
| 4887 EXPECT_TRUE(NavigateToURL(shell(), iframe_url)); |
| 4888 EXPECT_TRUE(shell()->web_contents()->DisplayedInsecureContent()); |
| 4889 |
| 4890 // When the subframe navigates, the WebContents should still be marked |
| 4891 // as having displayed insecure content. |
| 4892 GURL navigate_url(https_server.GetURL("/title1.html")); |
| 4893 FrameTreeNode* root = static_cast<WebContentsImpl*>(shell()->web_contents()) |
| 4894 ->GetFrameTree() |
| 4895 ->root(); |
| 4896 NavigateFrameToURL(root->child_at(0), navigate_url); |
| 4897 EXPECT_TRUE(shell()->web_contents()->DisplayedInsecureContent()); |
| 4898 |
| 4899 // When the main frame navigates, it should no longer be marked as |
| 4900 // displaying insecure content. |
| 4901 EXPECT_TRUE( |
| 4902 NavigateToURL(shell(), https_server.GetURL("b.com", "/title1.html"))); |
| 4903 EXPECT_FALSE(shell()->web_contents()->DisplayedInsecureContent()); |
| 4904 } |
| 4905 |
| 4906 // Tests that, when a parent frame is set to strictly block mixed |
| 4907 // content via Content Security Policy, child OOPIFs cannot display |
| 4908 // mixed content. |
| 4909 IN_PROC_BROWSER_TEST_F(SitePerProcessIgnoreCertErrorsBrowserTest, |
| 4910 PassiveMixedContentInIframeWithStrictBlocking) { |
| 4911 net::EmbeddedTestServer https_server(net::EmbeddedTestServer::TYPE_HTTPS); |
| 4912 https_server.ServeFilesFromSourceDirectory("content/test/data"); |
| 4913 ASSERT_TRUE(https_server.Start()); |
| 4914 SetupCrossSiteRedirector(&https_server); |
| 4915 |
| 4916 GURL iframe_url_with_strict_blocking(https_server.GetURL( |
| 4917 "/mixed-content/basic-passive-in-iframe-with-strict-blocking.html")); |
| 4918 EXPECT_TRUE(NavigateToURL(shell(), iframe_url_with_strict_blocking)); |
| 4919 EXPECT_FALSE(shell()->web_contents()->DisplayedInsecureContent()); |
| 4920 |
| 4921 FrameTreeNode* root = static_cast<WebContentsImpl*>(shell()->web_contents()) |
| 4922 ->GetFrameTree() |
| 4923 ->root(); |
| 4924 EXPECT_TRUE(root->current_replication_state() |
| 4925 .should_enforce_strict_mixed_content_checking); |
| 4926 EXPECT_TRUE(root->child_at(0) |
| 4927 ->current_replication_state() |
| 4928 .should_enforce_strict_mixed_content_checking); |
| 4929 |
| 4930 // When the subframe navigates, it should still be marked as enforcing |
| 4931 // strict mixed content. |
| 4932 GURL navigate_url(https_server.GetURL("/title1.html")); |
| 4933 NavigateFrameToURL(root->child_at(0), navigate_url); |
| 4934 EXPECT_TRUE(root->current_replication_state() |
| 4935 .should_enforce_strict_mixed_content_checking); |
| 4936 EXPECT_TRUE(root->child_at(0) |
| 4937 ->current_replication_state() |
| 4938 .should_enforce_strict_mixed_content_checking); |
| 4939 |
| 4940 // When the main frame navigates, it should no longer be marked as |
| 4941 // enforcing strict mixed content. |
| 4942 EXPECT_TRUE( |
| 4943 NavigateToURL(shell(), https_server.GetURL("b.com", "/title1.html"))); |
| 4944 EXPECT_FALSE(root->current_replication_state() |
| 4945 .should_enforce_strict_mixed_content_checking); |
| 4946 } |
| 4947 |
| 4948 // Tests that active mixed content is blocked in an OOPIF. The test |
| 4949 // ignores cert errors so that an HTTPS iframe can be loaded from a site |
| 4950 // other than localhost (the EmbeddedTestServer serves a certificate |
| 4951 // that is valid for localhost). |
| 4952 IN_PROC_BROWSER_TEST_F(SitePerProcessIgnoreCertErrorsBrowserTest, |
| 4953 ActiveMixedContentInIframe) { |
| 4954 net::EmbeddedTestServer https_server(net::EmbeddedTestServer::TYPE_HTTPS); |
| 4955 https_server.ServeFilesFromSourceDirectory("content/test/data"); |
| 4956 ASSERT_TRUE(https_server.Start()); |
| 4957 SetupCrossSiteRedirector(&https_server); |
| 4958 |
| 4959 GURL iframe_url( |
| 4960 https_server.GetURL("/mixed-content/basic-active-in-iframe.html")); |
| 4961 EXPECT_TRUE(NavigateToURL(shell(), iframe_url)); |
| 4962 FrameTreeNode* root = static_cast<WebContentsImpl*>(shell()->web_contents()) |
| 4963 ->GetFrameTree() |
| 4964 ->root(); |
| 4965 ASSERT_EQ(1U, root->child_count()); |
| 4966 FrameTreeNode* mixed_child = root->child_at(0)->child_at(0); |
| 4967 ASSERT_TRUE(mixed_child); |
| 4968 // The child iframe attempted to create a mixed iframe; this should |
| 4969 // have been blocked, so the mixed iframe should not have committed a |
| 4970 // load. |
| 4971 EXPECT_FALSE(mixed_child->has_committed_real_load()); |
| 4972 } |
| 4973 |
| 4860 } // namespace content | 4974 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1550723003:
Adapt MixedContentChecker for remote frames (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master