Make Document::isSecureContext() work for OOPIFs

third_party/WebKit/Source/platform/weborigin/SecurityOriginTest.cpp

 /*
  * Copyright (C) 2013 Google Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are
  * met:
  *
  *     * Redistributions of source code must retain the above copyright
  * notice, this list of conditions and the following disclaimer.
  *     * Redistributions in binary form must reproduce the above
@@ skipping 15 matching lines @@
  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 #include "platform/weborigin/SecurityOrigin.h"
 
 #include "platform/RuntimeEnabledFeatures.h"
 #include "platform/blob/BlobURL.h"
 #include "platform/weborigin/KURL.h"
+#include "platform/weborigin/SchemeRegistry.h"
 #include "platform/weborigin/SecurityPolicy.h"
 #include "testing/gtest/include/gtest/gtest.h"
 #include "wtf/text/StringBuilder.h"
 #include "wtf/text/WTFString.h"
 
 namespace blink {
 
 const int MaxAllowedPort = 65535;
 
 class SecurityOriginTest : public ::testing::Test { };
@@ skipping 110 matching lines @@
     for (size_t i = 0; i < WTF_ARRAY_LENGTH(inputs); ++i) {
         SCOPED_TRACE(i);
         RefPtr<SecurityOrigin> origin = SecurityOrigin::createFromString(inputs[i].url);
         String errorMessage;
         EXPECT_EQ(inputs[i].accessGranted, origin->isPotentiallyTrustworthy());
     }
 
     // Unique origins are not considered secure.
     RefPtr<SecurityOrigin> uniqueOrigin = SecurityOrigin::createUnique();
     EXPECT_FALSE(uniqueOrigin->isPotentiallyTrustworthy());
+
+    // ... unless they are specially marked as such.
+    uniqueOrigin->setIsPotentiallyTrustworthySandboxedOrigin();
+    EXPECT_TRUE(uniqueOrigin->isPotentiallyTrustworthy());
+}
+
+TEST_F(SecurityOriginTest, BypassSecureContextCheck)
+{
+    RefPtr<SecurityOrigin> origin1 = SecurityOrigin::createFromString("http://www.example.test");
+    EXPECT_FALSE(origin1->bypassSecureContextCheck());
+    SchemeRegistry::registerURLSchemeBypassingSecureContextCheck("special-scheme");
+    RefPtr<SecurityOrigin> origin2 = SecurityOrigin::createFromString("special-scheme://example.test");
+    EXPECT_TRUE(origin2->bypassSecureContextCheck());
+
+    RefPtr<SecurityOrigin> uniqueOrigin1 = SecurityOrigin::createUnique();
+    EXPECT_FALSE(uniqueOrigin1->bypassSecureContextCheck());
+    RefPtr<SecurityOrigin> uniqueOrigin2 = SecurityOrigin::createUnique(true /* potentially trustworthy */, true /* bypass secure context check */);
+    EXPECT_TRUE(uniqueOrigin2->bypassSecureContextCheck());
 }
 
 TEST_F(SecurityOriginTest, IsSecure)
 {
     struct TestCase {
         bool isSecure;
         const char* url;
     } inputs[] = {
         { false, "blob:ftp://evil:99/578223a1-8c13-17b3-84d5-eca045ae384a" },
         { false, "blob:http://example.com/578223a1-8c13-17b3-84d5-eca045ae384a" },
@@ skipping 232 matching lines @@
 
         KURL blobUrl = BlobURL::createPublicURL(origin.get());
         RefPtr<SecurityOrigin> blobUrlOrigin = SecurityOrigin::create(blobUrl);
         EXPECT_EQ(blobUrlOrigin->isUnique(), origin->isUnique());
         EXPECT_EQ(blobUrlOrigin->toString(), origin->toString());
         EXPECT_EQ(blobUrlOrigin->toRawString(), origin->toRawString());
     }
 }
 
 } // namespace blink