Make Document::isSecureContext() work for OOPIFs

third_party/WebKit/Source/core/dom/DocumentTest.cpp

Index: third_party/WebKit/Source/core/dom/DocumentTest.cpp
diff --git a/third_party/WebKit/Source/core/dom/DocumentTest.cpp b/third_party/WebKit/Source/core/dom/DocumentTest.cpp
index b83d53bc9b6e018e041bf0db41ab1f61f87dbb1e..3f21974b4ffb8269bae4d2836efaecaeda453d2d 100644
--- a/third_party/WebKit/Source/core/dom/DocumentTest.cpp
+++ b/third_party/WebKit/Source/core/dom/DocumentTest.cpp
@@ -37,6 +37,7 @@
 #include "core/testing/DummyPageHolder.h"
 #include "platform/heap/Handle.h"
 #include "platform/weborigin/ReferrerPolicy.h"
+#include "platform/weborigin/SchemeRegistry.h"
 #include "platform/weborigin/SecurityOrigin.h"
 #include "testing/gmock/include/gmock/gmock.h"
 #include "testing/gtest/include/gtest/gtest.h"
@@ -353,4 +354,46 @@ TEST_F(DocumentTest, StyleVersion)
     EXPECT_NE(previousStyleVersion, document().styleVersion());
 }
 
+TEST_F(DocumentTest, EnforceSandboxFlags)
+{
+    RefPtr<SecurityOrigin> origin = SecurityOrigin::createFromString("http://example.test");
+    document().setSecurityOrigin(origin);
+    SandboxFlags mask = SandboxNavigation;
+    document().enforceSandboxFlags(mask);
+    EXPECT_EQ(origin, document().securityOrigin());
+    EXPECT_FALSE(document().securityOrigin()->isPotentiallyTrustworthy());
+    EXPECT_FALSE(document().securityOrigin()->bypassSecureContextCheck());
+
+    mask |= SandboxOrigin;
+    document().enforceSandboxFlags(mask);
+    EXPECT_TRUE(document().securityOrigin()->isUnique());
+    EXPECT_FALSE(document().securityOrigin()->isPotentiallyTrustworthy());
+    EXPECT_FALSE(document().securityOrigin()->bypassSecureContextCheck());
+
+    SchemeRegistry::registerURLSchemeBypassingSecureContextCheck("special-scheme");
+    // A unique origin does not bypass secure context checks unless it is also potentially trustworthy.
+    origin = SecurityOrigin::createFromString("special-scheme://example.test");
+    document().setSecurityOrigin(origin);
+    document().enforceSandboxFlags(mask);
+    EXPECT_TRUE(document().securityOrigin()->isUnique());
+    EXPECT_FALSE(document().securityOrigin()->isPotentiallyTrustworthy());

[alexmos, 2016/03/09 18:45:06]

It seems this part of the test still might have been useful to verify that
putting a scheme on the bypass list won't make the origin potentially
trustworthy, no?

[estark, 2016/03/10 00:53:44]

Done.

+    EXPECT_FALSE(document().securityOrigin()->bypassSecureContextCheck());
+
+    SchemeRegistry::registerURLSchemeBypassingSecureContextCheck("very-special-scheme");
+    SchemeRegistry::registerURLSchemeAsSecure("very-special-scheme");
+    origin = SecurityOrigin::createFromString("very-special-scheme://example.test");
+    document().setSecurityOrigin(origin);
+    document().enforceSandboxFlags(mask);
+    EXPECT_TRUE(document().securityOrigin()->isUnique());
+    EXPECT_TRUE(document().securityOrigin()->isPotentiallyTrustworthy());
+    EXPECT_TRUE(document().securityOrigin()->bypassSecureContextCheck());
+
+    origin = SecurityOrigin::createFromString("https://example.test");
+    document().setSecurityOrigin(origin);
+    document().enforceSandboxFlags(mask);
+    EXPECT_TRUE(document().securityOrigin()->isUnique());
+    EXPECT_TRUE(document().securityOrigin()->isPotentiallyTrustworthy());
+    EXPECT_FALSE(document().securityOrigin()->bypassSecureContextCheck());
+}
+
 } // namespace blink