| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/site_per_process_browsertest.h" | 5 #include "content/browser/site_per_process_browsertest.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 #include <stdint.h> | 8 #include <stdint.h> |
| 9 | 9 |
| 10 #include <algorithm> | 10 #include <algorithm> |
| (...skipping 5428 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 5439 observer->Wait(); | 5439 observer->Wait(); |
| 5440 | 5440 |
| 5441 // Force the renderer to generate a new frame. | 5441 // Force the renderer to generate a new frame. |
| 5442 EXPECT_TRUE(ExecuteScript(shell()->web_contents(), | 5442 EXPECT_TRUE(ExecuteScript(shell()->web_contents(), |
| 5443 "document.body.style.background = 'black'")); | 5443 "document.body.style.background = 'black'")); |
| 5444 | 5444 |
| 5445 // Waits for the next frame. | 5445 // Waits for the next frame. |
| 5446 observer->Wait(); | 5446 observer->Wait(); |
| 5447 } | 5447 } |
| 5448 | 5448 |
| 5449 // Test that a cross-origin iframe can be blocked by X-Frame-Options and CSP |
| 5450 // frame-ancestors. |
| 5451 IN_PROC_BROWSER_TEST_F(SitePerProcessBrowserTest, |
| 5452 CrossSiteIframeBlockedByXFrameOptionsOrCSP) { |
| 5453 GURL main_url(embedded_test_server()->GetURL( |
| 5454 "a.com", "/cross_site_iframe_factory.html?a(a)")); |
| 5455 NavigateToURL(shell(), main_url); |
| 5456 |
| 5457 FrameTreeNode* root = static_cast<WebContentsImpl*>(shell()->web_contents()) |
| 5458 ->GetFrameTree() |
| 5459 ->root(); |
| 5460 |
| 5461 // Add a load event handler for the iframe element. |
| 5462 EXPECT_TRUE(ExecuteScript(shell()->web_contents(), |
| 5463 "document.querySelector('iframe').onload = " |
| 5464 " function() { document.title = 'loaded'; };")); |
| 5465 |
| 5466 GURL blocked_urls[] = { |
| 5467 embedded_test_server()->GetURL("b.com", "/frame-ancestors-none.html"), |
| 5468 embedded_test_server()->GetURL("b.com", "/x-frame-options-deny.html") |
| 5469 }; |
| 5470 |
| 5471 for (size_t i = 0; i < arraysize(blocked_urls); ++i) { |
| 5472 EXPECT_TRUE(ExecuteScript(shell()->web_contents(), |
| 5473 "document.title = 'not loaded';")); |
| 5474 base::string16 expected_title(base::UTF8ToUTF16("loaded")); |
| 5475 TitleWatcher title_watcher(shell()->web_contents(), expected_title); |
| 5476 |
| 5477 // Navigate the subframe to a blocked URL. |
| 5478 TestNavigationObserver load_observer(shell()->web_contents()); |
| 5479 EXPECT_TRUE(ExecuteScript( |
| 5480 shell()->web_contents(), |
| 5481 "frames[0].location.href = '" + blocked_urls[i].spec() + "';")); |
| 5482 load_observer.Wait(); |
| 5483 |
| 5484 // The blocked frame's origin should become unique. |
| 5485 EXPECT_EQ("null", root->child_at(0)->current_origin().Serialize()); |
| 5486 |
| 5487 // The blocked frame should still fire a load event in its parent's process. |
| 5488 EXPECT_EQ(expected_title, title_watcher.WaitAndGetTitle()); |
| 5489 |
| 5490 // Check that the current RenderFrameHost has stopped loading. |
| 5491 EXPECT_FALSE(root->child_at(0)->current_frame_host()->is_loading()); |
| 5492 |
| 5493 // The blocked navigation should behave like an empty 200 response. Make |
| 5494 // sure that the frame's document.title is empty: this double-checks both |
| 5495 // that the blocked URL's contents wasn't loaded, and that the old page |
| 5496 // isn't active anymore (both of these pages have non-empty titles). |
| 5497 std::string frame_title; |
| 5498 EXPECT_TRUE(ExecuteScriptAndExtractString( |
| 5499 root->child_at(0)->current_frame_host(), |
| 5500 "domAutomationController.send(document.title)", |
| 5501 &frame_title)); |
| 5502 EXPECT_EQ("", frame_title); |
| 5503 |
| 5504 // Navigate the subframe to another cross-origin page and ensure that this |
| 5505 // navigation succeeds. Use a renderer-initiated navigation to test the |
| 5506 // transfer logic, which used to have some issues with this. |
| 5507 GURL c_url(embedded_test_server()->GetURL("c.com", "/title1.html")); |
| 5508 EXPECT_TRUE(NavigateIframeToURL(shell()->web_contents(), "child-0", c_url)); |
| 5509 EXPECT_EQ(c_url, root->child_at(0)->current_url()); |
| 5510 |
| 5511 // When a page gets blocked due to XFO or CSP, it is sandboxed with the |
| 5512 // SandboxOrigin flag (i.e., its origin is set to be unique) to ensure that |
| 5513 // the blocked page is seen as cross-origin. However, those flags shouldn't |
| 5514 // affect future navigations for a frame. Verify this for the above |
| 5515 // navigation. |
| 5516 EXPECT_EQ(c_url.GetOrigin().spec(), |
| 5517 root->child_at(0)->current_origin().Serialize() + "/"); |
| 5518 EXPECT_EQ(blink::WebSandboxFlags::None, |
| 5519 root->child_at(0)->effective_sandbox_flags()); |
| 5520 } |
| 5521 } |
| 5522 |
| 5449 } // namespace content | 5523 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1754383002:
OOPIF: Add a test for cross-site frames blocked by X-Frame-Options and CSP. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master